Abstract: Various embodiments of the present disclosure can include systems, methods, and non-transitory computer readable media configured to aggregate a plurality of threat signatures from a plurality of threat signature data sources. The bit stream data is analyzed, based on the plurality of threat signatures, to detect a first threat in the bit stream data. A result of analyzing the bit stream data is logged as threat analysis log data. The threat analysis log data is analyzed to detect a second threat in the bit stream data. The threat analysis log data may be analyzed based on a heuristic. An action is triggered based on analysis of the bit stream data, or based on heuristic analysis of the threat analysis log data.

Abstract: A system, and methods, for transmitting encrypted information as a quantum transmission between a first node and a second node, or among more than two nodes. Each node is characterized by an instantaneous spatial position, and the instantaneous spatial position of the second node is repositionable within a frame of reference associated with the first node. A hovering drone is adapted either for running a quantum key transmission protocol in secure communication with the first node, and/or for running a quantum key reception protocol in secure communication with the second node. Either drone may serve as a relay of optical data between a base station and another drone. Secure communication among more than two nodes may be reconfigured.

Abstract: A system and method for operating an edge compute advisory system comprising a network adapter to receive a compute work request from a client device seeking edge computing resources of a mobile edge computing system, wherein the compute work request includes processing resource requirements to meet the compute work request. A processor to determine a plurality of mobile edge computing systems within a neighborhood range of an estimated client device location, and the network adapter to receive advertisement messages indicating availability of the plurality of mobile edge computing systems and including an address location for secured historical compute trust references for each advertising mobile edge computing system.

Abstract: Systems and methods for providing computer system monitoring as a service of a computing resource service provider, monitoring capacity computer system of a customer of the computing resource service provider, and based on the request, launching a monitoring agent in a protected execution environment in which the monitoring agent is configured to generate an assessment of the computer system and provide the assessment of the computer system.

Abstract: Context-based authentication in a secure network comprised of multiple interconnected programmable devices is described. One technique includes receiving, from a programmable device, identity data and contextual data associated with a current authentication of a user attempting to access a secure network. The user is associated with the programmable device. The technique may include determining, based on the identity data and the contextual data, one or more patterns associated with the current authentication of the user. Furthermore, a risk level associated with the current authentication of the user may be determined based on the identity data, the contextual data, and the one or more patterns. In at least one scenario, access is granted to the secure network in response to the determined risk level. Other advantages and embodiments are described.

Abstract: A method for emulating at least one resource in a host computer to a querying hosted code. The method comprises monitoring a plurality of operating system (OS) queries received from a plurality of code executed on a monitored computing unit, the plurality of OS queries are designated to an OS of the monitored computing unit, detecting among the plurality of OS queries at least one query for receiving at least one characteristic of at least one resource of the monitored computing unit among the plurality of OS queries, the at least one query is received from querying code of the plurality of code, preparing a response of the OS to the at least one query, the response comprising a false indication at least one false characteristic of the at least one resource, and sending the response to the querying code in response to the at least one query.

Abstract: A component for processing a datum requiring protection, which component implements at least one security function for protecting the datum requiring protection, and a method for implementing a security function for protecting a datum requiring protection in such a component. The datum requiring protection is assigned to a protection target class. The security function includes at least one protective measure from a selection of protective measures associated with the protection target class.

Abstract: The invention relates to a method for establishing a virtual private network between local area networks, each local area network comprising at least one access gateway to a public network and a unit comprising a VPN client, the method comprising the following steps carried out each time a unit is powered on: sending, by the unit, of at least one connection message to an infrastructure connected to the public network and comprising at least one intermediate server, each connection message passing through a respective gateway of the local area network; reception, by the infrastructure, of each connection message; and determination of topology data identifying each bridge of the local area network in which the unit is placed, the method further comprising the following steps carried out for a plurality of units: instancing, by a predetermined intermediate server of the infrastructure, of a VPN server associated with the plurality of units; establishing an encryption tunnel between the VPN server and the VPN cli

Abstract: An apparatus and/or method secures session communications between a first network (having a first encryption device configured to encrypt at least some session communications from the first network to the second network) and a second network. The apparatus and/or method receive, at the first network, given session packets of a given session between the first and second networks, and determine that at least one of the received given session packets is encrypted (“encrypted given session packet”). The given session involves a Layer 7 application that encrypted the at least one encrypted given session packet. Next, the apparatus and/or method controls, in response to determining that the given session packet is encrypted, the first encryption device to permit communication of the given session with the second network without further encrypting a plurality of the encrypted given session packets. Preferably, the first encryption device encrypts none of the given session packets.

