Abstract: According to certain embodiments, a vehicle electronic device comprises a transceiver configured to communicate with a mobile device; and at least one processor configured to generate first authentication information, control the transceiver to transmit the first authentication information to a registered mobile device, control the transceiver to send a request for authentication to the mobile device via a first communication connection, and perform authentication based on whether or not the processor receives second authentication information from the mobile device that corresponds to the first authentication information, wherein the first communication connection directly communicates with the mobile device.

Abstract: Techniques for detecting instances of external fraud by monitoring digital activities that are performed with accounts associated with an enterprise are disclosed. In one example, a threat detection platform determines the likelihood that an incoming email is indicative of external fraud based on the context and content of the incoming email. To understand the risk posed by an incoming email, the threat detection platform may seek to determine not only whether the sender normally communicates with the recipient, but also whether the topic is one normally discussed by the sender and recipient. In this way, the threat detection platform can establish whether the incoming email deviates from past emails exchanged between the sender and recipient.

Abstract: The present disclosure discloses an electronic distribution method and apparatus. The method includes: acquiring user information and first terminal information of a distribution terminal which are transmitted by a server; generating a first key and transmitting the first key to the server; acquiring second terminal information which is encrypted by the distribution terminal using the first key received from the server and is transmitted by the distribution terminal; decrypting the second terminal information encrypted by using the first key to obtain the second terminal information; matching the second terminal information with the first terminal information; and displaying the user information if the second terminal information matches the first terminal information.

Abstract: Methods and systems for identifying a network vulnerability. The system may gather data regarding a new or previously unknown network device, and compare the gathered data to one or more known devices that are scanned by a vulnerability assessment device. The vulnerability assessment device may then scan the previously unknown device upon a processor determining the previously unknown device shares at least one feature with a known device that is scanned.

Abstract: A method for enabling secure communication. The method includes providing a first virtual network function (“VNF”) at a first network location and providing a second VNF at a second network location. A first Layer 3 virtual private network (“L3 VPN”) tunnel is constructed by the first VNF and the second VNF between the first network location and the second network location, and a first local area network (“LAN”) at the first network location and a second LAN at the second network location are connected by the first L3 VPN tunnel. Further provided is a method for establishing a secure communication environment.

Abstract: A method and system for a deployment of deceptive decoy elements in a computerized environment to identify data leakage processes invoked by suspicious entities are presented. The method includes generating at least one deceptive decoy element; and deploying the generated at least one deceptive decoy element in a folder in a file system of the computerized environment, wherein the deployment is based on a sensitivity level of the folder, wherein the at least one deceptive decoy element is configured to provide an indication of unauthorized access upon an attempt by an unauthorized entity to access the folder.

Abstract: There is provided a solution for managing security contexts at idle mode mobility of a wireless communication device between different wireless communication systems including a first wireless communication system and a second wireless communication system. The first wireless communication system is a 5G/NGS system and the second wireless communication system is a 4G/EPS system. The solution is based on obtaining (S1) a 5G/NGS security context, and mapping (S2) the 5G/NGS security context to a 4G/EPS security context.

Abstract: A communication session may be broken up into many smaller packet bundles over many tunnels and over different routes in order to obfuscate the entire data stream. Apparatuses may dynamically build hop-by-hop tunnels in a backbone telecommunications network, segment data into packet bundles at the customer edge, or break up data traffic of a communication session along multiple routing or switching paths in order to obfuscate the data traffic of the communication session.

Abstract: The present disclosure relates to a problem management method for a user system. A method may include detecting an error in the user system. A signed package may be provided in accordance with the detected error, wherein the package comprises at least a script. The user system may verify the authenticity of the package using a signature of the package, and may execute the script if the package is authentic.

Abstract: Methods and systems for secure authentication in an extended reality (XR) environment are described herein. An XR environment may be output by a computing device and for display on a device configured to be worn by a user. A first plurality of images may be determined via the XR environment. The first plurality of images may be determined based on a user looking at a plurality of objects, real or virtual, in the XR environment. The first plurality of images may be sent to a server, and the server may return a second plurality of images. A public key and private key may be determined based on different portions of each of the second plurality of images. The public key may be sent to the server to register and/or authenticate subsequent communications between the computing device and the server.

Abstract: A system and method of implementing an API of an authentication service includes implementing a confirmation API, wherein the implementing includes: initiating a confirmation API request based on receiving an access request, wherein the confirmation API request operates to perform an authentication of a requestor making the access request; identifying the requestor based on a search of the requestor via the confirmation API; identifying, by one or more API endpoints of the remote authentication service: (i) a subscriber account of the subscriber maintained by the remote authentication service and (ii) identifying a user device of the requestor that is enrolled with the subscriber account based on the confirmation API request; transmitting a confirmation request to the user device; obtaining from the user device a response to the confirmation request and presenting the response to the confirmation request to the subscriber; and granting or denying the access request.

