Abstract: Identity nodes within bidirectional dual node hashchain (BDNH) bundles generate hash keys by processing partial metadata and linking them through identity graphs. Translation nodes perform identity resolution, data anonymization, and re-keying by transforming original identifiers into anonymous IDs and re-key IDs. Laplace noise enabler capsules introduce Laplace noise into translation layer logs for differential privacy. BDNHs share metadata between adjacent bundles for secure and efficient data transmission. A cognitive analytics layer shared among all bundles verifies hashed encrypted data packets using a gossip protocol for real-time validation. An analytics workspace layer activates re-key IDs and creates digital tags for datasets using BERT transformers, linking data through knowledge graphs. The system manages parallel processing and includes machine learning modules, homomorphic encryption, federated learning, zero-knowledge proofs, attribute-based encryption, and anomaly detection.

Abstract: Data Integrity Field (DIF) is used to implement compression verification. When a write IO operation is received, the write IO operation is divided into data blocks, and a respective DIF is created and appended to each data block. When the write IO is compressed, the data blocks and respective DIF are collectively compressed to form compressed data. The compressed data is divided into compressed data blocks, and a respective second DIF is created and appended to each respective data block of compressed data. To verify that the compressed data is able to be decompressed, a copy of the compressed data is decompressed to restore the original data blocks and respective DIF. Each respective DIF is used to verify the content of its respective data block. In response to a determination that respective DIF match the respective data blocks, the decompression process is deemed to be verified.

Abstract: A method for detecting a memory safety bug and an electronic device supporting the same are provided.

Abstract: Systems, methods and devices for implementing cryptographic and security-in-depth techniques on-board spacecrafts or satellites are provided, to allow users to task activities or retrieve satellite data from the satellite system in an anonymous, secure, safe, and private manner, such that no other user sharing the satellite system resources can know what has been tasked or transmitted to the ground. Considerable advantages can be realized by providing spacecraft or satellite systems with a substantial capacity of applying security-in-depth and cryptographic techniques and protocols to data and requests, based on autonomous tasking, allowing a secure, safe and private use of spacecraft or satellite resources.

Abstract: Systems, methods, and apparatuses for determining a cause of an error in a computing environment, such as a permission denied error in a linux computing environment, are provided herein. An example method comprises executing an application in a linux environment, monitoring a plurality of linux subsystems and functions via an instrumentation inserted on a kernel, and responsive to a failure of the application, providing a summary of a cause of the failure based upon the monitoring of the linux subsystems and functions.

Abstract: An apparatus in an illustrative embodiment comprises a client device configured for communication with a storage system, with the client device comprising a processor coupled to a memory. The client device is further configured to generate a data encryption key for a data item by computing a function of at least the data item, to encrypt the data item using the data encryption key for the data item, to encrypt the data encryption key using a secret key of the client device, and to send the encrypted data item and the encrypted data encryption key to the storage system for storage in the storage system. The client device is still further configured to retrieve the encrypted data item and the encrypted data encryption key from the storage system, and to perform an integrity check on the retrieved encrypted data item using a result of decrypting the retrieved encrypted data encryption key.

Abstract: As described herein, a system, method, and computer program are provided for using malware to protect data. A dormant malware embedded in data detects that a preconfigured condition has been satisfied for self-activation. Responsive to detecting that the preconfigured condition has been satisfied, the dormant malware performs self-activation.

Abstract: Methods and systems for managing vulnerabilities that may be exhibited by data processing systems are disclosed. The vulnerabilities may be managed by identifying components of the data processing systems and conditions impacting the data processing systems. The conditions may be used to establish a hierarchy for the vulnerabilities. Remediation for the vulnerabilities may be selectively performed based on the locations of the vulnerabilities within the hierarchy.

Abstract: An Intrusion Detection and Prevention System (IDPS) dynamic allocation device includes a resource amount information receiving unit configured to receive information about resource usage, including Electronic Control Unit (ECU) usage and IDPS usage, from an ECU resource amount measuring module. The IDPS dynamic allocation device also includes a resource usage determining unit configured to determine whether the resource usage exceeds a usage allowance. The IDPS dynamic allocation device further includes a resource usage control unit configured to deactivate at least one detection method to reduce the IDPS usage when the resource usage exceeds the usage allowance. The resource usage control unit is configured to selectively deactivate a detection method that has a lowest priority based on a detection method priority table and has at least one similar detection method.

Abstract: Systems and methods include storage of a plurality of encrypted data pages of a row store database table in a persistent storage system, determination of a first encryption key associated with one of the plurality of encrypted data pages based on a header of the one of the plurality of encrypted data pages, determination of whether the first encryption key has been revoked, and, if it is determined that the first encryption key has been revoked, adding of a portion of volatile memory allocated to the one of the plurality of data pages to a free list.

