Abstract: A method for securing data in a data cluster is performed by a data manager of a data cluster. The method includes receiving, by a data cluster, a write request for a user to write data to the data cluster, wherein the write request comprises an object identifier (OID) associated with data and a user identifier (UID) associated with the user; sending, to a key manager, an intermediate key request, wherein the intermediate key request comprises the UID; receiving, by the data cluster from the key manager, an intermediate key; processing the data to obtain a plurality of chunks and metadata associated with the plurality of chunks; generating an encryption key using the intermediate key and the OID; encrypting the metadata using the encryption key to generate encrypted metadata; deleting, after generating the encrypted metadata, the encryption key; and storing the encrypted metadata and the plurality of chunks in the data cluster.

Abstract: The present teaching relates to a method, system, and programming for encrypted searching. In a search session, a uniform resource locator (URL) is received, wherein a portion of the URL is encrypted via a first key. A second key associated with the first key is obtained. A determination is made regarding whether a time-related criterion associated with the second key is satisfied. In response to the time-related criterion being satisfied, the portion of the URL is decrypted based on the second key to obtain a keyword, one or more search results are obtained based on the keyword, and a webpage including the one or more search results to be provided to a user is generated.

Abstract: A method is provided for protecting a software program from copying. The method includes providing a first implementation of the software program. A second implementation of the software program is then provided. The second implementation provides a same functionality as the first implementation, and wherein the second implementation includes a plurality of dummy operations to increase a number of operations and an execution time of the second implementation compared to the first implementation. The dummy operations are encoded. The second implementation may then be compared to another software program to determine if the another software program is a copy of the first implementation of the software program. This allows a copy of the first implementation to be detected without disclosing the first implementation.

Abstract: According to one embodiment, a broadcast request is received from a host via a communication switch to broadcast a broadcast message to one or more DP accelerators, where the host hosts an application that initiated the broadcast request. The broadcast request includes a list of one or more public keys associated with one or more DP accelerators of a plurality of DP accelerators coupled to the communication switch. For each of the one or more DP accelerators associated with the public keys of the list, a session key for a broadcast session corresponding to the broadcast message is encrypted using one of the public key associated with the DP accelerator. The broadcast message is encrypted using the broadcast session key. The encrypted broadcast messages and the encrypted broadcast session keys are broadcast to the DP accelerators.

Abstract: A video recording apparatus includes an illumination apparatus applying a modulated illumination light, a control apparatus controlling the illumination apparatus, an imaging apparatus imaging the illumination light and an object at the same time to generate video data; and a storage apparatus storing the video data generated by the imaging apparatus. The control apparatus generates encrypted data by using at least a portion of the video data imaged by the imaging apparatus and encryption information generated as information changing in accordance with a date and time and used for encryption and controls the illumination apparatus such that the illumination light is modulated by the generated encrypted data.

Abstract: Systems and methods for managing a compromised autonomous vehicle server are described herein. A processor may obtain an indication of a first server configured to control an autonomous vehicle being compromised. The autonomous vehicle may have previously been provisioned with a first public key. The first public key may be paired with a first private key. A processor may compile command information. The command information may include a command for the autonomous vehicle and a digital certificate of a second server configured to control the autonomous vehicle in the event of the first server being compromised. The digital certificate may include a second public key and may be signed with the first private key. The command may be signed with a second private key associated with the second server. The second private key may be paired with the second public key.

Abstract: Systems and methods for redacting information from data records are provided. Data records are recorded by recording devices, including, but not limited to, camera recording devices such as those associated with law-enforcement officers. The data records are stored in an evidence management system. In response to requests for records, including but not limited to Freedom of Information Act (FOIA) requests, the evidence management system creates redacted versions of the data records. Public access may then be provided to the redacted data records. In some embodiments, automated bulk redaction may be applied to video data records by applying a video filter to the entire visual field of the video information. In some embodiments, access to the redacted data records may be provided via a cloud storage system or via a removable computer-readable storage medium.

Abstract: A data processing method includes the following steps: a processor receives a symmetric wrapping key, and when an application needs to use a user private key, the processor executes an encryption and decryption instruction in a hardware-acceleration instruction-set. The encryption and decryption instruction is configured to apply the symmetric wrapping key to decrypt a wrapped private key that corresponds to the application to obtain the user private key. In addition, the symmetric wrapping key is stored in a model specific register of the processor.

Abstract: An electronic device is disclosed. The electronic device may include a memory, and a processor electrically connected with the memory. The processor may be configured to install an application, allocate identification information, which is included in a preset range, to the installed application, store, at a first address of the memory, the identification information for indicating access privilege to a system resource, monitor the first address during running of a first process of the application, and terminate the first process, when the identification information stored at the first address is not included in the preset range. Moreover, various embodiment found through the disclosure are possible.

Abstract: Aspects of the subject disclosure may include, for example, determining a multi-bit value, adjusting an orbital angular momentum of a photon according to the multi-bit value, and generating a quantum entangled pair of photons based on the photon, wherein the quantum entangled pair of photons includes the orbital angular momentum according to the multi-bit value. A quantum state is applied to the quantum entangled pair of photons, while preserving the orbital angular momentum according to the multi-bit value. A photon of the quantum entangled pair of photons is directed to an addressable memory element adapted to store a number of entangled pairs of photons including the quantum entangled pair of photons. The photons of the entangled pair of photons are retrievable from the addressable memory element according to the multi-bit value to obtain a retrieved entangled pair of photons having the quantum state. Other embodiments are disclosed.

