Abstract: Technologies to facilitate supervision of an online identify include a gateway server to facilitate and monitor access to an online service by a user of a “child” client computer device. The gateway server may include an identity manager to receive a request for access to the online service from the client computing device, retrieve access information to the online service, and facilitate access to the online service for the client computing device using the access information. The access information is kept confidential from the user. The gateway server may also include an activity monitor module to control activity between the client computing device and the online service based on the set of policy rules of a policy database. The gateway server may transmit notifications of such activity to a “parental” client computing device for review and/or approval, which also may be used to update the policy database.

Abstract: Measurement exchange networks and protocols to exchange measurements of a parameter amongst devices (e.g., IoT devices), select the best measurement(s), accuracy/precision-wise, and determine a process variable for a control system based on the selected best measurement(s). A device may select a peer-provided best measurement to output as the process variable in place of a local measurement, and/or compute the process variable from multiple best measurements (e.g., local and/or peer-provided measurements). Metadata may be used to select a measurement(s) and/or to increase reliability/trust of exchanged data. In this way, each device of an exchange group/network may obtain the highest measurement accuracy of all available collocated sensors with little or no additional processing or cloud connectivity.

Abstract: Technologies for audiovisual communication include an audiovisual server and a number of audiovisual client devices, including a presenter device and a number of audience devices. Each audience device captures an audiovisual stream and transmits the audiovisual stream to the audiovisual server. Each audience device also captures sensor input data such as eye tracking data or facial expression data and transmits abstracted sensor input data to the audiovisual server. The abstracted sensor input data may be based on the captured audiovisual stream. The audiovisual server determines an interestingness rating associated with each audience device based on the sensor input data, and selects one or more audiovisual streams based on the interestingness ratings. The audiovisual server transmits the selected audiovisual streams to the presenter device. The audiovisual server may update the interestingness rating algorithm based on feedback from the presenter device or the audience devices.

Abstract: Various embodiments are generally directed to techniques to detect and eradicate malware attacks by employing information indicative of malware activity received from both endpoint devices and network devices proving network services to endpoint devices. An apparatus to detect malware includes a processor component, an analysis component for execution by the processor component to employ a trust level assigned to a device in a network as a factor in an analysis of an indication received from the device of a malware attack, and an eradication component for execution by the processor component to determine an action to take through the network to eradicate the malware attack based on the analysis. Other embodiments are described and claimed.

Abstract: Technologies for audiovisual communication include an audiovisual server and a number of audiovisual client devices, including a presenter device and a number of audience devices. Each audience device captures an audiovisual stream and transmits the audiovisual stream to the audiovisual server. Each audience device also captures sensor input data such as eye tracking data or facial expression data and transmits abstracted sensor input data to the audiovisual server. The abstracted sensor input data may be based on the captured audiovisual stream. The audiovisual server determines an interestingness rating associated with each audience device based on the sensor input data, and selects one or more audiovisual streams based on the interestingness ratings. The audiovisual server transmits the selected audiovisual streams to the presenter device. The audiovisual server may update the interestingness rating algorithm based on feedback from the presenter device or the audience devices.

Abstract: Technologies for de-duplicating encrypted content include fragmenting a file into blocks on a computing device, encrypting each block, and storing each encrypted block on a content data server with associated keyed hashes and member identifications. The computing device additionally transmits each encrypted block with an associated member encryption key and member identification to a key server. As part of the de-duplication process, the content data server stores only one copy of the encrypted data for a particular associated keyed hash, and the key server similarly associates a single member encryption key with the keyed hash. To retrieve the file, the computing device receives the encrypted blocks with their associated keyed hashes and member identifications from the content data server and receives the corresponding member decryption key from the key server. The computing device decrypts each block using the member decryption keys and combines to blocks to generate the file.

Abstract: Distributed systems for protecting networked computer assets from compromise are disclosed. The distributed system includes one or more enterprise event sources, such as endpoint(s). The system also includes a server, such as a Big Data Analytics server, and optionally a security management server such as a Security Information and Event Management server. The Big Data Analytics server processes data collected from the enterprise event sources and produces behavioral profile models for each endpoint (or group of similar endpoints). The profiles, models, and ontology analysis are provided to the endpoints. Endpoint analytics use the output from the analytics servers to detect deviations from the endpoint's behavioral profile.

Abstract: Technologies to facilitate supervision of an online identify include a gateway server to facilitate and monitor access to an online service by a user of a “child” client computer device. The gateway server may include an identity manager to receive a request for access to the online service from the client computing device, retrieve access information to the online service, and facilitate access to the online service for the client computing device using the access information. The access information is kept confidential from the user. The gateway server may also include an activity monitor module to control activity between the client computing device and the online service based on the set of policy rules of a policy database. The gateway server may transmit notifications of such activity to a “parental” client computing device for review and/or approval, which also may be used to update the policy database.

Abstract: There is disclosed in an example, a computing apparatus, including: a trusted execution environment (TEE); and one or more logic elements providing a collaboration engine within the TEE, operable to: receive a change to a secured document via a trusted channel; apply a change to the secured document; log the change to a ledger; and display the document to a client device via a protected audio-video path (PAVP). There is also disclosed a method of providing a collaboration engine, and a computer-readable medium having stored thereon executable instructions for providing a collaboration engine.

