Abstract: Computer implemented systems and methods for performing electromotive force analysis of a storage device that include a storage device, an Artificial Intelligence Co-processor (AI-Coprocessor) chipset, a thin coil inductor positioned in proximity to a portion of the surface of the storage device for capturing data from electro motive radia generated by the storage device, an analog-to-digital-converter, and at least one probe for communicating the captured data to an analog-to-digital converter. The data is captured by the thin coil inductor and communicated to the analog-to-digital-converter via the at least one probe and the analog-to-digital-converter digitizes the voltage level of the captured data and communicates the results of the digitization and amplification to the Ai-Coprocessor. The Ai-Coprocessor chipset performs analysis of the data to detect any anomalies in the operation of the storage device and outputs those result for further processing.

Abstract: The present invention allows for the creation of a biometrically secure environment that allows viewing, editing and sharing of confidential documents, or the like, in public places, without worrying that someone will see the contents. The invention provides privacy, for example for the purposes of reading documents, in a public environment while having the confidence that you are the only one able to read the document. Privacy may be achieved through methods of identification using biometric features, such as: face, iris or voice recognition. Verification that a real person is viewing the document may also be achieved by pulse recognition. In one embodiment, the screen will shut down when more than one person looks directly at the screen. In different embodiments, the present invention may use voice recognition, print behavior, iris scan, finger print, face verification, etc. A control panel and dashboard may be used, and liveness check or activity audit may be performed.

Abstract: Disclosed are methods, systems, and non-transitory computer-readable media for utilizes a collaboration application to provide data beneficial to the authentication of the user. The present application discloses receiving at least one item of personal identifying information for a user from a primary multi-factor authentication device. The present application further discloses receiving at least one item of personal identifying information for a user from a conferencing service in which the user is engaged in a conference. The present application also discloses determining whether to authenticate the user based on the items of personal identifying information from the primary multi-factor authentication device and from the conferencing service.

Abstract: Techniques and architecture are described for providing a service, e.g., a security service such as a firewall, across different virtual networks/VRFs/VPN IDs. The techniques and architecture provide modifications in enterprise computing fabrics by modifying pull-based overlay protocols such as, for example, locator/identifier separation protocol (LISP), border gateway protocol ethernet virtual private network (BGP EVPN), etc. A map request carries additional information to instruct a map-server that even though mapping (destination prefix and firewall service RLOC for the destination) is known within the map-server's own virtual network/VRF for firewall service insertion, the map-server still should do a lookup across virtual networks/VRFs and discover the final destination's DGT (destination group tag) and include that in the map reply.

Abstract: Systems and methods are described for identifying other instances of messages corresponding to a reported malicious message. A report of a malicious message from a user of a plurality users using a messaging system is received. Responsive to the report of the malicious message, plain text of content selected from the malicious message is provided. Thereafter, one or more segments of the plain text are selected as key content for construction of a search. A search is then executed in the messaging system for one or more other malicious messages corresponding to the reported malicious message using the selected one or more segments of the plain text with one or more match criteria or no criteria. The one or more other malicious messages corresponding to the reported malicious message are identified in the messaging system.

Abstract: Methods and systems disclosed herein recite the use of linking cryptography-based digital repositories in order to perform blockchain operations in decentralized applications. For example, the system may link a first cryptography-based, storage application (e.g., a first digital wallet) with a second first cryptography-based, storage application (e.g., a second digital wallet). The first cryptography-based, storage application may correspond to a first private key, and wherein the first private key is stored on a first user device. The second cryptography-based, storage application corresponds to a first partial private key and a second partial private key, wherein the first partial private key is stored on a first remote device, and wherein the second partial private key is stored on the first user device.

Abstract: Techniques for providing access to scope-delimited sensitive data are disclosed. A user provides sensitive data to a first party associated with a payment service provider. The first party stores the sensitive data with the payment service provider, and the payment service provider provides the first party merchant with an encoding of the payment data. The first party provides a purchasing opportunity to the user for goods offered by a third party also associated with the payment service provider. The first party transmits a sensitive data grant request to the payment service provider. In response, the payment service provides a scope-delimited encoding of the sensitive data. The first party provides the scope-delimited encoding of the payment data to the third party. The third party merchant creates a transaction using the scope-delimited encoding of the sensitive data. At some time later, access to the scope-delimited encoding of the sensitive data is revoked.

Abstract: Various embodiments of the present technology generally relate to industrial automation environments. More specifically, embodiments include systems and methods to detect malicious behavior in an industrial automation environment. In some examples, a security component monitors an integrated design application and generates feature vectors that represent operations of the integrated design application. The security component supplies the feature vectors to a machine learning engine. The security component processes a machine learning output that indicates when anomalous behavior is detected in the operations of the integrated design application. When anomalous behavior is detected in the operations of the integrated design application, the security component generates and transfers an alert that characterizes the anomalous behavior.

Abstract: A wearable electronic device includes one or more processors identifying one or more companion electronic devices operating within a wireless communication radius of the wearable electronic device. One or more sensors identify the wearable electronic device being within a predefined distance of a companion electronic device. A wireless communication circuit, responsive to the one or more processors, delivers an authentication credential to the companion electronic device in response to the one or more sensors identifying that the wearable electronic device is within the predefined distance of the companion electronic device. The one or more sensors thereafter detect a gaze of an authorized user of the wearable electronic device being directed at the companion electronic device, where the wireless communication circuit delivers an actuation command to the companion electronic device.

