Abstract: Systems and methods for combining input data and machine learning models that remain secret to each entity are described. This disclosure can allow groups of entities to compute predictions based on datasets that are larger and more detailed collectively than individually, without revealing their data to other parties. This is of particular use in artificial intelligence (AI) tasks in domains which deal with sensitive data, such as medical, financial, or cybersecurity.

Abstract: An improved Narrowband Internet of Things device (UE) supporting resource sharing for integrated Subscriber Identity Modules (iSIM) is provided. The cost per UE is reduced by reducing the chip area and energy consumption of an integrated UICC chip therein since identical components of the modem and the iSIM are designed as shared components, whereas a hardware arbiter manages an access to THE shared components by the modem or the iSIM and prevents information leaking.

Abstract: Devices, systems, and methods are provided for communications between autonomous and emergency vehicles. A method may include identifying, by an autonomous vehicle (AV), a first message received from a first vehicle, and identifying, by the AV, in the first message, information associated with identifying the AV, a security key associated with identifying the first vehicle, and an instruction associated with causing the AV to perform an action. The method may include authenticating, by the AV, based on the security key, the first vehicle, and controlling operation, based on the instruction and the information associated with identifying the AV, of the AV to perform the action.

Abstract: A security negotiation method includes receiving, by a terminal, security negotiation information from a centralized unit control plane (CU-CP)/a centralized unit user plane (CU-UP), where the security negotiation information includes an integrity protection indication identifier of the CU-UP, and determining, by the terminal based on the integrity protection indication identifier, whether to enable user-plane integrity protection of the terminal.

Abstract: Technologies disclosed herein provide a method for receiving at a device from a remote server, a request for state information from a first processor of the device, obtaining the state information from one or more registers of the first processor based on a request structure indicated by a first instruction of a software program executing on the device, and generating a response structure based, at least in part, on the obtained state information. The method further includes using a cryptographic algorithm and a shared key established between the device and the remote server to generate a signature based, at least in part, on the response structure, and communicating the response structure and the signature to the remote server. In more specific embodiments, both the response structure and the request structure each include a same nonce value.

Abstract: Exemplary methods, apparatuses, and systems include a central controller receiving a request to generate a new encryption key for a security group to replace a current encryption key for the security group. The security group includes a plurality of hosts that each encrypt and decrypt communications using the current encryption key. In response to receiving the request, the central controller determines that a threshold period following generation of the current encryption key has not expired. In response to determining that the threshold period has not expired, the central controller delays execution of the request until the expiration of the threshold period. In response to the expiration of the threshold period, the central controller executes the request by generating the new encryption key, storing a time of creation of the new encryption key, and transmitting the new encryption key to the plurality of hosts.

Abstract: A denial-of-service detection system includes a denial-of-service detection subsystem coupled to a plurality of storage systems via a network. The denial-of-service detection subsystem receives current first storage system data for each of a plurality of different storage system operating metrics from a first storage system included in the plurality of storage systems.

Abstract: In accordance with embodiments, there are provided mechanisms and methods for security verification of communications to tenants of an on-demand database service. These mechanisms and methods for security verification of communications to tenants of an on-demand database service can enable embodiments to allow tenants to selectively implement security measures with respect to inbound communications, etc. The ability of embodiments to provide such feature may allow tenants to efficiently and effectively implement security measures for in-bound emails.

Abstract: Methods for operating a UE, a network node, a Session Management Function (SMF) and a Unified Data Management (UDM) are disclosed. The methods include transmitting, by a UE, a Protocol Data Unit (PDU) Session Establishment Request message toward an SMF in the communication network (902A), and receiving at the UE a policy decision on security protection of User Plane (UP) data terminating in a RAN for the PDU Session (904A). The policy decision received at the UE may be in accordance with a UP security policy provided by the SMF to the RAN during PDU Session Establishment. Also disclosed are a UE, network node, SMF and UDM.

Abstract: Apparatuses, methods, systems, and program products are disclosed for dynamically sharing wireless signature data. An apparatus includes a processor and a memory that stores code executable by the processor. The code is executable by the processor to detect a wireless signature emitted from an information handling device at a network-connected device and record wireless signature information for the information handling device based on the wireless signature. The code is executable by the processor to receive a request to share the wireless signature information with a requesting party. The code is executable by the processor to share the wireless signature information with the requesting party from the network-connected device in response to determining that the requesting party is an authorized party for receiving the wireless signature information.

Abstract: A caching framework for a multi-tenant cloud-based system includes a plurality of microservices, a global cache that implements a global namespace, and a plurality of tenant caches, each tenant cache corresponding to a different tenant of the multi-tenant cloud-based system. The framework further includes a common module corresponding to each of the microservices and comprising a cache application programming interface (API), and a cache module comprising a service provider interface (SPI) adapted to connect to a distributed remote cache.

