Abstract: Disclosed is a method for processing network resource access requests. The method comprises: receiving a resource access request and acquiring resource access request information; extracting user information and target resource information from the resource access request information, and requiring to establish a corresponding access mediator instance according to the user information and the target resource information; establishing the access mediator instance; and initiating an access to a target resource correspondingly by using the access mediator instance according to the resource access request information received by the access mediator instance. The network security is improved greatly.

Abstract: Systems, methods, and computer media for securing software applications are provided herein. Through an enhanced authentication token, an application session request can be deceptively authenticated. When a malicious session request is detected, an enhanced authentication token can be generated that appears to successfully authenticate the session but contains information indicating that the session is malicious. The attacker believes that the session has been authenticated, but the information in the token indicating that the session is malicious causes an application clone session to be established instead of an actual application session. The clone session appears to be an actual application session but protects the valid user's account by including fake data instead of the user's actual data.

Abstract: A computer implemented method for securing at least one of files and records related to a specific process, the method comprising obtaining interaction data comprising one or more persons and one or more files and/or records, said interaction data comprises a process interaction score between at least one user and the specific process; identifying, from the interaction data, one or more persons and one or more files and/or records related to the specific process; comparing a process threshold with a process interaction score between a target user and the specific process; and in response to the comparison satisfying a rule, performing a security operation on the one or more files and/or records related to the specific process.

Abstract: A method for electronically signing contracts between at least a first and a second parties, the method including a first party accessing second party's website and fills in an on-line form with party personal data which is sent to a second party's server. The method of the inventions solves the problem of signing contracts between two parties, hence the object of the present invention is a computer implemented method that deals with the issue of protection against unauthorised use of data from within the employees of TTP companies and we present a solution in which a TTP company can certify the validity of a contract without having access to its content. In this way, the TTP minimizes the information it has access to and reduces the risks derived from such knowledge, like an eventual data leakage caused by some dishonest TTP employee.

Abstract: Examples are disclosed for detecting synthetic online entities that may be used for fraudulent purposes or other purposes. In some aspects, a computing system can generate a data structure that includes nodes and links between the nodes. The nodes can represent online entities and the links can represent geographic associations or transactional associations between pairs of online entities. These associations can be identified from electronic transactions involving the online entities. The computing system can determine, from the links between the nodes, that a degree of connectivity among a subset of the nodes exceeds a threshold connectivity. The degree of connectivity indicates electronic communications involving online entities represented by the subset of the nodes. The computing system can transmit, based on the degree of connectivity exceeding the threshold connectivity, an alert indicating a potential synthetic entity (e.g., potentially fraudulent activity) within the subset of the nodes.

Abstract: A system for enhanced public key infrastructure is provided. The system includes a computer device. The computer device is programmed to receive a digital certificate including a composite signature field including a plurality of signatures. The plurality of signatures include at least a first signature and a second signature. The computer device is also programmed to retrieve, from the digital certificate, a first key associated with the first signature from the digital certificate. The computer device is further programmed to retrieve the first signature from the composite signature field. In addition, the at least one computer device is programmed to validate the first signature using the first key.

Abstract: A method of authenticating a user to a computer in an adverse environment includes receiving the user's password in a trusted user device, such as by the user typing the password, and encoding a keyword with a hash of the entered password to create an encoded keyword. The encoded keyword is sent from the trusted user device to the computer using a physical communication channel perceivable by the user; and the encoded keyword is compared in the computer with a keyword encoded with a known hash of the user's password in the computer to authenticate the user.

Abstract: A device configured to receive a connection request that includes device authentication credentials and to determine the user device passes authentication in response to identifying a device profile associated with the device authentication credentials. The device is further configured to receive user credentials for a first user and identify a first user identity that corresponds with the user credentials. The device is further configured to establish a first network connection with the user device, to send a token request to the user device, and to receive a token via the first network connection. The device is further configured to identify a second user identity based on the token, to determine the first user identifier matches the second user identifier, and to establish a second network connection for the user device, wherein the network connection enables the user device to access the network.

Abstract: A method and a system for analysis of executable files are provided. The method comprises: obtaining a plurality of training executable files including at least one malicious executable file and at least one benign executable file; analyzing the plurality of training executable files to extract therefrom data including a plurality of features; transforming the data organizing the plurality of features in sets of features, a given one of which includes features of a respective predetermined type; identifying, in the given set of features, informative features indicative of a given training executable file being one of malicious and benign; combining, over the plurality of training executable files, for the respective predetermined data type, the informative features to generate at least one feature vector; and training, based on the at least one feature vector, at least one of classifier to determine if an in-use executable file is one of malicious and benign.

Abstract: [Problem] Provided is an authorization system capable of reducing a load on a host regarding an invitation procedure in a case where there is a large number of guests or guests are frequently invited, and preventing identity theft or invitation of an unwanted third party.

