Abstract: A system and method for recording, backing up, and authenticating footage from a dash cam or other video device comprises continuously synchronizing checksums from segments of video as they are recorded into rolling storage with an authentication server located remotely. Only metadata is uploaded until the video device experiences an interrupt event, at which point the last few rolling segments, as well as subsequent rolling segments until the termination of the interrupt event, are written to persistent storage and uploaded to the authentication server at the earliest opportunity. The metadata and video are encrypted with an asymmetric public/private key system enabling third parties to confirm, with the public key, that the metadata on the recording device and the authentication server match, and with the private key, download the video footage from the interrupt event.

Abstract: A system and method for guiding privacy-enhancing transformations are described. The system and method include a recommendation engine configured to identify sets of transformations to mitigate a privacy risk below a user specified threshold specified in-terms of privacy-risk score for a given input dataset while keeping the utility of the dataset above the user-specified utility threshold specified in-terms of utility score. A simulation engine configured to simulate the identified set of transformations from the recommendation engine on the dataset to determine the optimal application of the plurality of transformations for maximizing the utility of the dataset, and output device to provide the optimized dataset with the privacy risk score and utility score.

Abstract: An open source library rating is generated for an open source library based on dependencies of the library, vulnerabilities of the library, an age of the library, a popularity of the library, a history of the library, or any suitable combination thereof. The rating of a specific version of a library may be generated based on a base score for all versions of the library and a version score for the specific version of the library. An authorization system receives a request from a developer to add a library to a software application. In response, the authorization system accesses a rating for the library. Based on the rating, the authorization system approves the request, denies the request, or recommends an alternative library.

Abstract: Systems, devices, and methods are provided for end-to-end tagging and tracking of event signals subject to privacy policies. User events comprising event source data may be collected. A user may be associated with a segment, and the segment may be mapped to data lineage information corresponding to the events that were used to determine that the user is in segment. A segment cache may be generated comprising portions that correspond to different data lineages subject to different privacy policies. Bid requests may be received and processed according to applicable privacy policies.

Abstract: A method for encryption of a data item and determining the veracity of a data item by defining a set of data as a topological space and generating a collection of topological invariants according to at least one characteristic of the topological space and assigning a shape to the topological space according to the generated collection of topological invariants. The topological space is decomposed according to a set of homology groups and identity data of an authorized owner of the data defined as the topological space is decoupling from the defined topological space according to a data encryption manipulation process performed on the data without decryption of the data. Output is generated according to the recoupling of the identity data of the authorized owner used to recouple the defined topological space according to the data encryption manipulation process.

Abstract: A method includes: accessing a corpus of messages previously sent from a user account; correlating sequences of words, in the corpus of messages, with behavior signals; aggregating the behavior signals into a behavioral model representing combinations of behavior signals characteristic of behavior in messages sent from the user account; later, accessing a message outbound from the user account to a recipient account, the message including a document associated with a document tag; correlating sequences of words, in the message, with behavior signals; retrieving a data access policy including a threshold at which access to a document associated with the document tag is restricted; and in response to detecting a difference between the behavioral signals from the message and the behavioral model exceeding the threshold, restricting access, by the recipient account, to the document in the message.

Abstract: A computer-implemented method that comprises determining clear data from one or more input files, generating a second file, which is user-recognizable as an audio and/or visual file, by transcoding the clear data into transcoded data using at least one encoding domain, wherein the transcoded data within the second file is no longer user-recognizable as the clear data. Transcoding clear data comprises: determining presentation properties for generating the second file according to presentation elements; determining a mapping associated with the at least one encoding domain; generating the presentation elements representing the clear data values of the clear data; and generating the transcoded data of the second file by combining, based on the presentation properties, the presentation elements such that, upon a presentation of the second file at a user interface, the transcoded data is audibly and/or visually user-recognizable based on the presentation properties.

Abstract: An explorer user interface allows users that are interested in making purpose-based access requests to datasets to view aggregated and/or summary data regarding available datasets prior to making the purpose-based access request. A guided discovery wizard allows a user to view summarized and/or general information regarding datasets and may provide the user options to filter the datasets based on such information and/or based on parameters of specific data items within the datasets (without exposing the specific data items to the user). Thus, the user may filter the datasets to determine a cohort of datasets including data items that are interesting or useful for the specific purpose. The system may provide access to a subset of filtered datasets for the specific purpose in a self-contained, dedicated-purpose directory (an “investigation workspace”) that includes only the precise portion of data that is needed for the requested purpose.

Abstract: An access control terminal (1), comprising an electronic circuit (11) and an ultra-wide-band transceiver (10) connected to the electronic circuit (11) wherein the electronic circuit (11) exchanges messages with a mobile device (2) to determine a distance (d) of the mobile device (2) from the access control terminal (1), and to transmit to the mobile device (2) one or more update messages configured to update access rights data in the mobile device (2), if the mobile device (2) is within the pre-determined proximity range (P).

