Abstract: Systems and methods for secure messaging and automation are disclosed herein. An example method includes providing, by an application server layer, a user-facing application that accesses a data retention system and a predictive analytics system through a web services layer, the user-facing application being secured through use of a security token cached on a web browser that provides the user-facing application, establishing a security protocol or security token utilized between the application server layer and the web services layer that is different from the security token cached on the web browser; and performing asynchronous processing based on user interaction with a goal-based planning application that processes data from a plurality of user accounts.

Abstract: A method including determining, by a manager device configured to manage network services provided by an infrastructure device, a manager request including a signature header signed by utilizing a manager private key associated with the manager device and a timestamp header identifying a point in time when the signature header was signed; transmitting, by the manager device to the infrastructure device, the manager request to request performance of an action associated with managing the network services; and receiving, by the manager device from the infrastructure device based at least in part on transmitting the manager request, an authorization message indicating successful authorization of the manager request, the successful authorization being based at least in part on a verification that a time difference between the point in time when the signature header was signed and a current time satisfies a predetermined duration of time is disclosed. Various other aspects are contemplated.

Abstract: Systems and methods are disclosed with respect to using a blockchain for managing the subrogation claim process related to a vehicle collision, in particular, utilizing evidence oracles as part of the subrogation process. An exemplary embodiment includes receiving recorded data from one or more connected devices at a geographic location; analyzing the recorded data, wherein analyzing the recorded data includes determining that an collision has occurred involving one or more vehicles; generating a transaction including the data indicative of the collision based upon the analysis; and transmitting the transaction to at least one other participant in the distributed ledger network.

Abstract: A system and method for signing and authenticating electronic documents using public key cryptography applied by one or more server computer clusters operated in a trustworthy manner, which may act in cooperation with trusted components controlled and operated by the signer. The system employs a presentation authority for presenting an unsigned copy of an electronic document to a signing party and a signature authority for controlling a process for affixing an electronic signature to the unsigned document to create a signed electronic document. The system provides an applet for a signing party's computer that communicates with the signature authority.

Abstract: A hardware unit relies on non-flashable circuitry for improving security on a public or private network. The hardware unit can be added to a network without substantial modifications to the other devices already connected to the network. The hardware unit detects and blocks or drops data packets or frames that contain an instruction of a known file-sharing protocol other than a reading instruction that are not digitally signed by a recognized source. Thus, a cyber attack may be prevented instantaneously by what it attempts to do, typically the creation, insertion, deletion, update, renaming, or writing of files to compromise code or data.

Abstract: A computer-implemented method for adapting an application programming interface (API), according to some embodiments, includes: determining that a data field of API response data satisfies a condition for applying a data security operation to data stored in the data field; and modifying the API response data by performing the data security operation on the data stored in the data field. A computer-implemented method for adapting an application programming interface (API), according to some embodiments, includes: determining that a data field of an API call satisfies a condition for applying a data security operation to data stored in the data field; and performing the data security operation on the data stored in the data field of the API call.

Abstract: Techniques for polluting phishing campaign responses with content that includes fake sensitive information of a type that is being sought in phishing messages. Embodiments disclosed herein identify phishing messages that are designed to fraudulently obtain sensitive information. Rather than simply quarantining these phishing messages from users' accounts to prevent users from providing “real” sensitive information, embodiments disclosed herein analyze these phishing messages to determine what type(s) of information is being sought and then respond to these phishing messages with “fake” sensitive information of these type(s). For example, if a phishing message is seeking sensitive credit card and/or banking account information, some fake information of this type(s) may be generated and sent in response to the phishing message. In various implementations, a natural language processing (NLP) model may be used to analyze the phishing message and/or generate a response thereto.

Abstract: The system may include a method comprising requesting, by a computer, a receiver identifier associated with a receiver; receiving, by the computer, the receiver identifier in association with content; constructing, by the computer, a URL link comprising access to DICOM viewer code, DICOM data for the selected images, a sender identifier and the receiver identifier; generating, by the computer, a notification to the receiver, wherein the notification includes the URL link; and transmitting, by the computer, the notification to a receiver based on the receiver identifier.

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to verify application permission safety.

Abstract: Embodiments securely control an electronic asset. In some embodiments, a computer-implemented method of securely controlling an electronic asset includes identifying an asset NFT pertaining to the electronic asset. An ownership status of the electronic asset is computationally evaluated according to a proof of ownership provided by an owner node paired with the electronic asset. Responsive to evaluating the ownership status of the electronic asset, the asset NFT is bound with a representation of an identity of the owner node or of an authorized user node paired with the electronic asset. The bound representation of the identity and the asset NFT are registered on a blockchain associated with the electronic asset. A task is computationally performed involving the electronic asset, and the bound representation of the identity, and the electronic asset is securely controlled, in response to receiving a task request from the owner node or the authorized user node.

