Abstract: A processor distributes, from a server, a trained supervised machine learning (ML) model and supervised and unsupervised feature information to a plurality of client devices; at each client device, trains the supervised ML model using local data to generate a local supervised ML model, constructs a local unsupervised ML model using the unsupervised feature information, and deploys the local supervised and unsupervised ML models; determining when a detection performance difference between the local supervised and unsupervised ML models reaches a threshold; identifies a proposed change to the supervised or unsupervised feature information; deploys the proposed change on one client device; responsive to determining the proposed change improves the detection performance of that client device, communicates the proposed change to a sampled set of client devices; and responsive to determining the proposed change improves the detection performance of a majority of the sampled set, communicates the proposed change to

Abstract: According to an example aspect of the present invention, there is provided method, comprising: generating a first key based on a first input specific to a mobile device, wherein the first input comprises measurement of mutable code of the mobile device and a unique device secret, generating a symmetric second key on the basis of the first key and a second input specific to the mobile device, and generating authentication credentials on the basis of the second key for authenticating the mobile device to a mobile communications network.

Abstract: Evaluating computers, devices, or endpoints on a network, such as a large network of computers in an enterprise environment. Detecting computers, devices, or endpoints that may present a security risk to the network or may be compromised in some way. Generating network traffic that, in some cases, should be ignored or should prompt specific, known responses. Detecting endpoint(s) that respond to such network traffic in an anomalous way, or otherwise attempt to perform certain operations based on such network traffic.

Abstract: One or more computer processors create a binary cluster of events by bootstrapping a set of ground truths contained with a rule engine applied to a set of high-dimensional datapoints, wherein the binary cluster contains two clusters each containing a plurality of high-dimensional datapoints; determine one or more peer groups for a set of unknown high-dimensional datapoints utilizing a trained multiclass classifier, wherein the high-dimensional datapoints are assigned to one or more peer groups by the trained multiclass classifier using an incremental learning algorithm in order to reduce system resources; create an activity distribution for each unknown high-dimensional datapoint associated with a user in the set of unknown high-dimensional datapoints and each peer group; calculate a deviation percentage between the activity distribution of the user and each peer group associated with the user; and responsive to exceeding a deviation threshold, classify the user or associated high-dimensional datapoints as ri

Abstract: Systems and methods for improved security authentication are disclosed. In some embodiments, an improved system for security authentication may include a plurality of computing devices, and a server system communicatively coupled to the plurality of computing devices. The server system may be configured to receive a request for security authentication, determine an authorization providing computing device from among the plurality of computer devices based on authentication preferences stored in a database communicatively coupled to the server system, generate and transmit authentication information to the determined authorization providing computing device, receive, from an initiating computing device an authentication input, determine whether the received authentication input matches the transmitted authentication information, and complete the request for security authentication when the received authentication input matches the generated and transmitted authentication information.

Abstract: In certain embodiments, resource allocation related to records may be facilitated by generating and using modified instances of such records. In some embodiments, a set of records associated with a user may be stored in a memory area, where each such record includes a record identifier. In response to obtaining one or more commands related to a resource transfer from a user device associated with the user, a new set of records associated with the user may be generated such that each record of the new set is (i) a modified instance of a corresponding record of the record set and (ii) includes a record identifier different from the record identifier of the corresponding record. In one use case, the new records and its data may then be utilized to perform operations related to the user commands. In another use case, the new records may replace its older corresponding records.

Abstract: A communication terminal capable of preventing a reduction in security level that is caused at the time of establishing multiple connections via 3GPP Access and Non-3GPP Access. A communication terminal according to the present disclosure includes: a communication unit configured to communicate with gateway devices disposed in a preceding stage of a core network device via an Untrusted Non-3GPP Access; and a key derivation unit configured to derive a second security key used for security processing of a message transmitted using a defined protocol with the gateway device, from a first security key used for security processing of a message transmitted using a defined protocol with the core network device.

Abstract: Security functions for a memory corresponding to a smart security storage may be facilitated or executed through operation of utility application corresponding to a smart device. For example, encryption/decryption of data stored on the memory may be facilitated or executed by a security module under control of an access application corresponding to the smart device. Data securely stored on the memory may be explored and accessed by the smart device or a host computing device under control of the access application.

Abstract: Methods, systems, and computer programs are presented for enabling automated secure data sharing from a private cloud region to a public cloud region and vice versa. A cloud data platform confirms a relationship establishment procedure between a provider and a consumer is recorded with a cloud data platform, the provider being associated with a private cloud deployment and the consumer being associated with a public cloud deployment in a public region. The cloud data platform enables disabling of a firewall policy that is preventing data traffic between the private cloud deployment and the public cloud deployment and enables data sharing between the private cloud deployment and the public cloud deployment. The cloud data platform enables data sharing in a database of the cloud data platform.

