Abstract: An approach includes receiving a machine learning processing job, executing the machine learning processing job using parallel processing of multiple output pixels each cycle by walking data across processing elements with broadcast weights within regions and executing parallel multiplication operations, and generating an output indicating whether the machine learning processing job was successful or failed. In some embodiments, a schedule of actions is generated for respective machine learning processing jobs. The schedule of actions may include any of a plurality of shift operations in a many to many arrangement or a one to many arrangement, shifting data across region boundaries, fetching data and weights from a memory and distribution thereof to a plurality of regions (e.g., weights are distributed to respective weight memories which subsequently broadcasts those weights in a specified order based on a schedule of actions, and where data is distributed to respective processing elements).

Abstract: The present disclosure provides for a system ensuring the integrity of received data. The system includes a processor, a trusted platform module, and a memory storing instructions. Upon a request from the processor, the trusted platform module generates an asymmetric key pair including a private key and a public key. The trusted platform module provides the public key and an encrypted private key to the processor. The processor generates a checksum of received content data and sends the checksum to the trusted platform module. The processor also loads the encrypted private key into the trusted platform module. The trusted platform module decrypts the encrypted private key, encrypts the checksum with the private key, and provides the encrypted checksum to the processor. The processor sends the content data together with the encrypted checksum to an external device. The external device may decrypt the encrypted checksum with the public key.

Abstract: The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of automatic classification and modeling. The innovation can include determining a failure history of networked architecture, the failure history including data immediately prior to failure. The innovation can include machine learning the failure history to determine failure indicators. The innovation can include generating a black hole model based on the failure history and the machine learning. The innovation can include monitoring a networked architecture. The networked architecture has a set of elements comprising software elements and hardware elements interconnected in a common environment. Each element of the set of elements is monitored. The innovation can include determining an element is trending towards a failure. The trend is determined by a black hole model. The innovation can include enabling security features to prevent the element from failure.

Abstract: The present disclosure provides methods and systems for secure logon. One or more method includes: determining, via authentication information provided by a user of an electronic device, that the user is authorized to access an online account provided by the online account provider; providing the user with a selectable option to enable an expedited logon process by which the user can access the online account by solely providing a particular authentication item of the user; receiving a verification credential in response to a next logon attempt using the expedited logon process; and verifying that the received verification credential matches an assigned verification credential provided to the user for use in conjunction with the next logon attempt using the expedited logon process.

Abstract: A method is disclosed of a secure component (SC) of a local attestation server (LAS) for populating an enclave associated with the LAS. The SC comprises stored encrypted population information previously received in a data packet and encrypted by an encryption key matching a private decryption key of a trusted platform module (TPM) associated with the LAS. The method comprises receiving a public part of a temporary asymmetric key from the enclave, establishing a secure session between the SC and the TPM, sending (to the TPM by using the secure session) the encrypted population information and the public part of the temporary asymmetric key, receiving (from the TPM by using the secure session) the population information decrypted by the private decryption key and re-encrypted by the public part of the temporary asymmetric key, and transmitting the re-encrypted population information to the enclave. An additional method is also disclosed for enabling the population of the enclave.

Abstract: The invention relates to methods for implementing a unified framework for big data usage analytics and security profiling across heterogeneous platforms and multiple clusters. An embodiment of the present invention may be applied in various applications and use cases. This may include auditing for Big Data lakes; capacity assessment and charge back functionality for Big Data infrastructure and clusters and resource usage analytics.

Abstract: Methods, systems and computer program products are described to improve machine learning (ML) model-based classification of data items by identifying and removing inaccurate training data. Inaccurate training samples may be identified, for example, based on excessive variance in vector space between a training sample and a mean of category training samples, and based on a variance between an assigned category and a predicted category for a training sample. Suspect or erroneous samples may be selectively removed based on, for example, vector space variance and/or prediction confidence level. As a result, ML model accuracy may be improved by training on a more accurate revised training set. ML model accuracy may (e.g., also) be improved, for example, by identifying and removing suspect categories with excessive (e.g., weighted) vector space variance. Suspect categories may be retained or revised. Users may (e.g., also) specify a prediction confidence level and/or coverage (e.g., to control accuracy).

Abstract: Technology related to multi-device authentication is disclosed. In one example, a method can include receiving a request from a requesting client device to access a secured server. A command can be sent to an authenticating device to capture environmental information in proximity to the authenticating device. The captured environmental information can be used to verify the requesting client device and the authenticating device are near each other. The received request can be forwarded to the secured server in response to verifying the requesting client device and the authenticating device are near each other.

Abstract: In one aspect, a computerized-process for implementing Security Assessment For Enterprise (SAFE) Scoring Model include the step of generating a cybersecurity model by the following steps. The process determines a Governance Policy Score. The process determines a People Awareness Score. The process determines a Cybersecurity Architecture Score. The process determines an External Score. The process determines a Technology Score.

