Abstract: In an evaluation device, a receiver part receives, from an authentication device, a hash value of a user identifier for identifying a user, which is generated in a terminal unit used for the login by the user, and information indicating a login environment of the terminal unit, which is encrypted in the terminal unit. A decoding part decodes the encrypted information indicating the login environment of the terminal unit. A risk calculation part calculates an evaluation value that indicates a risk of the login being an unauthorized access based on a statistic related to a degree of similarity between the login environment of the terminal unit and a previous login environment by the user corresponding to the hash value. A transmitter part 120b transmits a comparison result between the calculated evaluation value and a predetermined threshold.

Abstract: A tracking device can provide a hashed identifier to a mobile device, for instance within an advertisement packet. The mobile device can query each of a plurality of entities with the hashed identifier to identify an entity associated with the hash key used to generate the hashed identifier. In some embodiments, the mobile device can query a centralized key server, which in turn can query the plurality of entities to identify the entity associated with the hash key. The mobile device can then receive a public key from the identified entity, can determine a location of the mobile device, and can encrypt the location with the public key. The mobile device can then provide the hashed identifier and the encrypted location to the identified entity, which can provide the encrypted location to an owner of the tracking device for decryption using a private key corresponding to the public key.

Abstract: Systems and methods for securing access to user data stored in a networked location are described herein. A first user device may generate data that a user may desire to keep private. The generated data may be transmitted to, and stored at, a networked location, which then makes it vulnerable to malicious attack or exposure to unintended recipients. To protect the user data stored at the networked location, a recursive data file signature is generated for each stored data file. In order to access the stored data file, the user needs to provide the data file signature. In addition, every time the user data is accessed by the user, the data file signature is changed. In this way, the exposed data file signature will no longer be valid if an unauthorized entity tries to access the user data.

Abstract: Embodiments of the present invention disclose a security processing method and a related device. The method may include: receiving, by a base station, security-processed target data sent by user equipment UE; sending, by the base station, security request information of the UE to a core network device; and receiving, by the base station, security response information returned by the core network device, where the security response information includes security parameter information of the UE and/or security-deprocessed target data. According to the present invention, during data transmission between the UE and the base station, not only data security can be ensured, but also low power consumption can be ensured.

Abstract: A method (10) performed in an initiating runtime (2a) is disclosed for migrating an actor instance (5a1) of an actor (4a) to a target runtime (2b). The method (10) comprises obtaining (11), from a blockchain entity (3), an ownership token associated with the actor instance (5a1) of the actor (4a), the ownership token being verifiable by a blockchain (7) of the blockchain entity (3), and using (12) the ownership token for migrating the actor instance (5a1). A method in a blockchain entity (3), a method in a target runtime (2b), entities, computer programs and computer program products are also disclosed.

Abstract: An electronic device that has a user-interface locked state and a user-interface unlocked state communicates with an external device using wireless communication to facilitate unlocking of the electronic device.

Abstract: A method includes: obtaining, by a second terminal, an interface address of a first terminal, where the interface address of the first terminal is MAC1; receiving, by the second terminal, a first message sent by the first terminal, where an interface address of the first terminal in the first message is MAC3 obtained after a change, and the first message includes first identification information; and comparing, by the second terminal, the first identification information with second identification information, and if the first identification information is consistent with the second identification information, determining, by the second terminal, that the MAC3 in the first message and the MAC1 that is obtained by the second terminal are used to identify a same device, where the same device is the first terminal.

Abstract: A system for user-processing of data includes a processor, computer readable storage medium, and a program for generating an authorized response to a message in a network. Messages with content that relates to a group, sent by an originator via a network, are detected. The computer system determines that the message relates to the group by analyzing the message content. Members of the group are selected as designated senders to contribute to an authorized response for the group by analyzing the message. Selected designated senders are notified that they are selected to contribute to the authorized response. Initial responses to the originator from the designated senders are intercepted. The computer system combines the initial responses from the designated senders for generating a combined response as an authorized response for the group and sends the combined response to the originator via the network as the authorized response for the group.

Abstract: In a computer system implemented method for generating an authorized response to a message in a network, messages with content that relates to a group are sent by an originator via a network are detected. The computer system determines that the message relates to the group by analyzing the message content. Members of the group are selected as designated senders to contribute to an authorized response to the message for the group by analyzing the message. Selected designated senders are notified that they are selected to contribute to the authorized response and initial responses to the originator from the designated senders are intercepted. The computer system combines the initial responses from the designated senders for generating a combined response as an authorized response for the group and sends the combined response to the originator via the network as the authorized response for the group.

