Abstract: The present disclosure provides methods and systems for secure logon. One or more method includes: determining, via authentication information provided by a user of an electronic device, that the user is authorized to access an online account provided by the online account provider; providing the user with a selectable option to enable an expedited logon process by which the user can access the online account by solely providing a particular authentication item of the user; receiving a verification credential in response to a next logon attempt using the expedited logon process; and verifying that the received verification credential matches an assigned verification credential provided to the user for use in conjunction with the next logon attempt using the expedited logon process.

Abstract: A security device generates a key based on a physically unclonable function (PUF). The security device includes a physically unclonable function (PUF) block, an integrity detector, and a post processor. The PUF block outputs a plurality of first random signals and a plurality of corresponding first inverted random signals each having a logic level opposite to that of each of the plurality of corresponding first random signals. The integrity detector determines data integrity of the plurality of first random signals by using the plurality of first random signals and the plurality of corresponding first inverted random signals. The post processor generates a first row key that includes validity signals satisfying the data integrity.

Abstract: A method for moderation in a permissioned blockchain using a hash-oriented scheme includes: storing a blockchain including a most recent block; receiving transaction data values; receiving a first reference value and a second reference value; generating a first hash value by hashing the first reference value; generating a block proof including the first hash value, a second hash value, a third reference value, and a block value; verifying a block header of the most recent block using the block proof; receiving a new block value; generating a new block header including the first reference value, the second reference value, a fourth reference value, and the new block value; generating a new block for the blockchain including the new block header and the transaction data values; and transmitting the new block to one or more additional nodes associated with the blockchain.

Abstract: A driver assistance apparatus and method for a driver assistance apparatus for verifying the safe operation of the apparatus. It is important to verify that operating instructions that dictate the operation of a driver assistance system are verified. The apparatus includes a safety electronic control unit and the safety electronic control unit includes operating instructions stored thereon that dictate the operation of the safety electronic control unit. The safety electronic control unit further includes a verified hash storage for storing a verified hash value of at least a portion of the operating instructions. The safety electronic control unit is configured to implement a verification routine, which includes calculating, using a hash function, a test hash value of the at least a portion of the operating instructions; comparing the test hash value with the verified hash value, and if the test hash value is not equal to the verified hash value, performing a safety routine.

Abstract: A method of certifying a state of a platform includes receiving one or more software elements of a software stack of the platform by an authentication module and performing a hash algorithm on the software stack to generate one or more hash values. The software stack uniquely determines a software state of the platform. The method includes generating creation data, a creation hash, and a creation ticket, corresponding to the hash values and sending the creation ticket to the platform. The method also includes receiving the creation ticket by the authentication module and certifying the creation data and the creation hash based on the creation ticket. The method further includes generating a certified structure based on the creation data and performing the hash algorithm on the certified structure to generate a hash of the certified structure. The certified structure uniquely determines the software state of the platform.

Abstract: A technique is disclosed for remotely managing isolated domains on mobile devices. A request is received from the mobile device to instantiate a managed domain. A managed domain configuration is determined and comprises a security policy controlling access to content of the managed domain of the subscribing mobile device, a content specification identifying the content to be downloaded by the subscribing mobile device into the managed domain, and a content configuration identifying a configuration of the content on the subscribing mobile device. The managed domain configuration is sent to the subscribing mobile device to instantiate a secure, managed domain whose policy, content and content configuration is remotely controlled. The technique is useful for advertising and brand promotion on mobile devices as it simultaneously enables detailed control over the presentation of content by a curator while ensuring privacy and security protection of the other apps, accounts and data on the mobile device.

Abstract: A system, apparatuses, and methods for device and network security are discussed herein. In an example, a security device for providing security to user-entered inputs includes a universal serial bus (“USB”) port configured to receive a connector of an input device and a USB connector configured to connect to a port of a user device. The apparatus also includes a processor configured to receive a string of characters from the input device that correspond to inputs made by a user into a web browser or application on the user device. The processor adds at least one security character to the string of characters to generate a watermark string, and transmits the watermark string to the user device. The processor is configured to format the at least one security character such that only the string of characters are displayed in the web browser or the application at the user device.

Abstract: The present invention relates to a device and method for authenticating users and obtaining user signatures, which can be provided in business services using networks and various user information devices including information devices equipped with touch displays such as smartphones, or desktop PCs, laptops, tablet PCs, CCTVs, IoT, self-driving cars, drones, etc. and, more specifically, to a device and method for authenticating users and obtaining user digital signatures which, as an encryption key/password generation and verification system for user authentication to be provided in various web-based businesses in which various information devices are serviced in a client-server or peer-to-peer model network environment and in app-based businesses running on a specific platform, is simpler and ensures confidentiality and security.

Abstract: A system and method for determining consent user interface validity for a provided consent user interface of a web form presenting consent information, comprising: accessing a consent user interface presented on a web form; determining one or more configuration attributes of the consent user interface; accessing one or more privacy regulations associated with presenting consent information; comparing the one or more configuration attributes of the consent user interface to each of the one or more privacy regulations; determining whether the consent user interface is compliant with each of the one or more privacy regulations; and in response to determining that the consent user interface is not compliant with one or more privacy regulations, flagging the consent user interface.

