Abstract: A device management system (1) includes a common certification information acquirer, a certifier, an identification information generator, and a setter. The common certification information acquirer acquires common certification information from a device (10) including a storage for storing the common certification information. The common certification information stored in the storage is shared with another device. The certifier certifies the device (10) based on the common certification information. The identification information generator generates identification information for identification of the device (10) certified by the certifier. The setter sets the identification information to the device (10).

Abstract: Provided is a process that establishes representations and permits users to login to a relying device to which a mobile device has registered. Credential values of the user are established within a trusted execution environment of the mobile device and representations of those credentials are transmitted to a server. The user of the mobile device may authenticate with the mobile device to the server, which may permit user access to the relying device via secure session. The user of the mobile device may authenticate with the mobile device to the server, which may permit user access by causing the mobile device to obtain a value by which the relying device may be accessed. The user of the mobile device may authenticate with the mobile device based on a policy received from the server to obtain a value by which the relying device may be accessed.

Abstract: A computing system that is configured for a federated wallet with cryptographically secure signature delegation. The system may be configured to receive a session public key corresponding to a decentralized application and a user. The system may be further configured to receive an unsigned transaction of a blockchain, the unsigned transaction corresponding to the user. The system may be further configured to provide a symmetric encryption key to the user's device for encrypting the user's private signing key. The system may be further configured to determine, using the session public key, that the unsigned transaction is valid. Based on the validity of the unsigned transaction, the system may send the unsigned transaction to the user's device. The system may send the symmetric encryption key to the user's device to decrypt the private signing key. The system may be further configured to receive a signed transaction for submission to the blockchain.

Abstract: A detection method for a malicious domain name in a domain name system (DNS) and a detection device are provided. The method includes: obtaining network connection data of an electronic device; capturing log data related to at least one domain name from the network connection data; analyzing the log data to generate at least one numerical feature related to the at least one domain name; inputting the at least one numerical feature into a multi-type prediction model, which includes a first data model and a second data model; and predicting whether a malicious domain name related to a malware or a phishing website exists in the at least one domain name by the multi-type prediction model according to the at least one numerical feature.

Abstract: Systems and methods for obtaining an external content item from an online service for presentation on the client device is presented. On the client device, a condition is detected in the execution context of an executing application, the condition corresponding to the presentation of an external content item by the application. A request is made to the online service for content items. In response, content information is received, where the content information identifies potential content items. According to various embodiments, initial scores are associated with each potential content item in the content information. At the client device, a completed score is generated for each content item according to local information on the client device and the corresponding initial score. An external content item is selected for presentation on the client device from the potential content items according to, at least in part, the completed scores.

Abstract: A device for detecting perturbation attacks performed on a digital circuit is provided.

Abstract: A device identifier access method and in the field of communications technologies. The method, implemented by a terminal, includes receiving request information for accessing a first device identifier by a target application; determining first access permission used when the target application accesses the first device identifier, where the first access permission includes one of the following: prohibiting access to the first device identifier, allowing access to a real value of the first device identifier, and allowing access to a dummy value of the first device identifier; and when the first access permission is allowing access to the dummy value of the first device identifier, returning the dummy value of the first device identifier to the target application.

Abstract: An electronic device is provided that includes a memory storing program instructions, and one or more processors. The one or more processors, when executing the program instructions, are configured to generate an agent public key, and generate a key font based on the agent public key. The one or more processors are also configured to communicate the key font to an operating system, and obtain a key message based on the key font from an application. The one or more processors are also configured to respond to the key message on a bus based on the key message.

Abstract: A system and method for automatically healing web service disruptions are disclosed. A processor establishes a communication link between a web service provider device in a web service provider side and a web service consuming device in a web service consuming side in a computer network environment. A receiver receives a request from the web service consuming device to receive a web service provided by the web service provider device. The processor detects a change in an XML document in the web service provider side which disrupts receiving the web service requested by the web service consuming device; generates stubs on the fly in response to detecting the change in the XML, document; implements the stubs that addresses the detected change in the XML document; and automatically heals web service disruptions in response to implementing the stubs.

Abstract: A method for detecting an unauthorized physical access to a bus system. The method including: acquiring a measuring signal which assumes a first state when the voltage signal lies above a threshold voltage and a second state when the voltage signal does not; detecting a test-level sequence in the voltage signal; forming a measuring-signal pattern based on the measuring signal; comparing the measuring-signal pattern to a reference pattern that is assigned to the detected test-level sequence and was determined based on a reference measuring signal for the test-level sequence in a state of the bus system in which no unauthorized physical access was present; and determining that a possible unauthorized physical access is present if the measuring-signal pattern and the reference pattern differ from each other in one or more predetermined properties by more than a specific tolerance.