Abstract: In one aspect, the present disclosure relates to a method for improved security in a networked computing environment, the method comprising: receiving, from a user device, a registration request comprising a user identifier for a user; receiving, from the user device, user credentials to access one or more online accounts associated with the user; accessing the one or more online accounts to retrieve user activity data for the user; analyzing the retrieved user activity data to determine one or more merchants associated with the user; storing, in a database coupled to a server device, a mapping between the user and the one or more merchants; receiving, from a monitoring service, an indication that a first merchant of the one or more merchants has experienced a data breach; and sending a notification to the user in response to determining that the first merchant has experienced a data breach.

Abstract: Robotic customer service agents are provided such that, when properly authenticated, they are operable to perform a customer service task. A contact center may dispatch a robot, an accessory for a customer-owned robot, or instructions to transform an unconfigured robot, such as a generic robot, into a configured robot operable to perform the task. If the robot, such as the base or entire robot, robot at the service location, an associated user, hardware addition, and/or software addition is authentic, then the robot may be operated in an authenticated mode. If non-authenticated, then the robot may operate in a non-authenticated mode, such as one consisting of one or more tasks or features being disabled. Additionally, authentication may be temporary (e.g., time restricted) or event restricted (e.g., as long as a result stays within a given range, the robot is being observed, etc.).

Abstract: For a network including multiple computers acting as tunnel endpoints in a network, some embodiments provide a method for distributing data messages among processors of a destination computer that receives encrypted data messages from a source computer. Each computer in some embodiments has a set of interfaces configured as tunnel endpoints connecting to multiple tunnels. The encrypted data messages are received at multiple interfaces of the destination computer and in some embodiments, include an identifier for a set of encryption parameters (e.g., a security parameter index). The encryption-parameter-set identifier is used to distribute encrypted data messages among processors of the destination computer.

Abstract: Various examples relate to the configuration of enterprise workspaces that can be provided in computing devices. In some examples, a computing device is enrolled with a management service that controls operation of at least a portion of the computing device. A management component creates a user account with a distributor of the operating system based on an email address. The management component requests an authentication service to authenticate a user. The user account is associated with an enterprise workspace of the computing device.

Abstract: A server receives an association request initiated by a user of a first account. Based on the association request, an account identifier of a second account is identified. The first account is associated with the second account based on the account identifier. In response to associating the first account with the second account, a partial permission is granted to the first account for accessing the second account.

Abstract: Disclosed in some examples are methods, systems, devices, and machine-readable mediums for securing biometric data using an encryption technique that does not require key storage or distribution. In some examples, a first biometric template of a user is input into a function that selects or determines parameters (such as an encryption key) of an encryption function that is then used to encrypt a second biometric template of the user.

Abstract: A request to access a computing resource of a computing resource service provider is determined to be associated with specious data previously generated by the computing resource service provider. Information about an entity associated with the request is determined from the request. The information is provided to a breach detection system as notification of a potential attack against the computing resource service provider.

Abstract: A malware detection method for detecting client participation in malware activity, in respect of a target subjected to a given attack by a client system, which is operable to run a given host application is disclosed a given security service provider is configured, which is operably coupled to the client system, to make accessible given attack information that is reported by a given attack target. An attack status query is transmitted to the security service provider from an agent that is operably coupled to the client system. In response to receiving the attack status query, the security service provider is configured to send attack information reported in respect of a given attack target to the agent, and configuring the agent to diagnose whether its corresponding client system potentially comprises an attack source of the given attack subjected on the attack target, on a basis of the received attack information.

Abstract: A server receives an association request initiated by a user of a first account. Based on the association request, an account identifier of a second account is identified. The first account is associated with the second account based on the account identifier. In response to associating the first account with the second account, a partial permission is granted to the first account for accessing the second account.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for providing certifications.

Abstract: The present disclosure is directed to systems and methods for providing protection against replay attacks on memory, by refreshing or updating encryption keys. The disclosed replay protected computing system may employ encryption refresh of memory so that unauthorized copies of data are usable for a limited amount of time (e.g., 500 milliseconds or less). The replay protected computing system initially encrypts protected data prior to storage in memory. After a predetermined time or after a number of memory accesses have occurred, the replay protected computing system decrypts the data with the existing key and re-encrypts data with a new key. Unauthorized copies of data (such as those made by an adversary system/program) are not refreshed with subsequent new keys. When an adversary program attempts to use the unauthorized copies of data, the unauthorized copies of data are decrypted with the incorrect keys, which renders the decrypted data unintelligible.