Abstract: In a method for authenticating a user, a processor receives a login request for an application. A processor directs the login request to a collection page. The collection page may include an authentication script. A processor receives a risk assessment based on an identity authenticated through the authentication script. A processor grants a level of access to the application based on the risk assessment.

Abstract: A reliable video streaming method using blockchain technology resisting cyber-attacks such as external and DDOS, malware, virus, and bandwidth reduction during video streaming of mobile devices connected over a same network is provided. The reliable video streaming method enables mobile devices connected to each other over a network to stream video over a reliable network.

Abstract: A system and method identifies activity data that is related to activity of a plurality of users of a gaming platform. The activity data is used by the gaming platform to perform a gaming process. The system and method identifies first data of the activity data based on a first characteristic. The first data is a subset of the activity data. The system and method determines a number of times that the first data of the activity data meets a first condition. The system and method responsive to determining that the number of times that the first data of the activity data meets the first condition satisfies a first threshold, modifies the activity data by removing the first data from the activity data. The system and method performs the gaming process using the modified activity data.

Abstract: Methods, systems, devices and computer-readable media for granting remote access to an electronic device are described herein. An electronic device obtains an encrypted password comprising a password encrypted with a public encryption key. The electronic device outputs the encrypted password for a device user computer to transmit the encrypted password to a support computer to have the encrypted password decrypted with a private encryption key corresponding to the public encryption key. The electronic device receiving an access request comprising the password from the support computer. The electronic device grants the support computer access thereto when the password of the access request from the support computer corresponds to the password at the electronic device.

Abstract: A system and a method for protecting code are provided. Extraction of code to be protected takes place during an object-to-object transformation and that code is replaced with fake binary code. The extracted code to be protected may then be encrypted or otherwise obscured and stored in a separate region of an object file. A prior source-to-source file transformation can be provided to isolate and mark the code to be protected, and to inject additional source code to handle later decryption.

Abstract: Connected computing enables the use of highly diverse environments that support operating frameworks for contemporary civilization. But computing productivity and trustworthiness are undermined by such environments' largely inchoate organization. These environments and their identity infrastructures are fragmented, and unnecessarily unreliable, insecure, and insufficiently informative due to current computing entity (e.g., resource) identification infrastructure design, which lacks root identification reliability. Such reliability is enabled herein by a fundamentally accurate and authenticity ensuring, near-existential or existential quality, biometrically and liveness based, portable identification and provenance infrastructure. Such an infrastructure provides ubiquitously available identification information that can be used universally for identification processes.

Abstract: Disclosed herein is an identity network that can provide a universal, digital identity for users that can be used to authenticate the user by an identity provider for relying parties to utilize for confirming the identity of the user during sign-up. The identity network receives a request from a relying party that includes deep linking to an identity provider selected by the user. The request specifies the user and any other information about the user the relying party is requesting. A service of the identity network launches the application for the identity provider on the user's device and the user logs into the identity provider's application, which provides the user authentication/validation and information about the user to the identity network. The identity network can then provide the information to the relying party, which the relying party can rely on for creating an account with the relying party for the user.

Abstract: Some embodiments are directed to a system (100) for selectively disclosing attributes of a record. An issuer device (110) generates a digital signature on a message comprising the attributes and a secret record identifier. The record, secret record identifier, and signatures are provided to a selector device. The selector device (111) selectively discloses attributes of the record to a receiver device (112), proving authenticity by means of a zero-knowledge proof of knowledge of the signature on the attributes. The receiver device (112) verifies the proof with respect to the public key of the issuer and the received attributes.

Abstract: This application sets forth techniques for authenticating a mobile device with a cellular wireless network without electronic Subscriber Identity Module (eSIM) credentials by using an Extensible Authentication Protocol Transport Layer Security (EAP-TLS) procedure. The mobile device authenticates with an Authentication Server Function (AUSF) of the cellular wireless network using an embedded Universal Integrated Circuit Card (eUICC) certificate. Processing circuitry of the mobile wireless device external to the eUICC implements the EAP-TLS procedure and authenticates validity of the AUSF. In some embodiments, the eUICC provides key generation and storage for a session key for communication between the mobile device and the cellular wireless network.

Abstract: The present disclosure relates to a security circuit for detecting physical attacks on a system semiconductor. The security circuit includes at least: a shielding layer having a mesh structure composed of a transmission line; a processor configured to determine that a focused ion beam (FIB) circuit editing attack was detected when a difference between predetermined counter output and a first counter output is less than a first reference value; determine that a microprobing attack was detected when a difference between the second counter output and the first counter output exceeds a second reference value; and output an alarm signal when detecting the circuit editing attack or the microprobing attack.

