Abstract: A method is disclosed. An authentication node may receive a plurality of encrypted match values, wherein the plurality of encrypted match values were formed by a plurality of worker nodes that compare a plurality of encrypted second biometric template parts derived from a second biometric template to a plurality of encrypted first biometric template parts derived from a first biometric template. The authentication node may decrypt the plurality of encrypted match values resulting in a plurality of decrypted match values. The authentication node may then determine if a first biometric template matches the second biometric template using the plurality of decrypted match values. An enrollment node may be capable of enrolling a biometric template and storing encrypted biometric template parts at worker nodes.

Abstract: Embodiments of this disclosure disclose a key management method and a related device, the method including: selecting a random number and a key according to an operation instruction inputted by a user; generating a first encryption ciphertext of the key, according to the random number, the key, a first public key, and a second public key, the first public key being determined according to a point on an elliptic curve and a private key of a hardware security module (HSM), and the second public key being determined according to the point on the elliptic curve and a private key of the client; generating a symmetric key sequence according to the key and a preselected hash function; encrypting data according to the symmetric key sequence to obtain a data ciphertext; and transmitting the first encryption ciphertext and the data ciphertext to a cloud server.

Abstract: A control device includes: a feature extraction unit that calculates one or more feature amounts from one or more state values; a processing unit that calculates a score based on the one or plurality of feature amounts calculated by the feature extraction unit with reference to a learning model; a determination unit that generates a determination result indicating whether any abnormality has occurred in a monitoring target based on the score; a first data storage unit that stores at least one of data related to processing in the feature extraction unit and data related to processing in the processing unit; a second data storage unit that stores an arbitrary state value capable of being referred to by the control device; and an authority management unit that restricts access to the first data storage unit.

Abstract: The technical idea of the present invention relates to a method for forming a virtual private network based on post-quantum cryptography and a virtual private network operating system performing the same. The method for forming a virtual private network performing by a first device to form a virtual private network with a second device according to an embodiment of the present invention comprises the steps of: requesting a handshake for forming the virtual private network; receiving a signature and a public key; authenticating the second device by using the signature; generating a symmetric key by using the public key; and performing virtual private network communication by using the symmetric key, wherein the public key is generated by using at least one key vector corresponding to a grid.

Abstract: Typically, when a user switches sessions between devices, the user authenticates the sessions by providing user account information, password, and/or pin code input or other credentials. However, when the user is frequently switching sessions between devices, authenticating sessions may result in the user reducing or even stopping switching across mobile devices. Systems and methods according to this disclosure provide automatic session roaming across mobile devices using proximity authentication. Upon detecting an indication to initiate session roaming, the source device automatically roams the session on the source device to a target device based on a proximity of the source device to the target device. The session is handed off from the source device to the target device as an authenticated user session.

Abstract: A method of cracking a private key of an asymmetric cryptosystem includes extracting a modulus and a public key exponent from a public key, calculating the digital root of the modulus, deriving a set of candidate base pairs corresponding to the digital root and the last digit of the modulus, each of the candidate base pairs including a first candidate base and a second candidate base, iteratively testing values of a multiplier until a sum of one of the candidate bases with ninety times the multiplier is a factor of the modulus, and determining the private key using the public key exponent and the factor of the modulus. The method may further include decrypting an encrypted message using the private key.

Abstract: Aspects of the disclosure relate to multicomputer processing and dissemination of data files. A computing platform having at least one processor, a memory, and a communication interface may search one or more social media platforms for unauthorized dissemination of a data file. The computing platform may correlate a unique identifying feature(s) of the disseminated data file to that of a copy of the data file previously distributed to a linked user account. The computing platform may transmit, via the communication interface, to an administrative computing device, an unauthorized dissemination report which, when processed by the administrative computing device causes a notification to be displayed on the administrative computing device. The notification may identify the linked user account associated with the unauthorized dissemination, the name, content, or general nature of the data file, and/or the social media platform(s) on which the data file was discovered.

Abstract: A paper tray access system for a printer includes a locking cover of paper tray, an authentication device, a weight sensor located beneath the paper tray, a printer display, a computing device including electrical circuitry, a memory storing program instructions and at least one processor. The computing device is configured to receive user input from the authentication device and determine whether the user input matches the authentication record. When user input matches authentication record, the computing device presents a selection on printer display to access a paper tray, receives the selection, records a first weight of the paper tray upon receiving the selection, unlocks the locking cover, records a second weight of the paper tray, calculates an amount of papers removed from paper tray when second weight is less than first weight, and calculates an amount of papers added to paper tray when second weight is greater than first weight.

Abstract: Techniques for providing multi-access edge computing (MEC) services security in mobile networks (e.g., service provider networks for mobile subscribers, such as for 5G networks) by parsing Application Programming Interfaces (APIs) are disclosed. In some embodiments, a system/process/computer program product for MEC services security in mobile networks by parsing APIs in accordance with some embodiments includes monitoring network traffic on a mobile network at a security platform to identify an API message associated with a new session, wherein the mobile network includes a 5G network or a converged 5G network that includes a multi-access edge computing (MEC) service; extracting mobile network identifier information from the API message at the security platform; and determining a security policy to apply at the security platform to the new session based on the mobile network identifier information.

