Abstract: A processor-implemented method provides a calculated identity confidence score for an identity. The processor(s) in each of a plurality of decentralized identity providers calculate an identity confidence score of an entity. The processor(s) store the calculated identity confidence score in a blockchain. The processor(s) retrieve the calculated identity confidence score from the blockchain. The processor(s) provide the calculated identity confidence score to a requestor, which is a computer-based system that performs an action based on the provided calculated identity score.

Abstract: A method controls an operational mode of a self-driving vehicle (SDV). One or more physical detectors detect an erratically driven vehicle (EDV) that is being operated in an unsafe manner within a predetermined distance of an SDV that is initially being operated in an evasive autonomous mode. One or more processors retrieve traffic pattern data for other SDVs, and examine the traffic pattern data to 1) determine a first traffic flow of the other SDVs while operating in the evasive autonomous mode, and 2) determine a second traffic flow of the other SDVs while operating in a manual mode. In response to determining that the first traffic flow has a higher accident rate than the second traffic flow, an operational mode device changes the operational mode of the SDV from the evasive autonomous mode to the manual mode.

Abstract: Smart speaker system mechanisms, associated with a smart speaker device comprising an audio capture device, are provided for processing audio sample data captured by the audio capture device. The mechanisms receive, from the audio capture device of the smart speaker device, an audio sample captured from a monitored environment. The mechanisms classify a sound in the audio sample data as a type of sound based on performing a joint analysis of a plurality of different characteristics of the sound and matching results of the joint analysis to criteria specified in a plurality of sound models. The mechanisms determine, based on the classification of the sound, whether a responsive action is to be performed based on the classification of the sound. In response to determining that a responsive action is to be performed, the mechanisms initiate performance of the responsive action by the smart speaker system.

Abstract: Smart speaker mechanisms are provided for processing audio sample data captured by the audio capture device is provided. The mechanisms capture one or more audio samples from a monitored environment and store the captured one or more audio samples in the audio sample buffer. The one or more captured audio samples are analyzed to determine whether the one or more captured audio samples represent a potential wake sound for initiating a responsive action by the smart speaker device. The potential wake sound is a variable sound determined to not be a normal ambient sound of the monitored environment. In response to determining that the one or more captured audio samples represent a potential wake sound for initiating a responsive action by the smart speaker device, the mechanisms initiate performance of the responsive action by the smart speaker device.

Abstract: A computer-implemented method includes detecting, by one or more sensors of a robot, one or more characteristics of a current point on a surface on which the robot travels. A feature vector is constructed to describe the current point on the surface on which the robot travels, based on the one or more characteristics. The feature vector is mapped to a confidence level that a hazard exists at the current point on the surface. It is determined that the confidence level meets a threshold confidence. An alert is issued in association with the current point on the surface, based on the confidence level meeting the threshold confidence.

Abstract: A method, system, and/or computer program product modify a computer resource that has been moved to a new geolocation. One or more processors detect that a geolocation of a software resource has changed to a new geolocation. In response to detecting that the geolocation of the software resource has changed to the new geolocation, the processor(s) apply a geolocation based resource policy to alter the software resource.

Abstract: A processor-implemented method alters a computer resource based on its new geolocation. One or more processors receive a message that a computer resource has moved from a first geolocation to a new geolocation. The processor(s) receive an identifier of the new geolocation for the computer resource. In response to receiving the identifier of the new geolocation for the computer resource, the processor(s) request and receive encrypted data from the new geolocation. The processor(s) apply decryption information to the encrypted data from the new geolocation, where the decryption information is specifically for decrypting encrypted data from the new geolocation. In response to the decryption information failing to decrypt the encrypted data from the new geolocation, the processor(s) determine that the identifier of the new geolocation is false and apply a geolocation based resource policy to alter the computer resource at the new geolocation.

Abstract: Generating an attack graph to protect sensitive data objects from attack is provided. The attack graph that includes nodes representing components in a set of components of a regulated service and edges between nodes representing relationships between related components in the set of components is generated based on vulnerability and risk metrics corresponding to each component. A risk score is calculated for each component represented by a node in the attack graph based on sensitivity rank and criticality rank corresponding to each respective component. Risk scores are aggregated for each component along each edge path connecting a node of a particular component to a node of a related component. In response to determining that an aggregated risk score of a component is greater than or equal to a risk threshold, an action is performed to mitigate a risk to sensitive data corresponding to the component posed by an attack.

Abstract: A secure chain of data blocks is maintained at a given computing node. The given computing node is part of a set of computing nodes in a distributed network of computing nodes wherein each of the set of computing nodes maintains the secure chain of data blocks. The secure chain of data blocks maintained at each computing node comprises one or more data blocks that represent one or more accident related transactions associated with a vehicle. In response to a risk assessment operation, one or more data blocks are added to the secure chain of data blocks maintained at the given computing node.

