Abstract: Systems, devices, media, and methods are presented for device independent secure messaging. The systems and methods generate an encrypted message by encrypting message content, designated for a specified recipient, with an encryption key. The systems and methods select a set of recipient keys, associated with the specified recipient, from a plurality of member keys. For each recipient key, the systems and methods encrypt the encryption key to generate a set of encrypted keys and transmit the encrypted message and an encrypted key of the set of encrypted keys to one or more client devices associated with the specified recipient. The systems and methods then receive an acknowledgement indicating a termination status of the encrypted message.

Abstract: A system and method for detecting replay attacks on secure data are disclosed. A system on a chip (SOC) includes a security processor. Blocks of data corresponding to sensitive information are stored in off-chip memory. The security processor uses an integrity data structure, such as an integrity tree, for the blocks. The intermediate nodes of the integrity tree use nonces which have been generated independent of any value within a corresponding block. By using only the nonces to generate tags in the root at the top layer stored in on-chip memory and the nodes of the intermediate layers stored in off-chip memory, an amount of storage used is reduced for supporting the integrity tree. When the security processor detects events which create access requests for one or more blocks, the security processor uses the integrity tree to verify a replay attack has not occurred and corrupted data.

Abstract: A method of response signal processing applied in traction power networks, comprising establishing an data transmission channel between a target and a backend terminal through a relay router in a power distribution room; delivering a temperature-humidity information to the backend terminal by the target through the data transmission channel, and a response signal being delivered to the relay router; the relay router determining a second signal to noise ratio (SNR) according to a first SNR of the data transmission channel responded from the target when a noise ratio (NR) adjusting requirement is satisfied; the relay router determining a first identification of encryption algorithm based on the second SNR, and transmitting the first identification of encryption algorithm to the target. The present invention avoids the needs for retransmitting encrypted response signals for several times during transmission between the backend terminal and the charging controller.

Abstract: This disclosure relates to method and system for generating cognitive security intelligence for detecting and preventing malwares. In one embodiment, the method includes monitoring instructions being executed by a processor of a computing system, determining events triggered and activities performed by the execution of the instructions, correlating the events and the activities to determine a sequence of events and activities, and mapping the sequence of events and activities with a topographical threat map to detect a pattern match corresponding to a malware. The topographical threat map is event and activity behavior map of a number of categories of malwares, and is built based on a cognitive analysis using deep learning which may also be enriched with external knowledge or historic knowledge. The method further includes effecting a remedial measure, upon detecting the pattern match, to prevent the malware by constructing remedial instructions to be executed by the processor.

Abstract: A system for capturing communication variables associated with a communication between two or more parties and implementing a quantum optimizer to analyze the communication variables to determine the actual context of a communication held by one or more parties to the communication. Once the actual context is determined, a further determination is made as to whether the actual context poses or potentially poses a security threat to one or more parties to the communication or a third-party and, if so, notifies the party of the security threat. In this regard, parties to a communication that are unaware of the actual context of the communication held by another party are made aware of that actual context poses a security threat and, in some embodiments, notifies the parties while the communication is still occurring.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for claim verification. One of the methods includes: receiving, from a first entity, a request for verifying a verifiable claim (VC) that comprises a digital signature; obtaining, based on the VC, a public key associated with a second entity; determining that the digital signature is created based on a private key associated with the public key; and verifying the VC based on the determination.

Abstract: A method for providing a data record of a vehicle to a third party includes: receiving a cryptographic key pair including a public, cryptographic key and a private, cryptographic key; receiving the data record of the vehicle; encrypting the received data record by the public, cryptographic key; transmitting the encrypted data record to a data memory for storing the encrypted data record; generating a cryptographic hash value for the encrypted data record; transmitting the hash value of the encrypted data record to a blockchain database for storing the hash value of the encrypted data record; receiving a request message from a third party for retrieving the data record; generating a first request message to the data memory and a second request message to the blockchain database on the basis of the received request message; transmitting the first request message to the data memory and the second request message to the blockchain database; receiving the encrypted data record from the data memory in response to t

Abstract: Technologies for attesting a deployment of a workload using a blockchain includes a compute engine that receives a request from a remote device to validate one or more parameters of a managed node composed of one or more sleds. The compute engine retrieves a blockchain associated with the managed node. The blockchain includes one or more blocks, each block including information about the parameters of the managed node. The compute engine validates the blockchain and sends an indication that the blockchain is valid to the requesting device.

Abstract: A method, computer program product and computer system are provided. A processor retrieves a target file for inspection of malware. A processor converts the target file to a time domain format. A processor determines one or more time-frequency domain features of the converted target file. A processor generates a malicious classification for the target file based on the one or more time-frequency domain features of the converted target file and one or more classification models.

Abstract: Disclosed systems and methods initiate an instance of an isolated application on a node computing device. The systems determine that the isolated application requests exclusive access to a block storage resource, create a control group associated with the block storage resource to provide access to members of the control group and set an access rate limit to zero for non-members of the control group, and assign the isolated application to the control group.

