Abstract: Techniques for location based security in service provider networks (e.g., service provider networks for mobile subscribers) are disclosed. A system/process/computer program product for location based security in service provider networks includes monitoring network traffic on a service provider network at a security platform to identify a location for a new session; associating the location with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the location.

Abstract: A mobile computing device includes one or more interfaces to connect to one or more devices, and one or more processing devices, connected with the one or more interfaces. The one or more processing devices are to establish a first wireless connection with a first device. The first device lacks resources to connect to a cloud service directly. The one or more processing devices are also to receive data from the first device, provide the data to the cloud service, and in response to detecting a migration condition, disconnect the first wireless connection to allow establishment of a second wireless connection between the first device and a second device such that the second device receives subsequent data from the first device and provides the subsequent data to the cloud service.

Abstract: Systems, methods, and software can be used to reduce network security risks in a medical care network. In some aspects, a method includes detecting, at a medical equipment monitor located in a network, an electronic device that is connected to the network; determining, by the medical equipment monitor, that the electronic device comprises a medical equipment; associating, by the medical equipment monitor, a security profile with the medical equipment, wherein the security profile includes one or more security parameters; detecting, by the medical equipment monitor, a conflict between a data transmission activity from the medical equipment and at least one security parameter in the security profile; and in response to detecting the conflict, transmitting, from the medical equipment monitor, a notification of the conflict to a medical equipment controller.

Abstract: Techniques for identifying attack behavior based on scripting language activity are disclosed. A security monitoring system generates a behavior profile for a first client device based on scripting language commands included in a first set of raw machine data received from the first client device, where the first client device is coupled to a network, and the first set of raw machine data is associated with network traffic received by or transmitted from the first client device. The security monitoring system analyzes a second set of raw machine data received from the first client device, where the second set of raw machine data is associated with subsequent network traffic received by or transmitted from the first client device. The security monitoring system detects an anomaly in the second set of raw machine data based on the behavior profile, and initiates a mitigation action in response to detecting the anomaly.

Abstract: A system for validating an authorization request to facilitate controlling access to content or computer commands, in which the access is requested by multiple entities operated on discrete computing environments. The techniques make use of a system including a switchboard and a rule engine that collect parameter sets required for validation from the entities and dynamically generate a lock and key combination based on the collected parameter sets. The key of the lock and key combination allows the system to validate each entity independently regardless of the required parameters specified in the lock and key combination.

Abstract: The disclosed computer-implemented method for establishing restricted interfaces for database applications may include analyzing, by a computing device, query behavior of an application for query requests from the application to a remote database in a computer system and identifying, based on the analysis, an expected query behavior for the application. The method may include establishing, between the application and the remote database, a restricted interface. The method may include receiving, at the restricted interface, a query request from the application to the remote database and limiting, by the restricted interface, the query request from the application to the remote database based on the expected query behavior. The method may include determining, by checking the query request against the expected query behavior, that the query request is anomalous query behavior and performing a security action with respect to the computer system.

Abstract: A technique includes acquiring a plurality of records, each record having a corresponding number of attributes determining, based on local density measurements for numeric and normally distributed attribute value frequency measure for categorical attributes tags in the training portion of the plurality of records which is then used in probabilistic classifier for anomaly detection. A second set of implementations is proposed using ensemble method of combining deep learning algorithms for the same.

Abstract: Disclosed are systems and methods for passively authenticating users of a native application running on a mobile communications device. The user may be applying for a service, product, access, etc. from a provider computing system. A unique device identifier of the device may be acquired and provided to a first computing system. A mobile telephone number associated with the device may be received at the device. User information may be accepted from the user via a user interface of the device for entry into a set of fields. The mobile telephone number may be verified by determining, via a second computing system that is different from the first computing system, that the mobile telephone number is associated with the user information. The service/product/access for the user may be approved in response to verification of the mobile telephone number. The user may be authenticated without challenge questions.

Abstract: A concealed-decision-tree computation system includes a user apparatus and 0th to (n?1)-th server apparatuses, where n is a predetermined positive integer. The user apparatus secret-shares data D into n shares [D]j (j=0, . . . , n?1) and sends the n shares [D]j (j=0, . . . , n?1) to the 0th to (n?1)-th server apparatuses, respectively. The 0th to (n?1)-th server apparatuses use the n shares [D]j (j=0, n?1) to perform secret cooperation computation to obtain n shares [out]0, . . . , [out]n-1 of a value “out” corresponding to the data D in a predetermined decision tree and send the n shares [out]0, . . . , [out]n-1 to the user apparatus. The user apparatus uses at least k shares out of the n received shares [out]0, . . . , [out]n-1 to restore the value “out” corresponding to the data D in the predetermined decision tree, where k is a predetermined integer equal to or smaller than n.

