Abstract: A method and apparatus for sending messages. A message is received by a proxy in a container running on a computer system from an application in the container. A recipient for the message is identified by the proxy using access information. The message is encrypted by the proxy using the access information. The message to the recipient is sent by the proxy, wherein the access information is received from a controller.

Abstract: A computer-based locking system using changing passcodes includes an application server and an application in electronic communication with the application server. The application runs on a computing device. The application may request an input passcode from the application server based on a lock ID. The application server retrieves an algorithm from a database using the lock ID and generates the input passcode using the algorithm with a time as the input. A lock includes a passcode interface and a locking mechanism with the passcode interface being capable of capturing the input passcode. The lock executes the algorithm locally to generate a local passcode based on current time. The lock releases the locking mechanism in response to the input passcode matching the local passcode.

Abstract: The present disclosure relates to systems and methods for facilitating trusted handling of genomic and/or other bioinformatic information. Certain embodiments may facilitate policy-based governance of access to and/or use of bioinformatic information, improved interaction with and/or use of distributed bioinformatic information, parallelization of various processes involving bioinformatic information, and/or reduced user involvement in bioinformatic workflow processes, and/or the like. Further embodiments may provide for memoization processes that may persistently store final and/or intermediate results of computations performed using genomic data for use in connection with future computations.

Abstract: Implementations of the disclosure provide for binding data to a network in the presence of an entity with revocation capabilities. A cryptographic system is provided that includes a memory to store revocation information comprising a plurality of identifiers and a processing device operatively coupled to the memory. A provisioning public key is recovered in view of a first intermediate public key associated with a client device storing encrypted data. A binding identifier is generated for the client device in view of the provisioning public key. It is determined whether access to the encrypted data associated with the binding identifier is revoked or allowed in view of the revocation information. Responsive to determining that the access is allowed, provide a second intermediate public key to derive an encryption key to access the encrypted data in view of at least the provisioning public key and the first intermediate public key.

Abstract: Provided are methods and systems related to communications between a social media service or provider (e.g., Twitter®, Facebook®) or other resource (e.g., web page) and one or more content providers. In an aspect, provided are methods comprising receiving a request for content, wherein the request comprises a user agnostic identifier, determining user information associated with the request, determining time information associated with the request, determining media content associated with the user agnostic identifier based on the time information, determining one or more access rights to the media content based on the user information, and providing access to the media content based on the one or more access rights.

Abstract: Disclosed are a method and an apparatus for implementing document sharing between user groups. The method comprises: receiving document sharing request information sent by a user in a first user group, the document sharing request information carrying an identifier of a target shared document and an identifier of a second user group; sending a shared document instruction to the second user group according to the identifier of the second user group, the shared document instruction carrying an identifier of a to-be-created shared document and an index of the to-be-created shared document and being used for instructing the second user group to create a shared document corresponding to the target shared document, the index of the to-be-created document being the same as the identifier of the target shared document, for associating the to-be-created document with the target shared document.

Abstract: Systems, methods, and computer readable medium for virtualized computing environments. A method for providing a connection between a guest virtual machine and a service virtual machine uses driver code functions to establish a listening port on the service virtual machine without providing a listening port on the guest virtual machine. The guest virtual machine initiates a remote procedure call socket between itself and the service virtual machine over a secure, hardened port. The service virtual machine presents an authority certificate by encoding into the authority certificate identifying information received from the guest virtual machine. The service virtual machine makes available (e.g., as an ISO image) the authority certificate, which is used to establish new secure connections.

Abstract: Systems and methods are provided for managed file transfer. A managed file transfer server may receive a request from a sender to send a file (bulk data) to a recipient and may determine a location server that is closest to the location of the recipient. A server-to-server transfer can be automatically initiated to move the file to the location server that is closest to the location of the recipient.

Abstract: A requirement for a pseudo-random number is identified. A usage context corresponding to the requirement is determined from among a plurality of usage contexts. A cryptographic transformation function is applied to a first pseudo-random number obtained from a pseudo-random number generator. The transformation function meets a security criterion which is based on the usage context. A result of the function is used to fulfill the requirement.

Abstract: A processor may receive an indication form a radio frequency identification (RFID) device that a mobile device is in a predetermined area. The processor may send a private key on a first frequency at a first time to the mobile device. The processor may receive a communication request from the mobile device that may contain a public decryption key. The processor may send encrypted configuration information and encrypted state information to the mobile device. In some embodiments, an RFID device, may identify that a mobile device is within a predetermined area. The RFID device may send a tag to the mobile device. The RFID may send a notification to a communicator that the tag has been sent. The RFID may acquire the encrypted configuration information and encrypted state information form the communicator. The RFID device may push the encrypted configuration information and the encrypted state information to the mobile device.

