Abstract: Systems and methods involving various registration and authentication workflows are disclosed herein. A user may be authenticated without the use of static usernames or passwords. In some embodiments, an authentication identifier may be generated that is associated with an authentication request for a user to access a protected resource (e.g., a web app). An authentication code may be generated based on the authentication identifier. The authentication code may be sent to a computing device to be provided to the user, who may provide the authentication code to an application on their mobile device. The mobile device may send a payload containing the authentication identifier, credentials saved on the user device from a previous registration step, and a digital signature. The digital signature may be authenticated using contents of the payload before validating the authentication identifier.

Abstract: An authentication management function AUSF receives an authentication request message from an access and mobility management function AMF, where the authentication request message carries a subscription concealed identifier SUCI. The AUSF sends an authentication vector get request message to a unified data management UDM function, where the authentication vector get request message carries the SUCI. The AUSF receives an authentication vector get response message from the UDM, where the authentication vector get response message includes authentication and key management for application AKMA indication information. The AUSF generates, based on the AKMA indication information, an authentication and key management for application-key identifier based on a routing indicator RID in the SUCI.

Abstract: A system for implementing secure interaction sessions through dynamic routing paths comprises a processor associated with a server. The processor communicates a traversal key to a communication equipment in response to verifying an authentication token from a communication equipment to implement an interaction session. The traversal key is associated with a routing path that comprises a particular set of entry points for a set of resources. The processor allows the communication equipment to traverse the routing path and generates a traversal path associated with the interaction session. The traversal path identifies the entry points of the set of the resources that are accessed by the communication equipment during the interaction session. The processor generates a second hash value based on a set of ciphers associated with the entry points. The processor completes the interaction session with the communication equipment if the second hash value matches the first hash value.

Abstract: The present disclosure relates to a system and method for enabling authentication on the bot application. The system may receive video stream along with query from a user computing device associated with a user. The query may be a generic or a privileged query and based on the nature of query, identification and verification of the user is carried out. For privileged services, the authentication procedure may include many levels of authentication processes that may include biometric authentication modules as well. Once the user is verified and authenticated, the response for the user query is provided to the user.

Abstract: Program products, methods, and systems for simulating and/or preventing the dissemination of sensitive information over the internet are disclosed. Preventing dissemination of user-specific sensitive information over the internet may include analyzing content included in media posts, calculating a danger score for the media post, and determining if the calculated danger score exceeds a danger score threshold. Where the calculated danger score does not exceed the threshold, the media post has no or a low risk of disseminating sensitive information over the internet. However, if the calculated danger score does exceed the threshold, the user is alerted that the media post may undesirably disseminate sensitive information. The danger score may represent a sensitive information exposure risk for the media post is based on a variety of factors and/or characteristics of the media post and/or the user creating and attempting to disseminate the media post.

Abstract: Disclosed embodiments may include a method for generating authentication quizzes. The method can comprise receiving an authentication request associated with a user. The method can further comprise requesting a transaction history associated with the user. The transaction history can comprise a first purchase of a first product and a second purchase of a second product. The method can include selecting the first product and the second product to authenticate the user and determining a third product that the user did not purchase. The method can generate images of the first product, the second product, and the third product based on SKU data and can generate an authentication quiz comprising the images of each product and requests to confirm if the user purchased the products recently or not. Upon receiving correct responses from the user, the method can comprise transmitting instructions to the user device to authenticate the user.

Abstract: In order to appropriately accumulate communication data to be used for communication analysis, a communication processing apparatus 200 is configured to accumulate communication data to be used for communication analysis, and includes a data processing unit 235 configured to remove at least a part of the communication data to be accumulated, based on a communication property related to the communication data.

Abstract: Systems, devices, and techniques are disclosed for security configuration evaluation. A binary representation of a reference security configuration for an application may be generated. The binary representation of the reference security configuration for the application may be hashed to generate a reference hash for the application. Data for an instance security configuration for an instance of the application may be received. A binary representation of the instance security configuration may be generated from the received data for the instance security configuration. The binary representation of the instance security configuration may be hashed to generate an instance hash. The computing device may determine the distance between the reference hash and the instance hash. The instance security configuration may be determined to be secure if the distance is not greater than a threshold.

Abstract: A secure audio firewall may detect, from an audio recording captured in an external environment of a secure audio firewall enclosure, a passphrase uttered by the user. A secure audio firewall may activate sound transmission measures of the secure audio firewall enclosure responsive to detecting the passphrase, wherein the sound transmission measures facilitate transmission of the sound in the external environment to the internal environment.

Abstract: An enhanced certificate authority system and method allows for the enhanced security, validation, and Multi-Factor Authentication of user's within a digital signature, digital identity and general user data and transaction system through the creation and management of a user's Digital Identity certificate and users data elements to be share in a secure environment, so that through an enhanced certificate authority a user's identity, users general data to be shared and bona fides may be both protected and established across a diversity of electronic devices and transactions.

Abstract: Embodiments relate to dynamic creating a temporary isolated environment in an interactive communication environment for potential bots. In response to identifying that an avatar accessing the interactive communication environment is being controlled by a non-human entity, the avatar is dynamically placed in an isolated virtual environment. Permission of the avatar are disabled in the isolated virtual environment. An authentication inquiry is presented to the avatar identified as being controlled by the non-human entity. A location is transferred for the avatar identified as being controlled by the non-human entity, based on a user response to the authentication inquiry.

