Abstract: Behavioral baselines for a computer system may be accurately and efficiently established by (1) monitoring occurrences on the computer system, (2) determining, based on security rules or heuristics, which of the observed occurrences are associated with potential security risks, (3) identifying patterns of activity based on the suspicious occurrences, and (4) prompting a user to indicate whether the observed patterns of suspicious activity are expected or unexpected. Behavior baselines established in this manner can then be used to differentiate between expected and unexpected patterns of activity on the computer system.

Abstract: Communication bus enable devices to communicate and exchange information and control signals. There is a growing concern over the security of such types of buses. Since any device can transmit any message, and device on the bus which can be compromised poses a threat for the bus. Described is a system to authenticate the source of messages from various devices on a communication bus.

Abstract: Communication bus enables devices to communicate and exchange information and control signals. There is a growing concern over the security of such types of buses. Since any device can transmit any message, and device on the bus which can be compromised poses a threat for the bus. Described is a system to authenticate the source of messages from various devices on a communication bus.

Abstract: Systems and methods for device-agnostic, multi-factor network authentication are disclosed. In some embodiments, a wireless network connection can authenticate a device over secure authentication means with a certificate that confirms a device identity. After authenticating the device, a user can be prompted to provide credentials in a captive portal. The captive portal can be inaccessible to devices that have not already authenticated using a certificate. After providing approved credentials to the captive portal, the user can access the network. This embodiment and additional embodiments are readily integrated into private wireless networks and others.

Abstract: A controller and an accessory controllable by the controller can communicate using secure read and write procedures. The procedures can include encrypting identifiers of accessory characteristics targeted by a read or write operation as well as any data being read or written. The procedures can also include the accessory returning a cryptographically signed response verifying receipt and execution of the read or write instruction. In some instances, a write procedure can be implemented as a timed write in which a first instruction containing the write data is sent separately from a second instruction to execute the write operation; the accessory can disregard the write data if the second instruction is not received within a timeout period after receiving the first instruction.

Abstract: A computer-implemented method, non-transitory, computer-readable medium, and computer-implemented system are provided for data transmission in a trusted execution environment (TEE) system. The method is executed by a first thread in multiple threads on a TEE side. The method includes obtaining first data; obtaining a TEE side thread lock; calling a predetermined function by using the first data as an input parameter to switch to a non-TEE side; obtaining a write offset address and a read offset address respectively by reading a first address and a second address; determining whether a quantity of bytes of the first data is less than or equal to a quantity of writable bytes; if so, writing the first data into third addresses starting from the write offset address; updating the write offset address in the first address; returning to the TEE side; and releasing the TEE side thread lock.

Abstract: A user terminal apparatus and a control method thereof are provided. The control method includes: receiving a user control input selecting a user mode; reconstituting a screen based on use authority information of a user mode selected according to the user control input; and displaying the reconstituted screen.

Abstract: A license managing method including an execution device that executes software and a software storage device coupled to the execution device further includes a license storage device that stores license information indicating the number of licenses for permitting a license of the software, and the license managing method includes the step of license-managing of controlling storage of the software to be downloaded into the software storage device or execution of the software by the execution device based on the license information stored in the license storage device when the software whose license permission is required is downloaded.

Abstract: A method to transfer a video stream from a host device comprising a controller configured for bulk transfers to a descrambling device, comprises: forming a chain out transfer comprising a chain out header linked with multiple chain out descriptors, the first chain out descriptor pointing to an out description packet containing at least one producer ID, the second and subsequent chain out descriptor pointing to chunks from the video stream, the last chain out descriptor being configured to generate an interrupt; forming a chain in transfer comprising a chain in header linked with a plurality of chain in descriptors, each chain in descriptor pointing to a descrambled chunk; requesting the controller to process the chain; receiving the description packet by the descrambling device and using key data associated with the chunks to descramble them; receiving by the controller the descrambled chunks and triggering an interrupt on the last chunk.

Abstract: A method for network security joint defense includes: obtaining security log information of security devices, wherein the security log information includes intrusion event information violating an own defense policy of the security device obtained by the security device in a network/system environment; converting log formats of the multiple obtained security log information into a preset log format, wherein the preset log format is a log format that is identifiable by the plurality of the security devices; classifying and summarizing the intrusion event information included in the converted security log information according to preset intrusion event types; obtaining a security device identification corresponding to each of preset intrusion event types; and pushing the intrusion event information corresponding to each preset intrusion event type to the security device corresponding to the security device identification, so that the security device adjusts the own defense policy thereof according to the pushed

Abstract: The present disclosure describes systems and methods that provide a hybrid framework for augmenting statistical anomaly detection with contextual features, machine learning and human Subject Matter Expert (SME) input to learn significant characteristics of true anomalies for which alerts should be generated. The framework presented herein is domain agnostic and independent of the underlying statistical anomaly detection technique or the machine learning algorithm. The framework described herein is therefore applicable and adaptable to a number of real world service provider systems and applications, such as, for example, detecting network performance degradation in a service provider network or detecting anomalous conditions from data received from a sensor while filtering out false positives.

