Abstract: Disclosed herein are systems and methods that allow for secure access to websites and web-based applications and other resources available through the browser. Also described are systems and methods for invocation of a secure web container which may display data representative of a requesting party's application at a user's machine. The secure web container is invoked upon receipt of an API call from the requesting party. Thus, described in the present specification are systems and methods for constructing and destroying private, secure, browsing environments (a secure disposable web container), insulating the user and requesting parties from the threats associated with being online for the purposes of providing secure, policy-based interaction with a requesting party's online services.

Abstract: A computer-implemented method includes creating an account including an account value on an online service. The account value is modified periodically to activate a plurality of account values respectively associated with a plurality of times at which the plurality of account values were respectively activated on the account. A network-accessible data repository is scanned to detect a first value of the plurality of account values, the first value associated with a first time of the plurality of times at which the first value was activated. Responsive to detecting the first value a notification is provided indicating a data leak from the online service including an indication of when the data leak occurred based on the first time at which the first value was activated on the account and a second time at which a second value was activated on the account to replace the first value.

Abstract: An electronic device is disclosed, including a sensor module configured to recognize boarding and alighting of a passenger from the vehicle, a network interface configured to communicate with a mobile device disposed in the vehicle, a memory, storing a program including one or more instructions, and a processor. The processor implements a method, including: detecting alighting of the passenger using the sensor module, or when a mobile device disconnects from the network interface, determining, by the processor, a deletion level for data related to personal information of a passenger, the deletion level based on a use history information of the passenger, including a latest use time and a use frequency, and deleting the data from the memory according to the determined deletion level.

Abstract: The disclosed computer-implemented method for protecting user privacy may include (i) receiving an indication to protect a photo with privacy-protecting blurring, (ii) generating a blurred version of the photo, (iii) generating, based on the blurred version of the photo, a video that progressively de-blurs the photo, (iv) linking through metadata the blurred version of the photo and the video that progressively de-blurs the photo as a combined motion-photo-object, and (v) storing the combined motion-photo-object in a configured location such that a photo display program uses the blurred version of the photo as a preview of the motion-photo-object when browsing but plays the video that progressively de-blurs the photo in response to additional user input selecting the preview. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Systems, methods, and non-transitory computer-readable media can generate a natural language model that provides user-entity differential privacy. For example, in one or more embodiments, a system samples sensitive data points from a natural language dataset. Using the sampled sensitive data points, the system determines gradient values corresponding to the natural language model. Further, the system generates noise for the natural language model. The system generates parameters for the natural language model using the gradient values and the noise, facilitating simultaneous protection of the users and sensitive entities associated with the natural language dataset. In some implementations, the system generates the natural language model through an iterative process (e.g., by iteratively modifying the parameters).

Abstract: Methods, systems, and computer readable media for message validation in fifth generation (5G) communications networks are disclosed. One method occurring at a first network node of a first network comprises: obtaining, from at least one authentication and key agreement (AKA) procedure related message associated with a user device communicating via a second network, authentication information identifying the user device; storing the authentication information in a data store for validating subsequent messages; receiving a request message associated with the user device; determining, using the authentication information, that the request message is invalid; and in response to determining that the request message is invalid, performing an invalid message action.

Abstract: In some implementations, a device may train the model to generate embeddings for log files associated with an application, and to enable the model to generate embeddings for sensitive information included in a set of training log files. The device may receive a log file associated with the application. The device may generate a compressed log file including a set of embedding vectors associated with records included in the log file, where a record that includes sensitive information is associated with one or more embedding vectors for the sensitive information and one or more embedding vectors for other information included in the record. The device may store the compressed log file including the set of embedding vectors where a size of the compressed file is less than a size of the log file, and the embedding vectors obfuscate the records included in the log file.

Abstract: There are provided systems and methods for shared cryptogram generation during multi-party digital token processing. A service provider, such as an electronic transaction processor for digital transactions, may require tokenized data in order to protect sensitive or secure data, such as payment card data during electronic transaction processing. In this regard, the service provider may tokenize the data, which may require a cryptogram for validation of a corresponding digital token. The cryptogram may be generated based on input from multiple participants to the transaction, where a length of the cryptogram may be determined based on a risk score for the transaction. Each transaction participant may be assigned one or more slots or values in the cryptogram to provide based on the risk score and other rules for cryptogram generation. Each participant may provide corresponding portions, where the service provider may generate and backwards update the participants of the cryptogram.

Abstract: A non-transitory computer-readable recording medium having stored therein an information processing program that causes a computer to execute a process includes: extracting second data through executing a first process on first data including sensitive information; outputting fourth data obtained by executing the first process on third data, the third data being obtained by executing a second process to delete sensitive information on the first data; and determining, based on a result of comparing the second data with the fourth data, whether or not the first process uses sensitive information.