Abstract: A method for moderation in a permissioned blockchain using a hash-oriented scheme includes: storing a blockchain including a most recent block; receiving transaction data values; receiving a first reference value and a second reference value; generating a first hash value by hashing the first reference value; generating a block proof including the first hash value, a second hash value, a third reference value, and a block value; verifying a block header of the most recent block using the block proof; receiving a new block value; generating a new block header including the first reference value, the second reference value, a fourth reference value, and the new block value; generating a new block for the blockchain including the new block header and the transaction data values; and transmitting the new block to one or more additional nodes associated with the blockchain.

Abstract: A network-based service may provide a machine learning model for different clients. The network-based service may implement an interface that allows a client to identify a test data set for validating versions of the machine learning model specifically for the client. When a new version of the machine learning model is created, a validation test using the test data set identified by the client may be used. Results of the validation test may be used to make a decision regard whether to migrate workloads for the client to the new version of the machine learning model.

Abstract: A method of certifying a state of a platform includes receiving one or more software elements of a software stack of the platform by an authentication module and performing a hash algorithm on the software stack to generate one or more hash values. The software stack uniquely determines a software state of the platform. The method includes generating creation data, a creation hash, and a creation ticket, corresponding to the hash values and sending the creation ticket to the platform. The method also includes receiving the creation ticket by the authentication module and certifying the creation data and the creation hash based on the creation ticket. The method further includes generating a certified structure based on the creation data and performing the hash algorithm on the certified structure to generate a hash of the certified structure. The certified structure uniquely determines the software state of the platform.

Abstract: An electronic device is provided. The electronic device includes a display configured to display information, an input device configured to receive a user input, an image sensor, a processor electrically connected with the display, the input device, and the image sensor, and a non-transitory computer readable storage medium electrically connected with the processor that stores instructions that cause the processor to control the display to display first-level information as a locking mode is partially released when partial authentication passes based on bio-information acquired through the image sensor in a state in which the electronic device is in the locking mode, and control the display to display second-level information having a security level higher than a security level of the first-level information as the locking mode is fully released when full authentication passes based on a user input made through the input device.

Abstract: A system performs digital notarization using a biometric identification service. A signature requesting service receives a request to validate a digital item with a signature for a person. The signature requesting service provides a payload that identifies the digital item and/or the person to an identity service. The identity service obtains one or more digital representations of biometrics for the person, determines an identity for the person, and returns a data structure including the payload and one or more identity attestations regarding the determined identity. The identity service encrypts at least a portion of the data structure using a private encryption key. A public encryption key for the identity service can then be used to decrypt the portion to verify that the data structure was generated by the identity service after determining the identity. In this way, validation can be verified to the full trust level of the identification service.

Abstract: A method for applying agency and regulation modeling in a multi-tenant architecture system includes accessing merchant's representation in an identity manager. The merchant is managed via a full representation by an original identity manager. The method includes performing a first service for the merchant via the representation, and determining, based on results of the first service and on policies of the first service provider, that performance of a second service is required for completion of the first service. The second service is provided by a second service provider onboarded into the first service provider, where the second service amends policy requirements of the first service provider. The method includes accessing a first subservice of the second service using the representation to generate second results for use at a second subservice of the second service, the second subservice configured to use transaction resources of the first representation.

Abstract: A pseudonym credential configuration method and apparatus are provided. The method includes: receiving an identifier of a terminal device and information about N to-be-requested pseudonym credentials from the terminal device, sending N second request messages to a pseudonym credential generation server, and storing a tag of each second request message in association with the identifier of the terminal device in the registration server, so that the registration server can obtain, based on the tag, the identifier that is of the terminal device and that is associated with the tag; and generating N pseudonym credentials. The pseudonym credential generated in this application may enable a behavior investigation server to learn of a real identity of the terminal device.

Abstract: In general, various aspects of the present disclosure provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for addressing a modified risk rating identifying a risk to an entity of having computer-implemented functionality provided by a vendor integrated with a computing system of the entity.

Abstract: A system and method for determining consent user interface validity for a provided consent user interface of a web form presenting consent information, comprising: accessing a consent user interface presented on a web form; determining one or more configuration attributes of the consent user interface; accessing one or more privacy regulations associated with presenting consent information; comparing the one or more configuration attributes of the consent user interface to each of the one or more privacy regulations; determining whether the consent user interface is compliant with each of the one or more privacy regulations; and in response to determining that the consent user interface is not compliant with one or more privacy regulations, flagging the consent user interface.

Abstract: Provided is a process that includes sharing information among two or more parties or systems for modeling and decision-making purposes, while limiting the exposure of details either too sensitive to share, or whose sharing is controlled by laws, regulations, or business needs.

Abstract: Data processing systems and methods, according to various embodiments, are adapted for mapping various questions regarding a data breach from a master questionnaire to a plurality of territory-specific data breach disclosure questionnaires. The answers to the questions in the master questionnaire are used to populate the territory-specific data breach disclosure questionnaires and determine whether disclosure is required in territory. The system can automatically notify the appropriate regulatory bodies for each territory where it is determined that data breach disclosure is required.