Abstract: Providing admission control for a request may comprise creating a process flow associated with the request, the process flow identifying a plurality of computer-implemented components and a flow of transactions occurring between the computer-implemented components; executing the flow of transactions on the plurality of computer-implemented components; monitoring the flow of transactions to detect a problem in the flow; responsive to not detecting a problem in the flow, allowing the request to proceed; and responsive to detecting a problem in the flow, not allowing the request to proceed.

Abstract: Log(s) of IT events are accessed in a distributed system that includes a distributed application. The distributed system includes multiple data objects. The distributed application uses, processes, or otherwise accesses one or more of data objects. The IT events concern the distributed application and concern accesses by the distributed application to the data object(s). The IT events are correlated with a selected set of the data objects. Risks are estimated to the selected set of data objects based on the information technology events. Estimating risks uses at least ranks of compliance rules as these rules apply to the data objects in the system, and vulnerability scores of systems corresponding to the set of data objects and information technology events. Information is output that allows a user to determine the estimated risks for the selected set of data objects. Techniques for determining ranks of compliance rules are also disclosed.

Abstract: A method alters a computer resource while in a particular geolocation. One or more processors detect that a geolocation of a computer resource has changed from an initial geolocation to a new geolocation, where the computer resource is a virtual machine (VM). In response to detecting that the geolocation of the VM has changed from the initial geolocation to the new geolocation, the processor(s) reduce a functionality of the VM by reducing a quantity of processors and storage space available to the VM at the new geolocation as compared to the initial geolocation.

Abstract: A computer-implemented method protects stack memory by moving contents of stack memory to an accumulation general purpose register. One or more processors identify an authorized function and a malicious function in a computer program, in which the malicious function is able to execute a call that provides the malicious function with access to stack memory that is used by the authorized function. The processor(s) move data from the stack memory to a protected kernel register before the call is executed, and store results of execution of the authorized function in a first register that is accessible only to the authorized function. The processor(s) then clear the stack memory, and move the results of execution of the authorized function from the first register to an accumulation general purpose register that is also accessible only to the authorized function.

Abstract: A photographic monopod includes an extendable shaft, a bracket for fixing a photographic device at a first end of the extendable shaft, and a grip at a second end of the extendable shaft. The grip is opposite to the first end of the extendable shaft. The photo graphic monopod further includes a shutter control switch for controlling a shutter of the photographic device, and a shaft extension sensor for sensing a degree to which the extendable shaft is extended. The photographic monopod additionally includes a logic circuit for receiving the degree to which the extendable shaft is extended from the shaft extension sensor and disabling a connection between the shutter control switch and the photographic device when the degree to which the extendable shaft is extended exceeds a threshold.

Abstract: A request is received for personal data associated with a user from an application. One or more policies are established for release of the requested personal data. The requested personal data is provided to the application in encrypted form. One or more decryption keys are then sent to the application in accordance with the established policies, the one or more decryption keys being utilizable for decrypting the encrypted personal data.

Abstract: A computer-implemented method protects stack memory from a malicious function. One or more processors identify a first function and a second function in a computer program, where the first function is an authorized function and the second function is a malicious function. The processor(s) determine that the second function is able to execute a call that provides the second function with access to a stack memory that is used by the first function. The processor(s) move data from the stack memory to a protected kernel register, which is accessible only to the first function, before the call is executed.

Abstract: A computer-implemented method includes obtaining fault information regarding a fault associated with a first drone. The computer-implemented method additionally includes obtaining context parameter data of the first drone. The computer-implemented method additionally includes, responsive to obtaining the fault information and the context parameter data, determining to apply a first test case of a plurality of test cases based on a first risk value determined for the first test case using the context parameter data. The first test case is associated with the fault. The computer-implemented method additionally includes causing the first drone to initiate execution of the first test case.

Abstract: A method sanitizes a virtualized composite service. One or more processors provide a sanitization policy for each image within the virtualized composite service. The processor(s) analyze sanitization policies for multiple images in the virtualized composite service in order to detect inconsistencies among the sanitization policies. The processor(s), in response to finding inconsistencies between the sanitization policies, resolve the inconsistencies to produce a consistent sanitization policy, and then use the consistent sanitization policy to sanitize the virtualized composite service to create a sanitized virtualized composite service. The processor(s) receive a request for the virtualized composite service from a requester, and then respond to the request for the virtualized composite service by returning the sanitized virtualized composite service to the requester.

Abstract: A method, system and/or computer program product alters a computer resource while in a particular geolocation of a cloud computing environment. One or more processors detect that a geolocation of a computer resource has changed to a first geolocation within a cloud computing environment. In response to detecting that the geolocation of the computer resource has changed to the first geolocation within the cloud computing environment, the processor(s) retrieve a set of geolocation based resource policies for the first geolocation. The processor(s) then apply a selected set of one or more geolocation based resource policies from the set of geolocation based resource policies to alter the computer resource while in the first geolocation.

Abstract: A method, system, and non-transitory compute readable medium for a fraud detection include determining, via a risk detection device, a location of a user device at a time of an attempted purchase, determining, via the risk detection device, an intended location of the user from calendar data, and updating, via the risk detection device, a likelihood of fraud based on the intended location of the user and the location of the attempted purchase.