Abstract: Localized content from at least one local merchant is provided to a user through a publicly accessible computer device. A server interfaces to one or more publicly accessible computer devices that are associated with a vendor. The computer devices interface to content sources through a network. A user access is detected and the identity of the user and the computer device is determined. These identities are provided to a server. The server then provides content to the computer device that is selected based on the identity of the user and the computer device. At least a portion of the content is advertising from a local merchant. Revenue is obtained from the local merchants and a portion is provided to the vendor associated with the particular computer device.

Abstract: A system for broadcasting that includes a watermark payload.

Abstract: A packet-filtering system described herein may be configured to filter packets with encrypted hostnames in accordance with one or packet-filtering rules. The packet-filtering system may resolve a plaintext hostname from ciphertext comprising an encrypted Server Name Indication (eSNI) value. The packet-filtering system may resolve the plaintext hostname using a plurality of techniques. Once the plaintext hostname is resolved, the packet-filtering system may then use the plaintext hostname to determine whether the packets are associated with one or more threat indicators. If the packet-filtering system determines that the packets are associated with one or more threat indicators, the packet-filtering system may apply a packet filtering operation associated with the packet-filtering rules to the packets.

Abstract: In accordance with an example embodiment there is disclosed herein a method for authenticating a touch screen layout. A file containing the touch screen layout is signed by a key known to the device that is to deploy the touch screen layout, such as, for example an automated banking machine and/or a point of sale system. Before the touch screen is used by the device's user interface, the device validates the touch screen.

Abstract: In one embodiment, the invention provides a portable wireless personal communication system for cooperating with a remote certification authority to employ time variable secure key information pursuant to a predetermined encryption algorithm to facilitate convenient, secure encrypted communication. The disclosed system includes a wireless handset, such as PDA, smartphone, cellular telephone or the like, characterized by a relatively robust data processing capability and a body mounted key generating component which is adapted to be mounted on an individual's body, in a permanent or semi-permanent manner, for wirelessly broadcasting, within the immediate proximity of the individual, a secret or private key identifying signal corresponding to a time variable secure key information under the control of the certification authority.

Abstract: An information processing system includes: a service system, a plurality of agent machines, and a plurality of encryption machines. The plurality of agent machines and the plurality of encryption machines are divided into a plurality of groups, and each group includes at least two encryption machines and a plurality of agent machines communicatively connected to the at least two encryption machines. The encryption machine is configured to encrypt and decrypt data from the service system and to perform signature verification on the data when the service system performs a security call on the encryption machine via the agent machine in the group containing the encryption machine. The service system is configured to perform service processing and to perform the security call on the encryption machine via the agent machine in the group containing the encryption machine.

Abstract: A portable electronic authentication device (10) for providing access to a website or a computer resource or a secure place. The portable electronic device includes a first communication unit (11) and a second communication unit (12) different from the first communication unit. The first communication unit is intended to receive an interrogation signal (SP) from a control device of a control system, which includes the portable electronic device. The second communication unit is intended to transmit a response signal (SL) which includes identification data of the portable electronic device to authenticate the portable electronic device in the control system and allow access to a website or a computer resource or a secured place.

Abstract: In one embodiment, the invention provides a portable wireless personal communication system for cooperating with a remote certification authority to employ time variable secure key information pursuant to a predetermined encryption algorithm to facilitate convenient, secure encrypted communication. The disclosed system includes a wireless handset, such as PDA, smartphone, cellular telephone or the like, characterized by a relatively robust data processing capability and a body mounted key generating component which is adapted to be mounted on an individual's body, in a permanent or semi-permanent manner, for wirelessly broadcasting, within the immediate proximity of the individual, a secret or private key identifying signal corresponding to a time variable secure key information under the control of the certification authority.

Abstract: Disclosed embodiments are related to Management Data Analytics (MDA) relation with Self-Organizing Network (SON) functions and coverage issues analysis use case. Other embodiments may be described and/or claimed.

Abstract: A first node of a network includes a quantum transmitter, a classical transceiver, and an initial-key generator that cooperate with a second node to transmit an initial key via the quantum transmitter. The first node includes a key-series generator that (i) encrypts a first unencrypted key of a series of unencrypted keys to generate a first encrypted key of a series of encrypted keys and (ii) encrypts each subsequent unencrypted key of the series of unencrypted keys with a preceding unencrypted key of the series of unencrypted keys to generate a subsequent encrypted key of the series of encrypted keys. The encrypted keys are transmitted to the second node. The first node includes one or both of a decryptor and an encryptor. The decryptor decrypts encrypted data using a last unencrypted key of the series of unencrypted keys. The encryptor encrypts unencrypted data using the last unencrypted key.

