Abstract: Particular systems, methods, and program products for web-based security systems for user authentication and processing in a distributed computing environment are disclosed. A computing sub-system may receive an electronic processing request and a first signed data packet having a first payload that was hashed and encrypted using a first private key. The first payload may comprise first processing output and a first timestamp. The sub-system may verify the first signed data packet by decrypting it using a first public key. The sub-system may execute computing operations to satisfy the electronic processing request, producing second processing output. The sub-system may configure a data packet with a second payload comprising at least the second processing output and a second timestamp. The sub-system may encrypt the second payload using a second private key producing a second signed data packet. The sub-system may transmit to a second sub-system the second signed data packet.

Abstract: A wireless access tag duplication device, system and method is provided. The wireless access tag duplication system comprises: a wireless access tag reader; a wireless access tag writer; a processor, coupled to the wireless access card reader and the wireless access card writer; and a memory. The memory includes instruction code, executable by the processor, for: determining a first key of a first wireless access tag; determining remaining keys of the first wireless access tag using nested authentication and the first key; reading data of the first tag using the wireless access card reader, the first key and the remaining keys; and writing the data to a second tag using the wireless access card writer, the first key and the remaining keys.

Abstract: Aspects of the disclosure relate to preventing unauthorized screen capture activity. A computing platform may detect, via an infrared sensor associated with a computing device, an infrared signal from a second device attempting an unauthorized image capture of contents being displayed by a display device of the computing device. Subsequently, the computing platform may determine, via the computing platform, the contents being displayed by the display device. Then, the computing platform may retrieve a record of the contents being displayed by the display device. Then, the computing platform may determine a risk level associated with the infrared signal. Subsequently, the computing platform may perform, via the computing platform and based on the risk level, a remediation task to prevent the unauthorized image capture.

Abstract: Systems and methods are described that allow users to continue utilizing their user accounts and user devices associated with a first authorization entity for transactions conducting with a second authorization entity. A processor server computer may translate a first data set including first account identifier and a first verification value associated with a first authorization entity during authorization processing into a second data set including a second account identifier and a second verification value that can be processed by a second authorization entity. The processor server computer may modify an authorization request message based on the translated data set. The processor server computer may also enable the authorization request message to be routed to an appropriate authorization entity during authorization processing.

Abstract: Systems and methods for providing multi-perimeter firewalls via a virtual global network are disclosed. In one embodiment the network system may comprise an egress ingress point in communication with a first access point server, a second access point server in communication with the first access point server, an endpoint device in communication with the second access point server, a first firewall in communication with the first access point server, and a second firewall in communication with the second access point server. The first and second firewalls may prevent traffic from passing through their respective access point servers. The first and second may be in communication with each other and exchange threat information.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for establishing a proof of storage over a specified period of time.

Abstract: A method includes determining a password-length threshold. The password-length threshold may comprise an integer. The method also includes obtaining, for a first user, a set of nucleotide locations. The number of nucleotide locations in the set may be greater than or equal to the integer. The method also includes obtaining a first sample of the user's DNA. The method also includes determining, in the first sample, a nucleotide at each nucleotide location in the set of nucleotide locations, resulting in a first nucleotide-password sequence. The method also includes performing a one-way hashing operation on the first nucleotide-password sequence with a first hashing algorithm, resulting in a first hashed password.

Abstract: A method performed by a proximity service server. The method comprises generating a ProSe query code and a ProSe response code, sending at least the ProSe response code together with a first and a second discovery key to a first end device, and sending at least the first discovery key and the ProSe query code to a second end device, so that the second end device can securely discover the first end device over an air interface.

Abstract: According to one embodiment, in response to receiving a temporary public key (PK_d) from a data processing (DP) accelerator, a system generates a first nonce (nc) at the host system, where the DP accelerator is coupled to the host system over a bus. The system transmits a request to create a session key from the host system to the DP accelerator, the request including a host public key (PK_O) and the first nonce. The system receives a second nonce (ns) from the DP accelerator, where the second nonce is encrypted using the host public key and a temporary private key (SK_d) corresponding to the temporary public key. The system generates a first session key based on the first nonce and the second nonce, which is utilized to encrypt or decrypt subsequent data exchanges between the host system and the DP accelerator.

Abstract: Systems and methods include establishing a cryptographically secure communication between an application module and an audio module. The application module is configured to execute on an information-handling machine, and the audio module is coupled to the information-handling machine. The establishment of the cryptographically secure communication may be at least partially facilitated by a mutually trusted module.

