Abstract: According to certain embodiments, a method comprises performing a posture assessment at a trust anchor in order to determine whether a hardware component is authorized to run on a product. Performing the posture assessment comprises determining a random value (K), encrypting the random value (K) using a long-term key associated with the hardware component in order to yield an encrypted value, communicating the encrypted value to the hardware component, and receiving, from the hardware component, a message encrypted using the random value (K). The message comprises an identifier associated with the hardware component. Performing the posture assessment further comprises determining whether the hardware component is authorized to run on the product based at least in part on the identifier associated with the hardware component. The method further comprises performing an action that depends on whether the hardware component is authorized to run on the product.

Abstract: A cross-network communication system includes a plurality of client networks. The cross-network communication system includes a Service Negotiation Plane configured to forward messages between the plurality of client networks via a plurality of control interfaces, each of which corresponds to one of the plurality of client networks. Each of the plurality of control interfaces includes a first data guard that belongs to the corresponding client network. The first data guard is configured to prevent exfiltration of classified information or permit only particular types of messages to traverse the Service Negotiation Plane.

Abstract: Rotation of a wireless client device address is based on an encryption key and a nonce value. Key information and nonce value information are shared between a wireless client device and a network infrastructure component over a secure communication channel. The wireless client device encrypts the nonce value using the key information and encodes the encrypted value as a device address. The wireless client device then identifies itself via a source address value in a message transmitted over a wireless network. Upon receiving the message, the network infrastructure component decrypts information derived from the source address value and compares the resulting data to the nonce value. If a match is identified, the network infrastructure identifies the wireless client device as a source of the message. In some embodiments, the nonce value is updated with each rotation to provide for improved entropy of generated device addresses.

Abstract: Embodiments of the present disclosure provide methods, systems, apparatuses, and computer program products that provide for an improved, more efficient, and more stable system of networked computing devices. The embodiments disclose an apparatus and system that enable client devices to selectively grant to third party applications permissions to access group-based communication objects of a group-based communication system. The apparatus and system further enable client devices to selectively grant to third party applications permissions to take specific actions with regards to the group-based communication objects within the system. To accomplish the improvements, the disclosed systems, apparatuses, and computing devices maintain a record of the permissions granted to third party applications in a permissions table stored in a computer storage device.

Abstract: In some implementations, an internet protocol multimedia subsystem (IMS) may receive a device identity of the user device as part of an emergency call. The IMS may transmit the device identity to an emergency call server (ECS). The IMS may receive, from the ECS, a subscriber identity of the user device. The IMS may transmit the subscriber identity to a public safety answering point (PSAP) through a next generation core services (NGCS) network that uses a Stir and Shaken protocol. The emergency call is then established with a true subscriber identity of the user device.

Abstract: Methods and systems that allow a user to see the people or groups who have access to files that are maintained by a plurality of cloud content sharing services. In particular, the user may see what specific party has access to each particular file or directory, regardless of multiple cloud content sharing services involved. Moreover, a user interface and exposed application program interface allows the user to manipulate the permissions, e.g., granting access, to another person or group, to a file or directory. The user interface may also allow the user to terminate access to the file or directory for a person or group. The user's action to change a permission may be effected independently of the particular cloud content sharing service.

Abstract: A data transmission method and a communications apparatus are provided. One data transmission example method includes that a core network user plane device receives a first data packet sent by an access network device, where the first data packet includes uplink data of a terminal device and identification information of the terminal device. The core network user plane device obtains context information of the terminal device based on the identification information of the terminal device. The core network user plane device processes the uplink data based on the context information of the terminal device.

Abstract: An electronic device is provided that includes an input device configured to receive sound, a processor, and a memory storing program instructions accessible by the processor. Responsive to execution of the program instructions, the processor is configured to identify a third party application that accesses the electronic device, and vary sound characteristics obtained by the input device based on the third party application identified to prevent a biometric algorithm from obtaining user information.

Abstract: Systems, methods, apparatus, and articles of manufacture to facilitate configuration and naming of a multimedia playback device on a local playback network are disclosed. An example method includes identifying and analyzing local network topology to identify playback device(s) connected to the network at location(s). The example method includes analyzing a playback device to be added and comparing the playback device to be added to the playback device(s) already connected to the network. The example method includes displaying available option(s) to name the playback device to be added based on the analysis of the network, the already connected playback device(s) and the playback device to be added to the network. The example method includes naming the playback device to be added based on a selected available option.

Abstract: Embodiments include methods performed by vehicle-to-everything (V2X) system for protecting proprietary data within misbehavior reports. Various embodiments may include detecting misbehavior conditions based on received sensor data, determining whether the received sensor data that supports a conclusion that a misbehavior condition has occurred is or includes proprietary information, and encrypting the sensor data that supports the conclusion that the misbehavior condition has occurred in response to determining that the received sensor data is or includes the proprietary information.

