Abstract: A system and method for anomaly detection. A method includes recursively partitioning a sample of device activity data including deterministic characteristics of a population of devices over iterations in order to create partitions. Each iteration includes determining a split density metric for a candidate subpopulation created by splitting a portion of the population with respect to a corresponding type of deterministic characteristic. The split density metric for the candidate subpopulation is determined based on a density value of the candidate subpopulation and a coverage value of the corresponding type of deterministic characteristic. The partitions include each candidate subpopulation meeting a split density metric threshold. A baseline for each of the partitions is established based on device activity for devices represented in device activity data of the partition. An anomaly is detected based on behavior of a device and the baseline established for a partition corresponding to the device.

Abstract: A multi-factor authentication request of a user is received. For example, the multi-factor authentication request may include a valid username/password and a valid fingerprint scan. A first authentication factor of the multi-factor authentication request is an access authentication factor (e.g., the valid username/password) and a second authentication factor (e.g., the valid fingerprint scan) of the multi-factor authentication request is one of: a time-only authentication factor; a multi-session authentication factor; and a location-only authentication factor. The user is authenticated based on the first authentication factor and the second authentication factor. Access is granted to one or more resources according to one or more rules associated with the first authentication factor and second authentication factor.

Abstract: Various embodiments provide systems, methods, devices, and instructions for protected data use in a third-party software application, where use can be enabled while maintaining protection of the protected data from the third party software application. In particular, various embodiments provide a software application architecture that permits a data party that owns or maintains protected data to support a software development ecosystem where a third-party can develop a third-party software application that uses the protected data while denying the third-party access to the protected data.

Abstract: A data privacy and security management system for a vehicle. A privacy server is configured to receive contextual data associated with a vehicle, an in-vehicle module of the vehicle, or a user of the vehicle. The privacy server receives privacy preference information that is representative of user-specific permission settings that define preferences of the user regarding handling of personal data of the user. Privacy action rules can be generated based at least in part on the privacy preference information or the contextual data. The privacy server can determine privacy risk events. For each privacy risk event, the privacy risk server can execute privacy actions, for example, context-based privacy actions, based at least in part on the privacy action rules.

Abstract: Methods, systems, and apparatus, including an apparatus for verifying the integrity of requests and the devices that sent the requests. In some aspects, a method includes receiving, from a client device, a request including an attestation token generated by the client device. The attestation token includes a set of data that includes at least a public key of the client device, a token creation, and a device integrity token that includes a verdict. The attestation token also includes a digital signature of the set of data generated using a private key corresponding to the public key. The integrity of the request is verified using the attestation token by determining that the token creation time being within a threshold duration of the time at which the request was received, the set of data was not modified since the attestation token was created, and the verdict indicates the client device is trustworthy.

Abstract: Disclosed are a blockchain system and a consensus method for use in a miner node in a blockchain system. A specific embodiment of the method includes: acquiring a lower-limit accumulative unused duration; executing, in a trusted execution environment associated with the miner node, a bookkeeping right determination operation including: determining a current accumulative unused duration for the miner node; determining whether the current accumulative unused duration is more than the lower-limit accumulative unused duration; and, in response to the determination that the current accumulative unused duration is more than the lower-limit accumulative unused duration, determining that the miner node has won a bookkeeping right, and updating the current accumulative unused duration with a difference between the current accumulative unused duration and the lower-limit accumulative unused duration. This embodiment allows for reduced electric power consumption in a blockchain system.

Abstract: Systems and methods for providing exception failover augmented, homomorphic encrypted (HE) distributing, end-to-endpoint persistent encryption, and distributed HE domain non-decrypting, privacy-protective biometric processing are provided. Some configurations may include generating HE biometric feature data, based on homomorphic encrypting the biometric feature data. Some configurations determine an exception status of the HE biometric feature data between exception and non-exception. Systems and methods may include performing a HE domain, non-decrypting biometric classifying of the HE biometric feature data.

Abstract: A firewall monitors network activity and stores information about that network activity in a network activity log. The network activity is analyzed to identify a potential threat. The potential threat is further analyzed to identify other potential threats that are related to the potential threat, and are likely to pose a future risk to a protected network. A block list is updated to include the potential threat and the other potential threats to protect the protected network from the potential threat and the other potential threats.

Abstract: The present invention relates to systems and methods suitable for establishing communication between secure and unsecure devices. In particular, the present invention relates to systems and methods that enables communication between secure and unsecure devices utilizing communication protocols that require implementation over secured connections.

Abstract: A platform identifier for a first node may be determined based on hardware characteristics of the first node. The platform identifier may be sent to a certification service via non-network communication. Certificate information associated with the platform identifier may be received from the certification service via non-network communication. A key pair may be generated at a first node application enclave of the first node. The key pair may include a public key of the first node and an associated private key of the first node. A request to generate a signed digital certificate may be sent to a digital certificate manager, the request including the public key of the first node and the certificate information. A signed digital certificate including the public key and the certificate information may be received from the digital certificate manager, and the signed digital certificate may be stored at the first node application enclave.

Abstract: Autonomous devices and systems, methods, and program products for authorizing and performing autonomous devices transactions are disclosed. An autonomous device can be configured to generate a first hash value of a chain of hash values by applying a hash algorithm to first data including first new data and a first previous hash value of the chain of hash values, the first previous hash value computed by applying the hash algorithm to first previous data. The device can transmit to a transaction computer system the first hash value and the first new data. The device can generate and transmit to the transaction computer system a first signed electronic transaction request comprising first transaction data comprising a sending account identifier associated with the autonomous device, a destination account identifier, a transaction amount, and a timestamp. The device can digitally sign the transaction request using a private key of an asymmetric key pair.

