Abstract: The invention relates to efficient zero knowledge verification of composite statements that involve both arithmetic circuit satisfiability and dependent statements about the validity of public keys (key-statement proofs) simultaneously. The method enables a prover to prove this particular statement in zero-knowledge. More specifically, the invention relates to a computer-implemented method for enabling zero-knowledge proof or verification of a statement (S) in which a prover proves to a verifier that a statement is true while keeping a witness (W) to the statement a secret. The invention also relates to the reciprocal method employed by a verifier who verifies the proof.

Abstract: Computer-implemented systems and methods for digital content protection and security in multi-computer networks are provided. In one embodiment, a system for cryptographic digital content protection and security is disclosed. The system may include at least one processor, and a storage medium comprising instructions that, when executed, configure the at least one processor to determine specification of a computer terminal, determine a status of the computer terminal as a public terminal or a private terminal, identify sensitive information in a data transmission, generate output instructions associated with the sensitive information, and provide the data transmission and the output instructions to the computer terminal over a network.

Abstract: Systems and methods are disclosed for obfuscating entry of sensitive data at a mobile device, which may be infected with a rogue application configured to steal the sensitive data. One method comprises detecting a prompt for a user to enter sensitive data at a mobile device, and activating one or more of an audio speaker and a vibration motor of the mobile device. The activation of the one or more of the audio speaker and the vibration motor is terminated in response detection conclusion of the user's entry of sensitive data the mobile device.

Abstract: A system and a method are performed by a processor. A set of challenge questions for authenticating a plurality of customers to perform high-risk activities in their respective accounts associated with an entity is received. A machine learning model is used to determine an authentication score for each challenge question in the set and used to rank them. An electronic request on a computing device from an unverified customer who desires to perform a high-risk account activity is received. The unverified customer is authenticated either as a fraudster or a verified customer based on answers to the ranked challenge questions. The processor performs either allowing the verified customer to perform the at least one high-risk account activity with a respective account associated with the verified customer or blocking the fraudster to perform the at least one high-risk account activity.

Abstract: An electronic device receives, from a user, a restriction that restricts how sound of a digital asset plays to non-owners of the digital asset that is tokenized as a non-fungible token (NFT). One or more electronic devices tokenize the digital asset as the NFT on a blockchain that stores the restriction how the sound of the digital asset plays to the non-owners of the NFT.

Abstract: Systems, methods, and computer program products for data security store, in memory, a plurality of ciphers in association with a plurality of public keys, the plurality of ciphers including a plurality of secret keys encrypted with a key encryption key, and the plurality of secret keys corresponding to the plurality of public keys; receive, a data chunk for encryption; generate, a data encryption key based on a hash function, a public key of the plurality of public keys, and a random number; encrypt, the data chunk with the data encryption key to generate an encrypted data chunk; generate, a header including a cipher of the plurality of ciphers corresponding to the public key of the plurality of public keys and key encapsulation data; and store, in a database, a cipher text including the header and the encrypted data chunk.

Abstract: A method for increasing the difficulty for attackers to launch keyword guessing attacks, which uses a time-delay encryption with a keyword search based on a public key that generates searchable ciphertexts and/or files ciphertexts for keywords of at least one file that uploaded by time-delay encryption from a cloud server. A system for implementing the method is also described.

Abstract: An example operation may include one or more of obtaining data of a simulation, identifying checkpoints within the simulation data, generating a plurality of sequential data structures based on the identified checkpoints, where each data structure identifies an evolving state of the simulation with respect to a previous data structure among the sequential data structures, and transmitting the generated sequential data structures to nodes of a blockchain network for inclusion in one or more data blocks within a hash-linked chain of data blocks.

Abstract: Described are systems, methods, and media for providing secure and scalable decentralized computation for one or more decentralized applications. Features include a blockchain, and a plurality of nodes that are separated into at least a first specialized node type and a second specialized node type. Nodes of the first specialized node type can be assigned non-deterministic tasks to perform, and each of the nodes of the second specialized node type can be assigned deterministic tasks to perform. Thus, the disclosed systems and methods can achieve improvements in speed and cost that scale with hardware capacity without compromising decentralization.

Abstract: A system and method configures permission settings for applications (“apps”) running on a computing device of a user. A data center generates at least one model of collective privacy preferences. The computing device is in communication with the data center via a communications network. The computing device comprises a processor that execute at least a first app that requests access to at least one permission of the computing device and a personal privacy assistant app. The personal privacy assistant app receives the at least one model from the one or more servers of the data center; collects information about the user; identifies at least one recommended permission setting for the first app based on the at least one model and such that the recommended permission setting is user-specific; and configures the computing device to implement the received at least one user-specific recommended permission setting.