Abstract: In an example, a collection of compute resources corresponding to a class of devices is identified with a request and a synthesis routine is performed via a number of destinations corresponding to the class of devices. In an example, a type of compute resource to use with an operation of a request is determined, a device with the type of compute resource determined for the operation of the request is identified; the identified device performs the operation of the request within a bounds of a policy, and a result of the operation is communicated to a remote storage location.

Abstract: A system performs digital notarization using a biometric identification service. A signature requesting service receives a request to validate a digital item with a signature for a person. The signature requesting service provides a payload that identifies the digital item and/or the person to an identity service. The identity service obtains one or more digital representations of biometrics for the person, determines an identity for the person, and returns a data structure including the payload and one or more identity attestations regarding the determined identity. The identity service encrypts at least a portion of the data structure using a private encryption key. A public encryption key for the identity service can then be used to decrypt the portion to verify that the data structure was generated by the identity service after determining the identity. In this way, validation can be verified to the full trust level of the identification service.

Abstract: Systems, methods, and computer-readable storage media for ensuring electronic communications have not been intercepted and manipulated. An exemplary device generates a public/private pair of keys, and transmits the public key to another device with information about the data to be shared. The second device encrypts associated data, while also executing a hash function on at least a portion of the data. The first device receives the encrypted data, decrypts it, and verifies its accuracy using a third party. The third party also executes the hash function on the data received from the first device, and transmits the output of that hash function to the first device. Both the first device and second devices and display the hash values, allowing users to visually determine if the data has been manipulated during the transaction.

Abstract: Aspects of the disclosure relate to preventing unauthorized screen capture activity. A computing platform may detect, via an infrared sensor associated with a computing device, an infrared signal from a second device attempting an unauthorized image capture of contents being displayed by a display device of the computing device. Subsequently, the computing platform may determine, via the computing platform, the contents being displayed by the display device. Then, the computing platform may retrieve a record of the contents being displayed by the display device. Then, the computing platform may determine a risk level associated with the infrared signal. Subsequently, the computing platform may perform, via the computing platform and based on the risk level, a remediation task to prevent the unauthorized image capture.

Abstract: The present disclosure relates to a method for accessing a database stored on a server using a relation. The server is coupled to a client computer via a network, wherein the relation comprises first data items, the first data items forming a partially ordered set in the first relation, wherein for each first data item a referential connection exists in the database assigning said first data item to at least one second data item of the database. The method comprises: identifying first data items of the relation referencing N second data items; for each identified first data item modifying, using a same modification method, the identified first data item M times, wherein M?N, for obtaining M unique modified data items; associating with each of modified first data items of a given first data item a respective portion of the N referential connections of the given first data item; inserting the modified first data items in the relation, thereby replacing the identified first data items.

Abstract: Aspects of the disclosure relate to preventing unauthorized screen capture activity. A computing platform may detect, via an infrared sensor associated with a computing device, an infrared signal from a second device attempting an unauthorized image capture of contents being displayed by a display device of the computing device. Subsequently, the computing platform may determine, via the computing platform, the contents being displayed by the display device. Then, the computing platform may retrieve a record of the contents being displayed by the display device. Then, the computing platform may determine a risk level associated with the infrared signal. Subsequently, the computing platform may perform, via the computing platform and based on the risk level, a remediation task to prevent the unauthorized image capture.

Abstract: Aspects of the disclosure relate to preventing unauthorized screen capture activity. A computing platform may detect, via an infrared sensor associated with a computing device, an infrared signal from a second device attempting an unauthorized image capture of contents being displayed by a display device of the computing device. Subsequently, the computing platform may determine, via the computing platform, the contents being displayed by the display device. Then, the computing platform may retrieve a record of the contents being displayed by the display device. Then, the computing platform may determine a risk level associated with the infrared signal. Subsequently, the computing platform may perform, via the computing platform and based on the risk level, a remediation task to prevent the unauthorized image capture.

Abstract: A device may obtain registration data associated with a registration of an individual. The registration data may include an image that depicts a physical key and a reference object. The device may process the image to identify a first feature of the physical key and a first measurement of the first feature based on the size of the reference object. The device may store first feature data based on the first feature and the first measurement. The device may obtain second feature data based on a second feature of the physical key and a second measurement of the second feature identified from an insertion of the physical key into a keyhole of an authentication mechanism. The device may determine whether the first feature data corresponds to the second feature data. The device may authenticate the individual based on determining that the first feature data corresponds to the second feature data.

Abstract: Methods, systems, and devices for public key protection techniques are described. An embedded multimedia card (eMMC) may be formatted to include a permanent write protect group that is configured to prevent disabling of write protection for data stored in the permanent write protect group. The eMMC may store a public key associated with a first host device in the permanent write protect group of the eMMC. A data package may be received from the host device and authenticated by using the public key stored in the permanent write protect group. The embedded memory controller may be configured to prevent modifying or writing data to a permanent write protect group.

Abstract: A software defined data security level method, computer program product, and data processing system. One embodiment may comprise intercepting, by a processor at a data security layer, an input/output (IO) request from a local software application, wherein the IO request includes a header and a data payload, analyzing, by the processor at the data security layer, the data payload of the IO request relative to a service level agreement (SLA), assigning, by the processor at the data security layer, a security level to the IO request based on the analysis.

Abstract: The present application relates to networking technologies, communication cube technologies, and, more particularly, to methods, apparatus, techniques, and means for communication security, encryption, and privacy in network communications.