Abstract: The invention is a secure logic chip with resistance to hardware Trojan induced data leakage. The invention solves the untrustworthy fabrication risk problem by introducing a secure logic chip design such that even when the design is entirely known to an attacker and a data leakage Trojan is injected subsequently, no useful information can be obtained. This invention contains several features including randomized encoding of binary logic, converting any combinational binary logic into one with randomized encoding, and partitioning a randomized encoded logic for split manufacturing.

Abstract: The invention is a secure logic chip with resistance to hardware Trojan induced data leakage. The invention solves the untrustworthy fabrication risk problem by introducing a secure logic chip design such that even when the design is entirely known to an attacker and a data leakage Trojan is injected subsequently, no useful information can be obtained. This invention contains several features including randomized encoding of binary logic, converting any combinational binary logic into one with randomized encoding, and partitioning a randomized encoded logic for split manufacturing.

Abstract: In accordance with some embodiments, an apparatus for privacy protection includes a housing arranged to hold a personal communication device. The apparatus further includes a remote communication device and a local communication device at least partially supported by the housing, where the remote communication device is operable to provide a remote communication channel between the apparatus and a remote device and the local communication device is operable to provide a local communication channel to the personal communication device. The apparatus additionally includes a security management controller operable to: (a) extract data from communication messages received via the remote communication channel; (b) scan the extracted data in order to identify a first type of extracted data; and (c) send the first type of extracted data to the personal communication device through the local communication channel.

Abstract: A request to store a file is received, an in response to that request multiple data segments are stored in a buffer memory. A first one of those data segments is selected for migration based on a life expectancy of the first data segment, and is migrated from the buffer memory to another memory. Migrating the first data segment includes generating at least one encoded data segment by encoding the first data segment, storing the first data segment to a location in the another memory, and storing addressing information indicating the location in the another memory.

Abstract: In one embodiment, a computer-implemented method of performing a secure boot operation in an autonomous driving vehicle includes reading a first marker from a storage device in which the storage device includes a plurality of partitions and at least the first marker. The plurality of partitions includes a first partition including stored software, the first marker associated with the first partition, and wherein the first marker includes a unique identifier and an authentication code. The method further includes determining if the read first marker associated with the first partition is valid during a boot-up operation and executing the stored software in the first partition if the read first marker is determined valid.

Abstract: Methods, systems, and computer program products for anomaly and mode inference from time series data are provided herein. A computer-implemented method includes receiving time-series sensor data for each one of a group of devices; extracting a set of states for each device in the group from the time-series sensor data; constructing a state-transition graph for each of the devices, wherein each of the state-transition graphs comprises nodes corresponding to each state in the set and edges corresponding to a probability of transition between the extracted states over time; identifying, for each set, a given state as one of: a mode, a normal state and an anomalous state based on the state-transition graph; and detecting one or more anomalous devices in the group by computing similarities between different devices in the group, based at least in part on the determined state-transition graphs.

Abstract: A method for integrating an authentication device and a website, the method comprising: a registration plug-in receiving user registration information from a website and a registration result identifier corresponding to the user registration information, and determining whether the user has registered successfully according to the registration result identifier; if yes, then sending registered information to the website and ending the registration process; otherwise, sending a request to obtain device registration, which comprises a user identifier, to an authentication server; receiving the device registration request from the authentication server; sending the device registration request to an authentication device by means of a browser; receiving device registration data, which is generated by the authentication device, by means of the browser; sending a first authentication request comprising the device registration data to the authentication server; receiving a first authentication result from the authen

Abstract: An article management system collects articles from different sources, processes each article to extract information about the article (such as the topics covered in the article), and stores the information in one or more knowledge graphs. The system also maintains user profiles for each of its users. Each user profile includes a user genome representing the user's interests and preferences. The information in the knowledge graphs can be used to select articles to be displayed to users of the article management system. Articles can be displayed as part of the search results for an associated topic or concept, as part of a personalized feed that is generated based on the data in a user's profile, or as part of a feature that displays multiple articles that cover a given topic from multiple different viewpoints. The system can also provide a platform for users to create and publish research collections.

Abstract: Embodiments provide a computer implemented method of enforcing password uniqueness for different user accounts of a particular user. The method includes: receiving a first new password from a first user account of the particular user, wherein the first user account is associated with a first system/object referenced by a first Password Relationship Object (PRO); evaluating a uniqueness policy to determine whether password uniqueness is required by one or more other PROs, wherein each system/object referenced by the one or more other PROs has a different user account of the particular user; if the password uniqueness is required by the one or more other PROs, evaluating a matching policy to determine whether the first new password matches any password of each different user account associated with one or more systems/objects referenced by the one or more other PROs; if there is a match, enforcing an enforcement policy.

Abstract: Methods and systems for repairing user devices infected with malicious code. One method includes storing registration information for a plurality of user devices accessing a remote file storage system, the registration information including a unique identifier of each user device and an identifier of an antivirus software installed locally on each user device. The method also includes, in response to detecting an infected file within the remote file storage system, determining a unique identifier of one of the a user device included in the plurality of user devices interacting with the infected file, accessing the registration information to identify, based on the unique identifier of the user device interacting with the infected file within the remote file storage system, an identifier of antivirus software installed locally on the user device, and remotely initiating the antivirus software installed locally on the user device based on the identifier of the antivirus software.

