Abstract: Systems and methods include a computer-implemented method for verifying blockchain transaction. A request is received in a blockchain for a user to use an application. A three-blockchain cluster verification process is performed in response to receiving the request. Verification that the application is authorized is performed using a nodes blockchain cluster in the blockchain based on user-application data pre-verified by at least two administrators and stored in the nodes blockchain cluster. Verification that the user exists and is authorized is performed using a users/objects blockchain cluster in the blockchain different from the nodes blockchain cluster, where the verifying is based on the user-application data pre-verified by the at least two administrators and stored in the users/objects blockchain cluster.

Abstract: Secure workspaces can be supported in heterogenous environments. Snapshots of secure workspaces can be created when the secure workspaces are deployed on a user's primary user computing device. When a user desires to access secure workspaces on a secondary user computing device, information about and a trust for the secondary user computing device can be determined. Based on the information and the trust, it can then be determined how the snapshots of the secure workspaces will be used to make the secure workspaces available to the secondary user computing device. In some cases, a best-known configuration for a secure workspace can be determined and applied.

Abstract: An automated system attempts to characterize code as safe or unsafe. For intermediate code samples not placed with sufficient confidence in either category, human-readable analysis is automatically generated to assist a human reviewer in reaching a final disposition. For example, a random forest over human-interpretable features may be created and used to identify suspicious features in a manner that is understandable to, and actionable by, a human reviewer. Similarly, a k-nearest neighbor algorithm may be used to identify similar samples of known safe and unsafe code based on a model for, e.g., a file path, a URL, an executable, and so forth. Similar code may then be displayed (with other information) to a user for evaluation in a user interface. This comparative information can improve the speed and accuracy of human interventions by providing richer context for human review of potential threats.

Abstract: Aspects of the disclosure relate to detecting and preventing malicious browser extensions. A computing platform may send rule information to a master browser extension on a computing device including a set of rules defining reportable behavior associated with one or more other browser extensions. Subsequently, the computing platform may receive report information from the master browser extension on the computing device identifying an other browser extension of the one or more other browser extensions that exhibit the reportable behavior defined by at least one rule of the set of rules in the rule information. Based on receiving the report information, the computing platform may determine that the identified other browser extension is a malicious extension. Then, the computing platform may send one or more commands to the master browser extension on the computing device directing the master browser extension to disable or remove the identified other browser extension.

Abstract: A processing system may detect at least one endpoint device of at least one user at a premises having a first plurality of functions, may obtain at least one user profile that indicates a second plurality of functions associated with the at least one user, each function having a maximum available function level, and may obtain a visitor profile associated with the premises defining permitted function levels for one or more functions from among the first plurality that the at least one user is permitted to access. The processing system may then select a set of shared functions and function levels for the set based on the at least one user profile and the visitor profile, the set of shared functions including a first function of the first plurality and a second function of the second plurality, and may activate the set at the premises with the function levels.

Abstract: Techniques for using contextual information to manage data that is subject to one or more data-handling requirements are described herein. In many instances, the techniques capture or depend upon the contextual information surrounding the creation and/or subsequent actions associated with the data. The contextual information may be updated as the data is handled in various manners. The contextual information may be used to identify data-handling requirements that are applicable to the data, such as regulations, standards, internal policies, business decisions, privacy obligations, security requirements, and so on. The techniques may analyze the contextual information at any time to provide responses regarding handling of the data to requests from requestors, such as administrators, applications, and others.

Abstract: Techniques are provided for automated sharing of remote devices by multiple users using a file system. One method comprises maintaining public keys for source devices associated with users; configuring a primary target device to provide a file system that comprises: (i) a user-specific directory for each of the users, and (ii) a global directory accessible by the users, wherein the user-specific directory for a given user comprises the public key for the source devices associated with the given user; and configuring a secondary target device to provide a copy of the file system, wherein updates to the file system are provided to the secondary target device, and wherein the given user accesses the primary and/or the secondary target device, using a particular source device, based on an evaluation of the public key for the particular source device obtained from the user-specific directory for the given user.

Abstract: An Internet of Things (IoT) device authorization method includes an IoT device that wirelessly communicates with a first electronic device and a second electronic device. The IoT device includes a processor, a memory, a first antenna, and a second antenna. A transmit distance of the second antenna is less than a transmit distance of the first antenna. When instructions stored in the memory are executed by the processor, the IoT device is configured to receive a first message indicating to add a shared control device for the IoT device; send, through the second antenna, a second message including device information of the IoT device; receive, in response to the second message, a third message including device information of the second electronic device; and send, through the first antenna, a fourth message including the device information of the second electronic device to the first electronic device.

Abstract: Systems and methods for automatically configuring a firewall are described. Systems and methods include receiving one or more flows, automatically detecting elements of a computing environment, automatically generating a firewall configuration based on the detected elements of the computing environment and the received one or more flows, and automatically configuring a firewall within the computing environment with the firewall configuration.

