Abstract: Embodiments of the present invention provide an approach for policy-driven (e.g., price-sensitive) scaling of computing resources in a networked computing environment (e.g., a cloud computing environment). In a typical embodiment, a workload request for a customer will be received and a set of computing resources available to process the workload request will be identified. It will then be determined whether the set of computing resources are sufficient to process the workload request. If the set of computing resources are under-allocated (or are over-allocated), a resource scaling policy may be accessed. The set of computing resources may then be scaled based on the resource scaling policy, so that the workload request can be efficiently processed while maintaining compliance with the resource scaling policy.

Abstract: A method for authenticating a user device request by a dispersed storage managing unit (DSMU) in a dispersed storage network (DSN) begins by the DSMU receiving from a proxy element an authentication request for a portion of a user device request, verifying the request and when validated determining when a permissions list indicates the user device has access permission. The method continues with the proxy element being allowed to execute the portion of the user device request and receiving from another proxy element an authentication request for another portion of the user device request. The method then continues with the request being verified, and when validated, determining when the permissions list indicates the user device has access permission. The method then continues with the another proxy element being allowed to execute the authentication request for the another portion of the user request.

Abstract: According to one example, a system and method are disclosed for malware and grayware remediation. For example, the system is operable to identify applications that have some legitimate behavior but that also exhibit some undesirable behavior. A remediation engine is provided to detect malware behavior in otherwise useful applications, and allow the useful parts of the application to run while blocking the malware behavior. In an example method of “healing,” this may involve modifying the application binary to remove undesirable behavior. In an example method of “personalization,” this may involve inserting control hooks through the operating system to prevent certain subroutines from taking effect.

Abstract: There is disclosed a device and method in a wireless communication system and a wireless communication system, the device including: a secure channel establishing unit configured to establish a secure communication channel between a first apparatus and a second apparatus using a location-based service; a data security key generating unit configured to generate a data security key for protecting service data based on at least a channel key extracted from the secure communication channel; and a controlling unit configured to control the service data protected using the data security key to be transmitted on the secure communication channel. According to the embodiments of the disclosure, it is possible to improve security of data transmission.

Abstract: Disclosed is, among other things, a method for distributing content items to authorized users. The method comprising: a content owner device (190), COD, obtaining a first content item (196a); the COD (190) obtaining a first tag associated with the first content item (196a); the COD (190) obtaining a first content key, CK1, for said first content item (196a); the COD (190) encrypting the first content item (196a) using CK1, thereby producing a first encrypted content item; the COD (190) using at least the first tag and a key derivation function, KDF, to derive a first derived key, DK1; the COD (190) encrypting CK1 using the DK1, thereby producing a first encrypted content key, ECK1; and the COD (190) transmitting information to a content server (108), the information comprising: the first encrypted content item and the first tag.

Abstract: The invention relates to detecting vulnerabilities in technology infrastructure environments. Data describing vulnerabilities detected in a technological environment of an enterprise is obtained. The vulnerability data is combined with data relating to servers, applications associated with the servers, and business functions associated with the applications, within the technological environment of the enterprise in order to create enriched data. The enriched data is enhanced using one or more of the following processes: deduplicating records in the enriched data; modifying of a severity assigned to vulnerabilities based on one or more enterprise-infrastructure factors; archiving and purging of records included in the enriched data; consolidating IP addresses associated with the vulnerabilities; excepting records in the enriched data for vulnerabilities undergoing active remediation; and validating the enriched data. After the enriched data is enhanced, it may be sorted in accordance with one or more filters.

Abstract: In an example embodiment, a request for data is received from an end-user device, the request including one or more contextual attributes of the end-user device. The request is forwarded to a data provider. Data is then received from the data provider. It is determined if the data includes tagged sensitive data. If so, then the tagged sensitive data and the one or more contextual attributes are sent to a data access platform. Then policy constraints corresponding to the data are received from the data access platform. The sensitive data is encrypted in a manner that a data privacy module on the end-user device only decrypts the sensitive data when one or more contextual attributes of the end-user device meet one or more requirements identified in the policy constraints, and then the encrypted sensitive data and the policy are sent to the data privacy module.

Abstract: Methods, systems, and devices may be used for assigning names and bootstrapping of security credentials for Smart Objects inside a Digital Home environment. Methods, systems, and devices for identification and security bootstrapping of a smart object within a digital home environment may include automated assignment of a device level ID and security credential for each smart object in the home using a resource directory.

Abstract: The present invention discloses a visible light encryption method, a decryption method, a communication device and a communication system. The method includes: receiving a visible light signal from a transmit end, where the visible light signal is encrypted at the transmit end by using a key; and obtaining the key, and decrypting the visible light signal according to the key, where the obtaining the key includes: obtaining a key corresponding to a state of a state machine of a receive end; or, obtaining indication information according to the visible light signal and obtaining the key according to the indication information, where the indication information is used to obtain the key. The present invention solves a problem of decryption failure in visible light encryption and decryption, and improves accuracy of decryption.