Abstract: A method including receiving, by a user device, first validation data based at least in part on transmitting a first service request to receive a first network service; receiving, by the user device, the first network service by providing signed first validation data based at least in part on authenticating first biometric information; transmitting, by the user device while receiving the first service, a second service request to receive a second network service; receiving, by the user device, second validation data based at least in part on transmitting the second service request; and receiving, by the user device, the second network service by providing signed second validation data based at least in part on authenticating second biometric information is disclosed. Various other aspects are contemplated.

Abstract: Embodiments are directed to immutable watermarking for authenticating and verifying artificial intelligence (AI)-generated output. An embodiment of a system includes a processor of a monitoring system, wherein the processor is to: receive first content from an edge device and second content from an adversary system, wherein the first content comprises output of a machine learning (ML) model as applied to captured content at the edge device; receive a digital signature corresponding to the first content; process the digital signature to extract a global unique identifier (GUID) of the ML model that generated the first content; verify the extracted GUID against data obtained from a shared registry; in response to successfully verifying the extracted GUID, provide the first content for consumption at a monitoring consumption application; and in response to determining that the second content is not associated with a verifiable GUID, refuse the second content at the monitoring consumption application.

Abstract: Systems and methods of the present disclosure establish a connection with a distributed data network configured to maintain token-holding data structures storing digital tokens for users utilizing client devices. One or more first digital tokens may be accessed, where the first digital tokens are maintained by a first token-holding data structure associated with a first user. The first user may utilize a first client device to access the distributed data network. The first digital tokens may be parsed to identify attributes of the first digital tokens and access to one or more computing resources is assigned to the first client device based on the one or more attributes.

Abstract: An example method of performing interactive videogame verification using cryptographically protected transaction records includes: receiving, by a videogame server, from a first videogame client device, a first transaction record reflecting a first set of events associated with an interactive videogame session, wherein the first transaction record is cryptographically signed by a first private cryptographic key associated with the first videogame client device; receiving, from a second videogame client device, a second transaction record reflecting a second set of events associated with the interactive videogame session, wherein the second transaction record is cryptographically signed by a second private cryptographic key associated with the second videogame client device; and validating the first transaction record based on the second transaction record.

Abstract: Techniques for facilitating a digital signature occurrence associated with an object transmitted via a communication channel associated with a group-based communication platform. The object may be created by a user within either the group-based communication platform or a third-party application and transmitted to one or more other users associated with the communication channel via the group-based communication platform. The group-based communication platform may be configured to authenticate a digital signature and, based on a verification of the authenticity, associate the digital signature with the object. The group-based communication platform may cause the digital signature to be presented via an interface associated with the communication channel, such as proximate to or viewable in association with the object.

Abstract: A system for enhanced internet of things digital certificate security is provided. The system includes a computer device. The computer device is programmed to store, in a database, a plurality of statuses associated with a plurality of digital certificates. The computer device is also programmed to receive, from a first computer device, a status update for the first digital certificate. The computer device is further programmed to update the first status based on the status update. Subsequently to updating the first status, the computer device is programmed to receive a request for a connection from the first device. Subsequently to updating the first status, the computer device is also programmed to deny the request for a connection based on the first status.

Abstract: A method includes selecting, by at least one hardware processor of a first database deployment, data for transmission to a second database deployment. The data includes a plurality of files forming a data stream. At least a first file of the plurality of files is encoded using a first encryption key which is stored in at least a second file of the plurality of files. The at least a first file is further encoded to include a second encryption key associated with at least a third file of the plurality of files. A set of nodes is identified in a virtual private network connected to the first and second database deployments. The data stream is transmitted from the first database deployment to the second database deployment via the set of nodes of the virtual private network that is connected to the first database deployment and the second database deployment.

Abstract: An apparatus verifies hosted information associated with a user. The apparatus establishes, by the online host serving as a relying party system (RPS), a secure connection between the RPS and a user mobile-identification-credential device (UMD). The RPS sends a mobile identification credential (MIC) user information request to the UMD, via the secure connection, seeking release of MIC user information (official information). The RPS obtains from authorizing party system (APS) verification of the MIC user information received in response to the MIC user information request. The RPS stores the MIC user information as hosted information pertaining to the user. The RPS designates the hosted information as base truth information representing the user.

Abstract: A cloud based implemented method (and apparatus) includes receiving input data including bipartite graph data in a format of source MAC (Media Access Control) address data versus destination IP (Internet Protocol) data and timestamp information, and providing the input bipartite graph data into a first processing to detect malicious beaconing activities using a lockstep detection module on the input bipartite graph data, as executed in a cloud environment, to detect possible synchronized attacks against a targeted infrastructure.

Abstract: Techniques are described for transaction-based read and write operations in a distributed system. In an embodiment, an authorization protocol overlaid onto a transaction to control access to each of the data pools. Using the techniques described herein, the DTRS provides authorization mechanism to ensure that the entity, which hosts the data pool, may only access the data set from an originating entity based at least upon the access rules of the originating entity set for the data set. Additionally, the DTRS's read/write transactions keep the data pools of the DTRS in synch with each other, so each data pool stores the same data sets as another data pool of the DTRS. When a data integrity service of an entity generates a new data entry from a user transaction with a client application, a new write request is generated for the DTRS to which the data integrity service belongs.