Abstract: An information processing system implements an intelligent remediation system for security-related events. The intelligent remediation system comprises a classifier configured to process information characterizing the events in order to generate respective risk scores, and a data store coupled to the classifier and configured to store feedback from one or more users regarding the risk scores. The classifier is configured to utilize the feedback regarding the risk scores to learn riskiness of particular events and to adjust its operation based on the learned riskiness, such that the risk score generated by the classifier for a given one of the events is based at least in part on the feedback received regarding risk scores generated for one or more previous ones of the events. A user interface is provided to allow one or more users to supply the feedback regarding the risk scores.

Abstract: Mitigation for combating malicious codes is delivered to particular endpoint computers. A first malicious code pattern is received in a first computer over a computer network. The first computer is scanned using the first malicious code pattern, with the result of the scanning forwarded to a second computer. The first computer is identified as having a file scanned using the first malicious code pattern. In response, the first computer is provided a second malicious code pattern. The first computer is scanned for malicious codes using the second malicious code pattern.

Abstract: The disclosure relates to machine-learning behavioral analysis to detect device theft and unauthorized device usage. In particular, during a training phase, an electronic device may generate a local user profile that represents observed user-specific behaviors according to a centroid sequence, wherein the local user profile may be classified into a baseline profile model that represents aggregate behaviors associated with various users over time. Accordingly, during an authentication phase, the electronic device may generate a current user profile model comprising a centroid sequence re-expressing user-specific behaviors observed over an authentication interval, wherein the current user profile model may be compared to plural baseline profile models to identify the baseline profile model closest to the current user profile model.

Abstract: Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyzes and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.

Abstract: The disclosed computer-implemented method for securely accessing encrypted data stores may include (1) receiving, from a data storage service, a request to permit authenticated access to an encrypted data store administered by the data storage service, the request including a cryptographic element associated with the encrypted data store that has been encrypted using a public key associated with the authentication device, (2) decrypting the cryptographic element associated with the encrypted data store using a private key associated with the authentication device, (3) encrypting the cryptographic element associated with the encrypted data store using a public key associated with a cryptographic client, and (4) transmitting the encrypted cryptographic element to the cryptographic client to enable the cryptographic client to perform cryptographic operations on the encrypted data store. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: In a system with a policy server, a first device able to communicate with the policy server and a second device able to communicate with the first device and unable to communicate with the policy server, the first device is to act as a policy proxy. The policy server may push to the first device a policy for the second device, and the first device may push the policy to the second device.

Abstract: An embodiment includes a method executed by at least one processor comprising: initializing first and second secure enclaves each comprising a trusted software execution environment that prevents software executing outside the first and second secure enclaves from having access to software and data inside the first and second secure enclaves; the first secure enclave (a)(i) inspecting a policy, (a)(ii) authenticating the second secure enclave in response to inspecting the policy; and (a)(iii) communicating encrypted content to the second secure enclave in response to authenticating the second secure enclave; and the second secure enclave (b)(i) decrypting the encrypted content to produce decrypted content, and (b)(ii) inspecting the decrypted content. Other embodiments are described herein.

Abstract: A method for registering a first electronic key, which is capable of controlling a communication subject, to a controller of the communication subject, the method including: performing an initial production process including storing identification information unique to the communication subject in the controller, and storing an encryption key generation code unique to the first electronic key and an encryption key that is used to verify the first electronic key in the first electronic key; and performing an initial registration process including writing the identification information stored in the controller to the first electronic key, obtaining the encryption key generation code from the first electronic key, generating the encryption key with an encryption key generation logic that uses the encryption key generation code, storing the encryption key in the controller, and storing encryption key information related to the encryption key in a database in association with the identification information.

Abstract: A system, method, and computer program product are provided for conditionally implementing protected content. In use, protected content is identified. Additionally, one or more elements associated with the protected content are verified. Further, the protected content is conditionally implemented, based on the verifying.

Abstract: Systems and methods for facilitating media fingerprinting are provided. In one aspect, a system can include: a memory, a microprocessor, a communication component that receives media; and a media fingerprinting component that fingerprints the media. The media fingerprinting component employs a fingerprint generation component stored in the memory and includes: a first hash generation component that generates sets of hashes corresponding to versions of the media; and a second hash generation component that computes a final hash based, at least, on hashing the sets of hashes. In some aspects, the media fingerprinting component can generate a flip-resistant fingerprint based, at least, on the final hash. In some aspects, the flip-resistant fingerprint is the final hash.

Abstract: A method, system, and/or computer program product enables secure debugging of a software application. A first computer receives a secure software application from a second computer. Access to data used by the secure software application is protected by a security object, which allows a processor to access the data used by the secure software application without permitting data to exit unprotected from the processor. The first computer receives from the second computer an encrypted secure sidecar debugging application that is designed to debug the secure software application. In response to detecting an error in execution of the secure software application within the first computer, the first computer transmits the secure software application and the secure sidecar debugging application to the second computer, such that the second computer is enabled to decrypt the secure sidecar debugging application and to debug the secure software application.

