Abstract: The present disclosure provides a method, system, and device for securely updating a software release across a network. To illustrate, a server may compile a transaction log that includes information corresponding to one or more nodes in the network to which the software release has been transmitted. The server may analyze one or more files based on vulnerability information to identify at least one file of the one or more files that poses a risk. The server may also identify at least one node of the network at which the at least one file is deployed. Based on identifying the at least one node, the server may transmit a corrective action with respect to the at least one node.

Abstract: The present disclosure relates to highly secure, high speed encryption methodologies suitable for applications such as media streaming, streamed virtual private network (VPN) services, large file transfers and the like. For example, encryption methodologies as described herein can provide stream ciphers for streaming data from, for example, a media service provider to a plurality of users. Certain configurations provide wire speed single use encryption. The methodologies as described herein are suited for use with blockchain (e.g. Bitcoin) technologies.

Abstract: Broadly speaking, the present technique provides methods, apparatuses and systems for performing a TLS/DTLS handshake process between machines in a manner that reduces the amount of data sent during the handshake process.

Abstract: An operating system of a mobile device defines an interface for an MDM to ensure security of the device. A private personal MDM (PPMDM) instead interfaces with the operating systems and one or more enterprise MDMs (EMDM) implement security policies through the PPMDM subject to user control. Data may be flagged as associated with an EMDM based on source or location to enable deletion due to theft or disassociation with an enterprise. Blocks or threat detection according to an EMDM policy may be reported to an EMDM in a non-invasive manner.

Abstract: A method comprises receiving an image of an update for a software module, a rate parameter, an index parameter, and a public key, generating a 32-byte aligned string, computing a state parameter using the 32-byte aligned string, generating a modified message representative, computing a Merkle Tree root node, and in response to a determination that the Merkle Tree root node matches the public key, forwarding, to a remote device, the image of the update for a software module, the state parameter; and the modified message representative.

Abstract: Disclosed is a device and method to secure software update information for authorized entities. In one embodiment, a device for receiving secured software update information from a server, the device includes: a physical uncolonable function (PUF) information generator, comprising a PUF cell array, configured to generate PUF information, wherein the PUF information comprises at least one PUF response output, wherein the at least one PUF response output is used to encrypt the software update information on the server so as to generate encrypted software update information; a first encrypter, configured to encrypt the PUF information from the PUF information generator using one of at least one public key from the server so as to generate encrypted PUF information; and a second encrypter, configured to decrypt the encrypted software update information using one of the at least one PUF response output so as to obtain the software update information.

Abstract: A Universal identification system comprising: a Universal ID device, a Universal ID reader and a Universal ID computing system is described.

Abstract: One or more embodiments of techniques or systems for session management, security scoring, and friction management are provided herein. Sessions may be monitored for commonalities or other attributes or aspects and closed, terminated, or a freeze placed on additional sessions from being initiated. A security score may be provided which is indicative of how secure a user is with respect to one or more ways the user interacts with a resource. One or more suggested actions or score improvement strategies may be suggested to facilitate improvement of a security score for a user. Friction management may be provided by having one or more additional layers of security applied to an account of a user or an entity based on suspicious behavior or other factors.

Abstract: Examples described herein relate to a blockchain Internet-of-Things (IoT) system. The blockchain IoT system include a blockchain IoT device that generates event data and attests the event data using a decentralized identity provisioned to the blockchain IoT device. The blockchain IoT system further includes a blockchain network coupled to the blockchain IoT device via a network. The blockchain network includes a blockchain IoT management sub-system to receive the event data from the blockchain IoT device, verify the decentralized identity associated with the blockchain IoT device, and upon successful verification of the decentralized identity, process the event data. The blockchain network also includes a blockchain ledger sub-system to verify the processed event data and, upon successful verification of the processed event data, store the processed event data in a distributed ledger.

Abstract: A method for blockchain certification of artificial intelligence factsheets that includes receiving by a computing device, an artificial intelligence model. The computing device generates an artificial intelligence factsheet based upon logic of the artificial intelligence model. The computing device generates a blockchain link for a blockchain. The blockchain link certifies the artificial intelligence factsheet. The computing device transmits the blockchain link certifying the artificial intelligence factsheet to other computing devices.

Abstract: Techniques are disclosed for migrating data objects stored by the source DDOS from the source DDOS to the target DDOS while at least the source DDOS is live and available to process requests for access to the data objects being migrated. The techniques also provide eventual consistency between data objects that are created, updated, or deleted in the source DDOS that are applicable to the migration and that occur while the migration is being performed.

