Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for implementing cross-chain data trusted management. One of the computer-implemented methods includes obtaining cross-chain data by a relay from a second blockchain based on a cross-chain request that is from a first blockchain, where a trusted execution environment (TEE) is loaded onto the relay. The relay obtains processed data by loading a preconfigured management rule set to process the cross-chain data based on a management rule comprised in the preconfigured management rule set. A response result is returned by the relay, where the response result includes an identity signature of the relay and the processed data.

Abstract: A method for creating and exchanging a copyright for each artificial intelligence (AI)-generated multimedia is described. An AI model and a reference input for a multimedia is received from a user. If the reference input complies with system policies, an AI-generated multimedia is generated from the reference input using the AI model. The AI-generated multimedia is compared against works of a same type in a blockchain and decentralized file storage and if the AI-generated multimedia fails to match the works, the AI-generated multimedia is categorized as having originality. A copyright for the AI-generated multimedia and the AI-generated multimedia is stored. An exchange is facilitated with a buyer using cryptocurrency and is written to a blockchain.

Abstract: A framework system is present that provides an end-to-end solution for user on-boarding, storing, securing, configuring, authenticating of the target person (grantee user), and transmittal of digitized documents assets. The framework system is preferably a multi-tenant cloud based system, although other systems may be used. The system processes multiple inputs to cognitively determine implementation (cognitive decision making) of digitized assets to a grantee user or target user without human intervention.

Abstract: In a storage system including an FPGA having a logic which executes a prescribed processing and a plurality of devices coupled to the FPGA via a bus, the logic of the FPGA is configured to: attempt to access the plurality of devices and, based on a status of access to the devices, determine whether or not there is an abnormality in the access to the devices; and when it is determined that there is an abnormality in the access to a device, reset an IF unit for performing a communication processing via a bus of the device.

Abstract: Examples of techniques for cache line cleanup for prevention of side channel attack are described herein. An aspect includes determining, by a rollback control unit, a start of a speculative execution in a computer processor. Another aspect includes setting a field in a speculative buffer of the computer processor based on a load or a store to a cache line of a cache being performed by the speculative execution. Another aspect includes determining a failure of the speculative execution. Another aspect includes, based on the failure of the speculative execution, traversing the speculative buffer to determine the set field and performing a cleanup of the cache line based on the set field in the speculative buffer.

Abstract: Provided herein are methods, systems, and computer program products for intelligent detection of multistage attacks which may arise in computer environments. Embodiments herein leverage adaptive graph-based machine-learning solutions that can incorporate rules as well as supervised learning for detecting multistage attacks. Multistage attacks and attack chains may be detected or identified by collecting data representing events, detections, and behaviors, determining relationships among various data, and analyzing the data and associated relationships. A graph of events, detections, and behaviors which are connected by edges representing relationships between nodes of the graph may be constructed and then subgraphs of the possibly enormous initial graph may be identified which represent likely attacks.

Abstract: The systems and methods of a blockchain platform for distributed applications includes flexibility to implement a variety of client systems with a token usage and distributed computing based on separation of roles for a miner and a blobber. The message flow model between different parties including a client, a blobber and a miner allows for fast transactions on a lightweight blockchain by lightening the load on a mining network, i.e. a network of one or more miners. Offloading the work to a different group of machines allows for greater specialization in the design and specifications of the machines, allowing for the blockchain platform miners to be optimized for fast transaction handling and blockchain platform blobbers to be efficient at handling data for given transaction types.

Abstract: Methodologies, systems, and computer-readable media are provided for in-field authentication of autonomous electronic devices. A first mobile autonomous electronic device wirelessly communicates with a second mobile autonomous electronic device and receives a set of identification information associated with the second mobile autonomous electronic device. The first electronic device autonomously travels to a specified location and transmits a first authentication signal to the second electronic device upon arrival at the specified location. The second electronic device confirms the identity of the first electronic device based on the first authentication signal and transmits a second authentication signal to the first electronic device. Once the first electronic device has confirmed that the identity of the second electronic device corresponds to an expected identity, the first electronic device transfers the object to the second electronic device.

Abstract: A first computing device receives a service access request to access a service provided by another computing device, the request including user authentication characteristics of a user. The first computing device forwards the service access request to the other computing device. The first computing device receives a user interface configuration file from the other computing device, that, when executed by the second computing device, enables the second computing device to display a user interface that provides access to the service. The first computing device modifies the user interface configuration file based on the user authentication characteristics to provide selective access to the service. The first computing device transmits the modified user interface configuration file to the second computing device, that, when executed by the second computing device, enables the second computing device to display a modified user interface that provides selective access to the service.

Abstract: A domain-specific hardwired symbolic communications machine is described that processes information via the hardwired mapping of symbols from one or more domains onto other such domains, computing and communicating with improved security and reduced power consumption because it has no CPU, no Random Access Memory (RAM), no instruction registers, no Instruction Set Architecture (ISA), no operating system (OS) and no applications programming. The machine provides web services by recognizing valid requests based on the processing of symbols and the validating of those symbols according to various domains. In some embodiments the requests may conform or be related to, for example, Long Term Evolution (LTE), Hypertext Transfer Protocol (HTTP), or fourth generation (4G) wireless technology. Further, in some embodiments, the machine has no unconstrained RAM into which malware may insert itself and needs no anti-virus software.

