Abstract: A blockchain-implemented transaction from an originator node is to be broadcast. The originator node is communicatively coupled to proxy nodes. The method, implemented by a proxy node, includes: receiving a transaction including an input taking x+r units of computing resources, an output providing x units to the output address and another output providing d+r units to a 1-of-n multi-signature address unlockable by any one of a set of private keys associated the proxy nodes. The proxy node selects a quantity of computing resources, t units, to be allocated to the proxy node for broadcasting the transaction and having it included in the blockchain and generates a further transaction taking d+r units sourced from the multi-signature address and an output providing t units to the proxy node. The proxy node broadcasts both transactions timed to permit their inclusion in the same block of the blockchain.

Abstract: Examples for validating the identify of an application in an inter-app communication protocol are described. An attestation payload is obtained from a third party attestation service that is executed remotely from a device on which the application is running. The attestation payload can be validated by another application on the device in order to validate the identity of the application providing the attestation payload.

Abstract: Disclosed herein are methods, systems, and processes to distribute and disperse search loads to optimize security event processing in cybersecurity computing environments. A search request that includes a domain specific language (DSL) query directed to a centralized search cluster by an event processing application is intercepted. The event processing application is inhibited from issuing the search request to the centralized search cluster if a structured or semi-structured document matches the DSL query.

Abstract: Provided is a process that establishes user identities within a decentralized data store, like a blockchain. A user's mobile device may establish credential values within a trusted execution environment of the mobile device. Representations of those credentials may be generated on the mobile device and transmitted for storage in association with an identity of the user established on the blockchain. Similarly, one or more key-pairs may be generated or otherwise used by the mobile device for signatures and signature verification. Private keys may remain resident on the device (or known and input by the user) while corresponding public keys may be stored in associated with the user identity on the blockchain. A private key is used to sign representations of credentials and other values as a proof of knowledge of the private key and credential values for authentication of the user to the user identity on the blockchain.

Abstract: There may be provided a method for block chain based facial recognition, the method may include receiving a request, by a controller and from a requesting entity, to utilize a facial recognition service that is block chain based; determining, by the controller, whether to fulfil the request or to reject the request; utilizing the facial recognition service to provide a response to the request and outputting the response when determining to fulfill the request; and rejecting the request when determining to reject the request.

Abstract: A portable communication device, method, and system enable temporary access to private user information by a venue communication system. The temporary access to the private information is based on a registration that includes user selectable privacy thresholds and predetermined venue conditions. The temporary access by the venue communication system can be adjusted and limited by the portable communication device. The usage of the private data by the venue communication system may be limited to anonymous analytics and/or extended to non-anonymous analytics and notifications based on user input to the communication device.

Abstract: A file copy is executed in a virtual runtime environment that tracks behavior using RNN taking runtime behavior of at least a first time into account with current runtime behavior at a second time. This is responsive to not finding a known signature for suspicious activity during virus scanning. A behavior sequence is identified on-the-fly during file copy execution that is indicative of malware, prior to completing the execution, the behavior sequence involving at least two actions taken at different times during file copy execution. Responsive to the identification, the execution is terminated and the virtual runtime environment is returned to the pool of available virtual runtime environments.

Abstract: A method and system are provided to integrate IoTs and related components, users and applications into an ecosystem, and then on a per-component basis to provide real-time security solutions. Ecosystem security provides isolation, communications and security for technologies that fulfill a specific function or set of functions and their related and supporting platform elements.

Abstract: Systems and methods for enforcing media access control (MAC) learning limits (MLLs) on multi-homed access ports comprise configuring MLL violation actions to be performed by a virtual extensible local area network (VxLAN) tunnel endpoint (VTEP). The VTEP is multi-homed to VTEPs and comprises an Ethernet segment (ES) access port. A BGP EVPN or similar protocol may be used to communicate MLL information across VTEPs participating in the multi-homed ES to keep MACs and MLL violation actions consistent. The violation actions may comprise initiating a shutdown message to shut down an ES. Once an MLL violation associated with a MAC that has been received at the VTEP is detected, the VTEP may enforce the MLL by performing one or more of the configured MLL violation actions and propagate the same to other VTEPs.

Abstract: Access to sensitive information in a database can be restricted to improve security and enable efficient auditing. A security engine receives a request from a requesting entity to access data in the database and determines that the requested data includes sensitive information. In response to the requesting entity being authorized to access the data, the security engine retrieves the requested data from the database and modifies the retrieved data by modifying metadata of the retrieved data to include a tag indicating that the retrieved data includes sensitive information. The security engine provides the modified data to the requesting entity and modifies a data access log to identify each attempted access to the modified data. When sensitive data is requested, an interface can include an obscuring element, requiring a user to manually select the element to view the data, enabling the logging of the explicit access request by the user.

Abstract: An anomaly detection server is provided. The anomaly detection server is a server for counteracting an anomalous frame transmitted on an on-board network of a single vehicle. The anomaly detection server acquires information about multiple frames received on one or multiple on-board networks of one or multiple vehicles, including the single vehicle. The anomaly detection server, acting as an assessment unit that, based on the information about the multiple frames and information about a frame received on the on-board network of the single vehicle after the acquisition of the information about the multiple frames, assesses an anomaly level of the frame received on the on-board network of the single vehicle.

