Abstract: A method for securing an electronic control unit (ECU). The method may include generating a granular security control adjustment authorization ticket (G-SCAAT) for securing the ECU according to a plurality of security parameters determined based on to a role selected for a corresponding user. The G-SCAAT may include security values to be used in controlling the ECU to operate according to the security parameters.

Abstract: Provided is a data processing device including: a noise removal unit that removes noise from data to which noise has been added, the data having been received from a terminal device; a measurement unit that measures the data for each data type constituting a data set and indicating a classification of the data; and a data set updating unit that updates the data set on the basis of a measurement result of the measurement unit.

Abstract: Embodiments disclosed are directed to an immutable database with a bitemporal ledger for storing transactions in timelines for maintaining a record of all events and resources within the system. The bitemporal ledger may store a sequence of transactions which include a plurality of transactions previously received by the data processing system in a temporal sequence up to a current time. A new transaction is received and may be appended to the sequence of transactions based on temporal metadata associated with the transaction are received, The temporal metadata may include a valid-from time and a created-at time.

Abstract: A system, method and apparatus for enabling environment tracking at a monitored location. A wireless sensor network can support a beacon that can be configured to broadcast information to devices at the monitored location. The broadcasted information can be recorded by devices to generate an environment log that can enable identification of conditions of an environment as reflected by sensor measurements at the monitored location.

Abstract: When a hash expected value, which is an expected value of a hash value of activation software, is stored in a storing unit (111), a security calculation unit (110) compares the hash value of the activation software with the hash expected value. A main calculation unit (109) activates the activation software when the hash value and the hash expected value match, and stops a process when both do not match. The main calculation unit (109) performs signature verification for the activation software when the hash expected value is not stored in the storing unit (111), and stores in the storing unit (111) as the hash value expected value, the hash value of the activation software as well as activates the activation software when the signature verification is successful. The main calculation unit (109) stops a process when the signature verification is not successful.

Abstract: A system, method and apparatus to control memory devices over computer networks. For example, a server system establishes a secure authenticated connection with a client computer system to receive a request having a batch identification that is configured in the server system to identify a batch of multiple memory devices. After determining that the client computer system is eligible to control the multiple memory devices in the batch, the server system transmits to the client computer system a response. The response contains control data for each respective memory device in the batch. The control data is based on at least a cryptographic key stored in the server system in association with the respective memory device. Using the control data the client computer system submits a command with a digital signature to the respective memory device, which validates the digital signature prior to execution of the command.

Abstract: An example method includes obtaining, by a computing system, first audio data representing one or more initial utterances during an interactive voice session with an interactive voice system; generating, by the computing system, based on the first audio data, a prediction regarding whether a subsequent utterance of a user in the interactive voice session will contain sensitive information, wherein the subsequent utterance follows the one or more initial utterances in time; obtaining, by the computing system, second audio data representing the subsequent utterance; determining, by the computing system, based on the prediction and based on a risk profile of the interactive voice system, whether to transmit the second audio data to the interactive voice system; and based on the determination to transmit the second audio data to the interactive voice system, transmitting the second audio data to the interactive voice system.

Abstract: A system for secure testing and provisioning of an integrated circuit (IC) includes, in part, a secure reconfigurable key provisioning architecture (SLEEVE) module disposed in the IC, and a secure asset provisioning hardware entity (SAPHE) module. The IC may include, in part, a modified IEEE 1500 wrapper to control its operation modes. The SLEEVE module may include, in part, an encoding/decoding module and an unlocking module. The encoding/decoding module may include, in part, a decode key stream cipher module, an encode key stream cipher module, Seed Key programmable linear-feedback shift registers (LFSRs), Initialization Vector (IV) LFSRs, and configuration registers. The encoding/decoding module may be configured to generate key bits for decoding and encoding inputs and outputs of the IC. The unlocking module may include, in part, a pattern matching block and a counter. The unlocking module may be configured to enable write access to the configuration registers.

