Abstract: Disclosed are various embodiments for providing access to a recovery key of a managed device and rotating the recovery key after it has been accessed. In one example, among others, a system includes a computing device and program instructions. The program instructions can cause the computing device to authenticate a user on the computing device in order to unlock an operating system based on a first recovery key. A key rotation command can be received from the management service. The key rotation command can include an instruction to rotate the first recovery key. The computing device can generate a second recovery key and transmit the second recovery key to the management service.

Abstract: An electronic musical instrument, method for a musical sound generation process and a non-transitory computer readable medium that stores an electronic musical instrument program are provided. The program causes a computer provided with a storage part to execute a musical sound generation process using sound data. The program causes the computer to execute: acquiring, from the storage part, first sound data and first user identification information indicating a user who has acquired the first sound data from a distribution server; acquiring second user identification information indicating a user who causes the musical sound generation process to be executed using the first sound data; determining whether or not the first user identification information matches the second user identification information; and inhibiting execution of the musical sound generation process using the first sound data in a case when the first user identification information does not match the second user identification information.

Abstract: The present disclosure provides systems, devices, methods, and computer-readable media for user, device, or server authentication. A device can include processing circuitry to perform operations comprising generating, by a transducer, biometric data of the user in response to detection of the user performing a non-authentication operation with the device, providing the biometric data to an authentication server for user verification, wherein the authentication server is registered with and verified by the device and the device is registered with and verified by the authentication server, permitting the user access to functionality of the device in response to a results communication from the authentication server indicating the user verification passed, and denying the user access to functionality of the device in response to the results communication from the authentication server indicating that the user verification failed.

Abstract: Systems and methods for managing membership in a private data exchange are provided herein. In one embodiment, the method includes generating a plurality of listings in a data exchange, each of the plurality of listings comprising version metadata and referencing a data set within a database. The method further includes receiving a request for access to a first listing of the plurality of listings and, in response to the request, accessing a first version of the data set that is compatible with first version metadata of the first listing.

Abstract: Remote terminals are configured to generate ciphertexts from plaintext polynomials. Each ciphertext corresponds to a plaintext polynomial bound to a message space of a polynomial-based fully homomorphic cryptographic scheme. At least one server is configured to receive ciphertexts via a network from the plurality of remote terminals. The server performs a multiplication operation and an addition operation on the ciphertexts to obtain resultant ciphertexts. The multiplication operation includes performing a bitwise decomposition function on a ciphertext to obtain a bitwise decomposed ciphertext. The bitwise decomposition function maps a multi-bit data type to a sequence of bits. The multiplication operation further includes performing matrix multiplication on the bitwise decomposed ciphertext and a data element belonging to a set of data elements. Message filters, data search engines, and other applications are discussed.

Abstract: The present disclosure provides techniques that may be applied, for example, for providing network policy information in a secure manner. In some cases, a UE may receive a first message for establishing a secure connection with a network, wherein the first message comprises network policy information, generate a first key based in part on the network policy information, and use the first key to verify the network policy information.

Abstract: A method performed by a user device may include obtaining biometric information relating to a user of the user device using a biometric sensor of the user device; determining that the biometric information is valid; generating a biometric indicator indicating that the biometric information is valid; providing a request for a callback from an entity, wherein the request includes the biometric information indicating that the biometric information is valid; and receiving the callback from the entity, wherein the callback is received based on the biometric information indicating that the biometric information is valid, and wherein the callback is associated with an entity identifier that is not provided to the user.

Abstract: According to an embodiment, a node comprises one or more processors and one or more computer-readable non-transitory storage media comprising instructions that, when executed by the one or more processors, cause one or more components of the node to perform operations. The operations comprise determining security validation information that the node associates with a packet, inserting into the packet an identifier associated with the node and the security validation information that the node associates with the packet, and transmitting the packet comprising the identifier associated with the node and the security validation information that the node associates with the packet. The security validation information comprises one or more proof of security attributes and/or one or more proof of security level attributes.

Abstract: A system and method for quantum key distribution includes determining an intrinsic loss along a quantum channel; generating a pulse sequence; transmitting the pulse sequence via the quantum channel; receiving the pulse sequence; determining invalid signal positions and providing the invalid signal positions; determining a first reconciled signal from the first signal and the invalid signal positions, and determining a second reconciled signal from the second signal and the invalid signal positions; determining a total loss along the quantum channel from the at least one test pulse received, determining a signal loss from the total loss and the intrinsic loss, and providing the signal loss; determining a shared by error correcting the first reconciled signal and the second reconciled signal; and determining an amplified key from the shared key by shortening the shared key by a shortening amount that is determined from the signal loss.

Abstract: Systems, methods, and storage media for synchronizing identity information across identity domains in an identity infrastructure are disclosed. Exemplary implementations may: identify at least one of first identity data and first identity metadata in a first identity domain; identify at least one of second identity data and second identity metadata in a second identity domain; receive a request to change the at least one of the first identity data and the first identity metadata for at least one user; and update the at least one of second identity data and second identity metadata for the at least one user based on the request to change the at least one of the first identity data and the first identity metadata for the at least one user.

