Abstract: A profile can be created for a system indicating various attributes of the system. Based on these attributes, a set of security vulnerabilities can be identified. A mitigation function list can be determined that addresses at least part of the set of security vulnerabilities. The mitigation function list can be performed upon the system to mitigate at least part of the set of security vulnerabilities. A report can be generated identifying how the security vulnerabilities were mitigated and/or security vulnerabilities that still exist in the system.

Abstract: A system and method for converting an input dataset based on a query received via a user interface into one or more defined range values is provided wherein the input dataset is converted into one or more defined range values based on a conversion value matrix. The present invention provides for encrypting the defined range values of the input dataset into a first cipher text matrix. Further, the present invention provides for encrypting the conversion value matrix into second cipher text matrix. The present invention provides for performing a computation operation between the first cipher text matrix and the second cipher text matrix to generate an aggregated cipher text matrix. The present invention provides for decrypting the aggregated cipher text matrix into a decrypted result matrix. The present invention provides for performing an aggregation operation by counting pre-defined digit in each column of the decrypted result matrix.

Abstract: A system and method of data protection that provides the security of field level data protection with the ease of implementation and transparency of system level data protection at various layers is disclosed. The system utilizes blockchain technology to implement improved data protection. A smart contract application is deployed among all devices covered by the data protection system. Ledgers are similarly deployed either on each device or on dedicated ledger nodes to provide a record of all transactions occurring with the protected data. As a device writes data to a storage medium or initiates transmission of the data over a communication medium, the smart contract intercepts the data and applies a desired protection protocol to the data. As a result, enterprise wide security may be deployed that provides field level encryption without requiring modifications to existing applications or development of custom applications.

Abstract: In some examples, a system determines a dependency among a plurality of anomaly detectors, the determining comprising clustering anomaly detectors of the plurality of anomaly detectors into clusters of anomaly detectors. The system aggregates anomaly scores produced by anomaly detectors in a first cluster of anomaly detectors, to generate a first aggregate anomaly score, and detects an anomaly using the first aggregate anomaly score.

Abstract: A method for implementing an object based vulnerability model includes identifying each component in an information system and annotating such component in a database; decomposing each component into major functional objects and annotating each object in a database; identifying actions an attacker could take to modify a behavior of the functional objects in the information system and annotating such actions in a database; capturing a trust score and a trustworthiness score for each object and annotating the trust score and the trustworthiness score in the database; assessing each action on the structure, state, and inputs of each functional object to determine if an interaction exists and annotating the interaction existence in the database; and applying preventive and reactive countermeasures accordingly.

Abstract: A method for developing an information system specification includes: performing, from a design specification for an information system having a functional and structural component, an information assurance component and an anti-tamper component, a trust analysis identifying which components of the information system the information system must trust to enforce a security policy and providing a trust score; performing for each system element in the information system a trustworthiness assessment and providing a trustworthiness score; performing mitigation to reduce a trust gap as determined from the trust score and the trustworthiness score; performing a vulnerability assessment to identify residual vulnerabilities determined from the vulnerability assessment; mitigating the residual vulnerabilities by designing preventive and reactive countermeasures to reduce the number of residual vulnerabilities; designing and applying anti-tamper techniques to cyber RCPI to ensure countermeasure effectiveness; assessing

Abstract: Implementations of the present disclosure include providing a graph representative of a network, a set of nodes representing respective assets, each edge representing one or more lateral paths between assets, the graph data including configurations affecting at least one impact that has an effect on an asset, determining multiple sets of fixes for configurations, each fix having a cost associated therewith, incorporating fix data of the sets of fixes into the graph, defining a set of fixes including one or more fixes from the multiple sets of fixes by defining an optimization problem that identifies one or more impacts that are to be nullified and executing resolving the optimization problem to define the set of fixes, each fix in the set of fixes being associated with a respective configuration in the graph, and scheduling performance of each fix in the set of fixes based on one or more operational constraints.

Abstract: A method includes: a first device sending to a second device a deployment request for deploying a homomorphically-encrypted data model on the second device, wherein the deployment request comprises ciphertext model parameters and a public key for the homomorphic encryption; the second device obtaining a first ciphertext security assessment index through computation using the ciphertext model parameters, and sending the same to the first device; the first device decrypting the received first ciphertext security assessment index using a private key corresponding to the public key to generate a plaintext security assessment index, and forwarding the plaintext security assessment index to the second device; and the second device encrypting the plaintext security assessment index using the public key to generate a second ciphertext security assessment index, comparing both indices to determine consistency for determining whether to deploy the homomorphically-encrypted data model.

Abstract: An indication of an action is received through and application program interface (API) provided by one or more hardware processing devices. The action corresponds to communication with a specified party. Multiple disparate tables stored in at least one database of a of a database environment associated with the one or more hardware processing devices are searched for records having the field property corresponding to the specified party. The field property from the corresponding multiple disparate tables are evaluated. A unified field property is determined based on the evaluation of the field property from the corresponding multiple disparate tables. The unified field property is returned through the API.

Abstract: Disclosed herein are methods and systems for detecting malicious files. An exemplary method comprises emulating execution of a file under analysis, forming a behavior log of the emulated execution of the file under analysis, forming one or more behavior patterns from commands and parameters selected from the behavior log, calculating a convolution of the one or more behavior patterns, selecting two or more models for detecting malicious files from a database, calculating a degree of maliciousness of the file being executed based using the convolution and the two or more models, forming a decision making template based on the degree of maliciousness and determining that the file is malicious when a degree of similarity between the decision making template and a predetermined decision making template exceeds a predetermined threshold value.