Abstract: A system and method for concealing sensitive information may include: receiving a screenshot from an application; generating an application model that identifies the application by automatically determining a respective position or location of part(s) of the screenshot; determining a part of the screenshot includes sensitive information, automatically concealing the sensitive information in the screenshot based application model to thus generate a modified screenshot, and recording the modified screenshot.

Abstract: Embodiments include wireless authentication devices, systems, and methods. A wireless authentication system can include an active wireless communication device including a first memory, first processing circuitry, and a first antenna, the first processing circuitry to produce an identifier request for an identifier (ID) and cause the first antenna to transmit the identifier request, receive the ID in a response to the identifier request, identify, based on the ID and data in the first memory, a location of a second memory to access, and produce an access request for the identified location of the second memory and cause the first antenna to transmit the access request.

Abstract: An information acquisition method and device includes: acquiring privacy-related information when calling, with a target application (App), an application programming interface (API) to acquire privacy information of a terminal, wherein the privacy-related information is associated with a process of the target App acquiring the privacy information; storing the privacy-related information; and reading, by a designated App, the privacy-related information stored in a preset time period, and uploading, by the designated App, the privacy-related information read to a server side.

Abstract: A method, a computer program product, and a system for binding post-quantum certificates to traditional certificates. The method includes selecting a traditional certificate in a certificate chain owned by an owner. The method also includes calculating a fingerprint of the traditional certificate. The method further includes generating a post-quantum certificate with identical information fields as the traditional certificate, and populating a serial number of the post-quantum certificate using the fingerprint. The post-quantum certificate acts as an extension of the first traditional certificate providing authentication and validation between a client and a server using post-quantum capable signing algorithms.

Abstract: A method and system protect personally identifiable information stored in an onboard computing system of a vehicle to improve data security of drivers. The method and system are each configured to automatically trigger a deletion or encryption of personal data stored in the motor vehicle in response to an event or other information indicating that the vehicle is outside of the custody of the owner or some other loss of control event.

Abstract: Methods, apparatus and computer program product for protecting a confidential integrated circuit design process.

Abstract: A method for partially unmasking an object in a video stream comprises: displaying a first video stream in which objects are covered by privacy masks; receiving user input regarding a selection of an object being covered by a privacy mask, wherein the object has a first portion being associated with a first privacy level and a second portion being associated with a second, higher, privacy level; checking that a permission associated with the user input grants access to video data depicting object portions being associated with the first privacy level; giving access to video data depicting the first portion of the object; and displaying a second video stream which differs from the first video stream in that it includes the video data depicting the first portion of the object, while the second portion of the object is still covered by a privacy mask.

Abstract: The invention relates to a method and system for estimating layers on electrodes in an annular, circular symmetric, multiphase pipe flow the pipe including a set of electrodes being evenly distributed along the inner pipe circumference. The method comprises the steps of measuring the impedance between each electrode and the other electrodes and obtaining a set of impedance values, the impedance values being categorized depending on the distance between the measuring electrodes, the impedance categories thus representing layers ranging from close to the pipe wall to the pipe center. The method also includes a precomputed model of a range of expected impedance values in the annular, circular symmetric fluid flow based on known fluid properties.

Abstract: Examples of the present disclosure describe systems and methods for identifying anomalous network behavior. In aspects, a network event may be observed network sensors. One or more characteristics may be extracted from the network event and used to construct an evidence vector. The evidence vector may be compared to a mapping of previously-identified events and/or event characteristics. The mapping may be represented as one or more clusters of expected behaviors and anomalous behaviors. The mapping may be modeled using analytic models for direction detection and magnitude detection. One or more centroids may be identified for each of the clusters. A “best fit” may be determined and scored for each of the analytic models. The scores may be fused into single binocular score and used to determine whether the evidence vector is likely to represent an anomaly.

Abstract: A controller device within a home network (or any suitable network) can be configured to manage network access tokens for various accessory devices within the home network. These network access tokens can be used by the accessory devices to access the home network without needing the network owner's network password. The network access tokens can be revocable and/or for a limited time. The controller device can generate the network access tokens, and can provide them to the accessory devices (or other user devices) as well as to an access device on the home network. Once the access device is provisioned with the accessory device's network access token, the router can control whether the accessory device is to be granted access to the home network and for how long.

Abstract: A system for wearable authentication and management is disclosed. In particular, the system may include identifying and authenticating a user through biometric data or movement signatures specific to the wearer of a wearable device. Once the user and wearable device are authenticated, the system may activate and provision connectivity services for the wearable device, associate the device with a device ecosystem of the user, and push predefined settings to the wearable device. Additionally, the system may deliver communications that are transmitted to other devices in the device ecosystem to the wearable device while the wearable device is worn by the user. If the user no longer wears the wearable device or the wearable device is not utilized for a period of time, the system may deactivate the connectivity services for the wearable device and remove any settings pushed to the wearable device.