Abstract: An object of the present invention is to provide a control device and control method that make it possible to perform an inter-device authentication process more certainly and improve security. Provided is a control device including: a control section configured to control an authentication process of performing a process related to device authentication together with at least one communication device on a basis of information included in a signal received through wireless communication with the communication device. The control section performs control in such a manner that authentication information is changed for each process group in which the authentication process is repeated more than once, the authentication information being information to be used for the authentication process.

Abstract: Techniques, methods and/or apparatuses are disclosed that enable of cyber risks on assets of networks to be evaluated in presence of security controls on the assets. In this way, effect of security controls already in place may be quantified. A novel scoring technique is presented. Also, use of causal inference is in the context of security risk assessment is described.

Abstract: A method, an apparatus and a computer program for tracking location of users without disclosing Personally Identifiable Information (PII). The method comprises analyzing sequences of location events of a user over time to determine a Point Of Interest (POI) of the user. In response to determining that the POI is PII-revealing POI; obfuscating the POI, by generating a pseudolocation identifier of the POI indicative of a semantic meaning thereof to the user without revealing a geographic location of the POI. The method further comprises generating an anonymized sequence of location events of the user based on the sequence of location events, that comprises the pseudolocation identifier to represent location events associated with the POI, and absent of the geographic location thereof. The anonymized sequence of location events may be provided a third party to analyze behavior of the user without divulging identity of the user.

Abstract: Systems and methods are provided for authorizing an electronic transaction. In one implementation at least one processor is programmed to receive electronic transaction data and historical transaction data, the electronic transaction data including an entity identifier component and an amount component of an electronic transaction; determine, based on the entity identifier component and the amount component, a location of the electronic transaction in a space of a distributed representation space, the distributed representation space comprising a mapping of electronic transaction components in a high-order space; determine locations of the historical transaction data in the distributed representation space; determine a decision boundary in the distributed representation space based on the locations of the historical transaction data; and authorize the electronic transaction based on the location of the electronic transaction being within the decision boundary.

Abstract: A control device comprising, a control section configured to control an authentication process of performing a process related to device authentication together with at least one communication device on a basis of information included in a signal received through wireless communication with the communication device, wherein the control section performs control in such a manner that a signal including authentication information that is information to be used for the authentication process is transmitted to the communication device through the wireless communication, the authentication information varying depending on signal types, which are types of roles of signals to be transmitted to the communication device in the authentication process.

Abstract: A mobile device configured for communication with a multi-channel, operating-system (OS)-agnostic application programming interface (API) is provided. The API is configured to provide generic access to an OS-agnostic-device API output. The API may be coupled to a library of user credentials, and a library of data. The data provides information for one or more responses to a request from the user. The device may include an OS-based application and a translator. The translator translates communications between the OS-based application and said OS-agnostic API. The translator may convert an OS-compliant message header to a generic message header and to convert a generic message header to an OS-compliant message header. The OS-agnostic API may receive a communication initiation from the device. The device may be associated with a first channel. The API may request and receive 1) user credentials associated with the device and 2) data, authenticate the user credentials, and pull the data.

Abstract: Apparatus, systems and methods for providing a four-part, virtual reality (VR) customer service interaction between a customer service avatar operating on a VR platform and a customer using both a mobile device and a VR device are provided. Methods may include activating a VR session between the customer service avatar and the customer. Methods may include validating the VR session between the customer service avatar and the customer. Methods may include processing a co-browsing VR session request. Methods may include initiating the VR session between the customer service avatar and the customer.

Abstract: An information processing device includes a first communication unit, a second communication unit, an information processing unit, and a switching unit. The information processing unit is configured to encrypt information which is received from a terminal device and to transmit the encrypted information to a network and configured to decrypt information which is received from the network and to transmit the decrypted information to the terminal device. The information processing device includes a switching unit configured to directly connect a communication line between the first communication unit and the terminal device to another communication line between the second communication unit and the network, when the information processing unit comes into an inoperable state including at least electric power supply stop state, and to switch into a pass-through mode in which the terminal device and the network communicate directly with each other without through the information processing unit.

Abstract: A method for training a machine learning model using information pertaining to characteristics of upload activity performed at one or more client devices includes generating first training input including (i) information identifying, for each of a plurality of application categories, data categories pertaining to first amounts of data uploaded from the client device during a specified time interval. The method includes generating a first target output that indicates whether the data categories corresponding to the first amounts of data correspond to malicious or non-malicious upload activity. The method includes providing the training data to train the machine learning model on (i) a set of training inputs including the first training input, and (ii) a set of target outputs including the first target output.

