Abstract: Techniques for ascertaining legitimacy of communications received during a digital interaction with a client device. The techniques include: receiving a communication; identifying from the communication a first secured token; processing the first secured token by: obtaining, from the first secured token, information indicating a state of the digital interaction; and using the information indicating the state to determine whether the communication is from the client device; and when it is determined that the communication is from the client device, causing at least one action responsive to the communication to be performed; updating the information indicating the state of the digital interaction to obtain updated information indicating the state of the digital interaction; and providing a second secured token to the client device for use in a subsequent communication during the digital interaction, the second secured token comprising the updated information indicating the state of the digital interaction.

Abstract: Systems and methods for initiating enrollment of a local device in a cloud environment using a separate device are presented. In an example embodiment, a device identifier for the local device is received from the local device by a separate device that is trusted by a cloud computing system. The separate device causes the displaying of an indicator for the local device. In response to receiving an activation of the indicator for the local device, the separate device issues a request to the cloud computing system to receive credential information enabling the local device to enroll with the cloud computing system. The separate device receives the credential information from the cloud computing system and transmits the credential information to the local device.

Abstract: An embodiment herein provides a processor implemented method for blockchain-based secure credential and token management for open identity management that enables a first device to provision at least one additional device to present tokens issued to the first device, that includes i) creating, using a hardware-based cryptographic processor on a first device associated with an end user, a first set of credentials; ii) obtaining and caching at least one attestation token from one or attestation issuing parties, the at least one attestation token is restricted by default to be unusable from any device other than the first device; (iii) providing the at least one attestation token to at least one relying party that is interested in receiving attestations about the end user; and iv) signing a trust record on the blockchain using the first device associated with the end user.

Abstract: A security system detects anomalous activity in a network. The system logs user activity, which can include ports used, compares users to find similar users, sorts similar users into cohorts, and compares new user activity to logged behavior of the cohort. The comparison can include a divergence calculation. Origins of user activity can also be used to determine anomalous network activity. The hostname, username, IP address, and timestamp can be used to calculate aggregate scores and convoluted scores.

Abstract: Systems and methods for active state synchronization between distributed ledger technology (DLT) platforms are provided. A system may store an origin blockchain compliant with an origin DLT. The system may further store a target blockchain compliant with a target DLT. The target DLT may be different from the origin DLT. The system may include a DLT object synchronizer with access to the origin blockchain and the target blockchain. The DLT object synchronizer may receive, from an exchange node, a request to synchronize an origin instance of a DLT object between the origin blockchain and the target blockchain. The DLT object synchronizer may select a target instance of the DLT object on the target blockchain. The DLT object synchronizer may format origin data from the origin instance for compliance with the target DLT. The DLT object synchronizer may synchronize the origin instance and the target instance.

Abstract: A delegation request is submitted to a session-based authentication service, fulfillment of which involves granting an entity an access privilege to a computing resource. A session key is received from the session-based authentication service. The session key having been generated based at least in part on a restriction and a secret credential shared with the session-based authentication service and usable at least in part to prove possession of the access privilege to the computing resource. The session key is provided to the entity without providing the shared secret credential.

Abstract: A diagnostic method performed by a gateway in a vehicle network, wherein the gateway comprises a controller and a physical (PHY) layer which manages ports and is connected to the controller, may comprise receiving, by the controller, a diagnostic request message from an external diagnostic apparatus connected to a first port; receiving, by the controller, a security authentication request message from the external diagnostic apparatus when a security authentication is required for the diagnostic request message; verifying, by the controller, the security authentication request message; and activating, by the PHY layer, a port of the PHY layer connected to a target communication node to be diagnosed among the ports, under control of the controller, when verification of the security authentication request message is completed.

Abstract: An embodiment herein provides a processor implemented method for blockchain-based authentication of a user using a user device, that includes (i) obtaining an identify information associated with an identity document of the user; (ii) storing the identity information, and a set of credentials, with a blockchain to link the identity information with the set of credentials for the user; (iii) obtaining a cryptographic challenge from a relying party device when a record that includes a user identity information of the user and the set of credentials associated with the user identity information for the user device is found to be stored with the blockchain; and (iv) transmitting a response to the cryptographic challenge to the relying party device. The relying party device checks whether the response matches with a predetermined correct response or not. The relying party device authenticates the user only if the response matches with the predetermined correct response.

Abstract: A method and system for continuously authenticating a user working from a remote location is provided. The method includes providing user an interface to login through his login credentials to company domain. The login credentials are authenticated by a company's remote server. Once the user is authenticated the server pushes user's secondary authentication details to user's device and invokes a secondary authentication system. The secondary authentication system may include a webcam that initiates once user is logged in and continuously monitors biometric parameters for continued authentication of the user.

Abstract: Blockchain-based device authentication by a user device to enable a second device is disclosed to perform an action on a first device on behalf of a user linked to the user device, based on a command received from the second device. Authentication includes the steps of: (i) obtaining an indentity information associated with an identity document of the user; (ii) storing the identity information, and a set of credentials, with a blockchain to link the identity information with the set of credentials for the user; (iii) signing a first trust certificate by a user private key on the blockchain to obtain a first signed trust certificate; and (iv) signing a second trust certificate by the user private key on the blockchain to obtain a second signed trust certificate.