Abstract: A method includes receiving, by a token provider server, a first request for a first token that is associated with first information from a first application. The first request for the first token is part of an application session between a plurality of applications that includes the first application. The token provider server provides the first token to the first application. The token provider server receives the first token from a second application of the plurality of applications. The token provider server provides first information associated with the first token to the second application. The first information enables an action to be performed by the second application based on the first information.

Abstract: Disclosed are example methods, systems, and devices that allow for secure multi-verification of biometric data in a distributed computing environment. The techniques include receiving a request to grant authorization to a second user. The request can include biometric data of the first user and second user. An authorization token can be generated based on the request, which can be transmitted to a second computing device of the second user. A second request can be received from a third computing device that includes the authorization token and third biometric data. The second request can be verified based on the authorization token, the third biometric data, and provenance data, and an indication that the grant of authorization to the second user is verified can be transmitted to the first, second, or third computing devices.

Abstract: A system and method for identifying cloud identity misuse based on run-time time data and static analysis is presented. The method includes: detecting a workload in a cloud computing environment; configuring the workload to deploy a sensor configured to detect data respective of a runtime process executed on the workload; detecting an original disk associated with the workload; generating an inspectable disk based on the original disk; inspecting the inspectable disk for a cybersecurity object; detecting in a log of the cloud computing environment an event based on an identifier of the workload; inspecting a code object for an identity object, the code object utilized in deploying the workload in the cloud computing environment; associating the runtime process with the event based on: an identifier of the workload, the identity object, and the cybersecurity object; and generating an enriched log including an identifier of the runtime process.

Abstract: A method is disclosed. The method includes receiving a broadcast signal from a beacon device, the broadcast signal encoding a first credential associated with a first entity. In response to receipt of the broadcast signal, the mobile communication device transmits the received first credential to an authentication system. The authentication system determines if the first entity associated with the broadcast signal is authentic and generates a confirmation message confirming the authenticity of the first entity. The mobile communication device then receives the confirmation message indicating that the first entity is authentic. The mobile communication thereafter receives and transmits a second credential for the mobile communication device to the beacon device, which transmits the second credential to the authentication system. The authentication system then confirms the authenticity of the mobile communication device.

Abstract: Monitoring is performed for the activation of a set of one or more previously attached Kprobes. A determination is made that a strategy pattern match has occurred. The strategy pattern comprises a set of one or more behaviors including the activation of the at least one Kprobe included in the set of Kprobes. A remedial action is taken in response to the determination. Examples of such remedial actions include generating an alert and terminating a network connection.

Abstract: Embodiments of a device and method are disclosed. In an embodiment, a method of communications involves at a head end (HE), receiving an authentication message from a wireless access point (AP) deployed at a customer site, at the HE, performing a load balance operation in response to the authentication message to select a first authenticator from authenticators of the HE, at the HE, performing an authentication operation using the first authenticator based on the authentication message to generate an authentication request, and from the HE, transmitting the authentication request to an authentication server.

Abstract: A method of configuring a controller 14 for controlling access to a memory 12 is provided. The controller 14 has a display 18 configured to selectively display a plurality of different input screens, wherein each input screen has a unique code associated therewith and the input screens are for receiving user credentials from a user.

Abstract: Systems and methods include aggregating wireless control of electronic devices associated with a multi-tenant structure to enable a user to engage in wireless control of the electronic devices. Embodiments of the present disclosure relate to identifying the electronic devices associated with the multi-tenant structure that are under wireless control based on a unique identifier. Partitioned electronic devices are determined that provide the user with wireless control based on associated permissions granted to the user. The partitioned electronic devices have the associated permissions granting wireless control of the partitioned electronic devices to the user.

Abstract: Methods, apparatuses, systems, and machine-readable media are disclosed for improving packet filtering efficiency by reducing processing time and/or by reducing memory usage. Any of various types of data structures, such as flat hash maps and/or ruletrees, may be used by a packet filtering appliance to search for cybersecurity policy packet filtering rules that should be applied to in-transit packets. The packet filtering appliance may search the index data structures for matches of search objects, in the form of values that the packet filtering appliance extracts from in-transit packets, to threat indicator matching criteria of the policy rules. Each of the index data structures may map rule identifiers (rule IDs) of policy rules to keys that are based on (or that comprise) the matching criteria of those rules.

Abstract: One example method includes receiving a data stream at a node of a data confidence fabric that comprises a group of nodes that are each operable to assign trust metadata to data of the data stream, inspecting the data stream to determine a data type of data in the data stream, accessing a configuration file that applies to all the nodes of the data confidence fabric, and obtaining an equation from the configuration file, mapping the equation to the data, performing a trust insertion process on the data, as specified in the equation, and generating trust metadata that is associated with the data and based on the trust insertion process.

Abstract: In one example, a method includes at a first network infrastructure computing device of a plurality of networked infrastructure computing devices receiving, from a user computing device, an authentication token indicating a user using the user computing device is authenticated with respect to an electronic service, based on the user being authenticated, executing a computing task associated with the electronic service for the user computing device, the computing task including computing task data, predicting a set of possible future locations of the user based on an output of a movement prediction model executing on the first network infrastructure computing device, identifying a set of network infrastructure computing devices correlated with the set of possible future locations, and transmitting the authentication token and the computing task data to the set of network infrastructure computing devices.