Abstract: According to examples, an apparatus may include a processor that may identify activities of an entity on resources over a predetermined period of time, in which the entity is to use permissions assigned to the entity over the resources to perform the identified activities. The processor may also identify which of a plurality of groups of permissions includes the permissions the entity used to perform the identified activities and may determine permutations of the identified plurality of groups of permissions. The processor may further calculate respective scores for each of the determined permutations to identify permutations of the groups of permissions having the lowest scores and may output information pertaining to the determined permutations having the lowest scores.

Abstract: Example implementations relate to the processing of refresh token requests at an API gateway. The API gateway determines a first time associated with receipt of the refresh token request and a second time associated with the generation of a current access token. The current access token and a refresh token in the refresh token request are provided by the API gateway to the client device for accessing a backend service. The API gateway determines whether a difference between the first time and the second time is within a pre-defined threshold duration. When the difference between the first time and the second time is within the pre-defined threshold, the API gateway denies the refresh token request for generating the new access token and transmits the current access token back to the client device.

Abstract: A calculation device receives input of a plurality of pieces of training data including a communication destination known to be malignant as data. The calculation device generates a model that calculates a malignant degree of an input communication destination from each piece of the training data. The calculation device gives weight to each of the models, and generates a mixed model using the model and the weight. The calculation device calculates a malignant degree of a communication destination unknown whether the communication destination is malignant using the mixed model.

Abstract: A connected device with at least one sensor adapted to measure at least a physical quantity and to report a measure of this physical quantity to a remote device, the at least one sensor system providing an output Z which is then digitized in order to provide an output signal Y having a first and a second component, the first component being representative of the measured physical quantity X and the second component being representative of the structural noise R introduced by the at least one sensor. The connected device also has a noise generator configured to generate using as an input at least one parameter representative of the structural noise R a blurring noise V which is uncorrelated with said structural noise R; combine the digital output signal Y with the blurring noise V in order to generate a signal Y?; transmit signal Y? to the remote device.

Abstract: A system and for improving security of personally identifiable information stored in a computer database. The system and method enable a user's location information to be maintained in a data storage and retrieval system in such a way that it prohibits a user from being uniquely identified by the location information stored in the data storage and the retrieval system.

Abstract: Systems, methods, and related technologies for analyzing traffic based on naming information are described. In certain aspects, name information and address information from a name translation response are stored. The name information is associated with a device based on the device sending a communication to an address associated with the name information.

Abstract: Systems and methods for an organization-level account for an organization on a data platform, users of which can possess administrative or management privileges with respect to the organization and across one or more others accounts of the organization.

Abstract: A privacy-enhancing system, method, and non-transitory computer-readable medium for securely identifying an individual over time without retaining sensitive biometric data. In one embodiment, the system includes a local identity server including an electronic processor, a communication interface, and a memory. The electronic processor is configured to initiate a personalization of a partner-specific identification vehicle that identifies the individual based at least in part on an individual global unique identifier associated with the individual, receive a request for a service from the individual via the communication interface, receive consent and registration information from the individual via the communication interface, generate an identity confirmation that confirms an identity of the individual, and output the identity confirmation via the communication interface.

Abstract: Systems, methods, and computer media are described for user risk assessment using similarity analysis. Records of transactions performed by a user while in previous enhanced application access sessions can be evaluated against records of transactions performed by other users in previous sessions. The more similar a user is to other users, the more likely it is the user was acting in a typical manner, and the less likely the user poses a security risk. A similarity analysis can be performed using a bipartite graph linking a group of users and a group of application transactions. By examining an edge between a user and a performed transaction, other edges (and corresponding other users) can be identified that also performed the transaction. A similarity score can be calculated based on the bipartite graph and can be used to determine a risk classification and allow or deny an enhanced application access session request.

Abstract: A system for analyzing computer systems and networks for potential vulnerabilities to cyber-attacks configured to (i) receive scan data from a scan of a target computer device; (ii) search for one or more vulnerabilities based on the scan data; (iii) determine at least one attack vector based on the one or more vulnerabilities; (iv) generate one or more exploits based on the one or more attack vectors and the one or more vulnerabilities; and (v) execute the one or more exploits on the target computer device.

Abstract: In one embodiment, a method includes by a computing device, detecting a sensory input, identifying, using a machine-learning model, one or more attributes associated with the machine-learning model, wherein the attributes are identified based on the sensory input in accordance with the model's training, and presenting the attributes as output. The identifying may be performed at least in part by an inference engine that interacts with the model. The sensory input may include an input image received from a camera, and the model may identify the attributes based on an input object in the input image in accordance with the model's training. The model may include a convolutional neural network trained using training data that associates training sensory input with the attributes. The training sensory input may include a training image of a training object, and the input object may be classified in the same class as the training object.