Abstract: A device, system, and method is provided to mimic a pre-trained target model without access to the pre-trained target model or its original training dataset. A set of random or semi-random input data may be sent to randomly probe the pre-trained target model at a remote device. A set of corresponding output data may be received from the remote device that is generated by applying the pre-trained target model to the set of random or semi-random input data. A random probe training dataset may be generated comprising the set of random or semi-random input data and corresponding output data generated by randomly probing the pre-trained target model. A new model may be trained with the random probe training dataset so that the new model generates substantially the same corresponding output data in response to said input data to mimic the pre-trained target model.

Abstract: System, apparatus, device, method and/or computer program product are disclosed for detecting the authenticity of an image file transferred from a device to a server based on an image authenticity detection configuration determined by a server application. A device application is operated by a device, and a server application is operated by a server. The device application sends, to the server application, user data, device data, or environment data. The server application determines an image authenticity detection configuration to indicate one or more parameters to be used by the device to generate a first image file, and authorized changes to be made to the first image file to generate a second image file. The device application sends the second image file to the server application. The server application detects whether the received second image file contains changes matching authorized changes indicated by the image authenticity detection configuration.

Abstract: A method for generation of blocks for a partitioned blockchain includes: storing blocks comprising a partitioned blockchain, wherein each block includes a header and transaction entries; receiving transaction data entries for each of a plurality of subnets; generating a hash value of the header included in the most recently added block; generating a new block header, the new block header including the generated hash value, a timestamp, and a sequence of pairs including a pair for each of the plurality of subnets, each pair including a subnet identifier associated with the respective subnet and a merkle root of each of the transaction data entries received for the respective subnet; generating a new block, the new block including the generated new block header and the transaction data entries for each of the plurality of subnets; and transmitting the new block to a plurality of nodes associated with the partitioned blockchain.

Abstract: A hardware database privacy device is communicatively coupled to a private database system. The hardware database privacy device receives a request from a client device to perform a query of the private database system and identifies a level of differential privacy corresponding to the request. The identified level of differential privacy includes privacy parameters (?,?) indicating the degree of information released about the private database system. The hardware database privacy device identifies a set of operations to be performed on the set of data that corresponds to the requested query. After the set of data is accessed, the set of operations is modified based on the identified level of differential privacy such that a performance of the modified set of operations produces a result set that is (?,?)-differentially private.

Abstract: Systems, methods, and apparatuses for providing dynamic, prioritized spectrum utilization management. The system includes at least one monitoring sensor, at least one data analysis engine, at least one application, a semantic engine, a programmable rules and policy editor, a tip and cue server, and/or a control panel. The tip and cue server is operable utilize the environmental awareness from the data processed by the at least one data analysis engine in combination with additional information to create actionable data.

Abstract: A voice recognition system includes a server storing a plurality of manuals and a display apparatus transmitting, when a spoken voice of a user is recognized, characteristic information and a spoken voice signal corresponding to the spoken voice to the server, the characteristic information is characteristic information of the display apparatus, the server transmits a response signal to the spoken voice signal to the display apparatus based on a manual corresponding to the characteristic information among the plurality of manuals, and the display apparatus processes an operation corresponding to the received response signal; as a result, user convenience increases.

Abstract: Embodiments enable a displayed webpage containing sensitive information to be accurately and efficiently sanitized. The sensitive information is contained within a text string of the webpage and displayed using a font specified in a style sheet. The text string that is to be sanitized is determined based on a tag for sanitization associated with the text string. When the tag is determined the text string is rendered using a font from the style sheet that is not legible. Upon rendering, the text string of the webpage is redisplayed using the non-legible font, which effectively sanitizes the text string containing the sensitive information.

