Abstract: Systems and methods for detecting malicious activity in a computer system. One or more graphs can be generated based on information objects about the computer system and relationships between the information objects, where the information objects are vertices in the graphs and the relationships are edges in the graphs. Comparison of generated graphs to existing graphs can determine a likelihood of malicious activity.

Abstract: Disclosed are various approaches for workflow service back end integration. In some examples, a command is transmitted causing a client device to present a workflow action to perform. A user command to perform the workflow action is identified using the client device. Authentication data including user credentials and a navigation action for a visual user interface is identified. The user credentials are transmitted to the network service and an emulation of the navigation action is performed. A command that performs the workflow action is transmitted to the network service.

Abstract: In one embodiment, a charm application enables user devices to communicate via physical charms. Upon receiving, from a first user device, a read request that is associated with the physical charm, the charm application identifies a message and an authorization list that are associated with the physical charm and previously received from a second user device. The charm application then determines whether a first user associated with the first user device is authorized to read the message based on the authorization list. If the first user is authorized to read the message, then the charm application transmits the message to the first user device. Notably, each physical charm may be exchanged between any number of users, but only read by authorized users via a user device. Accordingly, user devices may communicate private messages including any type of data with other user devices irrespective of whether technical infrastructures are accessible.

Abstract: The concepts and technologies disclosed herein are directed to a website verification service. A system can receive, from a web server that hosts a website, a query for a set of authentication credentials (“credentials”) to be used to verify that the website is trustworthy. The system can generate and provide the credentials to the web server. The web server can, in turn, provide the credentials to a web browser device for presentation to a user via a web browser application executing on the web browser device. The system also can provide the credentials to a verifier device. The verifier device can present the credentials to the user via a verifier application executing on the verifier device. The user can compare the credentials presented via the web browser application to the credentials presented via the verifier application executing on the verifier device to determine whether the website can be trusted.

Abstract: A system includes an intelligent electronic device (IED) configured to perform operations that include receiving a first user input and deriving a first connectivity association key (CAK) based on the first user input. The system also includes a gateway configured to perform operations that include receiving a second user input, deriving a second CAK based on the second user input, identifying the first CAK of the IED, establishing an adoption link with the IED based on a match between the first CAK and the second CAK, generating a third CAK, and distributing a copy of the third CAK to the IED via the adoption link to establish a MKA connectivity association with the IED.

Abstract: Embodiments of the present invention provide computer-implemented methods, computer program products and computer systems. Embodiments of the present invention can monitor user activity for one or more user interactions performed while connected to a Virtual Private Network. Embodiments of the present invention can then identify potential risks associated with a user and respective user interactions. Embodiments of the present invention can then, in response to determining a respective user interaction of the one or more interactions is suspicious, generate a real time risk score for the respective user interaction. Embodiments of the present invention can then, in response to the generate real time risk score exceeding a threshold level of risk for the respective user interaction, initiate a secondary authentication protocol.

Abstract: Systems, computer program products, and methods are described herein for implementing an enhanced authentication framework using Erasable Programmable Read-Only Memory (EPROM) grid pattern recognition.

Abstract: Examples are disclosed for detecting synthetic online entities that may be used for fraudulent purposes or other purposes. In some aspects, a computing system can generate a data structure that includes nodes and links between the nodes. The nodes can represent online entities and the links can represent geographic associations or transactional associations between pairs of online entities. These associations can be identified from electronic transactions involving the online entities. The computing system can determine, from the links between the nodes, that a degree of connectivity among a subset of the nodes exceeds a threshold connectivity. The degree of connectivity indicates electronic communications involving online entities represented by the subset of the nodes. The computing system can transmit, based on the degree of connectivity exceeding the threshold connectivity, an alert indicating a potential synthetic entity (e.g., potentially fraudulent activity) within the subset of the nodes.

Abstract: A device configured to receive a connection request that includes device authentication credentials and to determine the user device passes authentication in response to identifying a device profile associated with the device authentication credentials. The device is further configured to receive user credentials for a first user and identify a first user identity that corresponds with the user credentials. The device is further configured to establish a first network connection with the user device, to send a token request to the user device, and to receive a token via the first network connection. The device is further configured to identify a second user identity based on the token, to determine the first user identifier matches the second user identifier, and to establish a second network connection for the user device, wherein the network connection enables the user device to access the network.

Abstract: [Problem] Provided is an authorization system capable of reducing a load on a host regarding an invitation procedure in a case where there is a large number of guests or guests are frequently invited, and preventing identity theft or invitation of an unwanted third party.