Abstract: The present disclosure relates to a method for a secure storage, matching and linking of data records. The method comprises: receiving a current data record having one or more attributes, each attribute having an attribute value. For each attribute of at least part of the attributes a predefined set of variations of the attribute value of the attribute may be generated. The received attribute values may be encrypted resulting in an encrypted record and the generated sets of variations may be encrypted. The encrypted record may be stores in a storage system in association with the respective encrypted sets of variations.

Abstract: This disclosure relates to blockchain-type storage of receipt data. In one aspect, a method includes obtaining a to-be-stored data record including a first service attribute. Execution information of the to-be-stored data record is determined. A previous data record is obtained from a blockchain-type ledger. The previous data record includes a second service attribute that is the same as the first service attribute. Each data block in the blockchain-type ledger includes a block header and a block body. A hash value of the previous data record is determined. A receipt record is generated. The receipt record includes the hash value of the previous data record and the execution information of the to-be-stored data record. The to-be-stored data record and the receipt record are written into a same block body in the blockchain-type ledger.

Abstract: At least one database table of denormalized values corresponding to selected values of field properties in records across multiple disparate tables of the database environment is maintained. A structured query is received through a structured query language application program interface (API). The structured query to request a listing of records across the multiple disparate tables of the database environment. The database table is searched for indications corresponding to records across the multiple disparate tables of the database environment corresponding to the selected values indicating communication with a specified party. A listing of records from across the multiple disparate tables that satisfy the selected values is returned through the structured query language API.

Abstract: The present invention contemplates steps for a change data capture (CDC) between a first database and a second database when executed by one or more processors of the computer system. The disclosed method contemplates extracting a data in a redo log of a first database by a first management module, the data comprising an encrypted column data included in an encrypted column and a non-encrypted column data included in a non-encrypted column, identifying whether the data extracted is the encrypted column data included in the encrypted column, and determining whether to change the encrypted data included in the encrypted column to a null data and to transmit the encrypted data, when the extracted data is the encrypted column data.

Abstract: Trust may be maintained between a storage system and a host system by the host system validating its identity to the storage system. The storage system may instruct the host system to validate itself by setting a validation flag on the storage system. The host system may be configured to determine whether the validation flag is set. If the host system determines that the validation flag is set, the host system then may read a test string from the storage system. The host system may encrypt the test string using a private key, and send the encrypted test string to the storage system. The storage system may decrypt the encrypted string using a public key it previously received from the host system. The decrypted test string then may be compared against the original test string generated by the storage system.

Abstract: A system and a method for accessing data in a secure manner are provided, in which the data comprises a number of data sets and each of the data sets is assigned to a user. The data sets are stored in a database in an encrypted manner, and are decryptable by means of a first decryption key assigned to the particular entity. The first decryption keys are stored in a volatile memory unit, and each of the first decryption keys are encrypted separately using a first and at least a second encryption key assigned to the particular entity, and the encrypted first decryption keys are stored in a permanent memory unit. After the volatile memory unit is erased, the encrypted first decryption keys are copied from the permanent memory unit into the volatile memory unit, and the encrypted first decryption keys are decrypted in the volatile memory unit.

Abstract: Information technology/cyber security for computer-related processes in which vulnerabilities are identified and, those vulnerabilities which are technology-related are automatically remediated by determining and executing network-based tasks. The most granular level of computer-related process assessment in made possible by reliance on a critical function/process taxonomy this is automatically generated and, as such, the present invention, identifies both technology and non-technology-related vulnerabilities.

Abstract: Techniques are disclosed for dynamically generating a digital certificate for a customer server. A customer server creates a certificate profile and receives an associated profile identifier from a certificate authority (CA). The customer server installs an agent application received from the CA. The agent application generates a public/private key pair and an identifier associated with the customer server. The agent application sends a signed request to the CA that includes the profile identifier, server identifier, and the public key corresponding to the key pair. Upon receiving the credentials, the CA generates a dynamically updatable certificate. Thereafter, if the customer changes information associated with the certificate (or if external conditions require a change to the certificate, such as a key compromise or change in security standards), the CA may generate an updated certificate based on the certificate profile changes and the public key.

Abstract: Techniques to transmit encoded data along a transmission medium and decode the transmitted data along the transmission medium are provided. Some techniques include logic to encode data transmitted along a transmission medium, such as a fiberoptic line or cable, where the encoding is pursuant to a conversion between a first and second colorspace. The logic may further be configured to decode the data once it is received at a node along the fiberoptic line, where the colorspace conversion provides the basis, key, or cipher for preforming the decoding operation. The logic may be further configured to alter the encryption and decryption basis, key, or cypher by altering the colorspace scheme defining the encoding (and by extension the decoding) during transmission, including a transmission that takes place after a previous transmission governed by the previously defined (and subsequently altered) colorspace conversion scheme. Other embodiments are described and claimed.

Abstract: Aspects of the invention include obtaining, via a processor, an original docker image from a customer, encrypting a disk image using content from the original docker image and encrypting a bootloader. A re-packaged image is created using the encrypted disk image and the secure encrypted bootloader. The re-packaged image is deployed by inserting the re-package image into a pod container and by means of using a mutating webhook, granting elevated privileges to said container and creating a secured Kubernetes pod for protecting workloads, wherein the secured Kubernetes pod has at least one virtual machine containing the pod container.