Abstract: The blockchain generation apparatus 1 includes: a synchronizer 121 that acquires shared data 111 which includes the blockchain data 112 and transaction datasets 113 not included in the blockchain data 112; a transaction pattern count calculator 124 that calculates the number of transaction patterns for a generating party using the blockchain generation apparatus 1, based on the transaction datasets which are in the blockchain data 112 and are related to an identifier of the generating party; a block generation condition checker 125 that determines whether the generating party is qualified to generate the new blockchain data, based on the number of transaction patterns calculated by the transaction pattern count calculator; and a blockchain generator 126 that tries to generate the new blockchain by referring to the shared data 111 if the block generation condition checker 125 determines that the generating party is qualified.

Abstract: An encryption device (500) includes an encryption unit (504), a detection element generation unit (505), and a transmission unit (506). The encryption unit (504) encrypts a plain text by using one of a pair of keys to generate an encrypted text into which the plain text has been encrypted and which can be subjected to homomorphic computation. The detection element generation unit (505) generates a detection element E used to detect a change in the encrypted text by using the one key and the encrypted text. The transmission unit (506) transmits the encrypted text and the detection element.

Abstract: In some examples, a method of privacy preservation in a security information sharing platform includes comparing, by a system comprising a hardware processor in the security information sharing platform that enables sharing of security information among a plurality of users, a set of profiles wherein each profile of the set of profiles is associated with an individual user; identifying, by the system based on the comparing, that a badge associated with a particular profile of the set of profiles is predictive of an identity of the individual user, the badge based on a contribution of security information by the individual user to the security information sharing platform, and the badge comprising user attributes associated with the individual user; and modifying, by the system based on the identifying, a visibility of the badge within the security information sharing platform.

Abstract: Techniques for ascertaining legitimacy of communications received during a digital interaction with a client device. The techniques include: receiving a communication; identifying from the communication a first secured token; processing the first secured token by: obtaining, from the first secured token, information indicating a state of the digital interaction; and using the information indicating the state to determine whether the communication is from the client device; and when it is determined that the communication is from the client device, causing at least one action responsive to the communication to be performed; updating the information indicating the state of the digital interaction to obtain updated information indicating the state of the digital interaction; and providing a second secured token to the client device for use in a subsequent communication during the digital interaction, the second secured token comprising the updated information indicating the state of the digital interaction.

Abstract: Systems and methods for initiating enrollment of a local device in a cloud environment using a separate device are presented. In an example embodiment, a device identifier for the local device is received from the local device by a separate device that is trusted by a cloud computing system. The separate device causes the displaying of an indicator for the local device. In response to receiving an activation of the indicator for the local device, the separate device issues a request to the cloud computing system to receive credential information enabling the local device to enroll with the cloud computing system. The separate device receives the credential information from the cloud computing system and transmits the credential information to the local device.

Abstract: A security system detects anomalous activity in a network. The system logs user activity, which can include ports used, compares users to find similar users, sorts similar users into cohorts, and compares new user activity to logged behavior of the cohort. The comparison can include a divergence calculation. Origins of user activity can also be used to determine anomalous network activity. The hostname, username, IP address, and timestamp can be used to calculate aggregate scores and convoluted scores.

Abstract: An embodiment herein provides a processor implemented method for blockchain-based secure credential and token management for open identity management that enables a first device to provision at least one additional device to present tokens issued to the first device, that includes i) creating, using a hardware-based cryptographic processor on a first device associated with an end user, a first set of credentials; ii) obtaining and caching at least one attestation token from one or attestation issuing parties, the at least one attestation token is restricted by default to be unusable from any device other than the first device; (iii) providing the at least one attestation token to at least one relying party that is interested in receiving attestations about the end user; and iv) signing a trust record on the blockchain using the first device associated with the end user.

Abstract: A delegation request is submitted to a session-based authentication service, fulfillment of which involves granting an entity an access privilege to a computing resource. A session key is received from the session-based authentication service. The session key having been generated based at least in part on a restriction and a secret credential shared with the session-based authentication service and usable at least in part to prove possession of the access privilege to the computing resource. The session key is provided to the entity without providing the shared secret credential.

Abstract: Systems and methods for active state synchronization between distributed ledger technology (DLT) platforms are provided. A system may store an origin blockchain compliant with an origin DLT. The system may further store a target blockchain compliant with a target DLT. The target DLT may be different from the origin DLT. The system may include a DLT object synchronizer with access to the origin blockchain and the target blockchain. The DLT object synchronizer may receive, from an exchange node, a request to synchronize an origin instance of a DLT object between the origin blockchain and the target blockchain. The DLT object synchronizer may select a target instance of the DLT object on the target blockchain. The DLT object synchronizer may format origin data from the origin instance for compliance with the target DLT. The DLT object synchronizer may synchronize the origin instance and the target instance.

Abstract: A method and system for continuously authenticating a user working from a remote location is provided. The method includes providing user an interface to login through his login credentials to company domain. The login credentials are authenticated by a company's remote server. Once the user is authenticated the server pushes user's secondary authentication details to user's device and invokes a secondary authentication system. The secondary authentication system may include a webcam that initiates once user is logged in and continuously monitors biometric parameters for continued authentication of the user.

