Abstract: Methods and systems are also described for an integrated cyber incident management system that may store native data corresponding to fields of cyber incident management system (or other non-integrated systems) and integration data (e.g., viewable through a user interface of the integrated cyber incident management system), which describes a relationship of the native data to the integrated cyber incident management system, at a structure node in the architecture of the integrated cyber incident management system. The structure node may correspond to the convergence of two structures in the architecture of the integrated cyber incident management system. Each structure may itself correspond to a native hierarchal relationship in a non-integrated cyber incident management system.

Abstract: Aspects of the present disclosure include methods, apparatuses, and computer readable media for controlling access including generating a random string or pseudorandom string, acoustically broadcasting a beacon message comprising the random string or pseudorandom string, acoustically receiving, in response to acoustically broadcasting the beacon message, an authentication message comprising a user identification and an authentication string, obtaining a password associated with the user identification, computing a verification string using the password and the random string or pseudorandom string, verifying the authentication string in the authentication message using the verification string, and transmitting, in response to successfully verifying the authentication string in the authentication message, an unlocking message to the access controlled point to unlock the access controlled point.

Abstract: A computer-implemented method, computer program product and computing system for: obtaining consolidated platform information for a computing platform to identify one or more deployed security-relevant subsystems; processing the consolidated platform information to identify one or more non-deployed security-relevant subsystems; generating a list of ranked & recommended security-relevant subsystems that ranks the one or more non-deployed security-relevant subsystems; and providing the list of ranked & recommended security-relevant subsystems to a third-party.

Abstract: A wearable article includes: an annular casing that surrounds a space into which a body of a user is to be inserted; a light-emitting element that is provided in the casing, the light-emitting element emitting light towards the space; an imaging element that is provided in the casing, the imaging element capturing and obtaining an image of the space when the light-emitting element emits light; and an authentication circuit that authenticates the user based on a vein pattern obtained in advance and the image.

Abstract: Broadcasts of a probe request are detected from a wireless station with the MAC address for an unauthorized access point in order to begin association between the wireless station and the unauthorized access point. Responsive to the probe request detection, a spoofed probe response is transmitted including a MAC address of the unauthorized access point to the station to appear as if sent by the unauthorized access point. The probe response includes a NAV element and the MAC address of the unauthorized access point, the NAV element set at a value high enough to prevent the station from transmitting to the unauthorized access point during a period.

Abstract: Techniques for cross-domain routing using a fractionated cross-domain solution (F-CDS) are disclosed. A first intermediate node operating in a first physical device in an assured pipeline of the F-CDS receives a data item originating at a source node in a first security domain. The first intermediate node applies a first data filter to determine that the data item complies with a data security requirement of the F-CDS. The first intermediate node transmits the data item to a second intermediate node operating in a second physical device in the assured pipeline of the F-CDS. The second intermediate node applies a second data filter to redundantly determine that first data item complies with the data security requirement of the F-CDS. The second intermediate node transmits the data item to a recipient node in a second security domain via the assured pipeline.

Abstract: A method for detection and use of device identifiers to enhance the security of data transfers between electronic devices. A first electronic device can transmit access data to a second electronic device. The access data can be associated with a first access code that can be generated based at least in part on data representing a device identifier of the first electronic device. A device identifier can uniquely identify the first electronic device from a plurality of electronic devices. Transferring the access data can involve transforming the first access code into a second access code that can include data representing a device identifier associated with the second electronic device. Transforming the first access code into the second access code can facilitate access to a resource associated with the access data for a second user, but not for a first user.

Abstract: Various techniques for facilitating communication with and across a clinical environment and a cloud environment are described. For example, a method for authenticating a network device residing in the clinical environment using a token is described. An authentication proxy in the cloud environment can receive a request from a connectivity adapter in the clinical environment and retrieve a security token from an authentication system in the cloud. The connectivity adapter can use the security token to send signed requests to the authentication system.

Abstract: The present disclosure describes systems and methods for controlling access to secure debugging and profiling features of a computer system. Some illustrative embodiments include a system that includes a processor, and a memory coupled to the processor (the memory used to store information and an attribute associated with the stored information). At least one bit of the attribute determines a security level, selected from a plurality of security levels, of the stored information associated with the attribute. Asserting at least one other bit of the attribute enables exportation of the stored information from the computer system if the security level of the stored information is higher than at least one other security level of the plurality of security levels.

Abstract: A Network Based Hyperlocal Authentication (NBHA) system and method for anonymous contact tracing is described. The NBHA system and method operates as a background process, which is passwordless and continuously authenticates and performs cryptographic operations to secure communications between a wireless client device and a remote network component. A gateway includes a short-range wireless transmitter that transmits authentication credentials to the wireless client device having a short-range wireless receiver. The wireless client device uses the authentication credentials to authenticate to the remote network component. The network component then generates an exclusive local key for the wireless client device that is transmitted by the gateway. The client device application then requests cryptographic material from the remote network component. The client device application encrypts and decrypts communications to the network component with the cryptographic material and the exclusive local key.

