Abstract: A management device comprises a first authentication module, for receiving a first information and performing a first determination on whether an administrator device is correct according to the first information; an authorization module, coupled to the first authentication module, for performing a second determination on whether the administrator device comprises an access qualification for a remote device, when the first determination is positive and when receiving a first request message for accessing the remote device; a communication module, coupled to the authorization module, for transmitting a second request message for establishing a connection with a network device to the remote device, when the second determination is positive and when determining to establish the connection with the network device; an integration module, coupled to the authorization module, for transmitting a third request message for configuring a port forwarding to the network device, when the second determination is positive.

Abstract: A computer system for failing a secure boot in a case tampering event comprises a microcontroller unit (MCU); a trusted platform module (TPM), for generating random bytes for a secure boot of the computer system; a bootloader, for storing information comprising the random bytes in the MCU and at least one hardware of the computer system and performing the secure boot, wherein the TPM is comprised in the bootloader; an operating system (OS), for performing the secure boot; and at least one sensor, coupled to the MCU, for detecting a case tampering event, and transmitting a signal for triggering a deletion of the random bytes, if the case tampering event happens. The MCU performs the operation of deleting the random bytes stored in the MCU and the at least one hardware according to a power supply, in response to the signal.

Abstract: A multi-cloud private communication set-up service enables scalable private connectivity between producers and consumers residing within different public cloud environments. A producer publishes metadata information about a resource within the public cloud environment where the producer resides. The public cloud environment of the publisher is monitored for tagged metadata about new resources. Identified metadata is used to configure a producer-side private link service to a private communication link, and metadata information about the configured producer-side private link service to the private communication link is published within the public cloud environment of the producer.

Abstract: Systems, methods, and computer-readable storage devices to enable secured data access from a mobile device executing a native mobile application that operates in connection with a server executing a headless browser. The exemplary process includes receiving, at a server, at least registration data and browser state information, the registration data and the browser state information from a mobile device, a browser state database or a shared folder. The mobile device executing a native application and configured to host a configurable network service to connect to a website hosted by a remote server, the registration data including application identifier information associated with the native application and address data associated with the configurable network service.

Abstract: A first chiplet parses at least a message into ordered message blocks that are associated with index values. The first chiplet generates a substitution value by executing a pseudo-random number generator using a seed value that is computed with at least (i) a first random or pseudo-random number and at least (ii) a first message block. The first chiplet generates a sequencing value by executing a pseudo-random number generator using a seed value that is computed with at least (i) a second random or pseudo-random number and at least (ii) an index value for the first message block. The first chiplet generates a first ciphertext block with at least the substitution value and the sequencing value and further generates a second ciphertext block at least partly with the first ciphertext block. The blocks are concatenated and transmitted to a second chiplet.

Abstract: Disclosed is a user authentication method and system using an authentication virtual code including receiving, by a virtual code verifying means, the authentication virtual code, the authentication virtual code being generated by an authentication virtual code generating function included in a virtual code generating means registered in the virtual code verifying means, searching, by the virtual code verifying means, for a storage location of user identification (UID) or sub-identification (SID) based on the authentication virtual code, extracting, by the virtual code verifying means, authority information stored after matching the found UID or SID, verifying, by the virtual code verifying means, the authentication virtual code based on a time point at which the authentication virtual code is received, and performing, by the virtual code verifying means, user authentication based on the extracted authority information.

Abstract: Systems, computer program products, and methods are described herein for augmented hash-based portioning of non-fungible electronic resources for detection of unauthorized duplicates. The present invention is configured to receive an unauthorized duplication detection request for a first NFT from a first user; segment the first digital resource into a first set of resource portions; generate a first set of hash values corresponding to the first set of resource portions; retrieve a second digital resource, wherein the second digital resource is associated with a second NFT; segment the second digital resource into a second set of resource portions; generate a second set of hash values corresponding to the second set of resource portions; determine that the second digital resource is similar to the first digital resource; determine that the second NFT is an unauthorized duplication of the first NFT; and trigger one or more responsive actions.

Abstract: A method for facilitating automated authentication of a plurality of remote terminals is disclosed. The method includes generating, via a remote terminal, a key pair, the key pair including a public key and a private key that is persisted within the remote terminal; generating, via the remote terminal, a communication request by using the key pair, the communication request including the public key; transmitting, via the remote terminal using an application programming interface, the communication request to a terminal management server; registering, via the terminal management server, the remote terminal to a terminal database by using information in the communication request; persisting, via the terminal management server, the public key from the communication request to a persistent object storage repository; and generating, via the terminal management server, a response to the communication request, the response including status information and configuration information.

Abstract: A method comprises collecting network data associated with data transmission in a computing environment. The method also comprises identifying, using one or more machine learning models, at least one intrusion type affecting the computing environment. The identification of the at least one intrusion type is based at least in part on the collected network data. In the method, one or more remedial communications addressing the at least one intrusion type are generated, and the one or more remedial communications are transmitted to a user.

Abstract: A network incident summarization and visualization tool presents a summarized or filtered rendering of an analysis or narrative of a collection of events gathered from a stream of incident reports. A graph structure stores entities and relationships between network entities in a graph form based on temporal correspondence between different incidents. An evaluation of the entities and the relationships implements a scoring methodology that identifies the most significant incidents based on the entities and component groups of entities associated by a sequence of relationships. The scoring methodology provides a normalized score that is filtered based on a threshold that removes entities having little to no correspondence or effect. The resulting filtered rendering defines a graph of entities and relationships ordered by type and significance such that the most important aspects of the rendered narrative are apparent.

