Abstract: Embodiments of the present disclosure are directed to techniques for constructing and configuring a data privacy pipeline to generate collaborative data in a data trustee environment. An interface of the trustee environment can serve as a sandbox for parties to generate, contribute to, or otherwise configure a data privacy pipeline by selecting, composing, and arranging any number of input datasets, computational steps, and contract outputs. (e.g., output datasets, permissible named queries on collaborative data). The interface may allow a contributing party to use one or more unspecified “placeholder” elements, such as placeholder datasets or placeholder computations, as building blocks in a pipeline under development. Parameterized access control may authorize designated participants to access, view, and/or contribute to designated portions of a contact or pipeline.

Abstract: Embodiments of the present disclosure are directed to techniques for constraint querying that allow data consumers to query collaborative data in a trustee environment, subject to configurable constraints, to derive collaborative intelligence without exposing underlying raw data provided by the tenants or collaborative data shielded by the trustee environment. Constraints can be applied in response to a query in multiple ways, including reformatting a query prior to execution, applying constraints after executing a query, constraining eligible queries for execution, applying access constraints prior to execution, and others. To reformat a query subject to constraints, the query can be parsed into an execution tree, which can be reformatted into a constrained execution tree by replacing executable units of logic inconsistent with a particular constraint with custom executable units of logic consistent with the constraint.

Abstract: Embodiments of the present disclosure are directed to techniques for monitoring and orchestrating the use and generation of collaborative data in a trustee environment subject to configurable constraints. A user interface can be provided to enable tenants to specify desired computations and constraints on the use and access to their data. A constraint manager can communicate with various components in the trustee environment to implement the constraints. For example, requests to execute an executable unit of logic such as a command or function call may be issued to the constraint manager, which can grant or deny permission. Permission may be granted subject to one or more conditions that implement the constraints, such as requiring the replacement of a particular executable unit of logic with a constrained executable unit of logic. As constraints are applied, any combination of schema, constraints, and/or attribution metadata can be associated with the data.

Abstract: Embodiments include methods performed by a key management node in a communication network. Such methods can include receiving, from an application function, a request for a security key specific to an application session for a particular user. The request can include a representation of the following information associated with the particular user: a first identifier of a non-application-specific anchor security key, and a second identifier related to a network subscription. Such methods can also include, based on the representation, determining an authentication server function that generated the non-application-specific anchor security key. Other embodiments include complementary methods performed by application functions, authentication server functions, and unified data management functions in the communication network. Other embodiments include network nodes configured to perform such methods.

Abstract: A hardware agent is a hardware device attached to, embedded in, or otherwise associated with a good. In particular, the hardware agent is bound to the good in such a way that information held by the agent may be confidently associated with the good. The hardware agent is constructed to securely hold information about the good, and information about stakeholders, such that the agent may autonomously make binding decisions regarding the good, including sales and financial transactions. Although the hardware agent may perform many functions autonomously, it often will have communication capabilities enabling it to share information with stakeholders, or to others as allowed.

Abstract: A genomic data decoder may jointly compress and encrypt genomic data alignment information while preserving the privacy of sensitive genomic data elements at retrieval stage. Genomic data alignment information organized as a read-based alignment data stream may be transposed into a position-based alignment data stream. The position-based alignment information may been coded into a reference-based alignment data stream. The reference-based alignment data stream may be encrypted with a combination of order-preserving encryption of the genomic position information and symmetric encryption of the reference-based alignment differential data. Differential encoding and entropy coding schemes may further compress the reference-based alignment data stream. The resulting compressed and encrypted stream may be indexed and stored in a biobank storage unit.

Abstract: A method for communication in a WLAN includes onboarding, authenticating, and configuring respective BSSs of multiple access points in a multi-AP network. Respective cryptographic keys are generated for the multi-AP agents in the network by carrying out a handshaking procedure between the multi-AP controller and the multi-AP agents over the backhaul network. Upon detecting a predefined rekeying event in communications between the multi-AP controller and any given multi-AP agent, a new cryptographic key is generated for the given multi-AP agent by repeating the handshaking procedure, and applying the new cryptographic key in encrypting and authenticating messages following the rekeying event.

