Abstract: A method, a device, and a non-transitory storage medium provides storing user preferences pertaining to a native ad service; receiving a program that includes instances of native ad information indicative of instances of native ads; displaying the program; determining, whether instances of native ad information is received; providing the native ad based on the user preferences, in response to determining that the instances of native ad information is received; determining whether a secondary user device is paired; and transmitting instances of native ad information to the secondary user device in response to determining that the secondary user device is paired.

Abstract: The present teaching relates to method, system, medium, and implementation for secure data management by a transaction engine. A request is received from a record owner for validating one or more data items related to a record owner in order to carry out a transaction involving the record owner and a service provider. A trusted entity that is in possession of the one or more data items is determined and a request is sent to the trusted entity with first information related to the record owner. A cloaked identifier is obtained where the cloaked identifier is generated in connection with the request for validating the one or more data items. The obtained cloaked identifier is then forwarded to the record owner.

Abstract: The present teaching relates to method, system, medium, and implementation for secure data management associated with a record owner. A request is first received from a service provider for validating one or more data items in order to carry out a transaction between the record owner and the service provider. The record owner performs authentication required and send the request to a trusted party seeking to validate the one or more data items, wherein the trusted party is authorized to access the one or more data items. When a cloaked identifier to be used for validating the one or more data items is received from the trusted party, it is sent to the service provider for the service provider to use for validating the one or more data items.

Abstract: The present teaching relates to method, system, medium, and implementation for authenticating a user. An authentication session is initiated to authenticate, via iris, a person claiming to be an authorized user. A challenge is determined to be used to challenge the person and a set of expected features associated with the challenge is obtained. The challenge is presented to the person and one or more pictures are captured from the person reacting in response to the challenge and are used to determine whether the person is live.

Abstract: The present teaching relates to method, system, medium, and implementation for secure data management by a trusted entity. A request is first received for validating one or more data items related to a record owner in order to carry out a transaction between the record owner and a service provider. With respect to the one or more data items, at least one access limitation associated therewith is determined. A cloaked identifier is generated for the request with information related to the transaction and the one or more data items incorporated therein and sent to the record owner to proceed with the validation.

Abstract: Systems and methods for blockchain ledger growth management using separation of a blockchain ledger into multiple blockchain ledgers (each ledger having a state that can be tracked and used). The systems and methods also include linking the separated ledgers by utilizing a linking application and smart contracts added to the separated ledgers.

Abstract: The present teaching relates to method, system, medium, and implementation for biometric authentication in secure data management. Authentication is initiated for a person claiming to be a record owner prior to a transaction between the record owner and a service provider. Biometric based authentication of the person is performed by detecting liveness of the person and authenticating an identity of the person based on biometric information of the person. Upon successful authentication of the person, a trusted party processes a request directed to a trusted entity to validate one or more data items related to the record owner in order to proceed with the transaction and forward a cloaked identifier obtained based on the request, where the cloaked identifier is to be used by the service provider to seek a validation response with regard to the one or more data items from the trusted party.

Abstract: The present teaching relates to method, system, medium, and implementation for secure data management by a service provider. A request is first received for carrying out a transaction with a user and one or more data items associated with the user are then determined that need to be validated prior to the transaction. A request is then sent to the user seeking to validate the one or more data items. When a cloaked identifier is received from the user with information related to a trusted party, the cloaked identifier is then sent to the trusted party with a request for a validation response. When the validation response is received with an indication that the one or more data items are validated, the transaction with the user is carried out.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. An authentication session is initiated to authenticate, via iris, a person claiming to be an authorized user. A trajectory is determined with respect to a display visible to the person. A plurality of focus dots are generated with corresponding coordinates on the trajectory with respect to the display and rendered to the person on the display in accordance with the corresponding coordinates during a specified period of time. A plurality of pictures of the iris of the person are captured during the period of time and used to determine whether the person is live based on the captured plurality of pictures of the iris of the person.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. An authentication session is initiated to authenticate, via iris, a person claiming to be an authorized user. An obfuscation configuration is retrieved with respect to the authorized user and used to determine a sub-obfuscation configuration in accordance with information associated with the authentication session. A set of expected features associated with the sub-obfuscation configuration is obtained. One or more pictures are captured from the iris of the person who is expected to carry out at least one obfuscation measure consistent with the sub-obfuscation configuration for the authorized user in accordance with the information related to the authentication session and are used to determine whether the person is live based on the set of expected features associated with the sub-obfuscation configuration.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. An authentication session is first initiated to authenticate, via iris, a person claiming to be an authorized user, in which a first set of signals is randomly generated for controlling light strobing to be applied to the iris of the person for detecting liveness of the iris. A second set of signals is accordingly generated for controlling iris picture capturing synchronized with the light strobing. The light strobing is applied to the person via strobes generated based on the first set of signals and pictures of the iris of the person are acquired, based on the second set of signals, that are synchronized with the light strobing. Whether the person is live is then determined based on the synchronized pictures acquired when the light strobing is applied.

