Abstract: Generating a rights blockchain storing rights of a user, including: receiving an enrollment request and a public key from the user; verifying that the user has a private key corresponding to the public key; generating a user identifier using the public key; and generating and delivering the rights blockchain having a genesis block including the user identifier to the user.

Abstract: A fingerprint image acquisition method for user authentication is provided. The method comprises determining whether a sensed pressure, which is applied to a fingerprint input window by a finger of a user touching the fingerprint input window, exceeds a predetermined startup pressure, acquiring a comparison image by imaging a fingerprint of the finger when the sensed pressure exceeds the startup pressure, measuring a quality of the comparison image, determining a value of a threshold pressure based on the quality of the comparison image and acquiring an authentication image for the user by capturing an image of the fingerprint of the finger when the sensed pressure exceeds the threshold pressure.

Abstract: A system, method, and computer-readable medium are disclosed for performing a platform security operation, comprising: presenting a platform security user interface, the platform security user interface including a plurality of security blocks, each of the plurality of security blocks corresponding to a particular security policy function configuring a security policy via the platform security user interface, the configuring comprising combining a set of the security blocks according to a desired security function; converting the set of security blocks to information representing the security policy; and, deploying the security policy to an information handling system.

Abstract: A method for communicating data from a sensor device to an Electronic Control Unit using a single-wire bi-directional communication protocol includes providing a first key of the Electronic Control Unit to the sensor device, encrypting sensor data of the sensor device using the first key to determine encrypted data, and transmitting the encrypted data from the sensor device to the Electronic Control Unit.

Abstract: A computer-implemented method for secure de-centralized domain name system, the method comprising: recording a domain registration transaction to a blockchain, the domain registration transaction comprising a domain name, a domain primary key corresponding to a domain public key and domain certificate information for a server node; recording a domain security transaction, comprising the domain public key, to the blockchain to generate a domain name record comprising the domain name, an associated IP address, the domain public key and the domain certificate information, wherein the domain security transaction being signed using the domain primary key; transmitting, by a client node, a domain name request to a domain name node; receiving, by the client node, a domain name response from the domain name node, the domain name response comprising the domain public key, the domain certificate information and the associated IP address retrieved from the domain name record of the blockchain; and initiating a secure co

Abstract: Systems, methods, and computer-readable media for securely pairing a secure element and a processor of an electronic device are provided. In one example embodiment, a method, at an electronic device, includes, inter alia, deriving a key using a processor of the electronic device, sharing the derived key with a commercial entity subsystem, and receiving the shared key from the commercial entity subsystem at a secure element of the electronic device, where the received key may be leveraged for enabling a secure communication channel between the processor and the secure element. Additional embodiments are also provided.

Abstract: A collaborative operating system includes: a secure command generating device, for performing a digital signature operation on a first-station command to generate a first-station command request, for performing a digital signature operation on a second-station command to generate a second-station command request, and for performing a digital signature operation on a third-station command to generate a third-station command request; a first device group instructs a first target device to execute a first target command only if the first-station command request passed authentication processes conducted by the first device group; a second device group instructs a second target device to execute a second target command only if the second-station command request passed authentication processes conducted by the second device group; and a third device group instructs a third target device to execute a third target command only if the third-station command request passed authentication processes conducted by the third

Abstract: A method and system for protecting video and image files processes from original files to detect skin tones of persons appearing in the media. Pixels determined to contain skin tones are blurred or blacked out, and the pixel locations and their original color values are stored in a metadata file. The metadata file is encrypted and stored with the redacted video file. Thereafter, when an authorized person wants to see an unredacted version of the video, the system decrypts the metadata and reconstituted the video, replacing the redacted pixels with their original color values, and inserting a unique watermark into the video that identifies the requesting person. The watermarked video is then provided to the requesting person.

Abstract: A system and method for reliably and securely recording and storing all attributes of data, such as for the identification and authorization of individual identity as well as attributes relating to it and personal data including but not limited to individual's physical description, bank details, travel history, etc. (the “Personally Identifiable Information “PII”). PII can be difficult to manage in networks where correlation between data sources is required. Thus, in some embodiments, the system combines a distributed database to create a framework for a robust security. The system manages the distributed database to associate transactions, or actions, using data, digital signatures, and/or cryptographic keys, which can be unique to an individual.

Abstract: Systems and methods are disclosed for creating simulated phishing attack messages that have characteristics which make them appear genuine, while also having characteristics that a user should recognize as being false. Simulated phishing emails may appear to be more realistic to a recipient user if the user observes that the email has also been sent to an individual known to the recipient within the same company. However, it may not be desirable to send the simulated phishing email to such additional recipients. The systems and methods include communicating a simulated phishing email from a server of a simulated phishing attack system to a recipient user of an entity. The simulated phishing email appears to the recipient user as though it is also addressed to one or more non-recipient users of the entity, even though the email is not sent to the non-recipient users.

