Abstract: Method for authenticating at least one ventilator with at least one remote station, wherein the ventilator can connect itself via at least one interface to the remote station, at least one authentication file is stored on the ventilator, the authentication file contains at least one signature code of a signing authority, and a public keycode of the signing authority is known to the remote station, the ventilator sends the authentication file to the remote station when establishing the connection to the remote station, the remote station checks the signature code of the authentication file using the public keycode as to whether the signature code originates from the signing point and the ventilator is authenticated when the remote station recognizes the signature code as originating from the signing authority.

Abstract: Provided is an authentication system that improves user convenience. This authentication system includes at least one first terminal, a plurality of second terminals, and a server device. The first terminal is capable of providing services using a biometric authentication function or non-biometric authentication function. Each of the second terminals is capable of switching between a biometric authentication function and a non-biometric authentication function and capable of providing services using the biometric authentication function or non-biometric authentication function. The server device is connected to the first terminal and the plurality of second terminals. The server device calculates the rate of usage of a biometric authentication function by the at least one first terminal. The server device determines an operation mode for at least one of the plurality of second terminals on the basis of the calculated rate of usage.

Abstract: There is described herein a computer-implemented method of processing an input data item. The method comprises processing the input data item using a parametric model to generate output data, wherein the parametric model comprises a first sub-model and a second sub-model. The processing comprises processing, by the first sub-model, the input data to generate a query data item, retrieving, from a memory storing data point-value pairs, at least one data point-value pair based upon the query data item and modifying weights of the second sub-model based upon the retrieved at least one data point-value pair. The output data is then generated based upon the modified second sub-model.

Abstract: A computer-implemented method. The method includes recognizing the possibility of a manipulation of the software of a first component of a plurality of components of a vehicle electrical system of a vehicle in a central device for mitigating a manipulation of software. The central device for mitigating a manipulation is part of the vehicle electrical system, and is designed to mitigate a manipulation of software in each component of the plurality of components of the vehicle electrical system. The method further includes initiating a countermeasure for mitigating the manipulation of the software of the first component and carrying out the countermeasure for mitigating the manipulation of the software of the first component. The countermeasure includes changing a functionality of the first component and at least partially shifting the functionality of the first component to one or multiple other components of the plurality of components.

Abstract: Techniques for applying context-based security in mobile networks using an API and a data store are disclosed. In some embodiments, a system/process/computer program product for applying context-based security in mobile networks using an API and a data store includes monitoring network traffic on a mobile network at a security platform to identify a new session; determining user-IP mapping information associated with the new session using an API and a data store; and enforcing a security policy on the new session at the security platform based on the user-IP mapping information to apply context-based security in the mobile network.

Abstract: A system can efficiently control access to an interactive computing environment. The system can receive authentication data of an authentication attempt associated with an entity. The system can determine, for the entity, a historical vector including features that include sub-features. The historical vector can be determined by generating synthetic data, generating weights, and determining probabilities. The synthetic data can be based on historical authentication attempts by entities other than the entity. The weights can correspond to sub-features of the historical vector. The probabilities can indicate a likelihood that a corresponding sub-feature is involved in the authentication attempt. The system can compare the historical vector to the authentication data. The system can generate a responsive message based on the comparison for controlling access to the interactive computing environment.

Abstract: A cryptography system comprising a first node having a unique identifier generator configured to generate at least one physical unclonable function (PUF); and a second node configured to remotely send an attestation request to the first node is disclosed. In some embodiments, the cryptography system may form at least part of a distributed ledger and the PUF is configured to respond to the attestation request.

Abstract: A hearing device and a method for operating a hearing device is disclosed, hearing device comprising a processing unit configured to compensate for hearing loss of a user of the hearing device; an interface; and a memory unit, wherein the memory unit has stored therein a first primary certificate comprising a first primary hearing device identifier; a second primary certificate comprising a second primary hearing device identifier; and customer data indicative of the hearing device being configured to operate as a customer hearing device, wherein the processing unit is configured to determine if the hearing device is configured to operate as a customer hearing device based on the customer data; and in accordance with a determination that the hearing device is configured to operate as a customer hearing device, operate the hearing device according to the second primary certificate.

Abstract: Aspects of the present disclosure may address cryptographic methods and systems using redundant encryption and re-keying to provide security in a post-quantum computing environment. A trusted server may initially establish encrypted communications with users, using symmetric key matrices established with the users. The trusted server may be used to establish symmetric key matrices between users and to assist in the users in establishing communications. All of the symmetric keys in a given symmetric key matrix may be used to encrypt plaintext for transmission. Re-keying may be used to generate new symmetric key matrices on a periodic basis or upon initiation by a node or based on a selected secrecy mode. Establishment of symmetric key matrices and re-keying may involve the use of post-quantum key encapsulation mechanisms.

Abstract: A searchable encryption system includes a registration device including an index generation unit (624) and an encrypted index generation unit (625). The index generation unit (624) generates a registration keyword index by using a registration keyword, authorized-person attribute information corresponding to an authorized person who has an authority to search for the registration keyword, a user key function to generate a user key corresponding to a searcher, a search query function to generate a search query having the user key incorporated therein, and an index query function to generate an index query having the search query incorporated therein. The encrypted index generation unit (625) generates an encrypted index by encrypting the registration keyword index by using the index disclosure key.

