Abstract: A scalar multiplication operation includes an iterative procedure performing a set of operations at each iteration on a bit or on a group of consecutive bits of a secret key. The multiplication operation includes multiplying values of projective format coordinates by a random value. The random value is a product of a random number generated over a range having as end value a first value, with a second value, which is larger than said first value. The first value is a power of two of a word size multiplied by a multiplier value, minus one. The second value is equal to a power of two of a number of bits of the coordinates divided by the first value. The multiplier value is an integer greater than or equal to one and smaller than a ratio of said number of bits to the word size.

Abstract: Device for secure distance measurement being a prover (P) or a verifier (V) comprising: a receiver (R3) configured to receive a receiving signal (RS) with a transmitted message (M) encoded therein, wherein the transmitted message (M) contains a verifying bit sequence (VBS), wherein a bit of the transmission message (M) is transmitted in the transmission signal (TS) by a pulse with a pulse modulation parameter with two pulse states, and a decoder (R2) configured to decode the verifying bit sequence (VBS) from the transmitted message (M) encoded in the receiving signal (RS).

Abstract: Data processing systems and methods, according to various embodiments, are adapted for mapping various questions regarding a data breach from a master questionnaire to a plurality of territory-specific data breach disclosure questionnaires. The answers to the questions in the master questionnaire are used to populate the territory-specific data breach disclosure questionnaires and determine whether disclosure is required in territory. The system can automatically notify the appropriate regulatory bodies for each territory where it is determined that data breach disclosure is required.

Abstract: A method, apparatus and system for secure one-way RFID tag identifications provided. The method comprising generating, at an RFID tag, an auxiliary identifier; generating, at an RFID tag, a secure representation based on the auxiliary identifier; transmitting, from the RFID tag and receiving at an RFID reader, one or more representations of the auxiliary identifier and the tag identifier including the secure representation; and verifying the identity of the RFID tag based on the received representations.

Abstract: A method for scanning a website and tracking data subject interaction with the website, comprising: determining a data subject is interacting with a particular website; determining one or more website parameters associated with the particular website, the one or more website parameters associated with the particular website include scanning the particular website to determine website cookies that capture data subject information, and determining a website category of the particular website; determining a geo-location of the data subject when the data subject is interacting with the particular website; determining one or more data subject consent parameters based at least in part on the one or more website parameters associated with the particular website and the geo-location of the data subject when the data subject is interacting with the particular website; and applying the one or more data subject consent parameters to the data subject interaction with the particular website.

Abstract: Systems and methods for embodiments of artificial intelligence systems for identity management are disclosed. Embodiments of the identity management systems disclosed herein may support the correlation of identities from authoritative source systems and accounts from non-authoritative source systems using artificial intelligence techniques.

Abstract: A method by a network device for assigning data types to data values included in application programming interface (API) responses sent by an API server to one or more API clients via an API. The method includes obtaining a first set of API responses from an endpoint of the API, generating a profile for the endpoint of the API based on analyzing the first set of API responses, where the profile of the endpoint indicates an expected structure of API responses and expected data types associated with data fields included in API responses, obtaining a second set of API responses, and using the profile of the endpoint of the API to assign data types to data values included in API responses in the second set of API responses.

Abstract: A method of cracking a private key of an asymmetric cryptosystem includes extracting a modulus and a public key exponent from a public key, calculating the digital root of the modulus, deriving a set of candidate base pairs corresponding to the digital root and the last digit of the modulus, each of the candidate base pairs including a first candidate base and a second candidate base, iteratively testing values of a multiplier until a sum of one of the candidate bases with ninety times the multiplier is a factor of the modulus, and determining the private key using the public key exponent and the factor of the modulus. The method may further include decrypting an encrypted message using the private key.

Abstract: A system and method for securely encrypting and booting a headless appliance. A computerized method is disclosed that includes: providing the network appliance with content encrypted with a secret key; launching the network appliance in a fallback configuration that provides limited operational capabilities; forwarding a request for the secret key to an online service that independently utilizes an identity provider to establish trust with an appliance administrator; receiving the secret key from the online service upon establishment of trust with the appliance administrator; decrypting the content with the secret key received from the online service; and utilizing the content to launch the network appliance in a full configuration.

Abstract: A hybrid encryption scheme links a first public key encryption (PKE) scheme with a second PKE scheme through a true random or pseudo-random element, which is used by a sender to encapsulate a symmetrically encrypted message and its associated symmetric key to generate a pair of ciphertexts for transmission to a recipient. The recipient decrypts and decapsulates the ciphertexts, retrieves the random element, and may conduct one or more verification steps to ensure that the ciphertexts were well-formed, and to detect any re-encryption or encapsulation attacks. To encrypt a message, the message and initial random value are encrypted with a symmetric key to provide an intermediate ciphertext. The symmetric key and the encrypted message-value are each encapsulated by distinct algorithms using distinct values derived from the initial random value, such as different hashes, and public keys to provide first and second ciphertexts.