Abstract: A deployment system for IoT including an edge server, multiple gateways, and multiple agent modules is disclosed. Each gateway is respectively connected with different peripheral devices to support different function. The edge server includes a flow editor used to edit a flow for a target gateway. The edge server performs a deploying procedure to the target gateway in accordance with the flow, wherein the deploying procedure is to first read a script and a parameter of one or more function nodes included in the flow, then encapsulate the script and the parameter into a packet, and then transmit the packet to the target gateway through one of the agent modules. The target gateway receives the packet through one of the agent modules and sequentially executes the function nodes according to the content of the flow, so as to implement a corresponding IoT function.

Abstract: A method determining, by an infrastructure device in communication with a user device, authentic feature information that indicates a characteristic associated with an authentic feature included in an authentic communication associated with an authentic entity, with which the user device intends to communicate over a network; and transmitting, by the infrastructure device to the user device, authentic entity information that includes the authentic feature information and an association between the characteristic associated with the authentic feature and authentic communication information associated with the authentic communication. Various other aspects are contemplated.

Abstract: The present technology includes a controller and an electronic system including the same. The electronic system includes a memory device including a plurality of zones, each zone capable of storing data, a plurality of hosts configured to output access requests for accessing a selected zone, among the plurality of zones, and a controller configured to select one of the plurality of hosts according to order in which the access requests are received, generate and store a key for confirming the selected host, and transmit the key to the selected host, when the access requests to access the selected zone are received from the plurality of hosts, wherein the selected host transmits an operation request including the key to the controller, and the controller executes the operation request when the key is included in the operation request received from the selected host.

Abstract: An operation method with fingerprint event recognition, an apparatus, and a mobile terminal relate to the field of communications technologies. The method includes receiving a fingerprint event from a user at a preset position on a mobile terminal, and displaying on a display screen of the mobile terminal at least one shortcut when the fingerprint matches a stored fingerprint event. A sliding gesture input from the user is detected, the sliding gesture starting at the preset position and extending from the preset position to select a first shortcut from the at least one shortcut, thereby improving operation efficiency.

Abstract: Techniques of time-sensitive data delivery in distributed computing systems are disclosed herein. In one example, a server can disseminate the same information to multiple endpoints in a distributed computing system by transmitting multiple packets to the multiple endpoints hosted on additional servers in the distributed computing system. The multiple packets individually include a header field containing a delivery time before which the packets are not forwarded to corresponding final destinations and a payload containing data representing copies of information identical to one another destined to the multiple endpoints hosted on the additional servers.

Abstract: A system, method, and machine-readable storage medium for detecting an anomaly are provided. In some embodiments, the method includes computing an access rate of a set of entities for each user of a plurality of users. The access rate may refer to data operations for the set of entities stored by a storage system. The method also includes normalizing the access rates for a subset of the plurality of users, the subset belonging to a community. The method further includes determining whether a normalized access rate from among the access rates satisfies a threshold. The method also includes detecting an anomaly in response to a determination that the normalized access rate satisfies the threshold.

Abstract: Techniques for improving communication and expectation setting between various parties/communities of a crowdsourced platform are disclosed. The platform is used for reporting issues in a target system, program or product. A customer/subscriber entity enters a target brief in the platform. In response, a researcher enters a submission in the system. If the submission is valid, it is presented to the customer and a response-time or service level agreement (SLA) timer is started. If the customer agrees with the submission, it is marked as complete and the researcher is paid. If the customer disputes the submission, a third-party intervenes and the timer is paused until dispute resolution. If the submission requires more information the researcher is requested accordingly and the timer is reset. If at any point, the timer expires, the parties are notified and the submission is closed.

Abstract: An Information Handling System (IHS) includes multiple hardware devices, and a baseboard Management Controller (BMC) in communication with the plurality of hardware devices. The BMC includes executable instructions for beginning execution of a first BMC firmware stack, and during execution of the first BMC firmware stack, halt execution of the first BMC firmware stack, and begin execution of a second BMC firmware stack. At least a portion of the executable instructions used to generate the first BMC firmware stack are different than the executable instructions used to generate the second BMC firmware stack.