Abstract: An apparatus and method for intelligent power virus protection in a processor. For example, one embodiment of a processor comprises: first circuitry including an instruction fetch circuit to fetch instructions, each instruction comprising an instruction type and an associated width comprising a number of bits associated with source and/or destination operand values associated with the instruction; detection circuitry to detect one or more instructions of a particular type and/or width; evaluation circuitry to evaluate an impact of power virus protection (PVP) circuitry when executing the one or more instructions based on the detected instruction types and/or widths; and control circuitry, based on the evaluation, to configure the PVP circuitry in accordance with the evaluation performed by the evaluation circuitry.

Abstract: It is provided a method for enabling a user device to verify data integrity. The method is performed in a network node and includes: obtaining measurement data indicating resource usage by the user device; obtaining a session identifier; generating a measurement indicator using a one-way function, based on the measurement data; generating an asymmetric cryptographic signature of the session identifier and the measurement indicator, the asymmetric cryptographic signature being based on a private key of a cryptographic key pair of the network node; and storing, in a distributed ledger database, a set of data comprising the asymmetric cryptographic signature, the session identifier and the measurement indicator.

Abstract: Systems and methods include receiving a machine learning model that is configured to detect anomalies in network devices operating in a multi-layer network, wherein the machine learning model is trained via unsupervised learning that includes training the machine learning model with unlabeled data that describes an operational status of the network devices over time; receiving live data related to a current operational status of the network devices; analyzing the live data with the machine learning model; and detecting an anomaly related to any of the network device based on the analyzing.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for bit generation. An example method includes determining, by decoding circuitry, a set of optical path lengths to use for measurement. The example method further includes receiving, by the decoding circuitry, a set of time-bin qubits. The example method further measuring, by the decoding circuitry and based on the determined set of optical path lengths, the set of time-bin qubits to generate a set of bits.

Abstract: Systems and techniques for a physical access control systems with localization-based intent detection are described herein. In an example, an access control system may regulate access to an asset. The access control system is adapted to establish a first connection with a key-device. The access control system may be further adapted to receive a credential for a user over the first connection. The access control system may be further adapted to establish a second connection with the key-device. The access control system may be further adapted to determine an intent of the user to access the asset. The access control system may use location data derived from the second connection to determine the intent of the user. The access control system may be further adapted to provide the credential to an access controller, based on identifying an intent of the user to access the asset.

Abstract: The present invention improves data transmission safety and data transfer rate, and reduces an increase in costs when doing so. A map management unit 141 manages a map which defines a prescribed rule for dividing pseudorandom number data into two. On the basis of the rule defined by the map, a division unit 142 generates data obtained by dividing the pseudorandom number data into two as vertically irregular mapping input data and horizontally irregular mapping input data. A vertically irregular mapping unit 151 generates data obtained by subjecting the vertically irregular mapping input data to irregular mapping processing as vertical base reference point data. A horizontally irregular mapping unit 152 generates data obtained by subjecting the horizontally irregular mapping input data to irregular mapping processing as horizontal base reference point data.

Abstract: A system that generates a blockchain for a user wherein each block in the chain contains encrypted information associated with the user. The information in each block is encrypted and decrypted by a key that is generated based on a function, a starting point and a length that is shared with participants that have access to the data in each block. The access can be controlled with granularity by the owner of the information without having cumbersome passkey management.

Abstract: Embodiments of the invention include an entity such as TWAN entity, respectively ePDG, capable of serving a User Equipment UE at Trusted, respectively Untrusted, WLAN access to a packet Core Network such as EPC, said entity configured to: —perform DCN selection at said Trusted, respectively Untrusted, WLAN access of said UE to said packet Core Network such as EPC.

Abstract: A method for validation of virtual function pointers includes compiling a source code file with one or more classes whereby each of the classes has a virtual table, and the compiling includes associating a security check function with the virtual function invocation site such that the associated security check function is executed prior to an invocation of the virtual function, generating a class hierarchy hash table (CHHT), whereby when the compiled source code file is executed, the security check function is used to determine whether an invoked virtual function pointer of a virtual function associated with the security check function is valid by looking up an indicator in the CHHT according to a hash result of the virtual function pointer and an address of a virtual table containing the virtual function pointer.

Abstract: A cryptographic communication system includes: a first cryptographic communication apparatus including a first tamper-resistant device configured to store a first key generation function and a first storage unit configured to store first individual information; and a second cryptographic communication apparatus including a second tamper-resistant device configured to store a second key generation function and a second storage unit configured to store second individual information. The first cryptographic communication apparatus generates a twelfth shared key using the first key generation function and the second individual information. The second cryptographic communication apparatus generates a twenty first shared key using the second key generation function and the first individual information.