Abstract: An integrated method for uploading data on a blockchain comprising: receiving an editable text data or an editable form data by the data source computer device; determining whether a file update time of the editable text data or the editable form data is later than a last change time stored by the service server and corresponding to the data by the data source computer device; sending the data to the service server when the data source computer device determined that the file update time is later than the last change time by the data source computer device; executing a corresponding service that is able to access data of a blockchain and upload the data to the blockchain according to the data from the data source computer device by the service server. Therefore, the data can be efficiently and quickly uploaded to the blockchain.

Abstract: A quantum block-chained authentication solution with quantum authentication processes for data transmissions passing through a peer-to-peer (P2P) network including a plurality of agent nodes comprises a system that is capable of not only performing a smart contract on a block-chained virtual-machine mechanism for transmitting a data from an agent node to another agent node passing through a plurality of paths in a secure way implemented via proprietary quantum authentication processes, but also detecting and reacting to a malicious behavior within a transmission in time.

Abstract: Methods, systems, and devices for wireless communications are described for physical layer signature feedback to enhance security in wireless communications. A user equipment (UE) and a network entity may apply a physical layer signature, such as an artificial physical layer impairment, to one or more physical layer signals that may be measured to identify a physical layer signature of the associated physical layer signal. The UE, upon receipt of a physical layer signal, may check if the identified signal includes a physical layer signature of a set of valid physical layer signatures. If the received physical layer signature matches a valid physical layer signature, the UE may operate in accordance with procedures associated with the signal. If the received physical layer signature does not match a valid physical layer signature, the UE may transmit a message to the network entity that indicates an unmatched physical layer signature.

Abstract: In one embodiment, a method herein comprises: receiving, at a device, a registration request from a telemetry exporter that transmits telemetry data; generating, by the device, a telemetry configuration file for the telemetry exporter, the telemetry configuration file defining a policy for transmission of telemetry data from the telemetry exporter and an authentication token for the telemetry exporter; sharing, by the device, the policy with a security enforcer; and sending, by the device, the telemetry configuration file to the telemetry exporter, wherein the telemetry exporter is caused to connect with the security enforcer using the authentication token, send the telemetry configuration file to the security enforcer, and transmit collected telemetry data to the security enforcer, and wherein the security enforcer is caused to create a dynamic publish-subscribe stream for publishing the collected telemetry data received from the telemetry exporter based on the telemetry configuration file and the policy.

Abstract: Techniques are presented for physically incapacitating data storage functionality of a computer data storage device for preventing access of data stored on the device. A security breach can be detected of a device housing a component communicable with a computer and where digital data is storable on the component. A mechanism can be activated for physically disabling the component in the device, in response to the detecting of the security breach. The incapacitating of the component can be a result of the mechanism physically contacting the component, in response to the activation of the mechanism, and the incapacitating of the component renders digital data stored on the component unretrievable by a computer.

Abstract: This disclosure describes systems and techniques for using controlling access to user information using ephemeral user identifiers. In one aspect, a method includes determining, for a given domain, engagement by a user with content provided by the given domain for display by an application at a client device of the user. A determination is made, based on the engagement by the user, to extend, for the given domain, a linkage between user identifiers for a user of the application. In response to determining to extend, for the given domain, the linkage between the user identifiers for the user of the application, one or more future domain-specific ephemeral user identifiers for the user and the given domain are obtained. An attestation record that includes a current domain-specific ephemeral user identifier and the one or more is generated and sent to the given domain.

Abstract: The present disclosure relates to a method for providing a service for security of a web-browser-based content which increases security of an original content by inserting garbage characters into a text constituting an HTML-based original content, which can be opened through a web browser, to secure the original content, and by enabling only authenticated functions to be executed when calling functions for removing the garbage characters and performing functions related to the original content. The present disclosure, without installing a specific program linked to the web browser, can easily prevent a user who does not have the right to open an original content on a web browser from abnormally accessing the original content by constructing a certain function which is not authenticated. Thereby a copyrighted product infringement for a web browser-based original content can be prevented.

Abstract: Examples of file analytics systems are described that may obtain metadata data and events data from a virtualized file server. The file analytics systems may detect one or more events from the events data matching a criteria indicating malicious activity. The file analytics systems may validate the detection of malicious activity. The validation may be performed by comparing the file type, such as the MIME type, of sample files before and after the suspected malicious activity. The systems may recover a share of the distributed file server including the one or more affected files by replacing the one or more affected files with stored versions of the one or more affected files from a snapshot of the share taken prior to the detected malicious activity.

Abstract: Methods, systems, and computer-readable storage media for verification of identity of individuals based on images obtained by two cameras. A first stream of images of an individual are obtained from a first camera. Gamma correction is applied to images of the first stream of images. A second stream of images of the individual is obtained simultaneously with the first stream of images from a second camera, where gamma correction is not applied to images of the second stream of images. An identity of the individual is verified by providing the first stream of images and the second stream of images for independent automated matching with an authentication image. The authentication image is an image of the individual from a verified source.

