Abstract: The present invention relates to the field of data identification, and in particular to two-dimensional code technology. Provided in the present invention is a two-dimensional code-based file acquisition method, comprising: step 1, parsing a two-dimensional code to acquire two-dimensional code encoded data, wherein the encoded data comprises a first unique value, encrypted data, and signature data; step 2, verifying the signature data; step 3, decrypting the encrypted data to acquire a file address and an. nth data segment In; step 4, acquiring an. encrypted file according to the nth data segment In and the file address; step 5, verifying the encrypted file according to the first unique value to acquire a decrypted file. The present invention solves the technical problems of easy tampering and poor security when data is stored and acquired on the basis of a two-dimensional code, and implements secure and reliable information protection.

Abstract: The present disclosure relate to a method performed by a UE (102) for handling an invalid SI signature in a communication system. The UE obtains SI and an associated SI signature for a cell. The UE (102) determines if the obtained SI signature is valid or invalid. If the signature is valid, the UE (102) determines to use the cell. If the SI signature is invalid, the UE (102) determines if the UE (102) is configured to bar cells or not. If the SI signature is invalid and if the UE (102) is not configured to bar cells with invalid SI signature, the UE (102) determines to use the cell. If the SI signature is invalid and the UE (102) is configured to bar cells with invalid SI signature, the UE (102) determines to bar the cell and select another cell to use.

Abstract: An authorization device obtains a registration request associated with an end device, the registration request including a new randomized media access control (MAC) address associated with the end device; determines whether the end device is authorized to use the new randomized MAC address; transmits a message to the end device with a first randomly generated number when it is determined that the end device is authorized to use the new randomized MAC address; obtains integrity information associated with the end device, the first integrity information being computed based on the first randomly generated number; transmits a request to a validation system to validate the end device based on the first integrity information; obtains an indication that the end device is validated; determines policies associated with the end device when it is determined that the end device is validated; and applies the policies to the end device.

Abstract: Systems and methods are disclosed for detecting certain online activities associated with a digital identity. A Digital Identity Network may be monitored for potentially fraudulent activities (such as new account openings and certain transactions) related to an enrolled User identification (User ID) without requiring personally identifying information (PII). Corresponding alerts may be generated and sent to inform the associated user of such suspicious activity so that fraudulent account access or transactions may be prevented.

Abstract: A system is provided for fraud prevention upscaling with a fraudster voice print watchlist. The system includes a processor and a computer readable medium operably coupled thereto, to perform fraud prevention operations which include receiving a first voice print of a user during a voice authentication request, accessing the fraudster voice print watchlist comprising voice print representatives for a plurality of voice print clusters each having one or more of a plurality of voice prints identified as fraudulent for a voice biometric system, determining that one or more of the voice print representatives in the fraudster voice print watchlist meets or exceeds a first biometric threshold for risk detection of the first voice print during the fraud prevention operations, and determining whether the first voice print matches a first one of the plurality of voice print clusters.

Abstract: A method is provided that includes obtaining an access request for a device to access a visited access network, the access request including an authentication identifier for the device including an identity for the device and a realm comprising a network identifying portion; determining a re-write rule for the realm by querying a database based on an identity type of the device and the network identifying portion of the realm, the database including a plurality of re-write rules for a plurality of networks and a plurality of identity types; re-writing the realm based on the re-write rule using the identity for the device to generate a re-written realm; obtaining, based on the re-written realm, an address for an authentication server of an identity provider associated with the device; and performing an authentication with the authentication server using the authentication identifier to authenticate the device for the visited access network.

Abstract: Aspects of the disclosure relate to computing hardware and software for uniform security access. A computing platform may receive, from a 5G device, a request to access a collaborative experience service. The computing platform may identify whether the 5G device is authenticated. Based on identifying that the 5G device is authenticated, the computing platform may grant the 5G device access to an API that may be used to access the collaborative experience service. The computing platform may identify that attributes of the 5G device comply with a stored security policy, and grant access to the collaborative experience service in response. The computing platform may receive user interaction information from the 5G device, and may input the user interaction information into an anomaly detection model. Based on identifying that the interactions do not comprise an anomaly for the user, the computing platform may maintain the access to the collaborative experience service.

Abstract: This disclosure relates to remote control of dialysis machines. In certain aspects, a method includes receiving a request for a network connection from a dialysis machine and establishing the network connection with the dialysis machine. The method also includes receiving, from a client device, a request to access the dialysis machine, authorizing the client device to access the dialysis machine, receiving, from the dialysis machine, information pertaining to an operation of the dialysis machine, and providing, to the client device, the received information.

Abstract: A use right information processing apparatus securely manages a use right without using an authentication server and appropriately allowing a valid user to use a device. The apparatus performs processing related to authentication and authorization for a user to use a device to be controlled using a smart contract. The apparatus stores authentication data shared with a user terminal used by the user and having a different value for each process, receives signature data generated in the user terminal by signing the authentication data using a secret key corresponding to the user, derives a public key corresponding to the secret key from the signature data and the authentication data using an elliptic curve digital signature algorithm, and obtains, using the public key or corresponding identification information, information regarding a use right of the device of the user recorded in advance in association with the public key or the identification information.

Abstract: An estimation device (10) receives a device ID for identifying a device in a network and an observation event that has occurred in the device from a user terminal (20) as an input. The estimation device (10) acquires attribute information of the device corresponding to the received device ID from a device information storage unit (13c), estimates a risk that the device in the network is subject to an attack on the basis of the acquired attribute information and the received observation event, and outputs the estimated attack risk to the user terminal (20).

