Abstract: A dongle for ciphering, receiving and transmitting data to and from an external device is provided. The dongle includes a user interface configured to receive authentication data to confirm an identity of a user. The dongle is disabled for ciphering data unless an authorised user is identified. A data transfer channel is configured to couple the dongle to the external device to receive and transmit user data between the dongle and the external device. A hardware encryption engine is configured to perform a ciphering transformation on user data received from the external device. The dongle is configured to perform a return transmission to return the user data that has been transformed to the external device via the data transfer channel in real-time using a single data transfer channel without storage of the user data on the dongle.

Abstract: An example operation may include one or more of receiving, by a validation node, a copy request from a user node over a blockchain network, the request contains a copy token, invoking, by the validation node, a smart contract associated with the copy token to verify the copy token, in response to a verification, generating, by the validation node, media copy keys for generation of a Blu-ray copy, and recording, by the validation node, the copy token on a ledger of the blockchain network to indicate that the copy token is spent.

Abstract: A cybersafety incremental insurance policy utilizing blockchain underwriting process. A cyber risk event relating to transfer of data to a first party is identified using a first smart contract module. Cyber risk control of the cyber risk event is enabled using a second smart contract module. Cyber risk associated with the cyber risk control is transferred using a third smart contract module. The first smart contract, the second smart contract and the third smart contract are integrated into a multi-tier decentralized interaction that is recorded in a blockchain token utilizing a decentralized append only distributed ledger and a consensus algorithm for agreement to change requests on the distributed ledger. A premium associated cyber risk transfer is paid. Once the first party confirms receipt of the data, proof of premium is released into an insuring entities account.

Abstract: A system and method (referred to as a system) processes a vehicle title interfaced to an issuance authority by authenticating a user and mapping the user's credentials. The system executes registration and titling activities over a network with an issuance authority in response to the authentication of a token. The system retrieves a user membership private key from a private key vault and instantiates smart contracts that commit a transaction associated with a registration of a physical asset with the issuance authority. The system signs the smart contracts with a cryptographic private key not assigned to the user membership in response to establishing a proof of claim to the physical asset and invokes a service discovery that identifies availability of on-line certificate attesting peer nodes to attest the transaction. The system instantiates of the smart contracts on a title issuance authority blockchain network hosted by the issuance authority or provisioned to them in a managed services deployment.

Abstract: Secured automated or semi-automated systems are provided herein. In one embodiment, a sensor system includes a sensor, a legacy computing environment that is configured to communicate with the sensor and process sensor raw data output, and transmit the processed sensor output to a first network node over the network, and a trusted computing environment configured to receive raw sensor output directly from the sensor and transmit the raw sensor output to an additional network node or the first network node over the network.

Abstract: A method is provided for validating an assertion provided by a web resource. The method includes: sending a first request to the web resource over a communications network; responsive to the first request, receiving a web page from the web resource, the web page including at least one user-selectable representation of a cryptographic credential, the cryptographic credential including at least one assertion that is based on underlying data and at least one proof that allows verification that the assertion accurately reflects the underlying data without revealing the underlying data; receiving a selection of the user-selectable representation that causes a second request for verification of the proof to be sent over the communications network; and responsive to the second request, receiving a response indicating whether or not the representation accurately reflects the underlying data.

Abstract: Disclosed in some examples are systems, methods, memory devices, and machine readable mediums for a fast secure data destruction for NAND memory devices that renders data in a memory cell unreadable. Instead of going through all the erase phases, the memory device may remove sensitive data by performing only the pre-programming phase of the erase process. Thus, the NAND doesn't perform the second and third phases of the erase process. This is much faster and results in data that cannot be reconstructed. In some examples, because the erase pulse is not actually applied and because this is simply a programming operation, data may be rendered unreadable at a per-page level rather than a per-block level as in traditional erases.

Abstract: Disclosed below are representative embodiments of methods, apparatus, and systems for managing one or more cybersecurity tools that are deployed to help protect electronic assets in an IT infrastructure—including, for example, one or more security configuration management tools, vulnerability management tools, event logging tools, or other IT infrastructure security or monitoring tools that are used to monitor, secure, and/or control assets in an IT infrastructure. In one example, a request to install local software for access to a remote security control service is received from a remote user at a remote device; and data for installing the local software is transmitted to the remote user. In certain implementations, the data for installing the local software further includes a public cryptographic certificate.

Abstract: A system and method for providing access to data of a user or services relevant to a user. A customer data key is created by a server that is specific to an application, the user of the application, and the device upon which the application resides. The server may receive an application programming interface call to create the customer data key; however, any call accessing or affecting user-specific data which does not contain a valid and authorized customer data key may be rejected. To authorize the access to the offered data or services, the user conducts an entirely separate transaction not mediated by the application. During this separate transaction, the customer data key may be activated, permitting access to the data or services using the activated customer data key.

