Abstract: A man-in-the-middle protection module can monitor data traffic exchanged between a source and destination nodes over a source-destination link via a network. The module can utilize a traffic probe packet to determine a packet delay associated with the data traffic. The module can store the packet delay and can determine that the packet delay is greater than a normal packet delay. If so, the module can determine that an attacker has compromised the source-destination link. The module can command a virtual machine associated with the source node to be decommissioned. The module can instruct a virtualization orchestrator to create a new source node. The data traffic can be rerouted to be exchanged between the new source node and the destination node over a new source-destination link via the network. The module can create and send fake data traffic towards the MitM attacker over the source-destination link via the network.

Abstract: A method includes identifying a first validation parameter of a first network node and a second validation parameter of a second network node. The method includes creating an authentication node based on the first and second validation parameters. The method also includes receiving a request to access a microservice that utilizes the first network node and the second network node. The authentication node analyzes the request to make a validation determination indicative of whether the request satisfies the first and second validation parameters and controls access to the microservice based on the validation determination.

Abstract: Concepts and technologies directed to dedicated optical distribution of computing resources in virtualized environments are disclosed herein. In various aspects, a system can include a processor and memory storing instructions that, upon execution, cause performance of operations. The operations can include receiving a virtual machine creation request that includes a virtual processing requirement and a virtual memory requirement for a virtual machine. The operations can include accessing a physical host infrastructure map that identifies remainder resources from physical host servers within a datacenter. The operations can include creating a simulation test routine and assembling a candidate resource set from the remainder resources. The operations can include establishing a dedicated processing path and a dedicated memory path for the candidate resource set.

Abstract: A system is provided with a software controller; a storage platform capable of storing stored blocks of data and having a central processing unit; a controller monitoring and isolation tool embedded in the software controller; and a storage monitoring and isolation tool embedded in the storage platform that is capable of locking down a memory partition on the storage platform. The system also includes a memory for storing computer instructions and a host computer coupled with the memory, wherein the host computer, responsive to executing the computer instructions, performs certain operations. The operations include extracting orchestration configurations through the controller monitoring and isolation tool and relaying the orchestration configurations to the storage monitoring and isolation tool.

Abstract: Example methods and systems are disclosed to provide autonomous vehicle sensor security. An example method may include generating, by a first autonomous vehicle, a first map instance of a physical environment using first environmental information generated by a first sensor of a first autonomous vehicle. A second map instance from at least one of a second autonomous vehicle located in the physical environment is received. The first map instance may be correlated with the second map instance. In response to a discrepancy between the first map instance and the second map instance, a secure sensor may be activated to generate a third map instance. In response to the third map instance verifying that the discrepancy accurately describes the physical environment, the first environmental information including the discrepancy is used to navigate the first autonomous vehicle.

Abstract: A system includes a super microcell configured to communicate on a mobile network and a plurality of mobile microcells in communication with the super microcell. Each of the plurality of mobile microcells are configured to move in tandem with a mobile platform. The system also includes an edge management system in communication with the super microcell and the mobile microcell, a scheduling engine in communication with the edge management system, wherein the scheduling engine configured to determine service coverage of the plurality of mobile microcells based on routes of the mobile platforms.

Abstract: Electronic subscriber identity modules (eSIM) can be more susceptible to hackers and more vulnerable than physical subscriber identity modules. The current disclosure discusses systems and methods to facilitate eSIM security by utilizing a management software application (MSA) hosted on a mobile device. This MSA can cross-reference eSIM registration data with mobile device signature data to determine if the correct user identity is associated with mobile device prior to an eSIM being issued to the mobile device. Additionally, various degrees of data flagging can be utilized to allow an end user to properly address an indication of mobile device vulnerability.

Abstract: A processing system may obtain from a client device an input to access an online form, where the client device is accessing a webpage via an application, the webpage being provided by the processing system and including an option to access the online form, and the input comprising a selection of the option. The processing system may further obtain from the client device a verification that an instantiation of a virtual machine on the client device is permitted for accessing the online form, provide to the client device a configuration code for instantiating the virtual machine, provide the online form to the virtual machine via the client device, where the virtual machine is instantiated on the client device in accordance with the configuration code, and where the virtual machine is distinct from the application, and obtain form data of the online form from the virtual machine via the client device.

Abstract: The concepts and technologies disclosed herein are directed to security de-escalation for data access. A user device can define a security de-escalation rule. The user device can define a multi-tiered security zone within a user device file system utilized by a memory of the user device. The multi-tiered security zone can include a plurality of security tiers. The user device can identify data for de-escalation in accordance with the security de-escalation rule. The user device can de-escalate the data to generate de-escalated data by storing the data identified for de-escalation in a less secure security tier of the plurality of security tiers of the multi-tiered security zone. The user device can receive a data access request from an external user device. The user device can verify a data access credential contained in the data access request. The user device can provide the de-escalated data to the external user device.

Abstract: A cloud traffic migration system may be used to counter suspected harmful traffic. For example, a virtual machine (VM) may have a separate security and networking policy called a VM shell. The VM shell may be placed at the VM's interface as a layer of protection. When suspected harmful traffic is detected inside the VM, multiple mini VMs may be created that replicate some functions of the infected VM and the traffic may be grouped and segregated into categories. Each category of traffic may be routed to a mini VM for further analysis. Any traffic confirmed to be harmful may be kept inside the mini VM and subject to restrictive rules. Such restrictive rules may introduce delays to waste the attackers time or resources as well as obtain data for threat analytics.