Abstract: The disclosure herein describes handling tokenization requests associated with electronic transactions at a payment network at a throttled processing rate. Tokenization requests are received by tokenization stream brokers from request sources. The tokenization requests include primary account numbers (PANs) to be tokenized. The tokenization requests are then consumed from the tokenization stream brokers, at a request storage rate, for storage in a request data store. Tokenization operations are then performed, at a request processing rate, based on the tokenization requests stored in the request data store. The tokenization operations include providing at least the primary account numbers to be tokenized to issuers associated with the tokenization requests at issuer tokenization rates associated with the issuers, whereby the request processing rate is throttled for compatibility with capabilities of the system and the issuers without unnecessary limitations placed on request sources.

Abstract: Embodiments described herein enable data associated with a large plurality of users to be analyzed without compromising the privacy of the user data. In one embodiment, a user can opt-in to allow analysis of clear text of the user's emails. An analysis process can then be performed in which an analysis service receives clear text of an email of a client device; processes the clear text of the email into one or more tokens having one or more tags; enriches one or more tokens in the processed email using data associated with a user of the client device and the one or more tags; and processes the clear text and one or more enriched tokens to generate a data set of one or more feature vectors.

Abstract: Embodiments disclosed herein generally relate to a system and method for proactively generating an intervening message for a remote client device in response to an anticipated user action. A computing system receives one or more streams of user activity. The one or more streams of user activity include interaction with a server of an organization via an application executing on the remote client device. The computing system inputs the one or more streams of user activity into a prediction model. The computing system identifies an anticipated user action based on a prediction output from the prediction model. The computing system determines, based on a solution model, a proposed solution to the anticipated user action. The computing system generates an anticipated message to be transmitted to the remote client device of the user. The computing system transmits the anticipated message to the remote client device of the user.

Abstract: Aspects of the technology described herein provide a more efficient user interface by providing suggestions that are tailored to a specific user's interests. The suggestions may be provided by a personal assistant or some other application running on a user's computing device. A goal of the technology described herein is to provide relevant suggestions when the user can and actually wants to use them. The suggestions are designed to provide information or services the user wants to use.

Abstract: Provided is a training method of a neural network that is applied to an audio signal encoding method using an audio signal encoding apparatus, the training method including generating a masking threshold of a first audio signal before training is performed, calculating a weight matrix to be applied to a frequency component of the first audio signal based on the masking threshold, generating a weighted error function obtained by correcting a preset error function using the weight matrix, and generating a second audio signal by applying a parameter learned using the weighted error function to the first audio signal.

Abstract: A magnetic recording medium processing apparatus may include a coil structured to generate a magnetic field, a magnetic field generation control part which controls generation of the magnetic field in the coil, a sensor structured to execute acquisition of predetermined information, and a sensor control part which controls execution of the acquisition of the information in the sensor. The sensor control part may request the magnetic field generation control part to stop magnetic field generation from the coil at a timing earlier by a predetermined time period than a start timing when the sensor starts the acquisition of the information, and the magnetic field generation control part may stop the generation of the magnetic field from the coil when stop of the magnetic field generation is requested by the sensor control part.

Abstract: In some implementations, there is provided a method including validating, by an orchestrator, a deletion request by publishing a validation message to a plurality of applications including a first application and a second application, the validation message including an entity type and at least one criterion, the entity type associated with an entity structure of data entities. Related systems and articles of manufacture are also disclosed.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for obtaining image data of an identification (ID) document and identifying a pattern of the ID document based on analysis of the image data against a predefined patterns for a particular type of document. An identifier engine of the system computes a frequency metric that defines how often the pattern reoccurs at the ID document and generates a unique identifier for the ID document based on the computed frequency metric. The unique identifier is stored at a digital fingerprint database of the system as a digital fingerprint for the ID document.

Abstract: A system and method for applying noise to data is described. The system accesses a metric value of a metric of each user from a group of users of an application. The metric indicates a measure of an operation of the application by a corresponding user. The system generates noise values and defines a distribution of the noise values to the group of users. The system modifies the metric value of the metric of each user with a corresponding noise value from the noise values based on the distribution.

Abstract: In some embodiments, a robotic process automation (RPA) robot is configured to identify a runtime target of an automation activity (e.g., a button to click, a form field to fill in, etc.) by searching a user interface for a UI element matching a set of characteristics of the target defined at design-time. When the target identification fails, some embodiments display an error message indicating which target characteristic could not be matched. Some embodiments further display for selection by the user a set of alternative target elements of the runtime interface.