Abstract: Certain exemplary aspects of the disclosure are directed to customized communications using a high-level programming interface that is associated with related programming languages. According to a specific example, a data communications server is to provide a database with virtual office features available to remotely-situated client entities. The data communications server is to provide to the client entities, a set of instructions written in a first programming language for client-specific communications or directives. The data communications server is further configured to receive from each client entity, client-specific sets of control data written in a second programming language that is compatible with the first programming language.

Abstract: A mobile device performs authentication with blinded tokens and swaps its international mobile subscriber identity (IMSI) value. For authentication with blinded tokens, the mobile device generates a blinded token and provides it to a server to encrypt. To redeem the token, the mobile device unblinds the encrypted blinded token and provides it to the server along with a public key. To complete authentication, the mobile device receives, from the server, a nonce encrypted with the public key and decrypts the nonce with a private key. For swapping its IMSI value, the mobile device retrieves two eSIM profiles with corresponding IMSI values and configures the first of the two profiles as active. In response to a trigger, the mobile device changes the active profile from the first to the second, swaps the first IMSI value with a new IMSI value, and changes the active profile back to the first profile.

Abstract: An apparatus, which includes a processor, and a memory coupled to the processor, is provided. The processor is configured to cause the apparatus to apply a first security key for a first cell group, wherein a first medium access control (MAC) entity of the apparatus is associated with the first cell group; and apply a second security key for a second cell group, wherein a second MAC entity of the apparatus is associated with the second cell group. The processor if further configured to receive a second reconfiguration message indicating a counter including a value for deriving at least in part a third security key for the second cell group; and apply the derived third security key for the second cell group, wherein the apparatus continues to use the first security key for the first cell group, and wherein the first MAC entity is not reset.

Abstract: A computing device may receive, from an electronic device and via a wireless connection, a request to securely transmit user information using a secure data exchange module of the computing device. The computing device may configure the secure data exchange module for conducting a secure transmission of the user information and transmit a notification to the electronic device. The computing device may provide a user interface on the computing device for conducting the secure transmission of the user information. The computing device may receive and/or send, via the secure data exchange module, the user information. The computing device may transmit, via the wireless connection, the user information to the electronic device. The computing device may receive, from the electronic device, confirmation of a successful processing of the user information. The computing device may provide an indication of the confirmation of the successful processing of the user information.

Abstract: A method of performing a cryptographic process in a secured manner, wherein the cryptographic process generates output data based on input data, the generating of the output data involving generating a value y based on an amount of data x, the value y representing a combination, according to a linear transformation L, of respective outputs from a plurality of S-boxes Sn (n=0, . . . , N?1) for integer N>1, wherein each S-box Sn (n=0, . . .

Abstract: A cloud-based network security system (NSS) is described. The NSS uses a sandbox to safely detonate and extract information about a document and uses machine learning algorithms to analyze the information to predict whether the document contains malicious software. Specifically, during the detonation, static and dynamic information about the document is captured in the sandbox as well as character strings from images in the document. The dynamic information (and sometimes the static information) is input to an AI or machine learning model trained to provide an output indicating a prediction of whether the document contains malware. The character strings are compared with a batch of phishing keywords to generate a heuristic score. A validation engine combines the output from the AI or machine learning model and the heuristic score to classify the document as malicious or clean. Security policies can then be applied based on the classification.

Abstract: Techniques are provided for a computer-implemented security method implemented on one or more blockchains. The method comprises the steps of: applying a one-way function to a first secret value accessible to a first user to create a first veiled secret value; communicating the first veiled secret value from the first user to a second user; receiving a second veiled secret value from the second user, wherein the second veiled secret value is created by applying a one-way function to a second secret value accessible to the second user; and constructing a first blockchain transaction comprising the first veiled secret value and the second veiled secret value, the first blockchain transaction arranged to be unlockable to transfer control of a first resource upon provision of both the first secret value and the second secret value to the first transaction.

Abstract: Techniques for performing genomic security-related control of a digital ecosystem are disclosed. In embodiments, the digital ecosystem includes an ecosystem VDAX that maintains a progenitor genomic data set corresponding to the digital ecosystem, generates a plurality of respective progeny genomic data sets based on the progenitor genomic data set, and allocates the progeny genomic data set to a respective progeny VDAX of a plurality of progeny VDAXs, wherein the progeny VDAX establishes unique non-recurring engagements with other progeny VDAXs in the digital ecosystem based on the respective progeny genomic data set allocated to the progeny VDAX without any further interaction from the ecosystem VDAX. The ecosystem VDAX also controls a genomic topology of the ecosystem by selectively updating one or more of the progeny genomic data sets to affect an ability of specific progeny VDAXs to engage with other VDAXs in the ecosystem.

Abstract: A Certification Authority (CA) server for issuing digital certificates generates a first digital certificate associated with a first public key of the device and calculates an update factor for the first private key. Based on the first public key, the calculated update factor, and a predefined public system parameter, the CA server calculates a second public key for a determined time period for the device. The CA server generates a second digital certificate valid at the determined time period and associated with the second public key and sends the second digital certificate to the device. A device may calculate an update factor for a stored first private key, calculates a second private key based on the calculated update factor and the first private key, receives from the CA server a second digital certificate associated with a second public key, and validates the device based on the second digital certificate.