Abstract: A computer access control system includes a client electronic device configured to administer an alertness test to a user. A computer access controller is coupled to and configured to be actuated by the client electronic device.

Abstract: Provided is a security system or the like with which security can be improved. A security system according to one embodiment of the present invention is provided with: a packet reception means that receives a request from an intruding device that is attempting intrusion; a dummy resource characteristic information storage means that stores characteristic information for a plurality of virtual dummy resources; a dummy response generation means that generates a dummy response on the basis of the characteristic information in response to the request directed to the dummy resource; a dummy response transmission control means that controls a request end flag, which indicates the presence/absence of untransmitted dummy resources, on the basis of a timer value; and a dummy response transmission means that, on the basis of the request end flag, transmits the dummy response to the intruding device that transmits the request.

Abstract: The present disclosure is directed at systems and methods for detecting ransomware infection in filesystems. These systems and methods may enable a computer user to detect a ransomware infection within a filesystem utilizing a snapshot image-based backup. According to some embodiments, the disclosed systems and methods analyze metadata describing the contents of an examined filesystem embodied in a Master File Table (MFT). Also according to some embodiments, the disclosed systems and methods compute an entropy associated with an extracted sample of files to distinguish between infected and uninfected file systems. Relative to other techniques, the disclosed systems/methods can decrease the time and/or computational resources required to detect ransomware, while also decreasing false positives and false negatives.

Abstract: Provided is a security system or the like with improved security.

Abstract: There is provided a physical layer security (PLS) system for enhanced cryptographic security and diversity of transmitted data, the system comprising a transmitter for first, converting the data into a plurality of OFDM symbols; second, multiplexing the plurality of OFDM symbols into parallel M OFDM streams; and third, performing spatial interleaving (SI) on the parallel M OFDM streams using a secret key. The system further comprises a receiver for receiving and de-scrambling the transmitted plurality of data samples, wherein software-defined radio (SDR) units are used as the system transmitter and receiver.

Abstract: An entertainment access system is provided that enables a user to request and receive status reports that present current information concerning a wide variety of items pertaining to the user's devices, entertainment content and usage rights in a standard, predictable and consistent manner that enhances rather than hinders the user experience. In some illustrative examples, the user can request the status report from one of his devices that is registered with the entertainment access system. The entertainment access system responds by collecting and formatting the status information so that is can be conveniently displayed or otherwise rendered on the registered device. For instance, if the request is received from a cell phone device, which generally has a relatively small screen, the information may be presented in a relatively abbreviated format.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for storing blockchain data. One method includes receiving a request from an application component of a blockchain node to execute one or more software instructions in a trusted execution environment (TEE); determining one or more blockchain node blocks for executing the one or more software instructions; performing error correction coding of the one or more blocks in the TEE to generate one or more encoded blocks; dividing each of the one or more encoded blocks into a plurality of datasets; selecting one or more datasets from each of the one or more encoded blocks; and hashing the one or more datasets to generate one or more hash values corresponding to the one or more datasets for use in replacing the one or more datasets to save storage space of the blockchain node.

Abstract: Systems for generating enhanced biometric data and using enhanced biometric data to process events are provided. A system may receive a request for enhanced biometric data from a first user and may extract details associated with the request. Based on the identity of the first user and the extracted details, a user profile may be selected from a plurality of user profiles associated with the first user. The user profile may include biometric data of the first user, predetermined limits on types of events to be processed, amounts, and the like. The system may generate enhanced biometric data based on the user profile and may transmit the enhanced biometric data to a computing device of a second user. The second user may then provide the enhanced biometric data when requesting to process an event.

Abstract: Systems for generating enhanced biometric data and using enhanced biometric data to process events are provided. A system may receive a request for enhanced biometric data from a first user and may extract details associated with the request. Based on the identity of the first user and the extracted details, a user profile may be selected from a plurality of user profiles associated with the first user. The user profile may include biometric data of the first user, predetermined limits on types of events to be processed, amounts, and the like. The system may generate enhanced biometric data based on the user profile and may transmit the enhanced biometric data to a computing device of a second user. The second user may then provide the enhanced biometric data when requesting to process an event.

Abstract: An operating system (OS) receives a request to allocate a physical memory page to an address space of an application. The OS maintains a data structure that stores references to a plurality of physical memory pages that are available to be allocated, and generates a random index into the data structure, wherein the random index comprises a random number, and wherein the random index corresponds to a first reference for a first physical memory page of the plurality of physical memory pages. The OS selects the first physical memory page of the plurality of memory pages from the data structure using the random index, and maps the first physical memory page to the address space of the application.