Abstract: A method for providing notification information by an electronic device is provided. The method includes the operations of operating in a normal mode in which notification information is provided, identifying existence of a different person near the electronic device while operating in the normal mode, determining whether the different person is an information sharer allowed by a user of the electronic device to share notification information, operating in the normal mode in which notification information is provided without being limited, in response to determining that the different person is an information sharer, and operating in a privacy mode in which notification information is limited and provided, in response to determining that the different person is not an information sharer.

Abstract: One embodiment provides a system, method, and device for communicating inaudible tones. An audio file is received. One or more inaudible tones are embedded in the audio file. The information is associated with the inaudible tones. The audio file is distributed with the embedded one or more inaudible tones.

Abstract: Systems and methods that provide secure analytics using homomorphic and injective format-preserving encryption and an encrypted analytics matrix are disclosed herein. An example method includes encoding an analytic parameter set using a homomorphic encryption scheme as a homomorphic analytic matrix; transmitting a processing set to a server system, the processing set including at least the homomorphic analytic matrix and a keyed hashing function; and receiving a homomorphic encrypted result from the server system, the server system having utilized the homomorphic encryption scheme, the keyed hashing function, and a format preserving encryption scheme to evaluate the homomorphic analytic matrix over a datasource.

Abstract: A method for shared secret agreement with forward secrecy includes generating a first plurality of bits of data using a cryptographically secure pseudo-random number generator applied to a node seed value and at least one index value, transmitting the first plurality of bits of data through a shared communication medium simultaneously to transmission of a second plurality of bits of data from a second node, identifying shared secret data with the second node using a portion of the first plurality of bits of data that are logical complements of the second plurality of bits of data, generating a shared seed value using a cryptographically secure one-way function applied to the shared secret data, and generating an updated node seed value using the cryptographically secure one-way function applied to the node seed value to replace the node seed value.

Abstract: An apparatus and method are described for obscuring wireless communication patterns. For example, one embodiment of a system comprises: an Internet of Things (IoT) device comprising a wireless communication interface to establish communication with an IoT service; the IoT device including an application to execute commands received from the IoT service and to responsively generate a response; and messaging obfuscation logic to modify timing for transmitting the response to the IoT service.

Abstract: In accordance with an aspect of the present disclosure, a method for encrypting/hiding or decrypting/unhiding a target object on a device is provided. The method comprises binding with a binding module; detecting an operation instruction for the target object; analyzing the detected operation instruction; outputting information to be confirmed for encrypting or hiding the target object if the detected operation instruction for the target object is a preset encryption instruction or a preset hiding instruction; and encrypting or hiding the target object after receiving a confirmation input.

Abstract: Provided is an information processing apparatus, including: a line-of-sight detection unit configured to detect lines of sight of a plurality of users with respect to presentation information; and an area determination unit configured to determine, on the basis of the detected lines of sight of the plurality of users, a shared area that is visually recognized by the plurality of users to share information and a confidential area that is not visually recognized by another user to keep information of each user confidential.

Abstract: Systems for dynamic watermarking within a cloud-based collaboration environment. Storage facilities are managed by servers to provide cloud-based storage services to two or more client entities as a service across a network. The servers maintain versions of editable documents or photo images or video clips using a version indication. Dynamic watermarking applies a first watermark image to a first version of the editable document and grants edit access to a first client entity of the two or more client entities. While the first client entity has edit access to the first version of the editable document the system generates a second version of the editable document and applies a second watermark image to the second version of the editable document before delivering the second version to a second client entity. A security watermark is based on a user credential, and a leak source can be determined based the user credential.

Abstract: Example embodiments of systems and methods for data transmission system between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can generate the diversified key based on the master key and can decrypt the data and validate the protected counter value using the diversified key. In an embodiment, the transmitting device can signal an attack or potential attack through the counter value. The attack signaling can further include information relating to the attack or potential attack.

