Abstract: Systems and methods support transferring control of a workspace that operates on an Information Handling System (IHS). An authorization policy is established on the IHS that is modifiable only by an arbiter of a remote orchestration service. The authorization policy specifies authorized administrators of the workspace. The authorization policy is modified to specify the arbiter and a first remote orchestrator as authorized administrators of the workspace. Administration of the workspace by the first orchestrator is allowed based on credentials that validate it as an authorized administrator specified by the policy. A notification is received of a transfer of orchestration of the workspace to a second remote orchestrator. The authorization policy is modified to specify the arbiter and the second orchestrator as authorized administrators of the workspace.

Abstract: A system for contextual and risk-based multi-factor authentication having a multi-dimensional time series data server configured to monitor and record a network's traffic data and to serve the traffic data to other modules and a directed computation graph module configured to receive network traffic data from the multi-dimensional time series data server, determine a network traffic baseline from the network traffic data, and determine a verification score needed before granting access based at least in part by the network traffic baseline. A plurality of verification methods build up a user's verification score to required level to gain access.

Abstract: A first key management entity (KME) in a mobile edge network engages in quantum key distribution (QKD) with a second KME in a far network to generate a secret cryptographic key that is shared between the first KME and the second KME. The first KME determines a key identifier (ID) for associating with the cryptographic key, and sends the key ID to the second KME for association with the secret cryptographic key at the second KME. The first KME receives a session request from a first session endpoint for a session across at least one of the mobile edge network or the far network. The first KME sends the key ID and the cryptographic key to the first session endpoint for establishing an encrypted session across the at least one of the mobile edge network or the far network.

Abstract: A method for security and safety of an industrial operation includes receiving sensor information from a plurality of sensors of an industrial operation. Sensor information from at least a portion of the plurality sensors is used for functionality of a plurality of components of the industrial operation. The method includes monitoring data traffic of the industrial operation, and deriving a baseline signature from the sensor information. The baseline signature encompasses a range of normal operating conditions. The method includes identifying an abnormal operating condition of the industrial operation based on a comparison between additional sensor information from the plurality of sensors and the baseline signature and identifying an abnormal data traffic condition.

Abstract: A device or space existed in a physical space is registered in the form of a digital object in a virtual space, a digital twin service is provided through connection between an offline device or space and the digital object in the virtual space.

Abstract: According to an embodiment, a quantum cryptography storage system includes a plurality of storage, a distribution control device, and a distribution device. The plurality of storage devices are connected via a communication network. The distribution control device determines a distribution mode of shares into which data is distributed, based on quantum key distribution network (QKDN) information. The generation device generates an encryption key and a decryption key by using a quantum key shared by using a QKDN. The distribution device distributes the data into the shares, based on the distribution mode. When receiving a share encrypted using the encryption key via the communication network, each of the plurality of storage devices that stores the shares in a distributed manner decrypts the share encrypted with the decryption key and stores a share decrypted.

Abstract: A system for probe-based risk analysis for multi-factor authentication having a multi-dimensional time series data server configured to monitor and record a network's traffic data and to serve the traffic data to other modules and a directed computational graph module configured to probe connection destinations for a response, analyze any received responses, and determine a verification score needed before granting access based at least in part on the analysis of the received responses. A plurality of verification methods build up a user's verification score to required level to gain access.

Abstract: A continuous glucose monitor for wirelessly transmitting data relating to glucose value to a plurality of displays is disclosed, as well as systems and methods for limiting the number of display devices that can connect to a continuous glucose transmitter. In addition, security, including hashing techniques and a changing application key, can be used to provide secure communications between the continuous glucose transmitter and the displays. Also provided is a continuous glucose monitor and techniques for authenticating multiple displays, providing secure data transmissions to multiple displays, and coordinating the interaction of commands and data updates between multiple displays.

Abstract: A cryptographic method and system. A plurality of ciphers is identified in a message received by a recipient, such message encrypting a digital asset. A private key associated with the recipient is obtained. The private key corresponds to a public key associated with the recipient. The method includes solving for x in the equation: [(f0(R0?1N?0 mod S)+P?+f?(Rn?1N?n mod S))/(h0(R0?1N?0 mod S)+Q?+h?(Rn?1N?n mod S))]*h(x)?f(x)=0 mod p, where (i) P?, Q?, N?0, and N?n correspond to the ciphers in the received message; (ii) R0, Rn and S are data elements of the private key; (iii) f(·) is a polynomial function defined by coefficients f0, f1, . . . f? that are also data elements of the private key; and (iv) h(·) is a polynomial function defined by coefficients h0, h1, . . . h? that are also data elements of the private key. The value of x is assigned to the digital asset, which is then stored in non-transitory memory or packaged in a message sent over the data network.

Abstract: An adversarial robustness testing method, system, and computer program product include testing, via an accelerator, a robustness of a black-box system under different access settings, where the testing includes tearing down the robustness testing to a subtask of a predetermined size.

