Abstract: A nonce is sent to a user communication device. Obfuscated biometric data is received from the user communication device. The obfuscated biometric data is generated by an obfuscation process that uses the nonce and first biometric data. The first biometric data is generated from a biometric of a user at the user communication device. For example, the first biometric data may be biometric data from a fingerprint scan. The obfuscation process is reversed by using the first nonce to produce the first biometric data. The first biometric data is compared to known biometric data of the user. In response to the first biometric data being within a threshold of the known biometric data, the user is authenticated.

Abstract: An indication of a user being authenticated is received. For example, the user authenticates with a valid username/password. In response to receiving the indication of the user being authenticated, a watermark is associated with the user. The watermark is sent to a communication device of the user. For example, the watermark is sent to the user's personal computer. The communication device of the user embeds the watermark into a communication. For example, the watermark may be embedded into a communication session with a web server. The watermark is sent to a routing device on a network (e.g., a router and/or firewall). The routing device uses the watermark embedded in the communication to determine how to route the communication on the network.

Abstract: A first node in a distributed blockchain ledger validates all remaining nodes in the distributed blockchain ledger to secure the distributed blockchain ledger. The remaining nodes in the distributed blockchain ledger can be validated in various ways. For example, an encrypted package can be exchanged to obtain a unique session key for each of the remaining nodes in the distributed blockchain ledger. Another alternative is to receive split-key fragments from all the nodes in the distributed blockchain ledger. The received split-key fragments are used to generate a common key for validating all the remaining nodes in the distributed blockchain ledger.

Abstract: Thread information generated by one or more computing systems is captured. A thread pattern is identified from the captured thread information. The thread pattern is compared to a learned thread pattern. An anomaly is identified in the thread pattern based on a variance from the learned thread pattern. In response to identifying the anomaly in the thread pattern, an action is taken based on the anomalous thread pattern. For example, a user may be notified. The thread patterns may be extended to compare between operating systems, hypervisors, containers, and/or virtual machines.

Abstract: A multi-factor authentication request of a user is received. For example, the multi-factor authentication request may include a valid username/password and a valid fingerprint scan. A first authentication factor of the multi-factor authentication request is an access authentication factor (e.g., the valid username/password) and a second authentication factor (e.g., the valid fingerprint scan) of the multi-factor authentication request is one of: a time-only authentication factor; a multi-session authentication factor; and a location-only authentication factor. The user is authenticated based on the first authentication factor and the second authentication factor. Access is granted to one or more resources according to one or more rules associated with the first authentication factor and second authentication factor.

Abstract: A request to add a new block to a blockchain is received. Data associated with the new block is scanned to identify malware and/or an anomaly. In response to identifying the malware and/or the anomaly in the data associated with the new block, an action is taken. The action includes: rejecting the request to add the new block to the blockchain, or removing the malware/anomaly from the new block and adding the new block to the blockchain. In a second embodiment, a malware event is identified that identifies malware/an anomaly in a block in a blockchain. In response to the malware event, an action is taken. The action includes: consolidating the blockchain, bypassing the block in the blockchain, consolidating the blockchain and bypassing the block in the blockchain, and deleting an encryption key that was used to encrypt the associated data that comprises the malware and/or the anomaly.

Abstract: A request to install a first version of a software application is received. The first version of the software application is stored in a first blockchain in a first distributed blockchain ledger. In response to receiving the request to install the first version of the software application, the first version of the software application is validated by running a hash of the first blockchain. In response to validating the first version of the software application, the first version of the software application is installed from the blockchain to a device. The software application may also be validated after being installed to the device.

Abstract: A request to authenticate is received. For example, the request to authenticate may be to authenticate to a software application or a device. The request to authenticate is for a first authentication level for a user. The first authentication level is one of a plurality of authentication levels for the user. The request to authenticate is authorized based on a provided one or more authentication factors (e.g., a valid username/password). A plurality of authentication tokens are retrieved. The plurality of authentication tokens are associated with the first authentication level. In addition, each authentication token of the plurality of authentication tokens is associated with an individual application of a plurality of applications. Access to information in the plurality of applications is granted based on the plurality of authentication tokens.

Abstract: A secondary fragment of an encryption key is received. The secondary fragment is associated with an authentication process of a user. The secondary fragment is one of a plurality of secondary fragments of the encryption key. The user is authenticated (e.g., by validating a username/password). The encryption key is regenerated using the secondary fragment and a primary fragment of the encryption key. In response to regenerating the encryption key using the secondary fragment and the primary fragment, and authenticating the user: access is granted, to the user, by unencrypting an encrypted data record using the regenerated encryption key.

Abstract: Results of an authentication process are received. The authentication process allows for a graded level of authentication using a plurality of authentication types (e.g., a username/password and a fingerprint scan). Encrypted data is then accessed. The encrypted data has been encrypted using a plurality of encryption levels. The data is unencrypted based on the graded level of authentication. In a second embodiment, a system and method are provided that establish a communication session (e.g., a voice or email communication session). The communication session is between a plurality of users. During the communication session, an indication is received to change an encryption level for the communication session. In response to receiving the indication to change the encryption level for the communication session, an encryption level of the first communication session is dynamically changed from a first level of encryption to a second level of encryption.

