Abstract: Embodiments of the present disclosure relate to network gateway based messaging systems and methods. Some methods include transparent message processing that includes receiving a message from a first party that includes a payload and a token. The token is associated with sensitive information. Next, the method includes replacing the token with the sensitive information within the message and forwarding the message with the sensitive information to a second party. The payload is unaffected by the token exchange process.

Abstract: A blockchain-based supervision system of hazardous chemical production includes: a collection layer, for collecting production data information, wherein a collection device in the collection layer sets a TEE to encrypt or hash the collected production data information; a data layer, for uplinking a hash certificate of the production data information through an alliance chain, wherein the collection layer communicates with the data layer; a blockchain, for deploying a file uplink contract and encrypting and storing a file on a privacy computing server after the file is connected to the trusted environment; and a privacy computing system, for forming a metadata market of the data from file description information, recording the metadata information of the collected data. A data user applies for the right of use to a production enterprise that produces the data, and after obtaining authorization, the data user performs various applications on the privacy computing system.

Abstract: In a communication system wherein a first security edge protection proxy (SEPP) element of a first network is operatively coupled to a second SEPP element of a second network, a method includes receiving, at the first SEPP element, a first message from a first network function in the first network addressed to a second network function in the second network, the first message comprising one of a request and a response line comprising a uniform resource identifier (URI) having a plurality of elements. The method also includes forming, at the first SEPP, a second message comprising encrypted and integrity protected portions, the encrypted portion comprising an encryption of at least a subset of the plurality of elements of the URI, the integrity protected portion comprising a structured representation of the URI wherein instances of elements in the subset are replaced with references to the encrypted portion.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for a security system with dynamic insurance integration. In some implementations, a security token is generated in response to a user requesting a risk assessment. The security token is provided to a third-party server. A request from the third-party server for monitoring data collected by a security system associated with the user is received. Monitoring data is provided to the third-party server. An indication of the risk assessment from the third-party server is received.

Abstract: Computer systems and methods are provided for transmitting authorization information to an image capturing device. A computing system receives, from an image capturing device, captured image data that includes a first facial image and an image of a document that includes a second facial image. The first facial image and the second facial image are included a single image frame. The captured image data is analyzed to determine a first portion of the captured image data that corresponds to the first facial image and a second portion of the captured image data that corresponds to the second facial image. The first portion of the captured image data is compared with the second portion of the captured image data. In accordance with a determination that the first facial image and the second facial image meet matching criteria, authorization information is transmitted to the image capturing device.

Abstract: A processing device receives security data from a plurality of web services associated with an organization and stores the security data separately in an unstructured data storage. The processing device generates one or more purpose built databases from the security data in the unstructured data storage, the one or more purpose built databases merging the security data from the plurality of web services. The processing device further receives, from a requestor, an analysis request pertaining to the plurality of web services, executes an analysis using the one or more purpose built databases to generate a response to the analysis request, and provides the response to the analysis request to the requestor.

Abstract: Trusted client security factor-based authorizations at a server. The techniques allow the server to authorize client requested operations to access a protected resource or service based on trusted client security factors that are obtained at client machines and provided to the server.

Abstract: Systems and methods for a bifurcated self-executing program that wraps a first self-executing program (e.g., a first smart contract) on a blockchain within a second self-executing program (e.g., a second smart contract), in which the second self-executing program enforces the digital signature requirement. The bifurcated self-executing program comprises a single compiled self-executing program that combines the first self-executing program and the second self-executing program.

Abstract: In a network system for wireless communication an enrollee accesses the network via a configurator. The enrollee acquires a data pattern that represents a network public key via an out-of-band channel by a sensor. The enrollee derives a first shared key based on the network public key and the first enrollee private key, and encodes a second enrollee public key using the first shared key, and generates a network access request. The configurator also derives the first shared key, and verifies whether the encoded second enrollee public key was encoded by the first shared key, and, if so, generates security data and cryptographically protects data using a second shared key, and generates a network access message. The enrollee processor also derives the second shared key and verifies whether the data was cryptographically protected and, if so, engages the secure communication based on the second enrollee private key and the security data.

Abstract: Techniques for using honeypots to lure attackers and gather data about attackers and attack patterns on Infrastructure-as-a-Service (IaaS) instances. The gathered data may then be analyzed and used to proactively prevent such attacks.

Abstract: Current systems for data authentication, such as in the course of financial transactions to comply with anti-money laundering and know-your-customer legislation, are burdensome and inefficient for banks and their clients. A platform of some embodiments provides a system for utilizing distributed ledger technologies, such as a blockchain data structure residing on a distributed ledger. A client may use this blockchain data structure to register the client's personal information in a data object that then may be routed to specific identified trusted individuals who verify that the information in the data object is correct. Once verification is complete, the client or other trusted individuals may use the data object as necessary to register the client for various programs or services, such as additional bank services.

