Abstract: A multi-lender architecture is configured to provide a loan applicant with automated pre-qualification and automobile loan eligibility evaluation for multiple candidate lenders. Lender output data may include sensitive data. The lender output data is stored in a data object of a first format and one or more fields of the data object are encrypted at the field level. The encrypted data object may be transmitted through multiple application layers or terminals. The encrypted data object may be reformatted at one or more application layers or terminals without decryption. A reformatted encrypted data object containing the lender output data may be decrypted at the last layer before forwarding the lender output data to the loan applicant.

Abstract: Embodiments of a smart card and systems and methods for secure data access using a smart card are described. The smart card may be formed a substrate and may include a microprocessor, a memory containing an applet, a counter, and a unique identifier. The smart card may dynamically generate a unique uniform resource location (URL) and transmit the URL to via a contactless communication interface to securely facilitate data access from other devices.

Abstract: Systems and methods are provided including an implementation where a written new idea is reduced to a document, such as a patent application, which can be put through a secure hash algorithm to create a hash of the entire document, or at least a portion thereof. A time stamp is applied to the hash by posting the hash to a website and/or using time stamp hardware having an authentication capability.

Abstract: An approach is disclosed for providing free storage to a client on a blockchain platform. A number of free storage markers targeted for the client is generated by a governing entity. After validating the client by the governing entity, the number of free storage markers are transferred to the client where the free storage markers include a timestamp, a number of tokens, a client identification, an expiration, and a governing entity signature. An allocation from the number of free storage markers received from the client is processed by the governing entity for storage access.

Abstract: Techniques for business data protection for running tasks in a computer system are described herein. An aspect includes receiving a request. Another aspect includes processing a task corresponding to the request. Another aspect includes receiving a debugging request from a user corresponding to the task, wherein the debugging request is received during the processing of the task. Another aspect includes, based on receiving the debugging request, determining whether the user is authorized to access business data corresponding to the task. Another aspect includes, based on determining that the user is not authorized to access the business data corresponding to the task, redacting the business data from debugging data corresponding to the debugging request. Another aspect includes providing the redacted debugging data to the user.

Abstract: Systems and methods for digital property authentication and management are disclosed. A document representing a trade secret may be requested to be registered with a trade secret registry. A document obfuscation value corresponding to the document may be generated and may be registered with a blockchain. A record of the registration may be generated for the trade secret registry. The registry may be searchable and/or offer functionality such as valuation, insurance provision, and/or verification, among other benefits and functionalities.

Abstract: An off-road mobile work machine data capture system includes a robustly-identifiable sensor module having a task sensor that provides a task sensor signal indicative of a task. The system also includes a processor coupled to the robustly-identifiable sensor module that is configured to issue a challenge to the robustly-identifiable sensor module and compare a response from the robustly-identifiable sensor module to an expected response to authenticate the robustly-identifiable sensor module. The processor is further configured to generate an indication of authentication failure if the response from the robustly-identifiable sensor module does not match the expected response.

Abstract: A method of associating user identity with an autonomous agent embodied on a blockchain stored in a blockchain network, the method comprising the following steps: a user engaging in a user authentication process to obtain a set of one or more verified identity attributes of the user; computing an identity hash, by applying a hash function to input data comprising the set of verified identity attributes; and sending to the blockchain network a data package comprising the identity hash and an identifier of the autonomous agent; wherein the autonomous agent is embodied on the blockchain as program code and at least one associated state register for storing associated program state, and wherein the data package causes at least a portion of the autonomous agent's program code to be executed on a node of the blockchain network, which upon execution stores the identity hash in the at least one state register of the autonomous agent.

Abstract: Provided is a system and method for verifying a blockchain using an external audit chain. The system may include an engine which facilitates communication between two or more independent blockchains. In one example, the method may include reading block data of a source data block that is stored among a hash-linked chain of data blocks on a blockchain, verifying a hash of the source block based on the block data that is read, generating a token based on the hash verification of the source block and storing the generated token in a verification block among the hash-linked chain of blocks on the blockchain to create a verification point on the blockchain, and storing a copy of the generated token in a block among a hash-linked chain of blocks on an audit blockchain that is independent from the blockchain.

Abstract: Access to Electronic Health Records (EHR) is protected by law in many countries, including the US through HIPAA. During an emergency medical situation however, access to this information by the Emergency Care Team (ECT) may save the life of the Person In Distress (PID). The present invention describes a system and method for managing the access to EHRs based on the membership in a pre-established ECT and the communication status of the ECT Members during an Emergency Event. This invention includes a method of Encryption key exchange to ensure EHRs are only shared with authorized participants during the emergency event. This system and method further provides for the secure and immutable recording of the individuals who accessed the EHRs during this emergency event.

Abstract: A notification is received that a first user device and a second user device would like to share a data set. The data set is retrieved from a database. A first security level associated with the first user device and a second security level associated with the second user device is retrieved. The data set is provided to the first user device and the second user device in accordance with the first security level and the second security level.

