Abstract: A method of certifying a state of a platform includes receiving one or more software elements of a software stack of the platform by an authentication module and performing a hash algorithm on the software stack to generate one or more hash values. The software stack uniquely determines a software state of the platform. The method includes generating creation data, a creation hash, and a creation ticket, corresponding to the hash values and sending the creation ticket to the platform. The method also includes receiving the creation ticket by the authentication module and certifying the creation data and the creation hash based on the creation ticket. The method further includes generating a certified structure based on the creation data and performing the hash algorithm on the certified structure to generate a hash of the certified structure. The certified structure uniquely determines the software state of the platform.

Abstract: An electronic device is provided. The electronic device includes a display configured to display information, an input device configured to receive a user input, an image sensor, a processor electrically connected with the display, the input device, and the image sensor, and a non-transitory computer readable storage medium electrically connected with the processor that stores instructions that cause the processor to control the display to display first-level information as a locking mode is partially released when partial authentication passes based on bio-information acquired through the image sensor in a state in which the electronic device is in the locking mode, and control the display to display second-level information having a security level higher than a security level of the first-level information as the locking mode is fully released when full authentication passes based on a user input made through the input device.

Abstract: A system performs digital notarization using a biometric identification service. A signature requesting service receives a request to validate a digital item with a signature for a person. The signature requesting service provides a payload that identifies the digital item and/or the person to an identity service. The identity service obtains one or more digital representations of biometrics for the person, determines an identity for the person, and returns a data structure including the payload and one or more identity attestations regarding the determined identity. The identity service encrypts at least a portion of the data structure using a private encryption key. A public encryption key for the identity service can then be used to decrypt the portion to verify that the data structure was generated by the identity service after determining the identity. In this way, validation can be verified to the full trust level of the identification service.

Abstract: A method for applying agency and regulation modeling in a multi-tenant architecture system includes accessing merchant's representation in an identity manager. The merchant is managed via a full representation by an original identity manager. The method includes performing a first service for the merchant via the representation, and determining, based on results of the first service and on policies of the first service provider, that performance of a second service is required for completion of the first service. The second service is provided by a second service provider onboarded into the first service provider, where the second service amends policy requirements of the first service provider. The method includes accessing a first subservice of the second service using the representation to generate second results for use at a second subservice of the second service, the second subservice configured to use transaction resources of the first representation.

Abstract: A pseudonym credential configuration method and apparatus are provided. The method includes: receiving an identifier of a terminal device and information about N to-be-requested pseudonym credentials from the terminal device, sending N second request messages to a pseudonym credential generation server, and storing a tag of each second request message in association with the identifier of the terminal device in the registration server, so that the registration server can obtain, based on the tag, the identifier that is of the terminal device and that is associated with the tag; and generating N pseudonym credentials. The pseudonym credential generated in this application may enable a behavior investigation server to learn of a real identity of the terminal device.

Abstract: In general, various aspects of the present disclosure provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for addressing a modified risk rating identifying a risk to an entity of having computer-implemented functionality provided by a vendor integrated with a computing system of the entity.

Abstract: A system and method for determining consent user interface validity for a provided consent user interface of a web form presenting consent information, comprising: accessing a consent user interface presented on a web form; determining one or more configuration attributes of the consent user interface; accessing one or more privacy regulations associated with presenting consent information; comparing the one or more configuration attributes of the consent user interface to each of the one or more privacy regulations; determining whether the consent user interface is compliant with each of the one or more privacy regulations; and in response to determining that the consent user interface is not compliant with one or more privacy regulations, flagging the consent user interface.

Abstract: Provided is a process that includes sharing information among two or more parties or systems for modeling and decision-making purposes, while limiting the exposure of details either too sensitive to share, or whose sharing is controlled by laws, regulations, or business needs.

Abstract: Data processing systems and methods, according to various embodiments, are adapted for mapping various questions regarding a data breach from a master questionnaire to a plurality of territory-specific data breach disclosure questionnaires. The answers to the questions in the master questionnaire are used to populate the territory-specific data breach disclosure questionnaires and determine whether disclosure is required in territory. The system can automatically notify the appropriate regulatory bodies for each territory where it is determined that data breach disclosure is required.

Abstract: Systems, computer-implemented methods, and computer program products to facilitate quantum platform routing of a quantum application component are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a dissection component that identifies one or more components of a quantum application. The computer executable components can further comprise a determination component that selects at least one quantum platform to execute the one or more components of the quantum application based on a defined run criterion.

