Abstract: An authentication system receives authentication information from a user as part of a request to access a web-based service. The authentication system transmits the authentication information to a set of second users authorized to evaluate the authentication information. If a threshold number of the set of second users authenticate the identity of the first user, the authentication system enables the user to access the web-based service.

Abstract: According to an example, key splitting may include utilizing a masked version of a master key that is masked by using a mask.

Abstract: A system for enhanced public key infrastructure is provided. The system includes a computer device. The computer device is programmed to receive a digital certificate including a composite signature field including a plurality of signatures. The plurality of signatures include at least a first signature and a second signature. The computer device is also programmed to retrieve, from the digital certificate, a first key associated with the first signature from the digital certificate. The computer device is further programmed to retrieve the first signature from the composite signature field. In addition, the at least one computer device is programmed to validate the first signature using the first key.

Abstract: Methods and systems for detecting anomalous network activity. The system may receive network metadata regarding activity on a network and generate at least one of a z-score and a directionality magnitude related to the network activity. The system may then issue an alert upon detecting an anomaly exists on the network based upon at least one of the generated z-score exceeding a z-score threshold and the generated directionality magnitude deviating from a baseline directionality magnitude.

Abstract: A control apparatus, an access control method, and non-transitory recording medium storing a plurality of instructions. The control apparatus transmits to an administrator terminal, screen data for accepting input of requested settings including host information for identifying the access target server and condition information indicating conditions for controlling access to the access target server, receives the requested settings from the administrator terminal, stores access control settings associating the host information and the condition information based on the received requested settings, receives an access request to a particular access target server from the communication terminal, and transmits a response to the access request to the communication terminal based on a scheduled access time indicated by the received access request and a condition indicated by condition information associated with host information for identifying the particular access target server.

Abstract: A method for examination scoring via blockchain includes: receiving, by a receiver of a processing server, an answer submission from an external computing device, wherein the answer submission includes at least one digital signature and a plurality of exam answers; validating, by a processing device of the processing server, the digital signature using a public key of a cryptographic key pair; determining, for each of the plurality of exam answers, if the respective exam answer is correct or incorrect based on an answer key; generating, for each correct exam answer, a blockchain data value, wherein the blockchain data value includes at least the validated digital signature; transmitting, by a transmitter of the processing server, the generated blockchain data values to one or more nodes in a blockchain network for validation and addition to a blockchain associated with the blockchain network.

Abstract: An information processing apparatus includes an authenticating unit, an acquiring unit, a first specifying unit, and a first display unit. The authenticating unit, when accepting first user information used for authentication of determining whether a user has an authority, compares the first user information and second user information identifying a user having the authority. The acquiring unit acquires an application list screen, in which each of applications is associated with display information, in accordance with an operation performed by the authenticated user. The first specifying unit, when the acquiring unit acquires the application list screen, specifies authority information corresponding to the second user information identifying the authenticated user, based on first information indicating a correspondence relation between the second user information and the authority information.

Abstract: One or more embodiments of the present specification provide blockchain-based transaction methods, apparatuses, and electronic devices. A target transaction sent by a node device of a transaction initiator is received. An account of the transaction initiator corresponds to a plurality of public keys, and the target transaction includes transaction content and a digital signature. The digital signature is created by using one or more private keys corresponding to the plurality of public keys of the account and is created based on at least a part of the transaction content. The target transaction is verified, including verifying whether the digital signature is valid. In response to a successful verification, the target transaction is recorded to a distributed database of a blockchain based on a consensus rule of the blockchain.

Abstract: Disclosed are various examples for remotely managing passwords using local security policies. A client device can be enrolled with a management service. The management service then transmits a password policy requiring a password hint to be defined by the user. A management component executed on the client device can then enforce the password policy by requiring a user to define a password hint in order to access enterprise resources.

Abstract: A system and method using a system for authenticating a person as an authorized user before waking an information handling system from an inactive state. A sensor receives an input from a person, captures information about the person and a microcontroller unit (MCU) determines if the captured information matches information corresponding to an authorized user. If the MCU determines the captured information corresponds to information corresponding to an authorized user, the MCU sends a command to one of a central processing unit (CPU) or an embedded controller (EC) to change operation of the information handling system to an active state. If the MCU determines the captured information does not correspond to information corresponding to an authorized user, no command is sent to the CPU or EC to change operation of the information handling system.

Abstract: Described are systems and methods for detecting an anomaly among a plurality of components operating in a system. In some embodiments, a method includes monitoring a plurality of metrics for the plurality of components across a plurality of time periods. For each time period, the plurality of components is clustered into a plurality of clusters based on measurement information corresponding to the plurality of metrics received for the time period. For each component, a plurality of correspondences is determined between the clusters in which the component is grouped for a plurality of pairs of adjacent time periods. Then, whether each component is operating anomalously can be determined based on the plurality of determined correspondences.