Abstract: Embodiments of the present disclosure relates to a method, apparatus, device and medium for permission processing. The method comprises: in response to a start of a document sharing cycle, granting each second user in a specified group an access permission to a target shared document upon monitoring that a first user shares the target shared document to the specified group; in response to monitoring that a client interface of the first user jumps from the target shared document to display an associated document of the target shared document, maintaining the access permission to the target shared document for the second user and maintaining an access permission to the associated document for the second user; and in response to an end of the document sharing cycle, revoking the access permission which is owned by the second user during the document sharing cycle.

Abstract: One or more aspects of the present disclosure relate to disabling executable instructions from a network message. In embodiments, a message can be received at a server. In addition, one or more executable instructions can be disabled from the message. Further, the message with the disabled one or more executable instructions can be processed.

Abstract: A method for establishing secure communication between a first device and a second device. The method includes generating ephemeral keys at the first device, encapsulating a public key of the second device to generate a first cipher key and a first shared secret key, transmitting a first message to the second device comprising the ephemeral public key and the first cipher key, receiving a second message from the second device containing a second cipher key, decapsulating the second cipher key to achieve a second shared secret key, receiving and decapsulating a third cipher key to achieve a third shared secret key, deriving a final encryption key using the first, second, and third shared secret keys, and establishing secure communication by encrypting communication using the final encryption key. The method further includes verifying the final encryption key with the second device through hash exchange.

Abstract: A system for protecting public-facing computing assets of an organization includes a correlation system and security appliances. Public-facing computing assets of the organization are discovered as being accessible from the Internet. The security appliances monitor network traffic between monitored computing assets of the organization and clients on the Internet. The correlation system correlates certificate information of digital certificates of the monitored computing assets with certificate information of digital certificates of the discovered public-facing computing assets to identify an unprotected computing asset.

Abstract: Methods, systems, and devices for deep learning access and authentication in a computing architecture are described. A computing system a processor, a deep learning device, and a memory system. The deep learning device may be operable to perform operations associated with the processor using a neural network. The memory system enable or disable access to the deep learning device by the processor. For example, the memory system may verify whether the processor is authorized to access the deep learning device and enable or disable access based on the verification. If access is enabled, the deep learning device may perform the one or more operations associated with the processor. If access is disabled, the deep learning device may be restricted from performing the one or more operations associated with the processor.

Abstract: A system comprises a server system including at least one processor. The at least one processor is configured to receive a request to generate a digital secured document, generate a unique identifier of the digital secured document, and embed a plurality of security data in at least one of the one or more defined areas of the digital secured document. The plurality of security data includes a scannable code. The scannable code has embedded therein an encrypted message that, when decrypted by the server system, validates an authenticity of the digital secured document. The at least one processor is also configured to mint the digital secured document on a blockchain, including generate metadata on the blockchain associated with the digital secured document, and store the metadata and one or more images associated with the digital secured document permanently with an on-chain permaweb protocol.

Abstract: An example disclosed method for use in a device configured to communicate using digital certificates includes, in response to a request, receiving a digital certificate for use in secure communications between the device and another device; evaluating, using a logic circuit, the digital certificate to determine a validity of the digital certificate; when the digital certificate is valid, allowing use of the digital certificate by the device; and when the digital certificate is invalid, preventing use of the digital certificate by the device.

Abstract: In some examples, computer-implemented systems and processes deploy securely de-risked elements of confidential data within a distributed computing environment. For example, an apparatus may obtain configuration data associated with a source data table. The configuration data may specify an identifier of a column of the source data table that includes elements of confidential data, and based on the configuration data, the apparatus perform operations that anonymize the elements of confidential data within the column of the source data table and generate an anonymized column within the source data table. The apparatus may also perform operations that provision an anonymized data table that includes the anonymized column to at least one computing system, which may process the anonymized data table and generate an output data table that includes the anonymized column and maintains a referential integrity between the source data table and the output data table.

Abstract: Embodiments pertain to systems configured to and methods for analyzing a scene comprising one or more objects. The system may be configured to perform the following: obtaining a set of optically encrypted image data describing a scene, including applying an optical manipulation to light incoming to an image acquisition device, whereby the image acquisition device outputs the set of optically encrypted image data, and wherein the optical manipulation is based on an encryption key; providing the set of optically encrypted image data to a machine learning model trained in accordance with the encryption key; and receiving from the machine learning model a prediction related to the scene.

Abstract: A data encryption method. At a server the original data file is encrypted using an encryption key to create an encrypted data file, data is removed from the encrypted data file to create an altered encryption data file, the altered encrypted data file is transmitted to a remote computer, a QR code is created including the removed data and the encryption key, and the QR code is transmitted to the remote computer. At the remote computer, the removed data and the encryption key are recovered from the QR code and are used to recover the original data file.

Abstract: The system provides a permissions engine derives permissions for responses from artificial intelligence (AI) agents. The permissions are derived based on the access permissions of chunks used to generate the response, and the response is cached for reuse with users meeting the permissions requirements. The system can also derive an access permission level for a user attempting to access the cached result or other content. This can be based on a managed access profile that includes user behavior criteria and device criteria. Likewise, the system can validate and derive sensitivity levels of documents that are ingested for use in AI agents and discriminate between chunks to use in synthesizing results based on the derived permissions of the chunks and their relationship to the user.