Abstract: An encoder for providing encrypted data for transmission via a transmission medium includes an encryption unit that is configured to encrypt data received at the encoder block by block and a processing unit. The processing unit is configured to randomly distribute an encrypted data block to a plurality of channels that are allocated to the transmission medium and to provide a sub-block, which includes part of the encrypted data block, to be transmitted via one of the channels, together with a channel identification allocated to the channel and a code value that is based on the encrypted data in the sub-block to be transmitted and the channel identification, for transmission via the allocated channel of the transmission medium.

Abstract: A secret key value that is inaccessible to software is scrambled according to registers consisting of one-time programmable (OTP) bits. A first OTP register is used to change the scrambling of the secret key value whenever a lifecycle event occurs. A second OTP register is used to undo the change in the scrambling of the secret key. A third OTP register is used to affect a permanent change to the scrambling of the secret key. The scrambled values of the secret key (whether changed or unchanged) are used as seeds to produce keys for cryptographic operations by a device.

Abstract: Provided are techniques for authenticating an unknown device. For a first device in an internet of things network that includes a second device and forms a list of trusted devices, a distance between the first device and the second device is determined. A level of trust for the second device is identified based on the distance, wherein the level of trust specifies a level of data sharing. Reputation ranking is performed for the second device based on the level of trust. The reputation ranking is used to assign a trust score to the second device. Based on determining that the trust score exceeds a trust threshold, access is provided to the second device.

Abstract: Examples relate to automated multi-credential assessment in a system. One example enables auditing an application by sending a first request for an action to be performed in the application, the first request based on a first privilege level, where the first privilege level corresponds with a first level of access to the application, and sending a second request for the action to be performed in the application, where the second request based on a second privilege level different from the first privilege level. The second privilege level may corresponds with a second level of access to the application different from the first level of access. The first request and second request may be performed, and the results of the performed first request and second request may be combined. The combined results may be made available.

Abstract: In an embodiment, a computer system is configured to improve security of server computers interacting with client computers through an intermediary computer, and comprising: a memory comprising processor logic; one or more processors coupled to the memory, wherein the one or more processors execute the processor logic, which causes the one or more processors to: intercept, from a server computer, one or more original instructions to be sent to a browser being executed on a client computer; inject, into the one or more original instructions, one or more browser detection instructions, which when executed cause one or more operations to be performed by an execution environment on the client computer and send a result that represents an internal state of the execution environment after performing the one or more operations to the intermediary computer; send the one or more original instructions with the one or more browser detection instructions to the browser; receive the result and determine whether the browse

Abstract: A device transmits or receives a packet in a memory network including one or more processors and/or one or more memory devices. The device includes a key storage unit configured to store a one-time password (OTP) key that is shared with a target node, an encryption unit configured to encrypt a transmission packet with the OTP key stored in the key storage unit and to transmit the encrypted transmission packet to the target node, and a decryption unit configured to decrypt a receiving packet from the target node with the OTP key stored in the key storage unit. The device is a processor or a memory device in the memory network.

Abstract: The present invention provides an authentication which is performed by means of simultaneously inputting biometric data such as fingerprint, iris and the like when inputting an authentication number, wherein input area provided to a user varies such that biometric data can be input and recognized accurately and easily. Therefore, the present invention enhances convenience for a user and increases security and reliability of authentication.

Abstract: An identity provider IP service provides an optimized sign out experience for a user accessing a single account service. The IP service designates a first account of a service as signed in based on first credentials provided by a user. The IP service provides a first security token for the first account to the service. Upon receiving a first sign out notification, the IP service determines whether the user wants to switch to a second account of the service. Upon determining that the user wants to switch to the second account, the IP service designates the second account as signed in based on second credentials provided by the user, provides a second security token for the second account to the service, and designates the first account as soft signed out so that the user can switch to the first account without re-providing the first credentials.

Abstract: A cloud-based identity and access management system that implements single sign-on (“SSO”) receives a first request for an identity management service configured to allow for accessing an application. Embodiments send the first request to a first microservice which performs the identity management service by generating a token. The first microservice generates the token at least in part by sending a second request to a SSO microservice that is configured to provide SSO functionality across different microservices that are based on different protocols. Embodiments then receive the token from the first microservice and provide the token to the application, where the token allows for accessing the application.