Abstract: A system includes a super microcell configured to communicate on a mobile network and a plurality of mobile microcells in communication with the super microcell. Each of the plurality of mobile microcells are configured to move in tandem with a mobile platform. The system also includes an edge management system in communication with the super microcell and the mobile microcell, a scheduling engine in communication with the edge management system, wherein the scheduling engine configured to determine service coverage of the plurality of mobile microcells based on routes of the mobile platforms.

Abstract: The concepts and technologies disclosed herein are directed to conditional temporary authentication for third party nodes. According to one aspect of the concepts and technologies disclosed herein, a first node of a plurality of nodes can provide a master authentication key to a second node of the plurality of nodes. The first node can receive, from a third node of the plurality of nodes, a temporary child authentication key derived from the master authentication by the second node. The first node can process the temporary child authentication key to determine which portion of a resource to allow the third node to access. The first node can provide the third node access to the portion of the resource.

Abstract: Aspects of the subject disclosure may include, for example, obtaining a first request for a first virtual object, obtaining first data regarding the first virtual object responsive to the obtaining of the first request, analyzing the first data to identify a first plurality of characteristics for the first virtual object, wherein the first plurality of characteristics include a first visual aspect of the first virtual object, a first auditory aspect of the first virtual object, a first scent aspect of the first virtual object, and a first haptic aspect of the first virtual object, and responsive to the analyzing of the first data, enabling at least a first sensory unit of a plurality of sensory units to render the first virtual object in accordance with the first plurality of characteristics. Other embodiments are disclosed.

Abstract: Aspects of the subject disclosure may include, for example, a processing system including a processor; and a memory that stores executable instructions that, when executed by the processing system, facilitate performance of operations including: dividing data provided for storage into data segments; encrypting each data segment of the data segments with an encryption key, thereby creating encrypted data slices; arranging a cluster of sectorized servers in an ordered list of sectorized servers; selecting a first sectorized server from the ordered list of sectorized servers; generating an access key; and sending a first encrypted data slice of the encrypted data slices and the access key to the first sectorized server, wherein the first sectorized server stores the first encrypted data slice in a sector of the first sectorized server, and retrieves the first encrypted data slice from the sector upon presentation of the access key. Other embodiments are disclosed.

Abstract: A processing system of a device having at least one processor may determine that a temperature of the device exceeds a threshold temperature and obtain, in response to the determining, utilization information of the device comprising: processor utilization information, memory utilization information, and network utilization information. The processing system may then detect, from the utilization information of the device, a pattern comprising: a first network utilization burst, a processor utilization exceeding a processor utilization threshold and a memory utilization exceeding a memory utilization threshold over at least a designated period of time following the first network utilization burst, and a second network utilization burst after at least the designated period of time. When the pattern is detected, the processing system may generate an unauthorized cryptomining alert.

Abstract: Concepts and technologies directed to dedicated optical distribution of computing resources in virtualized environments are disclosed herein. In various aspects, a system can include a processor and memory storing instructions that, upon execution, cause performance of operations. The operations can include receiving a virtual machine creation request that includes a virtual processing requirement and a virtual memory requirement for a virtual machine. The operations can include accessing a physical host infrastructure map that identifies remainder resources from physical host servers within a datacenter. The operations can include creating a simulation test routine and assembling a candidate resource set from the remainder resources. The operations can include establishing a dedicated processing path and a dedicated memory path for the candidate resource set.

Abstract: A processing system of a vehicle having at least one processor may obtain, from a network-based security system, at least a first security code, apply a hash operation to a firmware code of the vehicle in accordance with the at least the first security code to generate a first hash value, and transmit the first hash value to the network-based security system. The processing system may then obtain from the network-based security system at least a first verification code, the network-based security system providing the at least the first verification code in response to a confirmation of the first hash value, apply the at least the first verification code to a verification function, and generate a signal to enable the operation of the vehicle, in response to a positive verification via the verification function.

Abstract: Concepts and technologies directed to wireless power transfer network management are disclosed herein. Embodiments of a system can include an optical beamforming transmitter, a processor, and a memory that stores computer-executable instructions that configure a processor to perform operations. The operations can include receiving a power charge message that requests wireless power transfer to charge a battery system of a wirelessly chargeable equipment. The operations can include detecting that the wirelessly chargeable equipment is within a power transfer range of the optical beamforming transmitter. The operations can include determining that the wirelessly chargeable equipment is not stationary. The operations can include tracking movement of the wirelessly chargeable equipment and activating the optical beamforming transmitter that provides wireless power transfer to the wirelessly chargeable equipment while the wirelessly chargeable equipment is within the power transfer range.

Abstract: A processing system including at least one processor may detect an accessing of a file, where the accessing comprises a read operation, generate a copy of the file in response to detecting the accessing of the file, and store the copy of the file in a designated storage location. The processing system may further detect a completion of the accessing of the file, apply a checksum operation to the file to generate a checksum in response to detecting the completion of the accessing of the file, determine that the checksum does not match an expected checksum for the file, and generate an alert of a possible manipulation of the file in response to determining that the checksum does not match the expected checksum.

Abstract: A processing system of a device having at least one processor may obtain a set of codes from a virtual machine orchestrator via a virtualization security controller of the processing system, obtain a first virtual machine configuration file from the virtual machine orchestrator via a hypervisor of the processing system, and pass at least one code of the set of codes from the virtualization security controller to the hypervisor. The processing system may then apply, via the hypervisor, a decryption to the first virtual machine configuration file using the at least one code, determine that a threshold percentage of content of the first virtual machine configuration file comprises dictionary-recognizable words in accordance with the decryption, and instantiate, via the hypervisor, a first virtual machine in accordance with the first virtual machine configuration file when it is determined that the threshold percentage of the content comprises dictionary-recognizable words.