Abstract: In some embodiments, increasing network security related to accessing network services may be facilitated. In some embodiments, a request to generate a composite hash with composite hash parameters may be received, where the composite hash parameters comprise (i) user information associated with a first user and (ii) a key. Based on the one or more composite hash parameters, a composite hash may be generated. The composite hash may be transmitted to a local auxiliary device, causing storage of the composite hash at the local auxiliary device. A graphical representation of the composite hash may be generated, and the graphical representation may be transmitted to a user device, where the graphical representation enables access to one or more network resources related to the user information associated with the first user.

Abstract: A negotiation evaluation system determines that a target computing system is experiencing a computing system attack. The negotiation evaluation system determines a set of attack characteristics associated with the computing system attack. Based on the set of attack characteristics, a negotiation estimation model generates response value data describing potential responses to the attack. Based on the response value data, a negotiation communication model generates reply text data describing a reply to the computing system attack. The negotiation evaluation system provides the reply text data to a malicious computing system that is associated with the computing system attack.

Abstract: Techniques for identity domain snapshotting and snapshot consumption using versioning are disclosed. A snapshot of an updated identity domain is received and applied to an identity domain to change the active version of the identity domain from a prior current version to the updated version. The snapshot is consumed by loading data objects in a hierarchical manner into an updated identity domain. While data objects belonging to the snapshot are loaded during consumption of the snapshot, client traffic continues to be served by the prior, non-updated version of the identity domain. Once consumption of the snapshot is completed successfully, the updated version of the identity domain becomes the active version. The prior version is then recorded in a cleanup table denoting that cleanup operations shall be performed for entities related to the data objects and associated with the prior version.

Abstract: A collaborative content management system identifies an application installed on one or more client devices that is susceptible to an attack by using the API calls of the application. The collaborative content management system obtains API calls made by the application and derives API call features. The collaborative content management system inputs the API call features into a machine learning model and receives, as output from the model, a determination of whether the set of API calls represents a C2 attack. In some embodiments, the collaborative content management system, responsive to determining that the set of API calls represents a C2 attack, may take a security action.

Abstract: The present disclosure relates to secure deployment of model weights from a generative artificial intelligence (GenAI) platform to a cloud service. The method includes accessing the model metadata and a set of weights of a GenAI model associated with a GenAI platform. These model weights may be encrypted using a first encryption key that may be provided in the model metadata. These encrypted model weights may be decrypted based on the model metadata by utilizing the first encryption key from the model metadata. Each key may be associated with the specific type of GenAI model. Before storing the model weights from the GenAI platform cloud tenancy to a cloud storage in GenAI home region, the model weights may be encrypted again by utilizing a second encryption key. This encryption by the cloud may enable independent control over the sensitive information during transit and storing.

Abstract: Non-cryptographic hashing using carry-less multiplication and associated methods, software, and apparatus. Under one aspect, the disclosed hash solution expands on CRC technology that updates a polynomial expansion and final reduction, to use initialization (init), update and finalize stages with extended seed values. The hash solutions operate on input data partitioned into multiple blocks comprising sequences of byte data, such as ASCII characters. During multiple rounds of an update stage, operations are performed on sub-blocks of a given block in parallel including carry-less multiplication and shuffle operations. During a finalize stage, multiple SHA or carry-less multiplication operations are performed on data output following a final round of the update stage.

Abstract: The present disclosure provides an IoT system and a method for managing smart gas-integrated data center.

Abstract: Aspects of the disclosure relate to computing platforms that utilize improved machine learning techniques for dynamic device quality evaluation. A computing platform may receive driving data from a mobile device. Using the driving data, the computing platform may compute a plurality of driving metrics, which may include: a geopoint expectation rate score, a trips per day rank score, a consecutive geopoint time difference score, a global positioning system (GPS) accuracy rating score, and a distance between consecutive trips score. By applying a machine learning model to the plurality of driving metrics, the computing platform may compute a device evaluation score, indicating a quality of the driving data received from the mobile device. Based on the device evaluation score, the computing platform may set flags, which may be accessible by a driver score generation platform, causing the driver score generation platform to perform an action with regard to the mobile device.

Abstract: A method, network device, system, and non-transitory computer-readable storage medium are described in relation to an dynamic user application control service that includes receiving from an application device, a request for access controls associated with a user application and an end device; generating, per the request, policies pertaining to the access controls, wherein the policies include time-based rules, location-based rules, or application type-based rules; obtaining a current location of the end device; comparing, by the network device, a current time with the time-based rules, the current location with the location-based rules, or an application type for the user application with the application-type rules; generating, per the comparing, a policy decision among the policies pertaining to the access controls; and applying, per the policy decision, the time-based rules, the location-based rules, and the application type-based rules for establishment of an application session with the end device.

Abstract: A media item to be provided to users of a platform is identified. The media item is associated with a media class of one or more media classes. An indication of the media item is provided as input to a machine learning model trained based on historical encoding data to predict, for a given media item, a set of encoder parameter settings that satisfy a performance criterion in view of a respective media class of the given media item. The historical encoding data includes a prior set of encoder parameter settings that satisfied the performance criterion with respect to a prior media item associated with the respective class. Encoder parameter settings that satisfy the performance criterion in view of the media class is determined based on an output of the model. The media item is caused to be encoded using the determined encoder parameter settings.

