Abstract: In an embodiment, a system includes a processor with at least one core to execute an application to provide intrusion detection and protection, a radar sensor to detect presence of one or more persons within a detection zone about the system and to output a detection notification responsive to the presence detection, and a peripheral controller coupled to the radar sensor to receive the detection notification and to provide the detection notification to the application, where the application is to cause a protection measure to be performed responsive to the detection notification. Other embodiments are described and claimed.

Abstract: Techniques are described that can be used to enable a transfer of an operating system from one machine to another. The transfer permits the operating system to be available to the target machine at buffers that are accessible to one or more application or other logic. In some implementations, information related to an operating system migration is stored in a buffer that is accessible to an application that is to use the information and thereby avoids a copy of such information from an intermediate buffer to an application buffer.

Abstract: A proxy server receives from a client device a request to perform an action on an identified resource that is hosted at an origin server for a domain. The proxy server receives the request as a result of a DNS request for the domain resolving to the proxy server. The origin server is one of multiple origin servers that belong to different domains that resolve to the proxy server and are owned by different entities. The proxy server and the origin servers are owned by different entities. The proxy server analyzes the request to determine whether a visitor belonging to that request poses a threat. If the proxy server determines that the visitor poses a threat, the proxy server blocks the request and transmits a block page to the client device that indicates that the request has been blocked.

Abstract: In an embodiment, a system includes a processor with at least one core to execute an application to provide intrusion detection and protection, a radar sensor to detect presence of one or more persons within a detection zone about the system and to output a detection notification responsive to the presence detection, and a peripheral controller coupled to the radar sensor to receive the detection notification and to provide the detection notification to the application, where the application is to cause a protection measure to be performed responsive to the detection notification. Other embodiments are described and claimed.

Abstract: Verifying the integrity of a received binary object by calculating a first displayable authenticator derived from an input binary object. The first authenticator is then attached to the input binary object, producing a first composite binary object, which is sent to a remote receiver. A second composite binary object is received back from the remote receiver, wherein the second composite binary object includes a received binary object, a received first displayable authenticator, and a second displayable authenticator. A third displayable authenticator is calculated, derived from the second composite binary object, then a display of the first displayable authenticator is compared to a display of the third displayable authenticator, and verification of the integrity of the received binary object is indicated by an exact match between displays of the first and third displayable authenticators.

Abstract: Input received into a first component of a user interface is mirrored in another component of the user interface. The first component of the user interface is monitored and changes to the first component are caused to occur in the second component. The first component may be configured to receive user input for an authentication claim.

Abstract: A method for processing content stored on a component is disclosed. A first partition of a first memory is encrypted with a first encryption key and a second partition of the first memory is encrypted with a second encryption key. The second encryption key is different from the first encryption key. The first encryption key is stored in a storage register of the component and the second encryption key is stored in a first location of a non-volatile memory. A memory address of the first location is stored in the first partition of the first memory.

Abstract: A method and system for identifying a source of a copied work that in one embodiment includes obtaining at least some portions of a reference work, collecting at least some portions of the suspect work, matching the suspect work with the reference work, wherein the matching includes temporally aligning one or more frames of the reference work and the suspect work, spatially aligning frames of the reference work and the suspect work, and detecting forensic marks in the suspect work by spatiotemporal matching with the reference work.

Abstract: Various methods and systems for authenticating and identifying stylus devices are described herein. In one example, a method includes receiving a value generated by the stylus device during an initialization stage. The method includes receiving a code generated from the stylus device during an authentication stage. The method also includes cryptographically authenticating an author of digital ink corresponding to the stylus device on a computer device based in part on the value and the received code.

Abstract: A computer system implements a peer-to-peer network that permits peer-to-peer data transfers with privacy with respect to the identities of requestor peers, provider peers and the requested data. The peer-to-peer network encrypts each communication among peers, and each message, whether a request or response, is transmitted through at least one intermediate peer. Each message received by any peer in the system appears the same to each peer in the sense that the message does not reveal how many intermediate peers have processed or will process the message. Further, a source of content is not revealed as a source; and a requestor of content is not revealed as a requestor.

Abstract: A computer-implemented method of obfuscating communication traffic patterns occurring over a cloud-based communication infrastructure includes detecting first data communication sessions between a first communications device a second communications device via a first computer server using a network protocol. An information content threshold value associated with the first data communication sessions is accessed. A traffic pattern based on the first data communication sessions is also accessed, whereby the traffic pattern determines communication occurrences between the first and the second communication devices over a predefined time period. An information content value associated with the accessed traffic pattern is determined.

