Abstract: A method of utilizing wireless earpieces for hub communications in embodiments of the present invention may have one or more of the following steps: (a) activating the wireless earpieces, (b) connecting one or more devices to the wireless earpieces, (c) performing first biometric measurements of the user utilizing the wireless earpieces, (d) receiving second biometric measurements from the one or more devices, (e) determining if the one or more devices is located on the same user as the wireless earpieces by comparing the second biometric measurements to the first biometric measurements, (f) receiving a communication to be sent through the wireless earpieces from the one or more devices, and (g) sending the communication to reach a receiving party in response to the determination the second biometric measurements are similar to the first biometric measurements.

Abstract: A method of automatic security group generation by a firewall management service. The method may include receiving a security policy definition allowing cloud resource instances labeled by a first tag to communicate to cloud resource instances labeled by a second tag; creating a first security group comprising an inbound firewall rule for the cloud resource instances associated with the first tag, wherein the inbound firewall rule specifies cloud resource instances associated with a second security group as source communication endpoints; creating a second security group comprising an outbound firewall rule for the cloud resources instances associated with the second tag, wherein the outbound firewall rule specifies cloud resource instances associated with the first security group as destination communication endpoints; and causing a firewall service to implement the first security group and the second security group.

Abstract: Systems, methods, and computer-readable media are disclosed for systems and methods for anonymization of user data for privacy across distributed computing systems. Example methods may include determining, by a first computer system, a request for content to present at a user device, wherein the request for content is associated with a user account, determining a first search query associated with the user account, and determining a first keyword associated with the first search query. Some methods may include generating a first hash value for the first keyword, sending the first hash value to a second computer system for identification of first content for presentation at the user device, and causing the second computer system to send the first content to the user device for presentation, wherein the first computer system does not receive the first content.

Abstract: Embodiments described include systems and methods for slogan based sharing of network application objects. The method may include executing a network application on behalf of a client application executed by a first client device. The client application may include an embedded browser. The method may include receiving from the client application a selection of an object of the network application to be shared with a second client device. The method may include selecting a unique sequence of words from a pre-defined list of words, associating the unique sequence of words with the selected object of the network application, transmitting the unique sequence of words to the first client device, and receiving the unique sequence of words from the second client device. The method may include, responsive to receipt of the unique sequence of words from the second client device, accessing the selected object of the network application.

Abstract: This disclosure provides techniques for pooling and searching network security events reported by multiple sources. As information representing a security event is received from one source, it is searched against a central or distributed database representing events reported from multiple, diverse sources (e.g., different client networks). Either the search or correlated results can be filtered and/or routed according at least one characteristic associated with the networks, for example, to limit correlation to events reported by what are presumed to be similarly situated networks. The disclosed techniques facilitate faster identification of high-relevancy security event information, and thereby help facilitate faster threat identification and mitigation. Various techniques can be implemented as standalone software (e.g., for use by a private network) or for a central pooling and/or query service. This disclosure also provides different examples of actions that can be taken in response to search results.

Abstract: A validation record chain that is generated for a particular version of a software package may be used to verify the legitimacy of the particular version. A hash that is generated by a software building platform for a particular version of a software package is received. A validation record chain for the particular version is then generated that includes a plurality of certificates such that a first certificate in the validation record chain contains the hash, and each of one or more subsequent certificates is signed with a corresponding hash signature of a corresponding certifier application and contains a prior hash signature of a previous certificate in the validation record chain. The validation record chain is stored for validation of the particular version of the software package via the plurality of certificates.

Abstract: The disclosed computer-implemented method for identifying privacy leakage information may include (1) identifying, at the computing device, at least one informative word in a digital text and (2) performing a security action that identifies privacy leakage information, where the security action includes (A) determining, for at least one identified informative word, a type of privacy leakage and a respective confidence score indicating a probability the identified informative word causes the type of privacy leakage, (B) determining, using the respective confidence score, a combined confidence score for each respective element within a level of detail to display, and (C) displaying, on a display device, the combined confidence score for each respective element within the level of detail to display. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Embodiments of systems and methods for data access control and account management are described. In an embodiment, a server can apply flags to user accounts identified as requiring the user to perform an action or, in the case of potentially compromised access credentials, to offer the user the opportunity to authenticate and create new credentials. A user account database and an access report database can store access credentials, flags, and other relevant information for use by the server to perform various administrative, authentication, and protective actions on user accounts.

Abstract: Systems and methods may be used to assess network communications by generating one or more thresholds for network traffic parameters based at least in part on a generated baseline for the network traffic parameter in the supervisory control and data acquisition system based on communications within the industrial network. Network communications may be assessed by determining whether the communications in the industrial network fall within the one or more thresholds for the network traffic parameter.

Abstract: A method, system and computer program for implementing fine-grained access control (FGAC) of data stored in a dataset. In response to receiving a data query statement from a user, any representational index exclusions that are relevant to the data query statement are identified, wherein each index exclusion specifies an access restriction to the data. It is then determined whether any of the identified representational index exclusions are to be applied to the data query statement, and if ‘yes’ then the data query statement is modified before being processed, so that processing of the query takes place by searching the dataset under restriction of the representational index exclusions. The proposed approach allows for easy creation and modification of FGAC privacy rules without introducing performance gaps in processing the data query statements.

Abstract: Data processing systems and methods, according to various embodiments, are adapted for automatically assessing the level of security and/or privacy risk associated with doing business with a particular vendor or other entity and for generating training material for such vendors. In various embodiments, the systems may automatically obtain and use any suitable information to assess such risk levels including, for example: (1) any security and/or privacy certifications held by the vendor; (2) the terms of one or more contracts between a particular entity and the vendor; (3) the results of one or more privacy impact assessments for the vendor; and/or (4) any other suitable data. The system may be configured to automatically approve or reject a particular vendor based on the assessed risk level associated with the vendor and this information may be automatically communicated to an entity considering doing business with the vendor and/or the vendor itself.