Abstract: Systems, methods, and computer-readable storage devices are disclosed for improve cybersecurity intelligence by launching applications ahead of time. One method including: receiving, over a communications network, at least one threat model; determining whether a performance of an orchestrated response is triggered based on the at least one threat model, wherein the orchestrated response includes a plurality of applications to be executed in a predetermined sequence; and launching, when the performance of the orchestrated response is triggered, a first application and a second application of the plurality of applications of the orchestrated response, wherein the second application executes after execution of the first application has completed execution.

Abstract: A method for authentication using location correlation is disclosed. The method includes determining geographic zones and zone identifiers associated with a location of a mobile communication device. Later, transaction data is received and a zone identifier is determined from that transaction data. If the zone identifier matches one of the previously determined zone identifiers, then a match indicator is sent to an authorizing entity computer system or the transaction may be allowed to proceed.

Abstract: Method and system embodiments for providing a cloud-based multi-function firewall are described. A method includes retrieving device information associated with a network-enabled device. The device information is transmitted to a secure cloud for configuring a virtual private network (VPN) connection between the secure cloud and the network-enabled device. Cloud information specifying a cloud server in the secure cloud is received from the secure cloud. The secure cloud generates the cloud information based on the device information. Domain name service and routing functions are updated to forward network requests to the cloud server specified in the cloud information. The VPN connection to the secure cloud is established based on the cloud information such that network traffic to and from the network-enabled device is routed through the VPN connection to the cloud-based multi-function firewall implemented on the cloud server.

Abstract: The present disclosure relates to a method and system for updating a webpage and a webpage server. The method includes: upon detection of an update instruction, acquiring a feature value of an update process that generates the update instruction, the feature value comprising a process name and process identification of the update process; comparing the acquired feature value with each set of feature values in a preset process whitelist; and if there is an item in the preset process whitelist which is identical to the acquired feature value, adjusting a stored webpage document according to the update instruction.

Abstract: A method and system for providing proof of personal information includes a first device sending a request to a server for proving user information and data identifying a requester. The server generates (i) requester authentication data and associated data identifying a transaction, and (ii) a proof of user information using the user information and the requester authentication data. The server then sends the proof of user information and the associated data identifying the transaction to the first device. A second device sends to the server a request for getting authentication data associated with data identifying a transaction and the associated data identifying the transaction. In response to the request, the server sends authentication data associated with the data identifying the transaction to the second device. The second device or a verifier may then authenticate the user information only if the received authentication data matches the requester authentication data.

Abstract: The invention relates to a method and system that aggregates client data and cyber indicators to authenticate a client. The system comprises: a computer server comprising at least one computer processor and coupled to the memory, programmed to: receive, via an electronic input, an authorization request from a requester for access to an account; identify a client identifier associated with the authorization request; using the client identifier, retrieve, from the memory, a client profile, wherein the client profile is based on an aggregation of client data, client device data, claims data and cyber data; generate a risk score based on the aggregated combination of the client data, client device data, claims data and cyber data to determine whether the requester is authenticated to access the account; and automatically apply an authentication determination to the authorization request.

Abstract: In a method for protecting security-relevant data in a cache memory, a copy of this security-relevant data from a general memory is stored in the cache memory, and the method includes stipulating obfuscation parameters, determining a first cache set address from a memory address of the general memory at which the security-relevant data are stored, generating a first modified cache set address for a first cache set with a generation function using the obfuscation parameters and the first cache set address, and storing the copy of the security-relevant data using the first modified cache set address in a first cache line of the first cache set.

Abstract: A computer implemented method of a resource provider for access control for a restricted resource in a network connected computer system, wherein a blockchain data structure accessible via the network stores digitally signed records validated by network connected miner software components including a provider record associated with the resource provider, the method including: identifying an access control role definition for access to the resource, the role including a specification of access permissions; receiving a request from a resource consumer for access to the resource; communicating, to the resource consumer, an indication of a quantity of a cryptocurrency required for access to the resource; and in response to a determination that the required quantity of cryptocurrency is transferred to the provider record in the blockchain, the transfer being caused by a blockchain transaction including an identification of the role and the transaction being validated by a miner component, granting the consumer acc

Abstract: Methods and systems for adaptively sanitizing data for endpoints are described herein. A system may contain one or more endpoints that receive requests for data and provide responses to the requests. A sanitizer may adaptively sanitize each request and response according to a sanitation level provided by a log analyzer. The sanitation level may be based on a risk level of attack at the endpoint as determined by the log analyzer. The log analyzer may analyze logs containing all operations performed at the endpoint to determine a sanitation level. Thus, the amount of sanitation performed by the sanitizer can be tailored to the needs of any given endpoint.

Abstract: A registration destination determination device (50) determines which data management device, among a plurality of data management devices (20A, 20B), is to manage registration data, such that, with a data type constituting the registration data as a target type, an appearance frequency distribution of values set for the target type of the registration data managed by each of the plurality of data management devices (20A, 20B) is different from an appearance frequency distribution of values set for the target type of the registration data managed by the whole of the plurality of data management devices (20A, 20B).