Abstract: Systems and methods for blockchain ledger growth management using separation of a blockchain ledger into multiple blockchain ledgers (each ledger having a state that can be tracked and used). The systems and methods also include linking the separated ledgers by utilizing a linking application and smart contracts added to the separated ledgers.

Abstract: A method, access control system, and readers for use in an access control system are described. One example of the disclosed method providers the ability to securely augment an existing physical access control system that relies on access control tokens (e.g., credentials) with a secure mobile-based solution allowing the secure local offline exchange of a new access control token for another that can be used with the existing installed access control system.

Abstract: In certain embodiments, one aspect provides a method of securely distributing multi-tier multimedia contents on the Internet, using Non-Fungible Token (NFT) Blockchain and comprising the steps of: signal processing data splitting phase, converting an original multimedia file into multiple data portions; access control encryption phase, converting each of the multiple data portions into an encrypted data portion and uploading the encrypted data portion to a storage cloud; access control storage phase, storing the encrypted data portion on the storage cloud; access control decryption phase, downloading the encrypted data portion from the storage cloud and reconstructing each of the encrypted data portions into each of said multiple data portions; and signal processing data merging phase, reconstructing appropriate multimedia data content depending on a user's tier level.

Abstract: The subject disclosure relates to systems, methods, and devices corresponding to smart label devices. Furthermore, disclosed are smart label systems that include individualized medicine modules communicatively coupled with smart label devices. Furthermore, a method is disclosed that comprises receiving, by the smart label control system, detection data from the smart label device, wherein the detection data represents a geo-locational boundary signal. The method further comprises disabling, by the smart label control system, a rendering of content on a display of the smart label device.

Abstract: The subject disclosure relates to systems, devices, and methods for executing operations related to procurement of individualized medicine therapies. Also disclosed are embodiments systems, methods, and devices for accessing a wide range of individualized medicine platform modules. Furthermore, disclosed herein are individualized medicine platform systems, methods and devices communicatively coupled to blockchain computing systems comprising several nodes. The disclosed systems, methods, and devices also generate chain of custody and chain of identity event data.

Abstract: A computer-implemented method is for tamper-evident recording of a plurality of executable items. Each executable item is associated with a data item verification fingerprint. The method includes computing an aggregated verification fingerprint from data item verification fingerprints using a one-way compression function so that the aggregated verification fingerprint has a first bit length. The first bit length is less than a total bit length of a concatenation of the data item verification fingerprints. The method further includes storing the aggregated verification fingerprint in a blockchain, attempting to execute an element of code, validating the element of code against the aggregated verification fingerprint, and, based on the validation, allowing execution or denying execution of the element of code.

Abstract: A system for authorizing secured access using cryptographic hash value validations is provided. In particular, the system may receive requests from users and/or computing systems to obtain secured access a particular resource or to execute a certain process. In response, the system may require that the user and/or computing system complete additional required steps (e.g., a computation) before being granted access to the resources or processes. In this way, the system may prevent unauthorized or unintended access to the system's resources or processes.

Abstract: An apparatus, a method, and a system are presented in which the apparatus includes an interface control circuit that may be configured to receive a message including a cryptographic keyword and a policy value. The policy value may include one or more data bits indicative of one or more policies that define allowable usage of the cryptographic keyword. The apparatus also includes a security circuit that may be configured to extract the cryptographic keyword and the policy value from the message, and to apply at least one policy of the one or more policies to usage of the cryptographic keyword in response to a determination that an authentication of the message succeeded.

Abstract: Described are a system, method, and computer program product for detecting malicious changelog modifications with blockchain. The method includes identifying at least one database transaction that was initiated in response to a request by a user and receiving a first changelog record associated with the at least one database transaction from a target blockchain of at least one changelog blockchain. The method also includes determining a public key associated with the user and attempting a decryption of the first changelog record using the public key. The method further includes detecting tampering of the target blockchain for the at least one database transaction based on determining that the decryption of the first changelog record has failed, and restoring at least part of the target blockchain with at least part of a verified changelog blockchain based on the tampering of the target blockchain.