Abstract: Examples associated with storage monitoring are described. One example system includes generating an encryption key and transmitting the encryption key to a basic input/output system (BIOS) security module. The BIOS security module uses the encryption key as a basis for a heartbeat. A provisioning module receives a signal identifying a monitored storage and generates an enforced storage associated with the monitored storage. The provisioning module also creates a manifest describing the relationship between the enforced storage and the monitored storage. The provisioning module transmits the manifest to the BIOS security module. A versioning module assigns a first access policy for the monitored storage and a second access policy to the enforced storage based on the manifest. The versioning module performs versioning for the monitored storage using the enforced storage, and periodically verifies operation to the BIOS security module using the heartbeat.

Abstract: A server device for managing privilege delegation to control execution of commands thereon is described. Execution of a command, according to first privileges, by a remote management (RM) server on the server device is requested from a RM client on a client device. An agent plug-in, chained to a command execution plug-in of the RM server, intercepts the request and forwards related information to an agent service cooperating with an operating system of the server device. The agent service determines whether to execute the command according to second privileges, different from the first privileges and if permitted, delegates the second privileges to the command, and causes, via the agent plug-in chained to the command execution plug-in, the command to be executed according to the second privileges.

Abstract: Various technologies described herein pertain to detecting operation of an autonomous vehicle on an untrusted network. The autonomous vehicle retrieves a beacon token from a data store of the autonomous vehicle. The beacon token comprises an identifier for the autonomous vehicle and an identifier for a server computing device. The autonomous vehicle generates a data packet based upon the beacon token, wherein the data packet includes the identifier for the autonomous vehicle. The autonomous vehicle transmits the data packet to the server computing device. When the data packet is transmitted via a trusted network, networking rules of the trusted network prevent the data packet from being received by the server computing device. When the data packet is transmitted via the untrusted network, the server computing device receives the data packet. Responsive to receiving the data packet, the server computing device generates and transmits an alert to a computing device.

Abstract: Securely provisioning a System on a Chip (SoC) includes generating a public/private key pair having a public key and a private key, securely storing the private key external to the SoC, embedding the public key in Resistor Transistor Logic (RTL) of the SoC during manufacture of the SoC, encrypting provisioning data using the private key to create encrypted provisioning data, and programming the SoC using the encrypted provisioning data. The secure provisioning may further include generating a secret shared key, embedding the secret shared key in the RTL of the SoC during manufacture of the SoC, and encrypting the provisioning data using the secret shared key. The RTL may be the boot Read Only Memory (ROM) of the SoC. The secure provisioning technique may also be used for subsequent provisioning after the SoC is deployed.

Abstract: Embodiments are directed to techniques for constructing, configuring, triggering, and executing various types of multi-party pipelines that access and/or use a shielded asset required to exist or execute within a data trustee environment. Generally, authorized participants can build upon template data privacy pipelines and other shielded assets to create other pipelines. Building blocks such as entitlements, cross-environment pipelines, and/or shielded assets governed by various collaborative intelligence contracts can be used to construct more complicated pipelines that may include any number of data privacy pipelines, cross-environment pipelines, input datasets, computational steps, output datasets, permissible queries, participants, and/or governing collaborative intelligence contracts.

Abstract: An encryption device includes a counter, an encryption/decryption unit, and a timer. The counter is configured to generate a first timestamp for a first time. The encryption/decryption unit is configured to concatenate security data and the first timestamp, encrypt the concatenated data into encryption data, transmit the encryption data to a memory device, and decrypt read data transmitted from the memory device into decryption data. The timer is configured to inform the counter and the encryption/decryption unit that a time elapses from the first time to a second time such that the counter generates a second timestamp for the second time and the encryption/decryption unit decrypts the read data into the decryption data. Checking logic implemented by the encryption device is configured to check whether a decryption timestamp of the decryption data is identical to the first timestamp.

Abstract: Embodiments are directed to techniques for constructing, configuring, triggering, and executing various types of multi-party pipelines that access and/or use a shielded asset required to exist or execute within a data trustee environment. Generally, authorized participants can build upon template data privacy pipelines and other shielded assets to create other pipelines. Building blocks such as entitlements, cross-environment pipelines, and/or shielded assets governed by various collaborative intelligence contracts can be used to construct more complicated pipelines that may include any number of data privacy pipelines, cross-environment pipelines, input datasets, computational steps, output datasets, permissible queries, participants, and/or governing collaborative intelligence contracts.

Abstract: Various arrangements for wireless network provisioning using a pre-shared key (PSK) are presented. A plurality of wireless network access profiles that indicate a plurality of PSKs may be stored. An access point may receive, from a wireless device, a first value based at on the PSK. The access point can transmit the first value to a cloud-based provisioning system. A plurality of values based on the plurality of PSKs of the plurality of wireless network access profiles may be created and a match between a second value of the plurality of values and the transmitted first value may be identified. A third value may be provided to the access point based on the PSK of the wireless network access profile of the plurality of wireless network access profiles used to generate the value. Network access can then be granted based on the third value.

Abstract: A machine and process for remotely controlling a vessel. The system may include a land-based computing system configured to communicate control signals via a communications system that communicates the control signals to the vessel and a controller network on the vessel configured to control at least certain functions of the vessel. The controller network may further be configured to receive the control signals from the land-based computing system. The controller may include a switch including an input port and multiple output ports. A remote control computing device may be configured to control the vessel via at least one other computing device. A one-way Ethernet cable may be communicatively coupled between one of the output ports of the switch and the remote control computing device. The control signals may be received by the switch being communicated to the remote control computing device via the one-way Ethernet cable.

Abstract: Techniques are disclosed herein for managing and sharing sensitive information using blockchain technology. In certain embodiments, a transaction may be generated using information and a set of conditions, wherein satisfying the set of conditions by a requester of the information determines access to the information by the requester and the set of conditions include a count for a number of queries allowed for accessing the information. As requesters access the information, the count is decremented or adjusted and updated transactions are stored on the blockchain ledger until the count adjusts to a predetermined number, such zero. The information and the set of conditions may be defined by the user.

Abstract: Systems and methods for automated testing of network security controls are provided. According to one embodiment, information regarding multiple desired security controls for a protected network are received by a network device. Network traffic configured to validate an extent of conformance by the protected network with the desired security controls is generated by the network device. The generated network traffic is transmitted by the network device onto the protected network. An assessment is performed by the network device regarding how network security policies configured within the protected network process the generated network traffic.

Abstract: A method that automatically generates blacklists for a sandbox application. The method first obtains a set of disassembled operating system (OS) dynamic-link libraries (DLLs) and then identifies application programming interfaces (API) functions that have respective kernel interruptions. The identified API functions that have kernel instructions are saved to an interrupt list. Based on the interrupt list, a processor generates a blacklist that includes for each of the DLLs, the identified API functions in the interrupt list, all API functions that directly or indirectly invoke one of the identified API functions in the interrupt list via one or more nested API functions. The method outputs the blacklist to the sandbox application that operates on a sample file to emulate API functions of the sample file that match the blacklist. All other APIs not identified as being blacklisted, are then considered whitelisted and are allowed to run natively.

Abstract: A container from a first root of trust associated with a first root entity may be received. The container may correspond to a mapping of a resource of an integrated circuit that is associated with the first root entity. The container may be verified based on a key that corresponds to the first root of trust and that is stored in the integrated circuit at manufacturing of the integrated circuit. An identification may be made that an assignment of the resource from the container corresponds to assigning the resource from the first root of trust to a new root of trust. A new key corresponding to the new root of trust may be generated. Information corresponding to the new key may be stored into a memory of the integrated circuit. Furthermore, the new key may be used to delegate the resource to a subsequent container.