Abstract: Systems and methods for providing access to media content by connecting, to a public device, a private device that has an installed application associated with the media content. A media guidance application may receive a communication from a private device, running a private interface application, requesting to access content using the public device. In response, the media guidance application may retrieve, at the public device, a public interface application associated with the private interface application, from a content provider of the content. The private interface application may be configured to control a graphical user interface of the public interface application. Accordingly, the user may be able to access content via the public device when the private device is within a predetermined proximity to the public device.

Abstract: Systems and processes are described for a message service with distributed key caching for server-side encryption. Message requests are received by message handlers of the message service that cache data encryption keys used to encrypt and decrypt messages that are stored to message containers in back end storage. A metadata service obtains the data encryption keys from a key management service, caches the keys locally, and sends the keys to the message handlers upon request, where the keys are cached, again. The key management service may generate the data encryption keys based on a master key (e.g., a client's master key). The message handlers may send both message data encrypted using the data encryption key and an encrypted copy of the data encryption key to be stored together in the data store.

Abstract: Methods and systems to improve coupling and cohesion of at least one educational program are provided. In some examples, the methods and systems include at least one educational program, where the at least one educational program comprises a first application programming interface (API) that is configured to be coupled to a second API of an internet enabled electronic device in a restricted state and partially decoupled in an unrestricted state.

Abstract: A malware family identification engine constructs a graph data structure of direct relationships between malware instances and malware families, direct relationships between malware instances and detected tags, and indirect relationships between detected tags and malware families. The engine builds a dictionary data structure comprising detected tag entries linking each detected tag to one or more malware family nodes based on the graph data structure. The engine identifies significant indirect entities (SIEs) within the detected tag entries of the dictionary data structure and selects a SIE with a highest number of out-going links (OGLs) as a root node in a family tree data structure, recursively connects SIEs with a number of OGLs less than the highest number of OGLs to the root node in the family tree data structure, and converts each SIE name in the family tree data structure to a chained family entity name in the family tree data structure.

Abstract: Disclosed are methods for automatic retrieving and managing assets information in a network. The method includes identifying, defining, and valuing stored assets in a network. An asset is defined and identified by assigned values that include criticality values, resiliency values, granularity values, and freshness values that may be selected from a predefined set of values. The assets are valued by an overall quality score that is determined through computerized data processing and optimized by updating asset properties.

Abstract: Various aspects of methods, systems, and use cases for verification and attestation of operations in an edge computing environment are described, based on use of a trust calculus and established definitions of trustworthiness properties. In an example, an edge computing verification node is configured to: obtain a trust representation, corresponding to an edge computing feature, that is defined with a trust calculus and provided in a data definition language; receive, from an edge computing node, compute results and attestation evidence from the edge computing feature; attempt validation of the attestation evidence based on attestation properties defined by the trust representation; and communicate an indication of trustworthiness for the compute results, based on the validation of the attestation evidence. In further examples, the trust representation and validation is used in a named function network (NFN), for dynamic composition and execution of a function.

Abstract: Disclosed are various embodiments of method and system for network access control. The method may involve traffic monitoring and vulnerability detection using process information. The system may analyze the vulnerability as a process malfunctioning where preventive action focuses on process blocking as opposed to host blocking, which can lead to improved performance and productivity of a network. Techniques may use process related information, connection information, and network packet information for network control. The information may be used to identify and detect a known vulnerability in network activities. Techniques may further transmit, in response to the detection, an authorization decision regarding allowing or blocking the process running on the host.

Abstract: A system and method for controlling recall of a product in a computer network. A pair of product keys can be assigned to the product including a private product key and a public product key. A pair of product recall keys can be assigned to a product recall, including a private product recall key and a public product recall key. A data processing device assigned to a manufacturer in the computer network can be configured to print a matrix code on the product and generate a recall transaction assigned to the product indicating a recall request for the product. The data processing device can sign the recall transaction with the private product recall key and a private manufacturer key. A second data processing device is configured to scan the printed matrix code on the product and provide the public product recall key by decrypting the printed matrix code.

Abstract: Systems and methods are provided for implementing swarm learning while using blockchain technology and election/voting mechanisms to ensure data privacy. Nodes may train local instances of a machine learning model using local data, from which parameters are derived or extracted. Those parameters may be encrypted and persisted until a merge leader is elected that can merge the parameters using a public key generated by an external key manager. A decryptor that is not the merge leader can be elected to decrypt the merged parameter using a corresponding private key, and the decrypted merged parameter can then be shared amongst the nodes, and applied to their local models. This process can be repeated until a desired level of learning has been achieved. The public and private keys are never revealed to the same node, and may be permanently discarded after use to further ensure privacy.

Abstract: A method and apparatus for cryptographically linking separated authentication and authorization processes to support data transaction signing when group or corporate authority structures are required. The apparatus provides a secure, scalable model to represent authority in an entity context while conducting distributed ledger technology transactions. The method supports a range of cryptographic methods for separating the linked authentication and authorization processes including split key encryption, multi-party computation, multi-signature authorization, and execution of decentralized smart contract authorization logic. The method supports multiple models for authorization including organizational structures, consensus models including voting, and workflow processes.