Abstract: Disclosed is a method for managing database permissions, the method including: obtaining a login account that successfully logs in to a first database, where the first database is a relational database built in with permission management and is pre-configured with an external table that has a mapping relationship with a second database; ascertaining management permissions of the login account based on pre-configured management permission information; determining whether a management operation on the external table by the login account exceeds the management permissions of the login account; and if the management operation by the login account does not exceed its management permissions, permitting the management operation, and synchronizing the management operation to the second database based on the mapping relationship between the external table and the second database. Further disclosed are a system and a device for managing database permissions, as well as a computer-readable storage medium.

Abstract: Aspects of the present disclosure provide for systems and methods to automatically load security access files and/or keys on a local digital controller serving subscriber communication equipment, but are not so limited. A disclosed system operates to use a deployment manager as part of auto-loading security access files and/or keys on a local digital controller serving subscriber communication equipment. A disclosed method operates in part to auto-load security access files and/or keys on a local digital controller serving subscriber communication equipment.

Abstract: Message decryption dependent on third-party confirmation of a condition precedent is disclosed. A message is encrypted with a message encryption key to form an encrypted message. A message decryption key that is configured to decrypt the encrypted message is encrypted with a key of a first entity to which the message is to be disclosed upon occurrence of a condition precedent to form an encrypted message decryption key. The encrypted message decryption key is encrypted with a key of a second entity configured to confirm the occurrence of the condition precedent to form a double encrypted message decryption key. A condition identifier that identifies the condition precedent is generated. The encrypted message, the double encrypted message decryption key, and the condition identifier are sent to the first entity.

Abstract: A verification method implemented by a first system including a plurality of computers, the method includes: calculating a first hash value for an original document; calculating a second hash value for an original document by using the first hash value; calculating a first modified version's first hash value for the first modified version document; calculating a first modified version's second hash value that is a hash value obtained by combining the first modified version's first hash value and the original document's second hash value; in response to a second modified version document obtained by modifying the first modified version document, calculating a second modified version's first hash value for the second modified version document; and calculating a second modified version's second hash value that is a hash value obtained by combining the second modified version's first hash value and the first modified version's second hash value.

Abstract: A system includes an electronic control unit (ECU) including a processor that determines that the ECU has been communicably connected to a vehicle communication system. The processor sends a provisioning message, via the communication system, to a remote server, responsive to connection to the vehicle communication system. The message includes a vehicle identifier provided by an element of the vehicle system and signed with a unique security key specific to the ECU. The processor is also receives a confirmation response from the remote server and enables further communication for the ECU responsive to the confirmation response.

Abstract: A method of authenticating sensor data includes receiving, by at least a temporal attester, sensor data, calculating, by the at least a temporal attester, a current time, generating, by the at least a temporal attester, a secure timestamp generated as a function of the current time, and transmitting, by the at least a temporal attester and to at least a verifier, a temporally attested sensor signal including the secure timestamp.

Abstract: The disclosure relates to a computed-implemented method, a computer program, and a computer system for selectively verifying personal data. The method comprises receiving, by an identity application of a client device, personal data of a user. The method further comprises computing, via a cryptographic hash function, one or more cryptographic hashes from elements of the personal data. The method further comprises storing the cryptographic hashes, an internal identifier and a timestamp as an entry in a distributed database. The internal identifier is unique within the distributed database. The method further comprises receiving a user request from the user. The method further comprises selecting one or more of the elements of personal data for verification. The method further comprises requesting verification of the selected elements of personal data. The method further comprises determining an authorization indication in response to the verification request.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for digital asset buyback. One of the methods includes: obtaining a request for buying back a digital asset from a first blockchain account, the request comprising a quantity of the digital asset; identifying, based on the request, a blockchain contract that is deployed on the blockchain and that corresponds to the digital asset; generating a blockchain transaction for transferring the quantity of the digital asset from the first blockchain account to a second blockchain account associated with digital asset buyback, wherein the blockchain contract comprises a restriction prohibiting transfer of the digital asset out of the second blockchain account; and sending, to a blockchain node for adding to the blockchain, the blockchain transaction for transferring the quantity of the digital asset from the first blockchain account to the second blockchain account.

Abstract: Structured access to volunteered private data disclosed. Access can be based on security and privacy constraint information (SPCI) that can be selected by the party volunteering the private data. The volunteered data can be stored in a protected portion of a public network. The SPCI can be correlated to the volunteered data. In response to receiving a request for access to the volunteered data, an attribute of the request can be determined to satisfy one or more rules related to the SPCI prior to facilitating access to a version of a portion of the volunteered data. The version of the portion of the volunteered data can be a redaction of the portion of the volunteered data. The version of the portion of the volunteered data can be aggregated with other portions of other volunteered data determined to satisfy corresponding SPCI related rules.