Abstract: Some embodiments provide an account-access recovery method that receives a request to recover access to an account. The method also assesses recent usage of a device that is associated with the account. The method also, based on the assessment, selects a recovery process from a group of different recovery processes for regaining access to the account. The method also provides the selected recovery process to a party that is requesting the access recovery.

Abstract: Systems and methods include: implementing a first machine learning model to generate an output of a global digital threat score for an online activity based on an input of the collected digital event data; implementing a second machine learning model that generates a category inference of a category of digital fraud or a category of digital abuse from a plurality of digital fraud or digital abuse categories; selecting a third machine learning model from an ensemble of digital fraud or digital abuse machine learning models based on the category inference generated by the second machine learning model, wherein the ensemble of digital fraud or digital abuse machine learning models comprise a plurality of disparate digital fraud or digital abuse category-specific machine learning models; and implementing the selected third machine learning model to generate a digital fraud or digital abuse category-specific threat score based on the digital event data.

Abstract: Various embodiments provide confidentiality-based file hosting by automatically directing assets in a shared workspace to appropriate storage locations. The storage location can be determined by comparing a security level that is associated with an asset to security levels of multiple possible storage locations. If a security level of the asset is changed in the shared workspace, the asset is automatically directed to an appropriate storage location based on the changed security level. This can include directing the asset to either a more secure or a less secure storage location.

Abstract: Authenticating a user is provided. A decryption key corresponding to an authentication account of the user of a client device and authentication credential data obtained from the user of the client device is received during authentication. Encrypted authentication credential data corresponding to the user is decrypted using the received decryption key corresponding to the authentication account of the user. The decrypted authentication credential data is compared with the received authentication credential data to authenticate the user of the client device.

Abstract: Techniques and logic are presented for encrypting and decrypting applications and related data within a multi-processor system to prevent tampering. The decryption and encryption may be performed either between a system bus and a processor's individual L1 cache memory or between a processor's instruction and execution unit and their respective L1 caches. The logic may include one or more linear feedback shift registers (LFSRs) that may be used for generation of unique sequential address related codes to perform the decryption of instructions and transformation logic that may be used for generation of equivalent offset address related codes to perform decryption and encryption of data. The logic may also be programmable and may be used for test purposes.

Abstract: A processor may receive an indication form a radio frequency identification (RFID) device that a mobile device is in a predetermined area. The processor may send a private key on a first frequency at a first time to the mobile device. The processor may receive a communication request from the mobile device that may contain a public decryption key. The processor may send encrypted configuration information and encrypted state information to the mobile device. In some embodiments, an RFID device, may identify that a mobile device is within a predetermined area. The RFID device may send a tag to the mobile device. The RFID may send a notification to a communicator that the tag has been sent. The RFID may acquire the encrypted configuration information and encrypted state information form the communicator. The RFID device may push the encrypted configuration information and the encrypted state information to the mobile device.

Abstract: Qualified web application security based on web application hierarchy is described. A system receives a web application login request from a web browser associated with a user device. The system identifies qualified user information associated with the user device. The system creates an executable file based on applying the qualified user information to a web application hierarchy file comprising hierarchical nodes, wherein each of the hierarchical nodes is associated with a corresponding web application function, at least one corresponding business rule, and a corresponding scope-based security configuration. The system sends the executable file to the web browser, thereby enabling the web browser to apply qualified web application security to requests from the user device for accessing the web application.

Abstract: Various features described herein may include supervision or control of a cryptographic signal necessary for encryption or decryption. Specifically, key management may be performed, wherein the key is deposited or retrieved to or from a third party. For example, data may be encrypted. The encrypted data may be unencrypted by using a key, which may be stored on a different device (e.g., a server). The different device may perform authenticating a device requesting access to the key, determining a recovery key for the encrypted data, and providing the recovery key for the encrypted data. The recovery key may then be used to recover access to the encrypted data. Thus, the key may be deposited for escrow by the different device until such time that the key is necessary for recovery of the encrypted data, at which time the key may be retrieved for decryption of the encrypted data.

Abstract: Techniques for provisioning a smart navigation service are presented. The provisioning can be performed by a name owner, by the smart navigation service itself, or by a third-party keyword service. The provisioned information can include an entity name, a keyword, and possibly other data correlated to at least one network locator. The navigation service electronically stores in navigation service persistent memory a rule correlating the entity name, the keyword, and, if used, the other data, to the at least one network locator, such that when the navigation service receives, from a client computer communicatively coupled to the navigation service, command data that includes the entity name, the keyword, and possibly other data, the navigation service responds to the client computer with the at least one network locator.

Abstract: An exemplary mobile computing device, including a memory device for storing a control policy defining a functional configuration of the mobile computing device; and a processor configured to place the mobile computing device in one of one of plural states based on a validation result of the control policy.