Abstract: Methods and systems for access in a management controller group hierarchy may involve receiving a request for a user at an information handling system, determining whether a link of trust is established, and validating the single sign-on request. The request may be to authenticate the user for access using a single sign-on token. Determination of whether the link of trust is established may be based on an initial login location stored in the single sign-on token. Validation of the single sign-on token may be based on a determination that the link of trust is established.

Abstract: Embodiments are directed toward techniques to detect a first function associated with an address space initiating a call instruction to a second function in the address space, the first function to call the second function in a deprivileged mode of operation, and define accessible address ranges for segments of the address space for the second function, each segment to a have a different address range in the address space where the second function is permitted to access in the deprivileged mode of operation, Embodiments include switching to the stack associated with the second address space and the second function, and initiating execution of the second function in the deprivileged mode of operation.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for obtaining identity verification information of a patient. Verifying the patient's identity by: obtaining an indication that the patient identification document is authentic, and verifying that the representation of a biometric of the patient corresponds to a biometric indicated on the patient identification document. Determining that a physical location of a computing device is proximate to a physical location of the patient. In response to verifying the patient and determining that the physical location of the computing device is proximate to the physical location of the patient, determining eligibility of the patient to receive services from the service provider.

Abstract: A device may receive a file that has been downloaded, or is to be downloaded, to a user device, and that is to be subject to a malware detection procedure. The device may obtain, based on one or more file identification properties of the file, metadata identifying user interactions associated with the file. The metadata may include a first group of user interactions performed when the file was accessed on the user device or a second group of user interactions performed when the file was accessed on one or more other user devices. The device may test the file in a sandbox environment to obtain a result by performing the user interactions identified by the metadata and executing the malware detection procedure to determine whether the file is malware. The device may provide a notification to cause the user device to perform actions when the file is malware.

Abstract: Methods and apparatus, including computer program products, are provided for processing analyte data. In some example implementations, a method may include receiving, at a first processing system including a user interface, an installation package including a plug-in and code configured to provide at the first processing system an interface between a sensor system configured to measure an analyte concentration level in a host and a second processing system; storing, by the first processing system, the installation package in a location based on a role of a user initiating the installation of the code; installing the plug-in for the user interface to enable the plug-in to control one or more aspects of an installation of the code; and initiating, by at least the plug-in, the installation of the code at the first processing system to provide the interface. Related systems, methods, and articles of manufacture are also disclosed.

Abstract: Methods, apparatus, systems and articles of manufacture for producing generic Internet Protocol (IP) reputation through cross-protocol analysis are disclosed. An example apparatus includes a data collector to gather a first data set representing IP telemetry data for a first protocol, the data collector to gather a second data set representing IP telemetry data for a second protocol different from the first protocol. A label generator is to generate a training data set based on records in the first data set and the second data set having matching IP addresses, the training data set to include combined label indicating whether each of the respective matching IP addresses is malicious. A model trainer is to train a machine learning model using the training data set. A model executor is to, responsive to a request from a client device, execute the machine learning model to determine whether a requested IP address is malicious.

Abstract: Systems and methods are provided for collaborative decision-making in medicine. The systems can employ a distributed record-keeping and verification system to solicit suggested modifications to an initial healthcare regime from interested healthcare workers. The systems can aggregate the suggested modifications and use a consensus algorithm to determine the most appropriate modification.

Abstract: Methods, systems, and devices are described herein for delivering protected data to a trusted execution environment (TrEE) associated with a potentially untrusted requestor. In one aspect, a targeting protocol head may receive a request for protected data from a potentially untrusted requestor associated with a TrEE, and an attestation statement of the TrEE. The targeting protocol head may retrieve the protected data, and obtain a targeting key of the TrEE from, for example, the request in the case of clean room provisioning, or the attestation statement. The targeting protocol head may generate targeted protected data by encrypting the protected data with the targeting key, and provide the targeted protected data to the potentially untrusted requestor, where a private targeting key of the TrEE is required to decrypt the targeted protected data.

Abstract: Hardware circuitry, in response to receiving a request for an authentication value of a plurality of authentication values of a replaceable item from a host device to which the replaceable item has been connected, determines that the authentication value was not previously sent. The circuitry responsively determines that the replaceable item previously sent a maximum number of unique authentication values of the authentication values. The maximum number of unique authentication values is less than a total number of the authentication values. The circuitry responsively sends the authentication value to the host device. The circuitry, once the authentication value has been sent or will have been sent to the host device, determines that the maximum number of unique authentication values has now been sent, and in response prohibits the authentication values that have not been sent from being sent later.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for claim verification. One of the methods includes: receiving, from a first entity, a request for verifying a verifiable claim (VC) that comprises a digital signature; obtaining, based on the VC, a public key associated with a second entity; determining that the digital signature is created based on a private key associated with the public key; and verifying the VC based on the determination.