Abstract: Disclosed herein is a system that includes an order processing subsystem and a delivery processing subsystem comprising at least one database and one or more processors. The one or more processors of the delivery processing subsystem is configured to receive a request for a user to access the delivery processing subsystem and a scanning device, authenticate the user by verifying the request with user credentials stored in the at least one database, provide the user with access to the delivery processing subsystem and the scanning device, receive scanned data from the scanning device, retrieve package data regarding a package for an inmate based on the scanned data from the scanning device, and generate, based on the package data, a route in the correctional facility for delivery of the package to the inmate in the correctional facility, wherein the route does not include an identity of the inmate.

Abstract: The present disclosure discloses a method for measuring energy of natural gas based on Internet of Things (IOT). The method may be performed by a management platform, comprising: in response to a query request received by a user platform, obtaining a natural gas detection parameter detected by a sense control platform via a sense network platform; determining natural gas metering data by processing the natural gas detection parameter; and transmitting the natural gas metering data to the user platform via a service platform.

Abstract: Cloud services are provided by a distributed network including a number of geographically distributed datacenters, to client devices in accordance with data sovereignty requirements. A server within the distributed network may receive a service request and determine whether it complies with the data sovereignty requirements of the client. When the geographic location of the server does not comply with the client's data sovereignty requirements, the server may determine and transmit back to the client device a set of alternative datacenters within the distributed network that comply with the client's data sovereignty requirements. The client device may use network probes to select an alternative datacenter, and the cloud service request of the client device may be migrated from the server to the selected datacenter.

Abstract: Systems and methods are disclosed for obfuscating entry of sensitive data at a mobile device, which may be infected with a rogue application configured to steal the sensitive data. One method comprises detecting a prompt for a user to enter sensitive data at a mobile device, and activating one or more of an audio speaker and a vibration motor of the mobile device. The activation of the one or more of the audio speaker and the vibration motor is terminated in response detection conclusion of the user's entry of sensitive data the mobile device.

Abstract: Disclosed herein are systems and method for protecting core files in a content management system (CMS). In one aspect, a method includes detecting execution of a script on a computing device. In response to determining that the script is located in the core folder and is not included in an exclude list that includes paths of scripts and files that are marked as not malicious, the method includes blocking the execution of the script. If the script is not in the core folder, the method includes determining whether the script will upload, to the core folder, a file that is not in the exclude list. In response to determining that the script will upload the file to the core folder, the method includes blocking write functions in the script during the execution.

Abstract: A system may include a first processing component arranged in a secure domain of the system. The system may include a second processing component arranged outside of the secure domain of the system. The system may include one or more hardware accelerators to perform operations in association with providing communication security for the system. The one or more hardware accelerators may be accessible by the first processing component via a channel in the secure domain. The one or more hardware accelerators may be accessible by at least the second processing component via a channel outside of the secure domain.

Abstract: A communication system (100) comprises a thin-client mobile terminal (MT) having a device identity (MT_ID), a thin-client service terminal (ST), and a remote system server resource (SS). The thin-client mobile terminal (MT) is configured for receiving (101) from the service terminal (ST) a short-range wireless communication signal (BA) representing an identification request (ID_REQ), and in response communicating (102) with the remote server resource (SS) by long-range broadband data communication to report the identification request (ID_REQ) as well as the device identity (MT_ID) of the mobile terminal (MT).

Abstract: Disclosed are various embodiments for generating relevant notifications of content generated by third party data sources. In some embodiments, a system comprises a computing device and machine readable instructions. The computing device includes a processor and a memory. The machine-readable instructions can be stored in the memory that, when executed by the processor, cause the computing device to receive content from a third party data source based at least in part on a keyword topic. An embedding for the content is generated. The system can classify a portion of the content as associated with the keyword topic. Organizations can be identified from the portions of the content. The system can generate a list from the organizations identified in the content and transmit a notification to a client device regarding the content.