Abstract: An aspect includes monitoring storage of a computer system. Upon detecting an unauthorized modification to an original storage component in response to the monitoring, an aspect includes retrieving a backup component corresponding to the original storage component and repairing the original storage component using the backup component. In embodiments, the repair occurs in real-time without interruption to computer operation.

Abstract: Systems and methods are disclosed for generating a parts logbook using blockchain technology. The method may include: receiving, by a processor, part information of a part from a first user device; adding, by the processor, a first block including the received part information to a copy of a blockchain database of a blockchain network; verifying, by the processor, the received part information of the part via the blockchain network; when the received part information of the part is verified, generating, by the processor, a parts logbook for the part based on the verified part information of the part; and transferring, by the processor, the generated parts logbook for the part to a second user device for displaying the generated parts logbook on the second user device.

Abstract: Embodiments of the present specification disclose data acquisition methods, apparatuses, and devices related to blockchain technologies. One method comprising: publishing, as a published description, a description of target data stored in a trusted device of a data owner; in response to the published description, receiving a data acquisition request from a data requestor for the target data wherein the data acquisition request is configured to retrieve the target data from a first resource; sending the data acquisition request to the data owner; receiving first confirmation information from the data owner; identifying the target data from the trusted device based on the first confirmation information; and sending the target data to the data requestor.

Abstract: Techniques are disclosed relating to sharing data. A first computer system may receive data shared by a second computer system to permit the first computer system to perform processing of the data according to a set of policies. The first computer system may instantiate a verification environment in which to process the shared data. The first computer system may process a portion of the shared data by executing a set of processing routines to generate a result based on the shared data. The verification environment may verify whether the result is in accordance with the set of policies. The verification environment may determine whether to output the result based on the verifying and may send an indication of an outcome of the determining to the second computer system. The indication may be usable to determine whether to provide the first computer system with continued access to the shared data.

Abstract: A system and method for protecting Sensitive Personal Information (SPI) from Multi-Party Access (MPA), including receiving a request for access to a data record, encrypting the data record using a random symmetric key to generate an encrypted data record, storing the encrypted data record on a database, encrypting the symmetric key to generate an encrypted symmetric key by using a public key associated with the client device or a key encryption key associated with the one or more processors, and transmitting a message including the encrypted symmetric key. The message causes the client device to access the data record using the database and the encrypted symmetric key.

Abstract: A system for authenticated communications between devices, the system comprising: a plurality of devices comprising at least a first and second device; and one or more communication pathways configured to communicatively couple the first and second devices for data streaming of a data object; and the first device comprising a memory coupled to at least one processor, the first device configured to: generate a plurality of datasets corresponding to a plurality of data fragments constituting the data object, each dataset comprising encryption keys used to encrypt the corresponding data fragments, encrypt a first dataset of the plurality of datasets using a first dataset key derived based, in part, on a first encryption algorithm, and determine a second dataset key based, in part, on at least one of the first encryption algorithm and second encryption algorithm.

Abstract: A blockchain data processing method includes: receiving a read request for target data stored in a blockchain; acquiring read permission index information of the target data from the blockchain, and acquiring a data read rule corresponding to the target data based on the read permission index information, the data read rule being configured to determine readable content in the target data; determining, in a predetermined trusted environment, the readable content in the target data based on the data read rule; and providing the readable content in the target data for a sender of the read request.

Abstract: Systems and methods include a computer-implemented method for using variant profiles, including the following. A composite profile for a user is generated by a variant profile system. The composite profile defines resource authorizations for the user. At least one sub-profile is generated for the user. Each sub-profile includes at least one role-based authorization for a user role, and each role-based authorization is extended to users having a composite profile that includes the sub-profile. A set of variant fields for each sub-profile is received from an administrator. The set of variant fields identifies user-specific fields to which the user has access under the user role. The at least one sub-profile is linked to the composite profile of the user. A user buffer defining authorizations for the user is updated using the composite profile of the user, causing the authorizations to become active.

Abstract: Systems, methods, and non-transitory computer-readable media can determine a set of mappings between vectors in a first dataset associated with a first party to a set of shared universal identifiers based on a secure multi-party computation. A set of mappings can be determined between vectors in a second dataset associated with a second party to the set of shared universal identifiers based on the secure multi-party computation. Membership information for each vector in the first dataset can be obtained. The membership information indicating whether an individual associated with the vector is assigned to a test group, a control group, or neither. Conversion information for each vector in the second dataset can be obtained. The conversion information indicating whether an individual converted. Conversion counts for the test group and the control group can be determined based at least in part on the membership information and the conversion information.

Abstract: A method by one or more electronic devices implementing a system for providing community-based data security, where the system is communicatively coupled to a plurality of database security analyzers, where each of the plurality of database security analyzers is configured to analyze data accesses to one or more databases associated with that database security analyzer. The method includes obtaining, for each of the plurality of database security analyzers, learning metadata generated by that database security analyzer, generating security parameters based on the learning metadata generated by the plurality of database security analyzers, and providing the security parameters to one or more of the plurality of database security analyzers to cause the one or more of the plurality of database security analyzers to apply the security parameters when analyzing data accesses to detect security incidents.