Abstract: A zero-watermarking method and device for BIM data, and a medium are provided, which relate to the field of watermarking information security technologies. Aiming at existing zero-watermarking method for the BIM data cannot resist primitive attacks, vertical stability of a model is used to construct a mapping relationship between primitive clusters and watermarking bits, calculate norms of primitives in each primitive cluster of the primitive clusters, take positivity and negativity of norm skewness measurement of the primitives as eigenvalues to construct a binary sequence, and performs an XOR process on the binary sequence and an original watermarking sequence to construct the zero-watermarking for the BIM data. Experimental results indicate that the zero-watermarking method has uniqueness, robustness and security.

Abstract: A method including obtaining, by a virtual private network (VPN) server, an initial operating system from a memory associated with the VPN server; transmitting, by the VPN server while executing the initial operating system, a request to obtain a VPN operating system to enable the VPN server to provide VPN services; receiving, by the VPN server based at least in part on transmitting the request, the VPN operating system; and executing, by the VPN server, the VPN operating system to provide the VPN services based at least in part on storing the VPN operating system on a volatile memory associated with the VPN server is disclosed. Various other aspects are contemplated.

Abstract: The present disclosure relates to a communication method and system for converging a 5th-Generation (5G) communication system for supporting higher data rates beyond a 4th-Generation (4G) system with a technology for Internet of Things (IoT). The present disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technology, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. Embodiments herein provide a method for determining whether a base station is genuine or rouge in a wireless network. If a received authentication key matches with the authentication key generated in the UE, the method includes identifying a base station as genuine base station and carrying out a normal procedure. If the received authentication key does not match with the generated authentication key, the method includes identifying the base station as a rouge base station.

Abstract: A physical object having a programmable, electronically readable tag can be identified and tracked in a given third party system with the aid of an identity services platform. When the owner of the object is about to place it in the custody of a third party system, the owner can use a client device to instruct the identity services platform to generate a nonce, for programming into the object's tag. Devices in the third party system read and use the nonce to identify and track the object and to make decisions about how it is handled. When the object exits from the control of the third party system for return to the owner, the identity services platform is asked to provide a proof of ownership to the third party system, which enables accurate return of the object to its proper owner.

Abstract: An Internet Protocol (IP) address assignment method in a cloud-based multi-tenant system for assigning unique IP addresses to a plurality of client devices of a plurality of users. Network traffic including a data request from a client device to a cloud provider via an ingress tunnel is monitored by a mid-link server. A user of the client device is identified from the data request. A policy is identified based on the tenant of the user and a plurality of applications for the client device. An IP address is assigned to the client device of the user based on the policy. Each client device is assigned a unique IP address. The network traffic egresses via an egress tunnel from the mid-link server. The data request is routed from the client device to the cloud provider using the IP address of the client device.

Abstract: Techniques provided herein relate to electronic data access requests. An access system receives at least one electronic data action request from a client. At least a portion of the data access authentication information is sourced from a secondary device connected to an intermediary device. The electronic data action request is authenticated based upon the data access authentication information.

Abstract: A method includes detecting an initial vocalization by a user in an environment including a primary device and a secondary device, analyzing the initial vocalization to determine whether a future vocalization is likely to contain sensitive information based on the initial vocalization where the future vocalization is a potential future vocalization, and controlling, based on determining that the future vocalization is likely to contain sensitive information, a speaker of the primary device to output a noise canceling signal configured to prevent the secondary device from detecting the future vocalization.

Abstract: In order to use zero trust network resources distributed across multiple gateways, an agent is deployed on an endpoint of an enterprise network. The agent maps requests for specific applications to corresponding gateways. The agent may also multiplex or otherwise aggregate communications among different network applications and gateways in order to provide seamless, transparent access to the distributed resources at a single endpoint, and/or within a single interface.

Abstract: A method for assessing vulnerability to predatory internet attacks determined using new technologies in the evaluation of personal psychological assessments so as to pinpoint vulnerable persons. Once pinpointed, those with high user risk may not be hired, or if employed already, may be provided additional information/training or have computer software protection installed at their station. Persons are administered a battery of personality/psychological evaluation questions with various statistical and data mining techniques used for common psychological assessments applied to their responses. This algorithmic model uses multiple psychological assessments for a combined measure of user risk.

Abstract: Disclosed is a calculation device. The present calculation device includes: a memory for storing a plurality of homomorphic ciphertexts for an approximate message including an error; and a processor for sorting the plurality of homomorphic ciphertexts by using a 5-way sorter which can sort five homomorphic ciphertexts in a single stage.

Abstract: In a vehicle-to-everything (V2X) technology environment, systems and methods are provided for extending the distribution of activation codes (ACs) in an Activation Codes for Pseudonym Certificates (ACPC) system, in a privacy-preserving manner, to a unicast mode of communication. In this unicast ACPC (uACPC), in some embodiments, the ACs are distributed by the back-end system via a unicast channel upon the receipt of the vehicle's direct request for its respective ACs. In some embodiments, uACPC can leverage edge computing architecture for low latency delivery of certificate revocation lists (CRLs) and higher availability for the distribution of ACs.