Abstract: The disclosed technology is generally directed to secure transactions. In one example of the technology, a first enclave to be used for executing a cryptlet binary of a first cryptlet is identified. The first enclave may be a secure execution environment that stores an enclave private key, and the first cryptlet may be associated with at least a first counterparty. A cryptlet binding that is associated with the first cryptlet may be generated, and may include counterparty information that is associated with at least the first counterparty. Cryptlet binding information may be provided to a cryptlet binding key graph, and a location of a first hardware security module (HSM) that stores a key that is associated with the first counterparty may be received from the cryptlet binding key graph.

Abstract: Systems and methods for securely sharing and authenticating a last secret. A system includes a dealer computing system and a combining computing system. The dealer computing system includes a public/private key pair, an encryption key established with the combining computing system, and a circuit structured to generate a last secret and a first key controlling access to a secure computing system. The last secret is the last cryptographic element controlling access to the first key. The circuit is structured to split the last secret into first and second splits. The circuit is structured to generate a first and second SigncryptedData messages by signcrypting each of the first split and the second split with the public/private key pair and the encryption key established with the combining computing system. The circuit is structured to transmit the first SigncryptedData message to a first share-holder and the second SigncryptedData message to a second share-holder.

Abstract: A method is disclosed. A digital assistant device receives a biometric sample from a user and then converts the biometric sample to a biometric template. The digital assistant device can scan for user devices in communication range of the digital assistant device, thereby receiving user device identifiers. The digital assistant device can transmit, to a server computer, an authentication request comprising the biometric template and at least one user device identifier. The digital assistant device can then receive a cryptogram request message comprising the at least one user device identifier, from the server computer. The digital assistant device can transmit, to a user device corresponding to the at least one user device identifier, the cryptogram request message and can then receive a cryptogram. The digital assistant device can then transmit the cryptogram to the server computer. The server computer verifies the cryptogram before further processing of a transaction.

Abstract: The specification discloses a blockchain-based advertisement monitoring method and apparatus, and an electronic device. The method may include: obtaining, by a playing device, an advertisement resource; at each of a plurality of different time points while playing the advertisement resource, collecting, by the playing device, screenshots of the advertisement resource; generating, by the playing device, a plurality of signatures based on the collected screenshots, an device identifier of the playing device, and a private encryption key of the playing device; generating, by the playing device, verification information based on the plurality of signatures; and uploading, by the playing device, the verification information to a blockchain network.

Abstract: A system and method for transmitting encrypted record values stored in a database from a provider environment to a customer environment are provided. The system comprises a memory with instructions executable by a processor to encrypt a received value using a first encryption mechanism associated with the provider environment to provide an encrypted record value, and responsive to a request for the encrypted record value, store the encrypted record value in a database, decrypt the encrypted record value using the first encryption mechanism to provide a decrypted record value, encrypt the decrypted record value using a second public key of a second encryption mechanism associated with the customer environment to provide a re-encrypted record value, store the re-encrypted record value in a staging database, and transmit the re-encrypted record value from the staging database to an agent software in the customer environment.

Abstract: A method includes accessing, by a hypervisor executing by a processing device, a filtering queue that stores at least one packet determined to be malicious by a virtual machine, generating, by the hypervisor, a filtering rule in view of characteristics of the at least one packet determined to be malicious, and storing the filtering rule in a data store to apply to subsequent packets addressed to the virtual machine to determine whether any of the subsequent packets have similar characteristics with the at least one packet determined to be malicious.

Abstract: A method for blockchain-based data verification is provided. The method includes: obtaining target data submitted by a data submitter, wherein a first data digest of the target data is recorded in a blockchain; computing a second data digest of the target data; determining whether the second data digest matches the first data digest of the target data recorded in the blockchain; and determining that the target data submitted by the data submitter is valid in response to determining that the second data digest matches the first data digest of the target data recorded in the blockchain.

Abstract: Disclosed is a method of providing, by a server, mutual authentication of mutual authentication participants for contents of a social media service, the method including: receiving requestor authentication information generated in a terminal of a requestor requesting mutual authentication for specific contents; receiving acceptor authentication information generated in a terminal of an acceptor accepting the mutual authentication for the specific contents; and verifying the requestor authentication information and the acceptor authentication information, and storing the specific contents included in the requestor authentication information and the acceptor authentication information as mutually authenticated contents of the requestor and the acceptor.

Abstract: Disclosed is a method for cross-authenticating non-credentialed devices and trusted blockchain enabled applications using multiple communications modalities and gathering information upon request for a blockchain network.