Abstract: There may be provided a computer-implemented method. It may be implemented using a blockchain such as, for example, the Bitcoin blockchain. The computer-implemented method includes: i) joining a congress by transferring, by a node operating in a proof-of-work blockchain network, one or more digital assets to a congress pool having one or more other digital assets associated with other members of a congress; ii) detecting, by the node, a special transaction of digital assets on the proof-of-work blockchain network to an address associated with the congress pool, the special transaction satisfying determined criteria; and iii) minting, by the node, one or more digital assets on a proof-of-stake blockchain network in response to detecting the special transaction.

Abstract: A method, system, and computer program product for providing data security through database map restructuring are provided. The method identifies related data tables within a set of data tables within a database. The method identifies a set of related data types within the related data tables. A set of similarities is determined among the set of related data types. The related data types are mapped based on the set of similarities. Based on the mapping, method restructures one or more data tables of the set of data tables to generate a restructured data table.

Abstract: A transmitting multi-link device (MLD) includes circuitry and a transmitter. The circuitry, in operation, constructs an Additional Authentication Data (AAD) and a Nonce, and encapsulates a plaintext medium access control (MAC) protocol data unit (MPDU), the AAD, and the Nonce to generate an encapsulated MPDU. The AAD includes an Address 1 (A1) field, to which a recipient MLD's MAC address is set, and an AAD Address 2 (A2) field, to which the transmitting MLD's MAC address is set. The Nonce includes a Nonce Address 2 (A2) field, to which the transmitting MLD's MAC address is set. The transmitter, in operation, transmits the encapsulated MPDU to the recipient MLD on a first link.

Abstract: Analysis of samples for maliciousness is disclosed. A sample is executed and one or more network activities associated with executing the sample are recorded. The recorded network activities are compared to a malware profile. The malware profile comprises a set of network activities taken by a known malicious application during execution of the known malicious application. A verdict of “malicious” is assigned to the sample based at least in part on a determination that the recorded network activities match the malware profile.

Abstract: The present disclosure relates to computer-implemented methods, software, and systems for validating and revoking security tokens. A request for a resource is received at an application server and from a client. The request is associated with a security token for authenticating the client by the application server. A public key of an authentication server is acquired at the application server for authenticating requests at the application server. A signature of the security token is validated at the application server. By validating the signature of the security token, it is determined whether the security token is validly issued by the authentication server. In response to the received request, the application server determines at an identifier that is associated with the client and validates the security token based on the identifier to determine whether to serve the received request and provide the resource.

Abstract: A method for supporting verification of information pertaining to a target includes detecting an indication that a request transaction has been received by a smart contract deployed on a blockchain, the request transaction indicating a request to verify information pertaining to the target. The method also includes retrieving the request based on the request transaction. Further, the method includes: generating a reply transaction indicating at least (i) a reply to the request, and (ii) an address, on the blockchain, of an originator of the request; and providing the reply transaction to the smart contract.

Abstract: A learning device estimating apparatus aims at a learning device as an attack target, and comprises a recording part, an inquiring part, a capturing part and a learning part. A predetermined plurality of pieces of observation data are recorded. The inquiring part inquires of the attack target learning device for each of the pieces of observation data recorded in the recording part to acquire label data and records the acquired label data to the recording part in association with observation data. The capturing part inputs the observation data and the label data associated with the observation data that have been recorded to the recording part, to the learning part. The learning part is characterized by using an activation function that outputs a predetermined ambiguous value in a process for determining a classification prediction result, and the learning part performs learning using the inputted observation data and label data.

Abstract: A data store to store and access digital records is provided, and a key object record is initialized in the data store to store data associated with a physical key object. A digital fingerprint of the physical key object is stored in the key object record. Another digital record is created in the data store that is not the key object record. The digital record is linked to the digital fingerprint of the physical key object. The linking is arranged to provide secure control access to the linked digital record. A tendered access key is received via a programmatic interface or user interface, and the data store is queried based on the tendered access key to identify a matching digital fingerprint of a key object. In a case that the querying identifies the matching digital fingerprint of the key object within a prescribed level of confidence, access to the linked digital record secured by the key object is granted.

Abstract: Authentication translation is disclosed. A request to access a resource is received at an authentication translator, as is an authentication input. The authentication input corresponds to at least one stored record. The stored record is associated at least with the resource. In response to the receiving, a previously stored credential associated with the resource is accessed. The credential is provided to the resource.

Abstract: A user authentication method performed in an unmanned delivery system including a server, a buyer customer device, a deliveryman customer device, and an autonomous delivery vehicle includes: generating, by the server, a session key based on order information received from the buyer customer device, and transmitting the generated session key to the deliveryman customer device and the buyer customer device; generating, by the deliveryman customer device, a One-Time Password (OTP) based on the session key; applying, by the deliveryman customer device as a first application step, a hash function to the OTP a first predetermined number of times; additionally applying, by the deliveryman customer device as a second application step, the hash function to the OTP generated in the first application step a second predetermined number of times; and generating, by the deliveryman customer device, a first Quick Response (QR) code based on the OTP generated in the second application step.