Abstract: A server includes a processor to execute a single generic composited layered image that includes an operating system layer and an application layer. A layering engine hooks into the user log-in process to capture a user identification of the user initiating the log-in process, and compares the user identification to a list of additional application layers that are to be available to different users based on their respective user identifications. The layering engine determines if at least one additional application layer is to be available to the user based on the compare, and creates a single user-specific composited layered image by mounting the at least one additional application layer to the single generic composited layered image if the at least one additional application layer is to be available to the user.

Abstract: A vehicle system may include a vehicle configured to store a public key of the vehicle and a private key of the vehicle; a portable terminal configured to store the public key of the vehicle, a public key of the portable terminal, and a private key of the portable terminal; and a server configured to generate a token and encrypt the token with the public key of the vehicle and the public key of the portable terminal.

Abstract: A radio transmitter adjusts the spectral, amplitude, and/or phase characteristics of its transmissions to defeat radio fingerprinting identification without destroying the content of the transmissions. The transmitter determines a threshold of signal distortion that impedes RF fingerprint identification while providing an acceptable amount of degradation to data transmissions and then synthesizes a distortion of its unique RF fingerprint to impede identification. The transmitter may create RF fingerprint “personalities” to be paired with different radio protocol behaviors and subscriber terminal identification codes (e.g., MAC addresses or SMSIs) for generating different radio identities.

Abstract: A server receives a single certificate signature request from a requestor and determines that the requestor is authorized for a certificate corresponding to the single certificate signature request. The server generates a first certificate corresponding to the single certificate signature request, wherein the first certificate has a first expiry value. The server transmits the generated first certificate to the requestor. Responsive to an amount of time elapsing, the server automatically generating a second certificate corresponding to the single certificate signature request, wherein the amount of time expiring is less than the first expiry value. The server transmits the generated second certificate to the requestor.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for storing blockchain data. One method includes receiving a request from an application component of a blockchain node to execute one or more software instructions in a trusted execution environment (TEE); determining one or more blockchain node blocks for executing the one or more software instructions; performing error correction coding of the one or more blocks in the TEE to generate one or more encoded blocks; dividing each of the one or more encoded blocks into a plurality of datasets; selecting one or more datasets from each of the one or more encoded blocks; and hashing the one or more datasets to generate one or more hash values corresponding to the one or more datasets for use in replacing the one or more datasets to save storage space of the blockchain node.

Abstract: A method for encrypting data stored in a memory area is proposed, wherein the data are encrypted on the basis of a key identification for the data and on the basis of a one-time key.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a possible attacker. A log-in process or a user-authentication process, is augmented or enriched by one or more incidental tasks, which force the user to perform additional on-screen interactions or input-unit interactions, which in turn enrich and augment the pool of user interactions from which the system extracts one or more user-specific features. The extracted user-specific features are used as part of the user authentication process, and are further used to differentiate among users.

Abstract: In one implementation, a redactable document signature system includes an encoding engine, a reordering engine, and a signature engine. The encoding engine is to access a plurality of subdocuments of a document, to generate a plurality of commitment values from the plurality of subdocuments, and to generate a plurality of dummy values. Each dummy value is indistinguishable from a commitment value. The reordering engine is to define an order of the plurality of commitment values and the plurality of dummy values independent of an order of the subdocuments. The signature engine is to calculate a signature value for the document using the plurality of commitment values and the plurality of dummy values according to the order.

Abstract: Cyber-attacks can be mitigated by automatically coordinating responses from cyber-security tools. For example, a cyber-security engine can include software modules created by multiple sources, each of the software modules being for integrating a respective cyber-security tool with the cyber-security engine. The cyber-security engine can use the software modules to communicate with the cyber-security tools in order to detect one or more events indicative of a cyber-attack against a computing environment. The cyber-security engine can then determine a coordinated-response strategy involving cooperation among the cyber-security tools to mitigate the cyber-attack. The cyber-security engine can transmit commands to the cyber-security tools to cause the cyber-security tools to implement the coordinated-response strategy.

Abstract: A method, device and non-transitory computer readable medium for randomized multi-factor authentication with biometrics includes randomly selecting one of a plurality of biometrics in response to a request from a client device. At least the randomly selected biometric is requested from the requesting client device. A match of the requested randomly selected biometric received from the requesting client device against stored biometric information above a set threshold is verified. Access for the request is granted when the verification indicates the match.