Abstract: A framework for determining capabilities for execution of a system call a container and/or process within a computing system. For example, techniques for determining capabilities prerequisite for execution of a system call and determining whether the system call has been assigned the capabilities prerequisite for execution of the system call.

Abstract: Systems and processes for generating a single cryptocurrency address mapping space for a plurality of cryptocurrencies including a global map of activity for the plurality of cryptocurrencies by clustering different addresses used in separate cryptocurrency transactions that are controlled by a same individual or entity are disclosed.

Abstract: Methods, systems, apparatuses, and computer program products are provided for reconstructing network activity. A network activity monitor is configured to monitor network activity for various network entities. Based on the monitoring, a set of features may be obtained for each network entity. A determination may be made for a number of vertices suitable for describing the sets of features in a multidimensional space. In some implementations, the vertices may define a convex hull in the multidimensional space. Each of the vertices may be assigned a different usage pattern that represents a certain type of network usage types. Reconstructed network activity for a particular network entity may be represented as a weighted combination of the usage patterns. Based on the reconstruction, a network anomaly may be detected, a network may be modified, and/or an alert may be generated.

Abstract: A strategic master data management blockchain computing platform includes virtual machine(s) configured and deployed to execute an operating system of the blockchain computing platform across a virtual network, and a plurality of interconnected data processing nodes each comprising a plurality of functional layers, where the plurality of functional layers comprise an identity management access layer that is configured to establish a blockchain computing function. The blockchain computing function includes defining (a) role-based access control (RBAC) policies for access to master data management blockchain services, and (b) attribute-based access control (ABAC) time-based rules restricting access to portions of master data. The blockchain computing function also maintains a security framework that controls access to processing node resources across the virtual network.

Abstract: Methods and systems for managing secure IoT data are described. A docker container system for managing secure Internet of Things (IoT) device data includes a machine control container configured to collect IoT device data from device data producing machines, a translation container configured to translate collected IoT device data into a common semantic format, client-specific container applications configured to aggregate, filter, and process translated IoT device data to generate processed IoT device data, and send the processed IoT device data to at least one of client applications and data storage, and a secure container proxy service configured to apply security-based protocols to the processed IoT device data. The client-specific container applications deployed absent the security-based protocols.

Abstract: Rolling encryption within a memory region. A method includes storing data in a first encrypted memory portion in the memory region. The data in the first encrypted memory portion is encrypted to a first runtime encryption key. Data is stored in a second encrypted memory portion in the memory region. The data in the second encrypted memory portion is encrypted to a second runtime encryption key. A pointer is stored. The pointer defines a boundary between the first encrypted memory portion and the second encrypted memory portion. The first encrypted memory portion and second encrypted memory portion are both configured to be accessible together to entities external to the memory to provide data stored in the first encrypted memory portion and second encrypted memory portion.

Abstract: A method or a system accesses an envelope stored in a first database. The envelope includes a set of secure electronic documents, a workflow of tasks, and one or more events associated with the tasks. The system also accesses a second database that stores a credential of an entity associated with the envelope. In response to authenticating the credential, the system receives and caches an access token in a third database. Further, the system monitors the events associated with the tasks in the workflow. In response to detecting an occurrence of at least one event, the system generates and sends a message with the cached access token to a webhook listener. After authentication of the entity using the access token, the webhook listener is caused to generate and send a notification to an administrator of the entity.

Abstract: A method, system, and computer program product for managing a storage array in a storage system, the storage array comprising a first and second data blocks comprising: receiving a set of cryptographic values from the storage array, the set comprising a first value associated with the first data block, and a second value associated with the second data block; analysing the set of cryptographic values to determine a set of associations, the set of associations comprising a first association between the first data block and the second data block, storing the set of associations; and in response to determining the set of associations, performing a storage management operation on at least one of the first data block and the second data block.

Abstract: Methods and systems disclosed herein describe using machine learning to lock and unlock a device. Machine learning may be trained to recognize one or more features. Once the device has been trained to recognize one or more features, a user may define an unlock condition for the device using the one or more trained features. After defining the unlock condition, the device may be locked by verifying the one or more features that the user defined as the unlock condition using machine learning. When verification is successful, the device may be unlocked and the user allowed to access the device.

Abstract: Systems, computer program products, and methods are described herein for verifying authentication credentials in an electronic network. The present invention is configured to receive a first IP address associated with a first access attempt; determine a first geolocation data based on the first IP address; receive a second IP address associated with a second access attempt; determine a second geolocation data based on the second IP address; determine a geolocation variance between the first and the second geolocation data; determine, based on the geolocation variance, an indication of potential movement between the access attempts; apply, based on the indication of potential movement, a verification machine learning model to the account identifier; generate, by the verification machine learning model, a privacy score; and generate, based on the privacy score, an alert user interface component to configure a GUI of a device associated with the user of the account.

Abstract: The present application relates to an electronic test equipment and an optional function configuring method. A ciphertext decryption authentication unit performs a decryption authentication operation according to a function option key and a function option ciphertext, performs a corresponding operation on a function device corresponding to the function option ciphertext according to an authentication result signal, and outputs the authentication result signal to an operation control unit, such that the operation control unit operates, according to the authentication result signal, a target function corresponding to the function option ciphertext.