Abstract: A system and method for privacy policy enforcement to ensure reconciliation between users communicating via an open system interconnection (OSI) communication architecture, with receiving of a privacy policy for at least one user's device and a usage policy for at least one user, receiving encryption codes, receiving private data from a first user to be sent to a second user, encrypting by a first server the received data, receiving a privacy policy enforcement vector, and performing selective decryption, by a second server, for each data segment, wherein data segments that correspond to a match between the privacy policy and usage policy are decrypted, and wherein at least one of the first server and the second server is external to the first user and second user.

Abstract: This invention relates generally to distributed ledger technology (including blockchain related technologies), particularly a method and corresponding system for providing a blockchain transaction comprising a redeem script for an output that comprises: i) a plurality of public keys, each associated with a corresponding private key, wherein each public key is uniquely associated with a potential state of at least one data source; and ii) logic arranged to provide a result based on: A) a determination of which of the plurality of associated private key(s) is/are used to sign the unlocking script, so as to provide an interim result: and B) a comparison of a parameter supplied via the unlocking script against the interim result, and further attempting to spend the transaction output more than once, each attempt supplying a different parameter.

Abstract: A hybrid Hidden Markov Model (HMM) and Machine Learning (ML) systems and apparatus for classification in the case of data instances with imbalanced class distribution, including a Hidden Markov Model for generating a log-likelihood score for each data instance. Implementations of the hybrid system and method detect fraudulent activity and classifies documents with accuracy that surpasses conventional classifiers. In one implementation, Hidden Markov Model (HMM) for generating a log-likelihood score based on an attribute value vector for a set of keyword features characterizing a Web page. In one implementation, the HMM generates a log-likelihood score based on an attribute value vector for page layout characterizing a document image. Resulting attribute value vectors are ranked and divided into bins grouped by log-likelihood scores within equal ranges. Various machine learning models are trained using the balanced vectors obtained by accumulating from all the bins of vectors.

Abstract: A hybrid Hidden Markov Model (HMM) and Machine Learning (ML) systems and apparatus for classification in the case of data instances with imbalanced class distribution, including a Hidden Markov Model for generating a log-likelihood score for each data instance. Implementations of the hybrid system and method detect fraudulent activity and classifies documents with accuracy that surpasses conventional classifiers. In one implementation, Hidden Markov Model (HMM) for generating a log-likelihood score based on an attribute value vector for a set of keyword features characterizing a Web page. In one implementation, the HMM generates a log-likelihood score based on an attribute value vector for page layout characterizing a document image. Resulting attribute value vectors are ranked and divided into bins grouped by log-likelihood scores within equal ranges. Various machine learning models are trained using the balanced vectors obtained by accumulating from all the bins of vectors.

Abstract: A method for authorizing a blockchain data access on a blockchain platform includes: obtaining from a third-party institution a data access request containing a user ID of data access, a data scope, and a random number of a signature, which is generated by the third-party institution after receiving a random number sent by a client terminal and signing on the received random number; performing a verification on the random number of the signature and the data scope; and after the verification is passed, sending data ciphertext corresponding to the user ID to the third-party institution, such that the third-party institution decrypts the data ciphertext using a data secret key sent by the client terminal.

Abstract: Techniques for code-free automated machine learning (ML) are described. Users can train high-quality ML models and pipelines without necessarily needing to write code by providing a training dataset to a code-free machine learning service. The service may deploy an ML orchestration function and a storage location on behalf of a user. When a modification is made to the storage bucket, such as by the user providing a training dataset, the orchestration function is invoked and can automatically initiate an AutoML process using at least the training data to train multiple ML model variants. The resultant ML model(s) and associated metrics can be provided to the user, deployed behind an endpoint, and/or used to generate inferences.

Abstract: A firewall monitors network activity and stores information about that network activity in a network activity log. The network activity is analyzed to identify a potential threat. The potential threat is further analyzed to identify other potential threats that are related to the potential threat, and are likely to pose a future risk to a protected network. A block list is updated to include the potential threat and the other potential threats to protect the protected network from the potential threat and the other potential threats.

Abstract: In some embodiments, a network node for securing physical assets may be provided. The network node may include a processor and a memory storing instructions. The network may be configured to: receive, from a first entity, a cryptographic data structure configured to identify a physical item stored in a secured location; in response to receiving the cryptographic data structure, generate and transmit to the first entity a plurality of fungible cryptographic items; secure the cryptographic data structure on a public data structure, such that the cryptographic data structure cannot be released unless the plurality of fungible cryptographic items are received; receive, from a second entity, the plurality of fungible cryptographic items; and in response to receiving the plurality of fungible cryptographic items, transmit to the second entity the cryptographic data structure.

Abstract: A method of securing operating instructions for a driver assistance system of a motor vehicle. The method including: a) implementing a distributed blockchain including a plurality of blocks, a copy of the blockchain being stored on each of a plurality of nodes. Wherein, each block includes a different version of the operating instructions, b) performing a verification routine including checking that the copies of the blockchain are identical. And, where a fault copy of the blockchain is not identical, flagging the fault copy as insecure. And preventing use of the fault copy, thus preventing installation of the operating instructions comprised in the blocks of the fault copy.