Abstract: According to one embodiment, a data protection apparatus includes a processor configured to execute an encryption process on log data including a data frame including a plurality of pieces of data generated along a time sequence. The processor is configured to encrypt each of the pieces of data with a corresponding encryption key among a first initial key and a first encryption keys generated in a forward direction to a time sequence of the pieces of data. The processor is configured to encrypt each of a plurality of pieces of data encrypted with the corresponding encryption key with a corresponding encryption key among a second initial key and a second encryption keys generated in a backward direction to a time sequence of the pieces of data.

Abstract: The present disclosure is directed to providing an information processing apparatus in which a management application is executed sets a first schedule for determining timing for transmitting an instruction to shift to a predetermined power supply state in which a request via a network fails to a management target device and a second schedule for determining timing for transmitting a request according to a setting of a security policy to the management target device via the network, and executes processing so that timing for transmitting a request based on the second schedule regarding the setting of the second schedule does not overlap with a period during which a request fails due to an instruction to be transmitted based on the first schedule.

Abstract: Systems and methods are provided for learning normal behavior for user roles of an application running within a cluster of container orchestration platform and based thereon proactively taking action responsive to suspicious events. According to one embodiment, an event data stream is created by an API server of the cluster. The data for each event includes information regarding a request made to an API exposed by the API server with which the event is associated and a user of the application by which the event was initiated. The data is augmented with a role associated with the user and an anomaly threshold for the role. Normal behavior is learned by an ML algorithm of respective user roles by processing the augmented data. When an anomaly score associated with a particular event is output by the ML algorithm that exceeds the anomaly threshold, a predefined or configurable action is triggered.

Abstract: In some implementations, a server may receive, from a first user device, a request to use an encrypted representation of a digital representation of a physical identifier (ID) associated with the user. Accordingly, the server may transmit, to a second user device, a prompt associated with validation of the request, and may receive, from the second user device, a response to the prompt. The server may validate the request using the response to the prompt. The server may transmit, to a first remote server, at least a first portion of the encrypted representation with a request to perform a first action associated with the user. The server may additionally transmit, to a second remote server, at least a second portion of the encrypted representation with a request to perform a second action associated with the user.

Abstract: The methods and system allow for the generation of a signcrypted biometric electronic signature token using a subsequent biometric sample after an enrollment of a biometric reference value in a biometric system. The signcrypted biometric electronic signature token involves simultaneous encryption and digital signature to protect the confidentiality. The system as described herein provides data integrity, origin authentication, and efficiency by performing encryption and digital signature simultaneously. The process allows a signcrypting party to enroll in a biometric service, sign a piece of data or content using a public key, that may be tied to a trusted anchor certificate authority, and submit a biometric sample. Subsequently, the relying party may validate the information on that piece of data or content to confirm the identity of the signcrypting party.

Abstract: Methods and systems are described herein for facilitating blockchain operations in decentralized applications by offering enhanced efficient when conducting blockchain operations using cryptography-based, digital ledgers through the use of specialized indexing. For example, as opposed to relying on raw blockchain data to power decentralized applications, the methods and systems use a blockchain indexer. The blockchain indexer provides a queryable record of a subset of blockchain operations.

Abstract: Biometric data such as iris, facial, or fingerprint data may be obtained from a user. A public code may be generated from the biometric data, but does not obtain any of the biometric data or information that can be used to identify the user. The public code includes information that can be used to extract from the biometric data a biometric code that is suitable for bitwise comparison. Neither the underlying biometric data nor information from which the biometric data may be determined is stored as only the public code and the actual biometric feature of the user is required to generate the biometric code.

Abstract: According to an aspect, a method includes receiving data loss prevention (DLP) restriction data, where the DLP restriction data defines a first DLP control. The first DLP control identifies at least one content attribute of restricted content. The first DLP control identifies a restriction to a computer function when the restricted content is rendered on a display of a computing device. The method includes storing the DLP restriction data in a memory device associated with an operating system of the computing device, detecting, by the operating system, that content rendered on the display of the computing device includes at least a portion of the restricted content as identified by the at least one content attribute, and restricting the computer function during a period of time in which the portion of the restricted content is rendered on the display.

Abstract: Disclosed are a device and a method for user authentication using a security card. The device for user authentication comprises: a card reader which, when a card is recognized, acquires a face image stored in the card; an infrared light source which emits infrared rays toward a user; an infrared camera which acquires an infrared image including the facial region of the user; a color camera which acquires a color image including the facial region of the user; and a control unit which determines a result of user authentication on the basis of at least one of the infrared image, the color image, and the face image, and generates a control signal according to the result of user authentication.