Abstract: The present disclosure provides a method and a device for detecting network intrusion. The method includes: obtaining a feature vector of a network flow to be detected; and detecting the feature vector using a deep neural network, and determining a network intrusion category of the network flow to be detected, in which the deep neural network is generated by training with training data, the training data includes feature vectors of normal samples and feature vectors of attack samples, the attack samples include original attack samples and generated attack samples by adding noise to the original attack samples. The method can improve an ability to identify unknown attacks and a normalization ability of known attacks.

Abstract: Techniques for malware domain detection using passive Domain Name Service (DNS) are disclosed. In some embodiments, malware domain detection using passive DNS includes generating a malware association graph that associates a plurality of malware samples with malware source information, in which the malware source information includes a first domain; generating a reputation score for the first domain using the malware association graph and passive DNS information; and determining whether the first domain is a malware domain based on the reputation score for the first domain.

Abstract: Techniques for malware detection using clustering with malware source information are disclosed. In some embodiments, malware detection using clustering with malware source information includes generating a first cluster of source information associated with a first malware sample, in which the first malware sample was determined to be malware, and the first malware sample was determined to be downloaded from a first source; and determining that a second source is associated with malware based on the first cluster.

Abstract: Techniques for assessing risk associated with firewall rules are provided. In one implementation, a method includes receiving a request for the network to apply a firewall policy rule to control traffic to a machine associated with the network, wherein the firewall policy rule comprises information that identifies a remote address from which the traffic can originate and a type of the traffic. The method further includes determining a remote address risk value representative of a first degree of security risk associated with allowing the traffic to access the machine in response to the traffic being determined to originate from the remote address; determining a traffic type risk value representative of a second degree of security risk associated with allowing the type of traffic to access the machine; and determining a total risk value based on a combination of the remote address risk value and the traffic type risk value.

Abstract: In an example, there is disclosed a method and system for calculating an object's trust level for security purposes based on prevalence in a context-aware network. In an embodiment, as objects are accessed, a client queries a domain master such as a reputation server to evaluate the object's reputation. The domain master may maintain a prevalence-based reputation database, which may be updated as new clients report object prevalences.

Abstract: A method for locking out a remote terminal unit includes: receiving a lockout request, wherein the lockout request includes at least a public key associated with a user, a user identifier, and a terminal identifier; identifying a user profile associated with the user based on the user identifier included in the received lockout request; verifying the public key included in the received lockout request and permission for the user to lockout a remote terminal unit associated with the terminal identifier included in the received lockout request based on data included in the identified user profile; generating a lockout permit, wherein the lockout permit includes at least the public key included in the received lockout request; and transmitting at least a lockout request and the generated lockout permit, wherein the lockout request includes an instruction to place a lockout on the remote terminal unit.

Abstract: Systems, methods, and software products prevent malware attacks on networks, which include endpoint devices, by providing an environment to the endpoint device which simulates an environment, for example, a security environment, where malware is known to refrain from executing.

Abstract: A system, method, and computer readable medium enhance authentication procedures in an anti-fraud environment when an access control server (ACS) is unavailable to generate a full authentication for unique identifying information received in a current communication from a website. An availability detector verifies that the access control server remains unavailable. A successful authentication identifier requests previous authentication information for a previous communication occurring during a predefined authentication period and corresponding to the unique identifying information. A full authentication generator upgrades the unique identifying information to the full authentication based upon the previous authentication information when the access control server is verified as remaining unavailable. The upgrade to full authentication prevents the current communication from being flagged as fraudulent.

Abstract: The disclosed apparatus may include (1) providing a framework that enables a customer entity of a service provider to configure, via a customer portal, a network device of the service provider that directs network traffic of the customer entity, (2) creating, for the customer entity by way of the framework, a virtual network that includes at least a portion of the network device of the service provider, (3) detecting an attempt by the customer entity to configure at least a portion of the virtual network via the customer portal, and then in response to detecting the attempt by the customer entity, (4) performing a configuration operation that configures the portion of the virtual network as directed by the customer entity via the customer portal. Various other apparatuses, systems, and methods are also disclosed.

Abstract: Systems and methods are disclosed for securing an information handling system. A method for securing an information handling system may include securing the information handling system in an enclosure with a locking mechanism of a bezel; receiving a request to unlock the bezel at a baseboard management controller (BMC), the BMC communicatively coupled to the bezel; retrieving a first artifact stored in a trusted platform module (TPM) in response to the request; attempting to authorize the request using the first artifact; and unlocking the locking mechanism if the request is authorized.

Abstract: A computer system having a system memory and being arranged to permit a target program (90) installed on the system to be modified in a trusted manner. The system comprises a White-list Management Agent, WMA, module (10) for receiving, at a notification receiver (12), a notification that the target program (90) which is loaded into the system memory of the computer system has performed an update operation on the target program resulting in the generation and storage of a modified version of the target program on a storage device associated with the computer system. The WMA module is operable, upon receipt of a target program update notification, to determine if the program (90) as loaded into the system memory is in a trusted state by measuring the program (90) using a program measurer module (14) and comparing this, using a comparator (16), with a pre-stored value contained in a program whitelist (30), the pre-stored value being obtained from the program whitelist (30) using a whitelist reader/writer (18).