Abstract: Respective cryptographic shares of password data, dependent on a user password, are provided at n authentication servers. A number t1?n of the password data shares determine if the user password matches a password attempt. Respective cryptographic shares of secret data, enabling determination of a username for each verifier server, are provided at n authentication servers. A number t2?t1 of the shares reconstruct the secret data. For a password attempt, the user computer communicates with at least t1 authentication servers to determine if the user password matches the password attempt and, if so, the user computer receives at least t2 secret data shares from respective authentication servers. The user computer uses the secret data to generate, with T?t1 of said t1 servers, a cryptographic token for authenticating the user computer to a selected verifier server, secret from said at least T servers, under said username.

Abstract: Respective cryptographic shares of password data, dependent on a user password, are provided at n authentication servers. A number t1?n of the password data shares determine if the user password matches a password attempt. Respective cryptographic shares of secret data, enabling determination of a username for each verifier server, are provided at n authentication servers. A number t2?t1 of the shares reconstruct the secret data. For a password attempt, the user computer communicates with at least t1 authentication servers to determine if the user password matches the password attempt and, if so, the user computer receives at least t2 secret data shares from respective authentication servers. The user computer uses the secret data to generate, with T?t1 of said t1 servers, a cryptographic token for authenticating the user computer to a selected verifier server, secret from said at least T servers, under said username.

Abstract: Respective cryptographic shares of password data, dependent on a user password, are provided at n authentication servers. A number t1?n of the password data shares determine if the user password matches a password attempt. Respective cryptographic shares of secret data, enabling determination of a username for each verifier server, are provided at n authentication servers. A number t2?t1 of the shares reconstruct the secret data. For a password attempt, the user computer communicates with at least t1 authentication servers to determine if the user password matches the password attempt and, if so, the user computer receives at least t2 secret data shares from respective authentication servers. The user computer uses the secret data to generate, with T?t1 of said t1 servers, a cryptographic token for authenticating the user computer to a selected verifier server, secret from said at least T servers, under said username.

Abstract: Respective cryptographic shares of password data, dependent on a user password, are provided at n authentication servers. A number t1?n of the password data shares determine if the user password matches a password attempt. Respective cryptographic shares of secret data, enabling determination of a username for each verifier server, are provided at n authentication servers. A number t2?t1 of the shares reconstruct the secret data. For a password attempt, the user computer communicates with at least t1 authentication servers to determine if the user password matches the password attempt and, if so, the user computer receives at least t2 secret data shares from respective authentication servers. The user computer uses the secret data to generate, with T?t1 of said t1 servers, a cryptographic token for authenticating the user computer to a selected verifier server, secret from said at least T servers, under said username.

Abstract: Respective cryptographic shares of password data, dependent on a user password, are provided at n authentication servers. A number t1?n of the password data shares determine if the user password matches a password attempt. Respective cryptographic shares of secret data, enabling determination of a username for each verifier server, are provided at n authentication servers. A number t2?t1 of the shares reconstruct the secret data. For a password attempt, the user computer communicates with at least t1 authentication servers to determine if the user password matches the password attempt and, if so, the user computer receives at least t2 secret data shares from respective authentication servers. The user computer uses the secret data to generate, with T?t1 of said t1 servers, a cryptographic token for authenticating the user computer to a selected verifier server, secret from said at least T servers, under said username.

Abstract: Respective cryptographic shares of password data, dependent on a user password, are provided at n authentication servers. A number t1?n of the password data shares determine if the user password matches a password attempt. Respective cryptographic shares of secret data, enabling determination of a username for each verifier server, are provided at n authentication servers. A number t2?t1 of the shares reconstruct the secret data. For a password attempt, the user computer communicates with at least t1 authentication servers to determine if the user password matches the password attempt and, if so, the user computer receives at least t2 secret data shares from respective authentication servers. The user computer uses the secret data to generate, with T?t1 of said t1 servers, a cryptographic token for authenticating the user computer to a selected verifier server, secret from said at least T servers, under said username.