Abstract: In one embodiment, a method of secure network transmission is performed by a computer system. The method includes encrypting a payload via a first symmetric key and encrypting the first symmetric key via a second symmetric key. The method further includes encrypting an author header comprising the encrypted first symmetric key and a recipient list via a third symmetric key, wherein the recipient list comprises at least one recipient. The method also includes encrypting the third symmetric key via a public asymmetric key associated with an authentication server. Furthermore, the method includes transmitting the encrypted author header and the encrypted third symmetric key to the authentication server for use in recipient-initiated pre-access authentication. In addition, the method includes transmitting the encrypted payload and the second symmetric key over a computer network to the at least one recipient.

Abstract: This application discloses an electronic system including active circuitry configured to be selectively enabled for authorized number of times. The electronic system also includes security circuitry to detect an enablement event associated with the electronic system. The enablement event can correspond to reception of a reset signal associated with the electronic system, a lapse of a predetermined time period, or the like. In response to the detection of the enablement event, the security circuitry can determine a number of times the security circuitry has previously enabled the active circuitry. The security circuitry can generate the enablement signals capable of enabling the active circuitry when the determined number of times the security circuitry has previously enabled the active circuitry is fewer than the authorized number of times.

Abstract: Provided are an electronic system, an integrity verification device, and a method of performing an integrity verification operation.

Abstract: Embodiments are directed to monitoring network traffic. A monitoring engine may monitor network traffic associated with entities in one or more networks. A device relation model may be provided based on the entities and the network traffic. An inference engine associate the entities with privilege levels based on the device relation model based on an amount of access or an amount of control that source entities exert over the target entities. An anomaly engine may determine one or more interactions between the source entities and the target entities based on the monitored network traffic. The anomaly engine may generate escalation events based on the interactions associated with the source entities and the target entities where the target entities have a higher privilege level than the source entities. The anomaly engine may provide the escalation events to one or more users.

Abstract: A system and method for filtering detected anomalies in cloud service usage activities associated with an enterprise uses a trusted location analysis to filter detected anomalies. The locations from which the cloud usage activities are made are analyzed and designated as trusted or non-trusted. The trusted location determination is used to filter the detected anomalies that are associated with trusted locations and therefore may be of low risk. In this manner, actions can be taken only on detected anomalies that are associated with non-trusted locations and therefore may be high risk. The system and method of the present invention enable security incidents, anomalies and threats from cloud activity to be detected, filtered and annotated based on the location heuristics. The trusted location analysis identifies trusted locations automatically using cloud activity usage data and does not rely on potentially unreliable location data from user input.

Abstract: A first private key used by a device is replaced by a second private key, the first private key having an associated public key. The second private key is secured based on the associated public key and communicated to replace the first private key at the device. The device receives the second private key. The first private key is secured by a secret, and the device uses the secret to decrypt the first private key. The second private key is then encrypted using the decrypt first private key.

Abstract: Embodiments of the invention are directed to methods, systems and devices for providing sensitive user data to a mobile device using an encryption key. For example, a mobile application on a mobile device may receive encrypted sensitive user data from a mobile application server, where the user sensitive data is encrypted with a key from a token server computer. The mobile application may then request that the encrypted payment information be sent to the token server. The mobile device may then receive a payment token associated with the payment information from the token server.

Abstract: Control systems and methods for providing a user with access to an external device via a communication network are provided, in which the external device is connected to a first port having lines including at least one power line and at least one data line, first and second of the lines being connected to a first switch and a second switch, respectively, of a first set of switches. A representative method includes: operating in an access-denied mode, in which one of the first set of switches is open to electrically disable the first port; receiving access request information requesting access to communicate with the external device; determining whether the user is authorized access; if the user is authorized access, providing the user an approval code; and in response to receiving login information and the approval code from the user, operating in the access-approved mode, in which the first port is enabled for a predetermined time period.

Abstract: A method, a computing system and a computer program product are provided. A link for use by a user to access a file is created. Content of the file is encrypted using a common key. The common key is encrypted using a public key of the user and is registered in the link. Access rights regarding the file are set for the user and registered in the link. The link includes information for use by the user to access the file when the access rights indicate that the user is authorized to access the file.

Abstract: A method of executing a program by a processor, and an electronic entity including such a processor, the method includes the following steps: a calling program calling a subprogram and passing at least one parameter; the subprogram determining a return status indicator; the subprogram determining a return word by using a predetermined function to combine at least the return status indicator and the parameter; returning to the calling program with the determined return word as a result; and the calling program comparing the return word and a determined word determined by using the predetermined function to combine at least one possible value of the return status indicator and the parameter passed when calling the subprogram.

Abstract: The present invention relates to a method for processing data in a communication device comprising a host and a security module associated with this host. This method comprises the steps of generating, by the security module, a plurality of initial keys from an initial keys generation function, and of transmitting said plurality of initial keys to said corresponding host. For each initial key received by the host, the method comprises a step of generating a plurality of encryption keys by an extension module of said host, by using an extension function. The method further comprises the steps of receiving the data to be processed by said host and of combining said data to be processed with said encryption keys, in a combination module of said host.