Abstract: Disclosed are methods, systems, and non-transitory computer-readable media for determining a trust score associated with a user, comprising detecting entities near a user device operated by the user; calculating the trust score for the user based on a policy that incorporates data about the entities near the user device, the trust score being a score that is indicative of a trust worthiness of data received from the user device, wherein trusted entities near the user device result in an increased trust score, and untrusted entities near the user device result in a decreased trust score; and permitting access to a resource when the trust score is above a threshold.

Abstract: In one embodiment, a device of a data mesh divides a data query into a first subquery and a second subquery for different data sources in the data mesh, based on query routing data associated with the device. The device performs the first subquery in the data mesh, to obtain a first subquery response. The device also performs the second subquery in the data mesh, to obtain a second subquery response. The device provides a query response that aggregates the first subquery response and the second subquery response.

Abstract: In one embodiment, a device of a data mesh generates a first metadata layer for the data mesh that comprises metadata regarding a dataset having a plurality of data sources. The device identifies user role-specific metadata associated with a particular user role and based at least in part on the metadata regarding the dataset. The device generates a second metadata layer for the data mesh that comprises the user role-specific metadata associated with the particular user role. The device provides the user role-specific metadata for presentation to a user associated with the particular user role.

Abstract: Disclosed herein are systems, methods, and computer-readable media for increasing security of devices that leverages an integration of an authentication system with at least one corporate service. In one aspect, a request is received from a user device to authenticate a person as a particular user by the authentication system. A photo of the person attempting to be authenticated as the particular user is captured. Nodal points are mapped to the captured photo of the person attempting to be authenticated, and the nodal points from the photo are compared against a reference model for facial recognition of the particular user. It is then determined whether the nodal points match the reference model for the particular user. The present technology also includes sending a command to the user device to send data to identify the person, and/or a location of the user device.

Abstract: Disclosed are methods, systems, and non-transitory computer-readable storage media for evaluating software posture as a condition of zero trust access. The present technology provides a client-side validation agent and a validation service which in tandem can capture and evaluate data representative of parameters associated with an application executing on a user device. The validation service can validate the application to a networked service, and in turn the networked service can permit communication to the application running on the user device.

Abstract: In one embodiment, a device receives a request for a machine learning model to make an inference about input data included in the request. The device retrieves metadata regarding training data used to train the machine learning model from a ledger associated with the machine learning model. The device assesses bias of the machine learning model by comparing the input data in the request to the metadata from the ledger. The device provides an indication of the bias of the machine learning model for display.

Abstract: Disclosed herein are systems, methods, and computer-readable media for increasing security of devices that leverages an integration of an authentication system with at least one corporate service. In one aspect, a request is received from a user device to authenticate a person as a particular user by the authentication system. A photo of the person attempting to be authenticated as the particular user is captured. Nodal points are mapped to the captured photo of the person attempting to be authenticated, and the nodal points from the photo are compared against a reference model for facial recognition of the particular user. It is then determined whether the nodal points match the reference model for the particular user. The present technology also includes sending a command to the user device to send data to identify the person, and/or a location of the user device.

Abstract: Disclosed are methods, systems, and non-transitory computer-readable storage media for evaluating software posture as a condition of zero trust access. The present technology provides a client-side validation agent and a validation service which in tandem can capture and evaluate data representative of parameters associated with an application executing on a user device. The validation service can validate the application to a networked service, and in turn the networked service can permit communication to the application running on the user device.

Abstract: The present technology pertains to increasing security of devices that leverages an integration of an authentication system with at least one corporate service. The present technology includes receiving a request from a user device to authenticate a person as a particular user by the authentication system. The present technology also includes capturing a photo of the person attempting to be authenticated as the particular user. The present technology also includes mapping nodal points to the captured photo of the person attempting to be authenticated as the particular user to a device or service. The present technology also includes comparing the nodal points from the photo against a reference model for facial recognition of the particular user. The present technology also includes determining that the nodal points do not sufficiently match the reference model for the particular user.

Abstract: The present technology pertains to a system that authenticates the identity of a user trying to access a service. The system comprises an authentication provider configured to communicate authentication requirements to a continuous multifactor authentication device and the continuous multifactor authentication device configured to receive authentication requirements, to fuse multiple identification factors into an identification credential for a user according to the authentication requirements, and to send the authentication credential to the authentication provider. After receiving the identification credential meeting the authentication requirements, the authentication provider is configured to instruct a service provider to initiate a session.