Abstract: The disclosure describes a scalable, risk-based authentication system including a plurality of fraud monitoring engines configured to: analyze user data and organization data, and generate a set of risk factors based on the user data and the enterprise data; a risk aggregator in communication with the plurality of fraud monitoring engines configured to: receive the set of risk factors, and transform the set of risk factors into risk indicators; and an authentication engine configured to: receive the risk indicators from the risk aggregator, and generate an authentication plan for a requested activity based on the risk indicators and the requested activity.

Abstract: In examples, a non-transitory computer-readable storage medium stores executable code, which, when executed by a processor, causes the processor to receive a semiconductor package image, the image including semiconductor package surface codes, the codes including a semiconductor package identifier. The executable code causes the processor to transmit at least one of the semiconductor package identifier, the codes, or the image. The executable code causes the processor to receive information associated with the semiconductor package identifier. The executable code causes the processor to output the information via at least one of a display coupled to the processor, a speaker coupled to the processor, or the wireless transceiver.

Abstract: A system, method, and computer-readable medium to determine electronically stored data relating to blockchain based on the information etched on internal surfaces of transparent gemstones are disclosed herein. In one embodiment, the system includes a tangible token comprising a transparent gemstone, where the transparent gemstone is internally etched with information pertaining to a blockchain, and the information is encapsulated within a perimeter of the transparent gemstone such that the information does not extend beyond the perimeter; and a computing device configured to execute instructions that cause the computing device to read the information, access, via a network and using the information, electronically stored data associated with the information on the blockchain, and present, on a user interface, the electronically stored data accessed on the blockchain.

Abstract: A vulnerability management system calculates an impact factor based on vulnerability information, which indicates a magnitude of an impact of a vulnerability of a container in an application execution system on the application execution system. The vulnerability information is information in which the vulnerability and an evaluation value thereof are associated with each other. An access frequency factor is calculated based on access frequency information, the access frequency factor being an evaluation value of a vulnerability deriving from a form of communication performed by the container. The access frequency information is related to a transmission or reception range and a transmission or reception frequency of data of the container. A weighting determination value is calculated based on the impact factor and the access frequency factor, the weighting determination value indicating a priority of a measure against the vulnerability of the container; and the order of measures is determined.

Abstract: Elliptic Curve Cryptography (ECC) can provide security against quantum computers that could feasibly determine private keys from public keys. A server communicating with a device can store and use PKI keys comprising server private key ss, device public key Sd, and device ephemeral public key Ed. The device can store and use the corresponding PKI keys, such as server public key Ss. The key use can support all of (i) mutual authentication, (ii) forward secrecy, and (iii) shared secret key exchange. The server and the device can conduct an ECDHE key exchange with the PKI keys to mutually derive a symmetric ciphering key K1. The device can encrypt a device public key PK.Device with K1 and send to the server as a first ciphertext. The server can encrypt a server public key PK.Network with at least K1 and send to the device as a second ciphertext.

Abstract: The present disclosure describes an integration platform providing a secure collaboration platform that simplifies and optimizes interactions between multiple users by facilitating secure cross-platform communications among users of the platform. Additionally, the present platform can provide a designated collaboration workspace for interactions within the platform.

Abstract: A computer implemented method for validating software is provided. The method includes generating a first check value, by a remote computing device, based on a unique value and software of the remote computing device, outputting the first check value and the unique value from the remote computing device to a secure data repository, obtaining, by a secure computing device, an authentic copy of the software of the remote computing device, obtaining, by the secure computing device, the unique value and the first check value from the secure data repository, computing, by the secure computing device, a second check value based on the authentic copy of the software for the remote computing device and the unique value, and determining, by the secure computing device, whether the remote computing device has authentic software based on a comparison of the obtained first check value and the second check value.

Abstract: Systems and methods verify that a person's mobile device was presumptively in a vicinity of a secure element (SE) at a certain time. In a scenario where a collection of SEs is used, the systems and methods can verify that the person's mobile device was in a vicinity of at least one of the SEs in the collection.

Abstract: A computing architecture for providing a software component or feature of a first platform as a service to a second platform. An API request from a frontend of the second platform, including a user auth token providing access to the second platform, can be received by an authentication token proxy service that converts the user auth token into a user auth token of the first platform. With this token, subsequent API requests of a backend of the first platform from the frontend of the second platform can be served directly by the second platform.

Abstract: According to an embodiment, a device management system includes: an acquisition processing portion which acquires log information indicating each of connection histories of a plurality of management target devices to a network; an extraction processing portion which extracts, on the basis of the log information acquired by the acquisition processing portion, a specific first management target device from the plurality of management target devices; and a grouping processing portion which registers, on the basis of the log information acquired by the acquisition processing portion, and first identification information of the first management target device extracted by the extraction processing portion, each of the plurality of management target devices in one of a plurality of groups.