Abstract: Technologies for secure collective authorization include multiple computing devices in communication over a network. A computing device may perform a join protocol with a group leader to receive a group private key that is associated with an interface implemented by the computing device. The interface may be an instance of an object model implemented by the computing device or membership of the computing device in a subsystem. The computing device receives a request for attestation to the interface, selects the group private key for the interface, and sends an attestation in response to the request. Another computing device may receive the attestation and verify the attestation with a group public key corresponding to the group private key. The group private key may be an enhanced privacy identifier (EPID) private key, and the group public key may be an EPID public key. Other embodiments are described and claimed.

Abstract: A lock node for storing data and a protected storage unit. The lock node includes an input section which provides a plurality of key maps, each corresponding to one of a plurality of primary keys, respectively, applied to the input section, each key map including at least one main key, a variable lock section producing a derived key from a logical operation on the main keys corresponding to the primary keys applied to the input section, and an output section producing the data in response to the derived key.

Abstract: An automotive gateway includes one or more interfaces and one or more processors. The one or more interfaces are configured to communicate with electronic subsystems of a vehicle. The one or more processors and configured to host one or more guest applications, to associate both (i) the hosted guest applications and (ii) a first subset of the electronic subsystems of the vehicle with a non-secured domain, to associate a second subset of the electronic subsystems of the vehicle with a secured domain, and to control communication traffic between the secured domain and the non-secured domain of the vehicle in accordance with a security policy.

Abstract: According to an example aspect of the present invention, there is provided a method comprising, receiving, by an intermediary network function, a subscription request from a network function consumer requesting data of a network function producer, wherein the subscription request comprises a client credential assertion of the network function consumer and an access token, authorizing and authenticating, by the intermediary network function, the network function consumer upon successful validation of the access token and the client credential assertion validation and transmitting, by the intermediary network function, an access token request to an authorization server to get another access token, wherein said another access token is to be used to validate the network function consumer to access services of the network function producer, and the access token request comprises the client credential assertion of the network function consumer requesting data of the network function producer.

Abstract: Methods and a system of generating a master seed using location-based data. The system includes a pseudo-random number generator configured to generate a random number and a global positioning system module configured to determine a location of the system. The system also includes an encryption module configured to generate a signing request message. The signing request message includes the random number and the location. The system further includes a communication device configured to transmit the signing request message to a location authority for authorization. The communication device further configured to receive a signature from the location authority upon authorization of the signing request message. The system is further configured to generate a master seed based on the signature.

Abstract: Embodiments are disclosed for a quantum key distribution enabled intra-datacenter network. An example system includes a first vertical cavity surface emitting laser (VCSEL), a second VCSEL and a network interface controller. The first VCSEL is configured to emit a first optical signal associated with data. The second VCSEL is configured to emit a second optical signal associated with quantum key distribution (QKD). Furthermore, the network interface controller is configured to manage transmission of the first optical signal associated with the first VCSEL and the second optical signal associated with the second VCSEL via an optical communication channel coupled to a network interface module.

Abstract: A method and system are disclosed to audit smart contracts. The method includes: publishing, with a processing server, a smart contract bytecode with metadata on a blockchain; retrieving, with the processing server, the published smart contract bytecode with metadata from the blockchain; extracting, with the processing server, the smart contract bytecode from the published smart contract bytecode; and verifying the smart contract bytecode by comparing a computed hash of a high-level source code of the published smart contract bytecode with the metadata retrieved from the blockchain.

Abstract: A sound-based method and system of performing an authentication of a person in order to permit access to a secured resource is disclosed. The system and method are configured to collect audio data from an end-user in real-time that corresponds to ambient sounds for their alleged location. The audio data is compared to verified audio data for the actual location. The system can determine whether there is a match between the user audio data and audio data previously collected and stored in a database or obtained from an audio service provider. If there is a match, the system verifies an identity of the person and can further be configured to automatically grant the person access to one or more services, features, or information for which he or she is authorized.

Abstract: In an embodiment, a threat score prediction model is generated for assigning a threat score to a software vulnerability. The threat score prediction model may factor one or more of (i) a degree to which the software vulnerability is described across a set of public media sources, (ii) a degree to which one or more exploits that have already been developed for the software vulnerability are described across one or more public exploit databases, (iii) information from one or more third party threat intelligence sources that characterizes one or more historic threat events associated with the software vulnerability, and/or (iv) information that characterizes at least one behavior of an enterprise network in association with the software vulnerability.

Abstract: A principal successfully authenticates for a communication session with a target device. One or more Domain Specific Language (DSL) statements/records assigned to the principal are provided to the target device. The target device translates the DSL statements/records into code, which is executed on the target device to custom set security roles of the principal on the target device during the session. In an embodiment, the one or more DSL statements/records are provided to the target device as an optimized JavaScript® Object Notation (JSON) Web Token (JWT); a payload of the optimized JWT comprising the one or more DSL statements/records as a compressed and enhanced JSON object.