Abstract: Disclosed are methods, systems, and non-transitory computer-readable media for utilizes a collaboration application to provide data beneficial to the authentication of the user. The present application discloses receiving at least one item of personal identifying information for a user from a primary multi-factor authentication device. The present application further discloses receiving at least one item of personal identifying information for a user from a conferencing service in which the user is engaged in a conference. The present application also discloses determining whether to authenticate the user based on the items of personal identifying information from the primary multi-factor authentication device and from the conferencing service.

Abstract: Disclosed are methods, systems, and non-transitory computer-readable media for determining a trust score associated with a user, comprising detecting entities near a user device operated by the user; calculating the trust score for the user based on a policy that incorporates data about the entities near the user device, the trust score being a score that is indicative of a trust worthiness of data received from the user device, wherein trusted entities near the user device result in an increased trust score, and untrusted entities near the user device result in a decreased trust score; and permitting access to a resource when the trust score is above a threshold.

Abstract: Disclosed are methods, systems, and non-transitory computer-readable media for detecting a presentation attack in a biometric factor domain, such as a multi-factor authentication environment. The methods, systems, and non-transitory computer-readable media comprise analyzing data relevant to a plurality of factors for evaluating whether an authentication attempt by a user is subject to the presentation attack and determining that the authentication attempt is subject to the presentation attack based on analysis of the data from the plurality of factors. The methods, systems, and non-transitory computer-readable media can detect a presentation attack even when the authentication attempt is successful.

Abstract: The present technology pertains to a system that authenticates the identity of a user trying to access a service. The system comprises an authentication provider configured to communicate authentication requirements to a continuous multifactor authentication device and the continuous multifactor authentication device configured to receive authentication requirements, to fuse multiple identification factors into an identification credential for a user according to the authentication requirements, and to send the authentication credential to the authentication provider. After receiving the identification credential meeting the authentication requirements, the authentication provider is configured to instruct a service provider to initiate a session.

Abstract: The present technology pertains to a system that authenticates the identity of a user trying to access a service. The system comprises an authentication provider configured to communicate authentication requirements to a continuous multifactor authentication device and the continuous multifactor authentication device configured to receive authentication requirements, to fuse multiple identification factors into an identification credential for a user according to the authentication requirements, and to send the authentication credential to the authentication provider. After receiving the identification credential meeting the authentication requirements, the authentication provider is configured to instruct a service provider to initiate a session.

Abstract: The present technology pertains to a system that authenticates the identity of a user trying to access a service. The system comprises an authentication provider configured to communicate authentication requirements to a continuous multifactor authentication device and the continuous multifactor authentication device configured to receive authentication requirements, to fuse multiple identification factors into an identification credential for a user according to the authentication requirements, and to send the authentication credential to the authentication provider. After receiving the identification credential meeting the authentication requirements, the authentication provider is configured to instruct a service provider to initiate a session.

Abstract: The present technology pertains to a system that authenticates the identity of a user trying to access a service. The system comprises an authentication provider configured to communicate authentication requirements to a continuous multifactor authentication device and the continuous multifactor authentication device configured to receive authentication requirements, to fuse multiple identification factors into an identification credential for a user according to the authentication requirements, and to send the authentication credential to the authentication provider. After receiving the identification credential meeting the authentication requirements, the authentication provider is configured to instruct a service provider to initiate a session.

Abstract: The present technology pertains to a system that authenticates the identity of a user trying to access a service. The system comprises an authentication provider configured to communicate authentication requirements to a continuous multifactor authentication device and the continuous multifactor authentication device configured to receive authentication requirements, to fuse multiple identification factors into an identification credential for a user according to the authentication requirements, and to send the authentication credential to the authentication provider. After receiving the identification credential meeting the authentication requirements, the authentication provider is configured to instruct a service provider to initiate a session.

Abstract: The present technology pertains to a system that authenticates the identity of a user trying to access a service. The system comprises an authentication provider configured to communicate authentication requirements to a continuous multifactor authentication device and the continuous multifactor authentication device configured to receive authentication requirements, to fuse multiple identification factors into an identification credential for a user according to the authentication requirements, and to send the authentication credential to the authentication provider. After receiving the identification credential meeting the authentication requirements, the authentication provider is configured to instruct a service provider to initiate a session.

Abstract: A method of binding a software to a device is disclosed. Accordingly, during a setup of the software in the device, a unique identifier is derived from contents stored in the device and the derived unique identifier is encrypted. The derived unique identifier is then stored in a configuration of the software. During a next invocation of the software in the device, a new unique identifier is derived from the contents stored in the device. The newly derived unique identifier is then matched with the stored unique identifier. The execution of the software is terminated if the matching fails.