Abstract: There is provided an information processing apparatus including a memory and a processor configured to generate and hold connection information necessary for accessing document data to be signed, which is stored in the memory, via a network, transmit approval request information including connection information corresponding to the document data to a terminal device used by an approver, authenticate the approver by collating the connection information transmitted from the terminal device with the held connection information, and then perform connection to the terminal device via the network, cut off the network connection in a case where the approver finishes electronically signing the document data, and discard the connection information corresponding to the document data.

Abstract: A device for authenticating an organisation requesting access to user data, comprising: network interface circuitry configured to communicate over a network, and processing circuitry configured to: receive, via the network interface circuitry, encrypted user data from an information processing apparatus; generate a unique identifier to associate with a decryption key used for decrypting the encrypted user data; provide the encrypted user data and the unique identifier to a publically available database for storage immutably therein or thereon; store the decryption key in association with the unique identifier; receive, via the network interface circuitry, a request to access the user data from an organisation; establish that the requesting organisation is an approved organisation; and in the event that the requesting organisation is an approved organisation; transmit, via the network interface circuitry, the decryption key to the requesting organisation.

Abstract: One embodiment provides a method, including: receiving, in an application on an information handling device, a password reset request from a user; accessing, subsequent to the receiving, a data store comprising a list of answers that are responsive to a list of security questions; constructing, using the data store, a temporary password, wherein the temporary password consists of at least one answer selected from the list of answers; and providing, to the user, a prompt containing an indication of the temporary password, wherein the prompt comprises at least one security question, from the list of security questions, that corresponds to the at least one answer. Other aspects are described and claimed.

Abstract: Systems, apparatuses, and methods related to a computer system having a processor and a main memory storing scrambled data are described. The processor may have a secure zone configured to store keys and an unscrambled zone configured to operate on unscrambled data. The processor can convert the scrambled data into the unscrambled data in the unscrambled zone using the keys retrieved from the secure zone in response to execution of instructions configured to operate on the unscrambled data. Another processor may also be coupled with the memory, but can be prevented from accessing the unscrambled data in the unscrambled zone.

Abstract: A cyberrisk governance method to automate cybersecurity detection and resolution in a network is disclosed. The method includes monitoring data related to one or more cybersecurity, Information Technology (IT) operation responses, and governance controls to address regulation, compliance and enterprise risk. Further, the method includes detecting one or more threats in the data using Machine Learning (ML). The one or more threats correspond to at least a malware detection, an intrusion detection, fraud detection for IT, and user behavioral analysis for the internet of things (IoT). The method further includes generating a report for a user based at least on the detected one or more threats. The generated report includes one or more security information and one or more security patches. Thereafter, the method includes sending the generated report to the user, thereby automating cybersecurity detection and resolution in the network.

Abstract: Inferential analysis includes: assessing risk of a cyber security failure in a computer network of an entity, using a computer agent configured to collect information from at least one accessible Internet elements, automatically determining, based on the assessed risk, a change or a setting to at least one element of policy criteria of a cyber security policy; and automatically recommending, based on the assessed risk, a computer network change to reduce the assessed risk.

Abstract: Assessing risk of a cyber security failure in a computer network of an entity includes: assessing risk of an entity, using a computer agent configured to collect information from at least publicly accessible Internet elements, and automatically recommending, based at least in part on the assessed risk, changes to reduce the assessed risk to mitigate the theoretical damage. The assessed risk comprises a cyber security failure risk in a computer network of the entity; and the assessing of risk comprises: generating a disaster scenario that comprises elements of a disaster event; modeling the disaster scenario against a profile of the entity; and determining theoretical damage based at least in part on the modeling.

Abstract: Systems and methods for off-chain verification of cryptographic transactions are disclosed. The system receives a first transaction from a first blockchain, wherein the first transaction is associated with a first address of a first user device and receives a notification of an analysis of a whitelist status for the first transaction. The system performs a first off-chain check on the first transaction to determine validity of the first transaction and if the first off-chain check fails, determines whether a second off-chain check is required. If the second off-chain check is required the system performs the second off-chain check and if the second off-chain check fails, determines whether a supervised check is required. If the supervised check is required, the system sends transaction parameters of the first transaction to a second user device and submits transaction details to the first blockchain if an approval is received from the supervisor user device.

Abstract: A method of a local bundle assistant (LBA) negotiating a certificate with a secondary platform bundle manager (SPBM) in a wireless communication system including: transmitting a request message requesting information of certificates supported by a secondary secure platform (SSP) to a secondary platform bundle loader (SPBL) of the SSP; receiving the information of certificates supported by the SSP including information of certificate issuers corresponding to a family identifier from the SPBL; transmitting the information of certificates supported by the SSP to the SPBM; and receiving a certificate of the SPBM for key agreement, information of public key identifiers of certificate issuers to be used by the SSP, and information of the family identifier from the SPBM.