Abstract: A protected key to be used by a select processor on behalf of an entity unauthorized to use the protected key is created. The creating includes obtaining a system mask and a system key. A clear key is wrapped with the system key to provide a wrapped key. The system mask is applied to the wrapped key to create the protected key.

Abstract: An example operation may include one or more of retrieving a predefined image from a storage, encoding data attributes to be stored on a blockchain into one or more image layers of the predefined image to generate an encoded image, generating a data block comprising the encoded image including the data attributes which are encoded into the one or more image layers, and storing the data block via a hash-linked chain of data blocks on a distributed ledger.

Abstract: A system and method for determining transaction compliance in an off-chain environment to offload computationally-intensive compliance processes for cryptographical transactions. Systems and methods for providing consistency across multiple blockchains by not relying on the limitations of any given protocol to guarantee a cost of executing a transaction be kept to a minimum and keep an on-chain overhead minimal.

Abstract: A token device includes: a transmission interface for receiving power from an external device; a physiological characteristic detecting circuit for detecting user's touch actions and physiological characteristics (i.e., biometric characteristics); a smart card accessing circuit for detecting user's card-placing actions and for accessing an on-card secure chip on a smart card; an on-token secure chip; and a control circuit for generating an user identification data corresponding to the detecting result of the physiological characteristic detecting circuit, for respectively transmitting the user identification data to the on-token secure chip and the on-card secure chip for verifying user's identity. If the user's identity is confirmed by both the on-token secure chip and the on-card secure chip, the control circuit would conduct corresponding key backup operations or key restoration operations between the on-token secure chip and the on-card secure chip.

Abstract: This disclosure presents a technique to include a packet sequence number and an integrity check value (ICV) into a data frame while maintaining a total number of transmitted bytes. A transmitting device includes circuitry that generates the ICV, inserts a transmitter packet sequence number into the data frame that includes a data packet including a payload, the data packet following a preamble and an interpacket gap (IPG) following the data packet. The circuitry also inserts the ICV into the data frame, and transmits the data frame, wherein inserting the ICV into the data frame reduces a size of the IPG while maintaining a total number of bytes in the data frame. A receiving device includes circuitry that receives the data frame, compares a receiver packet sequence number to the transmitter packet sequence number, and determines whether the transmitter packet sequence number is valid based on the receiver packet sequence number.

Abstract: Secure computer architectures, systems, and applications are provided herein. An exemplary system includes a legacy environment which is an off-the-shelf computing system, a trusted environment device that communicates with a network, and at least one peripheral that is communicatively coupled with the trusted environment device or having an authentication module.

Abstract: Provided is a method for identifying suspicious traffic. The method may commence with compiling statistical data for a plurality of hosts. The method may further include generating data lists for with the plurality of hosts based on the statistical data. The method may continue with receiving a data packet from a host of the plurality of hosts. The data packet may be associated with a plurality of parameters. The method may further include analyzing one or more of the plurality of parameters associated with the data packet using the data lists. The method may continue with determining, based on the analysis, that the one or more of the plurality of parameters are outside a predetermined tolerance zone. Based on the determination that the one or more of the plurality of parameters are outside the predetermined tolerance zone, a mitigation action associated with the host may be selectively initiated.

Abstract: Systems and methods for digital property authentication and management are disclosed. A document representing a trade secret may be requested to be registered with a trade secret registry. A document obfuscation value corresponding to the document may be generated and may be registered with a blockchain. A record of the registration may be generated for the trade secret registry. The registry may be searchable and/or offer functionality such as valuation, insurance provision, and/or verification, among other benefits and functionalities.

Abstract: There is disclosed a novel system and method for decentralized digital structured data storage, management, and authentication. In an embodiment, the present system comprises pieces of digital structured data (including but not limited to, digital images, digital videos, digital audio, digital text, and digital computational graph representations), computer nodes for storing pieces of digital structured data and for creating references to portions of stored pieces of digital structured data, a network connecting the computer nodes, and a blockchain. In an embodiment, a piece of digital structured data is stored on a computer node, and the computer node creates a reference to a portion of the stored piece of digital structured data. The computer node then broadcasts a request for the reference to be added to the blockchain to all computer nodes through a network connecting all computer nodes.

Abstract: A system, method and elliptic curve cryptography scheme using an Edwards-form elliptic curve. The elliptic curve cryptography scheme having a blinding protocol resistant to differential side channel attacks. The elliptic curve defined over field F and having a point P with coordinates located on the elliptic curve. The blinding protocol including: randomly selecting a random element I; and determining coordinates of a blinded point PB by performing a multiplication of a random element I by at least one of the coordinates of point P.

Abstract: A trusted component is suggested to be added to off the shelf computing systems such as PCs or smartphone providing secure functions for access management and credential protection—safe authentication, maintaining session integrity and validation of content modification. An additional advantage of the solution that it detects malware/hacking attempts on first try allowing of taking action while oblivious to the malware/hacker to avoid retaliation.