Abstract: A learning apparatus includes: a first estimation unit—configured to learn normal communication data, estimate probability density of the normal communication data, and update a parameter of a model; a clustering unit configured to cluster the normal communication data according to the probability density estimated by the first estimation unit; a second estimation unit configured to perform learning for each of clusters resulting from the clustering by the clustering unit, and estimate the probability density of the normal communication data of the cluster and update a parameter of a model representing characteristics of the probability density of the normal communication data of the cluster by using, as an initial value of the parameter, a parameter having already been learned in the first estimation unit; and an integration unit configured to integrate the estimated probability density of the clusters.

Abstract: A system is provided for producing an output photon having a predefined frequency. A pump module produces a plurality of pump fields at a plurality of pump frequencies. A photon pair source module generates frequency-correlated photon pairs. A detector module generates a heralding signal subsequent to detecting a first photon of a photon pair, the heralding signal indicative of a frequency of the second photon of the pair. A non-linear photonic element is arranged to (1) receive the heralded second photon and a complementary selected pump field, and (2) to produce an output photon having the predefined frequency. A pump field selector is configured to (1) receive a heralding signal and (2) select, based on the received heralding signal, a pump field of the plurality of pump fields for provision to the non-linear element. Methods, controllers and computer-readable media are also described herein.

Abstract: A method may include storing access rights with respect to a plurality of shared data ledgers, wherein each respective shared data ledger of the plurality of shared data ledgers comprises: a plurality of data portions; and at least one data record stored within a data portion of the plurality of data portions; receiving a request, from a requesting computing device, the request including: a requesting identifier stored in a data record of a first shared data ledger; and a request for information, associated with the requesting identifier, stored in a second shared data ledger; determining that the requesting computing device is authorized to access the information stored in the second shared data ledger based on the stored access rights; and based on the determining: accessing the information associated with the requesting identifier from the second shared data ledger; and transmitting at least a portion of the accessed information.

Abstract: One or more systems, devices, computer program products and/or computer-implemented methods of use provided herein relate to generating a security threat prediction. A system can comprise a memory that stores computer executable components, and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a prediction component that analyzes a public data graph model to generate a primary security threat determination, wherein the prediction component can further generate a secondary security threat prediction based on the primary security threat determination and on a proprietary data graph model, wherein the proprietary data graph model comprises proprietary security threat data from a source, and wherein the proprietary security threat data has been scrubbed of source-identifiers.

Abstract: Systems and methods for supply chain management are provided. The systems and related methods create, share and allow updating of electronic records containing supply chain event data and supply chain documents relevant to the execution of supply chain processes. The system and related methods further allow the storing of supply chain event data, supply chain documents, electronic records of supply chain processes and summary files of electronic records of supply chain processes on one, two or more distributed ledgers.

Abstract: Systems, devices, and methods are discussed that provide for discovering protected data from a code. Such detection provides an ability to discover potentially malicious code and/or datasets obfuscated within a code prior to full execution of the code.

Abstract: Systems, devices, and methods are discussed that provide for discovering protected data from a code. Such detection provides an ability to discover potentially malicious code and/or datasets obfuscated within a code prior to full execution of the code.

Abstract: Methods, systems, and apparatuses related to adjustable security levels in processors are described. A processor may have functional units and a register configured to control security operations of the functional units. The register configures the functional units to operate in a first mode of security operations when the register contains a first setting; and the register configures the functional units to operate in a second mode of security operations when the register contains a second setting (e.g., to skip/bypassing a set of security operation circuit for enhanced execution speed).

Abstract: The present disclosure relates to systems, devices and methods for receiving biosensor data acquired by a medical device, e.g., relating to glucose concentration values, and controlling the access and distribution of that data. In some embodiments, systems and methods are disclosed for monitoring glucose levels, displaying data relating to glucose values and metabolic health information, and controlling distribution of glucose data between applications executing on a computer, such as a smart phone. In some embodiments, systems and methods are disclosed for controlling access to medical data such as continuously monitored glucose levels, synchronizing health data relating to glucose levels between multiple applications executing on a computer, and/or encrypting data.

Abstract: A method, a system, and a computer program product for training a model for automatically evaluating a generated vulnerability remediation in a source code of an application are provided. The method includes the following steps. Training input data is obtained, where the training input data includes input features, and each of the input features includes a training vulnerability and a training remediation of the training vulnerability. Training output data is obtained, where the training output data includes output predictions, and each of the output predictions includes a training validation associated with the training vulnerability and the training remediation of the corresponding input feature. The model is trained based on the training input data and the training output data.

Abstract: The present disclosure relates to systems, devices and methods for receiving biosensor data acquired by a medical device, e.g., relating to glucose concentration values, and controlling the access and distribution of that data. In some embodiments, systems and methods are disclosed for monitoring glucose levels, displaying data relating to glucose values and metabolic health information, and controlling distribution of glucose data between applications executing on a computer, such as a smart phone. In some embodiments, systems and methods are disclosed for controlling access to medical data such as continuously monitored glucose levels, synchronizing health data relating to glucose levels between multiple applications executing on a computer, and/or encrypting data.