Abstract: Technologies for compressing a blockchain. In some examples, the technologies include removing selected blocks within a blockchain, and replacing the selected blocks with a summary block and a padding block. Each block of the selected blocks includes data in a certain state (such as data in an obsolete state). The technologies can include generating the summary block and padding blocks according to the data in the selected blocks and an original root hash included in the selected blocks and other blocks of the blockchain. The generating of the summary and padding blocks can include generating a new root hash in the summary and padding blocks that only replaces the original root hash in the summary and padding blocks. The generation of the new root hash can be based on a part of a header of a non-selected block of the blockchain directly linked to an end block of selected blocks.

Abstract: The present teaching relates to method, system, medium and implementation for secure transaction. A transaction package is received from a trusted entity, which is generated by a trusted entity in response to a request for validating one or more data items related to a record owner in order to carry out a transaction involving the record owner and a service provider and incorporates at least one access limitation associated with the one or more data items. A transaction package identifier is provided to the trusted entity, which uniquely identifies the transaction package and is used to store the transaction package.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. A first request is received to set up authentication information with respect to a user, wherein the first request specifies a type of information to be used for future authentication of the user. It is determined whether the type of information related to the user poses risks based on a reverse information search result. The type of information for being used for future authentication of the user is rejected when the type of information is determined to pose risks.

Abstract: A controller, in a software-defined networking control layer, may determine auto-discovery parameters and may use the auto-discovery parameters to identify a first set of forwarding boxes within a network. The controller may identify a second set of forwarding boxes within the network that communicate with or are otherwise coupled to the first set of forwarding boxes. The controller may forward requests to the first and second sets of forwarding boxes to control traffic exchanged via the first and second sets of forwarding box. A third set of forwarding boxes located outside the network may request admissions into the software defined network, and requests from the third set of forwarding boxes may be forwarded to the controller via the first or second sets of forwarding boxes. The controller may authenticate the second and the third sets of forwarding boxes based on their relationship to the first set of forwarding boxes.

Abstract: A controller network device receives command input for providing services over a service provider network and receives a verification request to verify an initial output of a control communication sent to a forwarding network device by a second controller network device in a group of peer controller network devices. The controller network device receives, from other controller network devices in the group of peer controller network devices, results that are responsive to the verification request and based on the command input and identifies a majority output from the results. The controller network device compares the initial output from the second controller network device to the majority output to determine that the initial output failed a verification vote and determines when a threshold number of control communications from the second controller network device, including the initial output, have failed verification votes.

Abstract: A system can include a producer device to receive reference data from a reference station. The system can include a queue device to store a reference message, corresponding to the reference data, in a message queue. The system can include a mapping device to store mapping information indicating that the message queue is associated with the reference station. The system can include a consumer device to identify the message queue as being associated with a microservice to be provided to a client device based on a microservice request. The message queue can be identified based on the mapping information. The consumer device can obtain the reference message from the message queue, generate corrections data associated with the client device, and provide the corrections data.

Abstract: A network device receives a first application programming interface (API) call from an application. The first API call requests a micro-service of a blockchain-based technology. The blockchain-based technology includes use of a shared ledger among participating nodes in a distributed consensus network. The micro-service provides a function for the application. The network device sends, in response to the first API call, a second API call to one of the participating nodes. The second API call initiates a framework module of a multiple of framework modules in the participating nodes. The network device receives, from the one of the participating nodes, a response to the second API call, the response indicating consensus of the participating nodes. The network device generates, based on the response to the second API call, a reply to the first API call.

Abstract: A network device receives a smart contract for permissions to access a service, wherein the smart contract is in an initial block for authorizations in a shared ledger. The network device receives, from an authorization server device, an update to the shared ledger, wherein the update is a proposed block in the shared ledger requiring validation. The network device stores, in a local memory, a copy of the shared ledger with the update, when the update is validated by the distributed consensus network. The network device receives, from a client device, an item request for an item associated with the service, wherein the item request includes a client identifier. The network device identifies if there is match of the client identifier and the item in the copy of the shared ledger and sends, to the client device, the item when there is match of the client identifier and the item.

Abstract: A device receives a user election of participation in a distributed cache service, and receives user selection of one or more devices, that are each associated with the user, to register with the distributed cache service as participant nodes. The device determines an amount of available storage offered to the cache service for each of the one or more participant nodes, and determines an available bandwidth of a respective network connection associated with each of the one or more participant nodes. The device admits selected devices of the one or more participant nodes into the distributed cache service based on the available storage and the available bandwidth, and interleaves storage of multiple chunks of content across a subset of the participant nodes admitted into the distributed cache service. The device enables client access to the multiple chunks of content interleaved across the subset of the participant nodes.