Abstract: There is disclosed in one example a computing apparatus, including: an interface to a backup source in a current state; a backup storage having stored thereon a first backup version of a previous state of the source; and a backup engine to: compute a delta between the current state and the previous state; save via the backup storage a second backup version sufficient to reconstruct the current state; and assign the second backup version a reputation relative to one or more previous backup versions.

Abstract: Technologies for performing energy efficient software distribution include a mesh node. The mesh node is to obtain fingerprint data of a plurality of other mesh nodes in a network. The mesh node is also to determine corresponding characteristics of the mesh nodes from the obtained fingerprint data, including an energy status of each of the mesh nodes. The mesh node is also to perform an analysis of a software update, determine, as a function of the analysis of the software update, one or more target mesh nodes of the plurality of mesh nodes for the software update, and determine a path through the mesh nodes to the one or more target mesh nodes as a function of the fingerprint data. Other embodiments are also described and claimed.

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to manage digital assets owned by a user and hosted by a first online service provider and a second online service provider. Provided herein is a gateway system comprising: a trusted authentication interface; one or more processors; and memory including instructions that, when executed, cause the one or more processors to at least: authenticate the user with the first and second online service providers using the trusted authentication interface; and instruct, via the trusted authentication interface, the first and second online service provider to take an action with respect to one or more of the digital assets, the first and second online service providers to trust the instructions from the trusted authentication interface without further authenticating the user.

Abstract: Technologies for privacy-safe security policy evaluation include a cloud analytics server, a trusted data access mediator (TDAM) device, and one or more client devices. The cloud analytics server curries a security policy function to generate a privacy-safe curried function set. The cloud analytics server requests parameter data from the TDAM device, which collects the parameter data, identifies sensitive parameter data, encrypts the sensitive parameter data, and transmits the encrypted sensitive parameter data to the cloud analytics server. The cloud analytics server evaluates one or more curried functions using non-sensitive parameters to generate one or more sensitive functions that each take a sensitive parameter. The cloud analytics server transmits the sensitive functions and the encrypted sensitive parameters to a client computing device, which decrypts the encrypted sensitive parameters and evaluates the sensitive functions with the sensitive parameters to return a security policy.

Abstract: A method to onboard a slave node to a high performance computing system that includes a fabric switch network that includes a fabric switch master and a group of slave nodes, wherein the fabric switch master is configured to route messages between slave nodes of the group comprising: receiving a fabric switch master address message, at an onboarding slave node, over an external network; providing an identification message, by the onboarding slave node, over the fabric switch network; receiving the identification message, at the fabric switch master, over the fabric switch network; providing the permission message, by the fabric switch master, over the fabric switch network; and receiving, a permission message, at the onboarding slave node, over the fabric switch network.

Abstract: A system provides a way for a person to control access to digital assets, including financial accounts, through a common gateway that can interact on the person's behalf with service providers that manage the digital assets. Brokers may act as intermediaries between the gateway and the service providers, providing a common interface to the gateway and a specific interface to a service provider. Trigger events can cause the gateway to interact with the service providers, causing the service providers to take a desired action. The trigger events may include notification sent by the person, timed events, and other detected events.

Abstract: Systems and methods for phishing and brand protection of websites via copycat detection are disclosed herein. An example apparatus includes at least one processor, a display, and memory including instructions that, when executed, cause the at least one processor to determine a first hash of a first image in a webpage and a second hash of a second image in the webpage, the second image different from the first image, the first hash different from the second hash, generate a temporary page profile associated with the webpage based on the first hash and the second hash, fuzzy match the temporary page profile to a baseline page profile, and in response to a determination that the temporary page profile does not match the baseline page profile, generate an alert to be displayed via the display to indicate that fraud has been detected for the webpage.

Abstract: There is disclosed in one example a sentinel device, including: a hardware platform including at least a processor and configured to provide a trusted execution environment (TEE); and a security engine operable to instruct the hardware platform to: determine that an internet of things (IoT) device in a first realm R1 requires a secure communication channel with a second device in a second realm R2; query a key server for a service appliance key for the secure communication channel; establish a secure communication channel with the endpoint device using the service appliance key and the TEE; and provide a security service function within R1 including brokering communication via the secure communication channel between the IoT device and the second device.

Abstract: Technologies for performing energy efficient software distribution include a mesh node. The mesh node is to obtain fingerprint data of a plurality of other mesh nodes in a network. The mesh node is also to determine corresponding characteristics of the mesh nodes from the obtained fingerprint data, including an energy status of each of the mesh nodes. The mesh node is also to perform an analysis of a software update, determine, as a function of the analysis of the software update, one or more target mesh nodes of the plurality of mesh nodes for the software update, and determine a path through the mesh nodes to the one or more target mesh nodes as a function of the fingerprint data. Other embodiments are also described and claimed.

Abstract: There is disclosed in one example a data loss prevention (DLP) server, including: a processor; a trusted input/output (IO) interface to communicatively couple to a user device; a social media interface to communicatively couple to a social media service; a trusted execution environment (TEE); and a memory having stored thereon executable instructions to instruct the processor to provide a DLP engine to: receive via the trusted IO interface a signed and encrypted user posting for the social media service, the user posting including a signed user state report verifying that the user has passed a biometric screening; and submit the user posting on behalf of the user to the social media service via the social media interface.

