Abstract: This application provides an identity Identification method for a fixed-point authorization, and devices and servers therefor, comprises receiving an identification request sent by a service terminal; wherein the identification request comprises terminal information and live body biological characteristic information of a target object; the terminal information comprises a terminal merchant number and terminal location information; determining at least one valid user of the service terminal according to the terminal information, and obtaining biological characteristic information of each valid user; wherein the valid user has a direct or an indirect authorization relationship with the service terminal; completing the identity identification according to the live body biological characteristic information of the target object and the biological characteristic information of each valid user.

Abstract: Methods and systems are described for enhanced-security database encryption via cryptographic software, where key management is carried out, without exporting or exposing cleartext keys, using an independent key manager coupled to a cryptographic hardware security module (HSM).

Abstract: Bitcoins and the underlying blockchain technology are one of the main innovations in building decentralized applications. The effects of quantum computing on this technology are analyzed in general. Provided herein are effective solutions to address security vulnerabilities in a blockchain-based system that can be exploited by a quantum attacker.

Abstract: A cryptographic method includes (1) with the first chiplet, parsing a message into one or more message blocks (2) dynamically generating a first target value that is associated with a first key (3) dynamically generating a second target value that is associated with a second key (4) encrypting at least one message block of the at least one or more message blocks to generate some ciphertext, the encryption being performed with at least one operation that includes at least one XOR operation, the at least one XOR operation performed at least in part with the first target value and with at least the second target value, the first target value and the second target value being accessed via the first and second keys, respectively; and (5) with at least one processing device associated with the first chiplet, transmitting the some ciphertext to a second chiplet.

Abstract: A method for data encryption may include receiving input data, finding a delimiter in the input data, generating, based on a position of the delimiter in the input data, a portion of data using a part of the input data, and encrypting the portion of data. The input data may include a record, the delimiter indicates a boundary of the record, and the portion of data may include the record. The position of the delimiter may be in the part of the input data. Generating the portion of data may include generating the portion of data based on a subset of the part of the input data. The part of the input data may be a first part of the input data, and the position of the delimiter may be in a second part of the input data.

Abstract: A threat information analysis server includes: an update manager that manages update information indicating that function addition to an IoT device is performed; a threat information manager that stores threat information of a cyberattack; a risk level manager that manages risk level information defining a risk level of the IoT device; a related threat information manager that manages the threat information and related threat information associating the IoT device with the risk level; a risk level updater that associates the threat information and the risk level of the IoT device with each other and updates the related threat information, based on the update information; and an outputter that outputs the related threat information managed by the related threat information manager.

Abstract: An information processing device includes a display control means that displays a log-in screen for a service which is provided by a collaboration service after accessing the collaboration service, a first transmission means that transmits a request for verification data to the collaboration service, a communication control means that communicates with an authenticator before authenticating a user, a second transmission means that transmits a request including verification data to the authenticator when an instruction for log-in is received, and a third transmission means that transmits signature data received from the authenticator to the collaboration service. At least one of transmission of the request to the collaboration service from the first transmission means and communication of the communication control means with the authenticator is performed without waiting until the instruction for log-in is received from the user after accessing the collaboration service.

Abstract: Methods, systems, and devices for fire control system authentication are described herein. One method includes authenticating a user device to an authentication server, receiving, from the authentication server, an offline token, and authenticating the user device to a fire control panel using the offline token.

Abstract: The present disclosure is directed to systems and methods of providing a secure quantum key distribution cryptosystem in which the quantum key data is exchanged between Alice and Bob using a quantum channel and the parity bits associated with the quantum key data are encrypted using a post-quantum computing (PQC) encryption method and communicated between Alice and Bob using a public channel.

Abstract: The invention relates to systems and methods of cyber-monitoring which utilizes a knowledge database. In particular, the present invention provides a method of monitoring a cyber-network comprises the following steps: providing one or more database(s) of normally-occurring cyber-event(s); detecting cyber-event(s) in the cyber-network; determining if the detected cyber-event(s) is normally-occurring or anomalous by analyzing the detected cyber-event(s) using the one or more database(s) of normally-occurring cyber-events; excluding cyber-event(s) which are classified as normally-occurring to identify anomalous cyber-events; and optionally determining if the anomalous cyber-events are malicious.

Abstract: Systems, methods, and computer products for administering the association of a network identifier with a blockchain address for a blockchain enable operations that may include obtaining, by an authoritative record entity, an initiation of an administrative action regarding an association of the network identifier with the blockchain address, wherein the administrative action comprises at least one of deleting the association, updating the association, modifying the association, or renewing the association; and providing, in response to the obtaining, a registration entity proof message, wherein the registration entity proof message comprises a signature by a private key of the authoritative record entity, wherein the registration entity proof message specifies a registration entity of record for the network identifier.