Abstract: Disclosed are a security authentication method and an apparatus thereof, and an electronic device.

Abstract: Methods and systems for verifying a resource definition include simulating an original resource definition to identify at least one change that is made to the original resource definition by a management service. A signature of a received resource definition is generated, omitting portions of the received resource definition that correspond to the at least one identified change. The signature of the received resource definition is compared to a signature of the original resource definition to find a match and to verify the received resource definition. The received resource definition is implemented, responsive to finding the match.

Abstract: Handling personally identifiable information (PII) in data streams is provided. Processed sensor data is received, from a plurality of vehicles including sensors capturing raw sensor data, the raw sensor data including captured PII and non-PII. The processed sensor data includes simulated PII created based on the captured PII and one or more layers of the captured PII corresponding to the simulated PII. A request is received from a client device for a portion of the processed sensor data. Access keys corresponding to the request are identified. A result is constructed according to the access keys using the processed sensor data. The constructed result is sent to the client device responsive to the request.

Abstract: A system for multi-factor location-based device verification is configured to receive a first location factor, which may include GPS data, from a client device. The system is also configured to receive one or more additional location factors, such as a second location factor and/or a third location factor, from first and/or second wireless beacons, respectively. The wireless beacons may be located within a predefined area, such as a sports book or another casino area, and the system may determine, based upon the one or more location factors, whether the client device is within the predefined area. As a result, the location of the client device may be verified based upon one or more location factors. In addition, in response to verifying the location of the client device, a new wagering account may be established and/or wagering may be initiated.

Abstract: Techniques and mechanisms described herein facilitate the efficient common storage of partially encrypted content. According to various embodiments, a client device to transmit a designated representation of a media content item via a communications interface may be received. The media content item may be associated with a plurality of representations including the designated representation. The media content item may be associated with first media content data and second media content data. The first media content data may be shared among the plurality of representations. The second media content data may be specific to the designated representation. The first media content data may be combined with the second media content data to create a designated partially encrypted media content portion associated with the designated representation via a processor. The designated partially encrypted media content portion may be transmitted to the client device via the communications interface.

Abstract: A method of tenant user management in cloud database operation can be implemented. The method can receive an original job request from a user for a database service, wherein the original job request can include a login credential of the user. The method can authenticate the login credential of the user by a scheduler, verify the user has privileges for the original job request by the scheduler, create a modified job request from the original job request by the scheduler based on a predefined role corresponding to the privileges of the user, send the modified job request from the scheduler to a database service platform, and allocate an instance of database service to the user in response to the modified job request.

Abstract: A method for determining a key for securing communication between a user apparatus and an application server. An authentication server of a mobile communication network and the user apparatus generate a secret master key during an authentication procedure. The user apparatus sends the authentication server a request for a key to communicate with the application server and receives a random variable. The authentication server and the user apparatus calculate the requested key by using a key derivation function applied to at least the random variable, a user identifier and an application server identifier using the master key.

Abstract: An access control system is provided to prevent the surreptitious granting of access to privacy related functionality on an electronic device. Software-based events to grant access to device functionality can be validated by confirming that the software event corresponds with a hardware input event. This validation prevents the spoofing of a user interface input that may be used to fraudulently grant access to specific functionality.

Abstract: A method may include providing a multi-access interface for network traffic, comprising: receiving information regarding topology of a virtual private network and storing the topology in the form of a routing table. A method may include providing an interface for network traffic, comprising: in a virtual private network comprising a plurality of tunnels delivering only information associated with OSI Level 3, receiving a network communication and performing multicast forwarding among the plurality of tunnels using multicast forwarding from OSI Level 2. A method may include providing an interface for network traffic, comprising, in a virtual private network: establishing a connection between a first node of the virtual private network and a second node serving as a virtual private network broker and fetching, by the first node from the virtual private network broker, information regarding one or more other nodes of the virtual private network.

Abstract: Security functions for a memory corresponding to a smart security storage may be facilitated or executed through operation of utility application corresponding to a smart device. For example, encryption/decryption of data stored on the memory may be facilitated or executed by a security module under control of an access application corresponding to the smart device. Data securely stored on the memory may be explored and accessed by the smart device or a host computing device under control of the access application.

Abstract: An interactive sports apparel that includes a scannable code forming part of the apparel, and a server configured to simultaneously deliver static media content and streaming media content to content placeholders residing on a scanner that scans the code on the apparel. The static and streaming media each have content based on proximity of the scanner to the apparel, and a user profile associated with the scanner.