Abstract: A method for testing a software application program (22) includes storing in a vulnerability database records of security vulnerabilities identified in execution of the program. Each record includes a location field containing a respective signature indicative of a location in the execution at which a corresponding security vulnerability was detected and a metadata field indicative of a respective control flow path on which the corresponding security vulnerability occurred. Upon detecting a further security vulnerability at a given location in a subsequent execution of the program, a new signature of the given location is computed and compared to the location field of the records in the database. When no record is found to match the new signature, an indication is output to a developer of the program of an occurrence of a new security vulnerability.

Abstract: A method, a system and a computer program product are provided for identity authentication. A personal identity information indicative of an identity is received. A plurality of questions, is presented, each of the questions being related to an aspect of features of the password associated with the personal identity information. The A responsive answer is received to the questions including individual answers to the questions. The identity is authenticated in response to determining that the responsive answer is correct.

Abstract: Method and apparatus for using machine learning to monitor biometric data to provide intelligent alerts are provided. At a first moment in time, first biometric data for a plurality of users are received from a plurality of sensor devices. A group metric is generated by processing the first biometric data using at least one trained machine learning model, and it is determined that the group metric does not satisfy one or more predefined criteria. At a second moment in time, second biometric data for the plurality of users is received from the plurality of sensor devices, and an updated group metric is generated by processing the second biometric data using the at least one trained machine learning model. Upon determining that the updated group metric satisfies the one or more predefined criteria, an indication is provided that the one or more predefined criteria have been satisfied.

Abstract: Systems and methods for providing access to media content by connecting, to a public device, a private device that has installed a mirror-capable application associated with the media content. A media guidance application may receive a communication from a private device, with a private interface application and a public interface application, wherein the communication is a request to access content using the public device. In response, the media guidance application may request, at the public device, the public interface application from the private device. The private device may thus transmit the public interface application with user authorization information to the public device. The private interface application may be configured to mirror the graphical user interface of the public interface application. Accordingly, the user may be able to access content via the public device and mirror the content on the private device, when the private device is within a predetermined proximity to the public device.

Abstract: Systems and methods for providing access to media content by connecting, to a public device, a private device that does not have an installed application associated with the media content. A media guidance application may receive a communication from a private device requesting to access content using the public device. In response, the media guidance application may retrieve, at the public device, a public interface application and private interface application from a content provider of the content. The private interface application, which may be configured to control a graphical user interface of the public interface application, may then be transmitted to the private device. Accordingly, the user may be able to access content via the public device when the private device is within a predetermined proximity to the public device.

Abstract: An authentication apparatus according to the present application includes an acquiring unit, a first specifying unit, a second specifying unit, and an authentication unit. The acquiring unit acquires context information on a target user who becomes a target for authentication. The first specifying unit specifies a belonging cluster based on information related to a plurality of cluster groups and the context information on the target user, in each of the plurality of the cluster groups. The second specifying unit specifies, for each belonging cluster based on a classification model used to specify a predetermined candidate user in the belonging cluster specified by the first specifying unit, a candidate user, in a partial candidate user group that belongs to the belonging cluster, who satisfies a predetermined condition. The authentication unit authenticates the target user based on information related to the candidate user specified by the second specifying unit.

Abstract: Binding a public cloud account and a personal cloud account is described. A pre-approval list indicates that a user's public cloud account and personal cloud account are approved for binding. A copy of the pre-approval list is stored on the personal cloud device; another copy is stored on the public cloud service. The user logs into the public cloud account using a client device. Based on the pre-approval list stored on the public cloud service, the client device obtains information identifying the user's personal cloud account. The personal cloud device verifies the pre-approval of the binding based on the pre-approval list stored on the personal cloud device. The personal cloud device transmits a verification to the public cloud service. Each of the public cloud service and the personal cloud device stores information indicating the binding.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically and securely augment participants in programmatically established chatbot sessions. For example, an apparatus may obtain messaging data generated during a first communications session involving a first device and based on the messaging data, detecting an occurrence of an event that triggers an establishment of a second communications session involving the first device and a second device. The apparatus may generate and transmit, to the second device, notification data causing the second device to validate one or more authentication credentials, and may receive confirmation data indicative of the one or more validated authentication credentials from the second device. Based on the confirmation data, the apparatus may perform operations that establish the second communications session in accordance with at least a portion of the messaging data.

Abstract: Methods and systems for network-based user authentication are provided. In one embodiment, a method is provided that include receiving a request to connect to a local network. The request may be received from a user device and may include a user device identifier. The method may then include allowing the user device to connect to the local network and create a partial identity of a user of the user device. The partial identity may include a plurality of identification factors associated with the user. The method may then include monitoring network activities of the user device and updating the partial identity based on the monitored network activities.

Abstract: Various approaches for coordinating edge computing transactions are described, based on the generation and verification of fine-grained timestamp values among distributed computing entities in an edge computing system. In an edge computing system, an edge computing device performs operations to obtain transaction data, a timestamp, and a timestamp signature for a transaction, with the timestamp generated from a secure (and attestable) timestamp procedure that is coordinated with another entity (including via a network-coordinated timestamp synchronization). This timestamp is verified by the device based on the timestamp signature and the transaction data for the transaction, and the transaction is conducted (e.g., using a value of the timestamp) at the device or elsewhere in the system based on successful verification.

