Abstract: Disclosed are methods and systems for a computing environment that allows an operator to maximize or increase compliance with one or more data and privacy standards. In one embodiment, compliant and non-compliant sources are identified and exchange of data between those sources are blocked, partially allowed or allowed with regulation-compliant encryption of data.

Abstract: Provided is a database multi-authentication method and system, a terminal, and a storage medium. The method comprises: initializing a hardware authentication certificate carrier by means of a programming interface, and storing a public key of the hardware authentication certificate carrier and a user certificate public name; taking the user certificate public name as a database user name, and generating a standard message digest value; receiving an authentication request sent from a client, and returning an initial random number to the client; receiving a signature random number sent from the client, and using the public key to decrypt the signature random number to obtain a random number; in response to determining that the random number is consistent with the initial random number, acquiring an message digest value, and in response to determining that the message digest value is consistent with the standard message digest value, determining that the client passes the authentication.

Abstract: Systems and methods for generating min-increment counting bloom filters to determine count and frequency of device identifiers and attributes in a networking environment are disclosed. The system can maintain a set of data records including device identifiers and attributes associated with device in a network. The system can generate a vector comprising coordinates corresponding to counter registers. The system can identify hash functions to update a counting bloom filter. The system can hash the data records to extract index values pointing to a set of counter registers. The system can increment the positions in the min-increment counting bloom filter corresponding to the minimum values of the counter registers. The system can obtain an aggregated public key comprising a public key. The system can encrypt the counter registers using the aggregated shared key to generate an encrypted vector. The system can transmit the encrypted vector to a networked worker computing device.

Abstract: A multi-party privacy computing method and device based on semi-trusted hardware, wherein the method applied to semi-trusted hardware comprises the following steps: acquiring random number masks and random seeds of all user terminals; generating a garbled circuit seed according to the random seeds; generating a garbled circuit according to a predetermined circuit description and the garbled circuit seed, wherein the garbled circuit comprises garbled tables, wire labels and decoding information; sending the wire labels corresponding to the inputs of all user terminals to a user terminal corresponding to the semi-trusted hardware by using an oblivious transfer protocol; and sending the garbled table and the decoding information to the user terminal corresponding to the semi-trusted hardware, so that the user terminal can compute an output value according to the garbled tables, the decoding information and the wire label corresponding to the inputs of all user terminals.

Abstract: A method including receiving, by a first server from a second server, an encrypted authentication packet to enable the first server and the second server to conduct an authentication process, the encrypted authentication packet including a crypted code field indicating that a portion of the encrypted authentication packet is encrypted and a crypted payload including an encrypted initial authentication packet; and transmitting, by the first server to the second server, a response based at least in part on determining that the portion of the encrypted authentication packet is encrypted and on decrypting the encrypted initial authentication packet. Various other aspects are contemplated.

Abstract: A secret is sliced into a number of encrypted slices. The encrypted slices can be distributed amongst members of a group. The encrypted slices make recovery of the secret possible, but a group authority key is required for decryption. Thus, a number of slices are necessary, but still not sufficient, to recover the secret.

Abstract: A method and apparatus for identifying a faked video is provided herein. During operation, when a video, or video call is received from a device, a simultaneous audio call is placed to the device (i.e., the video call and audio call take place simultaneously in time). The audio streams on both the video and audio call are compared, and a difference between the audio streams is identified. The video is deemed a potential fake if the difference between the audio streams is above a particular threshold.

Abstract: A computer-implemented method for generating a trusted setup on a computing device. The method may include generating a unique single user profile (USUP) based on data derived from the computing device, generating a first binary matrix, executing a matrix mixing operation on the first binary matrix based on the USUP, executing the matrix mixing operation may generate a second binary matrix, generating trust anchor data, wherein the generating the trust anchor data may include selecting a first number and inputting the first number into a remainder generator, the remainder generator may be configured to select a second number, calculate a remainder, wherein the remainder is the remainder of the first number divided by the second number, and output a value pair that includes the second number and the remainder, wherein the trust anchor data is used for encrypting and decrypting data.

Abstract: A method of sharing a first common secret among a plurality of nodes for enabling secure communication for blockchain transactions. The method comprises determining, for at least one first node a plurality of second common secrets, wherein each second common secret is common to the first node and a respective second node, is determined at the first node based on a first private key of the first node and a first public key of the second node and is determined at the second node based on the first private key of the second node and the first public key of the first node. The method further comprises exchanging encrypted shares of the first common secret among the plurality of nodes to enable each of the plurality of nodes to reach a threshold number of shares of the first common secret to access the first common secret.