Abstract: A method for removing credentials from a smart grid device includes: receiving, by a receiving device, a removal request, wherein the removal request includes a device identifier associated with a smart grid device and is signed by an entity associated with a set of security credentials stored in a memory of the smart grid device, the set of security credentials restricting access to one or more components or operations of the smart grid device; extracting, by a processing device, the device identifier included in the received removal request; generating, by the processing device, a permit configured to remove the set of credentials from the smart grid device, wherein the generated permit includes the extracted device identifier; and transmitting, by a transmitting device, the generated permit to the smart grid device for removal of the set of credentials from the memory of the smart grid device.

Abstract: A processing device comprises a processor coupled to a memory and is configured to predict or otherwise determine that a user will utilize a target application on a user device in involvement with a particular set of smart objects, to request cryptographic material for activating the smart objects of the set, to receive the cryptographic material responsive to the request, and to utilize the cryptographic material to activate the smart objects. Each of the activated smart objects provides a verifier with a proof of involvement with the user device. The verifier controls user access to the target application based at least in part on the proofs provided by the activated smart objects. The determining, requesting, receiving and utilizing operations in some embodiments are performed by a learning agent running on the processing device. The learning agent illustratively includes functionality for learning target application access behavior of the user over time.

Abstract: The claimed subject matter includes techniques for storing, retrieving and sharing files. An example system includes a key generator module to generate a secret key. The example system also includes a symmetric encryption module to encrypt raw data by symmetric encryption using the secret key. The example system further includes an asymmetric encryption module to encrypt the secret key and symmetric encryption information by asymmetric encryption using a public key to produce a key block. The examples system also further includes a schema module to generate a ciphertext file with predefined schema including asymmetric encryption information, the key-block, and the encrypted raw data. The example system also includes a storage module to send the ciphertext file including the encrypted raw data to a server for storage.

Abstract: Described herein are systems and methods for connecting devices to secured networks, such as secured wireless networks, by storing credentials for the network and passing the credentials to a new device, such as, for example, when the new device is attempting to connect to the secured network for the first time.

Abstract: A memory stores therein a first vector. A processor generates a first encrypted polynomial by encrypting a first polynomial that corresponds to a first binary vector obtained by performing a binary transformation on elements of the first vector. A transmitter transmits to a cryptographic operation device cryptographic information that represents the first encrypted polynomial. The cryptographic operation device multiplies the first encrypted polynomial by a second encrypted polynomial that is generated by encrypting a second polynomial that corresponds to a second binary vector obtained by performing a binary transformation on elements of a second vector, so as to generate a third encrypted polynomial. When assigning 2 to a variable in a prescribed portion of a third polynomial obtained by decrypting the third encrypted polynomial, a result of an operation of the first vector and the second vector is obtained.

Abstract: A method and system for deterring attacks at potential breach points between servers and an account and login server for creating and subsequent verification of accounts. Various cryptographic primitives are used to manipulate passwords to generate verifiers. The verifiers are used with external hardware security modules (HSMs) to eliminate HSMs and intermediate steps between the HSM and login servers as potential breach points.

Abstract: Systems and methods that can facilitate the utilization of a memory as a slave to a host are presented. The host and memory can provide authentication information to each other and respective rights can be granted based in part on the respective authentication information. The host can determine the available functionality of the memory. The host can activate the desired functionality in the memory and can request memory to perform the desired function(s) with regard to data stored in the memory. An optimized controller component in the memory can facilitate performing the desired function(s) associated with the data to generate a result. The result can be provided to the host, while the data and associated information utilized to generate the result can remain in the memory and are cannot be accessed by the host.

Abstract: A processing device executing a rules engine receives a notification of a first event on a first network-connected device. The processing device identifies a first rule associated with a first user account, wherein the first user account is further associated with the first network-connected device, and wherein the first event on the first network-connected device is an input for the first rule. The processing device determines that the first event satisfies a first criterion of the first rule and generates a first command for a second network-connected device also associated with the first user account. The processing device then transmits the first command to the second network-connected device on behalf of the first user account, wherein the first command causes the second network-connected device to perform an action.

Abstract: A computing device processor may be configured with processor-executable instructions to implement methods of using behavioral analysis and machine learning techniques to identify, prevent, correct, and/or otherwise respond to malicious or performance-degrading behaviors of the computing device. As part of these operations, the processor may perform multifactor authentication operations that include determining one or more of a transaction type criticality value, a user confidence value, a software integrity confidence value, and a historical behavior value, using the one or more of these values to determine a number of authentication factors that are be evaluated when authenticating a user of the computing device, and authenticating the user by evaluating the determined number of authentication factors.