Abstract: A non-transitory computer-readable recording medium having stored therein an information processing program that causes a computer to execute a process includes: extracting second data through executing a first process on first data including sensitive information; outputting fourth data obtained by executing the first process on third data, the third data being obtained by executing a second process to delete sensitive information on the first data; and determining, based on a result of comparing the second data with the fourth data, whether or not the first process uses sensitive information.

Abstract: A system and method for concealing sensitive information may include: receiving a screenshot from an application; generating an application model that identifies the application by automatically determining a respective position or location of part(s) of the screenshot; determining a part of the screenshot includes sensitive information, automatically concealing the sensitive information in the screenshot based application model to thus generate a modified screenshot, and recording the modified screenshot.

Abstract: Embodiments include wireless authentication devices, systems, and methods. A wireless authentication system can include an active wireless communication device including a first memory, first processing circuitry, and a first antenna, the first processing circuitry to produce an identifier request for an identifier (ID) and cause the first antenna to transmit the identifier request, receive the ID in a response to the identifier request, identify, based on the ID and data in the first memory, a location of a second memory to access, and produce an access request for the identified location of the second memory and cause the first antenna to transmit the access request.

Abstract: An information acquisition method and device includes: acquiring privacy-related information when calling, with a target application (App), an application programming interface (API) to acquire privacy information of a terminal, wherein the privacy-related information is associated with a process of the target App acquiring the privacy information; storing the privacy-related information; and reading, by a designated App, the privacy-related information stored in a preset time period, and uploading, by the designated App, the privacy-related information read to a server side.

Abstract: A method, a computer program product, and a system for binding post-quantum certificates to traditional certificates. The method includes selecting a traditional certificate in a certificate chain owned by an owner. The method also includes calculating a fingerprint of the traditional certificate. The method further includes generating a post-quantum certificate with identical information fields as the traditional certificate, and populating a serial number of the post-quantum certificate using the fingerprint. The post-quantum certificate acts as an extension of the first traditional certificate providing authentication and validation between a client and a server using post-quantum capable signing algorithms.

Abstract: A method and system protect personally identifiable information stored in an onboard computing system of a vehicle to improve data security of drivers. The method and system are each configured to automatically trigger a deletion or encryption of personal data stored in the motor vehicle in response to an event or other information indicating that the vehicle is outside of the custody of the owner or some other loss of control event.

Abstract: Methods, apparatus and computer program product for protecting a confidential integrated circuit design process.

Abstract: A method for partially unmasking an object in a video stream comprises: displaying a first video stream in which objects are covered by privacy masks; receiving user input regarding a selection of an object being covered by a privacy mask, wherein the object has a first portion being associated with a first privacy level and a second portion being associated with a second, higher, privacy level; checking that a permission associated with the user input grants access to video data depicting object portions being associated with the first privacy level; giving access to video data depicting the first portion of the object; and displaying a second video stream which differs from the first video stream in that it includes the video data depicting the first portion of the object, while the second portion of the object is still covered by a privacy mask.

Abstract: The invention relates to a method and system for estimating layers on electrodes in an annular, circular symmetric, multiphase pipe flow the pipe including a set of electrodes being evenly distributed along the inner pipe circumference. The method comprises the steps of measuring the impedance between each electrode and the other electrodes and obtaining a set of impedance values, the impedance values being categorized depending on the distance between the measuring electrodes, the impedance categories thus representing layers ranging from close to the pipe wall to the pipe center. The method also includes a precomputed model of a range of expected impedance values in the annular, circular symmetric fluid flow based on known fluid properties.

Abstract: Examples of the present disclosure describe systems and methods for identifying anomalous network behavior. In aspects, a network event may be observed network sensors. One or more characteristics may be extracted from the network event and used to construct an evidence vector. The evidence vector may be compared to a mapping of previously-identified events and/or event characteristics. The mapping may be represented as one or more clusters of expected behaviors and anomalous behaviors. The mapping may be modeled using analytic models for direction detection and magnitude detection. One or more centroids may be identified for each of the clusters. A “best fit” may be determined and scored for each of the analytic models. The scores may be fused into single binocular score and used to determine whether the evidence vector is likely to represent an anomaly.

Abstract: A controller device within a home network (or any suitable network) can be configured to manage network access tokens for various accessory devices within the home network. These network access tokens can be used by the accessory devices to access the home network without needing the network owner's network password. The network access tokens can be revocable and/or for a limited time. The controller device can generate the network access tokens, and can provide them to the accessory devices (or other user devices) as well as to an access device on the home network. Once the access device is provisioned with the accessory device's network access token, the router can control whether the accessory device is to be granted access to the home network and for how long.

