Abstract: Embodiments described herein enable the detection, analysis and signature determination of obfuscated malicious code. Such malicious code comprises a deobfuscation portion that deobfuscates the obfuscated portion during runtime to generate deobfuscated malicious code. The techniques described herein deterministically detect and suspend the deobfuscated malicious code when it attempts to access memory resources that have been morphed in accordance with embodiments described herein. This advantageously enables the deobfuscated malicious code to be suspended at its initial phase. By doing so, the malicious code is not given the opportunity to delete its traces in memory regions it accesses, thereby enabling the automated exploration of such memory regions to locate and extract runtime memory characteristics associated with the malicious code.

Abstract: Disclosed are systems and methods for passively authenticating users of a native application running on a mobile communications device. The user may be applying for a service, product, access, etc. from a provider computing system. A unique device identifier of the device may be acquired and provided to a first computing system. A mobile telephone number associated with the device may be received at the device. User information may be accepted from the user via a user interface of the device for entry into a set of fields. The mobile telephone number may be verified by determining, via a second computing system that is different from the first computing system, that the mobile telephone number is associated with the user information. The service/product/access for the user may be approved in response to verification of the mobile telephone number. The user may be authenticated without challenge questions.

Abstract: Systems and methods are provided for storing, at a storage device communicatively coupled to a computer, one or more operations to be executed for a web browser. A closed shadow document object model (DOM) may be generated by a component of a web page to be displayed in the web browser using the one or more of the stored operations. The closed shadow DOM may be configured to receive sensitive data or restricted data. The component of the web page that receives the sensitive data or restricted data may instantiate an inline frame (iFrame) with a same domain as the component. The web page to receive the sensitive data or restricted data via the instantiated iFrame may be displayed on a displayed device from an input device communicatively coupled to the computer for a component of the web page.

Abstract: In one embodiment, a computer-implemented method of a data processing (DP) accelerator encrypting or decrypting input data can include receiving, from a host device, a command, the input data, and a kernel. The kernel can be an encryption kernel, or a decryption kernel, and the DP accelerator need not know which kernel it has received. The DP accelerator runs the received kernel. In response to the DP accelerator receiving the command, the DP accelerator performs encrypting of the input data using the kernel, if the received kernel is an encryption kernel, otherwise, decrypting the input data using the kernel. The encrypted, or decrypted, input data is then provided to the host device.

Abstract: A system and a method are disclosed for securing sensitive data for transaction requests using tokenization and encryption. A secure transfer system secures sensitive information of transaction requests. The secure transfer system may receive a transaction request file and generate a modified transaction request file by tokenizing values in the received file. For each transaction request in the file, the system may store a representation of the untokenized values in a datastore in conjunction with an identifier of the transaction request. This identifier may be generated from the tokenized values. The secure transfer system may use the identifier to query the datastore for the representation of the untokenized values. The system may decrypt encrypted values in the representation to generate a transaction request file of detokenized values, which may be provided to an automated clearing house to fulfill the transaction requests.

Abstract: A method and system for generating a consumer breach history profile of a consumer over an electronic network includes receiving via the network consumer profile information including at least one consumer information element corresponding to the consumer, generating a consumer breach history profile in a database using the consumer profile information, and associating the consumer breach history profile with the consumer profile information in the database. The database includes breach events, each breach event associated with at least one breached information element. Consumer profile information is matched to a respective breach event by determining a match between the consumer information element and the breached information element associated with the respective breach event. The respective breach event is associated in the database with the consumer breach history profile and a mitigation action. A notification to the consumer of the breach event and mitigation action is generated.

Abstract: Methods, apparatus, and processor-readable storage media for protecting data based on a context of data movement operations are provided herein. An example computer-implemented method includes identifying a context of a data movement operation based at least in part on a source and an indicated destination of data associated with the data movement operation; applying one or more data protection policies to the data movement operation based at least in part on the identified context, wherein a given data protection policy comprises one or more indications of one or more content scanners that are configured to detect data belonging to one or more regulated data classes; and in response to detecting data associated with the data movement operation that belongs to at least one of the regulated data classes, performing one or more automated remedial actions associated with the at least one regulated data class.

Abstract: Embodiments of the present invention provide systems, methods, and computer storage media directed to facilitate identification of security policies for documents. In one embodiment, content features are identified from a set of documents having assigned security policies. The content features and corresponding security policies are analyzed to generate a security policy prediction model. Such a security policy prediction model can then be used to identify a security policy relevant to a document.

Abstract: A method and device for comparing movement paths based on homomorphic encrypted is disclosed, where a server includes a processor configured to collect first encrypted movement path information of a comparison target encrypted by a common key, receive, from a user device, second encrypted movement path information of a user of the user device encrypted by a private key, compare the first encrypted movement path information and the second encrypted movement path information, decrypt a portion of a result of the comparison by the common key to generate a partially decrypted comparison result, and provide the partially decrypted result of the comparison to the user.

Abstract: Techniques include receiving an access notification identifying a request by an identity for access to an access-protected network resource; identifying a configurable and multi-dimensional policy defining rights of the identity to access the access-protected network resource with respect to the operation of the access-protected network resource; automatically determining, based on the configurable and multi-dimensional policy, whether to perform at least one of: permitting the identity to access the access-protected network resource; denying the identity to access the access-protected network resource; or rotating a secret associated with the identity.