Abstract: An example operation may include one or more of storing blockchain blocks committed to a blockchain based on a protocol executed by a current consensus committee of a blockchain network, receiving random values from the blockchain blocks which are created by nodes of the current consensus committee, randomly determining nodes of a next consensus committee of the blockchain network with respect to the current consensus committee based on the random values created by the nodes of the current consensus committee, and storing a new block to the blockchain based on a protocol based executed by the nodes of the next consensus committee.

Abstract: System for vehicle encrypted communication for vehicle-road-cloud collaboration is provided. The system includes a vehicle-side communication unit disposed on a vehicle and a second quantum random number generator disposed on a visitor. The vehicle-side communication unit includes a first quantum random number generator, a quantum key management module, an on-vehicle communication module, a user authorization module, a certificate management module, and a quantum encryption and decryption module.

Abstract: A method including determining, by a first server, an encrypted authentication packet, the determining including, determining a crypted code field to indicate a type associated with the encryption authentication packet and that at least a portion of the encryption authentication packet is encrypted, and determining a crypted payload based at least in part on encrypting an initial authentication packet. The method may also include transmitting, by the first server to a second server, the encrypted authentication packet to enable the first server and the second server to conduct an authentication process. Various other aspects are contemplated.

Abstract: A method including configuring a first server to determine an encrypted authentication packet, the configuring including, configuring the first server to determine a crypted code field to indicate a type associated with the encryption authentication packet and that at least a portion of the encryption authentication packet is encrypted, and configuring the first server to determine a crypted payload based at least in part on encrypting an initial authentication packet. The method may also include configuring the first server to transmit, to a second server, the encrypted authentication packet to enable the first server and the second server to conduct an authentication process. Various other aspects are contemplated.

Abstract: Providing an automatic mechanism of invalidating false-positive indications of certain identified portions of source code to reduce the number of errors in a security report. Certain embodiments of the present invention utilize static security scanning as a mechanism for automatically determining which portions of the identified source code contain potential vulnerabilities, and whether these identified portions of the source code are correctly or incorrectly identified with a false-positive indication.

Abstract: Methods and apparatus that registers a plurality of mesh node devices to operate as part of a wireless mesh network after a user device scans encoded information that is unique to each mesh node of a plurality of different mesh nodes. After codes associated with different respective mesh nodes are scanned by a user device, that user device may communicate with these different mesh nodes via a low power communication interface and the user device may send registration information to a registration computer via a secure communication channel. Apparatus may also receive a validation code from the registration computer via a communication channel that is different from the secure communication channel and these apparatus may then send the validation code to the registration computer via the secure communication channel when the user device is validated by the registration computer.

Abstract: A log analysis device is provided. The log analysis device receives a log indicating status of an electronic control system mounted in a movable object from the electronic control system, analyzes an abnormality in the electronic control system by using the log received. Depending on a result of the analyzing, the log analysis device determines, on a log-by-log basis, priority for the electronic control system to transmit the log to the log analysis device. Based on the priority determined, the log analysis device generates instruction information that gives an instruction for controlling transmission of the log, and transmits the instruction information to the electronic control system.

Abstract: A system and method for capturing value preference based data from a requestor of one or more digital content presentations during an access sequence and transforming the captured data into a useful tool enabling the content provider to modify the user experience prior to or subsequent to granting access to the requested content resulting in a more efficient and tailored interaction between the requestor and the content provider.

Abstract: A system and method are provided for implementing a secure configuration of a networked system for secure communications, the networked system including at least one instrument for performing corresponding tasks and at least one controller for controlling functions of the at least one instrument. The method includes providing a secure instrument configuration (SIC); displaying status provided by the SIC server identifying the controller and the instruments to a user via a user interface; writing controller secure configuration information from the SIC server to the controller through a software agent on the controller, the controller secure configuration information including authentication data for the instruments, and/or credentials of the one controller acceptable by the one instruments for identifying the controller; and communicating with the controller to initiate implementation of the secure configuration.

Abstract: Systems and methods to encrypt centralized information associated with users of a customer due diligence platform based on a modified key expansion schedule are disclosed. Exemplary implementations may: obtain user profile information making up user profiles of users of a customer due diligence platform; encrypt the user profile information to generate encrypted user profile information based on a modified key expansion schedule requiring multiple different keys; effectuate storage of the encrypted user profile information in association with the user profiles in non-transitory electronic storage; and/or perform other operations.

Abstract: A method including configuring a first server to receive, from a second server, an encrypted authentication packet to enable the first server and the second server to conduct an authentication process, the encrypted authentication packet including a crypted code field indicating that a portion of the encrypted authentication packet is encrypted and a crypted payload including an encrypted initial authentication packet; and configuring the first server to transmit, to the second server, a response based at least in part on determining that the portion of the encrypted authentication packet is encrypted and on decrypting the encrypted initial authentication packet. Various other aspects are contemplated.