Abstract: An ROP attack protection method for a plurality of ECUs, the method constituted of: receiving data destined for one of the plurality of ECUs; determining which of the plurality of ECUs the received data is destined for; responsive to a unique model associated with the determined ECU, analyzing the received data to identify control flow instructions addressed to one or more predetermined addresses; responsive to the analyzation, generate a statistical analysis of the identified control flow instructions; and responsive to the generated statistical analysis, outputting a signal indicating a possibility of an attack.

Abstract: Systems, computer program products, and methods are described herein for multifactor authentication system that determines co-connected device presence for added security. The system utilizes a device fingerprint for each device. The device fingerprint may contain a library of interconnected devices, as well as ambient noise from the device. The device fingerprint will be used to determine confidence levels indicating whether the devices are in the same location and thus in operation by the same user during multifactor authentication.

Abstract: Containers can be managed for cryptanalysis attack protection. For example, a computing system can receive, from a container, a description specifying a first hardware requirement for the container. The computing system can restrict access to hardware based on the first hardware requirement for the container. The computing system can perform, for a data object requested by the container, an encryption operation and a decryption operation using the hardware. A result of the encryption operation can be inaccessible to the container prior to the decryption operation.

Abstract: Systems and/or methods of the present disclosure enable crypto-ledger interoperability using a controller to perform an operation between a first user and a second user on separate entity-specific distributed crypto-ledgers, where the separate entity-specific distributed crypto-ledgers are both operatively linked to a membered common distributed crypto-ledger. The controller burns a first quantity of first entity-specific crypto-tokens from the first entity-specific distributed crypto-ledger and mints a second quantity of the common crypto-tokens on the membered common distributed crypto-ledger, where the first quantity of first entity-specific crypto-tokens and the second quantity of the common crypto-tokens represent an equivalency.

Abstract: The present technology relates to a file processing method. The file processing method can includes a first terminal device receiving an encrypted file from a second terminal device. The first terminal device stores the encrypted file. The first terminal device receives an access instruction for the encrypted file. The first terminal device obtains a current security state. When the current security state is higher than or equal to a first security state, the first terminal device decrypts the file by using a decryption key. It can be learned that according to the method, after the first terminal device receives the encrypted file, the first terminal device decrypts the file by using the decryption key only when a security state is high.

Abstract: Techniques for detecting anomalies or cyber attacks on a vehicle. A computer-implemented method for anomaly or attack detection includes determining, using a first model, a first predicted value of a first variable message associated with a vehicle, determining, using a second model, a second predicted value of the first variable message associated with the vehicle, determining, based on a difference between an actual value of the first variable message and the first predicted value of the first variable message and on a difference between the actual value of the first variable message and the second predicted value of the first variable message, a vector, and determining, using a third model, an output value based on the vector, the output value corresponding to at least one of a likelihood that an anomaly or an attack is occurring or a type of the anomaly or the attack.

Abstract: A method, system, and computer program product for recommending an initial database security model. The method may include identifying a plurality of nodes connected to a security network. The method may also include analyzing security characteristics of each node of the plurality of nodes. The method may also include identifying, from the security characteristics, key factors for each node. The method may also include calculating similarities between each node of the plurality of nodes. The method may also include building a self-organized centerless network across the plurality of nodes by grouping nodes with high similarities based on the similarities between each node, where the self-organized centerless network is a centerless network without a central management server, and includes groups of nodes from the plurality of nodes. The method may also include generating federated security models for the groups of nodes.

Abstract: Methods, systems, and devices for virtualized authentication device are described. A virtual device (such as a virtual machine) may be permitted to access secured data within a memory device by an authentication process. The memory device may generate cryptographic keys in portions of the memory device and assign the cryptographic keys to the virtual machines. The virtual machine may use an authentication process using the cryptographic keys to access the secure data in the memory device. The authentication process may include authenticating the identity of the virtual machine and the code operating on the virtual machine based upon comparing cryptographic keys received from the virtual machines to the assigned cryptographic keys in the partitions of the memory device. Once both the identity of the virtual machine is authenticated, the virtual machine may be permitted to access the secure data in the memory device.

Abstract: A content server can extend enterprise content management to a leading system in an efficient, automated, and seamless manner by leveraging the permission information provided by the leading system. The content server can sync the permission information with the leading system, evaluate user-manager relations, role-based rule definitions, and user-group associations defined in the leading system, and determine and/or update role memberships for workspaces created in the content server for users in the leading systems. In this way, even though the content server and the leading system have very different types of roles and permission models, the content server can evaluate complex relationships and role-based rules and intelligently, correctly, and quickly assign the right people to the right roles in the right workspaces in the content server.

Abstract: Systems, computer program products, and methods are described herein for detection and classification of intrusion using machine learning techniques. The present invention is configured to electronically receive, from a computing device of a user, an indication that the user has initiated a first resource interaction; retrieve information associated with the first resource interaction, wherein the information comprises at least one or more parameters associated with the first resource interaction; initiate a machine learning model on the one or more parameters associated with the first resource interaction; and classify, using the machine learning model, the first resource interaction into one or more classes, wherein the one or more classes comprises one or more access types.