Abstract: A method secures hash chains via hybrid consensus. A proximate payload for a proximate chain block for a proximate chain is obtained. A first identifier of the proximate chain and the proximate payload are hashed with a hash function to generate a second identifier of the proximate chain. The proximate chain block is added to the proximate chain. The proximate chain block includes the first identifier, the second identifier, and the proximate payload. A request to add the second identifier to a reporting chain is transmitted. A response indicating that the second identifier is incorporated into the reporting chain using the consensus mechanism is received.

Abstract: An example operation may include one or more of receiving a request for blockchain information from a user device, acquiring blockchain data from a plurality of blockchains which are actively operating and available for joining, determining an amount of trust for each blockchain among the plurality of blockchains based on acquired blockchain data of the respective blockchain, and outputting a list identifying the plurality of blockchains where each blockchain on the list comprises a trust indicator indicating a determined amount of trust for the respective blockchain.

Abstract: A redundancy system includes a first computational device and a second computational device each configured to receive at least one input and to generate a first output and a second output, respectively, based on the at least one input; a random sequence generator configured to generate a random bit sequence; a random delay selector configured to determine a random delay based on the random bit sequence; a first random delay circuit configured to delay outputting the at least one input to the first computational device based on the random delay; a second random delay circuit configured to delay outputting the second output based on the random delay; and a fault detection circuit configured to receive the first output and the delayed second output, and to generate a comparison result based on comparing the first input to the delayed second output.

Abstract: Embodiments for a networking device are disclosed. The networking device includes a private identity-based cryptographic (IBC) key issued for a first device. The networking device can receive an internet protocol (IP) packet from the first device. The networking device modifies the IP packet to form a modified IP packet, wherein modify the IP packet includes add an extension header to the IP packet. The extension header includes a source identifier identifying the first device, an indication of the key generation authority and an indication of an identity-based encryption (IBE) algorithm. The networking device also generates an identity-based signature (IBS) using the IBC algorithm with the source identifier as an identity input, the modified IP packet as a message input, and the private IBC key for the first device as a private key input. The modified IP packet and the IBS is then sent towards a destination of the IP packet.

Abstract: A computer-implemented method according to one embodiment includes identifying a node within a clustered system, determining a role of the node, based on one or more characteristics of the node, and setting one or more firewall parameters for the node within the clustered system, based on the role of the node.

Abstract: The present invention prevents falsification of ABI information and makes it possible for the users to safely read data on a blockchain. A registration terminal 1 includes an extraction unit 142 that extracts from a smart contract, ABI information used to access the smart contract and a transaction issuing unit 13 that issues a transaction including bytecode generated by compiling the smart contract and the ABI information, and an approval terminal 2 includes a verification unit 152 that verifies whether it is possible to access the bytecode included in the transaction by using the ABI information included in the transaction and a block generation unit 154 that, if it is possible to access the bytecode, generates a block including the transaction and makes the block and the ABI information reflected on a distributed ledger 11 of each terminal in the blockchain system.

Abstract: Techniques are described for managing authentication tokens associated with a secure account maintained by a business or organization. In one example, this disclosure describes a method that includes storing interaction information associated with an account maintained by an organization, wherein the interaction information includes information about authentication tokens used during a plurality of prior authentication procedures performed for the account, receiving, over a network, a request to authenticate a user to access the account, determining, based on the stored interaction information, an authentication token to be used to authenticate the user, wherein the authentication token is different than a prior authentication token used during the plurality of prior authentication procedures performed for the account, presenting a prompt for the authentication token; and determining, based on information received in response to the prompt, whether the user is authorized to access the account.

Abstract: Described is a system (and method) that provides a mechanism for guarding against cyber-attacks including ransomware, malware, and various other types of malicious attacks. The mechanism includes providing an isolated storage recovery account within a cloud-based storage infrastructure. The isolated storage recovery account secures data even in instances where credentials for a subscriber to a cloud-based service or the cloud-based provider itself is compromised. In order to ensure that data is still protected even when access credentials may be compromised (e.g. by a disgruntled employee), the mechanism requires a joint coordination between both the provider and the subscriber. The joint coordination may be mandated by the use of a particular multiple encryption technique for credentials that are required to access the isolated storage recovery account.

Abstract: A permissioned blockchain, using off-chain storage, provides advantages over blockchains that rely on consensus and/or store information within the blockchain. Advantages include enhanced viability, compactness, and the ability to register material with distribution limitations (e.g., military classified). Examples create an immutable public record of data signatures that confirm when data is intact, without distributing the data itself, so that widespread availability of the blockchain (beyond those privileged to see the data) advantageously increases the size of the community that is able to detect spoofing or forgery attempts. A permissioning entity limits submissions to manage blockchain growth, foreclosing problematic material that may risk long-term viability.

Abstract: Systems and methods are disclosed for using a distributed ledger interface system to facilitate background verification of an individual. One method may include, sending, by a server to a first device associated with a first organization, an indication that an individual is ending the membership to the first organization; unlocking access to an individual-specific data structure in a distributed ledger, wherein the individual-specific data structure allows storage of a plurality of data values corresponding to a plurality of background aspects of the individual, and wherein the distributed ledger is shared within a plurality of nodes within a network; providing, to a user device associated with the individual, a digital key to allow permission to access the individual-specific data structure; and granting, to a second computing device associated with a second organization, and based on a permission received from the user device, access to the individual-specific data structure.