Abstract: A server comprises a communications module; a processor coupled with the communications module; and a memory coupled to the processor and storing processor-executable instructions which, when executed by the processor, configure the processor to authenticate a user via a first authentication channel; receive, via the communications module and from a computing device associated with the user, a signal representing a request to transfer a first quantity of resources; determine that the first quantity of resources is less than a first threshold associated with the first authentication channel; obtain identity data associated with the request to transfer the first quantity of resources; determine, based on the identity data, that a request to transfer a second quantity of resources has been previously initiated by the user via a second authentication channel that is different than the first authentication channel; and determine that the sum of the first quantity of resources and the second quantity of resources i

Abstract: An automated teller machine comprising a sensor, a network interface, and a processor configured to receive, during a transaction at the automated teller machine, user data from the sensor configured to monitor user movement information during the transaction, receive, via the network interface, user data from a mobile device, determine a risk of a fraudulent transaction based on a comparison of the user movement information from the sensor and the user data from the mobile device to expected parameters, determine that the risk of a fraudulent transaction is below a threshold, and allow access to a secure resource at the automated teller machine.

Abstract: An appliance includes an external communication port, such as an RJ45 port, and a wireless communication module in wireless communication with a remote server through an external network. A controller is configured to receive, using the wireless communication module, a secure unlock command from a remote server, the secure unlock command being generated when a remote service device transmits appliance identification data to the remote server, and unlock the external communication port to permit the remote service device to access operating software through the external communication port.

Abstract: Systems, computer program products, and methods are described herein for tracking resources using non-fungible tokens. The present invention is configured to electronically receiving, over a distributed computing network from a computing device of a user, a request for a non-fungible token (NFT) for a resource; initiating a non-fungible token (NFT) generator on the resource in response to receiving the request; generating a unique digital signature for the resource; generating, using the NFT generator, the NFT, wherein the NFT comprises at least the unique digital signature for the resource; and record the NFT for the resource on a distributed ledger.

Abstract: A resource server system granting to users access to a resource based on the very fact that the users' computing systems can demonstrate that they heard an audio signal. Specifically, the resource server system detects receipt of a message from a client computing system, and interprets the message as representing that the client computing system heard an audio signal. In response, the resource server system grants a user of the client computing system access to the resource. This may be performed for multiple client computing systems that each demonstrate that they heard the audio signal. Thus, the principles described herein allow for the granting of access to resources to other computing systems within the audible proximity of a computing system that transmitted the audio signal.

Abstract: In an aspect, the present application may describe a method that comprises monitoring a risk parameter associated with a third party server to detect a change in the risk parameter, and responsive to detecting the change in the risk parameter, sending, to a remote computing device and via the communications module, a notification that includes a first selectable option to modify data sharing associated with the third party server and a second selectable option to replace the third party server with an alternative third party server.

Abstract: A method of authenticating a user of a multifunction device to a server, the method comprising associating a user-supplied image with user login credentials, using a server; receiving, at the server, an image uploaded from the multifunction device; and comparing the uploaded image to the user-supplied image, using the server, and, only if the uploaded image matches the user-supplied image, allowing the user of the multifunction device to authenticate to the server by providing additional login credentials to the server using the multifunction device.

Abstract: The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of authenticating customers and service agents. The innovation receives a connection request to connect a customer and a service agent. The customer is authenticated for the service agent by matching biometric data of the customer to previously stored biometric data using a biometric recognition algorithm. The service agent is authenticated for the customer by matching a unique identifier to a previously stored unique identifier. A confirmation notification is generated and sent to the service agent and the customer to confirm the authentications. A connection is established between the customer and the service agent according to the authentications and the connection request.

Abstract: A computer system controls access to data. A request is received from an entity to access data comprising a primary data object corresponding to a physical item. One or more secondary data objects included in the primary data object are identified, wherein the one or more secondary data objects correspond to physical components of the physical item. Access requirements for the primary data object and the one or more secondary data objects are determined. In response to determining that the access requirements are satisfied by the entity, the entity is granted access to the data comprising the primary data object and the one or more secondary data objects. Embodiments of the present invention further include a method and program product for controlling access to data in substantially the same manner described above.

Abstract: A user requests to join a meeting is detected. The meeting includes a meeting audio stream of one or more participant audio streams that include participant timestamps that correspond to when one or more other users are in the meeting. The user is prompted for an authentication credential based on the detecting the request to join the meeting. A participant profile of the user is determined based the authentication credential. The user is authorized access to the meeting and a first timestamp is saved. A first audio stream of the user is recorded. The user is identified as having left the meeting and a second timestamp is saved. A transcript of the meeting audio stream is generated based on the first audio stream and the one or more participant audio streams. The first timestamp, the second timestamp, and the meeting are associated with the participant profile.