Abstract: Disclosed are techniques for identifying users within an enterprise who pose heightened security risks to the enterprise. A method can include receiving, by a computing system, information about users in the enterprise, grouping the users into groups based on at least one grouping feature and the user information, the at least one grouping feature including, for each of the users, behavior, activity, role, department, region, role-based risk score, event-based risk score, and/or composite risk score, identifying, for each group, normalized behavior of users in the group, generating, for each user in each group, a composite risk score based on deviation of the user's activity from the normalized behavior of the group, identifying, for each group, a subset of users in the group to be added to a watch list, and adding the subset of users to the watch list.

Abstract: Multi-factor authentication systems and methods are provided that include receiving a request to authenticate a user of a mobile device. The request for authentication may include credential information associated with the user and vehicle data. A determination may be made regarding whether the vehicle data was obtained from a vehicle via the mobile device. The received vehicle data and received credential information may be compared to stored data. When there is a match between the received vehicle data and received credential information and corresponding stored data, a notification may be provided to the user device indicating that the user has been authenticated.

Abstract: Methods and system of recording work history of a mining node on a blockchain in a blockchain network. The methods may include mining a first block containing a registration generation transaction that includes, within a registration information field, a miner identifier for the mining node; and mining two or more additional blocks in an order, each additional block containing a generation transaction that includes an information field containing the miner identifier, a reference to the generation transaction of the preceding additional block in the order, wherein the registration generation transaction is a first block in the order. Work history may be verified by tracing the recorded work history and validating the miner identifier. Recorded work history may serve as the basis for a reputation score for the miner, which reflects contributed work evidenced by the proof-of-work secured work history.

Abstract: One or more keys are derived from a master key by executing a plurality of encryption operations. A first encryption operation uses the master key to encrypt a plaintext input having a plurality of bytes. Multiple intermediate encryption operations are performed using a respective intermediate key generated by a previous encryption operation to encrypt respective plaintext inputs having a number of bytes. At least two bytes of a plaintext input have values based on a respective set of bits of a plurality of sets of bits of an initialization vector, wherein individual bits of the respective set of bits are introduced into respective individual bytes of the plaintext input and the respective set of bits has at least two bits and at most a number of bits equal to the number of bytes of the plaintext input.

Abstract: Systems and methods for provisioning secure programmable logic devices (PLDs) are disclosed. An example secure PLD provisioning system includes an external system comprising a processor and a memory and configured to be coupled to a secure PLD through a configuration input/output (I/O) of the secure PLD. The external system is configured to generate a locked PLD comprising the secure PLD based, at least in part, on a request from a secure PLD customer, wherein the request from the secure PLD customer comprises a customer public key; and to provide a secured unlock package for the locked secure PLD. The external system may also be configured to provide an authenticatable key manifest comprising a customer programming key token and a corresponding programming public key associated with the locked secure PLD, wherein the authenticatable key manifest is signed using a programming private key generated by the locked secure PLD.

Abstract: A method and apparatus for performing multi-factor authentication of a merchant system by a commerce platform are described. The method may include authenticating the commerce platform to a cloud services provider, the cloud services provider providing a private communications network for use by the commerce platform and the merchant system. The method may also include receiving, by the commerce platform, an authentication request from the merchant system, wherein the request received from the merchant system originates from the private communications network provided by the cloud services provider, and wherein the authentication request uses an encryption key.

Abstract: The present disclosure relates to a computer-implemented method and to a system for authenticating a transaction over a secure network. The method comprises, prior to authorization of a transaction: receiving, by a digital service server, from a merchant plug-in (MPI) computing device, via a directory server, a token and a first cryptogram for the transaction; decrypting, by the digital service server, the token into sensitive data; generating, by the digital service server, a first message including a validation result and the sensitive data; and transmitting, by the digital service server, the first message to an issuer server to authenticate the transaction.

Abstract: A technique for locking a blockchain transaction based on undetermined data, using a blockchain network. A locking node may include a locking script in a blockchain transaction to lock a digital asset. The locking script includes a public key for a determined data source and instructions to cause a validating node executing the locking script to verify the source of data provided in an unlocking script by: a) generating a modified public key based on the public key for the determined data source and based on data defined in the unlocking script; and b) evaluating a cryptographic signature in the unlocking script based on the modified public key. The blockchain transaction containing the locking script is sent by the locking node to the blockchain network. The lock may be removed using a cryptographic signature generated from a private key modified based on the data.

Abstract: An information processing device according to one embodiment of the present disclosure comprises a processor. The processor is configured to generate a distributed component aimed at a three dimensional printing task. The distributed component is used for controlling, independent of the information processing device, execution of the three dimensional printing task after establishing a connection with a user equipment, and comprises decryption information of three dimensional model data used for the three dimensional printing task. The processor is further configured to control the arrangement of the distributed component to the user equipment.

Abstract: The present disclosure provides systems and methods for authenticated control of content delivery. The method includes receiving a request for an item of content from a computing device, the request comprising a security token associated with the computing device and an identifier of a group of domains, identifying the group of domains from the identifier, and retrieving a security key associated with the group of domains. The method further includes decrypting a signature of the security token, identifying an authentication string, determining that the authentication string matches a server authentication string, and identifying characteristics of the security token. The characteristics of the security token include a confidence score. The method further includes comparing the confidence score of the security token to a threshold, determining that the confidence score does not exceed the threshold, and preventing transmission of content to the computing device.