Abstract: In various example embodiments, a system and method for data mesh-based environmental augmentation are presented. Attribute data associated with a user may be received from a plurality of attribute sources. A portion of the attribute data may include real-time data. A portion of the real-time data indicative of an identity of the user may be identified. The identity of the user may be authenticated with respect to the real-time data by analyzing the identified portion of the real-time data. Based on the authentication of the identity of the user, a user activity being performed by the user may be identified based on the real-time data, and the user activity may be augmented according to a user setting.

Abstract: Controlling access to sensitive data can be difficult during an application development effort. A developer may not be authorized to see the data that is to be used by the application. Credentials used in a development environment to access development data can require modification when the application is migrated to a deployed environment. Changing the code in the deployed environment increases risks of change induced incidents. The technology disclosed allows for the creation of a named credential object, where the credentials for different environments are stored, and where the named credential object is called by metadata. This allows the promotion of code from a development environment to a deployed environment without changes to code, and without giving access to sensitive data to the developer.

Abstract: The present invention provides a method and apparatus for the production and labeling of objects in a manner suitable for the prevention and detection of counterfeiting. Thus, the system incorporates a variety of features that make unauthorized reproduction difficult. In addition, the present invention provides an efficient means for the production of labels and verification of authenticity, whereby a recording apparatus which includes a recording medium, having anisotrophic optical domains, along with a means for transferring a portion of the recording medium to a carrier, wherein a bulk portion of the recording medium has macroscopically detectable anisotrophic optical properties and the detecting apparatus thereon.

Abstract: A method for modifying a user session lifecycle is provided. The method may include verifying a user session on a cloud service provider is valid. The method may also include monitoring a plurality of user behaviors exhibited during the verified user session. The method may further include determining a plurality of session data within an identity provider should be updated based on the monitored plurality of user behaviors and a policy within a database. The method may also include modifying the determined plurality of session data.

Abstract: An information processing device includes: a first reception unit that receives first information indicating a storage location of a document to be printed; a first transmission unit that uses the first information to generate an authorization request, generates corresponding second information, and transmits the authorization request and the second information to a terminal used by a sender of the first information; a second reception unit that receives a corresponding authorization code; a controller that uses the authorization code to acquire an access token, and controls storage of the access token, the second information, and the first information in association with each other; and a second transmission unit that, if the second information is received from an image processing device, uses the corresponding access token and information indicating a storage location to acquire a document in the storage location, and transmits the document to the image processing device.

Abstract: An individual authentication method includes (i) indicating a first position of a user's arm or arms when gripping an electrocardiographic sensor, (ii) measuring the user's electrocardiographic activity at the first position by using the electrocardiographic sensor, (iii) indicating a second position of the user's arm or arms when gripping the electrocardiographic sensor, the second position being different from the first position, (iv) measuring the user's electrocardiographic activity at the second position by using the electrocardiographic sensor, (v) receiving ID information of the user, and (vi) registering, in a database, electrocardiographic authentication information including first authentication information associating the ID information with the user's electrocardiographic activity measured at the first position, and second authentication information associating the ID information with the user's electrocardiographic activity measured at the second position.

Abstract: Systems and methods for managing privacy settings of shared content include receiving content associated with an object; receiving privacy settings associated with the object associated with the received content; based on the received privacy settings, obfuscating, at least a portion of the content associated with the object to generated obfuscated content; and transmitting the obfuscated content to a publishing server, wherein the publishing server publishes the obfuscated content to one or more third parties.

Abstract: A method includes identifying a first node in a plurality of nodes based on a client device identifier for a client device, the client device being associated with a first network device; storing, information for the client device, on the first node; responsive to the client device associating with a second network device, retrieving the information for the client device by: identifying the first node based on the client device identifier for the client device and obtaining the information from the first node.

Abstract: Techniques to authorize access to a service are disclosed. In various embodiments, a token that includes data comprising or otherwise associated with a device identifier of a device on which an application configured to access a service is installed is provided to the application. A service access authorization request that includes the token is received. The token is used to determine device information associated with the service access authorization request.

Abstract: The technology relates to securely providing patient data to caretakers. Verification information from one or more patients may be received by one or more processors. The verification information may include data associated with each of the one or more patient's service locations. The one or more processors may store the patient data for each of the one or more patients in association with the patient's respective verification information. Upon receiving an authentication request including authentication information associated with a caregiver's location, to view a first patient's data, the one or more processors may determine whether the caregiver's authentication information satisfies the first patient's verification information. Upon determining the caregiver's authentication information satisfies the first patient's verification information, controlling the release of the first patient's data to a caregiver's device.