Abstract: Systems and methods are provided for authenticating an account via a hands-free gesture, such as a tap, pattern of taps, or other physical gesture not requiring a user to hold a computing device. A user can initiate a transaction to purchase an item by interacting with a first computing device (e.g., electronic kiosk, point-of-sale terminal, automated checkout device, etc.). The first computing device can receive a request from the user to purchase the item. In response, the first computing device can broadcast an authentication request. The user can perform the hands-free gesture for detection by a second computing device (e.g., the user's mobile device). The second computing device can transmit information associated with the hands-free gesture in response to the authentication request. The first computing device can authenticate the user based on the information associated with the hands-free gesture.

Abstract: In an embodiment, a method comprises intercepting, from a server computer, a first set of instructions that define one or more objects and one or more operations that are based, at least in part, on the one or more objects; generating, in memory, one or more data structures that correspond to the one or more objects; performing the one or more operations on the one or more data structures; updating the one or more data structures, in response to performing the one or more operations, to produce one or more updated data structures; rendering a second set of instructions, which when executed by a remote client computer cause the remote client computer to generate the updated data structures in memory on the remote client computer, wherein the second set of instructions are different than the first set of instructions; sending the second set of instructions to the remote client computer.

Abstract: Methods that can provide multi-layered data security in mobile personal computing devices are provided. One method includes assigning, by a processor, one of a plurality of security levels to applications of a mobile personal computing device, assigning one of the plurality of security levels to storage partitions of a storage device of the mobile personal computing device, and providing the applications access to data stored on the storage partitions based on a nexus of a first assigned security level for each application and a second assigned security level for each storage partition. Systems and apparatus that can include, perform, and/or implement the methods are also provided.

Abstract: A method, system, and non-transitory computer readable medium are described for providing a sender a plurality of ephemeral keys such that a sender and receiver can exchange encrypted communications. Accordingly, a sender may retrieve information, such as a public key and a key identifier, for the first receiver from a local storage. The retrieved information may be used to generate a key-encrypting key that is used to generate a random communication encryption key. The random communication encryption key is used to encrypt a communication, while the key-encrypting key encrypts the random communication key. The encrypted communication and the encrypted random communication key are transmitted to the first receiver.

Abstract: A method for connecting a mobile device with a vehicle-based system is described. The vehicle based-system comprises a first device and a second device that are both in possession of a system key. For an initial connection request between the first device and the mobile device, a token pair comprising a plaintext token and an encrypted token has been provided. The encrypted token is obtainable by applying the system key to at least the plaintext token. The mobile device is connected with the vehicle-based system by receiving, for a subsequent connection request with the second device and from the mobile device, the token pair comprising the plaintext token and the encrypted token. The token pair is verified using at least the system key. The subsequent connection is accepted upon successful verification of the token pair.

Abstract: An authentication apparatus, included in a device supporting a network communication, includes a certificate handler that receives a certificate of an opponent and parses or verifies the certificate of the opponent. Cryptographic primitives receive an authentication request of the opponent, generate a random number in response to the authentication request, generate a challenge corresponding to the random number, and verify a response of the opponent corresponding to the challenge. A shared memory stores the parsed certificate, the random number, the challenge, and the response. An authentication controller controls the certificate handler, the cryptographic primitives, and the shared memory through a register setting, according to an authentication protocol.

Abstract: A security system dynamically, depending on processor core execution flow, controls fault injection countermeasure circuitry protect processor core from fault injection attacks.

Abstract: A computer-implemented method of encrypting information on a virtual ledger, the method including receiving the information from a first party and a second party, encrypting a portion of the information received from at least one of the first party and the second party, publishing the encrypted portion on the virtual ledger, and providing a decryption key based upon the published encrypted portion to the first party and the second party.

Abstract: A Data Storage Device (DSD) includes a Non-Volatile Memory (NVM) including a private partition with a write-once partition only internally accessed by a controller of the DSD. Data stored in at least one memory of the controller and in the private partition is encrypted. According to one aspect, the NVM includes a firmware partition, and at least one key associated with the DSD stored in the write-once partition is descrambled or decrypted using a scrambler key or decryption key stored in the firmware partition. According to another aspect, a method for establishing a root of trust includes generating a scrambler key or a decryption key, and generating at least one key associated with the DSD. The scrambler key or the decryption key is stored in a firmware partition of an NVM of the DSD, and the at least one key associated with the DSD is stored in a write-once partition.

Abstract: Disclosed are an apparatus and method for public key encryption using a white-box cipher algorithm. An apparatus for public key encryption using a white-box cipher algorithm includes a key table generator configured to generate at least one key table from a cipher key, a hidden-key table generator configured to convert the at least one key table into at least one hidden-key table, and an encryption algorithm generator configured to generate a white-box implemented encryption algorithm by using the at least one hidden-key table and an inverse operation of the conversion and provide the generated encryption algorithm as a public key for encryption.