Abstract: Aspects described herein may utilize self-federation in a plugin-based authentication system to support combinations of authentication processes. The authentication system may include a plugin that executes an authentication process that is a combination of two or more other authentication processes. This plugin may handle the combined authentication process by self-federating back to the authentication interface, generating its own authentication requests under each of the subsidiary authentication processes. Thus, the self-federating plugin corresponding to the combined authentication process may allow the authentication system to support authentication requests that indicate the combined authentication process. This “chained” authentication process, accomplished through self-federation, may allow the authentication system to reuse existing code paths and avoid downsides associated with duplication of code.

Abstract: The apparatus receives a first PDU and a first CRC that is based on the first PDU. The first PDU is encrypted based on a first nonce. The apparatus decrypts the first PDU to obtain a first payload and a first cipher stream. The apparatus soft combines the decrypted first payload with a decrypted set of payloads. The set of payloads have been encrypted based on at least one nonce different than the first nonce. The apparatus generates a second CRC based on the soft combined decrypted payloads and based on the first cipher stream. The apparatus determines whether the generated second CRC for the soft combined decrypted payloads passes a CRC check against the first CRC.

Abstract: Live and legitimate user traffic is used with in depth knowledge of the business logic for an API specification to perform security testing on a set of APIs. The present system intercepts and analyzes application program interface (API) traffic, identifies user session data, and identifies traffic suitable to duplicate. The identified traffic is duplicated and modified by addition of malicious code. The modified code is then sent to its intended API destination, where it is processed as normal. The resulting response and other traffic as well as the API system and optionally other systems, such as datastore systems, are analyzed to determine if the malicious code resulted in a valid attack. Results from the modified code attack attempts are reported to a user.

Abstract: Methods, systems, and devices for access management are described. A software platform may identify devices of a botnet based on a cluster score associated with a device characteristic. For example, the software platform may receive a request from a device to access an application. The software platform may determine a cluster score for the characteristic of the device. The cluster score may be based on a link between the device and a list of devices (e.g., devices of a botnet). If the cluster score satisfies (e.g., exceeds) a cluster score threshold, the software platform may deny the access request. In some examples, the cluster score may be determined using machine learning techniques. Based on determining the cluster score, the software platform may efficiently identify devices of the botnet and prevent brute force attacks, which may improve reliability of access for users of the application.

Abstract: A method for generating a query filter list includes obtaining set of training queries, each training query comprising a predicate and one or more accessed columns returned from evaluating the predicate, and transforming the set of training queries into a structure. The structure relates, for an accessed column and a training query, the predicate and a correlation value to the accessed column. The method further includes normalizing the structure into a normalized structure. The normalized structure grouping entries in the structure according to accessed column. The method further includes generating a generalized query from the normalized structure, and adding the generalized query to the query filter list.

Abstract: An apparatus to facilitate protecting data transfer between a secure application and networked devices is disclosed. The apparatus includes a processor to provide a trusted execution environment (TEE) to run an application, wherein the processor is to: generate, via the application in the TEE, encrypted data, wherein the encrypted data comprises a payload; copy, via the application in the TEE, the encrypted data to a local buffer; interface, using the application in the TEE, with a source network interface controller (NIC) to initiate a copy over a network of the encrypted data from the local buffer to a remote buffer of a remote platform; and communicate, after completing the copy of the network of the encrypted data, at least one message with the remote platform to indicate that the encrypted data is available and to enable the remote platform to verify integrity of the encrypted data.

Abstract: A method and apparatus for inputting verification information, and a storage medium. The method is performed by a first terminal, and includes: sending, in response to a verification information request operation triggered by a user, a verification information request message to a verification server, where the verification information request message includes user communication identifier information, such that the verification server may generate verification information according to the verification information request message, and send the verification information to a second terminal corresponding to the user communication identifier information; receiving the verification information synchronized with the second terminal; and inputting the verification information into a displayed verification information input page.

Abstract: A method includes receiving, by a computing device, a message from a host device. In response to receiving the message, the computing device generates an identifier, a certificate, and a key. The identifier is associated with an identity of the computing device, and the certificate is generated using the message. The computing device sends the identifier, the certificate, and the key to the host device. The host device verifies the identity of the computing device using the identifier, the certificate, and the key.

Abstract: A processor, a system, a machine readable medium, and a method.

Abstract: Conventional email filtering services are not suitable for recognizing sophisticated malicious emails, and therefore may allow sophisticated malicious emails to reach inboxes by mistake. Introduced here are threat detection platforms designed to take an integrative approach to detecting security threats. For example, after receiving input indicative of an approval from an individual to access past email received by employees of an enterprise, a threat detection platform can download past emails to build a machine learning (ML) model that understands the norms of communication with internal contacts (e.g., other employees) and/or external contacts (e.g., vendors). By applying the ML model to incoming email, the threat detection platform can identify security threats in real time in a targeted manner.

Abstract: A system and a method are disclosed for verifying a suspicious electronic communication. To this end, a secure communications service may detect an electronic communication comprising an identifier of a purported originator of the electronic communication and an identifier of an intended recipient, and determine that an attribute of the electronic communication corresponds to a suspicious attribute. Responsively, the service may intercept the electronic communication and storing the electronic communication in purgatory memory, so as to prevent the electronic communication from being populated in a private repository of the intended recipient, transmit a verification message, and receive a reply to the verification message that verifies the authenticity of the electronic communication.

