Abstract: A method for controlling distribution of a product in a computer network is provided, comprising: providing a computer network having a plurality of processing devices each comprising one or more processors and a storage; and providing keys for asymmetric cryptography in the computer network. In a first data processing device assigned to the manufacturer in the computer network, the following is provided: generating a matrix code by encoding first electronic information comprising the private product key; providing the public product key, the public manufacturer key, and the private manufacturer key; generating a first transaction assigned to the product, a first transaction content of the first transaction comprising the public product key, and the public manufacturer key; and signing the first transaction with both the private product key and the private manufacturer key. Imprint data are provided for imprinting an imprint of the matrix code on the product. Further, a system is provided.

Abstract: Embodiments disclose a privacy data reporting method and apparatus, and a storage medium. The method includes: A terminal device obtains to-be-reported data, divides the to-be-reported data into front string data and rear string data based on a preset step, separately scrambles the front string data and the rear string data, and sends the generated privacy data to a server. The server receives privacy data sent by a plurality of terminal devices, determines N pieces of first front string data, then obtains M pieces of to-be-reported data based on a plurality of pieces of privacy data, and finally determines to-be-reported data whose reporting rate is greater than a first preset value as target to-be-reported data. In an exemplary embodiment, the terminal device divides the to-be-reported data into two parts, and separately scrambles the two parts to generate the privacy data.

Abstract: The present invention discloses a privacy masking method using format-preserving encryption in an image security system, and a recording medium for performing the method. In a privacy masking method using format-preserving encryption in an image security system according to an aspect of the present invention, an image corresponding to a privacy region is encrypted using format-preserving encryption, so that it is possible to prevent waste of additional storage space required for encryption and to solve a problem of exposure of personal information.

Abstract: Methods, systems, and computer program products for performing passive and active identity verification in association with online communications. For example, a computer-implemented method may include receiving one or more electronic messages associated with a user account, analyzing the electronic messages based on a plurality of identity verification profiles associated with the user account, generating an identity trust score associated with the electronic messages based on the analyzing, determining whether to issue a security challenge in response to the electronic messages based on the generated identity trust score, and issuing the security challenge in response to the electronic messages based on the determining.

Abstract: Convenient sharing of information among authorized network users may be facilitated by allowing a user to send information originating from multiple applications in aggregate form to another user, e.g., using a secure messaging service. In scenarios where data access is restricted, a server may check the recipient's access privileges prior to forwarding the information to her.

Abstract: Authentication translation is disclosed. A request to access a resource is received at an authentication translator, as is an authentication input. The authentication input corresponds to at least one stored record. The stored record is associated at least with the resource. In response to the receiving, a previously stored credential associated with the resource is accessed. The credential is provided to the resource.

Abstract: A customer of a resource allocation service can register a function to be executed using virtual resources, where the function includes customer code to be executed. Customer events are defined as triggers for a registered function, and a resource instance is allocated to execute the registered function when triggering event is detected. An identity role associated with the triggering function is used to obtain access credentials for any data source which a triggering event might require for processing. An event-specific access credential is generated that provides a subset of these access privileges using a template policy for the registered function that is filled with values specific to the triggering event. The filled template policy and base credential are used to generate an event-specific credential valid only for access needed for the event. This event-specific credential can be passed with the event data for processing by an allocated instance.

Abstract: A method for authorizing form related information is provided including: selecting one or more grantees; selecting a form, and displaying candidate related information of said form, wherein when there is one grantee, items selected and saved in the candidate related information when the grantee is authorized last time are automatically shown as being selected, and modifying authorization or selecting a corresponding item from said candidate related information for authorization; when there are two or more grantees, no item is shown as being selected, selecting and authorizing a corresponding item from said candidate related information; and after authorizing the related information of the form to the selected one or more grantees, saving the authorization of the related information of the selected form.

Abstract: Aspects of the invention include detecting that a rekey timer has expired. The rekey timer is one of a shared key rekey timer for a current shared key between the first node and a second node, and a session key rekey timer for a session key used in a secure communication between a channel on the first node and a channel on the second node. The session key was created based on the current shared key and is used for encrypting data in the secure communication. Based on the rekey timer being the shared key rekey timer, a new shared key is obtained and stored as the current shared key. Based on the rekey timer being the session key rekey timer, a new session key that is based at least in part on the current shared key is obtained and used in the secure communication.

Abstract: Collecting surveys with a secure identity is described. A request (i) pertaining to a survey and (ii) targeted to an attribute of a user is posted from a requesting system to a blockchain. It is determined, via the blockchain, that a user profile includes an attribute that matches with the attribute of the request. The request to a device associated with the user profile is transmitted via the blockchain and in response to determining that the user profile includes the attribute that matches with the attribute of the request. A response to the request is received from the device associated with the user profile. A commitment based on the response to the request is generated to the blockchain. The commitment is transmitted from the blockchain to the requesting system.