Abstract: A first security context is established between a given user computing device and a first network computing device to enable a secure data connection between the given user computing device and the first network computing device. A second security context is established between the given user computing device and a second network computing device to enable a secure data connection between the given user computing device and the second network computing device simultaneous with the secure data connection between the given user computing device and the first network computing device. Establishment of the second security context includes the first network computing device sending the given user computing device a simultaneous secure data connection parameter useable by the given user computing device to establish the second security context with the second network computing device.

Abstract: Based on a request for media content from a media client, a device identifies one or more: segments of encrypted media content; encryption keys for decrypting the segments of encrypted media content; and segments of unencrypted media content. The device determines an order for sending the one or more segments of encrypted and unencrypted media content. The device sends, to the media client, a segment of encrypted media content, according to the order for sending, along with an encryption key for decrypting the segment of encrypted media content being sent. The device sends, to the media client, a segment of unencrypted media content, according to the order for sending, along with a subsequent encryption key for decrypting a subsequent segment of encrypted media content to be sent after the segment of unencrypted content. The subsequent encryption key permits the media client to decrypt the subsequent segment of encrypted media content.

Abstract: A method for detecting manipulation of at least one vehicle network of a vehicle includes determining a digital fingerprint of the at least one vehicle network, comparing the digital fingerprint of the at least one vehicle network to reference information, adapting a function of the at least one vehicle network as a function of a result of the comparison, such that operational safety is ensured, and activating a regular control mode if no manipulation of the at least one vehicle network is detected, or activating an operationally safe control mode if manipulation of the at least one vehicle network is detected. A control unit for detecting manipulation of at least one vehicle network of a vehicle carries out control tasks as a function of a result of a comparison of a digital fingerprint of at least one vehicle network to reference information of a control network.

Abstract: A system and method provides a virtual perimeter by maintaining a data structure for identifying a first plurality of assets, according to one embodiment. The system and method provides services to a second of the first plurality of assets, at least partially based on identifiers for the first plurality of assets and at least partially based on a first role assigned to a first of the first plurality of assets, according to one embodiment. The system and method include admitting one of a second plurality of assets into the virtual perimeter if characteristics of the one of the second plurality of assets satisfy criteria for admission to the virtual perimeter, according to on embodiment.

Abstract: The present application relates to a computer having a processor configured to execute a set of instructions to render a customised version of a restricted document object model. A restricted element in a document object model is identified and at least one rule associated with the restricted element is accessed. The at least one rule is applied to the restricted element to generate a modified document object model which is then rendered. A related computer-implemented method is also covered by the present application. The present application relates to server-side authentication techniques; content filtering based on user-specific and context-based requirements; and audit trail techniques.

Abstract: Disclosed are methods, systems, and computer-readable media for wireless key management for authentication. Authentication includes transmitting a request to a locking device, transmitting a security challenge to the mobile device, and transmitting a response to the challenge and an encrypted user profile for the locking device. The response includes data generated with an access key that is stored by both the mobile device and the locking device, and the user profile is encrypted by a server using a secret key that is stored by the server and the locking device. Authentication further includes verifying the response to the challenge, where the response is verified using the access key, and validating additional data from the mobile device. An action of the locking device may be initiated as specified by the request.

Abstract: A framework, which conforms to the OAuth standard, involves a generic OAuth authorization server that can be used by multiple resource servers in order to ensure that access to resources stored on those resource servers is limited to access to which the resource owner consents. Each resource server registers, with the OAuth authorization server, metadata for that resource server, indicating scopes that are recognized by the resource server. The OAuth authorization server refers to this metadata when requesting consent from a resource owner on behalf of a client application, so that the consent will be of an appropriate scope. The OAuth authorization server refers to this metadata when constructing an access token to provide to the client application for use in accessing the resources on the resource server. The OAuth authorization server uses this metadata to map issued access tokens to the scopes to which those access tokens grant access.

Abstract: A method and system for verifying the integrity of virtual machines and for verifying the integrity of discrete elements of the virtual machines throughout the lifecycle of the virtual machines. A virtual machine manager capable of managing one or more virtual machine images is installed on a physical hardware platform. An integrity verification component can be communicatively coupled to the virtual machine manager and an integrity reference component so that the integrity verification component can compare digests of the virtual machine image or discrete virtual machine image elements to virtual machine integrity records accessible from the integrity reference component.

Abstract: The present application relates to a computer having a processor configured to execute a set of instructions to render a customized version of a restricted document object model. A restricted element in a document object model is identified and at least one rule associated with the restricted element is accessed. The at least one rule is applied to the restricted element to generate a modified document object model which is then rendered. A related computer-implemented method is also covered by the present application. The present application relates to server-side authentication techniques; content filtering based on user-specific and context-based requirements; and audit trail techniques.