Abstract: The present invention relates to a method and a system for robust, searchable, symmetrical encryption, the method comprising: during initialization, having a retrieval server perform retrieval on stored ciphertext information according to a searchable ciphertext and retrieval trapdoor information (Cntupd, K, Locgrp) sent by a client, wherein, the retrieval server acquires a last received first ciphertext set Cnew from a ciphertext database CDB just before the present retrieval according to a retrieval key K and an encryption counter Cntupd sent by the client, acquiring a second ciphertext set Ccache in a retrieval request history from a cache ciphertext database GRP according to a cache ciphertext index Locgrp, and merging the first ciphertext set Cnew and the second ciphertext set Ccache to form a retrieval set , and sending it to the client for decryption.

Abstract: Methods and apparatus are provided for enhancing data integrity for implantable medical devices. A medical device is provided that is at least partially implantable. The medical device includes an application component configured to apply a therapeutic treatment and/or stimulation signals to a patient. The medical device includes a wireless communication transceiver and a computer memory storing a parameters library and computer readable instructions.

Abstract: A reverse TCP/IP stack infrastructure is disclosed. In an example use, an application executing on a client device as an operating system extension that uses a virtual private network stack of the operating system intercepts a first IP packet generated by a client program. The application determines that the first IP packet comprises a Transmission Control Protocol synchronize message and opens a socket to a destination Internet Protocol address and destination port. A synchronize acknowledgement is received. A packet to transmit to the client program is synthesized that includes a synchronize acknowledgment.

Abstract: A computer-implemented system and method for a data leakage and misuse detection system comprises receiving an evaluation dataset A, and building a signature of the evaluation dataset A (sig(A)), where A signature of a dataset is a multi-level evaluation data abstraction representation of the dataset. The method further comprises building a signature for each of existing datasets B (B1, B2, . . . , Bn) (sig(Bx)) that are stored in a memory. The method then compares the sig(A) with each of the sig(Bx)s. A similarity score is derived based on the comparing, and responsive to determining the similarity score exceeds a predefined threshold, the method comprises generating an activity related to the determination.

Abstract: An example operation includes one or more of receiving, at a transport, a key and data associated with an upcoming event from a server, verifying, by the transport, the data associated with the upcoming event based on current data acquired by the transport, responsive to a verification of the data associated with the upcoming event, receiving, at the transport, functionality configured to address the upcoming event, and unlocking the functionality on the transport by the key.

Abstract: A system includes a plurality of first building components, a private local blockchain, a second building component, and a client device. The private local blockchain includes a device ledger indicating each first building component, a transaction ledger maintaining a plurality of blocks corresponding to a transaction between at least two first building components and including at least one first unique identifier of the corresponding first building component and a timestamp of the transaction, a transaction processor that generates at least one block by executing a predetermined hash function using a previous block, and a local rule engine defining rules to evaluate a transaction. The second building component has at least one second unique identifier. The client device provides the at least one second unique identifier to the private local blockchain. The private local blockchain determines whether to add the second building component to the device ledger.

Abstract: Described herein are means for implementing a role based access control and authorization validator via blockchain smart contract execution using Distributed Ledger Technology (DLT) in conjunction with a cloud based computing environment.

Abstract: A network firewall detects and protects against persistent low volume attacks based on a sequence of network data having a pattern that matches by some threshold or percentage a sequence of network data from an earlier iteration of the same persistent low volume attack. The attack patterns are derived from tokenizing one or more elements from a captured sequence of network data that is representative of an attack iteration. Counts for different resulting tokens may be stored in a feature vector that represents the attack pattern. If subsequent sequences of network data have a sufficient number of similar token, a pattern match can be identified and the firewall can take protective action including blacklisting the sending clients, blocking the traffic, redirecting the traffic, sending a problem to verify the sender is an actual user, or other actions.

Abstract: A building device of a building includes or is in communication with a processing circuit configured to store one or more files, each of the one or more files comprising instructions and a ledger, the ledger comprising information describing at least one of the one or more files. The processing circuit is configured to verify the one or more files by retrieving a root ledger from storage of the processing circuit, wherein the root ledger comprises information based on one or more characteristics of a blockchain, reassembling the blockchain based on the ledger of each of the one or more files, verifying the blockchain with the root ledger, and verifying the one or more files with the verified blockchain. The processing circuit is configured to execute the instructions of the one or more files in response to a determination that the one or more files are verified.

Abstract: An example operation includes one or more of receiving, by a transport, first data from an occupant device proximate the transport, modifying, by the transport, a location-based level of trust related to a type and an interaction of the received first data with the occupant device, and receiving, by the transport, second data based on the modified location-based level of trust and a proximity of the occupant device to the transport.