Abstract: Media capture and verification originally-captured media files, the nature of modifications made to captured media files, and the authenticity of various versions of files related to the captured media are discussed. A computer identifies capture device output that represents an aspect of a recorded event. The computer cryptographically processes the capture device output to produce a validatable master file which includes master media data from the capture device output, master metadata of said master media data, and master file blockchain data. The master file blockchain data includes a master file block history portion, a master file signature key portion, a master file change indication portion, and a master file signed data hash portion. The computer also modifies the master media data to produce reference file media data. reference files and distributable files. The computer verifies the authenticity of each of these files.

Abstract: A transaction platform including at least one or more public, public-private and/or private distributed ledgers or blockchains that together enable the secure effectuation and recordation of one or more transactions while maintaining transaction party confidentiality. The private distributed ledgers or blockchains are able to store, maintain and provide information about the parties related to the transactions which the distributed blockchains or databases are able to utilize in order to securely and quickly validate, execute and record the transactions in a manner that is GDPR and other data privacy law complaint.

Abstract: One example embodiment of the present invention is a method for conducting an imperative removal of at least one data record among peers to support ability to forget in blockchain. Each peer participating to a blockchain system has its own copy of a blockchain in a blockchain system. The method includes depositing the at least one data record to its designated data storage system by at least one peer; storing a cryptographic hashing pointer as a data item in a first block of its own copy of the blockchain by each peer; storing a deletion item in a second block of its own copy of the blockchain by each peer; and deleting the data record from the designated data storage system by each peer when the deletion item for the data record is found on the blockchain.

Abstract: The present disclosure discloses a method and a device for information processing. The method includes the following. A block chain node receives a digital asset processing request, where the digital asset processing request is used for requesting authority to process the digital assets. Upon receiving the digital asset processing request, the block chain node sends an authorization request to each of M electronic devices, where the authorization request is used for requesting authorization to process the digital assets. The block chain node determines that each of at least N electronic devices of the M electronic devices provides the authorization to process the digital assets, where M is greater than or equal to N. The block chain node determines to obtain the authority to process the digital assets.

Abstract: Provided are a blockchain-based one ID service system and method, in an authentication method according to the embodiment of present invention, an authentication support server maps and registers a first ID issued by a first SP server to a first user and a first site of the first SP server, which is an issuing server, and, upon receiving the first ID from a second SP server, the authentication support server returns information on the first site mapped to the first ID to the second SP server. To this end, there is no need for a separate server configuration to perform an authentication procedure, and it is possible to lessen the burden of performing authentication for SPs.

Abstract: A computer system for securing computer files from modification may include a processor; a first data storage area operatively coupled to the processor; a non-volatile second data storage area; and a control circuit. The second data storage area may be physically separate from the first data storage area. The second data storage area may store files that are executable by the processor, including executable files of an operating system configured to save temporary files on the at least a first data storage area. The control circuit may operatively couple the second data storage area to the processor, and may be operable in a first mode configured to block commands received from the processor and configured to modify the second data storage area from being communicated to the second data storage area. In a second mode, all commands may be allowed to the first and second data storage areas.

Abstract: Authentication translation is disclosed. A request to access a resource is received at an authentication translator, as is an authentication input. The authentication input corresponds to at least one stored record. The stored record is associated at least with the resource. In response to the receiving, a previously stored credential associated with the resource is accessed. The credential is provided to the resource.

Abstract: A system to generate a graphical user interface to display a presentation of a set of shared user groups between users of a social networking service is described. Embodiments of the present disclosure relate generally to systems for: receiving an identification of a second user from a user account of a first user; identifying a user group that includes the first user and the second user in response to the identification of the second user from the user account of the first user; retrieving user identifiers of the first user and the second user, wherein the user identifiers may include graphical avatars; generating a group identifier based on the user identifiers; and causing display of a presentation of the user group at a client device.

Abstract: The present disclosure is directed to systems and methods for the secure transmission of plaintext data blocks encrypted using a NIST standard encryption to provide a plurality of ciphertext data blocks, and using the ciphertext data blocks to generate a Galois multiplication-based authentication tag and parity information that is communicated in parallel with the ciphertext blocks and provides a mechanism for error detection, location and correction for a single ciphertext data block or a plurality of ciphertext data blocks included on a storage device. The systems and methods include encrypting a plurality of plaintext blocks to provide a plurality of ciphertext blocks. The systems and methods include generating a Galois Message Authentication Code (GMAC) authentication tag and parity information using the ciphertext blocks.

Abstract: According to embodiments, possession of a private key is replaced with possession of a registered personal electronic device, such as a smartphone, as proof of identity. Registration on a blockchain includes publishing a person's public key and registering the person's IMEI (Hardware ID) Hash, according to an embodiment. Registration on the blockchain gives others a way to verify that a transaction was signed by the person and sent from the person's personal electronic device by transmitting a challenge message to the person as a digital challenge, and verifying that the person possesses a corresponding private key by responding with an encrypted message that can be decrypted to display the original message.