Abstract: State of the art approaches used to address security aspects in serverless platforms perform workflow validations on an end to end flow, however, this cannot prevent attacks targeted at intermediate function calls in the workflow. Further, the existing systems store policy data in insecure manner, which causes security issues. The disclosure herein generally relates to serverless clouds, and, more particularly, to a method and system for privacy-preserving workflow validations in serverless clouds. The system stores policy data in a secured/encrypted manner. The system also performs validations at different levels, at a first level to allow/deny access at an ingress point, and at a second level to allow/deny access at critical intermediate points. This approach thus provides safety against attacks that may have been initiated post initial validation, and offers added data security.

Abstract: State of the art systems used for airport automation and data processing may be prone to data security related issues, as unauthorized personal may gain entry to sensitive data. The disclosure herein generally relates to airport management, and, more particularly, to a method and system for service authentication in an airport management network. The system uses a neural network to process a received service request and decides whether the service request is to be allowed or denied, based on a determined validity of the service request, role based access defined for a user requesting the service, a feature map data generated.

Abstract: This disclosure relates to field of cryptography and digital signatures. The constant theft of cryptocurrencies is due to compromise of the secret signing key inherently stored in a single location. Also, one of challenges in the existing ECDSA signature is single point failure, wherein the signing key (private key) is prone to theft. The disclosed technique overcomes the challenging in the existing techniques by party distributed signature that ensures the safety of the private key. The disclosed techniques slits the key in two parts and saves at two different locations/machines. Further based on a ECDSA based technique, the digital signature is obtained securely using several steps that includes generation of first two parts of digital signature at one party, generation of the second two parts of digital signature at second party, finally decrypting a complete digital signature at the first party.

Abstract: Transaction executions/commits in a blockchain network need to be fast, robust and secure and thus calls for minimal latency in transaction commits. In an execute-order-commit blockchain network, latency is high due to smart contracts been executed at every endorsing node of the blockchain network. A method and system for processing transactions in the blockchain network is disclosed. The system discloses a veriblock architecture, which enables processing a transaction request by executing an associated smart contract along with a proof of correctness of execution of smart contract using only one endorser. Further, enables verifying the smart contract by multiple endorsers. The smart contract associated with the proof, referred herein as a vericontract, is executed to generate an output and the proof using one of a) Verifiable Computing (VC) approach, b) a TEE approach and c) a hybrid approach (combination of VC and TEE).

Abstract: This disclosure relates generally to method and system for securing peer nodes in a blockchain network. The proposed disclosure is a robust model providing secure, scalable and efficient sharding committee reconfiguration technique where blockchain peer nodes organize themselves into each sharding committee among a plurality of sharding committees. The disclosure includes, generating a random number directory by each peer node communicating random numbers to the reference committee through leader node in the blockchain network. The reference committee initiates to reconfigure members of each sharding committee at predefined intervals. Further, a first message packet from each peer node is received by the reference committee based on which a second message packet is generated enabling each peer node of the block chain network to join one of the sharding committee.

Abstract: This disclosure relates generally to contract management, and more particularly to contract management in a data marketplace. In an embodiment, a system for contract management performs refactoring of a contract, during which the system extracts terms and conditions from the contract and generates a simplified view of the contract. The system further performs a requirement validation based on the contract, during which the system determines features of data entity matches requirements specified by a first party or not, based on domain specific ontologies. If the data entity features are not matching with the requirements, then the system fetches one or more relevant attributes from a list of ontologies, verifies whether the features of entity along with the selected feature(s) satisfy the requirements or not. The system accordingly generates an agreeable requirement document as output of the requirement validation.

Abstract: This disclosure relates generally to method and system for securing peer nodes in a blockchain network. The proposed disclosure is a robust model providing secure, scalable and efficient sharding committee reconfiguration technique where blockchain peer nodes organize themselves into each sharding committee among a plurality of sharding committees. The disclosure includes, generating a random number directory by each peer node communicating random numbers to the reference committee through leader node in the blockchain network. The reference committee initiates to reconfigure members of each sharding committee at predefined intervals. Further, a first message packet from each peer node is received by the reference committee based on which a second message packet is generated enabling each peer node of the block chain network to join one of the sharding committee.