Abstract: The present disclosure is directed to systems and methods for the selective introduction of low-level pseudo-random noise into at least a portion of the weights used in a neural network model to increase the robustness of the neural network and provide a stochastic transformation defense against perturbation type attacks. Random number generation circuitry provides a plurality of pseudo-random values. Combiner circuitry combines the pseudo-random values with a defined number of least significant bits/digits in at least some of the weights used to provide a neural network model implemented by neural network circuitry. In some instances, selection circuitry selects pseudo-random values for combination with the network weights based on a defined pseudo-random value probability distribution.

Abstract: Various embodiments are generally directed to techniques for library behavior verification, such as by generating executables for software with indications of permitted behaviors by the library. Some embodiments are particularly directed to monitoring library behavior and performing one or more protective actions based on abnormal or unpermitted library behavior. In many embodiments, libraries and library manifests may be validated based on one or more signatures. In various embodiments, library behavior data comprising a set of permitted behaviors for the library may be determined based on the library manifest. In various such embodiments, a compiler may embed indications of the permitted library behavior in executables.

Abstract: There is disclosed in one example a computing apparatus to broker purchase of an item or service between a consumer and seller, including: a hardware platform including a processor; and a memory, including executable instructions to instruct the hardware platform to: receive an encrypted payload including a request from a consumer to purchase the item or service, the encrypted payload including information about the consumer; without exposing the information about the consumer to the seller, determine, based on the seller's availability to sell the item or service and the seller's preferences for selling the item or service, that the request matches the seller's availability and preferences; and send a notification that the seller will sell the item or service.

Abstract: Methods, apparatus, systems and articles of manufacture to protect sensitive information in video collaboration systems are disclosed. A disclosed example method includes an analytics engine to recognize a feature in a first frame of a first video stream, a policy enforcer to apply an obscuration policy to the recognized feature to identify whether to mask the recognized feature, and a masker to obscure the recognized feature in the first frame to form a second frame in a second video stream.

Abstract: A circuit includes a first communication interface configured to receive first sensor data from a stationary sensor. The first sensor data include a result of a first sensing of a local environment of the stationary sensor performed by the stationary sensor. The circuit may further include a second communication interface configured to receive second sensor data from an unmanned aerial vehicle. The second sensor data include a result of a second sensing of at least a portion of the local environment of the stationary sensor performed by a sensor of the unmanned aerial vehicle. The circuit may further include one or a plurality of processors configured to compare the first sensor data and the second sensor data and to classify the at least one stationary sensor based on a result of the comparison.

Abstract: Embodiments of methods, apparatuses, and storage mediums associated with eye movement based knowledge demonstration, having a particular application to authentication, are disclosed. In embodiments, a computing device may determine whether a received input of a pattern of eye movements is consistent with an expected pattern of eye movements of a user when the user attempts to visually locate a piece of information embedded in a display. In embodiments, the expected pattern of eye movements may include patterns related to fixations and/or other statistical patterns, however, may not be limited to such patterns. In applications, determining consistency or correlation with the expected pattern of eye movements may identify the user by simultaneously verifying at least factors of authentication—that of biometric criteria related to a user's pattern of eye movements and a password or other information known to the user.

Abstract: In an example, there is disclosed a computing apparatus having one or more logic elements forming a non-encrypted flow processor engine; and one or more logic elements forming a service selection engine, wherein the one or more logic elements include a trusted execution environment (TEE), and wherein the service selection engine is operable to; receive from the flow processor engine an encrypted payload; determine that the encrypted payload satisfies at least one selection criterion; and provide a notification of satisfaction to the flow engine. There is further disclosed a method of performing the operations disclosed, and one or more computer-readable mediums having stored thereon executable instructions to perform the method.

Abstract: Measurement exchange networks and protocols to exchange measurements of a parameter amongst devices (e.g., IoT devices), select the best measurement(s), accuracy/precision-wise, and determine a process variable for a control system based on the selected best measurement(s). A device may select a peer-provided best measurement to output as the process variable in place of a local measurement, and/or compute the process variable from multiple best measurements (e.g., local and/or peer-provided measurements). Metadata may be used to select a measurement(s) and/or to increase reliability/trust of exchanged data. In this way, each device of an exchange group/network may obtain the highest measurement accuracy of all available collocated sensors with little or no additional processing or cloud connectivity.

Abstract: Providing peer-to-peer network security includes collecting, by a local trusted network device, local trust data related to behavior of the local trusted network device, receiving, by one or more remote trusted network devices, additional trust data for the local trusted network device, calculating a combined trust score for the local trusted network device based on the local trust data and additional trust data, and modifying activity of the local trusted network device based on the combined trust score.

Abstract: A method and apparatus for network security elements using endpoint resources. An embodiment of a method includes receiving a request for access to a network at an endpoint server. The method further includes detecting that the request for access to the network includes a request that is unauthorized. The request for access to the network is directed to a network security element.

Abstract: Methods and apparatus to securely share data are disclosed. An example includes retrieving, by executing an instruction with a processor at a first computing device associated with a first user of a cloud service, an encrypted archive file and a wrapped encryption key from a second computing device associated with a second user of the cloud service, the wrapped encryption key wrapped with key data associated with the first user of the cloud service at the second computing device, unwrapping the wrapped encryption key with the key data to obtain an unwrapped encryption key, and decrypting the encrypted archive file with the unwrapped encryption key to obtain a decrypted archive file.