Abstract: Embodiments include methods performed by vehicle-to-everything (V2X) system for protecting proprietary data within misbehavior reports. Various embodiments may include detecting misbehavior conditions based on received sensor data, determining whether the received sensor data that supports a conclusion that a misbehavior condition has occurred is or includes proprietary information, and encrypting the sensor data that supports the conclusion that the misbehavior condition has occurred in response to determining that the received sensor data is or includes the proprietary information.

Abstract: Methods and systems for detecting false base stations are provided. A computing device transmits a request for a verification message to a base station. An encrypted verification message comprising a base station identifier and a signature encrypted using an encryption key associated with the base station is received by the computing device. The computing device decrypts the signature included in the encrypted verification message utilizing a decryption key associated with the computer system. Based on the decrypted signature, the computing device determines that the encryption key does not correspond to the decryption key. Based on determining that the encryption key does not correspond to the decryption key, the computing device stores the base station identifier in a data store in association with a false base station indicator.

Abstract: The disclosure relates to duplication of a near field communication (NFC) card, and an operating method for an electronic device may comprise: detecting a tag of the NFC card; obtaining at least one parameter related to the NFC card; and based on the NFC card satisfying a specified condition, producing a duplicate card of the NFC card by storing the at least one parameter. The specified condition may include the features wherein the NFC card is a designated type of a card and the NFC card uses a default key.

Abstract: Various aspects of the present disclosure generally relate to wireless communication. In some aspects, a user equipment (UE) may determine, based at least in part on a key derivation function and a set of physical layer parameters, a secret key for encrypting a unicast physical channel at a physical layer, wherein the secret key is a UE-specific secret key. The UE may transmit, to a base station, an encrypted transmission over the unicast physical channel based at least in part on the secret key. Numerous other aspects are described.

Abstract: A computing system can include an interface that receives a URL responsive to activation of an Internet link by a remote device; circuitry that determines a geolocation of the remote device; and circuitry that, based at least in part on the geolocation of the remote device, generates a redirection link.

Abstract: A method for secure wireless communication executed by at least one processor of a device. A registration certificate is transmitted to the device by a host, the registration certificate including a Long Term Device Key (LTDK) and being generated by a registration server in response to the registration of the host as authorized to connect to the device. In response to receiving a request for securing a Bluetooth connection between the device and the host, the device transmits the LTDK to the host. The device receives, from the host, a connection certificate including connection data for establishing the connection between the host and the device. The connection certificate is signed by a private Long Term Host Key (LTHK) of the host, where the LTHK of the host and the LTDK of the device form a cryptographic Long Term Key pair. The device validates the connection certificate using the LTDK of the device to determine whether the host is authorized to connect to the device.

Abstract: A method for executing a function, secured by temporal desynchronization, includes when a first legitimate instruction is loaded, noting the opcode of this first legitimate instruction, then constructing a dummy instruction on the basis of this noted opcode, the dummy instruction thus constructed being identical to the first legitimate instruction except that its operands are different, then incorporating the dummy instruction thus constructed into a sequence of dummy instructions used to delay the time at which a second legitimate instruction is executed.

Abstract: Various methods, apparatuses/systems, and media for automating a process of receiving documentation are provided. A first computing device initiates an electronic communication process to request documentation from a second computing device utilized by a user. A processor receives identification information of the user for generating a unique barcode to be provided with the requested documentation in response to the initiation of the electronic communication. One or more processors generate the unique barcode based on the received identification information of the user; create an application programming interface (API) link for the generated barcode; transmit the electronic communication with the API link attached therein to the second computing device; and automatically obtain the unique barcode upon receiving an input to open the API link from the second computing device, the unique barcode to be attached as a cover sheet with the requested documentation for scanning by a multi-functional device.

Abstract: A method for providing vulnerability management to facilitate application development and deployment is disclosed. The method includes receiving a monitoring request that includes an identifier, the identifier corresponding to an application; onboarding the application by using the identifier; generating a scheduled task for the application based on an outcome of the onboarding, the scheduled task relating to source code vulnerability analytics; automatically initiating, via an application programming interface, the scheduled task based on a predetermined parameter; determining whether a set of source codes that corresponds to the application includes a vulnerability based on a result of the automatically initiated scheduled task; and generating a ticket when the vulnerability is included in the set of source codes.

Abstract: Described systems and methods allow protecting multiple wireless Internet-of-things (IoT) devices against impersonation attacks. In some embodiments, a security appliance detects an availability notification (e.g., a Bluetooth® Low Energy advertisement) emitted as part of a protocol of establishing a wireless connection between two devices. The security appliance may then determine whether the detected notification fits a baseline notification pattern of the apparent sender. When no, the security appliance may attack the sender device by replying to the respective availability notification and initiating a handshake.