Abstract: Systems, computer program products, and methods are described herein for tracking network traffic data and identifying rogue access patterns in an electronic network. The present invention is configured to receive a plurality of peer user accounts; receiving a plurality of peer user data associated with the plurality of peer user accounts; generating a relational mapping based at least on the predetermined group; and generating a plurality of peer historical data access patterns based on the plurality of peer user data over the historical predetermined period. The present invention may further be configured to receive a primary user account; receive a plurality of primary user data; generate a plurality of primary user access patterns; compare the plurality of peer historical data access patterns and the plurality of primary user access patterns to generate an abnormality score; and determine whether the abnormality score meets the abnormality threshold.

Abstract: A homomorphic encryption operation key management system receives a public key and a hierarchical Galois key from a client device, verifies validity of a token in response to receiving the token and a request for a homomorphic encryption operation key for the client device from a server, and generates the homomorphic encryption operation key using the public key and the hierarchical Galois key and transmits the homomorphic encryption operation key to the server when the token is valid.

Abstract: There is provided a computer implemented method of assessing a real time security risk from an external computing environment interfacing with a target computing environment, comprising: identifying a plurality of values of a plurality of risk metrics indicative of a security risk from the external computing environment interfacing with the target computing environment, feeding each of the plurality of values of the plurality of risk metrics into a large language model (LLM), and asking the LLM for which question is correlated with an answer to each value of each risk metric, obtaining a plurality of questions from the LLM, obtaining a plurality of responses to the plurality of questions, analyzing mismatches between the plurality of responses and the plurality of values of the plurality of risk metrics indicative of security risk, and computing the real time security risk according to an aggregation of a plurality of mismatches.

Abstract: A method includes receiving, by a server computer, an authorization request message comprising a contract address and a token identifier during an interaction between a user device and a resource provider computer. The server computer verifies that an NFT, referenced by the contract address and the token identifier, is assigned to a first address and a second address. If verified, server computer determines a credential stored in association with the contract address and the token identifier using a conversion table. The server computer processes the interaction with the credential.

Abstract: An information handling system may validate a connection request received from a trusted platform module (TPM)-virtual (vTPM) module according to a policy, wherein the connection request originated from a virtual machine associated with the TPM-vTPM module which consumes services from a clustered vTPM domain service. In response to determining that the connection request is valid based on the policy, the system may determine the vTPM domain service associated to the TPM-vTPM module, and determine whether to route or redirect the connection request according to policy. In response to determining that the connection request is to be redirected, the system may transmit a response to the TPM-vTPM module, wherein the response includes redirect information to the vTPM domain service. In response to determining that the connection request is to be routed, the system may route the connection request to the vTPM domain service.

Abstract: A system and method for agentless detection of sensitive data in a cloud computing environment is disclosed. The method includes: generating an inspectable disk from a clone of an original disk in a cloud computing environment; inspecting the inspectable disk for a cybersecurity object, the cybersecurity object indicating a sensitive data, the disk deployed in a cloud computing environment; extracting a data schema from the cybersecurity object, in response to detecting the cybersecurity object on the disk; generating a classification of the data schema; detecting in the disk a plurality of data files, each data file including the classified data schema; determining that the data schema corresponds to sensitive data based on the generated classification; generating in a security database: a representation of the data schema, and a representation of each data file; and rendering a visual representation of the cloud computing environment including a representation of the data schema.

Abstract: Systems and methods for threat detection and analysis. A method includes monitoring at least one thread associated with at least one user process on a computing device. The method further includes detecting specific-system calls associated with at least one user process at user level. The specific-system calls are analyzed by applying a filter to system calls sequence feature sets associated with the specific-system calls for detecting one or more events of interest. A capture of a full stack trace of at least one user process is requested if the system calls sequence feature set is filtered and at least one event of interest is detected. A first level monitoring is provided to the computing device, which includes processing and analyzing the captured full stack trace by a machine learning (ML) stack trace analyzer to generate a first verdict for threat detection and analysis.

Abstract: A method for operating a computing device for a control unit of a motor vehicle. The computing device including a processor core, and is configured to control an exchange of data between a connectivity zone and a security zone. The security zone includes at least one component which is necessary to drive the vehicle and has an elevated relevance with regard to safety. The connectivity zone including at least one component whose operation requires communication outside of the vehicle but is not required to drive the vehicle and does not have an elevated relevance with regard to safety. At least one first program executable by the computing device is assigned to a non-trustworthy zone, and at least one further program is assigned to a trustworthy zone. The component of the connectivity zone is assigned to the non-trustworthy zone, and the component of the security zone being assigned to the trustworthy zone.

Abstract: A credential management system stores GDPR wallets of individuals who consent to share their private data with various consumers, and constructs GDPR directories for the consumers allowing access to the wallet records. If an individual decides they no longer want to share their records with a specific consumer, the system deactivates access to the specific consumer for compliance with privacy laws. However, the consumer may have a legitimate need to retain the information in which case the system will still allow access to records that were available prior to deactivation, but will block access to any newly added records in the individual's wallet. An individual may also automatically deactivate all current consumer connections; if this global deactivation happens after a specific consumer has been already been deactivated, the system will use two different deactivation dates for the access filter depending on which consumer is attempting to view the wallet.