Abstract: An electronic device will identify an electronic message received by a messaging client that is associated with a first recipient, and it will analyze the electronic message to determine whether the electronic message is a simulated malicious message. Upon determining that electronic message is a simulated malicious message, the device will identify an actuatable element in the electronic message. The actuatable element will include a service address. The device will modify the electronic message by appending a user identifier of the first recipient to the service address of the actuatable element. Then, when the actuatable element is actuated, the system may determine whether the first recipient actuated the actuatable element or an alternate recipient did so based on whether the user identifier of the first recipient is still appended (or is the only user identifier appended) to the actuatable element.

Abstract: A method is disclosed and includes receiving a token request message in response to a user interaction of a first user. The method also comprises obtaining a token in response to receiving the token request message; transmitting the token to a resource provider, where the resource provider stores the token, provides a notification to a user communication device of a second user, receives a response to the notification, and then transmits an authorization request message comprising the token. The method also includes receiving the authorization request message comprising the token, detokenizing the token to a real credential, and transmitting a modified authorization request including the real credential to an authorizing entity computer for authorization.

Abstract: An example method includes accessing a first block of a first blockchain, the first block comprising first block content; generating an intermediate first block, the intermediate first block comprising the first block of the first blockchain; accessing a second block of the first blockchain, the second block comprising a first backward link comprising a hash of the first block of the first blockchain, and second block content; generating a first forward link comprising a hash of the second block of the first blockchain; generating a first prime block, the first prime block comprising the intermediate first block, and the first forward link; and digitally signing the first block using SignedData cryptographic message syntax to generate a first SignedData message, wherein digitally signing comprises binding the first forward link to the first SignedData message via an attribute of the first SignedData message.

Abstract: The disclosed concepts achieve privacy for data operated on by an algorithm in an efficient manner A method includes receiving a first algorithm subset, receiving a second algorithm subset, generating two shares of a first mathematical set based on the first algorithm subset and transmitting the two shares of the first mathematical set from a first entity to a second entity. The method can include generating two shares of a second mathematical set based on the second algorithm subset, transmitting the two shares of the second mathematical set from the second entity to the first entity, receiving first split data subset of a full data set and receiving a second split data subset of the full data set. The system, based on these subsets of data, generates a first output subset and a second output subset which are combined for the final output.

Abstract: A system and associated methods for authenticating physical or digital objects are disclosed. In at least one embodiment, a plurality of authentication devices is initiated, with each of the authentication devices associated with a one of the objects and containing a unique authentication sequence algorithm used to generate a sequence of device sequence values stored on each said authentication device. Upon a user desiring to authenticate a given object via a user application on a user device, the authentication device provides a data set to an authentication server. If the authentication server locates the authentication device in an authentication table, and subsequently processes the data set successfully, the authentication server obtains from the authentication table a server sequence value associated with the authentication device. If the device sequence value is later in the sequence than the server sequence value, the authentication server transmits a success message to the user application.

Abstract: Data is encoded to be incrementally authenticable. A plaintext is used to generate a ciphertext that comprises a plurality of authentication tags. Proper subsets of the authentication tags are usable to authenticate respective portions of plaintexts obtained from the ciphertext. Portions of the plaintext can be obtained and authenticated without decrypting the complete ciphertext.

Abstract: This disclosure relates generally to a method and system for online handwritten signature verification providing a simpler low cost system. The method comprises extracting signature data for the subject from a sensor array for the predefined time window at regular predefined time instants. Further, differentiating the matrix row wise and column wise to generate a row difference matrix and a column difference matrix. Further, determining an idle signature time fraction for the extracted signature data of the subject being monitored from the column difference matrix. Further, determining a plurality of signature parameters based on the row difference matrix and the column difference matrix.

Abstract: A cyber threat intelligence infrastructure allows processing of network data to enrich captured data with data from different sources to identify possible and/or actual cyber threats.

Abstract: A user of a device is authenticated after providing a pass code or other data confirming the user can access data on the device. While the user uses the device, behaviometric data is recorded which includes measures of how the user uses the device. Additional data, however, can only be accessed with a biometric and/or second authentication after collecting at least some behaviometric data, in embodiments of the disclosed technology. Depending on how close of a match the behaviometric data received is to previously recorded behaviometric data for the particular user, a threshold minimum is set for the biometric match in order to grant stepped up authentication and authorization to view the additional data. In this manner, a legitimate user often requires less time to authenticate compared to the prior art and a fraudulent user is rejected from access to sensitive data more accurately.

Abstract: An application-operating organization may delegate a third-party server to serve as an automated contextual authentication responder and an authorization responder. The third-party server may manage a delegated section of the organization's namespace that includes the public identities of various devices controlled by the organization. The third-party server may also dynamically generate interaction control list that is tailored to a requesting device's context based on the interaction control policies set forth by the organization. The interaction control list may include information that determines the authorization of the requesting device to interact with another device. The third-party server may also automatically determine the role of a new device to which existing policies are inapplicable and provide guided workflow for the organization to set up new interaction control policies in governing the new device.