Abstract: Disclosed in some examples are systems, methods, memory devices, and machine readable mediums for a fast secure data destruction for NAND memory devices that renders data in a memory cell unreadable. Instead of going through all the erase phases, the memory device may remove sensitive data by performing only the pre-programming phase of the erase process. Thus, the NAND doesn't perform the second and third phases of the erase process. This is much faster and results in data that cannot be reconstructed. In some examples, because the erase pulse is not actually applied and because this is simply a programming operation, data may be rendered unreadable at a per-page level rather than a per-block level as in traditional erases.

Abstract: Utilizing a non-repeating identifier to encrypt data, including: receiving a request to write data to a storage device; selecting a segment-offset pair where the data will be stored, where the selected segment-offset pair is unique to every other segment-offset pair utilized during the lifetime of the storage device; and encrypting the data in dependence upon an identifier of the segment-offset pair.

Abstract: A privacy-enhancing system, method, and non-transitory computer-readable medium for securely identifying or verifying an individual over time without retaining sensitive biometric data (e.g., biometric images or biometric templates) for the purpose of securely storing data regarding the individual.

Abstract: Methods and systems are provided for performing a secure transaction. In an embodiment, users register biometric and/or other identifying user information. A private encryption key is generated from the biometric information and/or other user information and/or information obtained from a unpredictable physical process and are stored in a secure area of a device and a public key is transmitted to the blockchain network which acts as a service provider. In some embodiments, the execution and integrity of transactions by using transaction signatures, based on visual images is disclosed. In an embodiment, a blockchain network verifies and executes the transaction.

Abstract: An event is detected. The event is a designated event for capturing a snapshot of a blockchain where the blockchain is not replicated in a distributed ledger. For example, the event may be where a specific number of new blocks have been added to the blockchain. In response to detecting the event, a capstone block or a lock block is created. The capstone block or the lock block is added to the blockchain. A copy of the capstone block or the copy of the lock block sent to a trusted authority. The copy of the capstone block or the copy of the lock block is used to validate some or all the blockchain to detect if the blockchain has been changed. For example, validating the blockchain may be to detect if the blockchain has been tampered with or has become corrupted.

Abstract: Systems and methods are provided for receiving, from an access point, attributes of an Internet of Things (IoT) device connected to the access point, determining a stored device, in a database of a server, sharing a subset of the attributes of the IoT device, and generating a code bundle based on the subset of the shared attributes between the stored device and the IoT device.

Abstract: The present application generally relates to systems, devices, and methods to conduct the secure exchange of encrypted data using a three-element-core mechanism consisting of the key masters, the registries and the cloud lockboxes with application programming interfaces providing interaction with a wide variety of user-facing software applications. Together the mechanism provides full lifecycle encryption enabling cross-platform sharing of encrypted data within and between organizations, individuals, applications and devices. Further the mechanism generates chains of encrypted blocks to provide a distributed indelible ledger and support external validation. Cross-verification among users, applications and the mechanism deliver both enterprise and business ecosystem cyber security features. Crowdsourcing of anomaly detection extends to users and to subjects of the data. Robust identity masking offers the benefits of anonymization while retaining accountability and enabling two-way communications.

Abstract: Systems and methods for providing provenance and anti-counterfeiting of a part using blockchain technology are disclosed. One method may include: receiving, through a network, first information of a part associated with a first authentication means on the part from a first user device; verifying, through a blockchain network, the first information of the part via the first authentication means; generating, through the blockchain network, a first block of a blockchain entry for the part based on the verified first information of the part; sending, through the blockchain network, information of a second authentication means associated with the part to the first user device; and publishing, through the blockchain network, the verified first information of the part to the first user device when the first authentication means is activated.

Abstract: A method of providing read access to information stored in a distributed ledger.

Abstract: A protection system, method, and a security device can protect an operational technology (OT) system having connected hardware equipment, including at least an interface that can receive a control communication and an industrial control device (ICD) for controlling at least one industrial device. They feature tasks/steps that receive control communication from the communication interface, determine whether the received control communication contains an undesirable control command, and either pass or block the received control communication to the ICD depending on whether the received control communication contains an undesirable control command. The security device can be disposed between a source of communication in an OT network and the ICD for protection.

Abstract: A fluid meter includes communication means arranged to receive an external opening or closing command to open or close an electromechanical valve suitable for being included in a cut-off unit mounted in the proximity of the fluid meter, authentication means arranged to authenticate a control frame including the opening or closing command, and a first communication interface arranged to transmit both the control frame and electrical energy to a second communication interface of the cut-off unit via a wireless link. The electrical energy is suitable for electrically powering the second communication interface of the cut-off unit.