Abstract: A technology is described for resolving device credentials for a device. An example method may include receiving device credentials for management by a service provider. The device credentials may include authentication credentials and a device policy document that specifies permissions used to authorize resource actions requested by the device. In response to receiving a message requesting that a resource perform a resource action associated with the device, the device may be authenticated using the authentication credentials, and the resource action may be authorized using the permissions specified in the device policy document.

Abstract: The present disclosure discloses a device binding method and device, used to resolve the issue of the prior art in which the operation of controlling a smart device in a certain position is cumbersome. The method of embodiments of the present disclosure comprises: a user terminal sending target address information to a server, the server encrypting the target address information, generating a verification password, and sending the verification password to the user terminal; the user terminal sending, by means of a transmission device, the verification password to a device to be bound; the device sending the received verification password and a device identifier of the device to the server; and if the verification password sent by the device is the same as the verification password generated by the server, the server binding the target address information corresponding to the received verification password to the device identifier.

Abstract: The present invention provides an encrypting device including an encryption unit and a communications unit. Paired encrypting devices allow for communication of trusted data between trusted devices over an untrusted network. Data received by the encryption unit is encrypted and provided with a connectionless header for delivery to the communications unit. Data received by the communications units is provided with a complex header for delivery to the paired encrypting device. The encrypting devices may be implemented in hardware or may be virtualized on a server or a plurality of severs. Arrangement of the encrypting devices in a hub-and-spoke topology allows for communication amongst a plurality of trusted devices. The encrypting devices can be used to covert commercially available equipment suitable for high assurance environments.

Abstract: A method may include receiving, via a secure deployment management (SDM) system, configuration data associated with an industrial device, identifying, via the SDM system, a presence of a secure deployment management (SDM) node associated with the industrial device, and establishing, via the SDM system, a secure communication channel between the SDM system and the SDM node using one or more security protocols. The method may also involve sending, via the SDM system, the configuration data to the industrial device via the secure communication channel. The industrial device may receive the configuration data without performing one or more security operations on the configuration data.

Abstract: Existing systems enable secure storage of encryption keys in the form of digital wallets, however, since the keys are preconfigured, they can be prone to malicious attacks. The embodiments herein provide a method and system for randomizing distribution of cryptographic keys across multiple secure key storage devices. The system generates random storage identities (RSIDs) for secure key storage devices by selecting a random storage device from a device portfolio, assigns the RSIDs randomly to create crypto addresses based on random access and partition the devices by deriving crypto addresses. Further, the system generates a user hash function and maps the user hash function to find an associated RSID hash function. The system identifies a device ID, a partition ID and a business date from a device mapper associated with the RSIDs to regenerate new RSIDs and recommends the regenerated new RSIDs randomly to each of the plurality of devices.

Abstract: A method for determining a correlation of one or more events occurring in a plurality of nodes of a network includes accessing, by a computing device, address information associated with each of the plurality of nodes on the network. The computing device can further access one or more event IDs associated with one or more events occurring on the plurality of nodes. The computing device can further create an association the one or more events occurring on the plurality of nodes with related events occurring on others of the plurality of nodes, the association including the address information.

Abstract: A server kernel processing system receives an input/output (I/O) request from a user mode computing environment. The I/O request is analyzed to determine whether it is a file open request. If so, target analysis logic determines whether the file open request is for a driver file or for a file within a protected volume that stores a driven whitelist file. If the file open request is for a file stored in a protected volume, the request is blocked. If the file open request is for a driver file, then the driver whitelist file is examined to determine whether the target driver is on the whitelist. If not, the file open request is also blocked.

Abstract: Systems, methods, and computer-readable media for communications between applications in a mobile operating system. A first application may receive a request for data from a second application. The first application may generate a first URL to the second application, a parameter of the first URL comprising an identifier of the first application. A mobile operating system may access the first URL to open the second application. The second application may validate credentials for an account and initiate a server on a port. The second application may generate a second URL to the first application, a parameter of the second URL comprising the port. The operating system may access the second URL to open the first application. The first application may establish a connection with the server using the port specified in the second URL and receive data from the second application via the connection with the server.

Abstract: In examples, systems and methods are described for edge computing recommendations and implementation. A service request is received from a client computing device that includes information about a location of a customer site and latency requirements of the customer, among other information. The system provides recommendations for particular provider computing site(s) based on, e.g., rough and/or fine latency estimates, and implements the requested computing services at selected provider computing site(s).

Abstract: A command to perform a data operation at a memory device is received. The command includes an encryption key tag. A first key table is accessed from local memory. The first key table includes a first set of key entries corresponding to a first set of encryption keys. The first key table is searched to determine whether it includes an entry corresponding to the encryption key tag. Based on determining the first key table does not include an entry corresponding to the tag, a second key table is accessed from RAM. The second key table includes a second set of key entries corresponding to a second set of encryption keys. A key entry corresponding to the encryption key tag is identified from the second key table. The key entry includes an encryption key corresponding to the encryption key tag. The command is processed using the encryption key.