Abstract: A receiver device includes a radio frequency receiver and a processing circuit. The radio frequency receiver receives an incoming signal including a radio frequency satellite signal.

Abstract: An example method may include transmitting a noise signal through a reader connection of a magnetic reader element. The control component and the magnetic reader element may be associated with a card reader device of a transaction device, and the magnetic reader element may be configured to read a magnetic strip of a transaction card. The method may include receiving, from the magnetic reader element, a reader connection signal from the reader connection. The reader connection signal may include the noise signal. The method may include extracting, from the reader connection signal, a card information signal associated with the transaction card from the magnetic strip. The card information signal may be extracted based on the noise signal. The method may include performing an action associated with the card information signal.

Abstract: Methods, apparatus, systems and articles of manufacture to implement a signal scrambler are disclosed. An example method includes generating, by executing an instruction with a processor, a controlled random sequence based on a plurality of subcarriers and a random pulse sequence. The example method also includes forming, by executing an instruction with the processor, an output sequence by combining a source sequence with the controlled random sequence, the controlled random sequence to modify a characteristic of the source sequence in a frequency domain.

Abstract: A contactless payment device and method streams a sequence of magnetic-field pulses directly to two magnetic-stripe read heads of a point-of-sale terminal. The stream of pulses includes essential information needed to approve a transaction. The essential information is structured for a primary “channel” associated with one of the read heads. A series of “proxy” bits are included in the stream in order to satisfy the data collection requirements for a secondary channel associated with the other read head. The proxy bits are included in a custom bit stream that may be used to improve acceptance of payment transmission data at a POS terminal.

Abstract: A system for generating and detecting watermarks within a video frame (e.g., video content) is described to determine whether a data interruption has occurred. In one or more implementations, the system includes a generation module communicatively coupled to a video source and a watermark detection module configured to receive a plurality of video watermarks. The watermarking detection module is configured to determine whether a watermark embedded in a current (e.g., a second) video frame is different from a watermark embedded in the previous (e.g., a first) video frame. The watermarking detection module is configured to generate an error signal when the watermark embedded in the current (e.g., a second) video frame is not different than the watermark embedded in the previous (e.g., a first) video frame to indicate a data interruption event has occurred.

Abstract: Some embodiments provide a method for establishing a secured session with backward security between a first device and a second device. In some embodiments, the method establishes a communication session between the first and second devices using shared keys stored at the first and second devices. The method exchanges encrypted data between the first and second devices as a part of the communication session. The method, upon completion of the communication session, modifies the shared key at the first device in a predictable way. The shared key is modified at the second device in the same predictable way. The method then stores the modified shared key at the first device. The modified shared key cannot be used to decrypt any portion of the encrypted data of the current and previous communication sessions.

Abstract: Examples relating to calibrating an estimated gaze location are disclosed. One example method comprises monitoring the estimated gaze location of a viewer using gaze tracking data from a gaze tracking system. Image data for display via a display device is received, the image data comprising at least one target visual and target visual metadata that identifies the at least one target visual. The target visual metadata is used to identify a target location of the at least one target visual. The estimated gaze location of the viewer is monitored and a probability that the viewer is gazing at the target location is estimated. The gaze tracking system is calibrated using the probability, the estimated gaze location and the target location to generate an updated estimated gaze location of the viewer.

Abstract: A content management system (CMS) and a translation management system (TMS) can utilize content dimensions for content items to manage and translate the content items between languages. Machine and human translations of complex dynamic content can also be improved by pre-rendering the content to remove localization-related syntax prior to machine or human translation. Content items can also be scored as to their suitability for localization prior to translation, and translation can be skipped for content items that do not have a sufficiently high score. Semantic and natural language processing (NLP) techniques can also be utilized for content categorization and routing. Translations of content items can also be continuously refined and higher quality re-translated content can be provided in an automated fashion.