Abstract: A method and system for calculating and ascribing reputation scores to Domain Name System (DNS) domain names, the method including capturing domain names appearing in a network during a predefined time frame and extracting features of each of the captured domain names, and calculating a reputation score for each of the captured domain names by assessing an expected life duration of each of the captured domain names based on the domain name features.

Abstract: Respective cryptographic shares of password data, dependent on a user password, are provided at n authentication servers. A number t1?n of the password data shares determine if the user password matches a password attempt. Respective cryptographic shares of secret data, enabling determination of a username for each verifier server, are provided at n authentication servers. A number t2?t1 of the shares reconstruct the secret data. For a password attempt, the user computer communicates with at least t1 authentication servers to determine if the user password matches the password attempt and, if so, the user computer receives at least t2 secret data shares from respective authentication servers. The user computer uses the secret data to generate, with T?t1 of said t1 servers, a cryptographic token for authenticating the user computer to a selected verifier server, secret from said at least T servers, under said username.

Abstract: Evaluating communications via a computer network for the presence of proxy-based communications, by sending to a computer via a computer network multiple data packets followed by an out-of-sequence data packet that is out-of-sequence relative to any of the multiple data packets, receipt of the out-of-sequence data packet configured to cause the computer to send an acknowledgement via the computer network, and to cause the requestor to send a second data request via the computer and the computer network, detecting receipt of the acknowledgement at a first time, detecting receipt of the second data request at a second time, calculating a time delay between the first time and the second time, performing the sending, detecting and calculating steps multiple times for calculating multiple time delays, and determining whether the requestor is communicating via a proxy by evaluating the multiple time delays with respect to a predefined proxy evaluation criterion.

Abstract: A cooperative vehicle monitoring method including, at an intravehicular monitor configured with each of a plurality of vehicles, gathering any in-vehicle data associated with the vehicle, detecting any intravehicular anomaly associated with the vehicle by analyzing the in-vehicle data, and reporting intravehicular information including any of the detected intravehicular anomaly and the in-vehicle data, and, at an extravehicular monitor, detecting any anomaly by analyzing the reported intravehicular information in combination with extravehicular data that are external to the plurality of vehicles, and reporting any of the intravehicular information, the extravehicular data, and any anomaly detected at the extravehicular monitor.

Abstract: Evaluating communications via a computer network for the presence of proxy-based communications, by sending to a computer via a computer network multiple data packets followed by an out-of-sequence data packet that is out-of-sequence relative to any of the multiple data packets, receipt of the out-of-sequence data packet configured to cause the computer to send an acknowledgement via the computer network, and to cause the requestor to send a second data request via the computer and the computer network, detecting receipt of the acknowledgement at a first time, detecting receipt of the second data request at a second time, calculating a time delay between the first time and the second time, performing the sending, detecting and calculating steps multiple times for calculating multiple time delays, and determining whether the requestor is communicating via a proxy by evaluating the multiple time delays with respect to a predefined proxy evaluation criterion.

Abstract: A method, system and computer-usable medium for performing an authorization operation on an Internet of Things (IoT) type device, comprising: providing each of a plurality of IoT type devices with a respective authorization system; receiving a request to share resources at one of the plurality of IoT type devices; determining via the respective authorization system whether the one of the plurality of IoT devices has an IoT resource available for sharing; and, enabling sharing of the IoT resource when the respective authorization system determines that the IoT resource is available for sharing.

Abstract: Techniques for monitoring a controller area network bus are described herein. In one example, a system comprises a processor that is to detect a message from a source electronic control unit in a vehicle and calculate a location of the source electronic control unit based on at least two arrival times, the arrival times indicating a distance between a first monitor and the source electronic control unit. The processor can also detect that the message corresponds to a function controlled by a second electronic control unit and generate a warning that the message from the source electronic control unit is malicious.

