Abstract: This disclosure discloses a data judging method applied in a distributed storage system and the distributed storage system. The distributed storage system includes a plurality of processing units and a plurality of storage units corresponding to each processing unit. The data judging method prescribes that a processing unit corresponding to a storage unit that stores preset data is a first processing unit, the storage unit that stores the preset data corresponding to the first processing unit is a first storage unit, other storage units corresponding to the first processing unit except for the first storage unit are second storage units. The data judging method provided by this disclosure may judge whether the preset data needs to be encrypted. Thus, privacy protection may be performed to preset data that needs to be encrypted, without performing encryption protection to all data, thereby being capable of utilizing data reasonably.

Abstract: A user terminal generates a first key pair and a second key pair, transmits a permission request including a public encryption key of the second key pair after electronically signing the permission request with a secret encryption key, and acquires, from permission information transmitted from a right-holder terminal, a content decryption key by using a secret decryption key of the second key pair and uses the content. The right-holder terminal stores a third key pair and the content decryption key, verifies the permission request received, and encrypts the content decryption key by using the public encryption key of the second key pair included in the permission request and transmits the permission information including the encrypted content decryption key after electronically signing the permission information with a secret encryption key of the third key pair. The permission request and the permission information are transmitted and received via a blockchain.

Abstract: A single architected instruction to perform multiple functions is executed. The executing includes performing a first function of the multiple functions and a second function of the multiple functions. The first function includes moving a block of data from one location to another location, and the second function includes setting one portion of a storage key using one selected key and another portion of the storage key using another selected key. The storage key is associated with the block of data and controls access to the block of data. The first function and the second function are performed as part of the single architected instruction.

Abstract: A method for detecting anomalous streaming network traffic data in real time includes: creating an anomaly detection model including a singular value matrix and a data pattern matrix from a matrix of historical network traffic data; storing the singular value matrix and the data pattern matrix of the anomaly detection model; receiving streaming network traffic data; performing a log transform on the streaming network traffic data; applying the anomaly detection model to a matrix of the streaming network traffic data in real time as the streaming network traffic data is received; detecting anomalous patterns in the streaming network traffic data based on patterns identified by the anomaly detection model; and associating the anomalous patterns in the streaming network traffic data with IP addresses.

Abstract: Systems and methods are disclosed for managing the resetting of online identities or accounts of users of Internet web pages. One method includes: receiving, through an electronic device, a request to reset login information to access a web page associated with the user's online account; determining that an IP address associated with the request is not identified as being suspicious; receiving user data intrinsic to the user's request; automatically verifying two or more values of the data intrinsic to the user's request as being indicative of a level of trust of the identity of the user; and transmitting, to the user over the Internet, a subset of options to reset the login information, the subset being selected based on the level of trust.

Abstract: A key updating method includes receiving, by a terminal, a key updating notification sent by an operation server, generating, by the terminal, a new private key and a new public key using a trusted execution environment (TEE) system of the terminal, storing the new private key in the TEE system, performing signature processing on the new public key using an upper-level private key of the new private key to obtain to-be-verified signature information, and sending, by the terminal to the operation server, a storage request carrying a device identifier of the terminal, the new public key, and the to-be-verified signature information.

Abstract: A network security method is provided. The method includes obtaining, at a network security device, first network traffic from a network device destined for a potential attacker; determining if the first network traffic is suspicious; when the first network traffic is determined to be suspicious: generating second network traffic based on the context of the network device and the first network traffic; providing the second network traffic to the potential attacker; obtaining, from the potential attacker, third network traffic in response to the second network traffic; and designating the potential attacker as malicious based on the third network traffic is disclosed. An apparatus and one or more non-transitory computer readable storage media are also disclosed.

Abstract: Methods, systems, and computer readable media for utilizing predetermined encryption keys in a test simulation environment are disclosed. In one embodiment, a method includes generating, prior to an initiation of an Internet protocol security (IPsec) test session, a private key and a public key at a traffic emulation device and storing the private key and the public key in a local storage associated with the traffic emulation device. The method further includes retrieving, from the local storage, the private key and the public key upon the initiation of the IPsec test session between the traffic emulation device and a device under test (DUT) and generating a shared secret key utilizing the retrieved private key and a DUT public key received from the DUT.

Abstract: A distributed security system and method are disclosed that enable access to known threat events from threat intelligence feeds when the system includes public cloud components. A cloud-based security policy system stores observable events for security incidents detected by and sent from user devices within an enterprise network. The observable events include observable indicators for characterizing the observable events. The threat events within the feeds include threat indicators for characterizing the threat events. An on-premises connector within the enterprise network downloads the observable indicators from the security policy system and the threat indicators from the feeds. In response to determining that any observable indicators match any threat indicators, the on-premises connector provides access to the threat events and/or the observable events having the matching indicators.

Abstract: Provided are a multi-pattern policy detection system and method, wherein, in an environment that operates a plurality of policies for determining matching or non-matching by a string or a normalized format, the plurality of policies are expressed by a data structure that is searchable at a time, and are optimized to improve search performance.

