Abstract: Block chain-based multifactor personal identity verification may be provided. Verification addresses may be established on a block chain by: associating identifiers with individuals having previously verified personal identities, assigning verification addresses on a block chain to the individuals, and recording identifiers and biometric data associated with the individuals at corresponding verification addresses. Block chain-based multifactor personal identity verification using the verification addresses may be performed by: receiving one or more identifiers in connection with one or more requests to verify an identity of one or more individuals, extracting the biometric data associated with the one or more individuals from the corresponding verification addresses, and verifying the identity of the one or more individuals upon receiving matching biometric data and private keys.

Abstract: The present disclosure discloses an application-based service providing method, apparatus, and system. The method includes: acquiring an application identifier of a currently running application; and searching a preset application-service relationship table for a service list corresponding to the application identifier, so as to provide a user of the application with a service in the service list, where the application-service relationship table includes a correspondence between an application identifier and a service list, and the service list includes at least one service. The service providing method in the embodiments decouples a third-party service from an application, and even if the application needs version update, the third-party service also does not need to depend on the version update of the application.

Abstract: A processor of an aspect includes a decode unit to decode an elliptic curve cryptography (ECC) point-multiplication with obfuscated input information instruction. The ECC point-multiplication with obfuscated input information instruction is to indicate a plurality of source operands that are to store input information for an ECC point-multiplication operation. At least some of the input information that is to be stored in the plurality of source operands is to be obfuscated. An execution unit is coupled with the decode unit. The execution unit, in response to the ECC point-multiplication with obfuscated input information instruction, is to store an ECC point-multiplication result in a destination storage location that is to be indicated by the ECC point-multiplication with obfuscated input information instruction. Other processors, methods, systems, and instructions are disclosed.

Abstract: A compliance checker to verify that a device complies with a policy is described. In one embodiment, the compliance checker comprises a compliance checker agent, to initiate the compliance check, in response to receiving the request, and an encryption checker to obtain an original data and a data stored on the storage. The system further comprising a comparator to determine whether known data read from the upper driver is identical to known data read from the lower driver. The compliance checker plug-in in one embodiment verifies the compliance status of the device, based on the data from the comparator.

Abstract: A compliance checker to verify that a device complies with a policy is described. In one embodiment, the compliance checker comprises a compliance checker agent, to initiate the compliance check, in response to receiving the request, and an encryption checker upper driver above a level of a disk encryption driver, and an encryption checker lower driver, below the level of the disk encryption driver with a comparator to determine whether known data read from the upper driver is identical to known data read from the lower driver. The compliance checker plug-in in one embodiment verifies the compliance status of the device, based on the data from the comparator.

Abstract: Devices, systems, and methods for allowing parents to view and track smart phone activities of their children can include one or more child software modules. The module can be installed on each child's smart phone. The module can access and extract data from or about more than one of the smart phone's other software applications, including at least two of the following: a texting application, a social media application, an image application that facilitates transmission or reception of images, and a web browser application. The module can further send the extracted data to an analysis server. The module can also monitor location data. Moreover, the system can include an analysis server that can identify potentially harmful language, images, and websites. Further, the system can include a parent portal. The parent portal can receive results from the analysis server.

Abstract: Computer systems and methods in various embodiments are configured for improving the security and efficiency of server computers interacting through an intermediary computer with client computers that may be executing malicious and/or autonomous headless browsers or “bots”.

Abstract: Obtaining information may be increasingly more challenging in modern times. The systems described herein enable a user to have access to one or more data streams. For example, the data stream may include messages from a famous person provided to an online social networking service, where the messages may be limited character messages. Yet, in some instances, the data stream may also include images posted on a blog, videos posted on a social networking service for connecting people, a list of searches and/or search strings by a famous person, and a number of purchase orders by an actress. The systems may also control the user's access to the one or more data streams, possibly limiting the access to portions of the one or more data streams.

Abstract: Techniques for ascertaining legitimacy of communications received during a digital interaction with a client device. The techniques include: receiving a communication; identifying from the communication a first secured token; processing the first secured token by: obtaining, from the first secured token, information indicating a state of the digital interaction; and using the information indicating the state to determine whether the communication is from the client device; and when it is determined that the communication is from the client device, causing at least one action responsive to the communication to be performed; updating the information indicating the state of the digital interaction to obtain updated information indicating the state of the digital interaction; and providing a second secured token to the client device for use in a subsequent communication during the digital interaction, the second secured token comprising the updated information indicating the state of the digital interaction.