Abstract: A method for managing a consent receipt under an electronic transaction, comprising: receiving a request to initiate a transaction between the entity and the data subject; providing a privacy policy associated with the entity and based at least in part on the request to initiate the transaction between the entity and the data subject; accessing the privacy policy associated with the entity; storing one or more provisions of the privacy policy associated with the entity; providing a user interface for consenting to the privacy policy associated with the entity; receiving a selection to consent to the privacy policy associated with the entity and based at least in part on the request to initiate the transaction between the entity and the data subject; generating, by a third-party consent receipt management system, a consent receipt to the data subject; and storing the generated consent receipt.

Abstract: A method comprises: a first data processing device requesting attestation of a second data processing device; the second data processing device generating a device-specific attestation message in dependence upon a device-specific key, a hardware configuration of the second data processing device and a software configuration of software running on the second data processing device; the second data processing device generating an application-specific attestation message in dependence upon an interaction protocol by which the first data processing device and the second data processing device interact; the second data processing device cryptographically binding the application-specific attestation message to the device-specific attestation message; the first data processing device verifying the application-specific attestation message, the verifying step comprising detecting a trusted status of the application-specific attestation message by verifying the device-specific attestation message cryptographically boun

Abstract: Systems, methods, and apparatuses for authenticating requests to access one or more accounts over a network using authenticity evaluations of two or more automated decision engines are discussed. A login request for access to a user account may be submitted to multiple decision engines that each apply different rulesets for authenticating the login request, and output an evaluation of the authenticity of the login request. Based on evaluations from multiple automated decision engines, the login request may be allowed to proceed to validation of user identity and, if user identity is validated, access to the user account may be authorized. Based on the evaluations, the login attempt may also be rejected. One or more additional challenge question may be returned to the computing device used to request account access, and the login request allowed to proceed to validation of identity if the response to the challenge question is deemed acceptable.

Abstract: Systems and methods for accessing credentials from a blockchain are provided. A computing device requests for a server to process a transaction. In response to the request, the server transmits a server public key to the computing device. A key generator of the computing devices uses the user private key and the server public key to generate a user public key. The user public key includes permissions to access credentials that are stored on blockchain. The server receives the user public key and generates a request for credentials to blockchain. The request includes the user public key and the server private key. The blockchain receives the request and generates an identity token. The identity token includes credentials that are specified in the user public key. The blockchain transmits the identity token to the server and the server uses the identity token to processes the transaction.

Abstract: A process of requesting and providing an anonymization service for sharing images or videos capturing identity of persons. An anonymization server receives a request including information corresponding to an identifier identifying the image or the video, a region within the image or video in which an identity of a person is captured, an encryption key used to encrypt the region of the image or the video, and contact information of the person. When the anonymization server receives a request from the second agency to share an encryption key for decrypting the region, the server transmits a request to the person to provide a permission to deanonymize the identity of the person captured in the image or video. The anonymization server transmits a response including the encryption key to the second agency when a response indicating a permission is received from the person.

Abstract: Techniques for performing predictability-driven compression of training data sets used for machine learning (ML) are provided. In one set of embodiments, a computer system can receive a training data set comprising a plurality of data instances and can train an ML model using the plurality of data instances, the training resulting in a trained version of the ML model. The computer system can further generate prediction metadata for each data instance in the plurality of data instances using the trained version of the ML model and can compute a predictability measure for each data instance based on the prediction metadata, the predictability measure indicating a training value of the data instance. The computer system can then filter one or more data instances from the plurality of data instances based on the computed predictability measures, the filtering resulting in a compressed version of the training data set.

Abstract: The present invention concerns the field of software verification, in particular to check whether the run-time integrity of a software application can be demonstrated.

Abstract: A method of identifying one or more pieces of personal data associated with a data subject based at least in part on one or more triggering action; identifying a storage location of each of the one or more pieces of personal data associated with the data subject; automatically determining that a first portion of the one or more of the pieces of personal data has one or more legal bases for continued storage; automatically maintaining storage of the first portion of the one or more pieces of personal data; and automatically facilitating deletion of a second portion of the one or more pieces of personal data associated with the data subject.

Abstract: An example of a computer-readable medium to store machine-readable instructions. The instructions may cause a processor to verify a licensing object and determine a license has expired. An application may be controlled based on an expiration parameter specific to the licensing object.

Abstract: A security device generates a key based on a physically unclonable function (PUF). The security device includes a physically unclonable function (PUF) block, an integrity detector, and a post processor. The PUF block outputs a plurality of first random signals and a plurality of corresponding first inverted random signals each having a logic level opposite to that of each of the plurality of corresponding first random signals. The integrity detector determines data integrity of the plurality of first random signals by using the plurality of first random signals and the plurality of corresponding first inverted random signals. The post processor generates a first row key that includes validity signals satisfying the data integrity.