Abstract: Described are systems, methods, and media for providing secure and scalable decentralized computation for one or more decentralized applications. Features include a blockchain; and a plurality of nodes comprising a plurality of each of three specialized node types, the specialized node types comprising access nodes, security nodes, and execution nodes.

Abstract: In embodiments of the present invention improved capabilities are described for the steps of receiving an indication that a computer facility has access to a secure data store, causing a security parameter of a storage medium local to the computer facility to be assessed, determining if the security parameter is compliant with a security policy relating to computer access of the remote secure data store, and in response to an indication that the security parameter is non-compliant, cause the computer facility to implement an action to prevent further dissemination of information, to disable access to network communications, to implement an action to prevent further dissemination of information, and the like.

Abstract: A mechanism is provided in a first client for approximate linkage of datasets over quasi-identifiers. The mechanism receives a generalization logic data structure representing sets of values for each quasi-identifier in a first dataset of the first client. For each record in the first dataset, the mechanism generates at least one generalization of a value of a given quasi-identifier in the first dataset based on a selected generalization logic data structure corresponding to the given quasi-identifier and generates a generalized record for each of the at least one generalization to form a first generalized dataset. The mechanism sends the first generalized dataset to a semi-trusted third party for approximate linkage of the first dataset with a second dataset of a second client, receives an approximate join result from the semi-trusted third party, performs post-processing on the approximate join result, and determines a final linkage result based on the post-processing.

Abstract: A method for tracking multiple classes of records in a single blockchain is disclosed. Class identifiers can used for each record entry to distinguish between classes within the blockchain.

Abstract: A method, system and devices for digital contact tracing security and privacy with proximity-based ID exchange with distance-bounding. The method is performed by a first wireless communication device and provides for exchanging IDs with a second wireless communication device. A rolling proximity identifier A associated with the first wireless communication device is sent to the second wireless communication device. A rolling proximity identifier B associated with the second wireless communication device is received from the second wireless communication device. A cryptographic challenge response authentication with time-based distance-bounding is performed based on a hash value determined from the rolling proximity identifiers in accordance with a hash function. The rolling proximity identifier of the second wireless communication device is only stored in memory in response to a successful cryptographic challenge response authentication.

Abstract: Generating configuration parameters for a controller includes receiving, by a mobile computing device, identity information associated with the controller via Near Field Communication (NFC) read operations from memory of a NFC tag associated with the controller. The mobile computing device generates one or more configuration parameters for the controller based on the received identity information associated with the controller. The mobile computing device further stores, via NFC write operations, the configuration parameters in the memory of the NFC tag for later retrieval and configuration operations by the controller.

Abstract: A network device may identify an application signature associated with a web application, and may determine, based on an application-based policy associated with the web application, an access method to be used to transmit traffic associated with the web application. The network device may generate a proxy auto configuration (PAC) file using the application signature associated with the web application, and the access method to be used to transmit the traffic associated with the web application. The network device may provide the PAC file to a client device to permit the client device to transmit the traffic associated with the web application based on the PAC file.

Abstract: The disclosed invention provides system and method for providing electronic collaborations between a plurality of user devices connected through networks. The user devices include one or more collaborator devices and one or more anonymous contributor devices. The system includes instructions for contribution processor and instructions for digital workspace processor. The contribution processor is coupled through the networks to the one or more anonymous contributor devices including contribution applications, and the digital workspace processor is coupled through the networks to the one or more collaborator devices including digital workspace applications. The system and method allows anonymous devices geographically located anywhere, in real-time, to simultaneously contribute data for the purpose of using the contributed data in one or more unique digital workspaces.

Abstract: In one embodiment, in access gateway comprising at least one computer processor, a method for real-time data protection may include: (1) receiving a user login comprising a user identifier; (2) retrieving, using an in-memory entitlements graph, a role definition for the user identifier, wherein the role definition comprises allowed actions, entitled assets, and a system account; (3) receiving a selection of a requested asset from the entitled assets and a requested action from the allowed actions; (4) verifying the user's entitlement to access the requested asset and perform the requested action with the system account using the in-memory entitlement graph based on the user identifier, the system account, the requested asset, and the requested action; and (5) authorizing the user's entitlement to access the requested asset and perform the requested action with the system account substantially at a time of requested access.

Abstract: A method for maintaining a log of events in a shared computing environment is provided. One example of the disclosed method includes receiving one or more data streams from the shared computing environment that include transactions conducted in the shared computing environment by a first entity and a second entity that is different from the first entity. The method further includes creating a first blockchain entry for a first transaction conducted in the shared computing environment for the first entity, creating a second blockchain entry for a second transaction conducted in the shared computing environment for the second entity, where the second blockchain entry includes a signature that points to the first blockchain entry, and then causing the first and second blockchain entries to be written to a common blockchain data structure in a database that is made accessible to both the first entity and the second entity.