Abstract: Secure network communications are described. In one aspect, a secure network can include a passbuilder that provides policy information related to performance characteristics of the secure network. A sender can receive the policy information and transmit packets to a receiver if the policy information is complied with by the potential packet transmission.

Abstract: A user can share (show) multimedia information while simultaneously communicating (telling) with one or more other users over a network. Multimedia information is received from at least one source. The multimedia information may be manually and/or automatically annotated and shared with other users. The multimedia information may be displayed in an integrated live view simultaneously with other modes of communication, such as video, voice, or text. A simultaneous sharing communication interface provides an immersive experience that lets a user communicate via text, voice, video, sounds, music, or the like, with one or more other users while also simultaneously sharing media such as photos, videos, movies, images, graphics, illustrations, animations, presentations, narratives, music, sounds, applications, files, and the like. The simultaneous sharing interface enables a user to experience a higher level of intimacy in their communication with others over a network.

Abstract: A user may view a device with augmented reality glasses which may have a camera that views and collects data on the screen of the user device. When the user desires to access an account for which multifactor authentication is required, a one-time password may be sent to the user. The glasses may recognize the one-time password and determine if the one-time password originated from the user device. If the glasses verify that the one-time password originated from the user based on context of the user device display or the geographic locations of the devices, then the glasses will send the password to the service associated with the one-time password. The glasses may send the password back to the user device, send it to an intermediate server, or send it directly to the server associated with the service that provided the one-time password.

Abstract: A transcoding service is described that is capable of transcoding or otherwise processing content, such as video, audio or multimedia content, by utilizing one or more pipelines. A pipeline can enable a user to submit transcoding jobs (or other processing jobs) into an available pipeline, where a transcoding service (or other such service) assigns one or more computing resources to process the jobs received to each pipeline. The transcoding service and the pipelines can be provided by at least one service provider (e.g., a cloud computing provider) or other such entity to a plurality of customers. A service provider can also provide the computing resources (e.g., servers, virtual machines, etc.) used to process the transcoding jobs from the pipelines.

Abstract: Disclosed herein are system, method, and computer program product embodiments for storing files in a storage location that is associated with an image object that is displayed in a real-time view on a mobile device. Examples of an image object include physical objects and augmented objects. Display of the real-time view includes the image object as well as interfaces for interacting with the image object including creating a storage location associated with the image object. Moreover, security features may be based on using information associated with the image object to securely store the file, either locally on the mobile device or over a network (e.g., at a cloud-based location) using the mobile device.

Abstract: Embodiments of the invention include techniques for implementing a network security framework for wireless aircraft communication, where the techniques include receiving a key index sequence over a first communication link, and transmitting a subset of the key index to one or more nodes. The techniques also include generating a random encryption key based at least in part on the subset of the key index sequence, encrypting data using the random encryption key, and transmitting the encrypted data over a second communication link.

Abstract: Disclosed are examples for providing functions to receive a media file to be stored in a media repository. In the examples, a location in the media repository may be assigned to the media file. A media file address in a blockchain platform may be assigned to the media file. Metadata including the assigned location in the media repository and the assigned media file address in the blockchain platform may be added to the media file. A media file hash value may be generated by applying a hash function to the media file including the metadata. The media file hash value may be included in a message and uploaded to the assigned media file address in the blockchain platform as a transaction in the blockchain. An indication that the media file is uploaded to the media repository may be delivered to a subscriber device from which the media file was received.

Abstract: Examples discussed herein disclose, among other things, an encrypting device. The encrypting device may include a key engine to obtain a first key associated with a first access level, and a second key associated with a second access level. The encrypting device may also include a multi-key encryption engine to encrypt a first portion of the plaintext with the first key, and encrypt a second portion of the plaintext with the second key, where the first portion may include more detailed information than the second portion, and where the first access level may be higher than the second access level.

Abstract: Disclosed are various embodiments for malware detection by way of proxy servers. In one embodiment, a proxied request for a network resource from a network site is received from a client device by a proxy server application. The proxied request is analyzed to determine whether the proxied request includes protected information transmitted in an unsecured manner. It is then determined whether the network resource comprises malware based at least in part on an execution of the network resource or whether the proxied request includes the protected information transmitted in the unsecured manner. The proxy server application refrains from sending data generated by the network resource to the client device in response to the proxied request when the network resource is determined to comprise the malware.

Abstract: A system may include a transaction history controller to store, in a distributed blockchain database, a first chain including a primary head node for a first subscriber to a social media history map service and multiple blocks each representing an online transaction for the first subscriber, and a second chain including a follower head node, linked to the primary head node, for a second subscriber and multiple blocks each representing an online transaction for the second subscriber. The transaction history controller may receive data representing a first online transaction for the second subscriber, format the data for the distributed blockchain database, store the formatted data as a new block in the second chain, receive a request to generate a trend report for a cluster of subscribers that includes the first and second subscribers, and generate the trend report dependent on the blocks in the first and second chains.

