Abstract: The present disclosure includes apparatuses, methods, and systems for data attestation in memory. An embodiment includes a memory, and circuitry configured to detect a power off of the apparatus, generate a run-time cryptographic hash, and compare the run-time cryptographic hash with a cryptographic hash in response to detecting the power off, wherein the cryptographic hash is stored in a portion of the memory.

Abstract: Providing controlled access to content on a client system by providing protected content on a client system where the content is accessible with a token and providing a media file at the client system with the token embedded in association with the media file. The protected content is accessed by releasing the token to the client system when it is determined that an action condition of the media file has been met and using the token to enable access to the protected content on the client system.

Abstract: In an embodiment, a computer-implemented method for enabling enhanced firewall rules via ARP-based annotations is described. In an embodiment, a method comprises detecting, by a hypervisor implemented in a first host, that a first process is executing on the first host. The hypervisor determines first context information for the first process, generates a first request, encapsulates the first request and the first context information in a first packet, and transmits the first packet to a central controller to cause the central controller to update the controller's table to indicate that the first process is executing on the first host. In response to receiving a second packet from the central controller and determining that the second packet comprises a first response, the hypervisor extracts second context information from the second packet and, based on the second context information, determines that a second process is executing on a second host.

Abstract: A device configured to receive an access request for a website from an augmented reality device. The device is further configured to determine a user associated with the augmented reality device is authorized to access the website based on user credentials and to identify a user profile for the user associated with the user credentials. The device is further configured to identify information for flagged web pages that are associated with the website within the user profile and to generate a virtual environment with virtual objects that represent the flagged web pages. The device is further configured to provide access to the virtual environment for the augmented reality device.

Abstract: There is provided an information processing apparatus including a key generating section that generates a public key and a private key of second data generated on the basis of at least one or more pieces of first data; a certificate generating section that generates a certificate by using a private key of the first data to give an electronic signature to the public key of the second data or an ID that is generated by using the public key of the second data and can identify the public key of the second data, and to the second data or data generated from the second data; and a trace data processing section that adds, to the second data, the private key of the second data and trace data to be used for tracing a relation between the first data and the second data. The trace data includes the certificate generated by the certificate generating section and trace data added to the first data.

Abstract: A method for controlling access to wireless communications includes generating an overlay to a portion of an existing wireless network by controlling radio frequency (RF) equipment to establish a defined geographical volume as the overlay; receiving an indication of wireless devices within the volume, the indication including three-dimensional positions of the wireless devices within the boundary; establishing identities for the wireless devices, the identities selected from the group consisting of allowed, unknown, and restricted; generating a private network encompassing at least a portion of the volume; locking and maintaining locked unknown and restricted wireless devices to the processor; and directing allowed wireless devices to access the private network for wireless communications within the volume.

Abstract: A method for identifying a data segment includes receiving a first data segment associated with a first recording time; receiving a second data segment associated with a second recording time, comparing: the first recording time with the second recording time, a first time reference value with a second time reference value, and a first length enumeration for first data packets with a second length enumeration for second data packets; determining, based on the comparing, a match between the first data segment and the second data segment; and identifying the first data segment as the same as the second data segment based on the determining.

Abstract: A method for operating a cooling system of a transformer, wherein the transformer is cooled via a cooling liquid that circulates in the cooling system that includes a heat-exchanger, devices for increasing heat exchange performance of the at heat-exchanger and a controller, where in a normal operating state, the controller adjusts power of the devices for increasing the heat exchange performance as a function of a measured upper temperature and where, irrespective of the measured upper temperature, the controller refrains from activating the devices and/or operates the devices at a reduced power relative to the normal operating state if the lower temperature of the cooling liquid lies below a lower threshold value during operation of the transformer to achieve improved characteristics of the cooling system during operation under low environmental temperatures of the transformer, particularly in the case of a turn-on operation following lengthy storage in a cold state.

Abstract: The techniques herein provide for enhanced overlay network-based transport of traffic, such as IPsec traffic, e.g., to and from customer branch office locations, facilitated through the use of the Internet-based overlay routing infrastructure. This disclosure describes a method of providing integrity protection for traffic on the overlay network.

Abstract: Systems, methods, and computer program products for identifying a fraudulent device. A device analytics engine receives device data from a computing device, the device data including parameters associated with the computing device. The device analytics engine selects a set of rules in a plurality of rules that indicate at least one parameter in the plurality of parameters in the device data for determining a device identifier. The set of rules are evaluated in an order until the device identifier is determined from the at least one parameter indicated in the set of rules, the device data, and previously stored data from multiple computing devices. A score is generated for the computing device using one or more of the device identifier, device data, a set of rules, and previously receive device data that corresponds to the device identifier. A computing device is identified as a fraudulent computing device based on the score.

Abstract: A hearing device includes: a processing unit configured to compensate for hearing loss of a user of the hearing device; and a memory unit; wherein the processing unit is configured to: obtain an access right certificate, the access right certificate comprising an access right identifier, verify the access right certificate, and if the access right certificate is verified, provide an access right according to the access right identifier.