Abstract: A server comprises a communications module; a processor coupled with the communications module; and a memory coupled to the processor and storing processor-executable instructions which, when executed by the processor, configure the processor to authenticate a user via a first authentication channel; receive, via the communications module and from a computing device associated with the user, a signal representing a request to transfer a first quantity of resources; determine that the first quantity of resources is less than a first threshold associated with the first authentication channel; obtain identity data associated with the request to transfer the first quantity of resources; determine, based on the identity data, that a request to transfer a second quantity of resources has been previously initiated by the user via a second authentication channel that is different than the first authentication channel; and determine that the sum of the first quantity of resources and the second quantity of resources i

Abstract: A user requests to join a meeting is detected. The meeting includes a meeting audio stream of one or more participant audio streams that include participant timestamps that correspond to when one or more other users are in the meeting. The user is prompted for an authentication credential based on the detecting the request to join the meeting. A participant profile of the user is determined based the authentication credential. The user is authorized access to the meeting and a first timestamp is saved. A first audio stream of the user is recorded. The user is identified as having left the meeting and a second timestamp is saved. A transcript of the meeting audio stream is generated based on the first audio stream and the one or more participant audio streams. The first timestamp, the second timestamp, and the meeting are associated with the participant profile.

Abstract: An application for dynamic, granular access permissions can include a database interface, a user interface, a login process, an administrator, an event handler and an authorization process. The database interface can be an interface to an access control permissions database that stores roles, actions, or policies for users of the application. The login process can authenticate a user and determine a default set of access control permissions for that user when they are using the user interface. The administrator can provide access control permissions for a user by using the database interface. The event handler can dynamically modify access to functionality in the user interface based on an event. The authorization process can determine whether a request from the user interface is authorized before process the request. The authorization process can use access control permissions from the administrator and either a scope limited or a temporally limited access permission.

Abstract: Systems and methods authenticate an end user of an enterprise with an external service provider. The enterprise comprises an identity provider and an entitlements data store that communicate via web services calls. The identity provider makes a determination of whether an end user is authorized to access the external service provider based on: (i) authentication of the end user by the identity provider; and (ii) data from the entitlements data store for the end user with respect to the external service provider. Upon a determination by the identity provider that the end user is authorized to access the external service provider, the identity provider send a SAML token to the end user. The SAML token comprises an XML representation of entitlement information for the end user for the external service provider.

Abstract: Disclosed herein is a method of facilitating policy-compliant end-to-end encryption for individuals between organizations. Accordingly, the method may include a step of receiving, using a communication device, a first recipient indication associated with a first recipient of a first tenant from a sender device associated with a sender of a second tenant. Further, the method may include a step of retrieving, using a storage device, a predefined policy definition associated with the first tenant. Further, the method may include a step of identifying, using a processing device, a recipient certificate associated with the first recipient based on the predefined policy definition. Further, the method may include a step of retrieving, using the storage device, the recipient certificate associated with the first recipient based on the identifying. Further, the method may include a step of transmitting, using the communication device, the recipient certificate to the sender device.

Abstract: In a subscription profile downloading method when an application in a device triggers subscription profile downloading, an operator server sends, to a subscription management server, authentication information of an application allowed to initiate subscription profile downloading; and when receiving an authentication request sent by the device, the subscription management server uses the authentication information to attempt to authenticate the application initiating subscription profile downloading in the device, and provides subscription profile downloading for the device after the authentication succeeds. The subscription management server may add the authentication information to a subscription profile downloaded last time and send the subscription profile to the device, and when the device downloads a different subscription profile next time, the device may use the authentication information in the subscription profile downloaded last time to attempt to authenticate the application.

Abstract: Presented herein are systems and methods for processing tokens in identity assertions for access control to resources. A server may receive, via an interface from a gateway, a request to permit a customer device to access a resource associated with the server. The request may include an identifier for the customer device and a first token used to authenticate the customer device at the gateway. The server may generate, responsive to validating the first token, a second token to be used to authorize the customer device at the server for access to the resource. The server may store, on a database, an association identifying the identifier, the first token, and the second token. The server may perform the server, an action to permit the customer device access to the resource associated with the server based on the association maintained on the database.

Abstract: A method including transmitting, by a network device to a security device, an initial security instruction set including a plurality of initial security instructions associated with operation of the security device; transmitting, by the network device to the security device, an event signal associated with the security device carrying out the network-facing operation; receiving, by the network device from the security device based on transmitting the event signal, a security instruction associated with the security device carrying out the network-facing operation, the security instruction being from among the plurality of initial security instructions; translating, by the network device, the security instruction into a host instruction to be executed by the network device; and transmitting, by the network device to the security device based on executing the translated host instruction, communication information to enable the security device to carry out the network-facing operation is disclosed.

Abstract: Methods, computer program products, and systems are presented. The method computer program products, and systems can include, for instance: establishing a relationship graph for a certain user, the relationship graph having a primary node that specifies the certain user and a plurality of lower order nodes, wherein the primary node and at least one lower order node of the plurality of lower order nodes is connected to at least one other node by an edge so that there are defined a plurality of edges; generating a prioritized list of individuals to provide assistance to the certain user in respect to the certain task based on populated edge weight scores for edges of the relationship graph; and providing one or more output based on the prioritized list.

Abstract: Network infrastructure can be automatically detected. A network sensor detects a new network message. A source-address of the new network message is extracted. A plurality of addresses are assembled based on the source-address. These are recursed, using each of the unique similar-addresses as current addresses. Metadata is assembled for each of the addresses in the plurality of addresses. For each particular address in the plurality of addresses, a risk-label is assigned out of a plurality of possible risk-labels, by weighing a plurality of factors; and performing a network security action with the risk-label.