Abstract: Methods and systems for managing unlocking of an electronic device are provided. A method includes receiving an unlocking input from a user, authenticating the unlocking input, generating a first pre-wakeup command of initializing a progress action for the electronic device, generating a second pre-wakeup command of whether to complete the progress action or to retrogress the progress action based on the authenticating of the unlocking input, and determining whether to unlock the electronic device based on the second pre-wakeup command.

Abstract: A system having an off-premises proxy server residing in a cloud computing environment and backend servers residing in an enterprise computing environment are provided. Requests received by the off-premises proxy server for access to a first, non-publicly accessible backend server are routed to a tunnel server which stores the request and waits to be polled by a tunnel agent connected to the first backend server. When the tunnel server is polled, the request is forwarded through an HTTP tunnel to the tunnel agent, which forwards it to the backend server for processing. Responsive information is returned to the tunnel agent, which forwards it through the HTTP tunnel to the tunnel server and returned through the off-premises proxy server to the remote application. Requests for access to a first, publicly accessible backend server are routed by the off-premises proxy server directly to the backend server for processing and return of responsive information.

Abstract: Aspects of the disclosure relate to cognitive auditing of client bound data. A computing platform may intercept a request from a user device to an application server. The computing platform may identify content requested by the user device and generate predicted response data based on the requested content. The computing platform may transmit the request to the application server. The computing platform may receive, from the application server, actual response data. The computing platform may validate the actual response data by comparing the actual response data with the predicted response data. Based on comparing the actual response data with the predicted response data, the computing platform may identify whether the actual response data matches the predicted response data. Based on identifying that the actual response data matches the predicted response data, the computing platform may send the actual response data to the user device.

Abstract: A system and method for predicting and acting on computer network vulnerabilities before they are actually breached or tampered with by malicious external actors. A monitoring computing device assesses the different components within a network and based on a ranking of the devices, a perceived threat analysis and weaknesses within the network, can take appropriate remediation actions for one or more of the devices within the network. Depending on the ranking of a particular computing device within the network and the determined risk, a remediation can include delaying the implementation of a fix for a weakness because the computing device cannot be taken offline at that particular time.

Abstract: A data processing method for a data processing system having a first communications node and a second communications node where the first communications node corresponds to a first blockchain node and the second communications node corresponds to a second blockchain node that maintains a same block chain as the first blockchain node, the method including obtaining, by the first communications node, to-be-verified data when a terminal camps on a target cell, where the to-be-verified data is obtained based on camping information of the terminal, and the target cell is a cell within signal coverage of the first communications node sending, by the first communications node, the to-be-verified data to the second communications node, so that the second communications node verifies the to-be-verified data based on the second blockchain node, and obtaining, by the first communications node, a target block if the verification succeeds.

Abstract: Methods, systems, and apparatuses are described herein for improving computer authentication processes by using physical environment information. A computing device may receive video depicting a physical environment and process that video to identify one or more first objects. The computing device may receive a request for access to an account. The computing device may send a prompt for a physical environment description and receive, in response, an indication of one or more second objects. The indication of the one or more second objects may comprise video of the physical environment, a verbal description of the physical environment, and/or text describing the physical environment. The computing device may grant the user device access to the account based on comparing the one or more first objects to the one or more second objects.

Abstract: This application relates to the field of wireless communications technologies, and provides a communication method, including: receiving, by a mobility management network element, first information from a terminal device; obtaining a user equipment context of the terminal device in a public network and a user equipment context of the terminal device in a private network based on the first information; and using the user equipment context of the terminal device in the public network and the user equipment context of the terminal device in the private network as a user equipment context of the terminal device. According to the solution provided in embodiments, the user equipment context of the terminal device includes the user equipment context in the public network and the user equipment context in the private network, so that the terminal device can access both the public network and the private network, thereby improving user experience.

Abstract: A user may conduct a plurality of access requests with a plurality of resource provider computers. A processor server computer may determine whether resource provider computers store access data associated with the user in various ways, including detecting patterns in sets of a plurality of access requests conducted between the user and each of the plurality of resource provider computers. Upon detecting that access data has changed, the processor server computer may automatically send the updated access data to each of the identified resource provider computer.

Abstract: A method and system of authenticating a user logon builds a user logon profile with a plurality of user logon features gathered during at least one successful attempted user logon, determines a logon feature novelty score for each feature, receives a user logon request for authentication and extracts current user logon features, retrieves corresponding logon feature novelty scores, determines a first distance function score for the corresponding logon feature novelty scores of the current user logon features, builds a failed logon attempt database, determines a failed logon feature novelty score, extracts the failed logon feature novelty scores corresponding to current user logon features, determines a second distance function score for the corresponding failed logon feature novelty scores of the current user logon features, and determining to one of allow or deny the user logon request based on at least one of the first distance function score and the second distance function score.