Abstract: Systems, apparatuses, and methods related to a computer system having a processor and a main memory storing scrambled data are described. The processor may have a cache, a register, an execution unit, and an unscrambler. The processor can load the scrambled data into the cache; and the unscrambler may convert the scrambled data into unscrambled data just in time for the register or the execution unit during instruction execution. The unscrambled data can be an instruction, an address, or an operand of an instruction. Unscrambling can be performed just before loading the data item in a scrambled form from the cache into the register in an unscrambled form, or after the data item leaves the register in the scrambled form as input to the execution unit in the unscrambled form. The unscrambled data and the scrambled data may have the same set of bits arranged in different orders.

Abstract: Data transfer in a secure processing environment is provided. A digital assistant can receive audio input detected by a microphone of a computing device. The digital assistant can determine, based on the audio input, to invoke a third-party application associated with the computing device. The digital assistant can generate, responsive to the determination to invoke the third-party application, a packaged data object. The digital assistant can forward, to the third-party application invoked by the digital assistant component to execute in a secure processing environment on the computing device, the packaged data object. The third-party application can transmit, responsive to a digital component request triggered in the third-party application, the packaged data object to a digital component selector to execute a real-time selection process based on the packaged data object.

Abstract: An electronic device for aggregating electronic medical records, in which electronic medical records are aggregated from multiple electronic repositories and displayed as a single set of records. The multiple electronic repositories may store records for a particular patient using varying identifying/access information to facilitate anonymous access to the electronic medical records. Emergency medical services providers may be able to access medical records for a patient using the electronic device after being authenticated as a valid/licensed medical services provider.

Abstract: A measurement-device-independent quantum key distribution (MDI-QKD) network includes a plurality of user nodes connected to untrusted relay node that performs Bell-state measurements on qubits transmitted by the user nodes. The relay node contains a calibration laser that serves as a wavelength reference for the user nodes. The output of the calibration laser is split into two wavelength-calibration signals, which are transmitted to a pair of user nodes via optical fiber. At each user node, a laser diode used to generate weak coherent pulses is injection-locked with the wavelength calibration-signal, thereby ensuring that the user nodes generate photonic qubits with the same wavelength. The embodiments may be implemented with any encoding scheme compatible with MDI-QKD, such as polarization encoding and time-bin phase-encoding. No auxiliary connections between the user nodes are needed, allowing the MDI-QKD network to be scaled up to many users.

Abstract: A method of detecting deviation from an operational state of a rotational device includes receiving, from one or more sensor devices coupled to the rotational device, frequency domain data indicative of vibration data sensed during a sensing period. The method also includes processing the frequency domain data using a trained anomaly detection model to generate an anomaly score for the sensing period and processing the anomaly score using an alert generation model to determine whether to generate an alert.

Abstract: A method of facilitating cyber inspection of connected and autonomous electrical vehicles using smart charging stations. Accordingly, the method comprises receiving an information associated with a connected and autonomous electrical vehicle (CAEV) connected to a smart charging station, identifying an operation comprising a scanning operation based on the information, generating a request for facilitating the scanning operation comprising a cyber security threats scan, a cyber-attacks scan, an antivirus scan, an antimalware, an anti-ransomware, and a security scan, transmitting the request to a service provider device of a service provider comprising a cyber security provider, receiving a scanning operation information from the service provider device, performing the scanning operation on ECUs of the CAEV for facilitating the cyber inspection of the CAEV using the scanning information, generating a status of the CAEV based on the performing, transmitting the status to a device, and storing the status.

Abstract: Current biometric access control systems rely on a biometric sensor at the access control point, a design which has shortcomings on throughput or biometric image quality, which is a particularly important limitation for vehicle traffic, particularly when vehicles do not stop. We disclose a Two-Phase Biometric Access Control System (TBACS) that includes biometric, multi-factor authentication in which the biometric sensor is not required to be at the access control point, the access authorization decision is made prior to arriving, and the access confirmation is verified at the access control point using a rapidly-read token that identifies the person seeking access.

Abstract: A first wireless access device, associated with a wireless service provider, establishes a wireless local area network connection with a second wireless access device and receives a certificate including a unique identifier associated with the second wireless access device. The first wireless access device determines whether the second wireless access device is authorized to connect to the first wireless access device. For example, if the certificate is signed by a certificate authority associated with the wireless service provider and the unique identifier appears in a whitelist stored at the first wireless access device, the first wireless access device and the second wireless access device perform a mutual authentication procedure based on one or more ephemeral keys. The first wireless access device provides the second wireless access device with access to a wide area network based on successful completion of the mutual authentication procedure.

Abstract: Sequences to synchronize devices and related methods are disclosed herein including an access address generator to cryptographically generate a first bit sequence, an access address selector to read a first portion of the first bit sequence and read a second portion of the first bit sequence, the second portion different than the first portion, an access address analyzer to identify a first access address from a first section of the first portion based on a first criteria, the first criteria a function of a first autocorrelation function and identify a second access address from a second section of the second portion based on a second criteria, the second criteria a function of a second autocorrelation function.