Abstract: Technologies for compressing a blockchain. In some examples, the technologies include removing selected blocks within a blockchain, and replacing the selected blocks with a summary block and a padding block. Each block of the selected blocks includes data in a certain state (such as data in an obsolete state). The technologies can include generating the summary block and padding blocks according to the data in the selected blocks and an original root hash included in the selected blocks and other blocks of the blockchain. The generating of the summary and padding blocks can include generating a new root hash in the summary and padding blocks that only replaces the original root hash in the summary and padding blocks. The generation of the new root hash can be based on a part of a header of a non-selected block of the blockchain directly linked to an end block of selected blocks.

Abstract: An image capturing device may capture image data for processing to form an image. The image capturing device may perform a hashing procedure on the image data, wherein performing the hashing procedure generates a hash value of the image data. The image capturing device may provide, to an image authentication device, the hash value of the image data, wherein the hash value of the image data is to be used by the image authentication device to validate the image based on a request to authenticate the image received from a receiving device. The image capturing device may process the image data to form the image for display to a user. The image capturing device may provide, after providing the hash value of the image data to the image authentication device, the image for display to the user.

Abstract: An exemplary method includes a digital asset management system generating a set of collectible non-fungible digital assets, generating metadata specifying that non-fungible digital assets included the set of collectible non-fungible digital assets are configured to combine together to form a layered scene configured to be presented by a computer system, and recording, in a distributed record configured to track ownership of non-fungible digital assets, ownership information associated with the set of collectible non-fungible digital assets.

Abstract: A user device may invoke, for a user associated with an unavailable user device, a guest mode, and may connect the user device with a network device based on invoking the guest mode. The user device may provide credentials of the user and a secure input of the user to the network device based on invoking the guest mode, and may receive an identity service and an emergency service for the user when the secure input is authenticated by the network device. The user device may associate, via the identity service, the user with the user device to enable the user to utilize the emergency service, and may provide, via the emergency service, one or more emergency notifications. The user device may receive an indication of the user exiting the guest mode, and may remove the credentials of the user from a memory based on the indication.

Abstract: The present teaching relates to method, system, medium, and implementation for secure data management by a service provider. A request is first received for carrying out a transaction with a user and one or more data items associated with the user are then determined that need to be validated prior to the transaction. A request is then sent to the user seeking to validate the one or more data items. When a cloaked identifier is received from the user with information related to a trusted party, the cloaked identifier is then sent to the trusted party with a request for a validation response. When the validation response is received with an indication that the one or more data items are validated, the transaction with the user is carried out.

Abstract: A first device may receive, from a second device associated with an emergency motor vehicle (EMV), EMV-tracking information and a communication that the EMV is in emergency response mode and may determine, based on the EMV-tracking information, that the EMV is approaching an intersection. The first device may receive, from a third device associated with a user vehicle, user-tracking information. The first device may determine, based on the user-tracking information, that the user vehicle is approaching the intersection. The first device may determine, based on the EMV-tracking information and the user-tracking information, whether the EMV is predicted to collide with the user vehicle. The first device may provide, to the second device and based on the determination of whether the EMV is predicted to collide with the user vehicle, a first notification including information regarding safety of the EMV proceeding through the intersection.

Abstract: Systems and methods described herein securely compute private data on a cloud platform. A network device in the cloud platform obtains a product or service description from a first user. The description includes a combination of public data and encrypted private data based on a first encryption key. The network device receives a query from an end device of a second user and retrieves, based on the query, the product or service description. The network device forwards the description to a trusted execution environment (TEE) instance for decryption of the encrypted private data, processing of the private data, and re-encryption of the private data with a second encryption key. The network device receives the re-encrypted private data from the TEE instance and assembles the re-encrypted private data and the public data into a query response for presentation on the end device. The network device sends, to the end device, the query response including the re-encrypted private data and the public data.

Abstract: A first device may receive, from a second device associated with an emergency motor vehicle (EMV), EMV-tracking information and a communication that the EMV is in emergency response mode and may determine, based on the EMV-tracking information, that the EMV is approaching an intersection. The first device may receive, from a third device associated with a user vehicle, user-tracking information. The first device may determine, based on the user-tracking information, that the user vehicle is approaching the intersection. The first device may determine, based on the EMV-tracking information and the user-tracking information, whether the EMV is predicted to collide with the user vehicle. The first device may provide, to the second device and based on the determination of whether the EMV is predicted to collide with the user vehicle, a first notification including information regarding safety of the EMV proceeding through the intersection.

Abstract: Systems and methods described herein enable data analytics for secure cloud compute data that protects the integrity and confidentiality of the underlying data. A network device in a network creates an instance of a Trusted Execution Environment (TEE). The network device generates, in the TEE instance, transactional data that includes private information and removes the private information from the transactional data to generate extracted data. The network device encrypts, within the TEE instance, the extracted data and exports the encrypted extracted data to a memory outside of the TEE instance.

