Abstract: Disclosed are various embodiments for distributing and verifying ephemeral security credentials of variable entropy across channels of communication of variable levels of security assurance. In one embodiment, a security credential is generated for a user account. A subset of a set of communication channels associated with the user account is determined based at least in part on respective measures of entropy and/or security assurance corresponding to individual ones of the set of communication channels. The security credential is divided into multiple portions. A corresponding portion of the portions is sent across individual channels of subset of channels. A client computing device is authenticated for access to the user account based at least in part on receiving the portions of the security credential.

Abstract: An apparatus for slicing food product to produce food product slices. The apparatus includes a circular cutting head having an axis and at least one knife assembly on the circumference of the cutting head, and a knife extending axially inward and having a corrugated shape to produce a food product slice with a periodic shape characterized by peaks and valleys. At least one component securing the knife to the cutting head has a surface facing radially inward and a corrugated shape shaped differently than the corrugated shape of the knife to minimize surface contact between unsliced food products and the cutting head.

Abstract: Disclosed are various embodiments for verifying the authenticity of machine-readable identifiers, such as quick response (QR) codes or other identifiers. After data is received corresponding to a machine-readable identifier, environmental data may be acquired with respect to an environment of the machine-readable identifier. The authenticity of the machine-readable identifier may be verified based at least in part on the environmental data. In some embodiments, a verification request may be sent to a trusted authority.

Abstract: Disclosed are various embodiments for detecting replay attacks in voice-based authentication systems. In one embodiment, audio is captured via an audio input device. It is then verified that the audio includes a voice authentication factor spoken by a user. The audio is then compared with stored audio spoken by the user. If it is determined that an exact copy of the voice authentication factor is in the stored audio, one or more actions may be performed.

Abstract: Size-reduction units, size-reduction machines, and methods capable of producing size-reduced products from a variety of solid and semisolid materials. A size-reduction unit includes a circular cutter adapted and arranged to cut a product into strips, a rotating cross-cutter adapted and arranged to receive the strips from the circular cutter, and a stripper plate. The cross-cutter has knives with cutting edges that are adapted and arranged to cut the strips into a size-reduced product, and the stripper plate defines a shear edge in proximity to the cutting edge of each knife of the cross-cutter as its cutting edge encounter the shear edge during rotation of the cross-cutter. The cross-cutter has a helical fluted shape comprising flutes between adjacent pairs of the knives.

Abstract: Various examples are directed to a converter system comprising first and second series-connected converter modules and a synchronization circuit. The synchronization circuit may modulate a reference signal onto a carrier signal to generate a synchronization current signal and the synchronization current signal to an output current of the converter system to generate an aggregated output current. A first converter module may receive the aggregated output current from a first current sensor and generate a first reproduced synchronization signal at least in part from the aggregated output current. A first switch control signal for switching at least one switch at the first converter may be generated based at least in part on the first reproduced synchronization signal.

Abstract: A tampon applicator assembly includes a barrel and a plunger. The barrel has a proximal opening, a distal opening, and a wall. The wall has an interior surface that defines a channel extending from the proximal opening to the distal opening, and includes a beveled portion that defines the proximal opening. The channel is configured to releasably retain a tampon. The plunger is disposed in the barrel and configured for slidable passage through the channel of the barrel.

Abstract: A system and method for generating a signature for a document using credentials indicating an unsanctioned signing event. The system and method includes receiving a request to generate a signature of a signatory for a document, wherein the request includes a received set of credential data for a signatory, obtaining a token identifier for at least one computing device, and determining if the received set of credential data matches credentials indicating the unsanctioned signing event. The system and method further includes receiving the signature of the signatory, the document identifier, and the token identifier, and determining based at least in part on the signature, document identifier, and the token identifier, whether the received signature is associated with the unsanctioned signing event.

Abstract: Disclosed are various embodiments for detecting replay attacks in voice-based authentication systems through the use of watermark signals. In one embodiment, audio is captured via an audio input device. It is then verified that the audio includes a voice authentication factor spoken by a user. A watermark signal is detected as present in the audio, which indicates that the voice authentication factor was replayed from a recording. One or more actions may then be performed.

Abstract: Aspects related to the secure transfer and use of secret material are described. In one embodiment, an encrypted secret key and encrypted revocation data are imported into a trusted execution environment and decrypted with private provider and vendor keys. In this manner, a provider of cryptographic processes is not exposed to the secret key or revocation data of a customer, as the secret key and revocation data are decrypted and stored within the trusted execution environment but not accessed in an unencrypted form. In turn, the provider can receive various instructions to perform cryptographic operations on behalf of the customer. Based on the outcome of a revocation check using the revocation data, the instructions can be performed by the trusted execution environment.

