Abstract: Embodiments relate to a smart contract platform that facilitates creation, execution and verification of customized smart contracts. The smart contract platform enables design of customized smart contracts for execution and verification on a distributed ledger network, including smart contracts with logic for querying and fetching sensitive transactional data from participant nodes. A distributed ledger can store tokens indicating successful completion of one or more transaction elements without making some or all the associated transactional data visible. A smart contract form viewer can be used to view and interact with a smart contract form linked to the smart contract. The smart contract form can present contractual provisions in natural language, present transactional data to an authorized user, and accept entry or validation of designated transaction data.

Abstract: A method for execution by a computing device to adjust data storage efficiency of data in a storage network includes determining an estimated overwrite frequency for a data segment for storage in memory of the storage network. The method continues by determining a storage approach for the data segment based on the estimated overwrite frequency. The method continues by processing the data segment based on the storage approach to produce a processed data segment. The method continues by error encoding the processed data segment to produce a set of encoded data slices, where a decode threshold number of encoded data slices is needed to recover the processed data segment. The method continues by storing the set of encoded data slices in the memory of the storage network.

Abstract: The present invention provides systems and methods for supporting encrypted communications with a medical device, such as an implantable device, through a relay device to a remote server, and may employ cloud computing technologies. An implantable medical device is generally constrained to employ a low power transceiver, which supports short distance digital communications. A relay device, such as a smartphone or WiFi access point, acts as a conduit for the communications to the internet or other network, which need not be private or secure. The medical device supports encrypted secure communications, such as a virtual private network technology. The medical device negotiates a secure channel through a smartphone or router, for example, which provides application support for the communication, but may be isolated from the content.

Abstract: In some examples, in response to a request from a client device for information relating to a transaction stored by a blockchain, a system identifies, using information stored in a distributed storage system that stores data for the blockchain, multiple data owner entities from which permissions are to be obtained for access of the information, and determines an authorization requirement for the information based on a smart contract. The system sends authorization information based on the authorization requirement to trigger a retrieval of authorization tokens from the identified data owner entities for access of the information, and sends the information to the client device in response to receiving the authorization tokens.

Abstract: An enterprise organization may operate a central network and one or more remote networks, each comprising a plurality of computing devices. For protection against malicious actors, the central network may be configured to filter network traffic associated with the computing devices based on identified threats. Traffic corresponding to computing devices connected to the remote network may be tunneled to the central network for filtering by the central network. A tunnel gateway device, associated with the remote network, may efficiently identify which communications are associated with Internet threats, and tunnel such identified traffic to the central network, where actions may be taken to protect the enterprise network.

Abstract: A system, method, and computer-usable medium are disclosed for generating a cyber behavior profile comprising monitoring user interactions between a user and an information handling system; converting the user interactions into electronic information representing the user interactions, the electronic information representing the user interactions comprising temporal detail corresponding to the user interaction; and generating a user behavior profile based upon the electronic information representing the user interactions, the generating the user profile including a layer of detail corresponding to the temporal detail corresponding to the user interaction.

Abstract: An apparatus to facilitate descriptor resiliency in a computer system platform is disclosed. The apparatus comprises a non-volatile memory to store firmware for a computer system platform, wherein the firmware comprises a primary descriptor including access permission details for platform components and a secondary descriptor including a backup copy of the access permission details and a controller, coupled to the first non-volatile memory, including recovery hardware to detect a problem during a platform reset with the primary descriptor, recover the contents of the primary descriptor from the backup copy included in the secondary descriptor and store the contents of the backup copy to primary descriptor.

Abstract: A computer implemented method for providing communication between a secured client computer and a remote computer. There is provided a client computer that includes peripheral components. Each peripheral component is configured, by a processor, to process a corresponding peripheral component data of a data type that is not compatible with peripheral component data types processed by a processor of other peripheral components. The processor of each peripheral component is further configured to code the corresponding data of the specified data type. Each peripheral component is configured, by the processor, to establish a secured peer-to-peer communication channel between the peripheral component and the remote computer that is authorized to communicate with the client computer, and is further configured to code data that is communicated between the authorized remote computer and the peripheral component through the secured communication channel.

Abstract: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity to identify a behavior enacted by the entity, the monitoring observing at least one electronically-observable data source; deriving an observable based upon the behavior enacted by the entity, the observable comprising event information corresponding to a behavior enacted by the entity; identifying an indicator of behavior from the event information corresponding to the behavior enacted by the entity, the indicator of behavior providing an abstracted description of an inferred intent associated with the behavior enacted by the entity; associating a security persona with the entity based upon the indicator of behavior, the security persona comprising a group of entity behaviors associated with a particular security risk use case; and, performing the security operation, the security operation using the security persona associated with the entity.