Abstract: A system for interactive video content includes one or more interactive engagement platform servers communicatively couplable to a plurality of user devices configured to display one or more video programs received from video provider servers. In another embodiment, the one or more interactive engagement platform servers are configured to: receive at least one of an event ID or metadata associated with the at least one video program stream of the one or more video program streams; retrieve one or more data payloads including supplemental content related to the event ID or metadata associated with the at least one video program stream from at least one of a third-party content provider or a third-party service provider; and generate one or more control signals configured to cause the plurality of user devices to display an interactive content overlay configured to display information associated with the one or more retrieved data payloads.

Abstract: A computer server includes processor and memory hardware. The processor hardware executes instructions including parsing a hypertext transfer protocol (HTTP) request from a first user agent to identify a first data object matching a set of characteristics and generating a new data element based on the HTTP request. The instructions include, in response to the first data object being present: extracting a first set of serialized data elements and serializing them with the new data element to generate a second data object. The instructions include, in response to the first data object being absent and a user associated with the first user agent being identifiable: determining a second set of serialized data elements based on an identity of the user, and serializing them with the new data element to generate the second data object. The instructions include transmitting an HTTP response including the second data object.

Abstract: Methods, computer program products, and computer systems for the classification of unstructured data items are disclosed. Such methods, computer program products, and computer systems include ingesting an item into a classification engine, performing term processing on one or more terms of the item, and processing a relational similarity index. The classification engine is implemented in the computer system. The relational similarity index represents a similarity of the item to a reference item, and the relational similarity index is determined using the one or more terms.

Abstract: In an embodiment, a point of sale (POS) device is provided. The POS device includes a memory and at least one processor. The processor is configured to perform an authorized set of functions established by an external management module. The authorized set of functions include purchase transaction processing of inventory identified as available to the POS device by the external management module.

Abstract: Systems and methods are disclosed herein for enabling multiple users' digital rights to be applied as needed to access media while those users are present to consume media. In particular, a media guidance application may receive a selection of a media asset and determine that the user equipment device does not allow access to the media asset. In response, the media guidance application may identify all the users consuming content from that user equipment device and retrieve digital rights for each user. The media guidance application may compare the digital rights of each user with digital rights required to access the media asset. The media guidance application may, based on the comparison, identify a set of digital rights (e.g., for another user present) that enable access to the media asset, and use those digital rights to access the media asset for consumption.

Abstract: A digital asset is represented and verified as a set of related digital asset or other content objects. Related metadata is stored on an immutable distributed ledger separately from the content objects themselves. For example, a transaction object includes metadata such as identifiers for two or more content objects, fingerprints for the content objects. The content objects may be stored in a local or cloud object repository. Validation of a later identified content object may include determining a fingerprint for the later identified content object, mapping that fingerprint to an address within the immutable distributed ledger to retrieve metadata previously mapped, and comparing the two fingerprints. Visual validation may be provided when the first and second fingerprints match, such as by displaying a positive icon adjacent the later identified object.

Abstract: Various embodiments relate generally to data science and data analysis, computer software and systems, to provide a platform to facilitate updating compatible distributed data files, among other things, and, more specifically, to a computing and data platform that implements logic to facilitate correlation of event data via analysis of electronic messages, including executable instructions and content, etc., via a cross-stream data processor application configured to, for example, update or modify one or more compatible distributed data files automatically.

Abstract: A method and apparatus for secure transfer and playback of multimedia content enables the secure transfer of multimedia content from a digital video recorder (DVR) to a personal computer (PC) and further to a handheld device. A DVR determines which devices on a Local Area Network (LAN) are authorized to share and/or retrieve content from the DVR. The DVR receives a connection request from a PC on the LAN, authorizes the connection request and establishes a secure connection between the DVR and the PC. Once the secure connection is established, the DVR receives a request for multimedia content from the PC, prepares the multimedia content for transfer and transfers the multimedia content to the PC.

Abstract: An audio/video (AV) receiver is adapted to be dynamically reconfigured in a selected one of an encrypted content support mode and an unencrypted content support mode. The AV receiver includes a controller configured to dynamically alter one or more encryption settings based at least in part on user input provided to a mode toggle mechanism. The one or more altered encryption settings are effective to facilitate presentation of unencrypted content within a received media stream on a display while selectively preventing presentation of encrypted content included in the received media stream on the display.