Abstract: Systems and methods for a passive wireless multi-factor authentication approach are provided. According to one embodiment, a user authentication request is received by a first computing device connected to a private network. The user authentication request is sent by an endpoint protection suite running on the first computing device to an authentication device associated with the private network. A proximity of a second computing device, which was previously registered with the authentication device to be used as a factor of a multi-factor authentication process involving the first computing device, is determined by the authentication device in relation to one or more wireless access points of a wireless network of the private network. The user authentication request is then processed by the authentication device based on the proximity.

Abstract: The technology disclosed herein enables micro-segmentation of virtual computing elements. In a particular embodiment, a method provides identifying one or more multi-tier applications comprising a plurality of virtual machines. Each application tier of the one or more multi-tier applications comprises at least one of the plurality of virtual machines. The method further provides maintaining information about the one or more multi-tier applications. The information at least indicates a security group for each virtual machine of the plurality of virtual machines. Additionally, the method provides identifying communication traffic flows between virtual machines of the plurality of virtual machines and identifying one or more removable traffic flows of the communication traffic flows based, at least in part, on the information. The method then provides blocking the one or more removable traffic flows.

Abstract: A request control device, when receiving a request issued from a client to a Web system, causes a sandbox in which an environment of the Web system is reproduced to inspect the request. The request control device transfers the request to the Web system if an inspection result of the request in the sandbox does not indicate detection of an attack. The request control device does not transfer the request to the Web system if the inspection result of the request indicates detection of an attack.

Abstract: Systems and methods for increasing security in a computer system are provided. The system includes one or more logic circuits. The one or more logic circuits receive a plurality of independent first entropy values from a hardware source, apply at least some of the plurality of independent first entropy values to a function to generate a second entropy value, and seed a pseudorandom number generator with the second entropy value. The one or more logic circuits also generate a random number using the pseudorandom number generator seeded with the second entropy value and may produce a block of ciphertext or message authentication code using the random number, or otherwise use the generated numbers as secure random numbers in applications such as cryptographic protocols.

Abstract: Disclosed herein are systems and methods for continuous user authentication during access of a digital service. In an exemplary aspect, a continuous authentication module may receive, at a computing device, initial authentication credentials of the user. The initial authentication credentials enable access to a service via the computing device. While the service is being accessed, the continuous authentication module may continuously monitor whether an unauthorized user has replaced the user in accessing the service by comparing usage attributes of the service with historic usage attributes associated with the user. In response to determining that the unauthorized user has replaced the user, the continuous authentication module may cease the access to the service via the computing device.

Abstract: A dark web monitoring, analysis and alert system comprising a data receiving module configured to receive data collected from the dark web and structured; a Structured Data Database (SDD) connected with the data receiving module, the SDD configured to store the structured data; a Text Search and Analytic Engine (TSAE) connected with the SDD, the TSAE configured to enable advanced search and basic analysis in the structured data; a Knowledge Deduction Service (KDS) connected with the TSAE, the KDS configured to deeply analyze the collected data; the deep analysis comprises extracting insights regarding dark web surfers behavioral patterns and interactions; a Structured Knowledge Database (SKD) connected with the KDS, the SKD configured to store the deep analysis results; and an Alert Service connected with the TSAE and the SKD, the Alert Service configured to provide prioritized alerts based on the deep analysis.

Abstract: A service provider receives a set of credentials from a customer and a request to access one or more services provided by the service provider. An authentication service of the service provider receives the set of credentials and, based at least in part on the received set of credentials, one or more activities performed by the customer, the customer's user profile, and the system configuration of the customer's computing device, calculates a risk score. The authentication service subsequently utilizes the calculated risk score to determine a credential rotation schedule for the set of credentials. The authentication service updates one or more servers to enforce the new credential rotation schedule and enables the customer to utilize the set of credentials to access the one or more services.

Abstract: Techniques for enabling impersonation without requiring an access manager (AM) controlling access to a computing resource to have direct access to user information. The AM receives an impersonation request for a first user to impersonate a second user, the request being received during a first session initiated by the first user. The second user has an access privilege that permits access to the computing resource. The AM causes information to be obtained from an identity provider, the information being stored in a location inaccessible to the AM and indicating whether the first user has been granted permission to impersonate the second user. An impersonation session is initiated based on determining, using the information obtained from the identity provider, that the first user has been granted permission to impersonate the second user. The initiating comprises switching a user associated with the first session from the first user to the second user.

Abstract: A blockchain integrated station initiates a ciphertext request to a server, where the ciphertext request includes first information associated with input data of an off-chain contract. The blockchain integrated station obtains, from the server, an execution result, where the execution result is obtained by the server by executing the off-chain contract using the input data.

Abstract: Distributed firewalls reside at different points across a network. Each distributed firewall can include one or more rules that govern traffic over and/or access to the network. The rules can be discovered, converted into a standardized format, and indexed at a centralized rule database. The rules or data of the rules can be verified. The rules can be certified at the centralized database. The certification process can be based on a direction of traffic to which the rule governs. The certification process may have different levels based on the direction of traffic.