Abstract: A hardware wallet binding authorization method.

Abstract: Systems and methods include establishing a cryptographically secure communication between an application module and an audio module. The application module is configured to execute on an information-handling machine, and the audio module is coupled to the information-handling machine. The establishment of the cryptographically secure communication may be at least partially facilitated by a mutually trusted module.

Abstract: A method is disclosed. The method includes receiving, by a computer node in a network including a plurality of computer nodes, a plurality of data values from the plurality of computer nodes. Each computer node can create a data value based on a time that the computer node in the plurality of computer nodes takes to perform a function. The computer node can then provide the data values or derivatives thereof as random values to an entropy pool of random values. The computer node can then select a random value from the entropy pool and initiate use of the random value in an operation.

Abstract: A system and method for securely encrypting and booting a headless appliance. A method includes providing the headless appliance with content stored in a memory, wherein the content is encrypted with a key, and wherein the key is separately stored on a remote computing device; booting the headless appliance and loading a fallback configuration; in response to a user device connecting to the headless appliance, directing the user device to a captive portal and capturing credentials of a user; forwarding the credentials to the remote computing device for verification by an identity provider; in response to the credentials being verified as a non-administrator, granting access to a public network for the user; and in response to the credentials being verified as an administrator, obtaining the key from the remote computing device to decrypt the content to provide access to a private network for the user.

Abstract: Systems and methods for accessing credentials from a blockchain are provided. A computing device requests for a server to process a transaction. In response to the request, the server transmits a server public key to the computing device. A key generator of the computing devices uses the user private key and the server public key to generate a user public key. The user public key includes permissions to access credentials that are stored on blockchain. The server receives the user public key and generates a request for credentials to blockchain. The request includes the user public key and the server private key. The blockchain receives the request and generates an identity token. The identity token includes credentials that are specified in the user public key. The blockchain transmits the identity token to the server and the server uses the identity token to processes the transaction.

Abstract: Systems, methods, and apparatuses for authenticating requests to access one or more accounts over a network using authenticity evaluations of two or more automated decision engines are discussed. A login request for access to a user account may be submitted to multiple decision engines that each apply different rulesets for authenticating the login request, and output an evaluation of the authenticity of the login request. Based on evaluations from multiple automated decision engines, the login request may be allowed to proceed to validation of user identity and, if user identity is validated, access to the user account may be authorized. Based on the evaluations, the login attempt may also be rejected. One or more additional challenge question may be returned to the computing device used to request account access, and the login request allowed to proceed to validation of identity if the response to the challenge question is deemed acceptable.

Abstract: Embodiments described herein relate measuring and quantifying the privacy risk for disclosure of trajectory data based on one or more attributes of the trajectory data. Methods may include: receiving probe data points defining at least one trajectory; identifying attributes of the at least one trajectory, where the identified attributes include values for respective trajectories; calculating a privacy risk associated with the at least one trajectory based, at least in part, on a distribution of values of the identified attributes, where the privacy risk includes a measure of difficulty in identifying a source of the at least one trajectory; and providing information associated with the at least one trajectory for location-based services in response to the privacy risk satisfying a predetermined value.

Abstract: Aspects of the disclosure relate to using machine-learning models to determine graduated levels of access to secured data for remote devices. In some embodiments, a computing platform may establish a connection with a mobile device. Subsequently, based on establishing the connection, the platform may identify initial device information, device features, and user information. The platform may input the identified information into an authentication model to compute a baseline authentication score and then may identify an initial level of access to secured resources for the mobile device. Thereafter, the platform may receive from the mobile device, AR/VR device information captured by the mobile device. The platform may input the AR/VR device information into the authentication model to compute an augmented authentication score. Based on the augmented score, the platform may identify an augmented level of access to secured resources for the mobile device.

Abstract: In general, various aspects of the present disclosure provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for addressing a modified risk rating identifying a risk to an entity of having computer-implemented functionality provided by a vendor integrated with a computing system of the entity.

Abstract: A method, apparatus and system for secure one-way RFID tag identification is provided. The method comprising generating, at an RFID tag, an auxiliary identifier; generating, at an RFID tag, a secure representation based on the auxiliary identifier; transmitting, from the RFID tag and receiving at an RFID reader, one or more representations of the auxiliary identifier and the tag identifier including the secure representation; and verifying the identity of the RFID tag based on the received representations.

Abstract: A key sharing system that generates a shared key that is used to perform encrypted communication between a first device and a second device according to an authenticated key sharing protocol, at least one device of the first device and the second device including: calculation means for calculating a shared value ?j of shared values ?i (i=1, . . . , n) that are used to generate the shared key, the shared value ?j being calculated through pairing computation, using a private key DA,1 as an input; entrusting means for entrusting an information processing apparatus that is connected to the device via a network, with calculation of a shared value ?k (k?j) of the shared values ?i (i=1, . . . , n), the shared value ?k being calculated through pairing computation, using a private key DA,2 as an input; and key generation means for generating the shared key, using the shared value ?j calculated by the calculation means and the shared value ?k calculated by the information processing apparatus.