Abstract: Provided are a method and device for feature extraction. The method comprises: acquiring a batch of black sample files and white sample files from an application layer of a smart terminal operating system; parsing each file, acquiring information structure of all functions contained in each file, and computing a checksum for each function; determining whether or not the files contain the functions corresponding to the checksums, thus compiling statistics on the number of occurrences of each function in the black sample files and the white sample files; and, extracting a black sample feature on the basis of functions occurring only in the black sample files and not occurring in the white sample files, or extracting a white sample feature on a similar basis.

Abstract: Techniques for unobtrusively verifying the identity of a user of a computing device are provided. In one embodiment, the computing device can establish one or more verification models for verifying the user's identity, where at least a subset of the one or more verification models is based on enrollment data that is collected in an unobtrusive manner from the user. The computing device can then verify the user's identity using the one or more verification models.

Abstract: An electronic device includes a biometric sensor, such as a fingerprint sensor, to identify biometric input. One or more processors are then operable to identify at least one paired device and at least one companion device operating within a wireless communication radius. The paired device then detects and identifies a simple gesture, communicating this in an electronic communication to a wireless communication circuit of the electronic device. The one or more processors then identify at least one authentication agent operating on the at least one companion device and select at least one authentication credential for the at least one authentication agent. The wireless communication circuit then delivers an authentication credential in response to the predefined gesture input.

Abstract: A method and system of selectively initiating biometric security based on thresholds is described. The method includes retrieving an access security level associated with an access domain and an access permission level associated with an electronic portable transaction device, comparing the access security level and access permission level, and, if the access security level exceeds the access permission level, initiating a biometric authentication process.

Abstract: A network attack simulation method including, at a network with a server and a plurality of computers, selecting one or more actions from a plurality of actions for operating on a first computer of the plurality of computers, transmitting instructions from the server to the first computer to execute the one or more selected actions, executing the one or more selected actions on the first computer, and generating data based on the execution of the selected actions. The method includes transmitting the data generated from the first computer to the server, identifying a target computer of the plurality of computers to access, transmitting one or more additional instructions from the server to the first computer to access the target computer using at least a portion of the data, and receiving confirmation from at least one of the first computer and the target computer that the target computer was accessed.

Abstract: Embodiments include a method for data masking such as receiving, by a first data masking component, data including unmasked data for a first attribute, the first data masking component including a data set and a masking algorithm; generating, by the first data masking component, masked attribute data for the first attribute by applying the masking algorithm to the unmasked data associated with the first attribute using the data set; and replacing, by the first data masking component, the data for the first attribute in the first data with the masked attribute data.

Abstract: A control method of a recoverable file protection device and a protection method of a recoverable file are provided. After a file owner sets a secured content in an unprotected data, a secured content protection mode is selected. In accordance with the secured protection mode, the recoverable file protection device can move the secured content and the marked content can replace the secured content. An authentication key is inputted to encrypt the secured content. If a user would like to open the file, the user is requested to verify an identification data. If the identification data complies with the authentication key, the recoverable file protection device moves the secured content to recover the original content. If the identification data doesn't comply with the authentication key, the file content without the secured content is opened. Therefore, a security of an e-file can be achieved.

Abstract: One or more processors generate a website mimicking a virtual message board. One or more processors receive a request message directed to the website. One or more processors analyze the request message for evidence that the request message originates from a source of spam. In response to a determination that the request message likely does originate from a spam source, one or more processors provide data about the spam source to an anti-spam system.

Abstract: The disclosure is directed towards systems and methods for improving security in a computer network. The system can include a planner and a plurality of controllers. The controllers can be deployed within each zone of the production network. Each controller can be configured to assume the role of an attacker or a target for malicious network traffic. Simulations of malicious behavior can be performed by the controllers within the production network, and can therefore account for the complexities of the production network, such as stateful connections through switches, routers, and other intermediary devices. In some implementations, the planner can analyze data received from the controllers to provide a holistic analysis of the overall security posture of the production network.

Abstract: Systems and methods for providing optical communication between a vehicle and an external actor include a system provider device that establishes, through communication over a network with at least one vehicle, the at least one vehicle as a communication proxy. Establishing the at least one vehicle as a communication proxy may include pairing the at least one vehicle with a user device. In various embodiments, the system provider also receives a communication trigger. In response to the communication trigger, the system provider may transmit a modulated optical signal via an illumination source of one of the at least one vehicle and an external actor, to the other of the at least one vehicle and the external actor. The system provider detects, at the other of the at least one vehicle and the external actor, the modulated optical signal and demodulates the transmitted optical signal.