Abstract: An information processing method, an information processing device, and an electronic device are provided. The method includes: obtaining an input operation; in response to the input operation being performed on a first object displayed in a first region of a display region, collecting first operation information and making the first object respond to the input operation according to the first operation information; and in response to the input operation being performed on a second object displayed in a second region of the display region, collecting second operation information, and making the second object respond to the input operation according to the second operation information and authentication information corresponding to the second operation information.

Abstract: Identity and access control systems and methods employ a registry that receives a request for confidential data from a client, together with a secure enrollment profile identifier for the client, and generates and sends a challenge token to the client, which encrypts and returns the encrypted challenge token to the registry. Thereafter, the registry confirms that the encrypted challenge token is validly encrypted and calls up a security backend with authorization to provide the requested confidential data to client, and the security backend sends the requested confidential data to the client.

Abstract: A verifiable computing system is presented. A worker computing device of the verifiable computing system receives a primary program and a verification logic that are generated based on a target function. The worker computing device includes a main processor and a coprocessor. The main processor is configured to execute the primary program and the coprocessor is configured to implement the verification logic. Telemetry is collected from the main processor executing the primary program and provided to the coprocessor. The coprocessor implementing the verification logic uses the telemetry to generate a proof. The proof is provided to a verifying computing device for determining whether the primary program is tampered with.

Abstract: A method for verifying a person's identity includes receiving a registration request from an electronic device, the request including identifying information associated with a presumed identity of a person and captured metadata indicative of a timing of user inputs entered to the electronic device by the person during a session associated with the request, querying one or more trusted databases to obtain background data item(s) associated with the presumed identity, receiving, from a biometric reader, biometric data item(s) captured from the person during the session, storing a data record associating the identifying information, captured metadata, background data item(s), and biometric data item(s), calculating a hash as a function of the identifying information, captured metadata, background data item(s), biometric data item(s), storing the hash in a block of a blockchain, deriving a score from the captured metadata and background data item(s), and generating an embeddable digital badge based on the score.

Abstract: Systems and methods for authenticating a user may include transmitting a request for a first set of information after validation of authentication information; receiving a response comprising the first set of information; parsing the first set of information using one or more template-based algorithms by scanning one or more websites to determine publicly available information associated with a user; comparing compare one or more results of the parsing with a second set of information to yield compromised information associated with the user; eliminating one or more portions of the second set of information based on the comparison; presenting a third set of information to authenticate the user based on the elimination and by supplementing the first set of information with a fourth set of information; and presenting a fifth set of information to authenticate the user if the third set of information fails to reach a predetermined threshold number.

Abstract: A computer implemented system for anonymous electronic verification of location credentials including at least one processor and data storage is described in various embodiments. The system includes cryptographic mechanisms and electronic communication between one or more computing systems that in concert, provide verification of a prover's location credentials in accordance to logical conditions of a verifier's policy without providing additional information to a verifier entity.

Abstract: A mechanism that dynamically creates a new access policy for a set of database servers when a policy violation has been identified in a database access response issued by any database in the set. The new access policy is then propagated in real-time and instantiated across the set of database servers so as to inoculate the other database servers and pre-empt any new compromise of information based on the intruder's actions that were found to have produced the policy violation in the first instance. Thus, the approach uses a response policy violation at one database server of a set to trigger generation of a new request access policy that is then instantiated across one or more other database servers. This response policy violation-to-request access policy instantiation occurs in substantially real-time so that the intruder cannot use a prior successful access request to obtain information from other databases using a similar strategy.

Abstract: A mechanism that dynamically creates a new access policy for a set of database servers when a policy violation has been identified in a database access response issued by any database in the set. The new access policy is then propagated in real-time and instantiated across the set of database servers so as to inoculate the other database servers and pre-empt any new compromise of information based on the intruder's actions that were found to have produced the policy violation in the first instance. Thus, the approach uses a response policy violation at one database server of a set to trigger generation of a new request access policy that is then instantiated across one or more other database servers. This response policy violation-to-request access policy instantiation occurs in substantially real-time so that the intruder cannot use a prior successful access request to obtain information from other databases using a similar strategy.

Abstract: The present invention relates to the automatic configuration of a measuring and test device in a multi-user test system. Individual users are initially authenticated. An individual user profile can be generated for authenticated users. The individual user profile can be stored in a user database. After authentication of a user, the user profile can be read-out from the profile database and then a measuring and test device can then be automatically adjusted corresponding to the user profile.

Abstract: A dynamic recognition method includes, when the terminal device detects that the user is in a first distance range, obtaining, by the terminal device, first feature information of the user. The method further includes performing first identity authentication on the first feature information of the user, where the first feature information includes facial feature information, voice feature information, or behavioral feature information. The method further includes increasing, by the terminal device, a level of a default threshold of second identity authentication when the first identity authentication succeeds. The method further includes, when the terminal device detects that the user is in a second distance range, obtaining, by the terminal device, second feature information of the user, and performing second identity authentication on the second feature information of the user based on the default threshold whose level is increased.