Abstract: Techniques for ascertaining legitimacy of communications received during a digital interaction with a client device. The techniques include: receiving a communication; identifying from the communication a first secured token; processing the first secured token by: obtaining, from the first secured token, information indicating a state of the digital interaction; and using the information indicating the state to determine whether the communication is from the client device; and when it is determined that the communication is from the client device, causing at least one action responsive to the communication to be performed; updating the information indicating the state of the digital interaction to obtain updated information indicating the state of the digital interaction; and providing a second secured token to the client device for use in a subsequent communication during the digital interaction, the second secured token comprising the updated information indicating the state of the digital interaction.

Abstract: In an example, transactions are secured between electronic circuits in a memory fabric. An electronic circuit may receive a transaction integrity key. The electronic circuit may compute a truncated message authentication code (MAC) using the received transaction integrity key and attach the truncated MAC to a security message header (SMH) of the transaction.

Abstract: A processor implemented method for generating a recovery key for a first device associated with a user and conditionally registering an identifier of the recovery key in a blockchain is provided. The method includes the steps of generating, using a first cryptographic processor on the first device associated with the user, a first set of credentials; generating a mnemonic sentence from pseudorandom data; applying a key derivation algorithm to generate the recovery key and conditionally registering an identifier of the recovery key for the first public key of the first device in a smart contract in the blockchain. The first set of credentials includes a first blockchain-compatible public-private key pair associated with the user. The first blockchain-compatible public-private key pair includes a first public key and a first private key. The first private key is restricted to the first cryptographic processor on the first device.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for parallel-processing blockchain transactions are provided. One of the methods includes: obtaining a plurality of candidate transactions for adding to a blockchain; grouping the candidate transactions into one or more transaction groups; creating one or more copies of at least a portion of a data structure of a latest block of the blockchain; associating the one or more transaction groups respectively with the one or more copies of the data structure; executing the candidate transactions in each of the transaction groups and updating the associated copies of the data structure; and merging the updated copies of the data structure to obtain at least a portion of a new data structure of a new block to add to the blockchain.

Abstract: Systems, methods, and computer-readable media for integrating web resources are provided. A Resource Provider Proxy Service (RPPS) may download and cache whitelisted resources from a third party service (3PS). Once whitelisted resources are downloaded to the RPPS from the 3PS, a secure endpoint service may expose the resources to applications running on user systems. The resources served to the user system applications may be virtually isolated from one another in separate domains using a sandboxing framework. Other embodiments may be described and/or claimed.

Abstract: A non-transitory computer-readable storage medium storing a set of instructions executable by a processor. The set of instructions is operable to receive a request from a node to join a trusted ad hoc network. The set of instructions is further operable to authenticate the node to join the trusted ad hoc network. The authentication is performed based on a verification that the node will comply with a security policy of the trusted ad hoc network. The set of instructions is further operable to send, to the node, a verification that the trusted ad hoc network complies with the security policy. The set of instructions is further operable to add the node to the trusted ad hoc network.

Abstract: Example embodiments of systems and methods for data transmission system between transmitting and receiving devices for use in a tap and walk store are provided. In an example embodiment, the transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can generate the diversified key based on the master key and can decrypt the data and validate the protected counter value using the diversified key. Disclosed systems allow a user to purchase items utilizing the disclosed transmitting device.

Abstract: The subject matter discloses a method and a system for securely distributing a credential and encryption keys for physical devices. The system comprises a security server and a physical device. the physical device comprises a memory module configured to store a share of the credential, a communication module configured to exchange signals, and a processing module configured to execute calculations upon request received on a wireless manner via the communication module from the security server, the calculations are transmitted to the security server to execute a multi-party computation process. The multi-party computation process outputs two shares of the credential, a first share is stored in the physical device. The physical device does not have access to the credential.

Abstract: Systems and methods as described herein may include creating and monitoring workflows in a blockchain network. A workflow may be implemented by using a smart contract or the steps in the workflow may be recorded in a distributed ledger in a blockchain network. Completion of a workflow step may be verified by identifying a blockchain transaction executed by the workflow step performer assigned to the workflow step. The blockchain transaction is associated with encryption keys of the workflow step performer assigned to the workflow step. The completion of the execution of a workflow may be verified by determining whether the status of the last workflow step is complete, and identifying a blockchain transaction associated with encryption keys of the workflow step performer assigned to the last workflow step.

Abstract: A compliance checker to verify that a device complies with a policy is described. In one embodiment, the compliance checker comprises a compliance checker agent, to initiate the compliance check, in response to receiving the request, and an encryption checker to obtain an original data and a data stored on the storage. The system further comprising a comparator to determine whether known data read from the upper driver is identical to known data read from the lower driver. The compliance checker plug-in in one embodiment verifies the compliance status of the device, based on the data from the comparator.