Abstract: Methods and systems for implementing autonomous vehicle security features. The present invention details an effective and secure methodology to implement the external management and control of autonomous vehicles by authorized personnel, usually law enforcement, through the use of intelligent sensors that can override an autonomous vehicle controller's functionality as necessary.

Abstract: There is disclosed a cloud computing control system for vehicle speed control and also for control of a vehicle in a platoon. The cloud computing control system determines a speed trajectory and neutral coasting command for a first vehicle of the platoon and a vehicle controller determines a reference speed for the first vehicle in response to the speed trajectory and the neutral coasting command, and is response to one or more vehicle specific factors associated with the first vehicle.

Abstract: A system and method for determining presence information for mobile devices are disclosed. Specifically, the presence information for a mobile device can be determined based on whether or not the mobile device is having a unique interaction with a smart tag. If a unique interaction is detected, then the mobile device can be said to be within the presence of the smart tag and the location or presence information for the mobile device can be correlated to location information known for the smart tag.

Abstract: A system for generating an enhanced distributed online registry that utilizes an interoperable framework, and machine learning and natural language processing technologies to automatically provide compatible registry items. A persistent secure connection across distributed systems facilitates automatic synchronization of the generated online registry items across the distributed systems and devices accessing those systems. The online registry application processor utilizes machine learning and natural language technologies to generate an acquisition trending model which may be utilized to generate an enhanced distributed online registry that may determine and provide registry items that are compatible with the customer acquisition. Utilizing a persistent bi-directional connection, the online registry application processor may automatically synchronize the enhanced distributed online registry in real time as registry items are added and purchased.

Abstract: Aspects of software vulnerability prediction are described. In some examples vulnerability data is obtained from a vulnerability database for the software. The total cumulative vulnerability of the software is estimated using the vulnerability data. The total cumulative vulnerability is based at least in part on a time based nonlinear differential equation model. The time based nonlinear differential equation model generates a complete vulnerability life cycle. A graph is generated to display a cyclic increasing behavior of the complete vulnerability life cycle of the software.

Abstract: Password Hidden Characters is a security method which creates characters which are invisible. It is a method comprising steps used to insert time intervals between specific password characters, or to replace characters which have been withdrawn from the password or message, with the objective being to disguise a true password or message meant to be secret, and by so doing to create an invisible code. The invisible code allows messages which are supposed to be secret to remain that way. This protection evolves from the withdrawal of any six characters out of a total of 26 available, and the number of permutations created when this is done.

Abstract: The technology disclosed relates to enforcing multi-part policies on data-deficient transactions of independent data stores. In particular, it relates to combining active analysis of access requests for the independent object stores with inspection of objects in the independent object stores, each of the analysis and inspection generating and persisting object metadata in a supplemental data store, actively processing data-deficient transactions that apply to the objects by accessing the supplemental data store to retrieve object metadata not available in transaction streams of the data-deficient transactions, and actively enforcing the multi-part policies using the retrieved object metadata.

Abstract: A system for protecting user-editable files against unauthorized data alteration or against compromised operating systems or compromised applications. It comprises of untrusted operating environments and a trusted operating environment. One or more untrusted operating environments makes available user-editable files for creation and editing, and are stored in a non-protected partition of storage drive. The trusted operating environment provides an authentication key to access protected partition of storage drive, and stores copies of user-editable files in a protected partition of storage drive. Each new stored copy of a user-editable file in the protected partition corresponds to a new or an updated version of the user-editable file. A set of files and folders can be initially selected in an uncompromised untrusted operating environment. A trusted updater module running inside the trusted operating environment can perform copying to protected partition. Scheduled tasks can also copy user-editable files.

Abstract: The ART-CRYPTO secure architectural system, designed for cyber security is always to keep the digital file/data encrypted, except for the processing period. The system's crypto engine is composed of fast key-changing apparatus (FKCA) array, which is an AES (Advanced Encryption Standard) cipher, which uses a key stream to achieve a file encryption/decryption, wherein the key stream prevents side channel attack and there is no key management. The system's identification and authorization management (IAM) distributed sub-system prevents ID fraud, malware, ransomware, spammer, and DDoS attacks. A data base (DB) with a special file structure (SFS) authorizes that a user accessing encrypted files according to user file attributes and its identification verification, prevents lowing the system's Cryptography level or having a back door design, which increases the possibility of breaching. The secure architectural system also solves the dilemma of privacy and security.