Abstract: An electronic device is provided. The electronic device includes a communication circuit, a display, a memory including a first display driver, a processor functionally connected with the communication circuit, the display, and the memory, and a secure module which is physically separated from the processor, and includes a secure processor and a second display driver, and the secure processor is configured to: when secure data is received from an external server through the communication circuit, disable the first display driver and enable the second display driver, and output a user interface including a first object corresponding to the secure data to the display by using the enabled second display driver.

Abstract: A system, method, and computer-readable medium are disclosed for performing a security operation. The security operation includes: monitoring an entity, the monitoring observing at least one electronically-observable data source; deriving an observable based upon the monitoring of the electronically-observable data source; associating a human factor with the entity; identifying an event of analytic utility, the event of analytic utility being derived from the observable from the electronic data source; analyzing the event of analytic utility, the analyzing the event of analytic utility taking into account the human factor associated with the entity enacting the event of analytic utility; and, performing the security operation in response to the analyzing the event of analytic utility, the security operation comprising a human factor risk operation.

Abstract: An analytics platform or another system is provided to store multiple sets of credentials and other connection information in each user profile and to map the stored credentials to different resources within the platform. Each set of credentials can be associated with a credential mapping key, and each resource in the platform can be mapped to the credentials using a connection associating the resource with the credential mapping key. By mapping multiple sets of credentials and other connection information to the resources within the platform, the user profile can be transparently authenticated when accessing resources in the platform, different credentials can be used to authenticate the user profile with accessing different resources, and administrators can benefit by having greater control over permissions with the platform.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for blockchain-based cross-entity authentication are provided. One of the methods includes: obtaining an authentication request by a first entity for authenticating a user, wherein the authentication request comprises a decentralized identifier (DID) of the user; in response to determining that the first entity is permitted to access authentication information of the user endorsed by a second entity, generating a blockchain transaction for obtaining an authentication result of the user by the second entity, wherein the authentication result is associated with the DID; and transmitting the blockchain transaction to a blockchain node for adding to a blockchain.

Abstract: A system, method, and computer-readable medium are disclosed for performing a security analytics mapping operation.

Abstract: Certain aspects of the present disclosure provide techniques for efficiently configuring a machine learning model. An example method generally includes generating a randomly sampled data set from a data set including a larger first set of samples associated with a first classification and a smaller second set of samples associated with a second classification. An analysis plot for the machine learning model is generated based on the randomly sampled data set. A point associated with an accuracy metric for the machine learning model is identified on the analysis plot based on a slope of a line tangential to the identified point and a value identifying a relative importance of precision to recall in the machine learning model. The machine learning model is configured with a threshold value between the first classification and the second classification based at least in part on the identified point on the analysis plot.

Abstract: A system, method, and computer-readable medium are disclosed for performing event risk score generation operation. The event risk score generation operation includes identifying an anomalous event from a plurality of events enacted by the entity; generating a first event risk severity score based upon the anomalous event; generating a second event risk severity score based upon a historical entity risk function, the historical entity risk function providing an indication of historical security risk of the entity; generating an entity risk severity score for the entity, the generating using the historical entity risk function and the event risk severity score; performing a risk-adaptive prevention operation, the risk-adaptive prevention operation using the entity risk severity score, the risk-adaptive prevention operation adaptively responding to mitigate risk associated with the anomalous event.

Abstract: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination.

Abstract: A system, method, and computer-readable medium are disclosed for performing a human factors risk operation. The human factors risk operation includes: monitoring an entity, the monitoring observing an electronically-observable data source; deriving an observable based upon the monitoring of the electronically-observable data source; identifying a security related activity, the security related activity being based upon the observable from the electronic data source; analyzing the security related activity, the analyzing the security related activity using a human factors framework; and, performing a human factors risk operation in response to the analyzing the security related activity.

Abstract: Systems, methods and non-transitory computer readable media for detecting identified information in privacy firewalls are provided. A repeating field in a data collection may be analyzed to determine whether the field is likely to include information that identifies particular individuals. An access request of a user may be received. A permission record associated with the user may be accessed. In response to the field being likely to include information that identifies particular individuals and a first value in the permission record, access to the field may be denied, in response to the field not being likely to include information that identifies particular individuals and the first value in the permission record, access to the field may be provided, and in response to a second value in the permission record, access to the field may be provided.

Abstract: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination.