Abstract: A system and a method for detecting anomalous activities in a distributed and decentralised network is provided. Anonymous users transacting in the network are identified and one or more transactional attributes are retrieved to define characteristics of users and associated transactional behaviour with other users. Further, user-level statistics are evaluated based on transactional attributes. Datatype representative of transactional behavior of users with other users is generated using user-level statistics of identified users. Users with similar transactional behavior are classified based on generated transactional attributes. One or more anomaly detection techniques are implemented for identifying optimum classification of users into data clusters based on the change detected in the classification of users in data clusters. Anomalous users are identified from the optimum classification for efficiently and effectively detecting anomalous activities in the network.

Abstract: The present disclosure relates to an information processing system, a storage medium and a control method through which a user privacy level in a telepresence system can be set depending on a counterpart. The information processing system includes a setting unit that automatically sets a privacy level depending on a user of a communication destination device; a communication unit that transmits a picture of a user of a communication source device to the communication destination device; and a controller that performs control to mask the picture of the user of the communication source device depending on the automatically set privacy level.

Abstract: A user profile is temporarily accessed by an accessor. A method performed by the accessor of a contact center includes receiving access data. The access data includes a user identifier for a user, an identifier identifying a third party having profile data of the user, and a user-predefined condition which must be satisfied for the profile data to be temporarily accessible by the contact center. The method includes transmitting a request to the third party to temporarily access the profile data during a time period when the condition is satisfied, the request including the user identifier. The method includes temporarily accessing the user profile when the request is granted.

Abstract: A system receives a first request to replace a first credential used by an entity to access one or more resources with a second credential to be used by the entity to access the one or more resources. In response to receiving the first request, the system replaces the first credential with the second credential and allows use of the first credential for a predetermined period. In response to receiving a second request from the entity to access the one or more resources using the first credential after replacing the first credential with the second credential, the system allows the entity to access the one or more resources using the first credential during the predetermined period, and generates an indication that the entity used the first credential to access the one or more resources and that the entity is to be updated with the second credential within the predetermined period.

Abstract: A system and computer-implemented method for providing access to data of a first party including receiving information for identifying the first party, authenticating the first party using the received information for identifying the first party and generating a first read-only personal identification number (PIN). The first read-only PIN is associated with a first set of access rights for the data of the first party and provided to a second party. The first read-only PIN is stored with the first set of access rights in a computer database. A third party receives the first read-only PIN from the second party, authenticates the received first read-only PIN using the stored first read-only PIN and provides the second party with access to at least a portion of the data of the first party using the first set of access rights associated with the first read-only PIN if the received first read-only PIN is authenticated.

Abstract: Methods and devices for monitoring scan attempts in a network. Various embodiments provide enhancements to existing honeypot devices. These enhancements may include at least one of: (1) a port access module configured to make at least one honeypot port appear to be closed; (2) a mobility module configured to change the address of the honeypot within the network; (3) an emulation module configured to discover a network neighbor's profile and further configured to emulate the network neighbor's profile.

Abstract: Processing circuitry includes key store hardware that stores a plurality of encryption keys. Key stream generator hardware generates a plurality of key streams from the plurality of encryption keys, wherein each key stream comprises a repeating stream of key data. Key river generator hardware generates a key river by parallelizing the plurality of key streams as key river symbols, wherein bits from each key river symbol are selected from each key stream as individual bits from differing ones of the plurality of encryption keys. Binary processor hardware generates a key path as a sequence of binary digits generated from at least one binary function of the key river.

Abstract: A system and method obtain a recording of an interaction with a user and a screen recording related to the interaction; extract, from the screen recording, a unique identification value related to the user; resolve the identity of the user using the extracted unique identification value; and associate the user with the recorded interaction by associating the unique identification value with the interaction.

Abstract: Methods, systems, and computer program products for selecting a virtual machine to perform a task corresponding to a client request and performing the task at the virtual machine. After performing the task at the virtual machine, an indicator corresponding to a shutdown of the virtual machine is detected. After detecting the indicator and prior to the shutdown of the virtual machine, a memory space is preserved corresponding to the virtual machine. The preserved memory space is then scanned for malware.

Abstract: The disclosure includes novel encryption and/or decryption methods and systems that provide various security benefits. More specifically, the disclosure includes a description of a file encryption process and its ability to dynamically control permissions on who is allowed to decrypt the file. Moreover, the disclosed process permits an encrypted file to be freely distributed without losing the ability to govern/regulate decryption.

Abstract: Systems and methods are provided for managing electronic tokens for device interactions. In some embodiments, a unified graphical user interface is provided for an account, for controlling the activation status and settings associated with authorized electronic devices used for conducting transactions on the account. The electronic devices may be programmed with an electronic token that allows a server to look up sensitive account information, although the electronic token does not divulge the account information itself. Therefore, if an electronic token is compromised or stolen, the account does not need to be closed, and sensitive information remains safe. Moreover, the unified graphical user interface provides detailed and highly customizable controls for settings and restrictions associated with each of the electronic tokens, without modifying or accessing sensitive account or personal information.

Abstract: An apparatus for testing, inspecting or screening an electrically powered device for modified or unmodified hardware, firmware or software modifications including Malware, Trojans, adware, improper versioning, worms, or virus and the like, includes an antenna positioned at a distance from the electrically powered device and a signal receiver or sensor for examining a signal from the electrically powered device. The receiver or sensor collects unintended RF energy components emitted by the electrically powered device and includes one or more processors and executable instructions that perform analysis in a response to the acquired signal input while the electrically powered device is active or powered. The characteristics of the collected RF energy may be compared with RF energy characteristics of an unmodified device. The comparison determines one of a modified, unmodified or score of certainty of modified condition of the electrically powered device.

Abstract: Embodiments use crowd disambiguation techniques to protect the privacy of potentially sensitive client resources in web transactions. Crowd disambiguation servers can aggregate information about resources, such as URLs, accessed by clients, in the form of resource fingerprints submitted by the clients. Said resource fingerprints can be used to provide crowd-sourced services in a privacy-protected manner. For example, in some embodiments a fingerprint of a URL visited by a client can be communicated to the server as both a fully ambiguated resource instance (FARI) and a partially disambiguated resource instance (PDRI). When only one client, or a limited number of clients, has communicated a certain resource fmgerprint, the underlying identity of the resource, in this case the URL, remains obfuscated from the crowd disambiguation server, which lacks sufficient information to reconstruct it.

Abstract: Embodiments of the present disclosure provide a method, system and computer program product for providing a secure access to data in mobile devices by acquiring the data from one of a plurality of remote storage devices in response to receiving an access request for the data from one or more applications; storing the data in a secure memory space in the mobile device; providing the one or more applications with an access to the data in the secure memory space when a predetermined condition is satisfied, wherein the predetermined condition at least comprises the one or more applications having an access permission to the secure memory space.

Abstract: Systems and methods for protecting a data item include, upon initiation of transfer of the data item from a server to a client device, determining a sensitivity score and a current protection, level of the data item. A policy is applied to determine an appropriate protection for the data item based upon the sensitivity score and the current protection level. A protected data item is provided to the client device by applying the appropriate protection to the data item.

Abstract: Embodiments of the present disclosure relate to a new approach for sensor-based authentication to enhance mobile security. In the computer-implemented method, motion related sensor data is obtained. A label of a behavior is determined wherein the behavior has a time information of the behavior. The label is associated with at least part of the motion related sensor data based on the time information of the behavior and the time information of the motion. At least one comparable motion is determined from the associated part of motion related sensor data. At least one motion passcode based on the determined comparable motion is identified.

Abstract: A method, a computing system and a computer program product are provided. A computing device identifies a credential of a first entity and determines one or more second entities, each electronically verifying the credential of the first entity. The computing device determines one or more third entities, each electronically verifying one or more from a group of second entities and other ones of the third entities, wherein the second and third entities form a set of chains of verification from the first entity. The computing device analyzes the set of chains of verification to detect one or more loops within the set of chains among the second and third entities. A verification of the credential is generated by the computing device based on detection of a trusted entity within one of the set of chains and not detecting a loop within the one of the set of chains.

Abstract: A system is provided for facilitating multi-party authentication. During operation, the system receives, via a communication module, an operation request from a primary user. The system then sends an authentication request to the authentication assistance user and receives a response from the authentication assistance user. Subsequently, the system allows or denies the operation request based on the response received from the authentication assistance user.

Abstract: Embodiments include method, systems and computer program products for a security tool to prevent data leakage. In some embodiments, it may be determine that a first application has been initiated. A focus change from the second application to the first application may be detected. Input data provided by a user may be detected. It may be determined that the input data comprises sensitive data. An action may be executed in response to determining that the input data comprises sensitive data.

Abstract: Methods, systems, and apparatus for ensuring data integrity are disclosed. A data container structure is obtained, the data container structure containing data and a source identifier of a first hardware component. The data container structure is modified, using a header processing device, to include a component signature and an identifier of a second hardware component.