Abstract: The disclosure relates to, among other things, systems and methods for augmenting and/or otherwise supplementing content using watermarks. Consistent with embodiments disclosed herein, a user device such as a smartphone may be used to retrieve watermark information encoded in a watermark. The watermark information may comprise content that supplements an associated content item, link and/or location information that may be used to retrieve supplemental content, and/or the like. In some embodiments, the watermark information may comprise cryptographic and/or other access token information used to decrypt and/or otherwise access supplemental content.

Abstract: A cryptographic object management system is provided that includes physically separated first and second object management sites. The first and second object management sites each respectively include HSMs, a HSM server connected to each of the HSMs, and a persistent layer connected to the HSM server. The HSM servers respectively manage operation of each of the HSMs. The HSM server of the first object management site includes an object manager module that manages and controls the cryptographic object management system. The persistent layers respectively store cryptographic objects for use by the HSMs. Each of the HSMs respectively performs crypto-processing on one or more of the cryptographic objects.

Abstract: A Time-based One-Time Password (TOTP) validator is interposed between a principal and a network service. The validator interacts with a mobile application (app) on the mobile device associated with the principal to dynamically supply a validator secret. The secret and, perhaps, other information are processed by the app to generate a TOTP when the principal attempts to access a protected resource of the network service. The validator independently generates the TOTP and compares the app generated TOTP, and on a successful match, a principal's access device is redirected for access to the protected resource.

Abstract: A device authentication method, a service access control method, a device, and a non-transitory computer-readable recording medium are provided. In the device authentication method, an authentication request device issues an authentication request transaction in a distributed ledger, and an authentication response device reads the authentication request transaction in the distributed ledger and performs authentication. Thus, no third-party authentication center or coordinate device is required to participate in an authentication handshake process, thereby reducing deployment overhead of an authentication system and improving efficiency of authentication and access service control.

Abstract: An authentication system facilitates a transfer of enrollment in authentication services between client devices. The authentication system enrolls a client device in authentication services to enable the client device to be used for authenticating requests to access one or more services. As part of enrolling the client device, the authentication system receives authentication enrollment information for the client device that is associated with one or more authentication credentials securely stored on the client device (e.g., a multi-factor authentication (MFA) certificate). The authentication system facilitates one or more processes for transferring the enrollment from an enrolled client device to a non-enrolled client device that limit the number and complexity of actions performed by the user.

Abstract: To prevent un-authorized accesses to data and resources available in workloads on an organization's or enterprise's computer network, various improvements to automated computer network security processes to enable them to enforce network security policies using native network security mechanisms to control communications to and/or from workload units of applications running on different nodes within hybrid computer network infrastructures having both traditional hardware resources and virtual resources provided by private and public cloud infrastructure services.

Abstract: A method for sharing read access to a document stored on memory hardware. The method includes receiving a shared read access command from a sharor sharing read access to a sharee for a document stored on memory hardware in communication with the data processing hardware, and receiving a shared read access request from the sharee. The shared read access command includes an encrypted value and a first cryptographic share value based on a write key, a read key, a document identifier, and a sharee identifier. The method also includes multiplying the first and second cryptographic share values to determine a cryptographic read access value. The cryptographic read access value authorizes read access to the sharee for the document. The method also includes storing a read access token for the sharee including the cryptographic read access value and the encrypted value in a user read set of the memory hardware.

Abstract: A system and method for providing remote access to a device is disclosed. The method comprises receiving an automatically expiring authentication token having encrypted authentication token data including a session key from the device, transmitting the authentication token to secure facility, receiving the decrypted authentication token data from the secure facility, signing a tool package with a package verification key derived at least in part from the session key, the tool package comprising processor instructions providing remote access to the device when executed by the processor, providing the signed tool package to the device. The device verifies the signed tool package using the package verification key and executes the tool package only if the signature of the tool package is verified.

Abstract: A method by a security system implemented by one or more electronic for detecting attacks on one or more databases. The method includes analyzing database logs of one or more databases to determine transaction characteristics of each of the one or more databases, selecting, for each of a plurality of database accesses to the one or more databases, one or more security rules to apply to that database access, wherein different security rules are selected for different ones of the plurality of database accesses depending on the determined transaction characteristics of the database being accessed, and causing, for each of the plurality of database accesses, the one or more security rules selected for that database access to be applied to that database access.

Abstract: A system and method for encrypting a data frame of a low-power communication protocol. The method includes providing an input data frame, the input date frame includes a random number, a unique identifier, and a payload data, encrypting the payload data, generating a Message Integrity Code (MIC), generating a rotating identifier by encrypting the unique identifier, and generating an output frame based on the generated rotating identifier, the generated MIC, and the encrypted payload data.