Abstract: Methods and systems for improved device authentication and presentation of media content to passengers aboard a transportation apparatus are disclosed. In some aspects, authentication of a device may be simplified based on previous associations made between the device, a user, and travel on a transportation apparatus within a particular time period. In some aspects, passenger selected media content may be prepositioned on stable storage within a transportation apparatus such that the media content may be provided to one or more passengers of the transportation apparatus while the transportation apparatus is in motion, and thus avoid transfer of the media content over an off-board wireless communication link.

Abstract: The present disclosure provides systems and methods for detection of one or more security threats or malicious actions. According to the present disclosure, data can be received from one or more data producers and provided to a behavior processor. The behavior processor extracts, identifies, or detects one or more behaviors from the data based on one or more datum, features, or characteristics included therein, and provides the one or more identified behaviors to a tactic processor. The tactic processor extracts, identifies, or detects one or more tactics based on the one or more identified behaviors, and submits the one or more identified tactics to a tactic classifier to determine whether the one or more identified tactics are indicative of the one or more security threats or malicious actions. Other aspects are also described.

Abstract: In various embodiments, a personal data processing system may require guardian consent (e.g., parental consent) for a data subject in order to collect, store, and or process the subject's personal data. The system may prompt the data subject to initiate a request for guardian consent or the system may initiate a request for guardian consent without initiation from the data subject (e.g., in the background of a transaction). In some embodiments, the system may require guardian consent when a data subject is under the age for valid consent for the particular type of personal data that will be collected as part of a particular transaction. Data processing systems may generate and store one or more consent records memorializing valid consent for data processing from data subjects and/or from guardians on their behalf (e.g., in the case of a minor data subject).

Abstract: The embodiments of the present application provide a permission management system, a permission management method, and an electronic device. First, at least two unlocking passwords are set on the electronic device, and each unlocking password corresponds to a working mode. Then, the user permission for application software on the electronic device is configured for each working mode. Finally, upon receiving the correct input unlock password, the electronic device is unlocked and the working mode corresponding to the input unlock password is started. The embodiments of the present application can protect the personal privacy of a user by means of setting the access permission of the application software of the electronic device.

Abstract: A device for compressing subject data. the device comprises a communication link, the communication link capable of receiving a set of subject data; a compression module, the compression module configured to apply a compression algorithm to the set of subject data, the compression algorithm compressing the set of subject data using a reference string of subject data; and a transmission module, the transmission module configured to transmit the compressed subject data. The device further comprising an encryption module for encrypting the subject data.

Abstract: Aspects of the disclosure relate to multicomputer processing and dissemination of data files. A computing platform having at least one processor, a memory, and a communication interface may search one or more social media platforms for unauthorized dissemination of a data file. The computing platform may correlate a unique identifying feature(s) of the disseminated data file to that of a copy of the data file previously distributed to a linked user account. The computing platform may transmit, via the communication interface, to an administrative computing device, an unauthorized dissemination report which, when processed by the administrative computing device causes a notification to be displayed on the administrative computing device. The notification may identify the linked user account associated with the unauthorized dissemination, the name, content, or general nature of the data file, and/or the social media platform(s) on which the data file was discovered.

Abstract: Provided is novel technology for secure security data transmission and more particularly for registering network-enabled security devices such as IP cameras to a security server over a public network such as to a cloud-based security service. An enrollment server is provided that is logged into using a computing device to request and receive an activation code for the security device. The activation code is then provided to the security device, e.g. directly by the computing device. The Security device authenticates itself based on the activation code and in one example provides a public key that will be used to verify its registration. Data transmissions by the device are secured in part on the basis of its registration.

Abstract: A system and method for determining consent user interface validity for a provided consent user interface of a web form presenting consent information, comprising: accessing a consent user interface presented on a web form; determining one or more configuration attributes of the consent user interface; accessing one or more privacy regulations associated with presenting consent information; comparing the one or more configuration attributes of the consent user interface to each of the one or more privacy regulations; determining whether the consent user interface is compliant with each of the one or more privacy regulations; and in response to determining that the consent user interface is not compliant with one or more privacy regulations, flagging the consent user interface.

Abstract: A system for authenticating a user at a relying party application using an authentication application and automatically redirecting to a target application includes a processor. The processor is configured to 1) make an API call that comprises (i) an authentication challenge that corresponds to an authentication request and (ii) a call back URL that is specified by a relying party application; 2) retrieve at least one of a target application link or a null value from a table; 3) authenticating the user based on an authentication challenge response to the at least one authentication challenge; and 4) invoking the target application link from the table to automatically redirect from the authentication application to the target application specified in the target application link.

Abstract: Provided is a process including: obtaining, with a network controls engine, network traffic, wherein: the network traffic is sent across the network between source computing devices and destination computing devices; at least one of the source or destination computing devices are on a network carrying the network traffic; and the network has a plurality of computing devices causing the network traffic and which are assigned addresses on the network; applying, with the network controls engine, a plurality of rules to the network traffic to identify rules with criteria satisfied by the network traffic; and causing, with the network controls engine, one or more actions prescribed by one or more identified rules with criteria satisfied by the network traffic.