Abstract: Transaction executions/commits in a blockchain network need to be fast, robust and secure and thus calls for minimal latency in transaction commits. In an execute-order-commit blockchain network, latency is high due to smart contracts been executed at every endorsing node of the blockchain network. A method and system for processing transactions in the blockchain network is disclosed. The system discloses a veriblock architecture, which enables processing a transaction request by executing an associated smart contract along with a proof of correctness of execution of smart contract using only one endorser. Further, enables verifying the smart contract by multiple endorsers. The smart contract associated with the proof, referred herein as a vericontract, is executed to generate an output and the proof using one of a) Verifiable Computing (VC) approach, b) a TEE approach and c) a hybrid approach (combination of VC and TEE).

Abstract: Systems and methods of the present disclosure provide comprehensive risk assessment in a heterogeneous dynamic network. The framework enables ‘view’ and ‘analyses’ of complete architecture simultaneously in information view, deployment view, business view and security view. Fundamentally, data pertaining to information flow between a plurality of nodes within systems in a network is identified. One or more affected nodes or paths therebetween are identified and attack risk is computed. The graph based framework supports multiple threat models for threat evaluation. It also provides mitigation plans which will reflect reduced risk in the business view and incorporates attack tree simulations to evaluate dynamic behavior of a system under attack.

Abstract: This disclosure relates generally to contract management, and more particularly to contract management in a data marketplace. In an embodiment, a system for contract management performs refactoring of a contract, during which the system extracts terms and conditions from the contract and generates a simplified view of the contract. The system further performs a requirement validation based on the contract, during which the system determines features of data entity matches requirements specified by a first party or not, based on domain specific ontologies. If the data entity features are not matching with the requirements, then the system fetches one or more relevant attributes from a list of ontologies, verifies whether the features of entity along with the selected feature(s) satisfy the requirements or not. The system accordingly generates an agreeable requirement document as output of the requirement validation.

Abstract: Systems and methods of the present disclosure provide comprehensive risk assessment in a heterogeneous dynamic network. The framework enables ‘view’ and ‘analyses’ of complete architecture simultaneously in information view, deployment view, business view and security view. Fundamentally, data pertaining to information flow between a plurality of nodes within systems in a network is identified. One or more affected nodes or paths therebetween are identified and attack risk is computed. The graph based framework supports multiple threat models for threat evaluation. It also provides mitigation plans which will reflect reduced risk in the business view and incorporates attack tree simulations to evaluate dynamic behavior of a system under attack.

Abstract: Disclosed are devices, systems, and methods for securing data using attribute based data access. The data may correspond to a sensory environment, and the data is secured at the device. The device secures the data by segmenting the data into number of segments and defining an access policy, further submitting the access policy to a PKG of system for generating Access Tree having attributes at different level for accessing the data. These Access Trees are securely stored on the device using IBE mechanism. Further, the data after being secured, is uploaded to a system for analysis. At the system, an access request may be received for accessing the data. The access request further includes a request attribute, whereby the system verifies if the attribute satisfies the Access Policy. If the verification is positive, an access may be provided to the data accessor for accessing the data.

Abstract: Disclosed are devices, systems, and methods for securing data using attribute based data access. The data may correspond to a sensory environment, and the data is secured at the device. The device secures the data by segmenting the data into number of segments and defining an access policy, further submitting the access policy to a PKG of system for generating Access Tree having attributes at different level for accessing the data. These Access Trees are securely stored on the device using IBE mechanism. Further, the data after being secured, is uploaded to a system for analysis. At the system, an access request may be received for accessing the data. The access request further includes a request attribute, whereby the system verifies if the attribute satisfies the Access Policy. If the verification is positive, an access may be provided to the data accessor for accessing the data.

Abstract: A method and a system for administering pay-per-use (PPU) licensing of software applications are disclosed. The system comprises a processor and a memory. The memory comprises an administrative module configured to generate a license file based upon a request sent by a user. The license file is used by the user for accessing a software application. The administrative module is further configured to receive a log file from the user. The log file comprises a track of at least one of a number of usages of the software application and a time period of the software application. The memory further includes an assessment module configured to determine a validity of the license file based upon the log file.