Abstract: Methods and systems for activating a display security application and initiating a privacy measure on a computing device are provided. A user opens and turns on an application on the computing device, which monitors the security of the screen. The security feature recognizes when an unauthorized user is within viewing range of the display of the computing device. The user is prompted to initiate a privacy measure or ignore the unauthorized user. If the user initiates the privacy measure, the unauthorized user is prevented from seeing the content on the display. The user may terminate the privacy measure when the unauthorized user is no longer within viewing range of the display.

Abstract: Systems for dynamic watermarking within a cloud-based collaboration environment. Storage facilities are managed by servers to provide cloud-based storage services to two or more client entities as a service across a network. The servers maintain versions of editable documents or photo images or video clips using a version indication. Dynamic watermarking applies a first watermark image to a first version of the editable document and grants edit access to a first client entity of the two or more client entities. While the first client entity has edit access to the first version of the editable document the system generates a second version of the editable document and applies a second watermark image to the second version of the editable document before delivering the second version to a second client entity. A security watermark is based on a user credential, and a leak source can be determined based the user credential.

Abstract: A method and an apparatus for generating a source-independent quantum random number are disclosed. The method includes: receiving by a receiver a photon signal sent by a source and converting by the receiver a multi-photon signal contained in the photon signal into a single-photon signal equivalent to the multi-photon signal; modulating a single-photon signal in an X basis or a Z basis, and performing a projection measurement on the X basis or the Z basis randomly; calculating an error rate of the source according to a measurement result of the Z basis; obtaining a partially random binary string according to a measurement result of the X basis; and obtaining and processing a minimal entropy of the partially random binary string so as to obtain a completely random binary string.

Abstract: Cryptographic circuitry masks sensitive data values. The masking includes extracting unique combinations of random mask values from one or more sets of random mask values. Each sensitive data value is masked using a respective unique combination. The unique combinations have a combination class greater than or equal to a determined integer corresponding to a protection-level against side-channel attacks, and a number of unique combinations greater than or equal to a number of the sensitive data values. A number of random mask values in the one or more sets of random mask values is based on the number of unique combinations and the class of the plurality of unique combinations.

Abstract: A high-safety user multi-authentication system, comprising: a server having a user habit information and a key generator for generating a real key corresponding to the user habit information and at least one bait key; and a user application unit disposed on a communication device having a user interface, a key receiving unit for receiving the real key and the at least one bait key from the server, an OTP (one time password) generator for generating a real OTP based on the real key and at least one bait OTP based on the at least one bait key; wherein the real OTP is provided to the user interface when the communication device is operated according to the user habit information.

Abstract: Security systems for protecting assets are described, including password-based security systems that can provide different levels of access responsive to entry of a primary or secondary password. In some versions, user-configurable security rules can provide customized responses to entry of primary or secondary passwords, including feigned or limited access, security alerts, etc. Passwords comprising overt and covert components can be used to provide enhanced security and improved user control over system response. Improved security systems involving transactions between multiple parties are also considered, with options for user-customized security rules including primary and secondary passwords, and reverse challenge and response methods. Systems for Limited Use Credentials are also disclosed to reduce the risk of identity theft.

Abstract: A method to determine whether a user is experiencing difficulty visually resolving content is disclosed. The method includes capturing one or more images of the user while the user is viewing the content. The method also includes obtaining facial parameters related to a visual acuity of the user from the captured one or more images. The method further includes determining whether the user is experiencing difficulty visually resolving the content based on the obtained one or more facial parameters. The method is implemented in a device such as a smartphone, tablet computer, or television. The facial parameters include information about the extent to which the user has their eyes open or closed, whether the user is wearing glasses, and the distance at which the user is viewing the content.

Abstract: The present invention relates to a security management method and an apparatus for group communication when a terminal interacts and communicates with a mobile communication system. The security management method for group communication performed in a server, which manages the group communication in the mobile communication system according to one embodiment of the present invention, includes the steps of: generating a session security key for session protection in the group communication, and mapping the session security key to a group identifier for identifying a specific group to which a terminal using the group communication belongs; transmitting the group identifier and the session security key to the terminal; and generating a traffic key for protecting traffic and transmitting the group identifier and the traffic key to the terminal.