Abstract: Disclosed herein are system, method, and device embodiments for implementing log tokenization in an integration platform system. An integration platform may provide a declaratively-configurable logger asset for deployment in an integration-application design tool, and package the declaratively configurable logger asset in an integration application at least partially built via the integration-application design tool. In addition, the integration application may identify sensitive information in original log data of the integration application, and generate modified log data based on tokenization of the sensitive information. Further, the integration application may log the modified log data into a log file.

Abstract: Systems and methods for permitting software presence/configurations to function as a factor in a multi-factor authentication scheme so that a user's access to a different software program/application is conditioned on the presence of certain pre-specified software or software configurations that would otherwise not be necessary for access and/or operation of the different software program/application. Generally, by confirming the presence/configuration of the pre-specified software on a computing device, the system ensures that a user, in one embodiment, may only access the different software program/application with the proper configuration of the pre-specified software.

Abstract: A method for generating a dynamic username includes receiving a static component of a dynamic username and a selection of a dynamic parameter component of the dynamic username from a user. The static component and the selected dynamic parameter component are combined in a predetermined order, based on a user selected option. The dynamic username is produced from the combined static component and the selected dynamic parameter component based on the predetermined order. A rule for producing the dynamic username is generated. The rule defines the predetermined order of the static component and the selected dynamic parameter component. The static component and the rule are stored in a credential database with the rule being associated with the static component.

Abstract: Systems, methods, apparatus, and articles of manufacture to facilitate configuration and naming of a multimedia playback device on a local playback network are disclosed. An example method includes identifying and analyzing local network topology to identify playback device(s) connected to the network at location(s). The example method includes analyzing a playback device to be added and comparing the playback device to be added to the playback device(s) already connected to the network. The example method includes displaying available option(s) to name the playback device to be added based on the analysis of the network, the already connected playback device(s) and the playback device to be added to the network. The example method includes naming the playback device to be added based on a selected available option.

Abstract: A system can include a processor; memory operatively coupled to the processor; an input; an output; and one or more modules stored in the memory that include instructions executable by the processor to instruct the system to receive information, via the input, that includes information associated with a target; parse the information; access a profile; and build a link based at least in part on the information and at least in part on the profile.

Abstract: One embodiment disclosed relates to a system for managing data for logistics, sourcing and/or production. The system includes: a private blockchain maintained by a first network of nodes; a trusted public blockchain maintained by a second network of nodes; a private agent system; and a bridge system connected to both the private blockchain and the public blockchain. The private agent system operates to extract blocks of metadata from the private blockchain and utilize a hash tree structure to generate a first root hash value from the blocks of metadata. The bridge system operates to verify the first root hash value and store the first root hash value as a notarized data certificate in the trusted public blockchain. Another embodiment disclosed relates to a method for data certificate notarization utilizing a bridging system from a private blockchain to a trusted public blockchain. Other embodiments and features are also disclosed.

Abstract: A method of detecting patterns in network traffic is provided. The method includes receiving packets of network traffic, performing a frequency analysis per field of the packets as a function of frequency of the occurrence of the same data in the corresponding field, and selecting top values which are values associated with each field of the set of fields that satisfy a criterion as having occurred most frequently in the packets as a function of a result of the frequency analysis.

Abstract: Particular embodiments described herein provide for a network element that can be configured to receive, from an electronic device, a request to access a network service. In response to the request, the network element can send data related to the network service to the electronic device and add a test link to the data related to the network service. The network element can also be configured to determine if the test link was successfully executed and classify the electronic device as untrusted if the test link was not successfully executed.

Abstract: Apparatus, system, methods, and articles of manufacture are disclosed to identify media using hash keys. An example system includes a hybrid hash key analyzer to access a metered hash key of an exposure record obtained from a meter, access reference records representative of respective portions of a plurality of media, and determine reference confirmation data candidates from respective ones of the reference records that include hash keys matching the metered hash key. The example system includes an impression logger to, when first confirmation data associated with the exposure record matches one of the reference confirmation data candidates, store an impression record that associates the media identification data associated with the matching one of the reference confirmation data candidates with a meter identifier of the exposure record. The impression logger also is to credit at least a portion of the media corresponding to the media identification data with an exposure credit.

Abstract: Embodiments of the present disclosure provide methods, systems, apparatuses, and computer program products that provide for an improved, more efficient, and more stable system of networked computing devices. The embodiments disclose an apparatus and system that enable client devices to selectively grant to third party applications permissions to access group-based communication objects of a group-based communication system. The apparatus and system further enable client devices to selectively grant to third party applications permissions to take specific actions with regards to the group-based communication objects within the system. To accomplish the improvements, the disclosed systems, apparatuses, and computing devices maintain a record of the permissions granted to third party applications in a permissions table stored in a computer storage device.