Abstract: A method for confirming pairing connection of terminal devices, including: acquiring third touch slide data collected by a target second Bluetooth device via a touch sensing point thereof, if a touch slide operation is detected after a connection between the first Bluetooth device and the target second Bluetooth device is established; establishing a third touch slide variation curve device according to the third touch slide data; acquiring fourth touch slide data collected by a touch screen thereof, and establishing a fourth touch slide variation curve according to the fourth touch slide data; determining whether the third touch slide variation curve matches with the fourth touch slide variation curve or not; and disconnecting the connection with the target second Bluetooth device if the third touch slide variation curve does not match with the fourth touch slide variation curve.

Abstract: A method for storing an object on storage nodes includes encrypting an object to be stored with a key. One or more hash values are computed for the object. The encrypted object is stored on the storage nodes. Storage location data is provided for the stored object. A transaction is computed for a blockchain, wherein information is encoded in the transaction, the encoded information representing the storage location data, the computed o hash values and key data. The transaction is stored in the blockchain provided by one or more blockchain nodes hosting the blockchain. A number of confirmations is provided for the transaction. The number of confirmations is compared with a predefined threshold confirmation number, wherein the predefined threshold confirmation number is computed such that with a pregiven certainty the encoded information in the transaction stored in the blockchain cannot be modified.

Abstract: The present invention discloses a method and a browser for browsing a web page, and a storage medium, and the method comprises: prestoring identity information of an owner user; receiving a web page browsing request from a browsing user, and obtaining the identity information of the browsing user; comparing the identity information of the browsing user with the prestored identity information of the owner user to determine whether the browsing user is the owner user; browsing a web page in a private browsing mode when the browsing user is determined as the owner user; and browsing a web page in a non-private browsing mode when the browsing user is determined as a non-owner user. By the invention, the privacy of browsing behaviors of the owner user may be effectively protected, and the owner user is enabled to examine browsing behaviors of other non-owner users.

Abstract: Firewall rules and policies are automatically managed in accordance with relevancy to network traffic on a wireless network. A specific firewall rule is applied to the network packet being examined based on the identified application based on a ranking of a relevancy score. Responsive to the specific firewall rule application, the relevancy score associated with the specific firewall rule are increased, and relevancy scores for other firewall rules of the predetermined firewall rule category that are not applied to the network packet decreased. Firewall rules of the category, for order of application, are ranked based on the relevancy scores. Firewall rules having relevancy scores below a predetermined relevancy threshold are disabled and the administrator is notified.

Abstract: A system includes a first computer system (FCS) configured to receive an authentication request of a user with respect to the first authentication system (FAS), and communicate an unsuccessful authentication attempt. In response, a bridge computer system (BCS), is configured to request a user ID and receive at least the user ID; identify an address of a second computer system (SCS) based on of the user ID; and initiate the second authentication system (SAS) using the address. The SCS, if the user has been successfully authenticated with respect to the SAS, is configured to communicate successful authentication to the BCS; and in response, the BCS is configured to send the FAS a confirmation message, and the FCS is configured to treat the user as authenticated.

Abstract: An anti-phishing email system and an anti-phishing email method are provided. The system includes an email address registration and authentication subsystem configured to register an email address of a user, an email signature registration subsystem configured to register a signature generated by the user for information on a to-be-sent email, and an email signature query subsystem configured for an email receiving user to query whether the email is registered after the email receiving user receives the email, to determine whether the email is an illegal phishing email.

Abstract: In various embodiments, a computer-implemented method for generating and verifying officially verifiable electronic representations may be disclosed.

Abstract: A communication system includes multiple nodes connected with each other. Each of the multiple nodes generates a message authentication code using a count value of a counter. The multiple nodes include a transmission node and a reception node. The count value of the counter is includes a high-order count value and a low-order count value. In the transmission node, a normal message generation portion generates a normal message to include a transmission data, the low-order count value, and the message authentication code, and a synchronization message generation portion generates a synchronization message. In the reception node, a message verification portion verifies the received normal message, a resynchronization request portion transmits a resynchronization request of the counter to the transmission node, and a count value update portion updates the high-order count value stored in the reception count value storage portion when the synchronization message is received.

Abstract: Method and apparatus for a system to harden digital consents. The system uses an evaluation of geographic locations, transaction times, and device identities to control the upload of consent data. Evaluations occur using numerous techniques including MAC address evaluation, IP address evaluation, meta-data evaluation, and physical location of restricted equipment such as ATMs and kiosks. Reliability of consent data entered into the system may be enhanced by strictly evaluating geographic locations, transaction times, and/or device identities.

Abstract: A controller of an information handling system (IHS) performs a method to detect tampering with functional components of IHS. Following a last authorized configuration change of locally-available information handling resources, a unique code is generated and stored with a time-stamped system log entry in a system memory. Prior to transit, a system management audit (SMA) log snapshot is generated and provided to an audit device for separately conveying to a recipient of the IHS. In response to powering up at least the controller of the IHS after transit, a current SMA log snapshot is obtained that includes a current SMA log entry and a current unique code. Access by an audit device is provided to the current SMA log snapshot to enable comparison to the SMA log snapshot created prior to transit for identifying whether there has been tampering with the IHS.