Abstract: A network of storage devices for encrypting and storing data is provided. A first storage device of the network comprises: a mechanism or system for authenticating a user via user interaction directly with the first storage device, a mechanism for connecting over a local connection with one or more user devices, and computer-readable memory for storing electronic data on the first storage device.

Abstract: According to aspects of this disclosure, information handling systems may be used to manage and control access to confidential or sensitive information, such as employer-owned information that may be accessed by a user via one or more devices of the user. Embodiments of this disclosure may be used to implement a content-based information protection scheme that provides secure access control to information managed by an information handling system using sensor-based inferences of a user's environment and behavior within the environment. For example, the user may request remote access to a document including sensitive information via a user interface of a first device operated by the user within an environment (e.g., an airport, coffee shop, or other public place).

Abstract: A mapping system and method may be provided for facilitating setup of an application data flow between an edge application server which may be instantiated on one or more edge nodes of a mobile network and a remote server outside of the mobile network. The system and method may obtain a client identifier identifying a client device configured to utilize an edge application service of the edge application server, obtain an external endpoint identifier of an external endpoint of the edge application server, wherein the external endpoint allows the edge application server to be reached by data communication from outside of the mobile network, generate mapping data associating the client identifier with the external endpoint identifier, using the mapping data, provide a communication interface to enable a network entity which is configured to setup the application data flow between the edge application server and the remote server to obtain the external endpoint identifier on the basis of the client identifier.

Abstract: A method includes receiving a request from a data requester device by a server system to retrieve sensitive data associated with a customer. Decryption of the sensitive data can require a composite decryption key specific for the encrypted sensitive data. The method can include retrieving the encrypted sensitive data, a login session identifier associated with the encrypted sensitive data, at least one attribute associated with the data requester, and a decryption algorithm. The login session identifier, the at least one attribute associated with the data requester, and the decryption algorithm are required for generating the composite decryption key for decrypting the encrypted sensitive data. The method includes generating the composite decryption key and decrypting the encrypted sensitive data by the server system based on the composite decryption key. The method can include providing the decrypted sensitive data to the data requester device to be revealed.

Abstract: Systems and methods for backing up a cloud-based network include a first instance of a computing resource running in a first region. A first backup service is running in the first region and configured to take a first backup of the first instance. The backup service uses a key management service of the first region to encrypt the first backup with a first cryptographic key to generate a first encrypted backup. The first encrypted backup is stored in a first backup vault of the first region. A second backup service runs in a second region and receives a copy of the first backup. A second key management service of the second region encrypts the copy of the first backup using a second cryptographic key to generate a second encrypted backup. The second encrypted backup is stored in a second backup vault of the second region.

Abstract: A method of training a module in an AI system and a method of preventing capture of an AI module in the AI system is disclosed. The AI system includes at least an AI module executing a model, a dataset, and the module adapted to be trained. The method includes receiving input data in the module adapted to be trained, labelling data as good data and bad data in the module adapted to be trained, classifying binarily the labelled good data and the labelled bad data in the module adapted to be trained, inputting the binarily classified data into the AI module, and recording internal behavior of the AI module in response to the binarily classified data on the module adapted to be trained.

Abstract: A method for performing an inference includes: detecting a context among at least one context associated with at least one application; triggering a model execution command to a smart agent of an electronic device, based on the detected context; loading a machine learning (ML) model into a secure storage of the electronic device, based on the detected context and the triggered model execution command; generating, using the loaded ML model, an inference, based on data associated with the detected context; and sharing the generated inference with each application of the at least one application that is registered for the detected context.

Abstract: Embodiments of the present disclosure provide a network configuration sending method and apparatus, a storage medium, and an electronic device. The method includes: determining N rule-action pairs corresponding to Quality of Service (QoS) configuration information of each layer in Hierarchical Quality of Service (HQoS) configuration, wherein the N rule-action pairs are used for representing network configuration rules and network configuration actions corresponding to the QoS configuration information, and N is a natural number greater than or equal to 1; and sending, to a forwarding plane of a Broadband Remote Access System (BRAS), target QoS configuration information mapped with the N rule-action pairs, wherein the forwarding plane is used for configuring the target QoS configuration information into a target device to configure a network of the target device.

Abstract: The technology disclosed herein relates to methods, computer storage media, systems, etc., for generating a network service indicator icon for a communication service application. For example, the communication service application can provide one or more of a voice over internet protocol call, video call, three-dimensional video calling service, messaging communication service, another type of communication service, or one or more combinations thereof, to a user device. In embodiments, a first set of data performance information for the communication service application can be received from one or more servers providing the communication service application. A data performance metric can be determined for the communication service application based on receiving the first set of data performance information. A network service indicator icon for the communication service application can be generated based on the data performance metric determined.

Abstract: Present disclosure provides a method and a system for privacy-preserving communication on wireless edge devices. The proposed method includes creating and maintaining user data (user activities) on the wireless edge devices. Further, the method includes running on-device mechanism on the user data to derive the daily routine of a user, and assigning a score to multiple activities (walking, running, climbing the stairs, descending the stairs etc.) in the daily routine. Further, the method includes creating and maintaining a profile of the user based on these activities. Further, the user profile is used by the system as a basis for targeted and contextual communication with the user in a manner that preserves user personally identifiable and sensitive information on the wireless edge device.