Abstract: A system for secure commingling of tenant isolated data includes a commingling storage unit, an interface, and a processor. The interface is configured to receive an indication of tenant data to be commingled. The processor is configured to determine one or more instances of sensitive data included in the tenant data, and transfer the tenant data to the commingling storage unit without transferring the one or more instances of sensitive data, wherein an index identifier is transferred to be stored in the commingling storage unit in place of an instance of sensitive data of the one or more instances of sensitive data.

Abstract: Disclosed herein are methods, systems, and processes to distribute and disperse search loads to optimize security event processing in cybersecurity computing environments. A search request that includes a domain specific language (DSL) query directed to a centralized search cluster by an event processing application is intercepted. The event processing application is inhibited from issuing the search request to the centralized search cluster if a structured or semi-structured document matches the DSL query.

Abstract: A system, apparatus, and method for communicating Bluetooth keys is described. The system and method utilize a gateway apparatus that is communicates coupled to a cloud component over a first network channel, and communicates a gateway key over a local wireless Bluetooth channel. The gateway includes a processor, a memory, a fixed location, and a local broadcast range associated with an area surrounding the fixed location. The cloud component registers the gateway and a mobile wireless device having a processor and memory. When the mobile wireless device is within the local broadcast range of the gateway, the mobile wireless receives the gateway key over the local wireless channel. Upon receiving the gateway key, the mobile wireless device communicates a device key over the local wireless channel to the gateway.

Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.

Abstract: A trusted execution environment migration method for a device comprising a multicore processor, the processor operable to execute a rich execution environment (REE) and a trusted execution environment (TEE), the method comprising: executing a TEE scheduler in the REE on a first core of the multicore processor; subsequent to a migration of the TEE scheduler from the first core to a second core, issuing a request, by the TEE scheduler and to a transition submodule in the TEE, to execute an operations submodule in the TEE, wherein the transition submodule is operable to manage the transition of a core of the processor between execution of the REE and execution of the operations submodule in the TEE, and wherein the transition submodule is executed on the same core as the TEE scheduler; upon execution of the operations submodule, determining if the core on which the operations submodule is executing has changed since the previous execution of the operations submodule.

Abstract: Systems, methods, and use-cases of multi-modal authentications and content distribution are presented. A content consumer can capture a multi-modal digital representation of multiple objects where a juxtaposition of features derived from the digital representation can be used to recognize that at least some of the objects are a valid authentication object. Upon authentication, an authentication agent determines a content access level for content associated with the corresponding to the juxtaposition. The content can then be presented on an electronic device, possibly within a secure virtual machine, according to the content access level.

Abstract: Users of an endpoint remediation system can be assigned to different roles, from which they can request exceptions, approve exceptions, and/or enable remediation on endpoint devices. The compliance scanning and enforcing process can be automated, while allowing entities to request and/or approve certain exceptions. Therefore, security compliance for customers can be actively managed to provide visibility to the endpoint device compliance state at any time.

Abstract: A computer-implemented method of authenticating a memory of a gaming machine uses a computing device having a processor communicatively coupled to a memory. The method includes identifying a first subset of the memory including one or more operational data components associated with operating the gaming machine. The method also includes identifying a second subset of the memory. At least some of the second subset of the memory is distinct from the first subset of the memory. The method further includes authenticating the first subset of the memory while the gaming machine is in a disabled state. The method also includes enabling operation of the gaming machine after said authenticating the first subset of the memory if the authentication of the first subset of the memory is successful. The method further includes authenticating the second subset of the memory while the gaming machine is in an enabled state.

Abstract: A method can include evaluating each of a plurality of collaborative systems, using a processor, for suitability hosting an artifact according to at least one attribute of the artifact. A first collaborative system can be selected from the plurality of collaborative systems according to the evaluation. The artifact can be stored in the first collaborative system.

Abstract: Machine learning based methods for the analysis and reporting of suspicious email are disclosed. In one aspect, there is a method that includes displaying a user-selectable icon to report a suspicious electronic message. The method further includes receiving selections of the electronic message and the user-selectable icon. The method further includes quarantining the electronic message in response to the selections. The method further includes electronically communicating the electronic message to a processor for performing threat analysis in response to the selections. The method further includes receiving a response message in response to the performed threat analysis, the response message indicating a threat status of the electronic message.

Abstract: A centralized gateway server receives a first user request, configured to operate with a first development platform, indicating a first operation to be performed on behalf of a first user. The centralized gateway server generates a first service request for performing the first operation, and transmits the first service request to a server associated with a service, to cause the server to perform the first operation on behalf of the first user. The centralized gateway server also receives a second user request indicating a second operation. The second user request is configured to operate with a second development platform different from the first development platform. The centralized gateway server generates a second service request for performing the second operation, and transmits the second service request to the server to cause the server to perform the second operation.

