Abstract: Mobile devices executing applications may be tested for networking issues by utilizing a test network having proxy access devices placed at different physical locations. Devices may be stored in a secure enclosure that includes a host device. The enclosure includes access controls to prevent unauthorized removal of devices or access to stored data. If an unauthorized access, disconnection from the host device, or disconnection of a device from a power source is detected, devices may be placed into a locked state or data on the devices may be deleted. The enclosure may also include a control device for testing the exchange of Bluetooth data by the devices. The enclosure may also include conductive members placed on the touch sensors of devices for providing simulated touch input to the touch sensors by changing the capacitance of adjacent regions of the touch sensors.

Abstract: A hardware device, inserted in a universal serial bus port of a computing device, is detected. A counter is set to an initial value of one. In response to determining that one or more device descriptors associated with the hardware device are not received by the computing device within a predetermined time period, the hardware device is prevented from discharging a high-voltage charge into the computing device by inhibiting the hardware device from storing the high-voltage charge in a capacitor of the hardware device.

Abstract: A device, system and method for securely executing recursive computations over encrypted data in a homomorphically encrypted (HE) space. For a recursive algorithm with sequentially dependent recursive iterations, executing the recursive algorithm in parallel by computing multiple recursive iterations simultaneously over multiple parallel execution iterations and not in sequential order. Each parallel execution iteration may compute a partial HE solution of multiple sequential recursive iterations comprising a known HE part and leaves empty a placeholder call slot for an unknown HE part. Placeholder call slots remain empty and are filled at delayed times at a later parallel execution iteration from when the known part of the same HE computation is computed. A final HE solution is computed in fewer multiple parallel execution iterations than the number of sequential recursive iterations, thereby accelerating the recursive algorithm in HE space.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer-storage media, for enforcing policies for computing devices. In some implementations, content for presentation by an electronic device is received. Context data indicating a current context of the electronic device is obtained. Policy data indicating a policy corresponding to at least one of the electronic device, a user of the electronic device, the content for presentation, or data associated with the content is accessed. The policy indicates one or more context-dependent limitations on presentation of the content by the electronic device. Presentation of the content by the electronic device is managed based on a set of actions the policy permits for the current context.

Abstract: Systems and methods for authenticating presumptively incompatible elements in a digital network are provided. A method may include receiving an access request from a client node in the network. The access request may be requesting access to an application in the network. The access request may be associated with a uniform resource identifier (“authURI”). The method may include extracting a target application from the URI. The method may include determining an authentication protocol that is supported by the target application. The method may include generating, based on the authentication protocol, a series of one or more authentication tests that, in combination, satisfy the authentication protocol. The authentication tests may satisfy the authentication protocol even when the client node natively supports a different authentication protocol. The method may include executing the series of authentication tests to authenticate the client node vis-à-vis the target application.

Abstract: A device for authenticating a user is described. This device comprises transceiver circuitry configured to receive motion information from a plurality of wearable devices located on a user's body indicative of the motion of the user's body at the location of the respective wearable device at a particular time; and 5 controller circuitry configured to: compare the received motion information and the location of the respective wearable device and authenticate the user in the event of a positive comparison between the received motion information and the location of the respective wearable device with stored motion information and the location of the respective wearable device.

Abstract: A method for encrypting database files includes generating a mapping for a plurality of encrypted files. A first encrypted file of the plurality of encrypted files is encrypted with a first encryption key. The method includes generating a second encrypted file by re-encrypting, for a period of time, data in the first encrypted file using a second encryption key. The first encrypted file remains accessible to one or more queries during the period of time. The method includes updating the mapping to associate the second encrypted file with the first encrypted file. The mapping is updated after the second encrypted file has been generated. The method includes preventing a query from accessing the first encrypted file after the second encrypted file has been generated.

Abstract: Disclosed herein an artificial intelligence (AI) apparatus for controlling authority to use an external device based on user identification using image recognition including a memory configured to store information on a user registered in the AI apparatus and authority information indicating whether a user is capable of use at least one external device under a predetermined condition, a communicator configured to receive a first image file obtained by photographing an environment including the at least one external device, a learning processor configured to provide the first image file to an image recognition model for specifying a face of a person included in an image file and an external device to be used by the person to specify first face information of a person included in the first image file and information on a first external device to be used by the person in the first image file, and a processor configured to control use of the first external device by the first user based on the authority, by acqui

Abstract: A system and a method of emulating a second cloud computing environment on a first cloud computing environment are disclosed herein. The first cloud computing environment includes an innovation platform having a private domain name system. The private domain name system is split between a customer subnet and a private subnet. The customer subnet is limited to communications with only the private subnet. The customer subnet executes an application thereon. The application is targeted for use on the second cloud computing environment.

Abstract: Method and Systems for configuring, monitoring, updating and validating Internet of Things (IoT) software code and configuration using blockchain smart contract technology. The use of smart contracts for delivering software code and or configuration scripts to IoT devices is an enhanced cybersecurity solution meant to ensure the security and integrity of IoT devices. The use of smart contracts is also shown how it can be used for verifying the integrity of the IoT devices software code and or configuration is a proactive method of cybersecurity. The proactive cybersecurity method will prevent man in the middle attacks as well as preventing rogue devices from impacting other IoT devices or networks.