Abstract: A method and apparatus for secured, peer-to-peer transfer of data rights over a computer network, the method being accomplished by a distributed computing system including a distributed ledger platform and an off-chain data host platform. On-chain authorization tokens are used to track data access rights, enforce access policies, and control distribution of encryption keys.

Abstract: An approach is disclosed to replace or by-pass a first blobber utilizing a blockchain infrastructure. The first blobber is identified. For replacement, a second blobber is identified and a replacement transaction is written. Write markers with respect to content for the second blobber are generated. The content is transferred to the second blobber. After detecting a successful completion of all the writes to the second blobber, a transaction to drop the first blobber is written. When the first blobber is by-passed content written to the first blobber capable of being reconstructed from other blocks is written to other blobbers. Read markers are sent for the other blocks to the other blobbers. The blockchain monitors for successful completion of all reads of the other blocks. After detecting the successful completion of all the reads of the other blocks from the other blobbers, the content is reconstructed from the other blocks.

Abstract: Systems, computer program products, and methods are described herein for enhanced authentication framework using multi-dimensional hashing. The present invention is configured to electronically receive, from a computing device of a user, a resource transfer request; retrieve, from an authentication database, a multi-dimensional hash for a first set of data files for the user and a user identification artifact; retrieve, from the computing device of the user, a second set of data files matching the user identification artifact; initiate an asynchronous hash processing engine on the second set of data files; generate, using the asynchronous hash processing engine, a multi-dimensional hash for the second set of data files; compare the multi-dimensional hash for the first set of data files with the multi-dimensional hash for the second set of data files to determine a match; and authorize the resource transfer request based on at least determining the match.

Abstract: Aspects of the present disclosure are directed to systems and methods for authenticating a user requesting access to a computing resource based on telematics data. A system may include a telematics device associated with a vehicle having one or more sensors arranged therein, a mobile device, and a server computer. The server computer may receive telematics data of a user associated with the vehicle from the telematics device, store the telematics data in memory, receive a request to authenticate the user, generate one or more questions for authenticating the user based on the telematics data, transmit the one or more questions for presentation to the user, receive one or more answers to the one or more questions from the mobile device, and transmit, to the mobile device, an indication of whether the user is authenticated based on the one or more answers.

Abstract: A method for performing biometric authentication is disclosed. In one example, the method includes obtaining first and second biometric templates and comparing them to determine if they match. The method also includes determining if a biometric certification token is valid. A computing device or other device may communicate with a verification system to determine the validity of the biometric certification token.

Abstract: Embodiments provide a system and method for extracting configuration-related information for reasoning about the security and functionality of a composed system. During operation, the system determines, by a computing device, information sources associated with hardware and software components of a system, wherein the information sources include at least specification sheets, standard operating procedures, user manuals, and vulnerability databases. The system selects a set of categories of vulnerabilities in a vulnerability database, and ingests the information sources to obtain data in a normalized format. The system extracts, from the ingested information sources, configuration information, vulnerability information, dependency information, and functionality requirements to create a model for the system.

Abstract: An approach for an adaptive, performance-oriented, and compression-assisted encryption scheme implemented on a host computer to adaptively improve utilization of CPU resources is provided. The method comprises queueing a new data packet and determining a size of the new data packet. Based on historical data, a plurality of already encrypted data packets is determined. Based on information stored for the plurality of already encrypted data packets, an average ratio of compression for the plurality of already encrypted data packets is determined. Based on the average ratio of compression, a throughput of compression value and a throughput of encryption value, a prediction whether compressing the new data packet will reduce a CPU load is derived. If it is determined that compressing the new data packet will improve utilization of the CPU resources, then a compressed new data packet is generated by compressing the new data packet.

Abstract: A system and method for block management of interactions comprising a network-connected block management computer connected to a plurality of connected devices and to one or more blockchains to enable an object compiler to receive a plurality of criteria from a requesting device. The compiler the receives a plurality of blocks from the blockchains based on the criteria. Each block corresponding to a preconfigured interaction object previously written by devices either during or after the completion of a transaction. The compiler analyzes the preconfigured interaction objects to determine if there is corresponding supplemental object. The compiler requests the supplemental blocks from the blockchains, and processes supplemental objects based on type, if no corresponding supplemental object it found, the associated interaction object is flagged.

Abstract: An information integration system may include a set of integration services embodied on one or more server machines in a computing environment. The set of integration services may include connectors communicatively connected to disparate information systems. The connectors may be configured for integrating data stored in the disparate information systems utilizing a common model employed by the set of integration services. The common model may overlay, augment, integrate, or otherwise utilize a content management interoperability services data model and may include common property definitions and a common security model. The common security model may include permissions particularly defined for use by the set of integration services. These common property definitions and permissions may be uniquely defined and utilized by the information integration system.