Abstract: Quantum key distribution network security survivability can be provided by receiving, at a software defined networking controller operating in a control layer of a network, a recommendation from a global analytics service operating in an application layer of the network, the recommendation for replacing a failed communication link in a quantum key distribution layer of the network, the failed communication link being detected by a quantum edge computing device operating in the quantum key distribution layer. The software defined networking controller can generate a command to cause a quantum key distribution resource to perform an action to mitigate impact from the failed communication link. The command can be sent to the quantum key distribution resource and the quantum key distribution resource can perform the action to mitigate the impact from the failed communication link.

Abstract: The concepts and technologies disclosed herein are directed to quantum security enhancement for IPsec protocol. According to one aspect disclosed herein, a quantum resource manager (“Q-RM”) can find a recommended quantum routing path for routing data from a first data center to a second data center via a pair of entangled quantum particles. The Q-RM can instruct a first quantum node (“QN”) associated with the first data center and a second QN associated with the second data center to establish a quantum channel that facilitates the recommended quantum routing path. The Q-RM can prepare an IPsec encrypted tunnel to carry a qubit associated with the pair of entangled quantum particles from the first data center to the second data center. The Q-RM can find the recommended quantum routing path responsive to an issue detected with the IPsec encrypted tunnel previously established between the first data center and the second data center.

Abstract: The concepts and technologies disclosed herein are directed to quantum key distribution (“QKD”) networking as a service. According to one aspect disclosed herein, a microservices controller can establish a plurality of quantum connections with a plurality of virtual quantum connection managers (“vQCMs”) deployed in association with a set of quantum user nodes (“QUNs”) in a QKD network. The microservices controller can receive a request to initialize the QKD network. The microservices controller can coordinate with the plurality of vQCMs to handle initialization of the QKD network. The microservices controller can receive a QKD service request from a QKD network operator. The microservices controller can invoke a plurality of microservices to handle the QKD service request.

Abstract: The concepts and technologies disclosed herein are directed to quantum tampering threat management. According to one aspect of the concepts and technologies disclosed herein, a quantum security manager (“Q-SM”) can monitor a plurality of quantum channels for tampering. The Q-SM can detect tampering on a quantum channel of the plurality of quantum channels. The Q-SM can provide tampering monitoring statistics to a software-defined network (“SDN”) that, in turn, notifies a quantum security operations center (“Q-SOC”) about the tampering on the quantum channel. The Q-SM can receive threat mitigation instructions from the Q-SOC. The threat mitigation instructions can instruct the Q-SM how to counter the tampering on the quantum channel. The Q-SM can perform one or more actions in accordance with the threat mitigation instructions to counter the tampering on the quantum channel.

Abstract: Aspects of the subject disclosure may include, for example, a method in which a processing system actuates a control processor connected to a network, and configures the control processor to receive signals from equipment of a service provider, so that the control processor is enabled to control remote devices. The processing system selects a device, configures the selected device for control by the control processor, and selects a streaming service to be associated with the selected device. The streaming service delivers audiovisual content in a first stream and provides, via an application programming interface of the streaming service, a control command to the control processor in a second stream. The control processor translates the control command to a device command and transmits the device command to control the selected device. Other embodiments are disclosed.

Abstract: Concepts and technologies disclosed herein are directed to single packet authorization (“SPA”) in a cloud computing environment. A compute node can include a virtual switch operating on at least a portion of a plurality of hardware resources of a cloud computing environment, a virtual firewall, a cloud workload executing a cloud service, and a SPA service. The virtual switch can receive a SPA request from a SPA client executing on a computing device. The virtual switch can forward the SPA request to the virtual firewall and to the SPA service. The virtual firewall can deny the SPA request in accordance with a firewall policy. The SPA service can utilize a SPA validation scheme to validate the SPA request. The virtual firewall can implement a temporary firewall policy to allow incoming packets from the SPA client and directed to the cloud service.

Abstract: Quantum key distribution network security survivability can be provided by receiving, at a software defined networking controller operating in a control layer of a network, a recommendation from a global analytics service operating in an application layer of the network, the recommendation for replacing a failed communication link in a quantum key distribution layer of the network, the failed communication link being detected by a quantum edge computing device operating in the quantum key distribution layer. The software defined networking controller can generate a command to cause a quantum key distribution resource to perform an action to mitigate impact from the failed communication link. The command can be sent to the quantum key distribution resource and the quantum key distribution resource can perform the action to mitigate the impact from the failed communication link.

Abstract: Aspects of the subject disclosure may include, for example, a method in which a processing system actuates a control processor connected to a network, and configures the control processor to receive signals from equipment of a service provider, so that the control processor is enabled to control remote devices. The processing system selects a device, configures the selected device for control by the control processor, and selects a streaming service to be associated with the selected device. The streaming service delivers audiovisual content in a first stream and provides, via an application programming interface of the streaming service, a control command to the control processor in a second stream. The control processor translates the control command to a device command and transmits the device command to control the selected device. Other embodiments are disclosed.

Abstract: Aspects of the subject disclosure may include, for example, a method in which a processing system actuates a control processor connected to a network, and configures the control processor to receive signals from equipment of a service provider, so that the control processor is enabled to control remote devices. The processing system selects a device, configures the selected device for control by the control processor, and selects a streaming service to be associated with the selected device. The streaming service delivers audiovisual content in a first stream and provides, via an application programming interface of the streaming service, a control command to the control processor in a second stream. The control processor translates the control command to a device command and transmits the device command to control the selected device. Other embodiments are disclosed.