Abstract: A method and a system of providing a quantum random number based on a quantum entropy source. The method includes generating a quantum random number and providing the quantum random number to a device. The generating of the quantum random number based on the quantum entropy source includes determining, by a management unit, whether quantum random numbers stored in a storage are insufficient; generating a quantum random number based on the quantum entropy source using a quantum random number generator provided in a production unit in response to a determination that the quantum random numbers are insufficient; verifying, by a verification unit, the generated quantum random number based on NIST SP800-90B and SP800-22; and in response to quality of the generated quantum number satisfying a criterion, storing the verified quantum random number in the storage.

Abstract: The present disclosure relates to a method for protecting a first data item applied to a cryptographic algorithm, executed by a processor, wherein said algorithm is a per-round algorithm, with each round processing contents of first, second and third registers, the content of the second register being masked, during first parity rounds, by the content of a fourth register and the content of the third register being masked, during second parity rounds, by the content of a fifth register.

Abstract: Provided is an analysis system that allows a security administrator to understand the impact of known vulnerabilities on the system to be diagnosed. The topology identification unit 14 identifies network topology of devices included in a system to be diagnosed. The analysis unit 6 generates an attack pattern that includes an attack condition, an attack result, an attack means that is vulnerability that is used by an attack, and a segment where the attack can occur in the system to be diagnosed. The display control unit 8 displays segments included in attack patterns superimposed on the network topology, on a display device. At this time, the display control unit 8 changes a display mode of the segment according to a type of the vulnerability that corresponds to the attack means included in the attack pattern including the segment.

Abstract: Techniques for assessing a computing risk of an entity based on a social media footprint of that user. Social media accounts of an entity are identified. Queries are executed against the accounts to determine a social media footprint the entity has based on engagements with those accounts. The footprint reflects at least how much information associated with the entity has been exposed as a result of the engagements with those accounts. Based on the footprint, a risk score for the entity is developed. The risk score reflects a determined amount of computing risk the entity has with regard to potential malicious use of exposed entity information. Based on the risk score, mitigation operations are performed in an attempt to reduce the risk score.

Abstract: A generation apparatus includes processing circuitry configured to aggregate a plurality of traffic data for every predetermined target, sample target traffic data in which a number of traffic data aggregated exceeds a threshold, and generate a feature vector representing a feature of aggregated traffic data for a target that is not sampled, and generate a feature vector representing a feature of sampled traffic data for the target sampled.

Abstract: Various implementations described herein are related to a device having a first coil-shaped spiral structure for an active shield and a second coil-shaped spiral structure that is wound in-between windings of the first coil-shaped spiral structure. The first coil-shaped spiral structure may provide for a coil-based electro-magnetic (EM) shield as a counter-measure circuit for protecting an underlying circuit.

Abstract: Systems and methods are provided for providing targeted messaging to a user of a user device without requiring transmittal of personal information from the user device. The user device employs one or more machine learning models to obtain analytic data that reflects the demographics of the user from personal information. This analytic data is then provided to a central server without transmission of the personal information. The central server uses the analytic data to obtain messaging from one or more third party providers that is targeted to the user of the user device, which is provided to the user device for display to the user. Other embodiments may be described and/or claimed.

Abstract: A system and method for facilitating access to data systems are disclosed. In one aspect, the system includes one or more computer systems programmed to perform operations including providing a database access module and providing a local system. The database access module has a core module in communication with a global database having a plurality of records; and a monitor module in communication with the core module and configured to monitor activities of the core module. The local system includes a socket service for establishing persistent socket connections with the core module and the monitor module; a local database in communication with the socket service and including a subset of the plurality of records; and a user application in communication with the socket service and configured to provide a user with access to the subset of the plurality of records.

Abstract: A continuous-variable quantum key distribution (CV-QKD) method and system is provided. The CV-QKD method includes: step 1: transmitting a quantum signal and a local oscillation signal synchronously based on time and polarization multiplexing, and performing detection to obtain detection data; and step 2: compensating for the detection data based on a phase compensation algorithm and public data. In this way, a phase can be compensated accurately in channel fading, so as to improve performance of the CV-QKD system.

Abstract: Provided are a quantum key distribution method, device, and system. The quantum key distribution system may include a transmitter configured to split an optical signal into a first optical signal passing through a first path (P1) and a second optical signal passing through a second path (P2), which is longer than the first path (P1), and to sequentially transmit the first optical signal and the second optical signal; and a receiver configured to receive the first optical signal and the second optical signal incident through a quantum channel and transmit the first optical signal and the second optical signal back to the transmitter through the quantum channel after passing through a polarization-dependent element, being reflected by a Faraday mirror, and passing through the polarization-dependent element again.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for quantum computing (QC) detection. An example method includes generating QC detection data. The example method further includes generating a pair of asymmetric cryptographic keys comprising a public cryptographic key and a private cryptographic key, generating encrypted QC detection data based on the pair of asymmetric cryptographic keys, and destroying the private cryptographic key. The example method further includes monitoring a set of data environments for electronic information related to the encrypted QC detection data. Subsequently, the example method may include generating a QC detection alert control signal in response to detection of the electronic information related to the encrypted QC detection data.