Abstract: An event is identified. For example, the event is that the an original blockchain has reached a threshold number of blocks. In response to identifying the event: the original blockchain is completed and a second blockchain is created. The second blockchain comprises a first consolidation genesis block. The first consolidation genesis block comprises a complete hash of the original blockchain and a first consolidation pointer that points to the original blockchain. This allows the blockchain to be divided into smaller pieces that can be verified using less processing resources. In addition, this allows for more efficient searching of blockchains.

Abstract: A copy of a blockchain is stored. The stored copy of the blockchain is copied from a blockchain in a distributed blockchain ledger. An event associated with the blockchain in the distributed ledger is identified. In response identifying the event associated with the blockchain in the distributed ledger, a compromise of the blockchain in the distributed ledger is identified, such as, identifying one or more blocks of the blockchain that have been compromised. In a second embodiment, a request to add a new block to a blockchain is identified. In response identifying the request to add the new block to the blockchain, a consensus vote to add the new block to the blockchain is monitored. A determination is made to determine if the consensus vote is below a threshold. In response to the consensus vote being below the threshold, an audit of the blockchain is completed.

Abstract: A primary blockchain for a software application is created that comprises a first block associated with a software component of the software application. An event is received that is associated with the software component. In response to receiving the event, a component blockchain is created that is associated with the software component. The component blockchain comprises a second block associated with the event. The component blockchain links to the primary blockchain. This provides a structure for managing supply chains of software components. As new software components are received, the new software components can be managed and tracked for quality/security.

Abstract: A first sub-blockchain and a second sub-blockchain are retrieved. The sub-blockchains are predefined fragments of a blockchain that are intended to be used to build a larger blockchain. At least one of the first sub-blockchain and the second sub-blockchain was originally stored in a read-only computer memory or was originally stored in a barcode/RFID tag. A blockchain that comprises the first sub-blockchain and the second sub-blockchain is created. The blockchain is used to track inventory of a product.

Abstract: A nonce is sent to a user communication device. Obfuscated biometric data is received from the user communication device. The obfuscated biometric data is generated by an obfuscation process that uses the nonce and first biometric data. The first biometric data is generated from a biometric of a user at the user communication device. For example, the first biometric data may be biometric data from a fingerprint scan. The obfuscation process is reversed by using the first nonce to produce the first biometric data. The first biometric data is compared to known biometric data of the user. In response to the first biometric data being within a threshold of the known biometric data, the user is authenticated.

Abstract: Sensitive information is identified. For example, the sensitive information may be a set of medical records. A request is received to send the sensitive information from a first domain to a second domain. For example, the request may be to send the sensitive information from a first corporation to a second corporation. The sensitive information is encrypted. The encrypted sensitive information comprises an authentication field. The authentication field identifies one or more authentication factors that are required to unencrypt the sensitive information. For example, the authentication field may indicate that a user is required to provide a username/password and a fingerprint scan to access the sensitive information. The encrypted sensitive information is sent to the second domain. The user in the second domain is required to authenticate using the one or more authentication factors to access the sensitive information.

Abstract: A plurality of events associated with a communication device are received. The plurality of events relate to a plurality of changes of hardware, firmware, and/or software in the communication device. The plurality of events are stored as a plurality of blocks in a blockchain. One or more anomalies associated with the plurality of changes of the hardware, the firmware, and/or the software are identified. In response to identifying the one or more anomalies associated with the plurality of changes of the hardware, the firmware, and/or the software in the communication device, a software image of the communication device is received and added to the blockchain. A second embodiment discloses using this process for a hypervisor using virtual machines or containers.

Abstract: A dynamic transaction associated with a user is identified. For example, the user logging into a server is identified as a dynamic transaction. The dynamic transaction associated with the user is stored in a record (e.g., stored as a block in a blockchain). A first hash from a user device associated with the user is received. The second hash is generated based on the dynamic transaction. A second hash is generated based on the record. The first hash is compared to the second hash. In response to the first hash matching the second hash, the user is authenticated by providing access to a computer resource. For example, the user may be granted access to a database.

Abstract: A request to install a first version of a software application is received. The first version of the software application is stored in a first blockchain in a first distributed blockchain ledger. In response to receiving the request to install the first version of the software application, the first version of the software application is validated by running a hash of the first blockchain. In response to validating the first version of the software application, the first version of the software application is installed from the blockchain to a device. The software application may also be validated after being installed to the device.

Abstract: An apparatus may include a processor that may be caused to access handholding information indicating a hand configuration in which the apparatus is being held and compare the handholding information with previously-stored handholding authentication data of an authentic user. The previously-stored handholding authentication data may represent an authentic configuration in which the apparatus is held by the authentic user. The processor may be caused to determine that the apparatus is being held by the authentic user based on the comparison and cause an authenticated action to occur based on the determination.