Abstract: A trusted computing technology is shown. An isolated memory stores a security interrupt descriptor table (SIDT) to correspond to security interrupts triggered by security peripherals. A first register of the trusted core stores a first address pointing to the SIDT. A local advanced programmable interrupt controller in the trusted core provides an interrupt arbiter that arbitrates between peripheral interrupts received from the chipset. When producing an arbitration result showing that a target interrupt is a security interrupt, the interrupt arbiter outputs a security interrupt request and a security interrupt vector to trigger the trusted core to search the SIDT indicated by the first register, to get a target security interrupt descriptor for execution of the corresponding interrupt program.

Abstract: A system and method for generating a compact representation of a computing environment having a remediated cybersecurity threat is disclosed. In an embodiment, the method includes generating an inspectable disk based on a disk of a resource in the computing environment; detecting a forensic artifact on the inspectable disk; traversing a security graph for a forensic finding based on the forensic artifact, wherein the security graph includes a representation of the computing environment; detecting a remediation node connected to a node representing the forensic finding; and initiating a remediation action, represented by the remediation node.

Abstract: Systems, computer program products, and methods are described herein for monitoring access to a virtual environment using device tagging. The present disclosure is configured to receive, from a user input device, a request from a user to establish a first virtual object to access a virtual environment; receive parameters associated with the first virtual object; determine device information associated with the user input device; generate a first unique key based on at least the parameters and the device information; link the user input device and the first virtual object with the first unique key; store the first unique key in a key repository; and establish the first virtual object for the user to access the virtual environment, wherein the first virtual object is established to access the virtual environment exclusively with the user input device.

Abstract: The present disclosure generally relates to digital identification credential user interfaces.

Abstract: Example methods and systems are directed to the automated assessment of vulnerabilities in the context of information technology (IT) security. A data record of a vulnerability is accessed. The vulnerability includes a vulnerability description and may also identify an application in respect of which the vulnerability was detected by an IT security tool. An input vector is automatically generated based on the vulnerability description. A machine learning model uses the input vector to generate a probability score. A positivity classification for the vulnerability is automatically determined based on the probability score. Output data representing the positivity classification is caused to be presented in a user interface. The positivity classification may indicate whether the vulnerability is deemed to be a false positive or a true positive. Example methods and systems provide a unified dashboard for presenting multiple vulnerabilities and positivity classifications relating to one or more applications.

Abstract: A computer-implemented method, computer program product and computing system for: encoding an unencoded data file to generate a related encoded data file based, at least in part, upon a plurality of mappings to a plurality of portions of a dictionary file; receiving a request to manipulate the unencoded data file; and processing the related encoded data file based, at least in part, upon the plurality of mappings and the dictionary file to generate a modified encoded data file that represents the requested manipulations of the unencoded data file.

Abstract: Preventing, mitigating, and reversing actions in a computing system. A voting mechanism is provided that is configured to block malicious or accidental configuration changes or other actions in a computing system. Risky actions cannot be performed as the voting mechanism requires certain actions to be subject to a vote. The actions are then, based on the voting by other administrators, allowed, disallowed, prevented, or reversed. Further different classes of administrators can participate in the voting operations.

Abstract: Systems and methods are provided for protecting identity information in a directory, such as Active Directory. A method, according to one implementation, include the step of conducting a scan of a directory of a network domain to gain visibility of one or more vulnerabilities of the directory. The one or more vulnerabilities define a potential security risk that would allow an attacker to leverage identity-related information from the directory. The method further includes the step of guiding an administrator regarding management of the directory to reduce the potential security risk. Also, the method includes the step of monitoring the directory for one or more attacks to leverage the identity-related information.

Abstract: A system includes a primary asset custody subsystem in a first cloud computing data center and a backup asset custody subsystem in a second cloud computing data center different from the first cloud computing data center. The primary subsystem includes a plurality of primary multi-party computation (MPC) clusters, where each primary MPC cluster is allocated to an asset owner and includes a primary MPC client and a plurality of primary MPC nodes. The backup subsystem includes a plurality of backup MPC clusters corresponding to the plurality of primary MPC clusters, where each backup MPC cluster is allocated to the asset owner of its corresponding primary MPC cluster and includes a backup MPC client and a plurality of backup MPC nodes. The backup MPC client sends an export public key from each backup MPC node to the primary MPC client, where each export public key is part of a corresponding export public key-export private key pair.

Abstract: Embodiments of the present disclosure may include a key generation device of a lattice-based public key cryptosystem. In some embodiments, the key generation device may include a communication unit, a storage unit, and a processor that may be configured to control the key generation device to perform operations. In some embodiments, the operations may include generating a public key by using a public key polynomial, where the public key polynomial may belong to a first polynomial ring. In some embodiments, the operations may additionally include generating a secret key that may correspond to the public key. In some embodiments, the secret key may be generated by using a secret key polynomial that may belong to a second polynomial ring. In some embodiments, the operations may additionally include storing the public key and the secret key.