Abstract: A query is received from a particular endpoint device identifying a particular wireless access point encountered by the particular endpoint device. Pre-existing risk assessment data is identified for the identified particular wireless access point and query result data is sent to the particular endpoint device characterizing pre-assessed risk associated with the particular wireless access point. In some instances, the query result data is generated based on the pre-existing risk assessment data. In some instances, pre-existing risk assessment data can be the result of an earlier risk assessment carried-out at least in part by an endpoint device interfacing with and testing the particular wireless access point.

Abstract: Data processing systems and methods, according to various embodiments, are adapted for automatically assessing the level of security and/or privacy risk associated with doing business with a particular vendor or other entity and for generating training material for such vendors. In various embodiments, the systems may automatically obtain and use any suitable information to assess such risk levels including, for example: (1) any security and/or privacy certifications held by the vendor; (2) the terms of one or more contracts between a particular entity and the vendor; (3) the results of one or more privacy impact assessments for the vendor; and/or (4) any other suitable data. The system may be configured to automatically approve or reject a particular vendor based on the assessed risk level associated with the vendor and this information may be automatically communicated to an entity considering doing business with the vendor and/or the vendor itself.

Abstract: A solution is proposed for controlling access to data that are broadcast over a telecommunication medium. A corresponding method comprises validating by a plurality of validator devices an access request that is submitted by an access device for accessing the data. The validator devices update a blockchain by adding a new block comprising an indication of the access request in response to a positive result of its validation. A provider system transmits cryptographic information for decrypting the data to the access device in response to the new block. A corresponding method for broadcasting data by a provider system and a corresponding method for accessing broadcast data by an access device are proposed. Corresponding computer programs and computer program products for performing the methods are also proposed. Moreover, corresponding structure, provider system and access device are proposed.

Abstract: Data processing systems and methods, according to various embodiments, are adapted for mapping various questions regarding a data breach from a master questionnaire to a plurality of territory-specific data breach disclosure questionnaires. The answers to the questions in the master questionnaire are used to populate the territory-specific data breach disclosure questionnaires and determine whether disclosure is required in territory. The system can automatically notify the appropriate regulatory bodies for each territory where it is determined that data breach disclosure is required.

Abstract: Data processing systems and methods, according to various embodiments, are adapted for automatically assessing the level of security and/or privacy risk associated with doing business with a particular vendor or other entity and for generating training material for such vendors. In various embodiments, the systems may automatically obtain and use any suitable information to assess such risk levels including, for example: (1) any security and/or privacy certifications held by the vendor; (2) the terms of one or more contracts between a particular entity and the vendor; (3) the results of one or more privacy impact assessments for the vendor; and/or (4) any other suitable data. The system may be configured to automatically approve or reject a particular vendor based on the assessed risk level associated with the vendor and this information may be automatically communicated to an entity considering doing business with the vendor and/or the vendor itself.

Abstract: Embodiments of the present invention adapt interconnect systems to apply automated rules and analytics to the Authentication, Authorization, and Accounting (“AAA”) messages between providers that are handled by the interconnect system. The automated rules and analytics interpret or convert the administrative messages into a measure of technical performance of the visited network in relation to a corresponding home network provider. As part of this process, the system establishes a procedure that matches messages involving a device to be related and produces a data structure and corresponding data that is stored and reflects the performance or other salient data points. The structure of the data is set of extracted and calculated data that is derived from the messages and is assembled to reflect operation at the level of each administrative messaging session, involving a request to the home network provider to join a visited network.

Abstract: Methods and systems for scanning an endpoint terminal across an open computer network are disclosed. An exemplary method includes providing a scanner engine in a computer server in communication with an open computer network, and establishing a secure connection across the open computer network between the scanner engine and a scanner agent installed on the endpoint terminal in communication with the open computer network. Commands for collecting data regarding the endpoint terminal are sent from the scanner engine across the secure connection to the scanner agent. The scanner engine then receives the collected data from the scanner agent across the secure connection, analyzes the data to assess a current posture of the endpoint terminal, and determines any updates for the endpoint terminal from the analysis. Updates are sent across the secure connection to the scanner agent for installation on the endpoint terminal, and the secure connection may then be terminated.

Abstract: The present disclosure relates to a method and system for securely transferring master keying material between a master dongle (10) and a slave dongle (12). Each dongle (10,12) is connected to a data transfer system. The slave dongle (12) contains a public key and a private key and the master dongle (10) contains master keying material that is to be transferred securely to the slave dongle (12). The data transfer system reads the slave dongle's public key and sends it to the master dongle (10). The master dongle (10) encrypts the master keying material with the slave dongle's public key to produce an encrypted master keying material. The encrypted master keying material is sent via the data transfer system to the slave dongle (12) and the slave dongle (12) decrypts the encrypted master keying material with the slave dongle's private key.

Abstract: Various embodiments of the present application are directed towards systems and methods for hybrid blockchain control. According to some embodiments a method for hybrid blockchain control, an update to a distributed blockchain is received from a blockchain system. The blockchain system includes multiple nodes individually storing copies of the distributed blockchain and individually updating the copies by a consensus process. A determination is made as to whether the distributed blockchain has been fraudulently modified based on the received update. In response to determining the distributed blockchain has been fraudulently modified: 1) a corrective block is disseminated to the blockchain system to trigger the consensus process on the nodes; and 2) a predefined override in the consensus process is invoked to update the copies of the distributed blockchain in a manner that bypasses an illegitimate block. Further, the predefined override is invoked while the consensus process processes the corrective block.