Abstract: A user verification apparatus may perform user verification using multiple biometric verifiers. The user verification apparatus may set a termination stage of one or more biometric verifiers. Multiple biometric verifiers may be used to generate outputs, for which separate termination stages are set to establish a particular combination of set termination stages associated with the multiple biometric verifiers, and the user verification apparatus may fuse outputs of the biometric verifiers based on the particular combination of set termination stages. The user verification apparatus may verify a user based on a result of the fusing, and an unlocking command signal may be generated based on the verifying. The unlocking command signal may be generated to selectively grant access, to the verified user, to one or more elements of a device. The device may be a vehicle.

Abstract: To make high-level copyright protection of transmission audio data possible. Audio data is sequentially transmitted to a reception side via a predetermined transmission channel for each unit audio data. Audio data to be transmitted is encrypted, and encryption information indicating that the audio data has been encrypted is added to the audio data. For example, the encryption information is added using a predetermined bit area of a channel status of each block that is configured every predetermined number of unit audio data pieces.

Abstract: A system and a method for document information authenticity verification for applications including verifying the authenticity of information of statements of attainment of course documentation issued by registered training organisations, verification of travel documents and other sensitive documents requiring authenticity verification of documents issued by law firms, accountancy firms, governmental institutions and the like, the method comprises a verification record creation stage comprising: receiving document content metadata from a document; generating a metadata hash using the document content metadata; creating a blockchain transaction comprising the metadata hash; and generating computer readable data encoding the metadata hash; updating the document with the computer readable data and a document verification stage comprising: receiving the document; extracting the metadata hash from the computer readable data; and identifying the metadata hash within blockchain transactions of the blockchain to veri

Abstract: Embodiments of the invention are directed to systems, methods and computer program products for end to end encryption on a network without using certificates. The system utilizes a correlation between two quantum particles that are entangled. In this way, data may be encrypted with the particles and transmitted to end users. Since the particles are forced to behave the same way even if they are separated, the data associated with the particles is not able to be breached. In the application encryption processing, that means the particles are not hackable and the encryption is always true and accurate. In this way, verification of application encryption occurs via particle measurement by leveraging the fact that that there is only one sender and one receiver, because they are of the same particle computation or physical end-point, instead of current encryption relying on logical end-points.

Abstract: An image product is manufactured from a digital video work by an apparatus and via a process. An object in the digital image work is detected, and the object is recognized. Metadata is assigned to the recognized object. A cryptographic hash of the object metadata is generated via a cryptographic hashing algorithm, and the cryptographic hash is written to a node of a transaction processing network.

Abstract: An existing application processing on a client device initiates a function to provide a hard coded credential to a remote target application for purposes of logging into and gaining access to the remote target application. A hook to the function causes an agent to be activated, the agent dynamically contacts a credential vault to obtain a randomly generated credential for access to the remote target application. The hook injects the randomly generated credential over the hard coded credential supplied by the existing application and the function is initiated. The function logs into the target application using the randomly generated credential providing the existing application access to the remote target application. The hard coded credential is bypassed by the randomly generated credential.

Abstract: A method, a device and a program are provided for processing data. The method is implemented within an intermediary module. The data is transmitted between a customer module and a server module connected through a communications network. The method includes: receiving, from one among the customer and server modules, an intermediation request identifying an operation of intermediation to be performed relative to a stream of encrypted data exchanged between the customer module and the server module; and processing relative to said encrypted data as a function of said operation of intermediation.

Abstract: An application error detection platform computer processor may monitor execution of an application for a customer and determine that an application error has occurred. Responsive to the determination that an application error has occurred, an error fingerprint creation platform computer processor may access a stack trace representing execution of the application when the application error occurred. An error fingerprint associated with the occurrence of the application error may then be determined by applying a hash function (e.g., SHA-1) to information contained in the stack trace. Electronic records including an indication of the error fingerprint may then be received by and stored in an application error log data store. The application error log data store may then be searched for duplicate error fingerprints to facilitate application error resolution.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for processing of data in an intermediary server. Data is received from an Internet of Things (IoT) enabled device. The data includes a readable header and an encrypted payload. An opaque algorithm is selected to process the payload, based on information contained in the header of the data. The selected opaque algorithm processes the encrypted payload of the data, wherein the opaque algorithm is invisible to the intermediary server. The processing includes: decrypting the encrypted payload, applying the opaque algorithm to the decrypted payload, and encrypting the results from processing the decrypted payload by the opaque algorithm. A new readable header is added to the encrypted results. The data, including the new readable header and the encrypted results, is forwarded to a different server, based on the information in the new readable header.

Abstract: A network security service is provided to detect various intermediaries to a network connection between a client and a destination service, such as a man-in-the-middle (MITM). The network security service may obtain session feature information indicating attributes of the network connection. Based at least in part on the session feature information the network security service may detect an intermediary and perform a security measure.

Abstract: A method includes securely booting a device using a bootloader, where the bootloader is digitally signed using a first cryptographic key associated with the bootloader. The method also includes executing one or more kernel or user applications using the device, where the one or more kernel or user applications are digitally signed using one or more second cryptographic keys associated with the one or more kernel or user applications. In addition, the method includes using an in-band channel to update or replace the first cryptographic key.