Abstract: Respective cryptographic shares of password data, dependent on a user password, are provided at n authentication servers. A number t1?n of the password data shares determine if the user password matches a password attempt. Respective cryptographic shares of secret data, enabling determination of a username for each verifier server, are provided at n authentication servers. A number t2?t1 of the shares reconstruct the secret data. For a password attempt, the user computer communicates with at least t1 authentication servers to determine if the user password matches the password attempt and, if so, the user computer receives at least t2 secret data shares from respective authentication servers. The user computer uses the secret data to generate, with T?t1 of said t1 servers, a cryptographic token for authenticating the user computer to a selected verifier server, secret from said at least T servers, under said username.

Abstract: A cooperative vehicle monitoring method including, at an intravehicular monitor configured with each of a plurality of vehicles, gathering any in-vehicle data associated with the vehicle, detecting any intravehicular anomaly associated with the vehicle by analyzing the in-vehicle data, and reporting intravehicular information including any of the detected intravehicular anomaly and the in-vehicle data, and, at an extravehicular monitor, detecting any anomaly by analyzing the reported intravehicular information in combination with extravehicular data that are external to the plurality of vehicles, and reporting any of the intravehicular information, the extravehicular data, and any anomaly detected at the extravehicular monitor.

Abstract: Respective cryptographic shares of password data, dependent on a user password, are provided at n authentication servers. A number t1?n of the password data shares determine if the user password matches a password attempt. Respective cryptographic shares of secret data, enabling determination of a username for each verifier server, are provided at n authentication servers. A number t2?t1 of the shares reconstruct the secret data. For a password attempt, the user computer communicates with at least t1 authentication servers to determine if the user password matches the password attempt and, if so, the user computer receives at least t2 secret data shares from respective authentication servers. The user computer uses the secret data to generate, with T?t1 of said t1 servers, a cryptographic token for authenticating the user computer to a selected verifier server, secret from said at least T servers, under said username.

Abstract: A method, system and computer-usable medium for performing an authorization operation on an Internet of Things (IoT) type device, comprising: providing each of a plurality of IoT type devices with a respective authorization system; receiving a request to share resources at one of the plurality of IoT type devices; determining via the respective authorization system whether the one of the plurality of IoT devices has an IoT resource available for sharing; and, enabling sharing of the IoT resource when the respective authorization system determines that the IoT resource is available for sharing.

Abstract: Evaluating communications via a computer network for the presence of proxy-based communications, by sending to a computer via a computer network multiple data packets followed by an out-of-sequence data packet that is out-of-sequence relative to any of the multiple data packets, receipt of the out-of-sequence data packet configured to cause the computer to send an acknowledgement via the computer network, and to cause the requestor to send a second data request via the computer and the computer network, detecting receipt of the acknowledgement at a first time, detecting receipt of the second data request at a second time, calculating a time delay between the first time and the second time, performing the sending, detecting and calculating steps multiple times for calculating multiple time delays, and determining whether the requestor is communicating via a proxy by evaluating the multiple time delays with respect to a predefined proxy evaluation criterion.

Abstract: Evaluating communications via a computer network for the presence of proxy-based communications, by sending to a computer via a computer network multiple data packets followed by an out-of-sequence data packet that is out-of-sequence relative to any of the multiple data packets, receipt of the out-of-sequence data packet configured to cause the computer to send an acknowledgement via the computer network, and to cause the requestor to send a second data request via the computer and the computer network, detecting receipt of the acknowledgement at a first time, detecting receipt of the second data request at a second time, calculating a time delay between the first time and the second time, performing the sending, detecting and calculating steps multiple times for calculating multiple time delays, and determining whether the requestor is communicating via a proxy by evaluating the multiple time delays with respect to a predefined proxy evaluation criterion.

Abstract: Techniques for monitoring a controller area network bus are described herein. In one example, a system comprises a processor that is to detect a message from a source electronic control unit in a vehicle and calculate a location of the source electronic control unit based on at least two arrival times, the arrival times indicating a distance between a first monitor and the source electronic control unit. The processor can also detect that the message corresponds to a function controlled by a second electronic control unit and generate a warning that the message from the source electronic control unit is malicious.