Abstract: A permissioned blockchain, using off-chain storage, provides advantages over blockchains that rely on consensus and/or store information within the blockchain. Advantages include enhanced viability, compactness, and the ability to register material with distribution limitations (e.g., military classified). Examples create an immutable public record of data signatures that confirm when data is intact, without distributing the data itself, so that widespread availability of the blockchain (beyond those privileged to see the data) advantageously increases the size of the community that is able to detect spoofing or forgery attempts. A permissioning entity limits submissions to manage blockchain growth, foreclosing problematic material that may risk long-term viability.

Abstract: A permissioned blockchain, using off-chain storage, provides advantages over blockchains that rely on consensus and/or store information within the blockchain. Advantages include enhanced viability, compactness, and the ability to register material with distribution limitations (e.g., military classified). Examples create an immutable public record of data signatures that confirm when data is intact, without distributing the data itself, so that widespread availability of the blockchain (beyond those privileged to see the data) advantageously increases the size of the community that is able to detect spoofing or forgery attempts. A permissioning entity limits submissions to manage blockchain growth, foreclosing problematic material that may risk long-term viability.

Abstract: The present disclosure provides a distributed storage method, a computer device, and a storage medium. The method includes: grouping a file to be stored to form a plurality of data packets; dividing all the data packets into at least three data fragments, in which, each data fragment includes a part of the plurality of data packets, and each data packet is added to at least two data fragments; storing each data fragment in a distributed storage node to perform distributed storage; recording a corresponding relationship between the data fragments and the data packets and a corresponding relationship between storage nodes and the data fragments; and deleting the file to be stored in local.

Abstract: Provided by embodiments of the present application is a blockchain multi-party shared-governance-based system for maintaining domain name information, wherein a Root blockchain is formed by first network nodes where respective top-level domain registries are located, and domain name operation information needs to be confirmed by authoritative nodes among the first network nodes after a consensus process. Since the authoritative node is generated by means of voting by each first network node, each network node in the Root blockchain in the system participates in the consensus process for the domain name operation information. Through such a decentralized method for maintaining domain name information, the final state will not be affected by a mistake or an attack on one network node, resulting in higher security and better stability of the entire system compared to the centralized maintenance method.

Abstract: The semiconductor device includes a control unit having redundant processors, a memory storing target data, a secure memory storing a key used for encryption or decryption processing, an cryptographic unit, a secure processor instructing cryptographic processing to the cryptographic unit in response to a request from the control unit, a first bus coupled to the control unit, the memory, the cryptographic unit, and the secure processor, and a second bus coupled to the secure memory, the cryptographic unit, and the secure processor. The control unit communicates with the memory via a predetermined error detection mechanism, the cryptographic unit includes a plurality of cryptographic processors that independently perform cryptographic processing on target data using a key based on an instruction, and each of the plurality of cryptographic processors includes a data transfer unit that performs data transfer with the memory via the error detection mechanism.

Abstract: Disclosed is a multi-region data center connectivity solution for seamless integration between multi-region data center users and content. The solution supports user pinning (e.g., users and their personal content can be pinned to a particular geographical location/data center); protects personal content (e.g., personal content uploaded by a user is stored in that user's pinned geographical location/data center); and enables data sharing between multi-region data center users in a manner that is seamless and transparent to end users, while respecting user privacy, complying with data sovereignty requirements, and maintaining system anonymity.

Abstract: Methods, apparatus, and processor-readable storage media for connecting configuration services using blockchain technology are provided herein. An example computer-implemented method includes obtaining at least one user request comprising configuration-related data pertaining to at least one item of hardware and at least one user network; encrypting at least a portion of the configuration-related data using one or more cryptographic hash functions; storing copies of the encrypted configuration-related data across multiple nodes within at least one distributed blockchain technology-based cloud storage system; and performing one or more automated actions, in connection with the at least one user request, using at least a portion of the stored data within the at least one distributed blockchain technology-based cloud storage system.

Abstract: Methods, systems and computer readable media for location-based endpoint security are described.

Abstract: An unauthorized use detection system includes apparatuses and a hash chain that records, for each piece of data, a data structure that includes a hash value of entire data and hash values calculated with respect to a plurality of partial areas obtained from a specific procedure using the hash value of the entire data. One of the apparatuses reads out the data structure associated with the data of one of comparison targets from the hash chain. The apparatus calculates, regarding data of the other one of the comparison targets, hash values of the plurality of partial areas obtained from the specific procedure using the hash value of the entire data included in the read data structure. The apparatus compares the hash values of the plurality of partial areas included in the read data structure with the calculated hash values of the plurality of partial areas related to the other one.

Abstract: Disclosed are various examples for web application security through containerization. In one example, a web application is executed within a container application. The container application includes a management software development kit (SDK). A security policy for the web application is retrieved from a management service. The security policy is applied to the web application using the management SDK of the container application.