Abstract: The present invention relates generally to a system and method of securing content from on networked enabled communication devices wherein the user's identity is authenticated using a verification dongle with biometric technology, which upon verification a secure working environment is established, by closing the ports and effectively pausing the majority, if not all external tasks until the current secured task session is selectively completed by the user. Upon completion of the secured task session, the secure working environment is closed and the ports are reopened. In this manner, sensitive confidential and/or proprietary information may be edited and/or transmitted to a third party in a secure manner.

Abstract: The invention discloses an encryption processing device and a method capable of defending differential power analysis attack. In the encryption processing device provided by an embodiment of the invention, a SecMasking unit is achieved in a structure that a universal random masking technique services as a basis; a SecPrepare unit is achieved in a structure that a bitwise XOR device services as a basis; and a SecSbox unit is achieved in a mode that table look-up results are updated longitudinally and transversely in real time on the basis of a random masking technique. According to the encryption processing device and method, work power consumption of a cryptographic operation equipment circuit can have no relation with operation data and calculation operations. In addition, the encryption processing device and method can be widely used for encrypting and decrypting operation cryptographic equipment needing high safety performance.

Abstract: A new cryptographic technique is disclosed, called decoy bits method, which can be used to obtain near ideal information theoretic security in both quantum and classical key generation and data encryption, not only for raw security but also under known-plaintext attacks. The technique relates to a method of data encryption by insertion of random bits, called decoy bits, into a data sequence whereby the decoy bits are discarded upon decryption. The positions of the decoy bits are determined by a decoy position determining mechanism. This method can be used in conjunction with other standards of encryption to increase security.

Abstract: A computer-implemented method of protecting digital data includes applying a key derivation function to a first value to generate a first derived key, the first value being equal to or derived from a first input password. The first derived key is combined with the digital data to generate a protected record stored in the computer. Subsequently, the key derivation function is applied to a second value to generate a second derived key, the second value being equal to or derived from a second input password. The protected record is processed using the second derived key to permit access to the digital data when the second derived key matches the first derived key. The key derivation function includes iterations of a two-stage hashing operation creating and using an array of memory blocks whose size is specified independently of the number of iterations to decouple processing and memory requirements.

Abstract: In one example, an electronic device may be configured to receive over a network a user selection of media information that corresponds to a media streaming server, wherein the received user selection corresponds to a first account of the media streaming server. The electronic device may be configured to determine a second account that corresponds to an electronic messaging server in response to receiving the user selection. The second account may be different than the first account. The electronic device may be configured to cause a message including at least a portion of the media information to be electronically delivered to the electronic messaging server using the second account.

Abstract: Systems and methods for presenting actual data on a display device based on eye-tracking data. An eye-tracking engine receives sensed data from an eye-tracking device, determines a movement status of an eye based on the sensed data, and determines a display configuration based on the determined movement status. The display configuration is output on the display device and includes masking data when the determined movement status indicates the eye is in motion.

Abstract: An electronic device includes a touch panel that detects operation point coordinates of touch input by a user and a line-of-sight detection section that calculates the coordinates of a gaze point on the touch panel at which a line of sight of the user is directed in a specific time range from a time point of the touch input on the touch panel by the user. The electronic device further includes a line-of-sight correction area calculation section that calculates a line-of-sight correction area in a specific range from the coordinates of the gaze point on the touch panel. The electronic device also includes an operation coordinate line-of-sight correction section that a) changes the operation point coordinates to the coordinates of the gaze point if the operation point coordinates are within the line-of-sight correction area; and b) does not change the operation point coordinates if the operation point coordinates are not within the line-of-sight correction area.

Abstract: An apparatus, method and computer-readable storage medium to efficiently connect to wireless access point(s). An electronic device may capture coded information. The coded information may include a security key to connect to a wireless access point, and the coded information may be an image, an audio clip, text, or a video. The coded information may be steganographically encoded. The coded information may be captured from a display of a second electronic device. The second electronic device may include the wireless access point.