Abstract: An apparatus includes a memory that stores instructions; and a processing unit that executes the instructions to identify a created process, to receive a notification of a first event for an ancestor process and a notification for a second event for the created process, the notification of the first event indicating a first ActivityID and a first ID, the notification of the second event indicating a second ActivityID and a second ID, the first ID being different from the second ID, to perform a first determination that the created process was created by a component object model (COM) call, at least in part based on the second ID, and to perform a second determination that the ancestor process indirectly created the created process, at least in part based on the first and second ActivityIDs and the first determination.

Abstract: A hardware trojan security system may perform a computer implemented method to secure an electronic facility in relation to a hardware trojan, by performing a trojan vulnerability analysis, locating an instrument site location, identifying a selected instrument in relation to an effect of the trojan, marking instrument control-side markers and instrument operative-side markers, marking facility model control-side markers and facility model operative-side markers, marking access architecture control-side markers, and connecting the instrument with the facility model and access architecture by matching corresponding markers.

Abstract: Disclosed herein are methods and systems for training artificial intelligence (AI) models. A central server may train an AI model by outputting, onto an electronic device operated by a user, results of execution of the AI model; monitoring the electronic device to identify a set of interactions between the user and the electronic device while the electronic device is outputting the results; generating a first training dataset corresponding to the user's interactions with the electronic device, the first training dataset corresponding to a frequency of correction of results; generating a second training dataset corresponding to the user's input to a prompt requesting the user to input a numerical value associated with an accuracy of the results; and training the AI model using the first and second training datasets.

Abstract: Embodiments provide a user-defined external support request routing platform for routing a client support request initiated by a client computing device associated with an external communications platform. Embodiments also include receiving a support communications integration definition object comprising an external communications platform type identifier, an external communications platform provider identifier, an external communications platform address, and an external communications platform credential. In response to receiving the support communications integration definition object, embodiments update a support communications platform integration associated with an external communications support request routing system.

Abstract: Techniques and systems can obtain a first private key usable with a classical cryptography algorithm and a second private key usable with a post-quantum cryptography algorithm based on classical and post-quantum public keys hosted by a computer-implemented storage of an online service provider. A plurality of keys to perform a cryptography operation on data hosted by the computer-implemented storage can be generated, the plurality of keys generated based on at least the first and second private keys and a cryptography derivation function identified in the computer-implemented storage. The plurality of keys can be used to perform the cryptography operation on the data hosted by the computer-implemented storage.

Abstract: A user specific tic behavior detection-based method and system of performing an authentication of video of a person in order to authorize access to a secured resource. The user provides audio and/or video data in which they exhibit one or more tic behaviors. When a person later requests access to the user's account, the system and method are configured to capture a video and/or audio recording of the person requesting access. The data is evaluated to determine whether the previously detected tic behavior is present. If the tic behavior is present, the system determines the image or voice is authentic and can verify an identity of the person. In some cases, the system can further be configured to automatically grant the person access to one or more services, features, or information for which he or she is authorized.

Abstract: A monitoring service analyzes client-based monitoring data in correlation with network-based monitoring data for paths between two endpoints in a network upon request from a client. The endpoint can be any valid private IP address or DNS name where traffic is to be sent. Clients may define parameters for the monitoring, including thresholds for identifying network issues based on the client-based monitoring data. Different levels of network-based monitoring may be performed responsive to results of the correlation and continued performance determinations relative to the thresholds. The client-based and network-based monitoring data may include reports of performance signals, such as packet loss and round-trip time or other measured latency, as well as events such as connection issues and timeouts. The monitoring data from the different sources can be compared to determine whether a network issue is present in the network or outside of the network/in the client.

Abstract: The application relates to a method, a device and a storage medium for storing and playing back unmanned driving information, wherein the unmanned driving information storage method comprises the following steps of: acquiring a plurality of data signals associated with an abnormal event when the abnormal event of an unmanned vehicle is monitored; calculating a first hash value for each data signal; storing each first hash value and the corresponding data signal as a key value pair in a key value database respectively; generating a first Merkel tree based on each first hash value; and storing the first Merkel tree and critical data signals of the plurality of data signals into a blockchain, and generating corresponding electronic money addresses and transaction timestamps. By this method, the correctness, integrity, fairness, and credibility of abnormal field data can be guaranteed, and too much storage space will not be occupied at the same time.

Abstract: An apparatus for producing a message authentication code based on a first message and an original key is provided. The apparatus includes a key generator configured to produce a generated key based on the original key and the first message. Furthermore, the apparatus includes a message authentication code generator configured to produce the message authentication code based on the generated key and the first message.

Abstract: Described are systems, methods, and computer-program product embodiments for providing Session Initiation Protocol (SIP) network security. In some embodiments, a SIP processing system includes a SIP device configured to receive a packet stream from a first SIP user agent and facilitate a SIP communication session between the first SIP user agent and a second SIP user agent. The SIP device receives the SIP messages in the SIP communication session and opens one or more socket connections with one or more security systems. The SIP device transmits metadata of the SIP messages to the one or more security systems configured to detect threats. Based on a threat status generated by and received from the one or more security systems, the SIP device controls the SIP communication session.