Abstract: An embodiment herein provides a processor implemented method for blockchain-based authentication of a user using a user device, that includes (i) obtaining an identify information associated with an identity document of the user; (ii) storing the identity information, and a set of credentials, with a blockchain to link the identity information with the set of credentials for the user; (iii) obtaining a cryptographic challenge from a relying party device when a record that includes a user identity information of the user and the set of credentials associated with the user identity information for the user device is found to be stored with the blockchain; and (iv) transmitting a response to the cryptographic challenge to the relying party device. The relying party device checks whether the response matches with a predetermined correct response or not. The relying party device authenticates the user only if the response matches with the predetermined correct response.

Abstract: A diagnostic method performed by a gateway in a vehicle network, wherein the gateway comprises a controller and a physical (PHY) layer which manages ports and is connected to the controller, may comprise receiving, by the controller, a diagnostic request message from an external diagnostic apparatus connected to a first port; receiving, by the controller, a security authentication request message from the external diagnostic apparatus when a security authentication is required for the diagnostic request message; verifying, by the controller, the security authentication request message; and activating, by the PHY layer, a port of the PHY layer connected to a target communication node to be diagnosed among the ports, under control of the controller, when verification of the security authentication request message is completed.

Abstract: Blockchain-based device authentication by a user device to enable a second device is disclosed to perform an action on a first device on behalf of a user linked to the user device, based on a command received from the second device. Authentication includes the steps of: (i) obtaining an indentity information associated with an identity document of the user; (ii) storing the identity information, and a set of credentials, with a blockchain to link the identity information with the set of credentials for the user; (iii) signing a first trust certificate by a user private key on the blockchain to obtain a first signed trust certificate; and (iv) signing a second trust certificate by the user private key on the blockchain to obtain a second signed trust certificate.

Abstract: Techniques for ascertaining legitimacy of communications received during a digital interaction with a client device. The techniques include: receiving a communication; identifying from the communication a first secured token; processing the first secured token by: obtaining, from the first secured token, information indicating a state of the digital interaction; and using the information indicating the state to determine whether the communication is from the client device; and when it is determined that the communication is from the client device, causing at least one action responsive to the communication to be performed; updating the information indicating the state of the digital interaction to obtain updated information indicating the state of the digital interaction; and providing a second secured token to the client device for use in a subsequent communication during the digital interaction, the second secured token comprising the updated information indicating the state of the digital interaction.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for parallel-processing blockchain transactions are provided. One of the methods includes: obtaining a plurality of candidate transactions for adding to a blockchain; grouping the candidate transactions into one or more transaction groups; creating one or more copies of at least a portion of a data structure of a latest block of the blockchain; associating the one or more transaction groups respectively with the one or more copies of the data structure; executing the candidate transactions in each of the transaction groups and updating the associated copies of the data structure; and merging the updated copies of the data structure to obtain at least a portion of a new data structure of a new block to add to the blockchain.

Abstract: In an example, transactions are secured between electronic circuits in a memory fabric. An electronic circuit may receive a transaction integrity key. The electronic circuit may compute a truncated message authentication code (MAC) using the received transaction integrity key and attach the truncated MAC to a security message header (SMH) of the transaction.

Abstract: A processor implemented method for generating a recovery key for a first device associated with a user and conditionally registering an identifier of the recovery key in a blockchain is provided. The method includes the steps of generating, using a first cryptographic processor on the first device associated with the user, a first set of credentials; generating a mnemonic sentence from pseudorandom data; applying a key derivation algorithm to generate the recovery key and conditionally registering an identifier of the recovery key for the first public key of the first device in a smart contract in the blockchain. The first set of credentials includes a first blockchain-compatible public-private key pair associated with the user. The first blockchain-compatible public-private key pair includes a first public key and a first private key. The first private key is restricted to the first cryptographic processor on the first device.

Abstract: A non-transitory computer-readable storage medium storing a set of instructions executable by a processor. The set of instructions is operable to receive a request from a node to join a trusted ad hoc network. The set of instructions is further operable to authenticate the node to join the trusted ad hoc network. The authentication is performed based on a verification that the node will comply with a security policy of the trusted ad hoc network. The set of instructions is further operable to send, to the node, a verification that the trusted ad hoc network complies with the security policy. The set of instructions is further operable to add the node to the trusted ad hoc network.

Abstract: Systems, methods, and computer-readable media for integrating web resources are provided. A Resource Provider Proxy Service (RPPS) may download and cache whitelisted resources from a third party service (3PS). Once whitelisted resources are downloaded to the RPPS from the 3PS, a secure endpoint service may expose the resources to applications running on user systems. The resources served to the user system applications may be virtually isolated from one another in separate domains using a sandboxing framework. Other embodiments may be described and/or claimed.

Abstract: Example embodiments of systems and methods for data transmission system between transmitting and receiving devices for use in a tap and walk store are provided. In an example embodiment, the transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can generate the diversified key based on the master key and can decrypt the data and validate the protected counter value using the diversified key. Disclosed systems allow a user to purchase items utilizing the disclosed transmitting device.