Abstract: Systems and methods for Internet access control are presented. A third-party application is hosted by a third-party server on the Internet. The third-party application has third-party data of a user. An Internet access control device detects an Internet access by the user to a target server on the Internet. The Internet access control device allows or blocks the Internet access depending on whether the Internet access is permitted or prohibited based on the third-party data.

Abstract: A method, a system, and a computer program product for protection and recovery of backup storage systems from ransomware attacks. A request to modify data stored in a storage system is received. The storage system includes at least one component configured to store the deduplicated data. An acknowledgement of the received request is generated. The acknowledgement indicates that the data stored in the at least one component and identified in the received request was modified. Modification of the data stored in the at least one component and identified in the received request for a predetermined period of time is prevented.

Abstract: Various embodiments for predicting which software vulnerabilities will be exploited by malicious hackers and hence prioritized by patching are disclosed.

Abstract: Techniques for configuring a device with a security context using a security context distribution service are provided. One embodiment receives, from a first device operating on a first network, a request for a security context for the first device, where the request includes a public certificate for the first device. The request is decrypted, and the public certificate is validated. A set of device requirements are determined based on a unique identifier for the first device and device claim information associated with the first device. Embodiments generate a response message that contains at least one Transport Layer Security (TLS) certificate associated with the first network, based on the set of device requirements, where the response message is encrypted using a public key associated with the first device. The response is message is transmitted to the first device.

Abstract: In one embodiment, a method comprises: determining, by an executable resource within a network device, a risk of the network device having been infected by a persistent consistent threat based on the executable resource detecting attributes associated with the network device; and presenting based on the risk, by the executable resource, a recommendation to a user of the network device to execute a prescribed hard reset that erases all data and executable code from a volatile random access memory (RAM) of the network device, the prescribed hard reset causing erasure of any persistent consistent threat residing in the volatile RAM.

Abstract: Some embodiments are directed to a computing device (100) configured for execution of a computer program protected against address probing. The device is configured to run at least one anomaly detector (140) for detecting an address probing on the computer program, and to selectively replace an originating computer program code part with a replacement computer program code part wherein an address probing countermeasure is added.

Abstract: A system, method, and apparatus for implementing workflows across multiple differing systems and devices is provided herein. During operation, a graphical-user interface provides a user with a list of triggers and a list of actions. A user creates a workflow by dragging a trigger and at least one action to an area of a screen (workspace) and then connecting them with a line or arc. If a security ecosystem is unable to execute the created workflow, the necessary components needed to execute the workflow will be provided in a small area on the screen (workspace).

Abstract: An indication that data packets of personal data that correspond to data packet types for data categories are approved for transfer between user accounts via the personal data sharing platform is provided. A first data packet identifying first personal data that is related to a first user of the first user account is received. The first data packet includes first personal data values that correspond to first attributes specified by a first data packet type and that have been individually encrypted at first user account. Whether the first data packet satisfies a condition that the first data packet include data values for each of the first attributes specified by the first data packet type for a first data category is determined. Responsive to determining that the first data packet satisfies the condition, the individually encrypted first personal data values and the corresponding first attributes are stored at a data store.

Abstract: This disclosure relates to systems and methods generating and distributing protected software applications. In certain embodiments, integrity checking mechanisms may be implemented using integrity checking code in software code prior to compilation into machine code. Following compilation and execution of the application, the introduced code may check the integrity of the application by determining whether the application behaves and/or otherwise functions as expected. By introducing integrity checking in this manner, integrity checking techniques may be injected into the application prior to compilation into machine code and/or independent of the particular manner in which the application is compiled.

Abstract: A MAC tag list generation apparatus includes: a message input part; a group testing matrix generation part which generates a t×m group testing matrix H that is a parameter(s) of combinatorial group testing with respect to the number s (s being a positive integer) of the MACs to be generated, a decodable linear group testing MAC application part which, with respect to the message M, using the group testing matrix H, a variable-length-input fixed-length-output pseudorandom function F; and a Tweakable block cipher G for which a row index of the group testing matrix H is a Tweak, generates a MAC tag list T=(T[1], . . . , T[t]); and a MAC tag list output part which outputs the MAC tag list.