Abstract: Systems and methods are provided for a content aggregation system for intelligent searching of indexed content based on extracted security identifiers. An example method includes obtaining content items from content providers based on authorization information associated with one or more users. Collectors are configured to transform content items into articles representing a normalized form associated with a content item. The method includes obtaining a plurality of articles and storing them in one or more databases. The method includes assigning security identifiers to the articles. A security identifier represents an abstraction of a discrete access right or permission associated with user access to an article. The method includes generating respective indexing messages for execution. The indexing messages are included in a queue and each indexing message includes a reference to an article.

Abstract: An example operation may include one or more of receiving from a user node, by a blockchain processor node, a document access request containing a document ID, acquiring, by the blockchain processor node, from a blockchain ledger an encrypted URL of the document and a source hash of the document based on the document ID, verifying, by the blockchain processor node, a document received from a document owner's node storage based on a decrypted URL of the document and, in response to the verification, transmitting the document received from the document owner's node storage to the user node.

Abstract: Embedding functionality of a communication platform into a third-party application is described. The communication platform can receive, from the third-party application, a request to connect to the communication platform, wherein the third-party application and the communication platform are associated with a user account. In response to receiving the request, causing an embedded user interface associated with the communication platform to be presented via a user interface of the third-party application. In an example, data input in the embedded user interface can be presented via a group-based communication user interface of the communication platform.

Abstract: A mobile terminal is adapted for mobile payment through payment in accordance with transaction data from the customer to a merchant via a payment service provider, and is adapted for a clearing of the payment between bank servers. The terminal is characterized in that a) in the secure runtime environment access data are stored for an authentication between the payment trust application and the payment service provider; and b) the agent is further adapted b1) upon an authentication between the payment trust application and the payment service provider, to transmit access data, or authentication data generated employing access data, between the secure runtime environment and the payment service provider, and b2) to accept from the payment trust application a transaction instruction for a payment in accordance with the transaction data and to send it to the payment service provider. A corresponding mobile payment method for a terminal is likewise specified.

Abstract: A coordinating network element manages a protocol that prohibits the coordinating network element from substantively accessing data content that, at least in part, underlies received protocol-compliant requests. By one approach, these teachings provide for preventing substantive access to data information that is included within the protocol-compliant request in tokenized form, wherein the tokens are generated using secrets, at least one of which is unavailable to the coordinating network element.

Abstract: A mechanism is provided for using triggered stimuli to enhance contextual information regarding detected risk events in a networked system. Embodiments monitor a system to identify risk-associated behavior, and upon detecting such behavior, can provide stimulus to a user associated with the risk-associated behavior to determine additional context behind the behavior, thereby initiating a two-way communication to acquire more information. If user response to the stimulus indicates a high risk associated with the behavior, then the system can trigger security measures to restrict the behavior. Some embodiments provide stimuli that are directly related to the nature of the risk-associated behavior, in order to better contextualize the behavior. In some embodiments, the stimuli are only applied if the risk-associated behavior presents a measure of risk above a predetermined threshold.

Abstract: A system can determine a set of users to access an asset of a computing device. User data for a user in the set of users is obtained. The user data can specify organizational information for the user. The system can determine a value usable to regulate access to the asset. The value can be based on the organizational information for the user, and the value can be further based on other user data attributed to another user in the set of users. Based on the determined value, the system can regulate access to the asset.

Abstract: A computer-implemented method for reencrypting data. A key management service receives a web service application programming interface or other request to reencrypt data from a first key to a second key, where the first key and the second key are managed by the key management service on behalf of a user of the service. The key management service response to the request by performing the associated operations and providing a response with the reencrypted data.

Abstract: An asset storage server is provided herein that assigns related files to an asset name and assigns permissions to the asset name such that related files with unrelated names can be assigned permissions independent of the file naming convention and without requiring a user to individually set the permissions of each file. The asset storage server may also generate modified versions of original file names and index a distributed object store based on the modified versions such that related files with related names are not listed in the same partition of the distributed object store. Indexing the distributed object store based on the modified versions of the original file names may reduce data retrieval latency.