Abstract: A system for wearable authentication and management is disclosed. In particular, the system may include identifying and authenticating a user through biometric data or movement signatures specific to the wearer of a wearable device. Once the user and wearable device are authenticated, the system may activate and provision connectivity services for the wearable device, associate the device with a device ecosystem of the user, and push predefined settings to the wearable device. Additionally, the system may deliver communications that are transmitted to other devices in the device ecosystem to the wearable device while the wearable device is worn by the user. If the user no longer wears the wearable device or the wearable device is not utilized for a period of time, the system may deactivate the connectivity services for the wearable device and remove any settings pushed to the wearable device.

Abstract: In various embodiments, there is provide a method for organizing devices in a policy hierarchy. The method includes creating a first node. The method further includes assigning a first policy to the first node. The method further includes creating a second node, the second node referencing the first node as a parent node such that the second node inherits the first policy of the first node.

Abstract: Techniques, for secure processing of encrypted data on public resources, include receiving first data indicating a sequence of reversible q-bit gates including a first segment for decrypting, a second segment for operating on the decrypted data, and a third segment for encrypting the resulting data. Second data indicates rules for replacing a first sequence of two gates operating on at least one shared bit of an input N-bit word with a different second sequence of one or more gates that produce the same output N-bit word. The second data is used to propagate: a gate from the first segment a distance into the second segment or beyond; and, a gate from the third segment a distance into the second segment or before. This produces an obfuscated sequence of reversible gates. Obfuscated instructions based on the obfuscated sequence of gates are sent to the public resources.

Abstract: The present disclosure relates to a concept of proximity detection. A sequence of keystrokes is captured when a person types on a keyboard placed on a support structure. A sequence of vibrations of the support structure in response to typing on the keyboard is captured with a sensor device associated with a user or a location and in contact with the support structure in proximity to the keyboard. The proximity between the person and the sensor device is checked based on a comparison of the captured sequence of keystrokes with the captured sequence of vibrations.

Abstract: Examples pertaining to indication of additional security capabilities using non-access stratum (NAS) signaling in 5th Generation (5G) mobile communications are described. A processor of an apparatus (e.g., a user equipment (UE)) transmits an initial NAS message to a communication entity of a 5G mobile network. The processor then receives a message from the communication entity responsive to the transmitting, the message comprising an additional 5G security parameter information element (IE). The processor proceeds to perform a security mode control procedure using information contained in the additional 5G security parameter IE pertaining to at least one 5G security parameter.

Abstract: In one embodiment, a device in a network detects an encrypted traffic flow associated with a client in the network. The device captures contextual traffic data regarding the encrypted traffic flow from one or more unencrypted packets associated with the client. The device performs a classification of the encrypted traffic flow by using the contextual traffic data as input to a machine learning-based classifier. The device generates an alert based on the classification of the encrypted traffic flow.

Abstract: A computer implemented method for decrypting an encrypted data store at a target computer system, the data store being encrypted by a ransomware algorithm using a searchable encryption algorithm, the method including determining an encryption algorithm used by the ransomware algorithm; determining seed parameters used by the encryption algorithm to generate an encryption key; generating the encryption key using the seed parameters; and decrypting the encrypted data store.

Abstract: Disclosed are systems and methods for secure selection of a user profile in a shared context. For example, a method may include: determining, by one or more processors, an association between a user device and a shared user profile; determining, by the one or more processors, that the user device is within a predetermined proximity of a multiuser device; determining, by the one or more processors, the shared user profile associated with the user device as a result of determining that the user device is within the predetermined proximity of the multiuser device; receiving, by the one or more processors, biometric verification from the first user; and activating, by the one or more processors, the first specific user profile associated with the first user on the multiuser device as a result of determining that the first user has successfully provided biometric verification.

Abstract: A method and apparatus for establishing a trust relationship between users is disclosed. The apparatus includes at least two user devices containing the Application, a service provider server (SPS) comprising an application programming interface (API), a network communicably coupling the sender device, the receiver device and the SPS, and an out-of-band (OOB) channel, separate from the network, communicably coupling the sender device and the receiver device. The method includes obtaining a receiver's Public Key provided by an Application Programming Interface (API) on an service provider server, encrypting a verification message with the Receiver's Public key and the Sender's Private Key, sending the encrypted verification message from the Sender's device to the Receiver's device through the out-of-band channel, decrypting the encrypted verification message using Receiver's Private Key and Sender's Public Key, and communicating decrypted verification message via out-of-band channel.