Abstract: A methodology for processing authorization request messages based on proximate wireless networks is disclosed. In particular, a computer may receive, from an access device or a communication device, an authorization request message in a transaction. The computer may then obtain network data based on a set of wireless networks that are proximate to the access device or the communication device interacting with the access device during the transaction. Next, the computer may determine a difference between the network data and previous network data, wherein the previous network data is based on one or more previous sets of wireless networks that were proximate to the access device or the communication device during one or more previous transactions. Responsive to determining that the difference exceeds threshold, the computer may initiate one or more actions associated with the transaction.

Abstract: A service receives, from client computing devices of client networks, information regarding incoming network traffic addressed to dark Internet Protocol (IP) address spaces the of client networks. The service can predict a cyber attack based on the information received from the client computing devices of the client networks. The server computing device notifies the client computing device of each client network affected by the predicted cyber attack.

Abstract: Users have to assign labels to a ticket to route to right domain expert for resolving issue(s). In practice, labels are large and organized in form of a tree. Lack in clarity in problem description has resulted in inconsistent and incorrect labeling of data, making it hard for one to learn/interpret. Embodiments of the present disclosure provide systems and methods that identify relevant queries to obtain user response, for identification of right category and ticket logging there. This is achieved by implementing attention based sequence to sequence (seq2seq) hierarchical classification model to assign the hierarchical categories to tickets, followed by a slot filling model to enable identifying/deciding right set of queries, if the top-k model predictions are not consistent. Further, training data for slot filling model is automatically generated based on attention weight in the hierarchical classification model.

Abstract: Method and apparatus are provided for priority fallback of SUCI calculation. In accordance with some implementation, a UE may transmit, in response to receiving an indication of authentication failure for a first SUCI based on a first SUCI parameter, a second SUCI based on a second SUCI parameter different from the first SUCI parameter. In accordance with some implementation, the UE may further transmit a SUCI with NULL SUCI parameter if the UE determines all SUCI parameters supported by the UE has been rejected by the network.

Abstract: Scalable, configurable, universal, complete spectrum sensor data analyzing machines are provided that make selected determinations from a complete spectrum of cyber determinations regarding or utilizing sensor observations or sensor observation subjects. Analyzing machines utilize necessary resources and predetermined criteria in their making of selected cyber determinations. Analyzing machines utilize measure points in their accurate locating of selected analytically rich aspects, characteristics, or features of or from sensor observation-derived representations, analyzing machines assign appropriate informational representations to selected analytically rich aspects, characteristics, features, or measure points, which are stored in concise datasets where they can be utilized in real-time or thereafter by analyzing machines in their making of selected cyber determinations regarding or utilizing sensor observations or sensor observation subjects.

Abstract: A command to load or unload data at a storage location is received. In response to the command, a storage integration object associated with the storage location is identified. The storage integration object identifies a cloud identity object that corresponds to a cloud identity that is associated with a proxy identity object corresponding to a proxy identity granted permission to access the storage location. The data is loaded or unloaded at the storage location by assuming the proxy identity.

Abstract: The present teaching relates to method, system, medium, and implementation for secure data management by a service provider. A request is first received for carrying out a transaction with a user and one or more data items associated with the user are then determined that need to be validated prior to the transaction. A request is then sent to the user seeking to validate the one or more data items. When a cloaked identifier is received from the user with information related to a trusted party, the cloaked identifier is then sent to the trusted party with a request for a validation response. When the validation response is received with an indication that the one or more data items are validated, the transaction with the user is carried out.

Abstract: A radio device includes a storage unit, a group call control unit, and a cipher key generation unit. The storage unit is configured to store therein a plurality of primary cipher keys, a plurality of pieces of device information, and a plurality of pieces of group information. The group call control unit is configured to perform a group call with radio devices belonging to a first group using a primary cipher key. The cipher key generation unit is configured to generate a secondary cipher key that is different from the primary cipher key when one or more radio devices belonging to the first group are selected during the group call. The group call control unit performs a temporary group call with the selected radio devices by switching the primary cipher key to the secondary cipher key.

Abstract: The present application describes a method, system, and non-transitory computer-readable medium for generating new keys during a secure communication session. A key derivation function is operatively connected to both a counter and a memory. The key derivation function generates new key material from a first input and a second input in response to a signal provided by the counter. The key derivation function generates the new key material and outputs it to the memory.

Abstract: A mobile device collects received information and processes it. In some instances, the mobile device detects, based on the collected information, that a base station is likely not legitimate, i.e., it is likely a fake base station, and the mobile device bars communication with the base station for a time. In some embodiments, the mobile device determines, based on the received information, that the base station is a genuine base station. When the mobile device determines that the base station is a genuine base station or the mobile device does not determine that it is likely the base station is a fake base station, the mobile device allows or continues communication with the base station.