Abstract: According to one embodiment, a host communicates with a data processing (DP) accelerator using an obfuscation scheme. The DP accelerator receives an obfuscation kernel algorithm (or obfuscation algorithm), where the obfuscation kernel algorithm is used to obfuscate and de-obfuscate data in communication with a host. The DP accelerator de-obfuscates, using the obfuscation kernel algorithm, obfuscated data received from the host for a prediction request to obtain one or more AI models. The DP accelerator generates prediction results by applying the one or more AI models to a prediction input. The DP accelerator obfuscates, using the obfuscation kernel algorithm, the prediction results. The DP accelerator sends the obfuscated prediction results to the host, where the host retrieves the prediction results by de-obfuscating the obfuscated prediction results.

Abstract: A system for context-based data scrutinization and capture is provided. The system comprises: a memory device with computer-readable program code stored thereon; a communication device connected to a network; a processing device, wherein the processing device is configured to execute the computer-readable program code to: monitor a data storage location using a crawler bot configured for scanning an artifact stored in the data storage location; scan the artifact, using the crawler bot, for one or more data fields, wherein at least one of the one or more data fields comprises unobscured private data; identify an artifact type for the artifact based on the one or more data fields; and capture the artifact from the data storage location based on the artifact and the unobscured private data, wherein capturing the artifact comprises temporarily removing the artifact from the data storage location.

Abstract: A user device is associated with a dynamic trust score that may be updated as needed, where the trust score and the updates are based on various activities and information associated with the mobile device. The trust score is based on both parameters of the device, such as device type, registered device location, device phone number, device ID, the last time the device has been accessed, etc. and activities the device engages in, such as amount of transactions, dollar amount of transactions, amount of denied requests, amount of approved requests, location of requests, etc. Based on a transaction request from the user device, the trust score and a network reputation score is used to determine an overall trust/fraud score associated with the transaction request.

Abstract: A wireless enabled lighting device having the ability to retrieve credentials for a primary wireless LAN from another previously configured wireless enabled lighting device is disclosed. After installation, the lighting device may be instructed to join a secondary wireless network temporarily provided by the previously configured lighting device. Once connected to the secondary wireless network, the lighting device may be provided the credentials for the primary wireless LAN from the previously installed device. The lighting device may then join the primary wireless LAN based on the provided credentials and may automatically initiate enrollment with a remote cloud service. After enrollment, the lighting device may be instructed to operate as an access point for the secondary wireless network, thereby allowing a subsequently installed lighting device to retrieve the credentials for the primary wireless LAN from the newly enrolled lighting device.

Abstract: In some examples, a system for implementing a protocol for data transmission can include a processor to transmit a public key or an encrypted name to a ledger of a source computing device and receive a scoring code, training data, and data definitions from the source computing device. The processor can also transmit predicted labels encrypted with the public key to the source computing device, the predicted labels based on the training data and the data definitions, and receive labeled test data from the source computing device. The processor can also transmit decrypted predicted labels to the source computing device, receive a list of evaluation results from a set of remote computing devices, transmit scoring results based on the list of evaluation results to the set of remote computing devices, and execute an instruction based on a techniques corresponding to a highest score from the scoring results.

Abstract: In an embodiment, a computer-implemented method includes receiving, from a pre-processor, an output file; where the output file is created by the pre-processor in response to input of an electronic file to the pre-processor; where the electronic file is an attachment to a message that is in-transit to a recipient computer on a network; where the output file contains features that are created by the pre-processor analyzing one or more sub-features of the electronic file; receiving, from a machine learning-based classifier, malware classification data that indicates whether the electronic file does or does not contain malware; where the malware classification data is output by the machine learning-based classifier in response to the machine learning-based classifier determining that the features are or are not indicators of obfuscation; where data used to create the machine learning-based classifier includes output files previously created by the pre-processor; in response to the malware classification data mat

Abstract: The disclosed technology relates to a mobile terminal adapted to receive a memory card comprising a processing unit, an input interface and a card locking actuator configured to lock the memory card into the mobile terminal. The card locking actuator is controlled by the processing unit. In one aspect, the card locking actuator is configured to be locked when the mobile terminal is switched on. In another aspect, the processing unit is configured to lock the screen until a screen unlocking authentication procedure is performed by a user at the input interface and is configured to command unlocking of the card locking actuator after detecting that a predetermined authentication procedure is performed by a user at the input interface.

Abstract: The present description relates to systems and techniques for allowing a third party verifier to verify aspects of secured data, or successful communication thereof. For example, a message or other data may be associated with a shared manifest that describes aspects of some data but does not reveal or expose the data. As a result, the data may be kept private while selective privacy and verification with respect to the data is achieved by the inclusion of only selected aspects of said data in the shared manifest.

Abstract: Embodiments of the present disclosure relate to a data analysis system that may automatically generate memory-efficient clustered data structures, automatically analyze those clustered data structures, and provide results of the automated analysis in an optimized way to an analyst. The automated analysis of the clustered data structures (also referred to herein as data clusters) may include an automated application of various criteria or rules so as to generate a compact, human-readable analysis of the data clusters. The human-readable analyses (also referred to herein as “summaries” or “conclusions”) of the data clusters may be organized into an interactive user interface so as to enable an analyst to quickly navigate among information associated with various data clusters and efficiently evaluate those data clusters in the context of, for example, a fraud investigation. Embodiments of the present disclosure also relate to automated scoring of the clustered data structures.