Abstract: One or more computing devices, systems, and/or methods for data fragmentation and reconstruction are provided. Random number generation information, indicating a number of fragments into which data stored by a client device is to be fragmented, is received. The data is fragmented according to the number of fragments as a set of fragments. Authentication data is incorporated with the set of fragments. A set of entities capable of storing the set of fragments with the authentication data is identified. The set of fragments with the authentication data are stored across the set of entities.

Abstract: A user device may invoke, for a user associated with an unavailable user device, a guest mode, and may connect the user device with a network device based on invoking the guest mode. The user device may provide credentials of the user and a secure input of the user to the network device based on invoking the guest mode, and may receive an identity service and an emergency service for the user when the secure input is authenticated by the network device. The user device may associate, via the identity service, the user with the user device to enable the user to utilize the emergency service, and may provide, via the emergency service, one or more emergency notifications. The user device may receive an indication of the user exiting the guest mode, and may remove the credentials of the user from a memory based on the indication.

Abstract: An exemplary method includes a digital asset management system sending a non-fungible digital asset from a first computer system to a second computer system. The first computer system and the second computer system may be included in a plurality of computer systems configured to form a distributed record configured to track ownership of non-fungible digital assets. The digital asset management system may further record, in the distributed record, information indicative of the sending of the non-fungible digital asset to the second computer system.

Abstract: The present teaching relates to method, system, medium, and implementation for secure data management by a trusted entity. A request is first received for validating one or more data items related to a record owner in order to carry out a transaction between the record owner and a service provider. With respect to the one or more data items, at least one access limitation associated therewith is determined. A cloaked identifier is generated for the request with information related to the transaction and the one or more data items incorporated therein and sent to the record owner to proceed with the validation.

Abstract: The present teaching relates to method, system, medium, and implementation for secure data management associated with a record owner. A request is first received from a service provider for validating one or more data items in order to carry out a transaction between the record owner and the service provider. The record owner performs authentication required and send the request to a trusted party seeking to validate the one or more data items, wherein the trusted party is authorized to access the one or more data items. When a cloaked identifier to be used for validating the one or more data items is received from the trusted party, it is sent to the service provider for the service provider to use for validating the one or more data items.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. An authentication session is initiated to authenticate, via iris, a person claiming to be an authorized user. A trajectory is determined with respect to a display visible to the person. A plurality of focus dots are generated with corresponding coordinates on the trajectory with respect to the display and rendered to the person on the display in accordance with the corresponding coordinates during a specified period of time. A plurality of pictures of the iris of the person are captured during the period of time and used to determine whether the person is live based on the captured plurality of pictures of the iris of the person.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. A first request is received to set up authentication information with respect to a user, wherein the first request specifies a type of information to be used for future authentication of the user. It is determined whether the type of information related to the user poses risks based on a reverse information search result. The type of information for being used for future authentication of the user is rejected when the type of information is determined to pose risks.

Abstract: The present teaching relates to method, system, medium, and implementation for biometric authentication in secure data management. Authentication is initiated for a person claiming to be a record owner prior to a transaction between the record owner and a service provider. Biometric based authentication of the person is performed by detecting liveness of the person and authenticating an identity of the person based on biometric information of the person. Upon successful authentication of the person, a trusted party processes a request directed to a trusted entity to validate one or more data items related to the record owner in order to proceed with the transaction and forward a cloaked identifier obtained based on the request, where the cloaked identifier is to be used by the service provider to seek a validation response with regard to the one or more data items from the trusted party.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. An authentication session is initiated to authenticate, via iris, a person claiming to be an authorized user. An obfuscation configuration is retrieved with respect to the authorized user and used to determine a sub-obfuscation configuration in accordance with information associated with the authentication session. A set of expected features associated with the sub-obfuscation configuration is obtained. One or more pictures are captured from the iris of the person who is expected to carry out at least one obfuscation measure consistent with the sub-obfuscation configuration for the authorized user in accordance with the information related to the authentication session and are used to determine whether the person is live based on the set of expected features associated with the sub-obfuscation configuration.

Abstract: A device may include a memory storing instructions and processor configured to execute the instructions to receive, by a blockchain node, a content consumption report from a user device relating to a digital content item provided by a content provider device to the user device and add content consumption data from the content consumption report to a blockchain associated with the blockchain node. The processor may be further configured to receive, by the blockchain node, a request for consumption information relating to the digital content item stored in the blockchain from a rights-holder associated with the digital content item; verify, by the blockchain node, that the rights-holder is authorized to access the requested consumption information; and provide, by the blockchain node, the requested consumption information from the blockchain to the rights-holder.

Abstract: A device can receive a first communication from a user device. The first communication can includes a request for content. The device can generate a record of content. The record of content includes a reference associated with the content and one or more encryption credentials associated with the content. The device can encrypt the record of content, to form an encrypted record of content, based on receiving the first communication. The device can provide the encrypted record of content to the user device based on receiving the first communication. The device can receive a second communication from the user device based on providing the encrypted record of content. The device can provide the content to the user device based on receiving the second communication.