Abstract: System comprises an application server for hosting a mobile application service; a mobile device having a mobile application for the mobile application service installed thereon; and a third party server. Application server is configured to: receive a log-in request for the mobile application service from the mobile device, where the log-in request includes device identifying information for the mobile device; transmit, to the third party server, a request for a status setting for the mobile application, wherein the request comprises the device identifying information for the mobile device, where the status setting comprises a plurality of bits, and where the third party server retrieves the status setting from a database based on the device identifying information for the mobile device; receive from the third party server, the status setting for the mobile application; and determine a risk rating for the log-in request based in part on the status setting for the mobile application.

Abstract: The disclosure describes systems and techniques for assessing risk of an open Wi-Fi network, at a consumer's request, before the consumer performs a transaction. The system receives a Wi-Fi network risk assessment request associated with a Wi-Fi network connection of a mobile device. Upon receiving the request, the system retrieves connection-related data from the mobile device. The connection-related data is associated with the Wi-Fi network connection. The system performs a Wi-Fi risk assessment of the Wi-Fi network connection. The system transmits a result of the risk assessment to the mobile device for presentation on the mobile device. The system also transmits the result of the risk assessment to an issuer server. The issuer server is associated with a payment account of the consumer. Moreover, the system transmits a step-up authentication alert to the issuer server.

Abstract: A method for propagating data packets in a network of nodes is disclosed. The method comprises: collecting a set of first data packets during a first time period, the set including at least one first data packet received from one or more first nodes in the network; determining an available bandwidth in the network node's links to a plurality of neighbouring nodes connected to the network node; determining a mapping that assigns each of the first data packets for relay to one or more neighbouring nodes, the mapping indicating an expected time of relay of each of the first data packets, and transmitting the first data packets of the set to the plurality of neighbouring nodes according to the determined mapping.

Abstract: A vehicle-to-X communication apparatus including: a reception device to receive a vehicle-to-X message; a first electronic computation device to calculate a hash value for a received vehicle-to-X message; and a second electronic computation device to generate a new vehicle-to-X message using data included in the received vehicle-to-X message and to calculate a hash value for the generated vehicle-to-X message. The first electronic computation device is designed in accordance with a higher safety integrity level than the second electronic computation device, and a comparison device to make a comparison between the hash value for the received vehicle-to-X message and the hash value for the generated vehicle-to-X message. The vehicle-to-X communication apparatus further processes the data from the received vehicle-to-X message depending on a result of the comparison. Also disclosed are a corresponding method and the use of the apparatus in a vehicle or an infrastructure device.

Abstract: A wearable article includes: an annular casing that surrounds a space into which a body of a user is to be inserted; a light-emitting element that is provided in the casing, the light-emitting element emitting light towards the space; an imaging element that is provided in the casing, the imaging element capturing and obtaining an image of the space when the light-emitting element emits light; and an authentication circuit that authenticates the user based on a vein pattern obtained in advance and the image.

Abstract: A method for rapid deployment by a service provider of a data lake in association with a cloud computing service. In response to a request to provision the data lake, a new cloud account is created. Within the new cloud account, a service provider access role and associated permissions are created. The new cloud account is then associated, by cross-trust, with an account in the cloud computing service that is one of: a service provider deployment account, and a customer account. A private data cloud is then associated with the service provider deployment account or the customer account, as the case may be. The private data cloud is uniquely associated with the new cloud account and the data lake. A firewall service enabling secure access between the data lake and an external enterprise network is provisioned. The data lake is then provisioned in the private data cloud to complete the rapid deployment.

Abstract: The disclosure provides a method for recording a data block on a blockchain, a leader accounting node, and a storage medium. The method includes: generating a target data block; determining whether the plurality of branch blockchains include a branch blockchain having at least one data block waiting to be added onto the blockchain and for which no consensus has been reached; based on a determination that first branch blockchains have no data block waiting to be added onto the blockchain and for which no consensus has been reached, selecting, from the first branch blockchains, a branch blockchain for recording the target data block; recording a digest value of a previous data block recorded on the selected first branch blockchain in a block header of the target data block; and transmitting the target data block to other accounting nodes in the group of accounting nodes for reaching a consensus.

Abstract: A cyber security risk assessment system is described. In an example implementation, the system may generate an input feature space including data associated with a computing system by collecting the data from a plurality of computer sources. The system may compute a likelihood of data-security breach incidents based on the input feature space using a first computer model, recognize events based on the input feature space using a second computer model, and determine a severity of the data-security breach incident or the event using a third computer model. In some instances, the system may generate risk factor scores based on the determined severity, data-security breach incident, and the event, where the risk factor scores indicate a computer security risk of a certain computer security aspect of the computing system. The system may then perform an action based on the risk factor scores.

Abstract: A device is configured to receive a data request that includes an encrypted data element. The device is further configured to identify a data source device associated with the data request, to identify a first encryption key associated with the data source device, and to decrypt the encrypted data element using the first encryption key. The device is further configured to identify a first data processor device associated with receiving the data request, to identify a second encryption key associated with the first data processor device, wherein the second encryption key is different from the first encryption key, and to re-encrypt the decrypted data element. The device is further configured to identify routing instructions associated with the first data processor device and to send the re-encrypted data element to the first data processor device in accordance with the routing instructions.

Abstract: Systems and methods are presented for mitigating cyber threats. Cybersecurity-related data are stored in a semantic cybersecurity database. A user interface converts a user input to a command utterance. A command node that corresponds to the command utterance is identified in the cybersecurity database. The command node is resolved to one or more action nodes that are connected to the command node, and each action node is resolved to one or more parameter nodes that are connected to the action node. The command node has a command that implements actions indicated in the action nodes. Each action can have one or more required parameters indicated in the parameter nodes. The values of the required parameters are obtained from the command utterance, prompted from the user, or obtained from the cybersecurity database. Actions with their parameter values are executed to mitigate a cyber threat in accordance with the user input.