Abstract: A blockchain architecture allows blocks to store both public and private data. The public data may be accessible to any node in the blockchain network, while the private data may be accessible only to nodes specified in an access list, which may be provided when a record is added to the blockchain. When a new record is received, any private fields in the record may be identified and encrypted by a receiving node. The key may then be encrypted and sent with the protected record to other nodes in the access list. These nodes can access the encryption key, decrypt the private fields, and provide a consensus decision to a receiving node. After consensus, the protected record may be added to the blockchain, where the public fields may be freely accessed by any node, and the private fields remain accessible only to nodes in the access list.

Abstract: A device comprises: a receiver configured to receive a client certificate; a processor coupled to the receiver and configured to: authenticate the client certificate, extract, in response to the authentication, attributes from the client certificate, and create, in response to the extraction, a message comprising reformatted attributes based on the attributes, wherein the reformatted attributes can be trusted; and a transmitter coupled to the processor and configured to transmit the message. A device comprises: a processor configured to: process a client certificate comprising a certificate identifier (ID) attribute, a tenant ID attribute, and a role ID attribute, and package the client certificate in a request for a shared service; and a transmitter coupled to the processor and configured to transmit the request.

Abstract: Secrets such as secure session cookies for a web browser can be protected on a compute instance with multiple layers of encryption, such as by encrypting key material that in turn controls cryptographic access to the secret. A compute instance can be instrumented to detect when a process attempts to decrypt this key material so that the process requesting decryption can be compared to authorized or legitimate users of the secret.

Abstract: This application relates to a client-server architecture that enables user accounts registered with a service to be discoverable to other users of the service. A discovery protocol includes accessing personal information data stored in an address book of a client device, obfuscating the personal information data, transmitting a request to a service to determine if the obfuscated personal information data matches any potential contacts that have registered as discoverable with the service, and comparing information related to the potential contacts with the contacts included in the address book to determine if the contacts in the address book match any of the potential contacts.

Abstract: Generating user-specific polygraphs for network activity, including: gathering information describing network activity associated with a user and generating, based on the information, a user-specific polygraph that includes one or more destinations associated with the network activity.

Abstract: Detecting deviations from typical user behavior, including: identifying a geographic location of a device that is associated with a user; determining device activity associated with the user; and detecting, based on a profile associated with the user, that the device activity associated with the user deviates from normal activity for the user.

Abstract: A system and method (referred to as a system) processes a vehicle title interfaced to an issuance authority by authenticating a user and mapping the user's credentials. The system executes registration and titling activities over a network with an issuance authority in response to the authentication of a token. The system retrieves a user membership private key from a private key vault and instantiates smart contracts that commit a transaction associated with a registration of a physical asset with the issuance authority. The system signs the smart contracts with a cryptographic private key not assigned to the user membership in response to establishing a proof of claim to the physical asset and invokes a service discovery that identifies availability of on-line certificate attesting peer nodes to attest the transaction. The system instantiates of the smart contracts on a title issuance authority blockchain network hosted by the issuance authority or provisioned to them in a managed services deployment.

Abstract: System and methods are described which are useful for efficiently combining characteristic detection rules, such as may be done to efficiently and quickly assist in the dispositioning of user reported security threats.

Abstract: Detecting anomalous behavior of a device, including: generating, using information describing historical activity associated with a user device, a trained model for detecting normal activity for the user device; gathering information describing current activity associated with the user device; and determining, by using the information describing current activity associated with the user device as input to the trained model, whether the user device has deviated from normal activity.

Abstract: There is provided an information processing apparatus including a memory and a processor configured to generate and hold connection information necessary for accessing document data to be signed, which is stored in the memory, via a network, transmit approval request information including connection information corresponding to the document data to a terminal device used by an approver, authenticate the approver by collating the connection information transmitted from the terminal device with the held connection information, and then perform connection to the terminal device via the network, cut off the network connection in a case where the approver finishes electronically signing the document data, and discard the connection information corresponding to the document data.

Abstract: A device for authenticating an organisation requesting access to user data, comprising: network interface circuitry configured to communicate over a network, and processing circuitry configured to: receive, via the network interface circuitry, encrypted user data from an information processing apparatus; generate a unique identifier to associate with a decryption key used for decrypting the encrypted user data; provide the encrypted user data and the unique identifier to a publically available database for storage immutably therein or thereon; store the decryption key in association with the unique identifier; receive, via the network interface circuitry, a request to access the user data from an organisation; establish that the requesting organisation is an approved organisation; and in the event that the requesting organisation is an approved organisation; transmit, via the network interface circuitry, the decryption key to the requesting organisation.