Abstract: Systems and methods for tracking the privacy policy of an electronic device in a network having a privacy policy server and an authentication server are provided. In one aspect a privacy policy server receives a connection request from the electronic device, queries an authentication server for the device's privacy policy acceptance state. If the device had not accepted the network's privacy policy, the privacy policy server sends a URL to the device so the device may accept or reject the policy. The authentication server locates a network session identifier representing the device's connection with the network and response to the policy server indicating the device's current privacy policy acceptance state if applicable. Advantageously, a network session identifier can track a device's privacy policy acceptance state when the device reconnects with the network. The systems and methods are applicable in wireless networks, such as 802.11.

Abstract: A control information processing method is provided. The method includes: simulating a controller on a first device based on a target drive file of the first device; receiving control information sent by a second device, the control information being used for controlling the first device to perform a corresponding operation; storing the control information as input information of the controller into a storage space of the target drive file; and obtaining the control information from the storage space of the target drive file in response to receiving a data read instruction that instructs to obtain the input information of the controller.

Abstract: A method comprises detecting with a mobile security system a wake event on a mobile device, providing from the mobile security system a wake signal, the providing being in response to the wake event to wake a mobile device from a power management mode, and managing with the mobile security system security services of the mobile device. Managing security services may comprise scanning a hard drive of the mobile devices for viruses and/or other malware. Managing security services may also comprise updating security applications or scanning the mobile device for unauthorized data.

Abstract: A method for evaluating security of third-party applications includes: launching, in an automated test environment, a test instance of a first application; determining a data access pattern for the first application of accessing a protected remote server based on detecting data retrieval operations of retrieving data from the protected remote server by the test instance and determining application states of the first application associated with the detected data retrieval operations; and providing the data access pattern for the first application on a client device.

Abstract: A method, a computer program product, and a system for implementing a dynamic virtual database honeypot. The method includes relaying a query request received from a database client to a database and receiving, from the database, a response relating to the query request. The method also includes determining the query request is an attack on the database based on session information relating to the database and the database client, generating a honey token based on information contained within the response, generating an alternate response formatted in a same format as the response and containing artificial information that masks the information contained within the response. The method further includes inserting the honey token into the alternate response and transmitting the alternate response to the database client.

Abstract: A Bluetooth communication system includes: a Bluetooth host device; and a Bluetooth device set which including a first member device and a second member device. The first member device is arranged to operably generate and transmit target Bluetooth packets containing an auto-pair request to the Bluetooth host device. The second member device is arranged to operably generate a resolvable set identifier corresponding to the second member device according to a device set identification information. The Bluetooth host device is arranged to operably identify the first member device as a first privileged device according to the auto-pair request in the target Bluetooth packets, and to operably transmit a first privileged pairing notice to the first member device and to operably generate a first cypher key. The first member device further generates a second cypher key corresponding to the first cypher key after receiving the first privileged pairing notice.

Abstract: The method comprises registering at least one of an internet protocol (IP) address and a media access control (MAC) address of the security devices, generating a plurality of public key and private key pairs, encrypting and storing private keys comprised in the plurality of public key and private key pairs using a master key provided from a master key management unit, selecting any one of a plurality of public key and private key pairs when the access of the security device is approved and providing a certificate comprising the selected public key to the security device, receiving a symmetric key encrypted with the public key of the certificate from the security device, and decrypting the private key using the master key provided from the master key management unit.

Abstract: A Bluetooth communication system includes: a Bluetooth host device; and a Bluetooth device set which including a first member device and a second member device. The first member device generates a first resolvable set identifier corresponding to the first member device, and generates and transmits target Bluetooth packets containing the first resolvable set identifier to the Bluetooth host device. The second member device generates a resolvable set identifier corresponding to the second member device according to a device set identification information. The Bluetooth host device identifies the first member device as a first privileged device according to the position of the first resolvable set identifier, and transmits a first privileged pairing notice to the first member device and generates a first cypher key. The first member device further generates a second cypher key corresponding to the first cypher key after receiving the first privileged pairing notice.

Abstract: A user device may receive (e.g., when proximate to the first access device), from an intervening device, device identification data for a first access device. A message may be received from a second access device via the intervening device. The message may include a digital signature generated based at least in part on second access device identification data. The user device may validate the message utilizing the digital signature and a public key. If the message is invalid, the user device may discard the message. If the message is valid, (e.g., unaltered), the user device may determine that the user has not confirmed an intent to interact with the second access device and may terminate a[n] further interaction with the second access device accordingly.

Abstract: A method and system for providing a secure network includes a dApp that can act as a compiler that relies on independent authentication via another node, dApp, or wallet. The dApp, additionally or alternatively, is an independent resource ledger and/or serves only to render, secure, or transfer content, distributed via other external databases or ledgers, and accessed via a token exchange.

