Abstract: A system for validating an authorization request to facilitate controlling access to content or computer commands, in which the access is requested by multiple entities operated on discrete computing environments. The techniques make use of a system including a switchboard and a rule engine that collect parameter sets required for validation from the entities and dynamically generate a lock and key combination based on the collected parameter sets. The key of the lock and key combination allows the system to validate each entity independently regardless of the required parameters specified in the lock and key combination.

Abstract: The invention relates to a license-verification circuit for selectively activating one or more protected circuits (206) of a device (102) the license-verification circuit being capable of: deducing a device key from an identifier associated with the device (102); receiving a first license; decrypting the first license using the device key in order to extract a first verification code activating a first protected circuit by loading an activation code in an activation log (212) associated with the first protected circuit on the basis of a verification of the first verification code.

Abstract: The embodiments herein provide a secure computing resource set identification, evaluation, and management arrangement, employing in various embodiments some or all of the following highly reliable identity related means to establish, register, publish and securely employ user computing arrangement resources in satisfaction of user set target contextual purposes.

Abstract: The disclosed computer-implemented method for establishing restricted interfaces for database applications may include analyzing, by a computing device, query behavior of an application for query requests from the application to a remote database in a computer system and identifying, based on the analysis, an expected query behavior for the application. The method may include establishing, between the application and the remote database, a restricted interface. The method may include receiving, at the restricted interface, a query request from the application to the remote database and limiting, by the restricted interface, the query request from the application to the remote database based on the expected query behavior. The method may include determining, by checking the query request against the expected query behavior, that the query request is anomalous query behavior and performing a security action with respect to the computer system.

Abstract: A method for modifying a user session lifecycle is provided. The method may include verifying a user session on a cloud service provider is valid. The method may also include monitoring a plurality of user behaviors exhibited during the verified user session. The method may further include determining a plurality of session data within an identity provider should be updated based on the monitored plurality of user behaviors and a policy within a database. The method may also include modifying the determined plurality of session data.

Abstract: In illustrative implementations, shape is used to encode computer passwords or other information. The passwords may be easy for a human to remember—and yet have an extremely high number of permutations (e.g., in some cases, greater than 1030 permutations, or greater than 10261 permutations, or greater than 106264 permutations). This combination of a password being easy for a human to remember—yet having a large number of permutations—offers many practical benefits. Among other things, the huge number of permutations makes the password extremely resistant to guessing attacks. In addition, in some cases, the passwords that are created with the shapes are highly resistant to attacks by keystroke logging, mouse logging, touch-gesture logging, screen logging, shoulder surfing, phishing, and social engineering. Alternatively, the shapes may be used to encode other information, such as information that uniquely identifies a product or a machine part.

Abstract: A technique includes acquiring a plurality of records, each record having a corresponding number of attributes determining, based on local density measurements for numeric and normally distributed attribute value frequency measure for categorical attributes tags in the training portion of the plurality of records which is then used in probabilistic classifier for anomaly detection. A second set of implementations is proposed using ensemble method of combining deep learning algorithms for the same.

Abstract: A means and system is designed to distinguish human users from bots (automated programs to generate posts or interactions) in social media (including microblogging services and social networking services) by assigning a likelihood score to each user for being a human or a bot. The bot score assigned to each user is computed from statistical, temporal and text features that are detected in user's social media interactions (relative indicators specific to a given social media data set) and user's historical profile information.

Abstract: Disclosed are systems and methods for passively authenticating users of a native application running on a mobile communications device. The user may be applying for a service, product, access, etc. from a provider computing system. A unique device identifier of the device may be acquired and provided to a first computing system. A mobile telephone number associated with the device may be received at the device. User information may be accepted from the user via a user interface of the device for entry into a set of fields. The mobile telephone number may be verified by determining, via a second computing system that is different from the first computing system, that the mobile telephone number is associated with the user information. The service/product/access for the user may be approved in response to verification of the mobile telephone number. The user may be authenticated without challenge questions.

Abstract: A user verification apparatus may perform user verification using multiple biometric verifiers. The user verification apparatus may set a termination stage of one or more biometric verifiers. Multiple biometric verifiers may be used to generate outputs, for which separate termination stages are set to establish a particular combination of set termination stages associated with the multiple biometric verifiers, and the user verification apparatus may fuse outputs of the biometric verifiers based on the particular combination of set termination stages. The user verification apparatus may verify a user based on a result of the fusing, and an unlocking command signal may be generated based on the verifying. The unlocking command signal may be generated to selectively grant access, to the verified user, to one or more elements of a device. The device may be a vehicle.

Abstract: A concealed-decision-tree computation system includes a user apparatus and 0th to (n?1)-th server apparatuses, where n is a predetermined positive integer. The user apparatus secret-shares data D into n shares [D]j (j=0, . . . , n?1) and sends the n shares [D]j (j=0, . . . , n?1) to the 0th to (n?1)-th server apparatuses, respectively. The 0th to (n?1)-th server apparatuses use the n shares [D]j (j=0, n?1) to perform secret cooperation computation to obtain n shares [out]0, . . . , [out]n-1 of a value “out” corresponding to the data D in a predetermined decision tree and send the n shares [out]0, . . . , [out]n-1 to the user apparatus. The user apparatus uses at least k shares out of the n received shares [out]0, . . . , [out]n-1 to restore the value “out” corresponding to the data D in the predetermined decision tree, where k is a predetermined integer equal to or smaller than n.