Abstract: Distributed storage of a file in edge storage devices that is resilient to eavesdropping adversaries and Byzantine adversaries. Approaches include a cost-efficient approach in which an authorized user has access to the content of all edge storage nodes. In this approach, key blocks and file blocks that are masked with key blocks are saved in the edge storage nodes. Additionally, redundant data for purposes of error correction are also stored. In turn, upon retrieval of all blocks, errors introduced by a Byzantine adversary may be corrected. In a loss resilient approach, redundant data is stored along with masked file partitions. Upon retrieval of blocks from the edge storage nodes, a unique approach to solving for the unknown file partition values is applied with identification of corrupt nodes based on an average residual error value for each storage node.

Abstract: A method for preventing image modification, an image capturing device and an image verification method are disclosed. The image modification method includes: processing a compressed image of at least one frame to obtain feature data of the compressed image of the at least one frame; encrypting the feature data to generate a checksum; generating supplemental enhancement information, which at least includes a time parameter and the checksum; and transmitting and/or storing the supplemental enhancement information and the compressed image of the at least one frame together so as to verify authenticity of the compressed image of the at least one frame by using the supplemental enhancement information. The time parameter is a counter value of a counter in the image capturing device and the counter value continuously increases. With the above method, authenticity of image data can be verified.

Abstract: Distributed storage of a file in edge storage devices that is resilient to eavesdropping adversaries and Byzantine adversaries. Approaches include a cost-efficient approach in which an authorized user has access to the content of all edge storage nodes. In this approach, key blocks and file blocks that are masked with key blocks are saved in the edge storage nodes. Additionally, redundant data for purposes of error correction are also stored. In turn, upon retrieval of all blocks, errors introduced by a Byzantine adversary may be corrected. In a loss resilient approach, redundant data is stored along with masked file partitions. Upon retrieval of blocks from the edge storage nodes, a unique approach to solving for the unknown file partition values is applied with identification of corrupt nodes based on an average residual error value for each storage node.

Abstract: Embodiments relate to a system, program product, and method for use with a computer platform to support privacy preservation. The platform measures and verifies data privacy provided by a shared resource service provider. An assessment is utilized to support the privacy preservation with respect to a data steward, and associated shared data. It is understood that data associated with a data service has an expected level of privacy. A privacy score directly correlating to a leakage indicator of the service is formed, and an associated data container is populated with inferred entities deemed to at least meet a preferred privacy level. The privacy score effectively certifies the security of the populated data container.

Abstract: Preventing Transport Layer Security session man-in-the-middle attacks is provided. A first security digest generated by an endpoint device is compared with a second security digest received from a peer device. It is determined whether a match exists between the first security digest and the second security digest based on the comparison. In response to determining that a match does not exist between the first security digest and the second security digest, a man-in-the-middle attack is detected and a network connection for a Transport Layer Security session is terminated with the peer device.

Abstract: A system and associated methods for the detection of anomalous behavior in a system. In some embodiments, time-series data that is obtained from the system (such as log data) may be used as an input to a process that converts the data into greyscale values. The greyscale values are used to construct an “image” of the system operation that is used as an input to a convolutional neural network (CNN). The image is used to train the neural network so that the neural network is able to recognize when other input “images” constructed from time-series data are anomalous or otherwise indicative of a difference between the prior (and presumed normal or acceptable) and the current operation of the system.

Abstract: Techniques are provided for determining environment parameter values based on rendered emoji analysis, A server computer provides a first set of code that, when executed by a browser application at a client computing device, renders a set of emoji at the client computing device, generates a set of rendered graphic data for the set of emoji at the client computing device, and transmits the set of rendered graphic data for each emoji of the set of emoji from the client computing device to the server computer. The server computer receives the rendered graphic data generated at the client computing device, Based on the set of rendered graphic data for the set of emoji generated at the client computing device, the server computer determines a set values for one or more environment parameters of the client computing device.

Abstract: Users are authorized to access tagged metadata in a provider network. A revision control and binding mechanism may be applied to tagged metadata that is added or modified by the user. A recommendation pertaining to security and compliance for the computing resource may be determined based on an analysis of the computing resource, scoring criteria, and data pertaining to customer and system data.

Abstract: Disclosed embodiments relate to systems and methods for analyzing and addressing least-privilege security threats on a composite basis. Techniques include identifying a permission associated with a secured resource, identifying attributes associated with the permission, weighting the attributes, and, based on the attributes and their weights, creating a normalized score corresponding to the risk presented by the permission. Further techniques include identifying attributes associated with the secured resource, identifying special risk factors, and creating weighted scores based on the resource attributes and special risk factors. Other techniques include aggregating the weighted scores and using the weighted scores to identify insecure areas within the system.