Abstract: Disclosed are various embodiments that perform confidence-based authentication of a user. An identification of a user account is obtained from a user, and a minimum confidence threshold is determined. Multiple authentication challenges are presented to the user. Responses are obtained from the user to one or more of the challenges, with each response having a corresponding authentication point value. A confidence score is generated for the user, where the confidence score is increased by the respective authentication point values of the correct responses. The user is authenticated as being associated with the user account in response to determining that the confidence score meets the minimum confidence threshold.

Abstract: Disclosed are various embodiments for correlating a first use case-specific entity identifier with a second use case-specific entity identifier. A chained entity identifier corresponds to the first use case-specific entity identifier. The chained entity identifier can include the second use case-specific entity identifier cryptographically wrapped by a use case-specific key. The second use case-specific entity identifier can be received from the chained entity identifier. The second use case-specific entity identifier can be correlated to the first use case-specific entity identifier.

Abstract: Systems, methods, and computer-readable media are disclosed for providing dynamic authorization by receiving requests for access to a resource or configuration element, sending a notification to a member of an authorization group based on the request, receiving a response to the notification, determining whether to grant authorization to the resource or configuration element based on the response, responding to the request for access with a notification that access is denied based on determining to deny authorization, and setting up a virtual private network tunnel or using software-defined networking to allow access to the resource or configuration element based on determining to allow authorization.

Abstract: Disclosed are various embodiments that perform confidence-based authentication of a user. An identification of a user account is obtained from a user, and a minimum confidence threshold is determined. Multiple authentication challenges are presented to the user. Responses are obtained from the user to a subset of the challenges, with each response having a corresponding authentication point value. A confidence score is generated for the user, where the confidence score is increased by the respective authentication point values of the correct responses. The user is authenticated as being associated with the user account in response to determining that the confidence score meets the minimum confidence threshold.

Abstract: Methods, systems, and computer-readable media for implementing interaction reconstruction in a service-oriented system are disclosed. Routes are stored for a first set of service interactions between individual services in a service-oriented system. The routes comprise data indicative of call paths for node identifiers in the first set of service interactions. A sparse trace is generated for a second set of service interactions between individual ones of the services. The sparse trace comprises a plurality of node identifiers in the second set of service interactions. Based on the node identifiers in the sparse trace and the node identifiers in the plurality of routes, the sparse trace is matched to one or more of the routes.

Abstract: Methods and equipment for producing shaped food products having large amplitudes, for example, sliced, shredded, and/or strip-cut food products. The methods and equipment utilize a cutting apparatus having at least two sequential knives at different radial positions in reference to radial distances of the sequential knives in radial directions of the cutting apparatus. Each sequential knife has a corrugated shape comprising peaks and valleys, and the sequential knives are arranged to be in phase or out of phase alignment with each other.

Abstract: An apparatus for slicing food product to produce food product slices. The apparatus includes a rotatable cutting wheel having two or more knife assemblies. Each knife assembly includes a knife extending radially between a hub and rim of the cutting wheel. The knife has a leading edge facing a direction of rotation of the cutting wheel and a large-amplitude corrugated shape characterized by peaks and valleys. The knife is secured to the hub and rim with a knife holder, and a clamp secures the knife to a first surface of the knife holder. The knife holder and knife are configured to provide continuous and accurate alignment of an individual food product throughout the slicing thereof by the knife of each knife assembly to produce food product slices with a generally parallel-cut cross-section having a uniform thickness and a large-amplitude periodic shape with an amplitude of 0.1 inch or greater.

Abstract: Application developers may develop applications or portions of application that do not have a corresponding user interface. Testing non-user interface elements of an application may require application developers to develop corresponding user interface elements for all or a portion of the executable code included in the application. Developers may test non-user interface elements of an application or library by wrapping the executable code in a sample application managed by a test harness. The test harness may transmit test operations configured to test the non-user interface elements of the application to the sample application over an inter-process communication channel. The sample application may execute the test and return the results of the test to the test harness using inter-process communication methods.

Abstract: A system and method for generating a signature for a document using an identity verification token. The identity verification token receives a request that includes a set of credential data from a signatory, obtains a document identifier that identifies the document to a service provider, and obtains a token identifier that identifies the identity verification token to the service provider. The identity verification token generates the signature based at least in part on the obtained document identifier, the received set of credential data, and obtained the token identifier, and provides the signature.

Abstract: Disclosed are various embodiments for providing multi-factor authentication credentials. For example, a first application may send an authentication request to a first authentication service, where the request specifies a first authentication factor. A second application may generate a user interface upon a display, where the user interface facilitates entry of a user approval. In response to receiving the user approval, the second application may send a second authentication factor to a second authentication service that acts as a proxy for the first authentication service. In some embodiments, an application may be configured to automatically transfer a one-time password or other authentication factor to a recipient in response to receiving a user approval.