Abstract: There is disclosed in one example a social media server, including: a processor; a trusted input/output (IO) interface to communicatively couple to a consumer device; a network interface to communicatively couple to an enterprise; and a memory having stored thereon executable instructions to instruct the processor to provide a data loss prevention (DLP) engine to: receive via the trusted IO interface a signed and encrypted user posting for the social media service, the user posting including a signed user state report verifying that the user has passed a biometric screening; transmit content of the user posting to the enterprise via the network interface for DLP analysis; receive from the enterprise a notification that the user posting has passed DLP analysis; and accept the user posting.

Abstract: Techniques for allowing devices to obtain software updates are described. In one scenario, a device broadcasts request for updates to nearby devices of the same type, at least one of which responds indicating an available update. The device requesting the update broadcasts a request for the available update to nearby devices, at least one of which provides at least a portion of the update. In another scenario, a device broadcasts requests for update to nearby devices manufactured by the same manufacturer. At least one device may provide the update, responsive to a determination that the update is available. Alternately, responsive to a determination that the update is not available, the device receiving the broadcast may respond saying the update is not available, then attempt to update the update from an update server. Upon receiving a later broadcast, the device having the update may provide the update to the requesting device.

Abstract: In an example, there is disclosed a computing apparatus, comprising: a trusted execution environment (TEE); and a security engine operable to: identify a key negotiation for an encrypted connection between a first device and a second device; request a service appliance key for the key negotiation; receive the service appliance key; and perform a service appliance function on traffic between the first device and the second device. There is also disclosed a method of providing the security engine, and a computer-readable medium having stored thereon executable instructions for providing the security engine.

Abstract: In an example, there is disclosed a computing apparatus, comprising: a psychological state data interface to receive psychological state data; one or more logic elements, including at least one hardware element, comprising a verification engine to: receive a requested user action; receive a psychological state input via the psychological state data interface; analyze the psychological state input; and bar the requested user action at least partly responsive to the analyzing.

Abstract: This disclosure describes systems, methods, and computer-readable media related to phishing and brand protection via copycat detection. In some embodiments, a temporary page profile associated with a webpage may be generated. The temporary page profile may include an image component, a geometry component, a style component, and a link component. One or more baseline page profiles may be retrieved. The temporary page profile and the one or more baseline page profiles may be compared. It may be determined that the temporary page profile does not match the one or more baseline page profiles. An alert may be generated to display to a user indicating that fraud has been detected for the webpage.

Abstract: Methods apparatus, systems, and articles of manufacture for IoT and PoS anti-malware are disclosed. An example method includes detecting a combination of function calls. Whether the combination of function calls is a forbidden combination of function calls for the device is detected based on a limited intended functionality of the device. The forbidden combination of function calls includes a first function call and a second function call. The first function call is allowed in isolation from the second function call. The second function call is allowed in isolation from the first function call. In response to determining that the combination of function calls is forbidden for the device, a responsive action is performed.

Abstract: A method in one example embodiment includes generating a signature for an object in a compute node in a network, searching a memory element for the signature, and responsive to determining the memory element does not contain the signature, scanning the object. The method also includes updating the memory element with a scan result, and synchronizing the memory element of the compute node with one or more memory elements of one or more other compute nodes in the network. In specific embodiments, the scan result includes the signature of the object and a threat level of the object. In further embodiments, the synchronizing includes sending the scan result to one or more other compute nodes in the network. In more specific embodiments, the scan result is sent with one or more other scan results after a predetermined interval of time from a previous synchronization.

Abstract: A method dynamically reconfigures a system on a chip (SOC) comprising multiple semiconductor intellectual property (IP) blocks. The method comprises, when booting a data processing system (DPS) comprising the SOC, automatically allocating different IP blocks to multiple different microsystems within the DPS, based on a static partitioning policy (SPP). The method also comprises, after booting the DPS, determining that reallocation of at least one of the IP blocks is desired, based on (a) monitored conditions of at least one of the microsystems and (b) a dynamic partitioning policy (DPP). The method also comprises, in response to determining that reallocation of at least one of the IP blocks is desired, automatically reallocating at least one of the IP blocks from one of the microsystems to another of the microsystems without resetting at least one of the microsystems. Other embodiments are described and claimed.

Abstract: Modifying a priority for at least one flow class of an application includes registering flow classes for an application with a SDN controller, determining, with the SDN controller, a priority for each of the flow classes based on other installed applications and network services on the SDN controller, modifying, based on an event, the priority for at least one of the flow classes of the application by mapping a priority key associated with the priority to a new priority value, receiving, from the application, at least one flow modification rule using a priority key as the priority, and validating the at least one flow modification rule against registered parameters of at least one of the flow classes of the application to determine a flow of traffic based on the priority.

Abstract: Prioritizing at least one flow class for an application on a software defined networking (SDN) controller includes registering flow classes for an application with a SDN controller, determining, with the SDN controller, a priority for each of the flow classes based on other installed applications and network services on the SDN controller, receiving, from the application, at least one flow modification rule using a priority key as the priority, and validating the at least one flow modification rule against registered parameters of at least one of the flow classes of the application to determine a flow of traffic based on the priority.