Abstract: Systems are provided for improving computer security systems that are based on user risk scores. These systems can be used to improve both the accuracy and usability of the user risk scores by applying multiple tiers of machine learning to different the user risk profile components used to generate the user risk scores and in such a manner as to dynamically generate and modify the corresponding user risk scores.

Abstract: Systems are provided for improving computer security systems that are based on user risk scores. These systems can be used to improve both the accuracy and usability of the user risk scores by applying multiple tiers of machine learning to different the user risk profile components used to generate the user risk scores and in such a manner as to dynamically generate and modify the corresponding user risk scores.

Abstract: Systems are provided for improving computer security systems that are based on user risk scores. These systems can be used to improve both the accuracy and usability of the user risk scores by applying multiple tiers of machine learning to different the user risk profile components used to generate the user risk scores and in such a manner as to dynamically generate and modify the corresponding user risk scores.

Abstract: One or more techniques and/or systems are provided for risk assessment. Historical authentication data and/or compromised user account data may be evaluated to identify a set of authentication context properties associated with user authentication sessions and/or a set of malicious account context properties associated with compromised user accounts (e.g., properties indicative of whether a user recently visited a malicious site, created a fake social network profile, logged in from unknown locations, etc.). The set of authentication context properties and/or the set of malicious account context properties may be annotated to create an annotated context property training set that may be used to train a risk assessment machine learning model to generate a risk assessment model. The risk assessment model may be used to evaluate user context properties of a user account event to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe.

Abstract: One or more techniques and/or systems are provided for risk assessment. Historical authentication data and/or compromised user account data may be evaluated to identify a set of authentication context properties associated with user authentication sessions and/or a set of malicious account context properties associated with compromised user accounts (e.g., properties indicative of whether a user recently visited a malicious site, created a fake social network profile, logged in from unknown locations, etc.). The set of authentication context properties and/or the set of malicious account context properties may be annotated to create an annotated context property training set that may be used to train a risk assessment machine learning model to generate a risk assessment model. The risk assessment model may be used to evaluate user context properties of a user account event to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe.

Abstract: One or more techniques and/or systems are provided for risk assessment. Historical authentication data and/or compromised user account data may be evaluated to identify a set of authentication context properties associated with user authentication sessions and/or a set of malicious account context properties associated with compromised user accounts (e.g., properties indicative of whether a user recently visited a malicious site, created a fake social network profile, logged in from unknown locations, etc.). The set of authentication context properties and/or the set of malicious account context properties may be annotated to create an annotated context property training set that may be used to train a risk assessment machine learning model to generate a risk assessment model. The risk assessment model may be used to evaluate user context properties of a user account event to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe.

Abstract: One or more techniques and/or systems are provided for risk assessment. Historical authentication data and/or compromised user account data may be evaluated to identify a set of authentication context properties associated with user authentication sessions and/or a set of malicious account context properties associated with compromised user accounts (e.g., properties indicative of whether a user recently visited a malicious site, created a fake social network profile, logged in from unknown locations, etc.). The set of authentication context properties and/or the set of malicious account context properties may be annotated to create an annotated context property training set that may be used to train a risk assessment machine learning model to generate a risk assessment model. The risk assessment model may be used to evaluate user context properties of a user account event to generate a risk analysis metric indicative of a likelihood the user account event is malicious or safe.

Abstract: An indexing value may be determined, transparently with respect to a requester, based on a desired plaintext item of data and a cryptographic key. The indexing value may be used to access an entry in an indexing structure to obtain a corresponding database entry which includes a non-deterministically encrypted ciphertext item. In another embodiment, an indexing structure for a database may be accessed. Positions of items of the indexing structure may be based on corresponding plaintext items. References related to the corresponding plaintext items in the indexing structure may be encrypted and other information in the indexing structure may be unencrypted. A portion of the indexing structure may be loaded into a memory and at least one of the encrypted references related to one of the plaintext items may be decrypted. The decrypted reference may be used to access a corresponding non-deterministically encrypted data item from the database.

Abstract: The systems and methods of the present invention facilitate database row-level security by utilizing SQL extensions to create and associate named security expressions with a query initiator(s). Such expressions include Boolean expressions, which must be satisfied by a row of data in order for that data to be made accessible to the query initiator. In general, a query is augmented with security expressions, which are aggregated and utilized during querying rows of data. The systems and methods variously place security expressions within a query in order to optimize query performance while mitigating information leaks. This is achieved by tagging security expressions as special and utilizing rules of predicate to pull or push non-security expressions above or below security expressions, depending on the likelihood of a non-security being safe, as determined via a static and/or dynamic analysis.

Abstract: An indexing value may be determined, transparently with respect to a requester, based on a desired plaintext item of data and a cryptographic key. The indexing value may be used to access an entry in an indexing structure to obtain a corresponding database entry which includes a non-deterministically encrypted ciphertext item. In another embodiment, an indexing structure for a database may be accessed. Positions of items of the indexing structure may be based on corresponding plaintext items. References related to the corresponding plaintext items in the indexing structure may be encrypted and other information in the indexing structure may be unencrypted. A portion of the indexing structure may be loaded into a memory and at least one of the encrypted references related to one of the plaintext items may be decrypted. The decrypted reference may be used to access a corresponding non-deterministically encrypted data item from the database.