Abstract: A method includes, in response to receiving an email message, detecting one or more artifacts within an email message, wherein each of the artifacts is associated with a payload; for each artifact, generating, a descriptor object representing the artifact that does not include the payload, so that the processor is prevented from accessing the payload via the descriptor object; and at least one payload button based on the payload associated with the artifact for causing the payload to be transmitted to an external system for analysis of the payload; and presenting an artifact dashboard in a graphical user interface (GUI) rendered on a display of the email security system, the artifact dashboard displaying, for each artifact, the descriptor object representing the artifact and the at least one payload button based on the payload associated with the artifact.

Abstract: A cyberspace coordinate system creation method and apparatus based on an autonomous system is provided. The method includes: determining a cyberspace coordinate system; constructing a framework for a three-dimensional cyberspace coordinate system; constructing a cyberspace map model based on the cyberspace coordinate system and the framework for the three-dimensional cyberspace coordinate system; and designing an application scenario corresponding to a constructed cyberspace map model, and performing visualization processing on the application scenario. The method may realize the visualization of multi-dimensional information of cyberspace based on a unified and constant backboard, e.g., an Autonomous System (AS) topology, an Internet Protocol (IP) address composition, network resource element information, a hierarchical structure, and the like, and is suitable for visualization of a number of security attacks on the cyberspace and network management scenarios.

Abstract: A method for extending a blockchain comprises, at a space server: allocating an amount of drive storage for generating proofs-of-space; or accessing a first challenge based on a prior block of the blockchain, the prior block comprising a first proof-of-space and a first proof-of-time; in response to accessing the first challenge, generating a second proof-of-space based on the first challenge and the amount of drive storage, the second proof-of-space indicating allocation of the amount of drive storage; accessing a second proof-of-time based on the prior block and indicating a first time delay elapsed after extension of the blockchain with the prior block; generating a new block comprising the second proof-of-space and the second proof-of-time; and broadcasting the new block over a distributed network.

Abstract: A method includes a preparation step and a key agreement step. In the preparation step, a first quantum key distribution (QKD) device at a first location and a second QKD device at a second location distant from the first location together create a quantum secured key according to a QKD protocol, and a first encryption device at the first location and a second encryption device at the second location together create a symmetrically encrypted channel between the first location and the second location using the quantum secured key. In the key agreement step, a first key agreement device at the first location and a second key agreement device at the second location together create an encryption key via the symmetrically encrypted channel.

Abstract: Systems, methods, and corresponding non-transitory computer readable media describe a proposed system adapted as a platform governing the loading of data in a multiparty secure computing environment. In the multiparty secure computing environment described herein, multiple parties are able to load their secure information into a data warehouse having specific secure processing adaptations that limit both access and interactions with data stored thereon.

Abstract: According to an embodiment, a communication device includes one or more processors. The processors share encryption keys with a plurality of external communication devices. The processors, based on residual quantities of the encryption keys, decide on a route for sending transmission data. The processors encrypt, for each external communication device of one or more external communication devices included in the route, a header in which the external communication device is set as a destination, using an encryption key shared with the external communication device. The processors generate a packet that includes the transmission data and encrypted headers for the one or more external communication devices. The processors send the generated packet along the route.

Abstract: One aspect described in this application provides a unified policy broker. During operation, the system receives configuration information from the set of network devices. At least two network devices in the network can be equipped with a first and a second policy enforcement engine, respectively, for enforcing one or more given policy rules. The system can determine, based on the configuration information, a first and a second representation of the similar policy function corresponding to the first and the second policy enforcement engine, respectively. The system can apply a unified policy model to perform a first mapping from a unified representation of the similar policy function to the first and the second representation. The system can create a unified API based on the unified representation. The system applies, via a user interface, the unified API to configure the similar policy function across the first and the second policy enforcement engines.

Abstract: Systems, apparatus, methods, and techniques for reporting an attack or intrusion into an in-vehicle network are provided. The attack can be broadcast to connected vehicles over a vehicle-to-vehicle network. The broadcast can include an indication of a sub-system involved in the attack and can include a request for assistance in recovering from the attack. Connected vehicles can broadcast responses over the vehicle-to-vehicle network. The responses can include indications of data related to the compromised sub-system. The vehicle can receive the responses and can use the responses to recover from the attack, such as, estimate data.

Abstract: The present invention is an platform and/or agnostic authentication method and system operable to authenticate users, data, documents, device and transactions. Embodiments of the present invention may be operable with any client system. The authentication method and system are operable to disburse unique portions of anonymous login related information amongst multiple devices. These devices and the disburse unique portions of anonymous login information are utilized by the solution to authenticate users, data, documents, device and transactions. Login-related information is not stored in any portion of the solution, users and devices are anonymously authenticated. The solution also permits a user to access secured portions of the client system through a semi-autonomous process and without having to reveal the user's key.