Abstract: To make high-level copyright protection of transmission audio data possible. Audio data is sequentially transmitted to a reception side via a predetermined transmission channel for each unit audio data. Audio data to be transmitted is encrypted, and encryption information indicating that the audio data has been encrypted is added to the audio data. For example, the encryption information is added using a predetermined bit area of a channel status of each block that is configured every predetermined number of unit audio data pieces.

Abstract: A system and a method for document information authenticity verification for applications including verifying the authenticity of information of statements of attainment of course documentation issued by registered training organisations, verification of travel documents and other sensitive documents requiring authenticity verification of documents issued by law firms, accountancy firms, governmental institutions and the like, the method comprises a verification record creation stage comprising: receiving document content metadata from a document; generating a metadata hash using the document content metadata; creating a blockchain transaction comprising the metadata hash; and generating computer readable data encoding the metadata hash; updating the document with the computer readable data and a document verification stage comprising: receiving the document; extracting the metadata hash from the computer readable data; and identifying the metadata hash within blockchain transactions of the blockchain to veri

Abstract: A computing device determines a peer group identifier and supplements netflow records with the peer group identifier. An authentication event block object is received that was sent to a first source window. The authentication event block object includes a user identifier, an IP address, and a peer group identifier. Members of the peer group are identified based on an expected network activity behavior. The user identifier and the peer group identifier are stored in association with the IP address in a cache. A netflow event block object sent to the first source window is received that includes a netflow packet IP address. Netflow data is parsed from the netflow event block object into a netflow record. When the stored IP address matches the netflow packet IP address, the netflow record is supplemented with the user identifier and the peer group identifier. The supplemented netflow record is output to summary data.

Abstract: Embodiments of the invention are directed to systems, methods and computer program products for end to end encryption on a network without using certificates. The system utilizes a correlation between two quantum particles that are entangled. In this way, data may be encrypted with the particles and transmitted to end users. Since the particles are forced to behave the same way even if they are separated, the data associated with the particles is not able to be breached. In the application encryption processing, that means the particles are not hackable and the encryption is always true and accurate. In this way, verification of application encryption occurs via particle measurement by leveraging the fact that that there is only one sender and one receiver, because they are of the same particle computation or physical end-point, instead of current encryption relying on logical end-points.

Abstract: A biometrically encrypted access policy is provided. A commercial transaction request to access a client-supported institution received from a client device is identified. A database structure associates each of a plurality of client-supported institutions with one or more respective biometric tokens for authentication. A one-time password is associated with the client-supported institution based on biometric tokens. An encrypted code is associated with the client-supported institution based on biometric tokens. A encrypted OTP is transmitted to client device, and instructions to capture a biometric scan data via the client device are generated based on parameters of biometric tokens. A decryption key is generated via the client device, and the decryption key is determined to authenticate the user of the client device, and, in response, the commercial transaction request to access the client-support institution is approved.

Abstract: A method of securely accessing a modem is disclosed that uses an authentication token with a hash of a secure shell server (SSH) public key. The method includes receiving an encrypted authentication token from the modem, the authentication token having one of a hash of the SSH public key and the SSH public key and being encrypted according to another public key, transmitting the encrypted authentication token to a central server, receiving a decrypted authentication token from the central server, the decrypted authentication token comprising the hash of the SSH server public key, configuring modem interfaces at least in part using the authentication token, the modem interfaces including an interface with an SSH server, and communicating with the modem according to the hash of the SSH server public key.

Abstract: An information processing system includes a first, second and management apparatus. The first apparatus stores an encrypted document, notifies the management apparatus of a first state of the first apparatus regarding information security requirements, sends information for specifying the first apparatus as a transmission source and information for specifying the second apparatus as a transmission destination to the management apparatus, requests transmission permission to the management apparatus, and transmits the encrypted document to the second apparatus when transmission permission is granted. The second apparatus notifies the management apparatus of a second state of the second apparatus regarding the information security requirements, and receives the encrypted document from the first apparatus.

Abstract: An existing application processing on a client device initiates a function to provide a hard coded credential to a remote target application for purposes of logging into and gaining access to the remote target application. A hook to the function causes an agent to be activated, the agent dynamically contacts a credential vault to obtain a randomly generated credential for access to the remote target application. The hook injects the randomly generated credential over the hard coded credential supplied by the existing application and the function is initiated. The function logs into the target application using the randomly generated credential providing the existing application access to the remote target application. The hard coded credential is bypassed by the randomly generated credential.

Abstract: An image product is manufactured from a digital video work by an apparatus and via a process. An object in the digital image work is detected, and the object is recognized. Metadata is assigned to the recognized object. A cryptographic hash of the object metadata is generated via a cryptographic hashing algorithm, and the cryptographic hash is written to a node of a transaction processing network.