Abstract: The disclosure relates to duplication of a near field communication (NFC) card, and an operating method for an electronic device may comprise: detecting a tag of the NFC card; obtaining at least one parameter related to the NFC card; and based on the NFC card satisfying a specified condition, producing a duplicate card of the NFC card by storing the at least one parameter. The specified condition may include the features wherein the NFC card is a designated type of a card and the NFC card uses a default key.

Abstract: Methods and systems for detecting false base stations are provided. A computing device transmits a request for a verification message to a base station. An encrypted verification message comprising a base station identifier and a signature encrypted using an encryption key associated with the base station is received by the computing device. The computing device decrypts the signature included in the encrypted verification message utilizing a decryption key associated with the computer system. Based on the decrypted signature, the computing device determines that the encryption key does not correspond to the decryption key. Based on determining that the encryption key does not correspond to the decryption key, the computing device stores the base station identifier in a data store in association with a false base station indicator.

Abstract: Various aspects of the present disclosure generally relate to wireless communication. In some aspects, a user equipment (UE) may determine, based at least in part on a key derivation function and a set of physical layer parameters, a secret key for encrypting a unicast physical channel at a physical layer, wherein the secret key is a UE-specific secret key. The UE may transmit, to a base station, an encrypted transmission over the unicast physical channel based at least in part on the secret key. Numerous other aspects are described.

Abstract: A computing system can include an interface that receives a URL responsive to activation of an Internet link by a remote device; circuitry that determines a geolocation of the remote device; and circuitry that, based at least in part on the geolocation of the remote device, generates a redirection link.

Abstract: A method for secure wireless communication executed by at least one processor of a device. A registration certificate is transmitted to the device by a host, the registration certificate including a Long Term Device Key (LTDK) and being generated by a registration server in response to the registration of the host as authorized to connect to the device. In response to receiving a request for securing a Bluetooth connection between the device and the host, the device transmits the LTDK to the host. The device receives, from the host, a connection certificate including connection data for establishing the connection between the host and the device. The connection certificate is signed by a private Long Term Host Key (LTHK) of the host, where the LTHK of the host and the LTDK of the device form a cryptographic Long Term Key pair. The device validates the connection certificate using the LTDK of the device to determine whether the host is authorized to connect to the device.

Abstract: A method for executing a function, secured by temporal desynchronization, includes when a first legitimate instruction is loaded, noting the opcode of this first legitimate instruction, then constructing a dummy instruction on the basis of this noted opcode, the dummy instruction thus constructed being identical to the first legitimate instruction except that its operands are different, then incorporating the dummy instruction thus constructed into a sequence of dummy instructions used to delay the time at which a second legitimate instruction is executed.

Abstract: A method for providing vulnerability management to facilitate application development and deployment is disclosed. The method includes receiving a monitoring request that includes an identifier, the identifier corresponding to an application; onboarding the application by using the identifier; generating a scheduled task for the application based on an outcome of the onboarding, the scheduled task relating to source code vulnerability analytics; automatically initiating, via an application programming interface, the scheduled task based on a predetermined parameter; determining whether a set of source codes that corresponds to the application includes a vulnerability based on a result of the automatically initiated scheduled task; and generating a ticket when the vulnerability is included in the set of source codes.

Abstract: Various methods, apparatuses/systems, and media for automating a process of receiving documentation are provided. A first computing device initiates an electronic communication process to request documentation from a second computing device utilized by a user. A processor receives identification information of the user for generating a unique barcode to be provided with the requested documentation in response to the initiation of the electronic communication. One or more processors generate the unique barcode based on the received identification information of the user; create an application programming interface (API) link for the generated barcode; transmit the electronic communication with the API link attached therein to the second computing device; and automatically obtain the unique barcode upon receiving an input to open the API link from the second computing device, the unique barcode to be attached as a cover sheet with the requested documentation for scanning by a multi-functional device.

Abstract: Described systems and methods allow protecting multiple wireless Internet-of-things (IoT) devices against impersonation attacks. In some embodiments, a security appliance detects an availability notification (e.g., a Bluetooth® Low Energy advertisement) emitted as part of a protocol of establishing a wireless connection between two devices. The security appliance may then determine whether the detected notification fits a baseline notification pattern of the apparent sender. When no, the security appliance may attack the sender device by replying to the respective availability notification and initiating a handshake.

Abstract: In one embodiment, the invention is a method and apparatus for designing combinational logics with resistance to hardware Trojan induced data leakage. The invention solves the untrustworthy fabrication risk problem by introducing a design method such that even when the design is entirely known to an attacker and a data leakage Trojan is injected subsequently, no useful information can be obtained. This invention contains several methods as shown in several embodiments. The methods include randomized encoding of binary logic, converting any combinational binary logic into one with randomized encoding, and partitioning a randomized encoded logic for split manufacturing.