Abstract: Disclosed is a physical unclonable function generator circuit and method. In one embodiment, a physical unclonable function (PUF) generator comprising: a plurality of PUF cells, wherein each of the plurality of PUF cells comprises a first MOS transistor and a second MOS transistor, wherein terminal S of the first MOS transistor is connected to terminal D of the second MOS transistor at a dynamic node, terminal D of the first MOS transistor is coupled to a first bus and terminal G of the first NMOS transistor is coupled to a second bus, and terminals S and G of the second NMOS transistor are coupled to ground; a plurality of dynamic flip-flop (DFF) circuits wherein each of the plurality of DFF circuits is coupled to each of the plurality of PUF cells respectively; a population count circuit coupled to the plurality of DFF circuits; and an evaluation logic circuit having an input coupled to the population count circuit and an output coupled to the plurality of DFF circuits.

Abstract: Embodiments of content management systems that utilize encryption are disclosed. An object management module of a content management system is adapted to encrypt an object using a data key that is generated based on the content. The data key is encrypted using a tenant key associated with a tenant of the system. The encrypted object is stored in an object store, and a storage record for the stored encrypted object is stored in a data store, along with the encrypted data key and a tenant key identifier.

Abstract: Shared content privilege modification is provided. An electronic message is identified containing an address for accessing shared content, where the message is for communication to a set of recipients. Existing privileges are determined for the shared content for each recipient in the set of recipients. A requested action regarding the shared content is determined by analyzing the communication using natural language processing. Privileges for the shared content are modified for at least one recipient based on the existing privileges for the at least one recipient being insufficient to perform the requested action.

Abstract: A user log information output system includes a first user device configured to generate first user information by encrypting a unique identification (ID) of a first user according to a scheduled time; a first user server configured to generate first server information including a server group code of a hierarchical server group; a second user device configured to receive real-time token information through communication with the first user device, the real-time token information being generated based on the first user information and the first server information; and a second user server configured to generate proximity log information regarding the first user by reading the first user information and the first server information of the real-time token information received from the real-time token information from the second user device.

Abstract: An apparatus to facilitate protecting data transfer between a secure application and networked devices is disclosed. The apparatus includes a processor to provide a trusted execution environment (TEE) to run an application, wherein the processor is to utilize the application in the TEE to: generate encrypted data of the application; copy the encrypted data to a local shared buffer; interface with a source network interface controller (NIC) to initiate a copy over a network of the encrypted data from the local shared buffer to a remote buffer of a remote platform, wherein the source NIC operates outside of a trust boundary of the TEE; and communicate at least one message with the remote platform to indicate that the encrypted data is available and to enable the remote platform to verify integrity of the encrypted data, wherein the one least one message comprises an authentication tag.

Abstract: In an approach to obfuscation of sensitive information through non-visual feedback, responsive to receiving a signal from a user to start a session requiring input of sensitive data, one or more dummy character positions are determined, where the one or more dummy character positions represent characters that are not part of the sensitive data. Responsive to a current character position is any dummy character position of the one or more dummy character positions, the user is signaled that a next input character will be ignored, where the user is signaled using non-visual feedback. Responsive to receiving the next input character from the user, where the current character position is any dummy character position of the one or more dummy character positions, the next input character is ignored.

Abstract: Disclosed is technology that verifies, in pairwise manner, proof of ownership-association of decentralized online resources owned by or affiliated with a single entity by visiting a first resource using a first location identifier, ingesting a first scannable image that contains a first plurality of assertions of ownership of online resources by a single entity and extracting a first public key of the first resource. The technology also visits a second resource using a second location identifier, ingests a second scannable image that contains a second plurality of assertions and extracts a second public key of the second resource. Then, the technology verifies, using the first public key, a signature from the first complementary assertion, verifies, using the second public key, a signature from the second complementary assertion, and determines, based on the pair of verifications, whether the first and second resources are owned by a single entity.

Abstract: A system and method for media content management include creating, via a digital vault, a container file comprising media content submitted by a first user and content metadata; verifying, via the digital vault, a completeness of the content metadata associated with the media content in the container file; classifying, via the digital vault, the container file based on the completeness of the media content; capturing, via the digital vault, event metadata when a second user gains access to the container file, the event metadata comprising at least one of identification of the second user, an activation timestamp, a duration of access, portions of the container file accessed, and changes to the container file; and enabling a private communication channel between parties affiliated with the media content to permit messaging among the parties affiliated with the media content via the private communication channel.

Abstract: The disclosure relates to a 5G or 6G communication system for supporting higher data transmission rates than 4G communication systems such as LTE systems. According to an embodiment, a method for operating a user equipment (UE) for a mutual authentication operation in an access stratum (AS) section comprises transmitting a first message including a first random value to a base station, receiving, from the base station, a second message including a second random value and a base station certificate for the base station, in response to the first message, and identifying information included in the base station certificate and verifying validity of the base station certificate, when the base station certificate is valid according to a result of the verification of the base station certificate.