Abstract: Concepts and technologies are disclosed herein for tag-based security policy creation in a distributed computing environment. A security management module can receive an inventory event that relates to instantiation of a service. The security management module can identify the service that was instantiated and obtain a tag set that relates to the service. The tag set can include security tags that include a string that identifies a communications link associated with the entities included in the service that was instantiated. The security management module can identify policy rules associated with the security tags. The policy rules can define security for the service that was instantiated. The security management module can compute a security policy for the service and can provide the security policy to the computing environment for implementation.

Abstract: Concepts and technologies are disclosed herein for a virtualization platform for creating, deploying, modifying, and relocating applications. A computing platform can receive a software package including software code from a requestor. The software code can be analyzed to identify functions performed by an application that corresponds to the software code. First and second functions can be virtualized and containerized, and a computing environment that is to host an application including the containers can be identified. Deployment of the application can be triggered.

Abstract: Mock test data is generated by providing a random input to a generator model. The random input is transformed into generated data that is then provided to a discriminator model along with production data. The discriminator model classifies the generated data and the production data as either fake or real. The discriminator model is trained by updating weights through backpropagation. Similarly, the generator model is trained to provide adjusted generated data. When the discriminator model is unable to distinguish between the classified real data and the adjusted generated data, the generator model is used to generate mock data for an application being tested.

Abstract: Concepts and technologies are disclosed herein for using deep learning models to obfuscate and optimize communications. A request can be received in a first language, from a user device, and at a first computing device storing a first neural network. The request can be translated using the first neural network into a modified request in a custom language. The modified request can be sent to a second computing device hosting an application. The first computing device can receive a modified response that is in the custom language, where the modified response can be created at the second computing device using the second neural network and based on a response from the application. The modified response can be translated into a response in the first language and sent to the user device.

Abstract: A server can receive data about attributes of user devices that includes sensors for capturing information about environments in which the user devices are located. The server can determine various risk profiles using the attributes. The risk profiles can indicate likelihoods of content on the user devices being viewed by persons other than users of the user device. The server can also transmit data indicating a risk profile of the various risk profiles to a user device. The user device can use the risk profile received from the server to identify confidential content displayed on the user device and protect the confidential content.

Abstract: The concepts and technologies disclosed herein are directed to a website verification service. A system can receive, from a web server that hosts a website, a query for a set of authentication credentials (“credentials”) to be used to verify that the website is trustworthy. The system can generate and provide the credentials to the web server. The web server can, in turn, provide the credentials to a web browser device for presentation to a user via a web browser application executing on the web browser device. The system also can provide the credentials to a verifier device. The verifier device can present the credentials to the user via a verifier application executing on the verifier device. The user can compare the credentials presented via the web browser application to the credentials presented via the verifier application executing on the verifier device to determine whether the website can be trusted.

Abstract: Concepts and technologies are disclosed herein for providing a transaction validation service. A device can receive a request to validate a transaction requested by a user device, where the transaction can be performed by an application and where the request to validate the transaction can be obtained with a first hash that is created by the user device. The first hash can include a hash of transaction data that is hashed using data stored on the user device. The device can receive an indication that the transaction has been approved, obtain a second hash of the transaction data that is hashed using the data stored on the user device, and determine, based on the first hash and the second hash, whether the transaction should be allowed or blocked.

Abstract: Concepts and technologies are disclosed herein for a virtualization platform for creating, deploying, modifying, and relocating applications. A computing platform can receive a software package including software code from a requestor. The software code can be analyzed to identify functions performed by an application that corresponds to the software code. First and second functions can be virtualized and containerized, and a computing environment that is to host an application including the containers can be identified. Deployment of the application can be triggered.

Abstract: A computer system and method provides cloud-based network security software as a service in a distributed computing environment. A computer system executing on a portion of hardware computing resources associated with the distributed computing environment receives a security service request from a customer platform device external to the distributed computing environment, the request identifying a customer platform asset within the distributed computing environment and instructing that a security service selected by the customer platform device be provided to the identified customer platform asset. In response to receiving the security service request, a network security software component associated with the selected security service on one or more virtual machines within the distributed computing environment is executed to provide the selected security service to the identified customer platform asset.

Abstract: Concepts and technologies are disclosed herein for tag-based security policy creation in a distributed computing environment. A security management module can receive an inventory event that relates to instantiation of a service. The security management module can identify the service that was instantiated and obtain a tag set that relates to the service. The tag set can include security tags that include a string that identifies a communications link associated with the entities included in the service that was instantiated. The security management module can identify policy rules associated with the security tags. The policy rules can define security for the service that was instantiated. The security management module can compute a security policy for the service and can provide the security policy to the computing environment for implementation.

Abstract: A server can receive data about attributes of user devices that includes sensors for capturing information about environments in which the user devices are located. The server can determine various risk profiles using the attributes. The risk profiles can indicate likelihoods of content on the user devices being viewed by persons other than users of the user device. The server can also transmit data indicating a risk profile of the various risk profiles to a user device. The user device can use the risk profile received from the server to identify confidential content displayed on the user device and protect the confidential content.