Abstract: A request to authenticate is received (e.g., a request to login with a username/password). The request to authenticate comprises an address associated with the request to authenticate (e.g., an IP address). The request to authenticate is validated. In response to validating the request to authenticate, a message is sent to a routing device that identifies the address as authenticated for routing packets. In a second embodiment, a DHCP discover message is received. The DHCP discover message is a request to get an IP address. A determination is made to determine if the DHCP discover message comprises a watermark. In response to determining that the DHCP discover message comprises the watermark: a DHCP offer message is sent with an IP address and a third message is sent to a routing device that identifies the IP address as valid for routing packets.

Abstract: A transaction block in a blockchain is generated. The transaction block in the blockchain comprises a token that points to blockchain data in a tokenization table. An event is detected (e.g., an administrative event). The event is to forget the blockchain data in the tokenization table. In response to detecting the event, the blockchain data in the tokenization table is forgotten. For example, forgetting the blockchain data may comprise permanently deleting the blockchain data in the tokenization table and/or permanently deleting an encryption key for the blockchain data in the tokenization table.

Abstract: An event is detected. The event is a designated event for capturing a snapshot of a blockchain where the blockchain is not replicated in a distributed ledger. For example, the event may be where a specific number of new blocks have been added to the blockchain. In response to detecting the event, a capstone block or a lock block is created. The capstone block or the lock block is added to the blockchain. A copy of the capstone block or the copy of the lock block sent to a trusted authority. The copy of the capstone block or the copy of the lock block is used to validate some or all the blockchain to detect if the blockchain has been changed. For example, validating the blockchain may be to detect if the blockchain has been tampered with or has become corrupted.

Abstract: A request to install a first version of a software application is received. The first version of the software application is stored in a first blockchain in a first distributed blockchain ledger. In response to receiving the request to install the first version of the software application, the first version of the software application is validated by running a hash of the first blockchain. In response to validating the first version of the software application, the first version of the software application is installed from the blockchain to a device. The software application may also be validated after being installed to the device.

Abstract: Results of an authentication process are received. The authentication process allows for a graded level of authentication using a plurality of authentication types (e.g., a username/password and a fingerprint scan). Encrypted data is then accessed. The encrypted data has been encrypted using a plurality of encryption levels. The data is unencrypted based on the graded level of authentication. In a second embodiment, a system and method are provided that establish a communication session (e.g., a voice or email communication session). The communication session is between a plurality of users. During the communication session, an indication is received to change an encryption level for the communication session. In response to receiving the indication to change the encryption level for the communication session, an encryption level of the first communication session is dynamically changed from a first level of encryption to a second level of encryption.

Abstract: A request is received, by a plurality of nodes that are part of a distributed blockchain ledger, to add a transaction block to a plurality of blockchains in the distributed blockchain ledger. The transaction block comprises a transaction block authentication credential(s). The plurality of nodes that are part of the distributed blockchain ledger determine if the transaction block authentication credential(s) are valid. An indication is received from at least a majority of the plurality of nodes that are part of the distributed blockchain ledger that the transaction block authentication credential(s) are valid. In response to receiving the indication from the at least a majority of the plurality of nodes that are part of the distributed blockchain ledger that the transaction block authentication credential(s) are valid, the transaction block is added to the plurality of blockchains in the distributed blockchain ledger.

Abstract: A request to retroactively add one or more of an encryption level, an encryption type, a security level, and an authentication level to an existing blockchain is received. An authentication/encryption block is added to the existing blockchain. The authentication/encryption block comprises the one or more of the encryption level, the encryption type, the security level, and the authentication level. Based on the added authentication/encryption block in the existing blockchain, the one or more of the encryption level, the encryption type, the security level, and the authentication level are retroactively applied to at least a portion of blockchain data in the existing blockchain. In one embodiment, a data structure is used in place of the authentication/encryption block.

Abstract: A request to authenticate a user is received. A random authentication pattern is generated. For example, the random authentication pattern may be for the user to provide a series of biometric scans and/or gesture scans. Instructions for the random authentication pattern are sent to a communication device (e.g., to a smartphone or smartwatch). A generated authentication pattern is received from the communication device. The generated authentication pattern is compared to a stored set of biometric scans and/or gestures scans that are based on the random authentication pattern. The user is authenticated based on the generated authentication pattern meeting a threshold by comparing the generated authentication pattern to the stored set of biometric scans and/or gestures scans.

Abstract: A copy of a blockchain is stored. The stored copy of the blockchain is copied from a blockchain in a distributed blockchain ledger. An event associated with the blockchain in the distributed ledger is identified. In response identifying the event associated with the blockchain in the distributed ledger, a compromise of the blockchain in the distributed ledger is identified, such as, identifying one or more blocks of the blockchain that have been compromised. In a second embodiment, a request to add a new block to a blockchain is identified. In response identifying the request to add the new block to the blockchain, a consensus vote to add the new block to the blockchain is monitored. A determination is made to determine if the consensus vote is below a threshold. In response to the consensus vote being below the threshold, an audit of the blockchain is completed.

Abstract: A request to create a blockchain is received. In response to receiving the request to create a blockchain, an authentication/encryption block is added to the blockchain. For example, the authentication/encryption block may be part of a genesis block of the blockchain. The authentication/encryption block comprises metadata that indicates at least one of: 1) an encryption level for blockchain data that will be part of the blockchain, 2) an encryption type for the blockchain data that will be part the blockchain, 3) an authentication level required to access the blockchain data that will be part of the blockchain, and a security level for the blockchain data that will be part of the blockchain. The metadata is used to define encryption and/or authentication requirements for accessing the blockchain data.