Abstract: A system and method securing an in-vehicle network in a vehicle may include a switch connected to at least two segments of the in-vehicle network and an IDPS connected to the switch. The IDPS unit may be adapted to: receive network messages from the switch; determine at least some of the network messages are related to a cyber threat and configure the switch according to the cyber threat. The IDPS unit may be included in the switch.

Abstract: Examples associated with user authentication are described. One example system includes a set of authentication modules. A data store stores data describing disruption ratings of members of the set of authentication modules. A user confidence module maintains a confidence rating that a current user of a device is an authenticated user of the device. The confidence module controls execution of the authentication modules based on the confidence rating and on the disruption ratings of the authentication modules. The user confidence module controls execution of relatively less disruptive authentication modules when the user confidence module is confident that the current user of the device is the authenticated user of the device. The user confidence module maintains the confidence rating based on feedback received from authentication modules.

Abstract: The invention proposes a system and a method for transmitting a message that allows a sender (designated by an identifier) to send a digital content to one or more recipients (designated by one or more identifiers), the content being associated with at least one material subject (each designated by a single authenticator). Thus, to send a message, the sender implements at least one single authenticator of the material subject, discriminant and intrinsic characteristic of each material subject, which serves to anchor the content to transmit. To be able to access the content of the message, the recipient must provide the server not only its identifier, as for any current messaging system, but also a single authenticator with a same material subject that was used at the time the sender created the message.

Abstract: A method, computer system and computer program product for authenticating a transaction is provided. A service provider receives a transaction between a user and a website displayed on a first device. The service provider identifies a first geolocation of the first device. The service provider generates a code for display on the first device. The service provider receives credential information to identify the user and the code from a second device. The service provider identifies a second geolocation of the second device, and determines a level of risk for the transaction based at in part on the first geolocation and the second geolocation. In response to the level of risk being an acceptable level of risk, the service provider authenticates the user. The service provider generates information to enable the user on the first device to perform the transaction with the website, and sends the information to the website.

Abstract: Described herein are a system and techniques for detecting whether biometric data provided in an access request is genuine or a replay. In some embodiments, the system uses an machine learning model trained using genuine and replay sample data which is optimized in order to produce a result set in which results for the genuine samples are pulled closer to a genuine center and results for the replay samples are pushed away from the genuine center. Subjecting input biometric data (e.g., an audio sample) to the trained model results in a classification of the input biometric data as genuine or replay, which can then be used to determine whether or not to verify the input biometric data.

Abstract: According to examples, an apparatus may include a processor and a computer readable medium on which is stored machine readable instructions that may cause the processor to assign the activities in user activity data into a plurality of groups based on common user identifiers corresponding to the pairs of activities. The instructions may also cause the processor to determine a correlation between a user event and the plurality of groups, determine whether the user event is suspicious based on the determined correlation, and based on a determination that the user event is suspicious, output an indication that the user event is suspicious.

Abstract: A system for securely storing privacy information is provided. The system includes a plurality of nodes configured to maintain a distributed database containing consumer privacy information having a plurality of entries. Each entry of the plurality of entries in the distributed database is (i) encrypted with a unique encryption key associated with a consumer and the distributed database, and (ii) indexed based on a public encryption key associated with the consumer. A most recent entry associated with the consumer includes current personal information about the consumer. A first entry associated with the consumer includes an encrypted version of the unique encryption key.

Abstract: A method is disclosed. The method includes receiving a communication comprising a real credential from a communication device and providing the real credential to a token computer. The token computer generates a token and a cryptogram, and the cryptogram is formed using a resource provider initiated transaction indicator. The method includes receiving, from the token computer, the token and the cryptogram, and transmitting, to a processing computer, an authorization request message comprising the token, the cryptogram, a resource provider identifier, and a transaction amount for a first transaction. The processing computer validates the cryptogram, exchanges the token for the real credential, stores the resource provider identifier, and forwards the authorization request message including the real credential, and the transaction amount to an authorizing entity computer. The method also includes receiving an authorization response message from the authorizing entity computer.

Abstract: Example methods are provided for secure communication protocol processing in a network environment. The method may comprise, in response to detecting a first transport protocol packet that is addressed from a first endpoint to a second endpoint and includes unencrypted payload data and a first sequence number, generating and sending a first secure communication protocol packet that includes encrypted payload data and a second sequence number. The method may also comprise, in response detecting a second transport protocol packet that includes the first sequence number, determining that the second transport protocol packet is a retransmission of the first transport protocol packet. The method may further comprise generating and sending a second secure communication protocol packet that includes the second sequence number associated with the first sequence number.

Abstract: A device management system according to the present invention issues a register key that specifies a worker tenant, receives a registration request including the register key from a network device, and transmits first authentication information to the network device. The first authentication information is registered in the worker tenant that is specified by the register key of the registration request. If there has been communication that uses the first authentication information from the network device after the tenant is created, the information about the network device registered in the worker tenant is automatically changed to be registered in the different tenant.