Abstract: A certificate renewal service may receive an indication to request renewal of a certificate in a test mode that allows testing of certificate characteristic property change effects. The certificate renewal service may select, based on the renewal of the certificate being requested in the test mode, a renewal time for renewing of the certificate. The certificate renewal service may change, based on the renewal of the certificate being requested in the test mode, one or more properties of one or more certificate characteristics of the certificate in a certificate renewal request. The certificate renewal service may request renewal of the certificate based on the renewal time with one or more changes to the one or more properties of the one or more certificate characteristics.

Abstract: A system can be provided that can determine a first subset of external identity providers associated with permitted access to software applications of an internal computing system. The system can also determine a second subset of external identity providers associated with denied access to the software applications. Additionally, the system can generate a mapping that associates permitted access to the software applications with the first subset of external identity providers and associates denied access to the software applications with the second subset of external identity providers. The system can further receive, from the user device, authentication data. The user device can obtain the authentication data using an external identity provider. The system can detect the external identity provider from the authentication data and, in response to detecting the external identity provider, the system can control access for the user device to the software applications based on the mapping.

Abstract: Provided is an operation method of a security requirement recommendation system including inputting an attack scenario of an advanced persistent threat (APT); and estimating a specific APT attack case similar to the attack scenario based on a case-based problem domain ontology including characteristic models of the APT attack cases, and recommending a security requirement corresponding to the specific APT attack case.

Abstract: Methods, non-transitory computer readable media, network traffic manager apparatuses, and systems includes receiving a plurality of network packets. Metadata comprising state information for the received plurality of network packets is generated. The generated metadata is inserted into the received plurality of network packets or a cloned version of the plurality of network packets. A network diagnostic operation is performed on the received plurality of network packets based on the inserted metadata into the received plurality of network packets or the cloned version of the plurality of network packets.

Abstract: A weak password detection method and device based on deep learning, an electronic device, and a storage medium are provided. The method includes: acquiring a password character string to be detected; processing, by applying a fully trained weak password detection model, the password character string to be detected to obtain a strong/weak password classification label of the password character string to be detected, the fully trained weak password detection model being obtained by training a deep learning model with a password character string as an input and a strong/weak password classification label corresponding to the password character string as a supervision; and marking the password character string to be detected as a weak password under the condition that the strong/weak password classification label is a weak password label.

Abstract: A method for providing a shared SEPP for roaming aggregators includes, at a shared SEPP that functions as a single point of ingress and egress between an MVNO PLMN and an MNO PLMN and between the MVNO PLMN and MNO PLMNs and external networks, receiving a first service-based interface (SBI) request message from the MVNO PLMN. The method further includes determining, by the shared SEPP, that the first SBI request message is destined for the MNO PLMN, and, in response, routing the first SBI request message to the MNO PLMN. The method further includes receiving a second SBI request message from the MVNO PLMN and determining that the second SBI request message is destined for one of the external networks, and, in response, routing the second SBI request message to the one external network. The shared SEPP may apply security measures for messages transmitted to and from the MNO PLMN and the MVNO PLMN.

Abstract: There is provided a method, computer program, and an apparatus for a network function that causes the network function to: receive, from a service consumer, event subscription information comprising an intra-domain address and an inter-domain address for signalling event subscription notification information from a service producer to the service consumer; determine whether a first service producer is located in the same domain as the service consumer; select at least one of the inter-domain address and the intra-domain address to signal to the first service producer in dependence on said determining; and signal the selected at least one address to the first service producer.

Abstract: The disclosure relates to an electronic device for generating a mnemonic phrase of a private key and an operation method in the electronic device. The electronic device may comprise a memory, a display module, and at least one processor electrically connected with the memory and the display module. The at least one processor may be configured to generate a private key and a public key, generate a first mnemonic phrase including a designated first number of words based on a structure of the private key, identify a user phrase input by a user, generate a second mnemonic phrase including a second number of words identified based on a security level obtained by analyzing the user phrase, and control the display module to display the generated second mnemonic phrase. Other embodiments are possible.

Abstract: A method and a system for maintaining immutability of evidence that relates to software development life cycle data and that is protected from tampering in order to guarantee data integrity and consistency are provided. The method includes: receiving an evidence item that relates to a software development; encrypting the evidence item; storing the encrypted evidence item in a memory; computing a hash value based on the evidence item; and combining the hash value with a hash tree that relates to the software development. The hash tree includes a set of hash values for which there is a one-to-one correspondence with a set of evidence items that are represented in the hash tree. When tampering, such as content alteration or deletion, occurs with respect to an evidence item, the hash values in the hash tree may be used to determine the evidence item for which the tampering has occurred.

Abstract: In some aspects, the techniques described herein relate to a method including: initiating a communication session between a user and an agent; generating an application link for the communication session, the application link associated with a co-browsing application; transmitting the application link to a client device associated with the user; receiving data from the client device via the co-browsing application executed in response to the application link and associating the data with the communication session; pre-populating a co-browsing session using the data; and synchronizing a display of pages between an agent emulator and the co-browsing application, wherein synchronizing includes rendering a given page on both the agent emulator and the co-browsing application and displaying an input received via the co-browsing application in the agent emulator.