Abstract: An apparatus and method for creating a finite blockchain is provided. The blockchain comprises a genesis block that is the first block of the blockchain. The genesis block comprising a genesis expiry time. The method comprises the steps of creating a reincarnation block when a predefined condition is satisfied and appending it to the blockchain; determining whether the genesis expiry time has elapsed based on an expiry period; if the genesis expiry time has elapsed then identifying a first reincarnation block; if the first reincarnation block is identified then deleting all the blocks preceding the first reincarnation block including the genesis block in the block chain.

Abstract: Various embodiments are generally directed to utilizing a steganographically encoded image with an offline and/or online verification or authentication protocol. A method for using the steganographic image can include: receiving or utilizing a steganographic image associated with a user at a third-party device, the steganographically encoded image including an identification of a user steganographically encoded with a fingerprint template of the user, and authenticating the user using the steganographically encoded image.

Abstract: A computer storage array detects and counters denial of service (DoS) attacks. The computer storage array provides one or more remote initiators with access to one or more storage devices connected to the computer storage array. According to an example embodiment, the computer storage array includes: a computer processor configured to run an operating system for managing networking protocols; a networking device configured to monitor and route network traffic, at a packet level to, and from the storage devices; a baseboard management controller (BMC) configured to detect a DoS attack based on monitoring of statistics of the network traffic by the networking device; a PCIe switch connecting the BMC with each of the storage devices via a PCIe bus; and a computer motherboard to which the computer processor, networking device, BMC and PCIe switch are installed.

Abstract: A method for downloading a profile by a terminal and the terminal for performing the same are provided. The method includes acquiring information including an access token for transmitting a profile request to a profile server, transmitting a first message including the access token and a universal integrated circuit card (UICC) information of the terminal to the profile server, receiving a second message including a verification result from the profile server, and receiving a profile package corresponding to the access token from the profile server. The present disclosure relates to a communication method and system for converging a 5th-Generation (5G) communication system for supporting higher data rates beyond a 4th-Generation (4G) system with a technology for internet of things (IoT). The present disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technology.

Abstract: A computer-implemented method, according to one embodiment, includes: receiving a data volume having data from multiple tenants therein. Data in the data volume is separated into objects using tenant identifiers from metadata corresponding to portions of the data, where each object corresponds to a respective tenant. The objects are stored in object storage, and the metadata is updated with information pertaining to the object which the data in the data volume was separated into. Moreover, updating the metadata with the information is performed after the data in the data volume has been separated. Other systems, methods, and computer program products are described in additional embodiments.

Abstract: A method of a communication device of requesting data of a destination network node via at least one intermediate node in a service chain. The method comprises acquiring a secret session key configured to subsequently verify authenticity of the requested data and first seed data to be used by the at least one intermediate node and the destination node to generate the session key, transmitting the data request, an indication of the service chain to be traversed, and the first seed data to a next-hop node in the service chain, receiving, in response to the forwarded data request, the requested data having been provided with an indication of authenticity by the next-hop node, and verifying the authenticity of the received data using the acquired session key, wherein the received requested data is considered authenticated.

Abstract: In one embodiment, an apparatus includes: a memory encryption circuit to encrypt data from a protected device, the data to be stored to a memory; and a filter circuit coupled to the memory encryption circuit, the filter circuit including a plurality of filter entries, each filter entry to store a channel identifier corresponding to a protected device, an access control policy for the protected device, and a session encryption key provided by an enclave, the enclave permitted to access the data according to the access control policy, where the filter circuit is to receive the session encryption key from the enclave in response to validation of the enclave. Other embodiments are described and claimed.

Abstract: Disclosed herein are methods, devices, and apparatuses, including computer programs stored on computer-readable media, for automatic blockchain deployment. One of the methods includes: causing a virtual computing environment to be created at a computer, the computer connecting to a cloud platform; generating an initial block of a blockchain transmitting the initial block of the blockchain to the cloud platform; causing the blockchain to be initialized at the virtual computing environment; and after initialization of the blockchain is completed, monitoring the blockchain based on the cloud platform.

Abstract: Methods, non-transitory computer readable media, and network traffic manager apparatus that assists with dynamically managing user access control includes receiving a request to access one or more applications from a client. Client data associated with the client and monitored application access traffic data between the client and a server for the one or more applications is obtained. One or more access control checks and an enforcement order is determined based on the obtained client data and the monitored application access traffic data. The determined one or more access control checks is applied on the client in the determined enforcement order. Access to the requested one or more applications are provided when the applied one or more access control checks authenticate the received request.

Abstract: A system for detecting whether a file including content s associated with a cyber-attack is described. The content may include an executable file for example. The system includes an intelligence-driven analysis subsystem and a computation analysis subsystem. The intelligence-driven analysis subsystem is configured to (i) receive the file, (ii) inspect and compute features of the file for indicators associated with a cyber-attack, and (iii) produce a first output representing the detected indicators. The computational analysis subsystem includes an artificial neural network to (i) receive a network input being a first representation of at least one section of binary code from the file as input, and (ii) process the first representation of the section to produce a second output. The first output and the second output are used in determination a classification assigned to the file.