Abstract: Systems and methods for managing a reputation score of a user based on successful and failed logins, successful and failed multifactor authentications, and profile changes is described. The method includes receiving, by a server, status information of a user event from one or more computing devices. The status information includes one or more of an indicator of a successful login, an indicator of a failed login, an indicator of a successful multifactor authentication, an indicator of a failed multifactor authentication, an indicator of a profile update, and metadata associated with the user event from the one or more computing devices. The server updates events based on a type of the status information received and storing the events in a data store and determines whether a problematic situation has occurred. A reputation score of the user is updated when the problematic situation is determined.

Abstract: Devices, systems, and methods of detecting user identity, authenticating a user to a computerized service or to an electronic device, differentiating between users of a computerized service, and detecting possible attackers or possible fraudulent transactions. A method includes: generating a user authentication session that requires a user to enter a secret by performing a task; monitoring the user interactions during task performance; extracting a user-specific behavioral characteristic, and utilizing it as a factor in user authentication. The task requires the user to perform on-screen operations via a touch-screen or touchpad or mouse or other input unit of the electronic device, or to move in space or tilt in space the entirety of the electronic device in a way that causes inputting of the secret data-item.

Abstract: Systems and methods are disclosed that are useful for minimizing organization risk in the case of a cybersecurity attack, through computer-based simulation of cybersecurity attacks, incident response tracking and incident response training provided responsive to the simulation outcome. A server is configured to execute a simulated cybersecurity attack on a plurality of users and their computer systems on a company network associated with a company, tracking responses such as interactions with at least one of the computer systems or network components to the simulated cybersecurity attack and validating whether one or more responses of a predetermined set of responses have occurred to minimize the impact of the simulated security attack on the entity.

Abstract: Methods, apparatuses, and systems are described for deriving secured keys and authenticating based on the derived keys. An entity may receive one or more derived keys and one or more key derivation algorithms associated with the one or more derived keys. A user device may derive, based on a key associated with the user device and unknown to the entity, a user key. The entity may derive, based on a first derived key and one of the key derivation algorithms, a second derived key, and may verify, based on the second derived key, the user key.

Abstract: Systems and methods for automatically generating top level index files for use in adaptive bitrate streaming in accordance with embodiments of the invention are disclosed. One embodiment of the method of the invention includes receiving a request from a playback device at a playback server, where the request identifies a piece of content, retrieving a list of assets associated with the identified piece of content using the playback server, filtering the list of assets using at least one predetermined criterion using the playback server, generating a top level index file describing each asset in the filtered list of assets using the playback server, and sending the top level index file to the playback device using the playback server.

Abstract: Methods and apparatuses are described for authenticating client applications using an identity fabric blockchain. A server receives a first registration request from a first client application. The server generates a first decentralized identifier corresponding to the first client application and stores the first identifier in an identity fabric blockchain. The server receives a second registration request from a second client application, generates a second decentralized identifier corresponding to the second client application, and stores the second identifier in the blockchain. The server receives a first authentication request from a first resource and authenticates the first client application based on the first authentication request and the first decentralized identifier stored in the blockchain.

Abstract: Described embodiments provide systems and methods for protecting private data or confidential information. A device can receive a request from a client for a page from a server that includes confidential information to be verified with an owner of the confidential information. The device may be intermediary between the client and the server. Prior to providing the page to the client for rendering, the device may replace a first user interface (UI) element having the confidential information in the page, with a second UI element to obfuscate the confidential information. The device may receive an activation of the second UI element to request the owner to verify the confidential information from the client. The device may send to the client an update to the page to include an indication of whether the confidential information has been correctly verified with the owner.

Abstract: A method for execution in a storage network, the method begins by determining a user device group content preference, wherein the user group content includes target content for a user device group and the determining includes predicting future target content for the user group. The method continues by selecting a plurality of network edge units for staging encoded data slices, identifying target content for partial download to the plurality of network edge units and dispersed error encoding the target content to generate a set of encoded data slices. The method then continues by identifying encoded data slices from the set of encoded data slices corresponding to the target content for partial download and determining a partial downloading schedule for sending the encoded data slices for partial download to each network edge unit of the plurality of network edge units.

Abstract: Disclosed and described herein are systems and methods that bring together edge technologies into a single, streamlined process that automates the tracking and usage of assets (containers, equipment, mobile storage, etc.). These systems and methods include the use of smart beacons, low power cellular, sensors (strain gauges, level, contact, ohm/voltage, etc.), voice, video, microcontroller advancements, and the like. Conventional systems that have electronic service order and/or tickets are still limited in their functionality because of data, communication and processing hurdles. Disclosed are modern electronic data capture systems (IoT sensors) along with algorithms to assist on the tracking of assets and workers, more quickly capture authorized transactions for billing and remove the manual processes.