Abstract: User physical interaction characteristics information or the way a user physically interacts with a device is analyzed to aid in authenticating a user of a device. User physical interaction characteristics information such as swipe speed, finger area, finger conductivity, finger angle, device angle, movement patterns, acceleration, etc., provide signatures that are distinctive for particular individuals and possibly unique if measured to a sufficiently high level of precision. In some examples, a device measures finger positions, finger pad sizes, moisture level, acceleration, displacement, and changes in finger pad size for a particular user and compares the measurements to physical interaction characteristics measured during subsequent usage of the device to verify that a user is an authorized user.

Abstract: Methods, apparatus, systems, and computer-readable media are provided for interactive assistant modules to safely access and provide restricted content in group contexts. In various implementations, a dialog between a first individual and an interactive assistant module may be determined to be sensorially perceivable by at least a second individual. Restricted content that is to be automatically incorporated into the dialog by the interactive assistant module may be identified. In various implementations, access to the restricted content may be controlled by the first individual. In various implementations, the restricted content may be conditionally incorporated into the dialog in response to a determination that the second individual is authorized to perceive the restricted content.

Abstract: A system and method for supporting encryption key retrieval. A first digital key is created. A first protected key is created by applying a first protection algorithm based on a first user provided password to the first digital key. A first unlock key is created that is separate from the first digital key. A second protected key is created by applying a second protection algorithm based on the first unlock key to the first digital key. The first protected key and the second protected key are stored. The first unlock key is sent to a remote storage and no copy of the unlock key is retained after the sending the first unlock key.

Abstract: A computer-implemented method for preventing internal network attacks may include 1) identifying a host system that is within a subnet of a network, 2) detecting an intrusion on the host system, the intrusion on the host system being capable of facilitating an attack via the host system on at least one additional system of the network, 3) identifying at least one additional host system within the subnet of the network, and 4) implementing a security measure on the additional host system to prevent the attack based at least in part on detecting the intrusion and at least in part on the host system and additional host system being within the subnet. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Various embodiments provide systems and methods for securely transferring data from a secured site to a medical device. Some embodiments provide systems and methods for securely uploading data from a medical device to a secured site. In some embodiments described herein, data can be downloaded from a secured site to a key and after severing communication with the secured site, key can be coupled to a device and download the data to the device, in some embodiments, a public and private key pair may be used to securely download data to a device.

Abstract: Embodiments relate to systems, devices, and computer-implemented methods for detecting double signing in one-time use signature schemes by receiving a first message, where the first message includes a signature generated using a one-time use private key of a one-time use public/private key pair, determining a one-time use public key of the public/private key pair based on the first message, adding the one-time use public key to a list of public keys, receiving a second message, where the second message includes a signature generated using the one-time use private key of the one-time use public/private key pair, determining the one-time use public key of the public/private key pair based on the second message, determining that the one-time use public/private key pair was used more than once based on the list of public keys; and generating an alert based on determining that the one-time use public/private key pair was used more than once.

Abstract: The invention is a system allowing for the commercial rental of physical assets that are locked and secured at specific locations, including, without limitation, bicycles, motorcycles, automobiles, tools, machines, computers, smart phones, or tablet computers.

Abstract: Techniques for detecting application program spoofing. The techniques include: receiving a communication from an application program executing on a client device different from the at least one computer; identifying from the communication an asserted identity of the application program; and verifying the asserted identity of the application program at least in part by: interacting with the client device to obtain additional information about the application program, and determining whether the additional information about the application program is consistent with the asserted identity of the application program.

Abstract: Determining the physical location of wirelessly connected devices within a network can provide a number of security benefits. However, manually determining and configuring the physical location of each device within a system can be burdensome. To ease this burden, devices within a network are equipped with a location detection sensor that is capable of automatically determining a device's location in relation to other devices within the network. A location detection sensor (“sensor”) may include a light source, a light direction sensor, a rangefinder, and a radio or wireless network interface. Two location detection sensors can perform a location detection process to determine their relative locations to each other, such as the distance between them. As more sensors are added to a network, a sensor management system uses the relative locations determined by the sensors to map the sensors to a physical space layout.

Abstract: Embodiments are directed to simulating an operation of a mechanical lock in an electronic context, comprising: applying a contactless wireless credential to a lock, authenticating the credential, unlocking the lock to provide access to a resource protected by the lock based on having authenticated the credential, determining a security level associated with the lock, and conditionally capturing the credential based on the security level.

Abstract: A system and method for generating a signature for a document using credentials indicating an unsanctioned signing event. The system and method includes receiving a request to generate a signature of a signatory for a document, wherein the request includes a received set of credential data for a signatory, obtaining a token identifier for at least one computing device, and determining if the received set of credential data matches credentials indicating the unsanctioned signing event. The system and method further includes receiving the signature of the signatory, the document identifier, and the token identifier, and determining based at least in part on the signature, document identifier, and the token identifier, whether the received signature is associated with the unsanctioned signing event.