Abstract: A distributed project management system especially suited for construction projects and administered by third party Application Service provider (ASP) in communication with a plurality of remote client computers and providing a dashboard to each party including a general contractor dashboard that facilitates development of a smart contract based on a project template. Each party's dashboard is configured to review, negotiate and accept the project template, whereupon the ASP compiles it into a distributed private blockchain transaction ledger that is updated based on communications from the various dashboards. The ASP determines whether transactions meet a condition of the smart contract, and updates and validates the distributed transaction record ledger. All notices, reports, disbursements, and fund transfers necessary to pay all of the subcontractors and contractor are completed electronically.

Abstract: An authentication system of a service generates a session corresponding to a browser of a client device in response to the browser accessing a webpage of the service. Through the webpage, the authentication system presents a security challenge and an option for requesting a bypass to the security challenge. In response to selection of the option, the authentication system establishes a communications session between the client device and a service agent that can verify the identity of a user of the client device. If the identity of the user is verified, the service agent can request issuance of a bypass token usable to bypass the security challenge. If a request is received from the service agent, the bypass token is generated and issued to the client device. The client device uses the bypass token to remove the security challenge from the webpage without the user providing the correct response.

Abstract: A node in a blockchain network may receive a request for information regarding a token, retrieve token information regarding the token from the blockchain network, generate based on the token information, a token connection object (TCO) for the token, wherein the TCO includes a subset of the token information, and send the TCO to a requestor.

Abstract: One example embodiment is a method of proving the immutability of digital records in a first entity. The method includes storing the digital records in a sequence of blocks by the first entity; regularly sending the hash value of the blocks by the first entity to the external party; computing a re-computed hash value of a specific block from the digital records stored at the first entity by a second entity; obtaining a retrieved hash value of the specific block from the external party by mapping a key index by the second entity; and proving that the digital records have not been changed up to the specific block if the re-computed hash value is the same as the retrieved hash value by the second entity.

Abstract: Compression techniques by pre-sorting transactions in a consistent way. In at least one embodiment, the compression does not rely on consistent mempool across full nodes. Transactions in a block can be hashed and sorted. Ambiguity can arise from the hashes, which can be resolved using various techniques.

Abstract: A cryptography module for at least temporarily controlling an operation of at least one computing device. The cryptography module is designed to check at least one memory area of a memory unit capable of being accessed by the computing device, and to control the operation of the at least one computing device as a function of the check. The cryptography module is designed to receive a first control command from the computing device, which characterizes at least one memory area of the memory unit to be checked, and to check the memory area characterized by the first control command.

Abstract: A block chain-based data query method, performed by a server of a block chain system, is provided. In the method, a data identifier of first data to be queried is obtained according to a query request, the query request including a user identifier of a user that initiates the query request. Data permission information in a target block in a target block chain of the block chain system is obtained according to the data identifier. Based on the data permission information not including the user identifier, a query permission request is transmitted to at least one target server in the block chain system, the query permission request including the user identifier and the data identifier. Based on a received query permission response satisfying a target policy in the data permission information, the first data is obtained from a data storage system according to the data identifier.

Abstract: A computer implemented method of applying a unified search for a match of one or more features in a plurality of encrypted records, comprising using one or more processors of a server associated with a database comprising a plurality of encrypted records. The processor(s) is adapted for receiving a query for searching one or more plaintext features in the plurality of encrypted, searching for a match of the one or more plaintext features using a first search methodology and a second search methodology and outputting an indication of matching encrypted records according to the match. Wherein the second search methodology is asymptotically faster than the first search methodology and wherein the first search methodology is used for searching a subset of the plurality of encrypted records selected based on status indication associated with each encrypted record.

Abstract: A method for inter-blockchain communication, comprising: receiving from a sender node in a sender blockchain a data message for transmission to a receiver node in a receiver blockchain; encrypt and encapsulate by an encryption module the data message into an event, wherein the event comprising an exposed header containing information for routing the event through the blockchains and identifying the sender and the receiver nodes; broadcasting the event to a communication bridge comprising multiple bridge nodes; transferring the event through the bridge nodes to an event exchange module of the receiver blockchain; validating the event by a validation module; decrypting and decapsulating the validated event by a decryption module into a decrypted data message; and recording the decrypted data message into the receiver blockchain ledger for reading by the receiver node. The multiple bridge nodes ensure redundancy for the reliable delivery of events in the inter-blockchain communication.

Abstract: A memory system is communicable with a plurality of hosts. The memory system includes a nonvolatile memory and a controller electrically connected to the nonvolatile memory. The controller receives an authentication request command from a first host, and transmits a first authentication code when authentication of the first host is successful. The controller receives an access command, which includes a second authentication code, for accessing the nonvolatile memory from a second host. The controller permits an access to the nonvolatile memory in accordance with the access command when the second authentication code matches the first authentication code, and prohibits an access to the nonvolatile memory in accordance with the access command when the second authentication code is different from the first authentication code.