Abstract: A single round advanced encryption standard circuit module includes a substitution byte/inverse substitution byte unit, configured to substitute elements of an input state array to generate an output state array and to respectively generate a first state array, a plurality of second state arrays, a third state array, a plurality of fourth state arrays and the output state array according to a first tier circuit unit, a second tier circuit unit, a third tier circuit unit, a fourth tier circuit unit and a fifth tier circuit unit; wherein the first state array, the plurality of second state arrays, the third state array and the plurality of fourth state arrays are represented by register-transfer level codes; wherein the substitution byte/inverse substitution byte unit is implemented by composite field arithmetic of sharing operators and operands.

Abstract: This application provides a display method and apparatus, and a terminal, and relates to the field of image processing technologies, to resolve a problem that a peeping behavior of a peeper cannot be proved. The method is applied to a terminal having a front-facing camera and a display screen, where the front-facing camera and the display screen are on a same side of the terminal. The method includes: presenting a running interface of an application by using the display screen; collecting an image by using the front-facing camera; and when the image collected by the current camera meets a preset condition, presenting at least two display windows on the display screen. A first display window displays the running interface of the application, and a second display window displays the image collected by using the front-facing camera. This application is applicable to the terminal.

Abstract: Biometric data such as iris, facial, or fingerprint data may be obtained from a user. A public code may be generated from the biometric data, but does not obtain any of the biometric data or information that can be used to identify the user. The public code includes information that can be used to extract from the biometric data a biometric code that is suitable for bitwise comparison. Neither the underlying biometric data nor information from which the biometric data may be determined is stored as only the public code and the actual biometric feature of the user is required to generate the biometric code.

Abstract: Embodiments provide access to enterprise data via a secured virtual environment hosted on an Information Handling System (IHS), with the integrity of the IHS validated prior to launching the virtual environment. The integrity of the IHS may also be continuously validated during operation of the launched virtual environment. Policies for accessing the enterprise data are stored in a secured memory that is isolated from the operating system of the IHS. A virtual environment is configured, according to the policies, with resources for a particular user to access the enterprise data. If the integrity of the IHS is validated by a trusted resource on the IHS, the virtual environment is launched. During operation of the virtual environment, the trusted resource periodically confirms the integrity of the IHS. If the integrity of the IHS is not verified or policy changes are identified, access to the secured workspace may be revoked.

Abstract: Techniques for detecting suspicious data object access requests indicative of potential insider threats are described. A suspicious access detection module (SADM) determines, based on access data describing a access requests issued on behalf of multiple users, groups of the users having similar patterns of accesses to resource groups, a set of the resource groups accessed by each of the user groups, and ones of the user groups that are to be considered nearby others of the user groups based on having a threshold amount of resource group access similarities. The SADM causes an alert to be generated responsive to a determination that a subsequent access request is suspicious because it accesses a data object of a resource group that is not within the set of accessed resource groups of the issuing user's user group, and because the resource group is not within the sets of accessed resource groups of any nearby user groups.

Abstract: Dynamic data dissemination is provided. A resolved data subject identifier corresponding to a data subject is selected from a set of resolved data subject identifiers existing in rows of a data asset. In response to determining that the resolved data subject identifier does not correspond to a right to forget list, it is determined that the resolved data subject identifier corresponds to a data subject request list. The rows are transformed to anonymize existing pseudo and personal identifiers in cells of the rows that are tied to columns associated with data classes for which specific consent dimensions have been indicated as revoked by the data subject.

Abstract: Techniques for implementing proactive data security operations for files using an analysis of access permission levels for the files are disclosed. In some embodiments, a computer system performs operations comprising: determining that data of a file includes sensitive information based on an analysis of the data using a data classification model; determining that access to the file is open using an access classification model; and based on the determination that the data of the file includes sensitive information and the determination that the access to the file is open, causing a notification to be displayed on a computing device of a user, the notification comprising an indication that the file includes sensitive information and that access to the file is open.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for quantum computing (QC) detection. An example method includes generating QC detection data. The example method further includes generating a pair of asymmetric cryptographic keys comprising a public cryptographic key and a private cryptographic key, generating encrypted QC detection data based on the pair of asymmetric cryptographic keys, and destroying the private cryptographic key. The example method further includes monitoring a set of data environments for electronic information related to the encrypted QC detection data. Subsequently, the example method may include generating a QC detection alert control signal in response to detection of the electronic information related to the encrypted QC detection data.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for quantum computing (QC) detection. An example method includes generating QC detection data. The example method further includes generating a pair of asymmetric cryptographic keys comprising a public cryptographic key and a private cryptographic key, generating encrypted QC detection data based on the pair of asymmetric cryptographic keys, and destroying the private cryptographic key. The example method further includes monitoring a set of data environments for electronic information related to the encrypted QC detection data. Subsequently, the example method may include generating a QC detection alert control signal in response to detection of the electronic information related to the encrypted QC detection data.

Abstract: Multiple work requests from different applications are queued to be processed subsequently without interruption by a crypto device. A prediction table is generated for each application to be processed by the crypto device. An initial credit value is determined for each incoming work request. The work request is an entry in an ordered queue in the order of time using respective time stamps. The next work request to be processed is selected from the entries in the queue by using the first entry in the queue for which the credit values for the corresponding application is greater than or equal to the predicted execution time for the corresponding request type in the prediction table. The selected next work request is processed.