Abstract: A universal tag linked to the content of a data file for protecting the authenticity of the data file and/or the owner/creator of a digital file. The universal tag is linked to the content in the data file via one or more input keys/seeds that are used to generate the universal tag and rely on data associated with the content. Once generated, the universal tag is registered on a distributed ledger of at least on distributed trust computing network, which acts as a source of truth to validate the universal tag and, as such, validate (i) an authenticity of the data file, and/or (ii) the user associated with the data file (e.g., rightful possessor and/or creator of the digital file).

Abstract: Embodiments of the present disclosure relate to managing admin-controlled access of external resources to group-based communication interfaces associated with an organization, via a group-based communication system including APIs for improved external resource permissioning, provisioning, and access handling. Embodiments include methods, computer program products, apparatuses, and systems configured to receive an external resource access request, determine an organization identifier, obtain an admin response indication, set an external resource permission status for the external resource based on the admin response indication, and cause rendering of the requested group-based communication interface based on the admin response indication. Embodiments further relate to provisioning and handling requests for services associated with an external resource by managing one or more single-interface access tokens linked to a multi-interface access token.

Abstract: Embodiments of the present disclosure provide hierarchical, differential privacy enhancements to federated, machine learning. Local machine learning models may be generated and/or trained by data owners participating in the federated learning framework based on their respective data sets. Noise corresponding to and satisfying a first privacy loss requirement are introduced to the data owners' respective data sets, and noise corresponding to and satisfying a first privacy loss requirement are introduced to the local models generated and/or trained by the data owners. The data owners transmit model data corresponding to their respective local models to a coordinator, which in turn aggregates the data owners' model data. After introducing noise corresponding to and satisfying a third privacy loss requirement to the aggregated model data, the coordinator transmits the aggregated model data to the data owners to facilitate updating and/or re-training on their respective machine learning models.

Abstract: A system, method and program product for implementing a compound security platform for providing secure access to private data in an encrypted storage area. A disclosed system includes an application configured to receive queries from application users requiring access to encrypted private data; a middle security layer callable from the application to facilitate predefined access to the encrypted private data; a root security layer configured to receive a decryption request from the middle security layer, perform decryption on specified encrypted private data, and return decrypted data to the middleware layer; a hashing system that generates a content hash of the middle security layer and root security layer to ensure integrity of the middle security layer and root security layer; and an auditing detection system that detects malicious auditing of parameters.

Abstract: A computer implemented and electronic process is provided that uses artificial intelligence to detect unauthorized activity by an insider or hacker. Electronic systems that employ artificial intelligence and machine learning to detect unauthorized transaction activity by insiders or hackers for a computer network system are also provided. Hardware required for carrying out the invention typically include a plurality of networked computers. Specialized software and/or firmware is typically needed in connection with the hardware for carrying out the invention.

Abstract: A computer-implemented method, executed by one or more email detection computers, receives from a computer network, a first email message from a first sender account to a first recipient account and having a plurality of attributes. The method determines that the first email message is a phishing email, extracts a subset of attributes, normalizes transformable attributes, and generates a hash representation from fixed attributes and the normalized transformable attributes, stores the hash representation in a database, receives a second email message, and determines that the second email message is a phishing email based on the stored hash representation.

Abstract: To include a storage unit to store a plurality of server certificates different in subjects; and a communication unit to receive a connection request for communication established by using any one of the plurality of server certificates and to transmit a single server certificate selected out of the plurality of server certificates to a source of the connection request according to a source internet protocol (IP) address of the connection request.

Abstract: A system includes a communication channel monitor configured to calculate a hash value of a first encrypted code segment based on a measurement. A security module may derive a first encryption key using a key decryption function operation from the hash value of the first encrypted code segment. A processor decrypts the first encrypted code segment with a seed key retrieved from a storage device, and if the decryption is successful then executes the first decrypted code segment. The processor may retrieve a second one of the encrypted code segments, wherein the second encrypted code segment is a next encrypted code segment for execution after the first encrypted code segment according to a sequence of execution, decrypt the second encrypted code segment with the first encryption key, and if the decryption is successful then execute the second decrypted code segment.

Abstract: Custom policies are definable for use in a system that enforces policies. A user, for example, may author a policy using a policy language and transmit the system through an application programming interface call. The custom policies may specify conditions for computing environment attestations that are provided with requests to the system. When a custom policy applies to a request, the system may determine whether information in the attestation is sufficient for the request to be fulfilled.

Abstract: An operator system of a wireless communication network operator sends, to a regulator system of a regulator, a record that includes information about administration of a subscription identifier associated with the wireless communication network operator. Responsive to sending the record to the regulator system, the operator system receives a response that indicates whether the regulator system approves of or rejects the record being added to a permissioned distributed database that is distributed at least in part between the regulator system and the operator system. The operator system adds or does not add the record to the permissioned distributed database depending on the response.