Abstract: A flexible witness service system architecture is provided that comprises one or more cluster sites each having at least two storage/compute nodes; at least one local external device associated with at least one of the one or more cluster sites, the at least one local external device configured to run a local witness service. A central cloud management platform is in communication with the one or more cluster sites, the central cloud management platform being configured to run a cloud witness service. The local witness service and the cloud witness service perform identical arbitration services if a storage/compute node in one of the one or more cluster sites fails or communication between storage/compute nodes in a cluster fails.

Abstract: A computer stores, within a single user account, multiple supervised computing resources and multiple additional computing resources. The multiple supervised computing resources are associated with a security policy. The computer executes a first instance of a specified application that lacks read access and lacks write access to any and all of the multiple supervised computing resources. The computer executes, simultaneously with the first instance, a second instance of the specified application that accesses at least a portion of the multiple supervised computing resources. The computer applies rules from the security policy to the second instance of the specified application while foregoing applying the rules from the security policy to the first instance of the specified application.

Abstract: Generally disclosed herein is an approach for smart topology-aware link disabling and user job rescheduling strategies for online network repair of broken links in high performance networks used in supercomputers that are common in Machine Learning (ML) and High-Performance Computing (HPC) applications. While a disabled link is repaired online, user jobs may continue to run. The broken links may be detected as part of pre-flight checks before the user jobs run and/or during the job run time via a distributed failure detection and mitigation software stack which includes a centralized network controller and multiple agents running on each node. The network controller may ensure that the user jobs are rerouted to healthy links within the same network until the broken links are fixed and tested by the repair workflows, in which case the broken links are enabled again by the network controller for future user jobs.

Abstract: Systems and methods comprise a gateway at a premises. The gateway is coupled to a remote system. An interface component is coupled to a processor of the gateway. The interface component comprises at least one module that interfaces and exchanges data with a processing component of a security system installed at a location. The processing component uses a proprietary protocol of the security system for processing data of the security system. The processor controls communications that comprise passing commands from the remote systems to the security system, and passing event data of the security system to the remote system.

Abstract: Methods, devices, and systems for migration or sharing of existing M2M service layer sessions are disclosed. In one embodiment, a Session Migration and Sharing Function (SMSF) performs the migration or sharing of a M2M service layer session. Various forms of service layer session context may be used to enable the migration and sharing of M2M service layer sessions.

Abstract: A system and method for monitoring a plurality of servers by a monitoring server in a computer network. A list of servers and a plurality of services to monitor in the computer network is generated at the monitoring server. A status query is transmitted sequentially by the monitoring server to each of the plurality of servers, the status query including the plurality of services to monitor at each server. A status message report is received from each of the plurality of servers in response to each status query. An event is reported in an event log for each server that has an abnormal service status. The transmission of the status query to each server is performed by the monitoring server at a specified service time interval.

Abstract: An event-based social media search platform for pet and animal related searches includes a database for storing event data associated with user-created events relating to pets or animals for a plurality of users. The platform analyzes event data from different user-created events to determine when user-created events have event data in common. The platform alerts users of related events and facilitates communications between users to confirm that the user-created events relate to the same pets or animals. The platform can associate event data and users of related events in the database. Events can be published via social media platforms to assist users in searching for new pets and animals, finding missing pets and animals, or locating pets and animals after natural disasters.

Abstract: Systems and procedures are provided for validating an IHS (Information Handling System) as operating using only factory-provisioned I/O ports. During factory provisioning of the IHS, a signed inventory certificate that includes an inventory of factory-provisioned I/O ports of the IHS is uploaded to the IHS. Upon delivery and initialization of the IHS, the inventory certificate is retrieved by a pre-boot validation process. An inventory of detected I/O ports of the IHS is then collected. The validation process compares the collected inventory of detected I/O ports against the inventory of factory-provisioned I/O ports from the inventory certificate in order to validate the IHS is operating using only factory-provisioned I/O ports. Through embodiments, any I/O ports of the IHS other than the I/O ports validated as factory-provisioned are not usable by any software or hardware of the IHS.

Abstract: Systems and methods for enabling various devices to remotely interact with cloud-based client applications are provided. A method comprises receiving a first request from a first client device of a user to initiate an interactive session with a cloud-based client application, reserving an application engine for executing the cloud-based client application remotely from the first client device, receiving interaction data from the first client device as the user engages with a first media data associated with the cloud-based client application, modifying the cloud-based client application executing within the application engine that is reserved based on the interaction data received from the first client device, receiving a second request from the first client device to end the interactive session with the cloud-based client application that is modified, and deallocating the application engine that is reserved, wherein the application engine that is reserved is delinked from the first client device.

Abstract: A software defined (SD) process control system (SDCS) includes a method executed by a discovery service for inferring information regarding a physical or logical asset of a process plant. The method includes obtaining an announcement indicative of a presence of a physical or logical asset of the process plant. The method also includes obtaining, from a context dictionary, one or more parameters retrievable from the physical or logical asset or one or more services associated with the physical or logical asset that were not indicated in the announcement. Furthermore, the method includes storing a record of the discovered physical or logical asset in a discovered item data store. The record includes an indication of the identity of the physical or logical asset and the one or more parameters or one or more services associated with the physical or logical asset that were not indicated in the announcement.