Abstract: Disclosed herein are techniques for authenticating a user via gestures, QR codes, and passphrases generated to incorporate typing habits of the user. A passphrase system generates a one-time use passphrase, which incorporates hallmarks and/or quirks of the user's typing, and presents the generated passphrase as an authentication challenge to authenticate as the user. If metrics collected during the authentication challenge are statistically similar to metrics of the user's typing, the authentication succeeds; otherwise, the authentication fails. A user's gesture habits during input of an authentication drawing may be used as a target for future authentication attempts. A user's input motions (typing and/or gestures) may be converted into a secure QR code; a different host device may use the secure QR code to obtain the target metrics for future authentication attempts of the user.

Abstract: A method for verifying a set of policy instructions to be used by a policy decision point (PDP) in adjudicating access requests to protected resources. The policy instructions are in the form of Horn clauses or conditional tag-expressions that are validated against a known test policy or desired outcome. The policy instructions are then compiled into aggregate form. When a plurality of policy instructions creates a conflict, the policy instructions are hierarchically organized to resolve said conflict.

Abstract: Method and application for communicating sensitive information, incident reporting, and for acceleration of urgent situation responses and supervision allowing for school administrators, teachers, professors, users, submitters, or receivers, to instantly report credible threats, or dangerous situations. In at least one current embodiment, a Smart Button is a digital situation button for use by any submitter to instantly report their GPS map location, name, title, contact information, picture and/or workplace. Submitters can receive and/or send 1-way or at least 2-way communications. At least one embodiment of the invention relates to a method for sending, receiving, reporting or responding to mood related, time-sensitive, live situation, or secretive messages, through a one-step anonymous, or with a specific degree of anonymity, or non-anonymous submit and targeted authorized receipt process, generating, assigning, and utilizing unique identifiers with a corresponding administrative report generating process.

Abstract: In accordance with embodiments within, a securable independent electronic document apparatus is taught. With an authenticable and tamper detectable electronic container, elements and sections supporting platform, vendor and authentication independence, data sections and elements supporting, if user desired, digital signatures, data automation and nested embedding, graphical image data, and/or other types of data elements and sections supporting perceptual integrity and authenticity verification, and/or other free formatted data elements and sections supporting a plurality of types of data processing operations, and, if user desired, imaging representation comprised within a container using a securable and independent system. The securable independent electronic document apparatus presents solutions for the personal unique and interwoven creation and enhancement of user and document security and confidence in electronic data information's digital distribution, commerce, trade, publishing and/or exchange.

Abstract: The present invention relates generally to a system and method of querying an anonymized database. More particularly, the invention provides a method and system for querying an anonymized database without the need to decrypt queried data while it's processed. Even more specifically, the invention provides a method and system of anonymizing a database such that it may be queried efficiently in near real time while still retaining the ability to not decrypt requested data while it's being processed.

Abstract: A method and system comprise leasing of proprietary digitized items, or items containing digital processing components, where usage of items is enabled through digital processing means. Fungible blockchain currency amounts determine the degree of usage of items, where a finite amount of blockchain currency is available to lessors. Lessors may adjust their level of capitalization, allowing usage of items by lessees, by acquiring or disposing of blockchain currency in order to adjust to varying market demand for said items. In the case where blockchain currency represents cryptocurrency-based securities, owners of items or investors may profit by buying, selling and/or distributing said securities during varying market conditions.

Abstract: A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed.

Abstract: A system for controlling file access on a mobile computing device. Policy conditions are held at a policy decision point (PDP) and can be dynamically modified at run-time. Access requests to a file or set of files are intercepted by an agent that subsequently brokers the adjudication of said request via a secure, encrypted and hidden back-channel where the requestor is never allowed access to or knowledge of either the adjudication process or the parameters associated with adjudication. The PDP then returns either an access approval or denial based on said policy conditions.

Abstract: A method and system is provided for identifying patters in datasets by identifying delimited regions of feature-space in which patterns occur. The delimited regions are then combined into an ensemble able to make predictions based on the identified regions of feature-space. The method may be used for classification, for regression, for auto-encoding, for simulation, and for other applications of pattern detection.

Abstract: The embodiments present a new class of content masking attacks against the Portable Document Format (PDF) standard. The attacks cause documents to appear different than the underlying content extracted from the documents by information-based services. The first attack allows academic paper writers and reviewers to collude via subverting the automatic reviewer assignment systems in current use by academic conferences. The second attack renders plagiarism detection software ineffective, targeting specific small plagiarism similarity scores to appear natural and evade detection. The final attack places masked content into the indexes for various search engines, which renders as information entirely different from the keywords used to locate it. The final attack enables spam, profane, or possibly illegal content to go unnoticed by these search engines but still be returned in search results.

Abstract: A proxy server mitigates security risks of user credentials sent across a network in clear text. The proxy server encrypts user credentials within a client application request destined for an application server. The proxy server forwards the client application request to the application server. The application server sends the encrypted user credentials to the proxy server where the proxy server decrypts the user credentials and authenticates the user credentials with an authentication server.