Abstract: This disclosure provides for a network element (in the middle) to inject enrichments into SSL connections, and for taking them out. This network element is sometimes referred to herein as a “middle box.” In the context of layered software architecture, this solution preferably is implemented by a library that operates below the SSL layer and above the TCP sockets layer at the two endpoints of the SSL connection. Preferably, the SSL enrichments are implemented as SSL/TLS records.

Abstract: Disclosed are various embodiments for delegating authentication to certificate authorities. A connector service identifies a certificate request from a messenger service. The certificate request includes a credential identifier for a certificate authority. An authentication credential is retrieved using the credential identifier. A certificate request and the certificate authority authentication credential are transmitted to the certificate authority. A certificate is retrieved and provided as a response to the certificate request.

Abstract: A method for automatically managing a platform firewall using a network function (NF) repository function (NRF) or service communication proxy (SCP) includes receiving message relating to registering, updating, or deregistering an NF profile in an NF profiles database separate from a platform firewall. The method further includes determining that the registering, updating, or deregistering of the NF profile requires a change to a firewall rules configuration of the platform firewall. The method further includes, in response to determining that the registering, updating, or deregistering of the NF profile requires a change to the firewall rules configuration of the platform firewall, automatically updating, by the NRF or SCP, the firewall rules configuration of the platform firewall.

Abstract: The disclosure relates generally to methods, systems, and apparatuses for managing network connections. An example method includes receiving one or more messages from a plurality of computing devices connected through a network, the one or more messages indicating actual connections among the plurality of computing devices. The example method further includes comparing, by one or more processors, the actual connections to a list of expected connections indicated by a connections master file that comprises connection information for the plurality of computing devices. The method further includes, responsive to detecting one or more differences between the list of expected connections and the actual connections, providing a notification indicating the one or more differences to a log file or a notification area of a user interface.

Abstract: The present disclosure relates to an IP-based security control method and a system thereof. According to the present disclosure, the method comprises: selecting a target IP address that is an IP address of a security control target; generating IP monitoring information by scanning a port of the target IP address; determining an IP risk level of the target IP address by using the IP monitoring information; and generating a security report including at least one of an IP list determined by a preset IP risk level and IP monitoring information of an IP included in the IP list, wherein the IP monitoring information includes at least one of an IP address of the target IP address, banner information, application information, security vulnerability information, a malicious code, and a similar domain.

Abstract: A system and method for trigger-based scanning of cyber-physical assets, including a distributed operating system, parameter evaluation engine, at least one cyber-physical asset, at least one crypt-ledger, a network, and a scanner that detects trigger conditions and events and performs scans of cyber-physical assets based on the trigger and any relevant stored scan rules before storing scan results as time-series data.

Abstract: Systems, methods, and computer-readable storage devices that enable secured data access from a mobile device executing a native mobile application and a headless browser. The technology includes interactions between an API, a secure connection, a headless browser, that utilize one or more of web site data, fingerprint data file locations and additional web page data.

Abstract: The technology disclosed herein enables a method to receive an indication of a change to an operating mode of a device from a first operating mode to a second operating mode, and identify a cryptographic item stored at a memory of the device, wherein the cryptographic item corresponds to an identification of the device signed with a digital signature, and wherein the digital signature is based on a private key that is inaccessible to the device. On response to receiving the indication of the change to the operating mode of the device, the method can modify the cryptographic item stored at the memory, and operate the device in the second operating mode based on the modified cryptographic item. The indication of the change to the operating mode of the device can correspond to a detection of a change in a function of the device.

Abstract: Discussed herein is a technique for replication of keys across regions of a cloud infrastructure. A first vault is created in a first region. The first vault stores a plurality of records, each of which is associated with a key and corresponding metadata. A second region, different from the first region, is selected where replication of the plurality of records is desired. A second vault is created in the second region. The plurality of records are relayed from the first vault to the second vault, so that each of the plurality of records is replicated in the second vault based on an entropy value of the record. A mutation operation executed with respect to the first vault is stored as a new record in the first vault. The new record is transmitted to the second vault, which is updated to reflect the mutation operation performed on the first vault.

Abstract: A rule-based attribution mechanism analyzes documents having different types of data in different formats through the application of script-based rules that apply a tag to the document identifying the type of sensitive data that is contained in the document. Documents having similar tags are aggregated so that the sensitive data is scrubbed from the document leaving the telemetric data available for downstream processing. The scrubbing entails different actions, such as, eliminating the sensitive data, obfuscating the sensitive data, and converting the sensitive data into a non-sensitive value.