Abstract: Methods, systems, and devices for wireless communications are described. Aspects include a device generating data to be sent to a receiving device and determining to provide provenance for the data. The device may generate a data identifier based on an identifier generation key and encrypt the data using an encryption key generated from a key associated with an owner of the device. The device may sign they encrypted data transmission using a signing key where the signing key is based on the encrypted data and the data identifier. In some cases, the device may send the data to a receiving device via one or more proxy devices. In some cases, multiple device may send signed data transmissions to a proxy device and the proxy device may process the multiple data transmission and send the processed data to the receiving device. The receiving device may verify provenance of the data.

Abstract: A technique includes accessing data representing a state of a given investigation of a potential security threat to a computer system by a security analyst. The state includes a result of a current investigative step of the investigation, and the analyst conducting the investigation uses an investigation graphical user interface (GUI). The technique includes applying machine learning that is trained on observed investigations to determine a recommendation to guide the analyst in a next investigative step for the given investigation. The technique includes communicating the recommendation through an output provided to the investigation GUI.

Abstract: Provided is an apparatus for managing user authentication in a blockchain network and the apparatus comprises a processor configured to transmit, to a server, a request for a snapshot identifier (ID) with user data comprising at least one of one-time password, biometric data, context data, routine data, or device metadata, receive the snapshot ID generated based on the user data, initiate a transaction with the snapshot ID in the blockchain network comprising a blockchain server which authenticates the snapshot ID, and output blockchain transaction data associated with the transaction based on the authentication of the snapshot ID.

Abstract: The present embodiment relates to a machine-to-machine communication (M2M) technique, and to a method for a receiver processing a request message sent by a transmitter, and a device therefor. One embodiment provides a method and a device for an M2M device processing a message, the method comprising the steps of: receiving, from another M2M device, a request message including an operation parameter, a receiving-side parameter, a transmitting-side parameter and a request identification parameter; processing, according to an operation indicated by the operation parameter, a resource being processed including attribute information for indicating resource information; and transmitting a response message including response information for the request message.

Abstract: The present disclosure provides a method, system, and device for securely updating a software release across a network. To illustrate, a server may compile a transaction log that includes information corresponding to one or more nodes in the network to which the software release has been transmitted. The server may analyze one or more files based on vulnerability information to identify at least one file of the one or more files that poses a risk. The server may also identify at least one node of the network at which the at least one file is deployed. Based on identifying the at least one node, the server may transmit a corrective action with respect to the at least one node.

Abstract: The present disclosure relates to highly secure, high speed encryption methodologies suitable for applications such as media streaming, streamed virtual private network (VPN) services, large file transfers and the like. For example, encryption methodologies as described herein can provide stream ciphers for streaming data from, for example, a media service provider to a plurality of users. Certain configurations provide wire speed single use encryption. The methodologies as described herein are suited for use with blockchain (e.g. Bitcoin) technologies.

Abstract: Broadly speaking, the present technique provides methods, apparatuses and systems for performing a TLS/DTLS handshake process between machines in a manner that reduces the amount of data sent during the handshake process.

Abstract: An operating system of a mobile device defines an interface for an MDM to ensure security of the device. A private personal MDM (PPMDM) instead interfaces with the operating systems and one or more enterprise MDMs (EMDM) implement security policies through the PPMDM subject to user control. Data may be flagged as associated with an EMDM based on source or location to enable deletion due to theft or disassociation with an enterprise. Blocks or threat detection according to an EMDM policy may be reported to an EMDM in a non-invasive manner.

Abstract: A method comprises receiving an image of an update for a software module, a rate parameter, an index parameter, and a public key, generating a 32-byte aligned string, computing a state parameter using the 32-byte aligned string, generating a modified message representative, computing a Merkle Tree root node, and in response to a determination that the Merkle Tree root node matches the public key, forwarding, to a remote device, the image of the update for a software module, the state parameter; and the modified message representative.

Abstract: Disclosed is a device and method to secure software update information for authorized entities. In one embodiment, a device for receiving secured software update information from a server, the device includes: a physical uncolonable function (PUF) information generator, comprising a PUF cell array, configured to generate PUF information, wherein the PUF information comprises at least one PUF response output, wherein the at least one PUF response output is used to encrypt the software update information on the server so as to generate encrypted software update information; a first encrypter, configured to encrypt the PUF information from the PUF information generator using one of at least one public key from the server so as to generate encrypted PUF information; and a second encrypter, configured to decrypt the encrypted software update information using one of the at least one PUF response output so as to obtain the software update information.