Abstract: The present disclosure relates to techniques for authentication of a user on a restricted website, or on an enterprise network with single sign-on, or on various other service systems with security restrictions using push notifications. One technique includes receiving an authorization request for a first application to access a resource, sending a first push notification to a second application, the first push notification requesting authentication of a user of the first application, receiving information indicating a response to the first push notification, sending a second push notification to the first application, the second push notification includes a status of the authorization request based on the response to the first push notification, receiving information indicating an outcome of the authentication request based on the response to the first push notification, and providing the first application access to the resource.

Abstract: Systems and methods for detecting anomalous data traffic over proxy servers in a data communications network. The method includes receiving, by a server computing device, network log data corresponding to data traffic during a timeframe. The method further includes normalizing the network log data using at least one of timestamp data of the network log data or IP address data of the network log data. The method also includes extracting risk-based data features from the network log data. The method further includes calculating using an isolation forest algorithm, anomaly scores for the normalized network log data based on the extracted risk-based features. The method also includes determining at least one anomaly event based on the calculated anomaly scores. The method further includes identifying at least one host device and at least one timestamp corresponding to the at least one anomaly event.

Abstract: A computer-implemented method for information protection comprises: determining one or more data inputs and one or more data outputs for a transaction, wherein the data inputs are associated with input data types respectively, and the data outputs are associated with output data types respectively; encrypting the input data types and the output data types; committing each of the encrypted input data types and the encrypted output data types with a commitment scheme to obtain corresponding commitment values; obtaining at least a parameter R based at least on the commitment values; and submitting the transaction to one or more nodes in a blockchain network with disclosure of the parameter R and without disclosure of the input data types and output data types for the nodes to verify consistency between the input data types and the output data types.

Abstract: A database access control system is augmented to enable an external security device to fully assess a database query against a security policy even when the device does not obtain (or otherwise misses) session information that is needed to facilitate that check. Upon receipt from a local agent of a database protocol packet to be examined, the device determines whether any session information needed for the evaluation is unavailable or is otherwise missing. If so, the device extracts metadata from the database protocol packet and generates a separate request back to the agent based on the extracted metadata. The agent then uses information in the separate request to obtain the unavailable or missing session information and, upon its receipt, forwards that information to the device. Upon receiving the additional session information that it needs, the device performs its usual security policy validation on the original database query (as augmented with the additional information returned by the agent).

Abstract: Anti-Phishing protection assists in protecting against phishing attacks. Any links that are contained within a message that has been identified as a phishing message are disabled. A warning message is shown when the phishing message is accessed. The first time a disabled link within the phishing message is selected a dismissible dialog box is displayed containing information about how to enable links in the message. After the user dismisses the dialog, clicking on a disabled link causes the warning message to flash drawing the user's attention to the potential severity of the problem. The links may be enabled by the user by selecting the warning message and choosing the appropriate option. Once the user enables the links, future displays of the message show the links as enabled.

Abstract: A computer implemented system and method for providing general data protection regulation (GDPR) compliant hashing in blockchain ledgers. The invention guarantees a user's right to be forgotten, in compliance with the GDPR regulations, utilizing blockchain technologies.

Abstract: Access level and security group information can be updated for a data instance without having to take down or recycle the instance. A data instance created in a data environment will have at least one default security group. Permissions can be applied to the default security group to limit access via the data environment. A control security group can be created in a control environment and associated with the default security group. Permissions can be applied and updated with respect to the control security group without modifying the default security group, such that the data instance does not need to be recycled or otherwise made unavailable. Requests to perform actions with respect to the control security groups are made via the control environment, while allowing native access to the data via the data environment.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for secure multi-party computation. One of the methods includes identifying a trusted input data item that is homomorphically encrypted; generating a message authentication code (MAC) key share; generating a MAC share associated with the trusted input data item, wherein the MAC share is a random number; generating a ciphertext based on the trusted input data item, the MAC key share, and the MAC share; sending the ciphertext to the second computing device, wherein the second computing device uses the ciphertext as a component of a MAC share associated with the secret input data item; and after the multi-party computation is completed by the plurality of computing devices, verifying a result of the multi-party computation based at least in part on the MAC share associated with the secret input data item.

Abstract: A computer-implemented method includes: receiving, by a platform including one or more computing devices, a blockchain authorization information generation request from a client, in which the blockchain authorization information generation request includes a target blockchain identifier and user information; determining, based on the target blockchain identifier, a target blockchain; determining a blockchain parameter of the target blockchain, in which the blockchain parameter indicates one or more requirements for authorization information used to join the target blockchain; generating blockchain authorization information based on the blockchain parameter and the user information, in which the blockchain authorization information conforms to the one or more requirements; and sending the blockchain authorization information to the client.

Abstract: A method is disclosed. The method includes transmitting by a computing device, an account creation request to a remote server computer. The method further includes automatically provisioning the computing device with an access token in response to receiving a request to create the account.