Abstract: Fairness and output authenticity for secure distributed machine learning is provided by way of an encrypted output of a garbled circuit which is simultaneously provided to a garbler and an evaluator by an output discloser. Related systems, methods and articles of manufacture are also disclosed.

Abstract: Fairness and output authenticity for secure distributed machine learning is provided by way of an encrypted output of a garbled circuit which is simultaneously provided to a garbler and an evaluator by an output discloser. Related systems, methods and articles of manufacture are also disclosed.

Abstract: In an example embodiment, a combination of machine learning and rule-based techniques are used to automatically detect social engineering attacks in a computer system. More particularly, three phases of detection are utilized on communications in a thread or stream of communications: attack contextualization, intention classification, and security policy violation detection. Each phase of detection causes a score to be generated that is reflective of the degree of danger in the thread or stream of communications, and these scores may then be combined into a single global social engineering attack score, which then may be used to determined appropriate actions to deal with the attack if it transgresses a threshold.

Abstract: Systems and methods are provided for receiving input data to be processed by an encrypted neural network (NN) model, and encrypting the input data using a fully homomorphic encryption (FHE) public key associated with the encrypted NN model to generate encrypted input data. The systems and methods further provided for processing the encrypted input data to generate an encrypted inference output, using the encrypted NN model by, for each layer of a plurality of layers of the encrypted NN model, computing an encrypted weighted sum using encrypted parameters and a previous encrypted layer, the encrypted parameters comprising at least an encrypted weight and an encrypted bias, approximating an activation function for the level into a polynomial, and computing the approximated activation function on the encrypted weighted sum to generate an encrypted layer. The generated encrypted inference output is sent to a server system for decryption.

Abstract: Systems and methods are provided for receiving input data to be processed by an encrypted neural network (NN) model, and encrypting the input data using a fully homomorphic encryption (FHE) public key associated with the encrypted NN model to generate encrypted input data. The systems and methods further provided for processing the encrypted input data to generate an encrypted inference output, using the encrypted NN model by, for each layer of a plurality of layers of the encrypted NN model, computing an encrypted weighted sum using encrypted parameters and a previous encrypted layer, the encrypted parameters comprising at least an encrypted weight and an encrypted bias, approximating an activation function for the level into a polynomial, and computing the approximated activation function on the encrypted weighted sum to generate an encrypted layer. The generated encrypted inference output is sent to a server system for decryption.

Abstract: A computer-implemented method for authentication involves defining a level of trust required for access to a resource independently of any particular authentication mechanism or instance, determining levels of trust associated with a plurality of authentication instances, and selecting and combining two or more of the authentication instances to meet or exceed the required level of trust.

Abstract: Embodiments include a system for tracing a collaborative workflow. The system includes an event collector and a transition engine. The event collector may be configured to receive data that represents an event of the collaborative workflow. The collaborative workflow has a local workflow part and a global workflow part. The transition engine may be configured to compute a new instance state of a model of the collaborative workflow. The new instance state represents an instance of the collaborative workflow obtained through the event of the collaborative workflow. The new instance state complies with rules of a local model of the local workflow part and with rules of a global model of the global workflow part.

Abstract: A method, of providing a key pair for secure transmission of data between at least two applications, includes receiving context information relating to the context of the applications. generating a key pair using the provided context information from the applications, and sending the generated key pair to the at least two applications.

Abstract: There is provided a computer-implemented method for authentication, the method comprising: defining a demanded level of security in an authorization service of a server; providing at least one authentication mechanism comprising at least one instance for at least one client; providing a policy comprising a security level for the at least one instance; receiving at least one request from the client to the server; authenticating the request based on the policy and the demanded level of security by the authentication service; and permitting the request if the demanded level of security is reached.

Abstract: There is provided a computer-implemented method for authentication, the method comprising: defining a demanded level of security in an authorization service of a server; providing at least one authentication mechanism comprising at least one instance for at least one client; providing a policy comprising a security level for the at least one instance; receiving at least one request from the client to the server; authenticating the request based on the policy and the demanded level of security by the authentication service; and permitting the request if the demanded level of security is reached.

Abstract: A system for selecting services that are used for a composite service, may include an accessing unit and a processing unit. The accessing unit may be configured to access: tasks of the composite service, transactional requirements of the tasks, services that are configured to fulfill the tasks, and transactional properties of the services. The processing unit may be configured to: compute conditions for services that are configured to fulfill a task and select a service configured to fulfill the task and having transactional properties that fulfill the conditions, wherein the conditions are computed using data comprising the transactional requirements of the tasks.

Abstract: A method supports a decision-making process in a time critical scenario managed by a distributed workflow consisting of a plurality of distributed nodes. The method includes assessing a given situation with available information to establish confidence percentages for possible decisions associated with the given situation and the distributed workflow. A distributed workflow architecture is provided that allows the distributed workflow to use the confidence percentages to enable a decision maker to get knowledge of a best possible course of action when executing the distributed workflow. Fuzzy logic is used to compute and maintain the confidence percentages for the possible decisions based on the available information. Furthermore, an appropriate workflow management system is proposed.

Abstract: Embodiments include a system for tracing a collaborative workflow. The system includes an event collector and a transition engine. The event collector may be configured to receive data that represents an event of the collaborative workflow. The collaborative workflow has a local workflow part and a global workflow part. The transition engine may be configured to compute a new instance state of a model of the collaborative workflow. The new instance state represents an instance of the collaborative workflow obtained through the event of the collaborative workflow. The new instance state complies with rules of a local model of the local workflow part and with rules of a global model of the global workflow part.

Abstract: A method includes associating an access policy with content. The access policy specifies at least one access condition to be satisfied prior to a content recipient accessing the content. An encryption key is provided to a content source, the encryption key being associated with the access policy and to be used by the content source to encrypt the content. At a trusted third party, the determination is made regarding whether the at least one access condition is satisfied. A decryption key is selectively provided from the trusted third party to the content recipient based on the at least one access condition being satisfied. The decryption key is associated with the access policy and may be used by the content recipient to decrypt the content.

Abstract: There is provided a computer-implemented method for authentication, the method comprising: defining a demanded level of security in an authorization service of a server; providing at least one authentication mechanism comprising at least one instance for at least one client; providing a policy comprising a security level for the at least one instance; receiving at least one request from the client to the server; authenticating the request based on the policy and the demanded level of security by the authentication service; and permitting the request if the demanded level of security is reached.

Abstract: A method for automatically filling an electronic timesheet includes extracting one or more calendar entries from an electronic calendar and matching each calendar entry of the one or more calendar entries to a corresponding project of a list of projects. An electronic timesheet is then filled based on each calendar entry matched with the corresponding project.

Abstract: A method, of providing a key pair for secure transmission of data between at least two applications, includes receiving context information relating to the context of the applications. generating a key pair using the provided context information from the applications, and sending the generated key pair to the at least two applications.

Abstract: A system for selecting services that are used for a composite service, may include an accessing unit and a processing unit. The accessing unit may be configured to access: tasks of the composite service, transactional requirements of the tasks, services that are configured to fulfill the tasks, and transactional properties of the services. The processing unit may be configured to: compute conditions for services that are configured to fulfill a task and select a service configured to fulfill the task and having transactional properties that fulfill the conditions, wherein the conditions are computed using data comprising the transactional requirements of the tasks.