Abstract: A method for generating a deserialization vulnerability report of a Java project, includes: determining, by a computing device, if interior knowledge of the Java project is available, and when the interior knowledge of the Java project isn't available, performing a black box analysis to generate the deserialization vulnerability report; and when the interior knowledge of the Java project is available, determining by the computing device if source code of the Java project is accessible, when the source code of the Java project is accessible, performing a white box analysis to generate the deserialization vulnerability report, and when the source code of the Java project isn't accessible, performing a gray box analysis to generate the deserialization vulnerability report.

Abstract: An assessment component that facilitates assessment and enforcement of policies within a computer environment can comprise a compliance component that determines whether a policy, that defines one or more requirements associated with usage of one or more enterprise components of an enterprise computing system, is in compliance with a plurality of standardized policies that govern operation of the one or more enterprise components of the enterprise computing system. The assessment component can also comprise a policy optimization component that determines one or more changes to the policy that achieve the compliance with the plurality of standardized polices based on a determination that the policy complies with a first standardized policy of the plurality of standardized policies and fails to comply with a second standardized policy of the plurality of standardized policies.

Abstract: In one embodiment, a security device in a computer network detects potential domain generation algorithm (DGA) searching activity using a domain name service (DNS) model to detect abnormally high DNS requests made by a host attempting to locate a command and control (C&C) server in the computer network. The server device also detects potential DGA communications activity based on applying a hostname-based classifier for DGA domains associated with any server internet protocol (IP) address in a data stream from the host. The security device may then correlate the potential DGA searching activity with the potential DGA communications activity, and identifies DGA performing malware based on the correlating, accordingly.

Abstract: Embodiments of this invention relate to methods and apparatus for establishing additional simultaneous packet data network (PDN) connections between a User Equipment (UE) and an evolved packet core network (EPC) over an untrusted WiFi network. The UE is attached to the EPC through a security gateway over a first PDN connection over which the UE is authenticated and has established an Internet Key Exchange Security Association (IKE SA) and a first Internet Protocol Security SA (IPSec SA). The UE then establishes an additional PDN connection using a new IKE request/response exchange or an enhanced IKE CREATE_CHILD_SA exchange that is cryptographically protected using algorithms and keys negotiated during the first PDN connection, hence improving delay and battery life of the UE as the UE no longer needs, for each additional PDN connection, to negotiate an individual IKE SA and to authenticate the UE.

Abstract: A content storage system is provided. The content storage system may include a portable content repository device comprising a processor, a storage module, and a communication module. The storage module may store content (e.g., audio, video, images, or documents) from and transmit the content to various computing devices. The communication module may include a first wireless chip configured to communicate over an 802.11 wireless channel, and a second wireless chip configured to communicate over a Bluetooth channel. A computing device may communicate with the content repository device over the Bluetooth channel and/or the 802.11 wireless channel. The computing device transmits content to the content repository device for storage in response to generating the content. The content may include an access control that can be triggered by the content repository device to at least one of lock or delete the content from the computing device.

Abstract: A computing resource service provider grants a first set of security permissions to a principal (e.g., a user) which may be used to access a plurality of computing resources. The permissions may be associated with a first security token. The principal may access resources using the first set of security permissions, and a system (e.g., a service provider) may identify a subset of security permissions that are sufficient to provide access to the computing resources accessed by the principal using the first set of permissions. The subset may be associated with the principal. In some cases, the principal operating under the subset of permissions may be denied access to a computing resource and may be granted access to the computing resource by operating under the first set of permissions.

Abstract: A method for execution by one or more processing modules of one or more computing devices of a dispersed storage network (DSN), the method begins by identifying, for data stored within a DSN memory, one or more encryption keys used to encrypt data stored within the DSN memory. The method continues by identifying, for data stored within a portion of the DSN memory requiring sanitization, a master key of the one or more encryption keys that encrypts all of the data stored within the portion to be sanitized. The method continues by determining, if the master key is not used to encrypt data stored outside of the portion to be sanitized. The method continues, if the master key is not used to encrypt data stored outside of the portion to be sanitized, by sanitizing the data stored within a portion of the DSN memory by erasing the master key.

Abstract: A system that incorporates the subject disclosure may perform, for example, operations including obtaining a request from a mobile device to allow user access to restricted content of a separate device. The process further includes forwarding a token to the separate device by way of a second wireless network, to obtain a separate device token, and forwarding the token to the first device by way of the first network to obtain a mobile device token, wherein the mobile device token is forwarded to the separate device by way of a third network. A confirmation that the token was obtained at the separate device is based on the result of the comparison indicating a match between the mobile device token and the separate device token. Access to the restricted content of the separate device is authorized based on to the confirmation. Other embodiments are disclosed.

Abstract: One embodiment provides a method, including: utilizing at least one processor to execute computer code that performs the steps of: receiving, on an electronic device, a request to execute a system process; determining, using a processor, if the electronic device contains enterprise information; thereafter, identifying, based on the request, that the system process is associated with enterprise information; and granting, to a software platform, restricted access to the enterprise data using a hypervisor. Other aspects are described and claimed.

Abstract: Disclosed is a system and method for the monitoring and authorization of an optimization device in a network. In exemplary embodiments, an optimization device transmits an authorization request message to a portal to receive authorization to operate. The portal transmits an authorization response message to the optimization device with capability parameters for operation of the device, including at least one expiration parameter for the authorization. The optimization device sends updated authorization request messages to the portal with its device usage information, such that the portal can dynamically monitor the optimization device and continue to authorize its operation.