Abstract: The present invention relates to the field of communications technologies, and in particular, to a VNF package operation method and apparatus, so as to resolve a technical problem of relatively poor information security because a current VNF package is targeted at all user equipments instead of only some user equipments. A private type is defined in embodiments of the present invention. If a type of a VNF package is the private type, only an authorized user is allowed to use this VNF package, so that the VNF package can be opened to only some user equipments. A specific authorization scope may be self-defined. Therefore, information security is improved, and the problem that cannot be resolved in the prior art is resolved, so as to provide a better service for a user.

Abstract: A computing platform may receive, from a web server, entity identification information in different formats, and normalize the entity identification information. After normalizing the information, the computing platform may receive a plurality of interaction records each associated with an interaction between a system and a client of the system. The computing platform may compare the normalized entity identification information with the interaction records of the interactions between the system and the clients of the system. After determining that the entity identification information matches client information for one of the interaction records, the computing platform may send an alert to a control server. The alert may cause the control server to take one or more actions with respect to the client. For example, future attempts by the client to access one or more services offered by the system may be blocked for access by the client.

Abstract: The present disclosure relates generally to threat detection, and more particularly, to techniques for analyzing security events using dynamic policies and displaying a consolidated view of active threats and user activity including the dynamic policies being triggered by the active threats and user activity. Some aspects are directed to the concept of a policy bus for injecting and communicating the dynamic policies to multiple enforcement entities and the ability of the entities to respond to the policies dynamically. Other aspects are directed providing a consolidated view of active threat categories, a count of policies being triggered for each threat category, and associated trends. Yet other aspects are directed to providing a consolidated view of users, applications being accessed by users, and the access policies, if any, implicated by the such accesses.

Abstract: User accounts can be linked together to form a group of linked user accounts that can access content items assigned to the other user accounts in the group. A user can download content items assigned to their user account, as well as shared content items assigned to one of the other user accounts in the group of linked user accounts. Use of shared content items can be restricted to client devices running specified versions of an operating system. The key ID tagged to a shared content item can be altered such that the key ID no longer correctly identifies the corresponding DRM key that enables use of the shared content item. Client devices authorized to use shared content items can be configured to recognize that a content item is a shared content item and generate the original key ID form the altered key ID.

Abstract: Described is a system for synthesis of cryptographic software from specification. During operation, the system generates a first level formalization code of a cryptographic protocol based on a user input protocol specification and a library of transformation rules. A second level formalization code is then generated by implementing communication protocols to the first level formalization code. A third level formalization code subsequently generated by implementing cryptographic primitives to the second level formalization code. Finally, the third level formalization code is encoded on a computer readable medium as an executable code.

Abstract: Techniques are disclosed for securing communication from an unprotected hardware bus. The described techniques may be implemented by placing a secure hardware bus between the unprotected hardware bus and a host computing device. The secure hardware bus acts as a filter to prevent delivery of unsafe data packets to the host computing device. The filtering may be particularly useful for preventing delivery of a data packet that would trigger a reboot of the host computing device.

Abstract: Methods for a NETWORK MONITORING WITH REMOTE ACCESS are disclosed. A secured customer network comprises computing resources that are connected together in an internal network. The secured customer network is protected by a security perimeter, which prevents access by unauthorized devices outside the perimeter. This internal network is connected to a secured customer network monitor, which is in turn, connected to an intelligence engine and to a security broker. An application program is installed onto a mobile computing device, which allows connection of the mobile computing device to the network while it is within the secured perimeter. The mobile computing device connects to and obtains access authorization credentials from a security broker that is part of the network. After disconnecting from the security broker and being moved outside the security perimeter, the remote computing device creates a secure remote session with the intelligence engine.

Abstract: A computer system detects that a mobile device of a user is in a location that exceeds a threshold distance from a second device of the user. Based on at least the detecting, the computer system switches the mobile device to stealth mode, wherein switching the mobile device to stealth mode includes determining an image that visually matches a surface directly below the mobile device, and displaying the image on at least one display of the mobile device. The computer system determines that the second device of the user is located within the threshold distance of the mobile device. Based on the determining, the computer system initiates one or more actions to alert the user as to the location of the mobile device.

Abstract: Embodiments relate to systems and methods for providing digital dye packs in connection with a transaction via a device user interface. In an embodiment, a system includes a communication module of a remote server that interacts with a device that receives, from a user of the device, specific identifier information in connection with conducting a transaction with a recipient server; wherein the specific identifier information is associated with an alert of potential risk of the transaction. The system also includes a non-transitory memory comprising a database storing specific identifier information with corresponding actions that are executed based on the specific identifier information. The system further includes at least one hardware processor for executing an action in response to receiving corresponding identifier information associated with the alert of potential risk from the device in connection with the transaction.

Abstract: Systems and methods are disclosed for private vehicle-to-vehicle communication. An example disclosed vehicle communication system includes sensors to monitor a target vehicle, and a controller. The example controller generates a pseudo-anonymous identifier based on an identifier and an attribute of the target vehicle. Additionally, the controller broadcasts a first message including the pseudo-anonymous identifier, a random number, and a public key. In response to receiving a second message including the identifier and the random number, the example controller broadcasts a third message encrypted with a symmetric key included in the second message.