Abstract: This application discloses a configuration update method for an LED display screen, a receiver card, an LED display module, and an LED display screen. The method includes: (S201) when it is detected that a receiver card is powered on, reading storage identity authentication data of the receiver card, and verifying whether the receiver card has been replaced; (S202) when it is determined that the receiver card has been replaced, outputting a configuration parameter stored in a memory to the receiver card, to update a configuration parameter of the receiver card; (S203) when it is detected that an LED display module is powered on, reading display identity authentication data of the LED display module, and verifying whether the LED display module has been replaced; and (S204) when it is determined that the LED display module has been replaced, outputting correction data of the LED display module to the receiver card.

Abstract: An authentication system for granting access to an account associated with a user. An authenticator of the authentication system including a processor and a memory, the authenticator configured to: receive a request for authentication that identifies the user; access an authentication account associated with the user, wherein the authentication account indicates a smart device associated with the user; activate a control parameter of the smart device, wherein the control parameter may cause an effect in a media sample from the smart device; receive the media sample from the smart device and determine if the effect corresponding to the control parameter is observed in the media sample; and in response to a determination that the effect is not observed in the media sample, indicate that the request for authentication is a fraudulent request.

Abstract: A method for execution by a computing device of a storage network includes obtaining storage performance information for a set of storage units of the storage network, where data segments are dispersed storage error encoded into pluralities of sets of encoded data slices in accordance with error encoding parameters that include a pillar width number and a decode threshold number, which is a number of encoded data slices the set of encode data slices is required to reconstruct a data segment of data segments. The method further includes determining, based on the storage performance information and the error encoding parameters, a performance threshold number for a write request to store a set of encoded data slices of the pluralities of sets of encoded data slices in the set of storage units, where the performance threshold number is greater than the decode threshold number and less than the pillar width number.

Abstract: A display control method includes: determining, by a computer, a link between an operation target object to be displayed on a display and a terminal that is to output the operation target object; and when detecting specific operations of outputting the operation target object from a plurality of terminals within a certain period of time after detecting a predetermined display operation for displaying the operation target object on the display, providing a guide giving a prompt to perform the specific operation again.

Abstract: A method of managing access to protected file content is disclosed. The method includes: receiving a request to open a first file stored on the computing device; determining that the first file is a protected file; in response to determining that the first file is a protected file: identifying a first application that is suitable for opening the first file; determining that the first application is an unsecured application; and in response to determining that the first application is an unsecured application, locking the first application to prevent unauthorized access of application data of the first application in a locked state.

Abstract: In one implementation, a method for providing security on an externally connected controller includes launching, by the controller, a security layer that includes a whitelist of permitted processes on the controller, the whitelist including (i) signatures for processes that are authorized to be executed and (ii) context information identifying permitted controller contexts within which the processes are authorized to be executed; determining, by the security layer, whether the particular process is permitted to be run on the controller based on a comparison of the determined signature with a verified signature for the particular process from the whitelist; identifying, by the security layer, a current context for the controller; determining, by the security layer, whether the particular process is permitted to be run on the controller based on a comparison of the current context with one or more permitted controller contexts for the particular process from the whitelist.

Abstract: Disclosed is a 5th generation (5G) or a pre-5G communication system provided to support a higher data transmission rate than that of post-4th generation (4G) communication systems, such as long term evolution (LTE). A method of operating a network node in a wireless communication system is provided. The method includes receiving, from a plurality of first network nodes, network data, generating first recommendation operation information for a second network node based on the network data, and transmitting, to the second network node, a first analysis result message including the first recommendation operation information.

Abstract: A processor of a remote crypto cluster (RCC) may receive a public key from a client device through at least one network. The processor of the RCC may obtain an encrypted specific key and a blinded project key from at least one data source through the at least one network. The processor of the RCC may derive a derived key in blind based on the encrypted specific key and the blinded project key. The processor of the RCC may send the derived key in blind to the client device.