Abstract: A method for access control, the method may include (a) receiving, by a file server, an access request for allowing a user to access a file system entity, the user is identified by a first file system protocol (FSP) user identifier, (b) converting the first FSP user identifier to a first access control user identifier (ACUI) of the user, the first ACUI represents a combination of the user and the first FSP, (c) searching, within an access control data structure (ACUI), for a relevant access control rule associated with a member of a multiprotocol set of ACUIs of the user, wherein the multiprotocol set includes the first ACUI of the user and at least one other ACUI of the user that represents at least one combination of the user and at least one other FSP, and (d) responding to the access request based on the relevant access control rule, when finding the relevant access control.

Abstract: A transaction discovery protocol determines when a value r is less than a value a without learning the value of r or a. The protocol (1) receives, at a first computer via a secure communication channel, value ax, where x is a secret key unknown to the first computer; (2) generates vector B where a first entry is the value r, and subsequent entries are equal to the previous entry plus a predefined resolution; (3) generates vector By from the vector B using secret key y, unknown to a second computer, and sends vector By to the second computer; (4) receives vector Byx from the second computer and generates value axy; and (5) completes an agreement between the first computer and the second computer when the value axy is equal to one of the entries in the vector Byx, indicating that the value r is less than the value a.

Abstract: An example embodiment may involve communicating with a server to separately access first and second records of sessions between the server and computing devices of a network, the first record including a first set of fields not present in the second record and the second record includes a second set of fields not present in the first record; identifying a common field present the first and second records; correlating information across the first and second records using the common field; using a set of license misuse criteria to identify, from the correlated information, (i) a set of the sessions that meets the set of criteria and (ii) a network address of a target device involved in the set of sessions; identifying the target device using the network address; and storing an indication identifying the target device as a potential source of misuse of licensed software executable on the server.

Abstract: A systematic method of introducing obfuscating “organic” noise to a user's content engagement history leverages a recommender system by creating a public history on a client device which is a superset of the user's true engagement history. The method builds up the superset history over time through a client's interaction with the recommender system by simulating organic growth in a user's actual engagement history. The organic superset prevents an adversary with access to the underlying recommendation model from readily distinguishing between signal and noise in a user's query and obfuscates the user's engagement history with the recommender system.

Abstract: Techniques are provided for generation of secure video and tamper detection of the secure video. A methodology implementing the techniques according to an embodiment includes selecting a subset of macroblocks from a video frame to be transmitted and calculating a low frequency metric on each of the selected macroblocks. The method also includes performing a hash calculation on the low frequency metrics to generate a frame signature; encrypting the frame signature (using a private key) to generate an encrypted watermark; and modifying pixels of each of the selected macroblocks to generate the secured video frame, the modifications based on bits of the encrypted watermark that are associated with the selected macroblock. The method further includes authenticating a received video frame by comparing a calculated frame signature to an authenticated frame signature, the authenticated frame signature decrypted (using a public key) from an extracted watermark of the received video frame.

Abstract: Systems, computer program products, and methods for linking and partitioning non-fungible tokens by receiving, from a computing device of a first user, a first request to transfer ownership of a resource from a first user to a second user; retrieving, from the computing device of the first user, a first non-fungible token (NFT) for the resource; determining, using an NFT valuation engine, a first value of the first NFT; initiating an NFT generator on the resource based on at least receiving the first request; generating, using the NFT generator, a second NFT for the resource, wherein the second NFT comprises at least an indication of transfer of ownership of the resource from the first user to the second user and the first value of the NFT; and recording the second NFT on a distributed ledger.

Abstract: Techniques described herein relate to a method for performing data protection services for data stored in a shared storage. The method may include identifying, by a primary data node, a protection policy event initiating performance of data protection services for data stored in the shared storage used by the primary data node and secondary data nodes; in response to identifying the protection policy event: obtaining primary data node monitoring information associated with the primary data node; obtaining secondary data node monitoring information associated with the secondary data nodes; assigning at least one resource limit to the primary data node and the secondary data nodes based on the primary data node monitoring information and the secondary data node monitoring information; and initiating performance of the data protection services by the primary data node and the secondary data nodes based on the assigned at least one resource limit.

Abstract: Using sensor data indicating a state of a control target (2) outputted from a sensor (3) and a control input to control the state of the control target (2), a state estimation unit (4a) of a controller (4) calculates an estimate of the state of the control target (2). Further, a calculation unit (4b) of the controller (4) calculates the control input to which colored noise in a predetermined frequency band is added, according to the calculated estimate of the state of the control target (2).

Abstract: A method of particle-based threat scanning may include obtaining a sample from a sample source, generating a plurality of particles from the sample, wherein each particle from the plurality of particles is an array of unique bytes generated based on one or more particle properties, and determining whether the sample is associated with a known threat by comparing the plurality of particles to particle threat signatures in a threat database.

Abstract: A network system enables a user to record media in connection with a user operating a service application to participate in a transport service. In examples, the network system includes a user computing device on which media is recorded and stored in an unrenderable state. The user can elect to make a media recording submission for a particular service activity (e.g., trip provided or received by user). In response to the media recording submission, the user computing device identifies one or more media files that contain media data which depict the service activity. The identified media foes are transmitted to a service computing system where the media files can be rendered.