Abstract: A Universal identification system comprising: a Universal ID device, a Universal ID reader and a Universal ID computing system is described.

Abstract: One or more embodiments of techniques or systems for session management, security scoring, and friction management are provided herein. Sessions may be monitored for commonalities or other attributes or aspects and closed, terminated, or a freeze placed on additional sessions from being initiated. A security score may be provided which is indicative of how secure a user is with respect to one or more ways the user interacts with a resource. One or more suggested actions or score improvement strategies may be suggested to facilitate improvement of a security score for a user. Friction management may be provided by having one or more additional layers of security applied to an account of a user or an entity based on suspicious behavior or other factors.

Abstract: Examples described herein relate to a blockchain Internet-of-Things (IoT) system. The blockchain IoT system include a blockchain IoT device that generates event data and attests the event data using a decentralized identity provisioned to the blockchain IoT device. The blockchain IoT system further includes a blockchain network coupled to the blockchain IoT device via a network. The blockchain network includes a blockchain IoT management sub-system to receive the event data from the blockchain IoT device, verify the decentralized identity associated with the blockchain IoT device, and upon successful verification of the decentralized identity, process the event data. The blockchain network also includes a blockchain ledger sub-system to verify the processed event data and, upon successful verification of the processed event data, store the processed event data in a distributed ledger.

Abstract: A method for blockchain certification of artificial intelligence factsheets that includes receiving by a computing device, an artificial intelligence model. The computing device generates an artificial intelligence factsheet based upon logic of the artificial intelligence model. The computing device generates a blockchain link for a blockchain. The blockchain link certifies the artificial intelligence factsheet. The computing device transmits the blockchain link certifying the artificial intelligence factsheet to other computing devices.

Abstract: Techniques are disclosed for migrating data objects stored by the source DDOS from the source DDOS to the target DDOS while at least the source DDOS is live and available to process requests for access to the data objects being migrated. The techniques also provide eventual consistency between data objects that are created, updated, or deleted in the source DDOS that are applicable to the migration and that occur while the migration is being performed.

Abstract: Disclosed is a method for managing database permissions, the method including: obtaining a login account that successfully logs in to a first database, where the first database is a relational database built in with permission management and is pre-configured with an external table that has a mapping relationship with a second database; ascertaining management permissions of the login account based on pre-configured management permission information; determining whether a management operation on the external table by the login account exceeds the management permissions of the login account; and if the management operation by the login account does not exceed its management permissions, permitting the management operation, and synchronizing the management operation to the second database based on the mapping relationship between the external table and the second database. Further disclosed are a system and a device for managing database permissions, as well as a computer-readable storage medium.

Abstract: Aspects of the present disclosure provide for systems and methods to automatically load security access files and/or keys on a local digital controller serving subscriber communication equipment, but are not so limited. A disclosed system operates to use a deployment manager as part of auto-loading security access files and/or keys on a local digital controller serving subscriber communication equipment. A disclosed method operates in part to auto-load security access files and/or keys on a local digital controller serving subscriber communication equipment.

Abstract: Message decryption dependent on third-party confirmation of a condition precedent is disclosed. A message is encrypted with a message encryption key to form an encrypted message. A message decryption key that is configured to decrypt the encrypted message is encrypted with a key of a first entity to which the message is to be disclosed upon occurrence of a condition precedent to form an encrypted message decryption key. The encrypted message decryption key is encrypted with a key of a second entity configured to confirm the occurrence of the condition precedent to form a double encrypted message decryption key. A condition identifier that identifies the condition precedent is generated. The encrypted message, the double encrypted message decryption key, and the condition identifier are sent to the first entity.

Abstract: A verification method implemented by a first system including a plurality of computers, the method includes: calculating a first hash value for an original document; calculating a second hash value for an original document by using the first hash value; calculating a first modified version's first hash value for the first modified version document; calculating a first modified version's second hash value that is a hash value obtained by combining the first modified version's first hash value and the original document's second hash value; in response to a second modified version document obtained by modifying the first modified version document, calculating a second modified version's first hash value for the second modified version document; and calculating a second modified version's second hash value that is a hash value obtained by combining the second modified version's first hash value and the first modified version's second hash value.

Abstract: A system includes an electronic control unit (ECU) including a processor that determines that the ECU has been communicably connected to a vehicle communication system. The processor sends a provisioning message, via the communication system, to a remote server, responsive to connection to the vehicle communication system. The message includes a vehicle identifier provided by an element of the vehicle system and signed with a unique security key specific to the ECU. The processor is also receives a confirmation response from the remote server and enables further communication for the ECU responsive to the confirmation response.