Abstract: Processing circuitry may support a secure domain and a less secure domain, where secure information associated with a secure software process is prevented from being accessed by a less secure software process in the less secure domain. Shared resource is accessible to both secure and less secure software processes. In response to detection of an anomaly condition, allocation policy for the shared resource is switched from a shared allocation policy to a secure-biased allocation policy. The secure-biased allocation policy has a stronger bias of resource allocation to secure software processes than the shared allocation policy.

Abstract: Techniques to transmit encoded data along a physical medium, e.g. tape, and decode the transmitted data along the physical medium are provided. Some techniques include logic to encode data transmitted along a physical medium, such as a tape suitable for any purpose including the encoding of multimedia data, where the encoding is pursuant to a conversion between a first and second colorspace. The logic may further be configured to decode the data once it is received at a node along the tape, where the colorspace conversion provides the basis, key, or cipher for preforming the decoding operation. The logic may be further configured to alter the encryption and decryption basis, key, or cypher by altering the colorspace scheme defining the encoding (and by extension the decoding) during transmission, including a transmission that takes place after a previous transmission governed by the previously defined (and subsequently altered) colorspace conversion scheme. Other embodiments are described and claimed.

Abstract: A user equipment (UE) including: a processor; a transceiver; and a memory storing instructions that, when executed by the processor, controls the processor to: receive a communication request to communicate with a remote system; instantiate, in response to receiving the communication request, a UE virtual machine instance on the UE; generate a root certificate for the UE virtual machine instance; execute, on the UE virtual machine instance, an application for processing the communication request; transmit, through the transceiver and to an attestation server, the root certificate to attest to the execution of the application within the UE virtual machine instance; establish a communication link between the application and the remote system; and communicate, via the transceiver, with the remote system across the communication link.

Abstract: In an authentication system, when an electrical component with a temporary ID recorded by a temporary ID assignment device is connected to a switching hub, a temporary authentication device performs temporary authentication based on switching hub information describing the switching hub to which the electrical component is connected, the temporary ID of the electrical component, and temporary authentication inquiry information. A main authentication device performs main authentication based on the switching hub information of the switching hub to which the electrical component with a formal ID recorded by the formal ID assignment device is connected, and the formal ID of the electrical component, and main authentication inquiry information.

Abstract: Disclosed are systems and methods of adding tags for use in detecting computer attacks. In one aspect, the system comprises a computer protection module configured to: receive a security notification, extract an object from the security notification, search for the extracted object in a threat database, add a first tag corresponding to the extracted object in the threat database only when the extracted object is found in the threat database, search for signs of suspicious activity in a database of suspicious activities based on the received security notification and the added first tag, and when at least one sign of suspicious activity is found, extract a second tag from the database of suspicious activities and add the second tag to an object database, wherein the object database is used for identifying signature of targeted attacks based on security notifications, objects, first tags and second tags.

Abstract: A physically unclonable function (PUF) device includes a hybrid Boolean network module of a ring of N number of Boolean nodes connected end to end and a sampling module, wherein the hybrid Boolean network module comprises N number of xor logic gates and corresponding N number of multiplexers, wherein a function change module is disposed between an output end of a first xor logic gate of the N number of xor logic gates and an input end of a first multiplexer of the N number of multiplexers, wherein each Boolean node is provided with four input ends and three output ends, the four input ends respectively connected to an output end of each of two juxtaposing Boolean nodes, an initial excitation signal and a control delay signal, the three output ends respectively output to an input of each of two juxtaposing Boolean nodes, and the sampling module.

Abstract: An information processing apparatus includes a normal user interface (NUI) functional unit, a secure user interface (SUI) functional unit having a protection level higher than that of the NUI functional unit, and an input/output unit that receives an input of information and displays and outputs the information. The NUI functional unit causes the input/output unit to display a NUI screen which receives an input of a query and transmits, as a query, the query input via the NUI screen to the SUI functional unit. The SUI functional unit produces a summary corresponding to the query on the basis of certification data including a query and a summary corresponding to the query and causes the input/output unit to display a SUI screen having the query and the summary.

Abstract: A novel method for managing firewall configuration of a software defined data center is provided. Such a firewall configuration is divided into multiple sections that each contains a set of firewall rules. Each tenant of the software defined data center has a corresponding set of sections in the firewall configuration. The method allows each tenant to independently access and update/manage its own corresponding set of sections. Multiple tenants or users are allowed to make changes to the firewall configuration simultaneously.

Abstract: A video stream from a user device that is destined for a recipient device is received at a core network of a wireless carrier network. The video stream has a video quality that at least meets a quality threshold for behavioral biometric analysis. A determination of whether a video privacy policy for the user device permits transmission of the video stream of the video quality to the recipient device is made. In response to the video privacy policy not permitting the transmission of the video stream of the video quality, the video quality of the video stream is downgraded to generate a downgraded video stream that prevents behavioral biometric analysis for transmission to the recipient device. However, in response to the video privacy policy permitting the transmission of the video stream of the video quality, the video stream of the video quality is transmitted to the recipient device.

Abstract: A computer-implemented method includes retrieving, by a bridge device communicatively linked to a blockchain network node of a blockchain network, a first set of blockchain blocks from the blockchain network node using a first set of threads of the bridge device; storing, by the bridge device, the first set of blockchain blocks in the bridge device; and verifying, by the bridge device, a second set of blockchain blocks that are stored in the bridge device using a second set of threads of the bridge device; and wherein retrieving the first set of blockchain blocks and verifying the second set of blockchain blocks are performed asynchronously using the first set of threads and the second set of threads.