Abstract: A method and apparatus are provided for secure communication. The method includes binding an isolated environment, of a device, to a secure component. The secure component includes a secure application and data. The method also includes utilizing the isolated environment as an intermediary for communication of the data between the secure application and the device.

Abstract: Provided are a communication destination determination device and the like in which a communication destination that is highly likely to pose a threat can be detected. A communication destination determination device 101 is provided with: a signal transmission unit 102 which transmits, when a first signal transmitted from a communication destination 104 is received via a communication network, a second signal in response to the first signal to the communication destination 104; and a communication destination determination unit 103 which classifies whether the communication destination 104 is highly likely to pose a threat or not, on the basis of whether or not a third signal transmitted from the communication destination 104 is received within a certain time period from the timing of transmission of the second signal.

Abstract: Method and apparatus for a system to harden digital consents. The system uses an evaluation of geographic locations, transaction times, and device identities to control the upload of consent data. Evaluations occur using numerous techniques including MAC address evaluation, IP address evaluation, meta-data evaluation, and physical location of restricted equipment such as ATMs and kiosks. Reliability of consent data entered into the system may be enhanced by strictly evaluating geographic locations, transaction times, and/or device identities.

Abstract: An example method for performing a secure probabilistic analytic includes acquiring, by a client, an analytic, at least one analytic parameter associated with the analytic, and an encryption scheme. The encryption scheme can include a public key for encryption and a private key for decryption. The method further includes generating, using the encryption scheme, at least one analytical vector based on the analytic and analytic parameter, and sending the analytical vector and the encryption scheme to at least one server. The method includes generating, by the server based on the encryption scheme, a set of terms from a data set, evaluating the analytical vector over the set of terms to obtain an encrypted result; estimating, by the server, a probabilistic error of the encrypted result; and sending, by the server, the encrypted result and the probabilistic error to the client where the encrypted result is decrypted.

Abstract: A portable terminal device (1) sets a security level for each application in accordance with position, and stores the level in a memory (102). The security level determines whether each application is displayed or made executable on a display portion (114a) in locked state and unlocked state. A control unit (101) refers to the security level and determines the application displayed on the display portion (114a) in accordance with position information acquired by a position information acquisition unit (GPS reception unit) (104), and makes executable the application selected by the user. Thus, the portable terminal device (1) offers user-friendliness while ensuring security strength.

Abstract: The present disclosure provides a security system comprising: a WAS plug-in agent installed on a web application server (WAS) or a WEB plug-in agent installed on a web server (WEB), wherein the WAS plug-in agent or WEB plug-in agent is configured to collect transaction information; and a management server configured to: receive the transaction information from the WAS plug-in agent or WEB plug-in agent; determine whether the transaction information is normal or abnormal; generate detection information based on the determination; and upon determination that the transaction information is abnormal, transmit, to the WAS plug-in agent or the WEB plug-in agent, a blocking instruction to block a transaction corresponding to the abnormal transaction information. According to the present disclosure, the analysis of decrypted transaction information may allow detecting SSL/TLS based encrypted attacks and coping with web hacking attacks at session level after normal login.

Abstract: An Active Intelligence method and system are provided for detecting malicious servers using an automated machine-learning active intelligence manager. The Active Intelligence method and system automatically and covertly extract forensic data and intelligence related to a selected server in real time to determine whether the server is part of a cybercrime infrastructure. An automated machine-learning active intelligence manager is provided that collects or gathers one or more types of forensic intelligence related to the operation of the server under investigation. The active intelligence manager combines the collected one or more types of forensic intelligence, extracts features from the combined forensic intelligence, and classifies the server as malicious or benign based on the extracted features.

Abstract: A computer-implemented method, non-transitory, computer-readable medium, and computer-implemented system are provided for data transmission in a trusted execution environment (TEE) system. The method can be executed by a thread on a TEE side of the TEE system. The method includes obtaining first data; calling a predetermined function using the first data as an input parameter to switch to a non-TEE side; obtaining a write offset address by reading a first address; obtaining a read offset address by reading a second address; determining whether a quantity of bytes of the first data is less than or equal to a quantity of writable bytes; if so, writing the first data into third addresses starting from the write offset address; updating the write offset address in the first address; and returning to the TEE side.

Abstract: Data verification in federate learning is faster and simpler. As artificial intelligence grows in usage, data verification is needed to prove custody and/or control. Electronic data representing an original version of training data may be hashed to generate one or more digital signatures. The digital signatures may then be incorporated into one or more blockchains for historical documentation. Any auditor may then quickly verify and/or reproduce the training data using the digital signatures. For example, a current version of the training data may be hashed and compared to the digital signatures generated from the current version of the training data. If the digital signatures match, then the training data has not changed since its creation. However, if the digital signatures do not match, then the training data has changed since its creation. The auditor may thus flag the training data for additional investigation and scrutiny.

Abstract: Systems, methods, and computer program products for credential management. An application deployment system receives a deployment manifest for deploying an application in a cloud computing environment. A deployment director of the application deployment system determines a resource to be used by the application. The deployment director determines, from the deployment manifest, an identifier, e.g., a name, of credentials for accessing the resource. The deployment director requests the credentials from a credential manager of the application deployment system. Upon receiving the credentials, the deployment director modifies the deployment manifest by replacing the identifier with the received credentials. The application deployment system deploys the application using the modified deployment manifest and then deletes the modified deployment manifest.