Abstract: Systems, methods, and non-transitory computer-readable storage media for a non-replayable communication system are disclosed. A first device associated with a first user may have a public identity key and a corresponding private identity. The first device may register the first user with an authenticator by posting the public identity key to the authenticator. The first device may perform a key exchange with a second device associated with a second user, whereby the public identity key and a public session key are transmitted to the second device. During a communication session, the second device may transmit to the first device messages encrypted with the public identity key and/or the public session key. The first device can decrypt the messages with the private identity key and the private session key. The session keys may expire during or upon completion of the communication session.

Abstract: A data management and storage (DMS) cluster of peer DMS nodes manages resources of a multi-tenant environment. The DMS cluster provides an authorization framework that provides user access which is scoped to the resources within a tenant organization and the privileges of the user within the organization. To authorize an action on a resource by a user, the DMS cluster determines determine user authorizations associated with the user defining privileges of the user on the resources of the multi-tenant environment, and organization authorizations associated defining resources of the multi-tenant environment that belong to the organization. The DMS cluster authorizes the action when the user authorizations and organizations authorized indicate that the action on the resource is authorized.

Abstract: An approach is provided for delivering a configuration based workflow in an IT system. A command initiated for execution is identified as being included in a list of commands. A set of parameters and pre-configured conditions associated with the identified command are determined. Validation action(s) that validate the command and are included in the configuration based workflow are determined. The validation action(s) are specified by respective interaction(s) with external system(s). Validation action(s) included in the configuration based workflow are performed by completing the interaction(s) with the external system(s) using the set of parameters. It is determined whether the validation action(s) are successfully completed. If the validation action(s) are successfully completed, the execution of the command is continued. If at least one of the validation action(s) is not successfully completed, the execution of the command is discontinued.

Abstract: A method, system and computer program product for privacy control. A unique identifier for each data element of a group of data elements (e.g., driver's license contains a group of data elements, such as name, driver's license number) is created. These identifiers may be stored along with documentation (e.g., label) of the associated data elements in a manifest file. Alternatively, the identifiers may be stored in a file outside of the manifest file. In this manner, by utilizing a data element identifier which corresponds to a random number, security of privacy information is improved as one would only be able to obtain such sensitive information by obtaining such an identifier. Furthermore, the user only needs to send the requested data elements, as opposed to all the data elements of the group of data elements, to the challenger. In this manner, the user is preserving the security of other privacy information.

Abstract: The present disclosure relates to network security software cooperatively configured on plural nodes to authenticate and authorize devices, applications, users, and data protocol in network communications by exchanging nonpublic identification codes, application identifiers, and data type identifiers via pre-established communication pathways and comparing against pre-established values to provide authorized communication and prevent compromised nodes from spreading malware to other nodes.

Abstract: In one aspect there is provided a method. The method may include: determining that an executable implements a sub-execution environment, the sub-execution environment being configured to receive an input, and the input triggering at least one event at the sub-execution environment; intercepting the event at the sub-execution environment; and applying a security policy to the intercepted event, the applying of the policy comprises blocking the event, when the event is determined to be a prohibited event. Systems and articles of manufacture, including computer program products, are also provided.

Abstract: The disclosed embodiments include a method for disarming malicious content in a computer system. The method includes accessing input content intended for a recipient of a network, automatically modifying at least a portion of digital values of the input content to render inactive code that is included in the input content intended for malicious purpose, the modified input content being of the same type as the accessed input content, enabling access to the modified input content by the intended recipient, analyzing the input content according to at least one malware detection algorithm configured to detect malicious content, and enabling access to the input content by the intended recipient when no malicious content is detected according to the at least one malware detection algorithm.

Abstract: Assessing ransomware impact includes receiving an indication of a first plurality of files stored on a user device and a classification for each of the first plurality of files, determining a second plurality of files stored in a remote storage, wherein the second plurality of files corresponds to an indication of files stored on the user device at a first prior time, wherein each of the second plurality of files are associated with a second classification, determining a third plurality of files comprising files included in the first plurality of files and not included in the second plurality of files, and calculating a risk assessment based on classifications for each of the third plurality of files.

Abstract: A management device includes: a processor configured to: store, in a storage, request history information indicating a history of an Application Programming Interface (API) request transmitted by an application and an access-number management table representing number of times API access of the application is able to be made in each unit time; calculate, upon reception of the API request, as for an application having transmitted the API request, a stability based on transition of contents of the API request from the application and the request history information; change the number of times API access of the application is able to be made according to the stability; and upon reception of the API request from the application, compare number of times of access of the application and the number of times API access of the application is able to be made, and determine whether acceptance of the API request is made.

Abstract: An endecryptor and a control device are provided. The endecryptor includes a first SBOX configured to replace first input data with first substitution data, a transformation unit configured to replace the first input data with second substitution data and an output terminal configured to output encrypted or decrypted output data based on the first and second substitution data.