Abstract: The present disclosure provides methods and systems for secure logon. One or more method includes: determining, via authentication information provided by a user of an electronic device, that the user is authorized to access an online account provided by the online account provider; providing the user with a selectable option to enable an expedited logon process by which the user can access the online account by solely providing a particular authentication item of the user; receiving a verification credential in response to a next logon attempt using the expedited logon process; and verifying that the received verification credential matches an assigned verification credential provided to the user for use in conjunction with the next logon attempt using the expedited logon process.

Abstract: A device may obtain registration data associated with a registration of an individual. The registration data may include an image that depicts a physical key and a reference object. The device may process the image to identify a first feature of the physical key and a first measurement of the first feature based on the size of the reference object. The device may store first feature data based on the first feature and the first measurement. The device may obtain second feature data based on a second feature of the physical key and a second measurement of the second feature identified from an insertion of the physical key into a keyhole of an authentication mechanism. The device may determine whether the first feature data corresponds to the second feature data. The device may authenticate the individual based on determining that the first feature data corresponds to the second feature data.

Abstract: This invention provides a method for providing trusted display to security sensitive applications on untrusted computing platforms. This invention has a minimal trusted code base and maintains full compatibility with the computing platforms, including their software and hardware. The core of the invention is a GPU separation kernel that (1) defines different types of GPU objects, (2) mediates access to security-sensitive GPU objects, and (3) emulates accesses to security-sensitive GPU objects whenever required by computing platform compatibility.

Abstract: Data processing systems and methods, according to various embodiments, are adapted for mapping various questions regarding a data breach from a master questionnaire to a plurality of territory-specific data breach disclosure questionnaires. The answers to the questions in the master questionnaire are used to populate the territory-specific data breach disclosure questionnaires and determine whether disclosure is required in territory. The system can automatically notify the appropriate regulatory bodies for each territory where it is determined that data breach disclosure is required.

Abstract: The present disclosure relates to a key generation method applied to a chip storing an internal key, which includes: acquiring (101) a first and a second random number; generating (102) an initial private key of the chip according to the first random number and the internal key, and generating an update private key of the chip according to the second random number and the internal key; generating (103) an initial public key corresponding to the initial private key according to the initial private key, and generating an update public key corresponding to the update private key according to the update private key; and sending (104) the initial public key, the update public key, and the second random number to a server that sends the second random number to the chip when receiving a private key update request of the chip, to trigger a private key update of the chip.

Abstract: A method of operation of a control node (400, 700, 1000) in a mobile communications network, the method comprising: receiving a request for authorization from a user equipment (500, 800, 1100); determining whether the request for authorization includes evidence that the user equipment is authorized by a trusted traffic authority; and processing the request for authorization only if the request for authorization includes evidence that the user equipment is authorized by the trusted traffic authority. Methods for the user equipment and a trusted authority device, as well as corresponding devices, computer programs and computer program products are also disclosed.

Abstract: Methods, systems, and devices for public key protection techniques are described. An embedded multimedia card (eMMC) may be formatted to include a permanent write protect group that is configured to prevent disabling of write protection for data stored in the permanent write protect group. The eMMC may store a public key associated with a first host device in the permanent write protect group of the eMMC. A data package may be received from the host device and authenticated by using the public key stored in the permanent write protect group. The embedded memory controller may be configured to prevent modifying or writing data to a permanent write protect group.

Abstract: This invention related to a method for provisioning a first communication device with a set of at least one credential required for accessing to a wireless network by using a second communication device provisioned with a cryptographic key K also known by the wireless network, the first communication device being associated with a certificate comprising a public key PK, said certificate being stored with an associated private key PrK in said first communication device, the method comprising the following steps: receiving by the second communication device a registration request from the first communication device in order to be provisioned with the set of at least one credential; transmitting to the wireless network by the second communication device the registration request to generate a set of at least one credential associated to the first communication device comprising at least a cryptographic key K?, the wireless network being adapted to generate a first random number R1 and a second random number R2; r

Abstract: Enabling access to encrypted information by providing a master key and a public key to a partial content owner, generating a ciphertext of content according to a complete content data, at least one content data partition and the public key, wherein the content data partition comprises a portion of the complete content data, providing the ciphertext of the content data and the public key to a validator, receiving a validation result from the validator, and acting upon the validation result.

Abstract: An example operation may include one or more of submitting, by a blockchain client, a transaction proposal to a blockchain network, endorsing, by one or more endorser nodes or peers, the transaction proposal, endorsing comprising updating an in-process world state list, providing one or more composite endorsements, each comprising a base result and a forecasted result corresponding to the transaction proposal, submitting an endorsed transaction in response to the one or more composite endorsements, validating, by a committer node or peer, the endorsed transaction, committing the endorsed transaction to the blockchain network, and removing the committed transaction from the in-process world state list.