Abstract: A request to add a new block to a blockchain is received. Data associated with the new block is scanned to identify malware and/or an anomaly. In response to identifying the malware and/or the anomaly in the data associated with the new block, an action is taken. The action includes: rejecting the request to add the new block to the blockchain, or removing the malware/anomaly from the new block and adding the new block to the blockchain. In a second embodiment, a malware event is identified that identifies malware/an anomaly in a block in a blockchain. In response to the malware event, an action is taken. The action includes: consolidating the blockchain, bypassing the block in the blockchain, consolidating the blockchain and bypassing the block in the blockchain, and deleting an encryption key that was used to encrypt the associated data that comprises the malware and/or the anomaly.

Abstract: A determination is made that an event associated with a composite blockchain is a primary event or a secondary event. The composite blockchain comprises a primary blockchain and a first level sub-blockchain. In response to determining that the event is the primary event, a new block is dynamically added to the end of the primary blockchain. In response to determining that the event is the secondary event, the first level sub-blockchain is dynamically created. Dynamically creating the first sub-level blockchain comprises dynamically creating a first block in the first sub-level blockchain. This creates a branched blockchain that can be used for efficient searching.

Abstract: A primary blockchain for a software application is created that comprises a first block associated with a software component of the software application. An event is received that is associated with the software component. In response to receiving the event, a component blockchain is created that is associated with the software component. The component blockchain comprises a second block associated with the event. The component blockchain links to the primary blockchain. This provides a structure for managing supply chains of software components. As new software components are received, the new software components can be managed and tracked for quality/security.

Abstract: A copy of a blockchain is stored. The stored copy of the blockchain is copied from a blockchain in a distributed blockchain ledger. An event associated with the blockchain in the distributed ledger is identified. In response identifying the event associated with the blockchain in the distributed ledger, a compromise of the blockchain in the distributed ledger is identified, such as, identifying one or more blocks of the blockchain that have been compromised. In a second embodiment, a request to add a new block to a blockchain is identified. In response identifying the request to add the new block to the blockchain, a consensus vote to add the new block to the blockchain is monitored. A determination is made to determine if the consensus vote is below a threshold. In response to the consensus vote being below the threshold, an audit of the blockchain is completed.

Abstract: To write forgettable data to a blockchain, the forgettable data is transmitted to a server, from which encrypted data corresponding to the forgettable data are received. A hash of the forgettable data is generated. A data block including the encrypted data and control data including the hash is added to the blockchain.

Abstract: A method includes, by a computer associated with a security reporter, updating a component vulnerability entry blockchain to represent a state of a component vulnerability entry of a software component vulnerability database. The method includes, by the computer, providing the updated component vulnerability entry blockchain to a management authority so that the management authority updates a master blockchain for the software component vulnerability database. The updated master blockchain includes a plurality of component vulnerability entry blockchains, which represent corresponding states of component vulnerability entries of the software component vulnerability database, including the updated component vulnerability entry.

Abstract: In some examples, in response to detecting addition or update of a program component of a program, a system creates a blockchain entry for addition to a blockchain register, generates a hash based on the program component, and adds in the blockchain entry a signed hash produced by encrypting the generated hash. The system publishes the blockchain entry for the blockchain, the signed hash in a blockchain entry useable to detect tampering with the program component.

Abstract: Results of an authentication process are received. The authentication process allows for a graded level of authentication using a plurality of authentication types (e.g., a username/password and a fingerprint scan). Encrypted data is then accessed. The encrypted data has been encrypted using a plurality of encryption levels. The data is unencrypted based on the graded level of authentication. In a second embodiment, a system and method are provided that establish a communication session (e.g., a voice or email communication session). The communication session is between a plurality of users. During the communication session, an indication is received to change an encryption level for the communication session. In response to receiving the indication to change the encryption level for the communication session, an encryption level of the first communication session is dynamically changed from a first level of encryption to a second level of encryption.

Abstract: Embodiments provide for detecting viruses and other malware in executing process threads based on thread patterns. According to one embodiment, detecting previously unknown malware associated with process threads can comprise capturing context information for each thread of a plurality of threads executing on a processor. The context information can define a thread pattern for the thread. The thread pattern for each thread can be compared to stored information defining one or more known patterns for thread execution based on previous execution of one or more threads. A thread pattern variation can be detected when the thread pattern for one or more threads does not match the stored information defining the known thread patterns. A determination can be made as to whether the detected thread pattern variation indicates presence of malware and actions can be performed based on determining the detected thread pattern variation indicates the presence of malware.

Abstract: A technique includes determining, by a computer, entries of a software vulnerability database that is associated with a plurality of components associated with a release of a software product. The technique includes determining, by the computer, a block of a blockchain representing a vulnerability state of the plurality of components; and associating, by the computer, the block of the blockchain with the product release.