Abstract: A memory controller and a storage device including the same are disclosed. A memory controller for controlling a nonvolatile memory includes: a security access control module configured to convert biometric authentication data received from a biometric module into security configuration data having a data format according to a security standard protocol and perform, based on the security configuration data, at least one of authority registration and authority authentication of a user authority set for an access control of a secure area of the nonvolatile memory, encrypted user data being stored in the secure area; and a data processing unit configured to, based on an access to the secure area being permitted, encrypt user data received from a host device or decrypt the encrypted user data read from the secure area.

Abstract: Multiple, separately administrated computer systems storing slices of the cipher text of a Personally Identifiable Information (PII) data item that is represented by a token. The token is used as a substitute of the data item. The data item is encrypted using a public key. To recover the data item, a complete set of the slices is retrieved from the separate computer systems and decrypted using the private key corresponding to the public key. Instances and circumstances of the usages of the data item can be recorded under the token in a blockchain ledger in connection with the retrieval and/or decryption of the cipher text. A data item owner may use the data item and the public key to recreate the cipher text, retrieve the token stored with the cipher text in the separate computer systems, and then query the ledger for a usage history of the data item.

Abstract: A method, a device, and a non-transitory storage medium are described in which an blockchain-based network information management service is provided. The service provides blockchain mechanisms that allows for the management and disbursement of network information among network devices of a RAN, a core network, and an application layer network. The service may define a structure for the network information that may be used by RAN devices, core devices, and application layer devices of different vendors and third parties.

Abstract: A one-time password (OTP) is transmitted to an authorized wireless device for use an authentication factor, even though the OTP may be intercepted or otherwise viewed with an unauthorized device. When a secure request is initiated that requires entry of an OTP as an authentication factor, a hyperlink is transmitted to a wireless device from which the secure request is initiated. When the hyperlink is selected, a connection is established with an entity that determines mobile number information associated with the SSL connection. Comparison of the determined mobile number information and the mobile number of the wireless device to which the hyperlink was intended to be sent indicates whether the wireless device that has established the SSL connection is the authorized wireless device. The OTP is displayed on the wireless device after that device has been verified as the authorized wireless device.

Abstract: A user may view a device with augmented reality glasses which may have a camera that views and collects data on the screen of the user device. When the user desires to access an account for which multifactor authentication is required, a one-time password may be sent to the user. The glasses may recognize the one-time password and determine if the one-time password originated from the user device. If the glasses verify that the one-time password originated from the user based on context of the user device display or the geographic locations of the devices, then the glasses will send the password to the service associated with the one-time password. The glasses may send the password back to the user device, send it to an intermediate server, or send it directly to the server associated with the service that provided the one-time password.

Abstract: Methods and systems are described for compressing a tree structure associating network packet signatures with network packet metadata, the tree structure comprising a plurality of non-leaf nodes of single bit test nodes and a plurality of leaf nodes comprising network packet metadata, the method comprising determining whether the sub-portion of the tree structure is to be compressed. If determination is made that the sub-portion of the tree structure is to be compressed, generating a compressed node data structure, the compressed node data structure comprising a path of the sub-portion of the tree structure, the path comprising a sequence of bits formed by a concatenation of the single bits associated with each one of the consecutive non-leaf nodes of the sub-portion of the tree structure, the number of bits of the sequence being equal or greater than the compression threshold.

Abstract: Implementations efficiently verify an identity claim for an entity. An example method includes receiving a query key and a property identifying an entity and identifying a possible match for the property from graph access records, the possible match being a node in an identity chain. The method also includes verifying a complete chain from the possible match to a genesis node in the chain. The query key is used to find a next node in the chain. Failure to identify the genesis node results in an unsuccessful verification. The method also includes generating a response that indicates a successful verification request responsive to locating the genesis node and generating a response that indicates an unsuccessful verification request otherwise.

Abstract: A data protection method is provided. The data protection method includes the following. A first image is obtained; at least one first object image in the first image is identified; the at least one first object image is analyzed to capture multiple first characteristic values of multiple characteristic points of the at least one first object image; and an encryption key is generated according to the first characteristic values.

Abstract: A vehicle includes: at least one memory configured to store at least one default Instruction Structure Key (ISK), a generated ISK, and a pin code of the vehicle; and at least one processor. The at least one default ISK may include a first default ISK and a second default ISK. The processor may generate a random number using the first default ISK, receive the second default ISK encrypted with the generated ISK generated based on the pin code, and determine the generated ISK as an encryption key for encryption communication of the vehicle when the generated random number and the random number corresponding to the second default ISK are the same.