Abstract: A terminal apparatus is provided. The terminal apparatus includes a receiver configured to receive a first message from a base station apparatus, and a processing unit configured to modify first data radio bearer configuration configured for the terminal apparatus, based on the first message. A first PDCP entity is reconfigured as a packet data convergence protocol (PDCP) entity for the first data radio bearer. A first secrecy key for a source and a second secrecy key for a target are configured for the first PDCP entity as secrecy keys for the first data radio bearer. In a case that the first message includes first information and second information, the second secrecy key for the target of the first PDCP entity is configured based on the second information. In a case that the first message does not include the first information, the first secrecy key for the source is applied to the second secrecy key for the target of the first PDCP entity.

Abstract: In one embodiment, the invention is a method and apparatus for designing combinational logics with resistance to hardware Trojan induced data leakage. The invention solves the untrustworthy fabrication risk problem by introducing a design method such that even when the design is entirely known to an attacker and a data leakage Trojan is injected subsequently, no useful information can be obtained. This invention contains several methods as shown in several embodiments. The methods include randomized encoding of binary logic, converting any combinational binary logic into one with randomized encoding, and partitioning a randomized encoded logic for split manufacturing.

Abstract: A terminal apparatus for communicating with a base station apparatus, the terminal apparatus including: a receiver configured to receive an RRC reconfiguration message from the base station apparatus; and a processing unit, wherein the processing unit establishes a PDCP entity in accordance with the RRC reconfiguration message, applies, to the PDCP entity, a first ciphering algorithm, a first ciphering key, a first integrity protection algorithm, and a first integrity protection key provided by an upper layer, and based on a first request made by the upper layer, applies, to the PDCP entity, a second ciphering algorithm, a second ciphering key, a second integrity protection algorithm, and a second integrity protection key provided by the upper layer.

Abstract: Techniques for reduction and acceleration of a deterministic finite automaton (DFA) are disclosed. In some embodiments, a system, process, and/or computer program product for reduction and acceleration of a DFA includes receiving an input value; performing a reduced deterministic finite automaton lookup using a lookup key, wherein the lookup key comprises a current state and the input value; and determining a next state based on the lookup key.

Abstract: A system can include a processor; memory operatively coupled to the processor; an input; an output; and one or more modules stored in the memory that include instructions executable by the processor to instruct the system to receive information, via the input, that includes information associated with a target; parse the information; access a profile; and build a link based at least in part on the information and at least in part on the profile.

Abstract: Rotation of a wireless client device address is based on an encryption key and a nonce value. Key information and nonce value information are shared between a wireless client device and a network infrastructure component over a secure communication channel. The wireless client device encrypts the nonce value using the key information and encodes the encrypted value as a device address. The wireless client device then identifies itself via a source address value in a message transmitted over a wireless network. Upon receiving the message, the network infrastructure component decrypts information derived from the source address value and compares the resulting data to the nonce value. If a match is identified, the network infrastructure identifies the wireless client device as a source of the message. In some embodiments, the nonce value is updated with each rotation to provide for improved entropy of generated device addresses.

Abstract: A method and a device for device network configuration and registration are disclosed. The method includes: a first device receives a first network configuration parameter from a second device, where the first network configuration parameter includes a local area network identifier of a local area network, an access password of the local area network, and a device identifier, a security parameter, or an access token of the second device. The first device requests to access a server by using the first network configuration parameter. The server assigns a device parameter to the first device, where the device parameter includes a device identifier, a security parameter, and an access token of the first device. The first device requests to access the server by using the device parameter. This method can simplify a network configuration and registration process of a smart device, and implement fast network configuration and registration.

Abstract: Systems and methods for integrated communication security are described. One aspect includes a clock generator configured to generate a clock signal at a first frequency, and a circuit utilizing the clock signal. The circuit may include a port configured to receive an encryption sequence at the first frequency, and a first unidirectional data path between the port and a memory configured to permit data transfer from the port to the memory. The memory may be configured to access the encryption sequence from the port via the first unidirectional data path and store the data. The circuit may further include a clock divider configured to divide the first frequency by a divisor deriving another clock signal at a second frequency, and an encryption/decryption module configured to read a portion of the encryption sequence from the memory, process input using the portion of the encryption sequence, and generate output responsive to the processing.

Abstract: An information obtaining method and an apparatus are disclosed. The method includes: sending a first initial NAS message including a non-cleartext information element protected using a first root key from a terminal to a source mobility management network element; receiving a second root key and first indication information from the source mobility management network element, where the first indication information indicates that the second root key is an updated key; sending second indication information and third indication information to the terminal based on the first indication information, where the second indication information indicates the terminal to update the first root key stored by the terminal to obtain the second root key, and the third indication information indicates the terminal to resend the initial NAS message; and receiving a second initial NAS message including the non-cleartext information element protected using the second root key from the terminal.

Abstract: Embodiments of the present disclosure provide methods, systems, apparatuses, and computer program products that provide for an improved, more efficient, and more stable system of networked computing devices. The embodiments disclose an apparatus and system that enable client devices to selectively grant to third party applications permissions to access group-based communication objects of a group-based communication system. The apparatus and system further enable client devices to selectively grant to third party applications permissions to take specific actions with regards to the group-based communication objects within the system. To accomplish the improvements, the disclosed systems, apparatuses, and computing devices maintain a record of the permissions granted to third party applications in a permissions table stored in a computer storage device.