Abstract: Mobile management method, system and client. Method includes receiving a DNS query for a host name from an application on client; retrieving reputation data associated with host name from a local cache on client; and determining a policy based on host name and the reputation data. Based on determined policy for the host name, blocking attempted network flows to a host corresponding to host name to produce blocked attempted network flows. Method also includes sending attempted network flow metadata related to the blocked attempted network flows to a collector on client; transmitting the attempted network flow metadata from the collector to a VPN server pool via a VPN tunnel; and producing an anomaly report from the transmitted attempted network flow metadata. The anomaly report includes at least one of anomalies, cohorts, trends, location boundaries, detected network security issues, detected compromised clients and/or optimized network usage.

Abstract: A machine has a network interface circuit to provide connectivity to networked machines. A processor is connected to the network interface circuit. A memory is connected to the processor and the network interface circuit. The memory stores instructions executed by the processor to record the purchase of a digital asset by a user at a client machine from a data source machine in network communication with the client machine. The location of the digital asset on one or more machines of the networked machines is archived. The location is separate from the data source machine. The digital asset is associated with a data access policy. A request for the digital asset is received. The data access policy is enforced through programmatic control utilized by one or more of the networked machines to form a consent state. Distribution of the digital asset to a networked machine is authorized in response to the consent state.

Abstract: A non-transitory computer readable storage medium with instructions executed by a processor maintains different digital identities for different internet browsing personas associated with a real user. Persona selection rules are invoked to automatically designate a selected digital identity for a current internet browsing session. Browser state for the selected digital identity is loaded.

Abstract: An apparatus has a network interface circuit providing connectivity to a network with network connected client machines hosting email client modules controlling email inboxes. A processor is connected to the network interface circuit. A memory is connected to the processor. The memory stores instructions executed by the processor to scan the email inboxes to identify statistically infrequently received emails from different network connected service providers. Protocols utilized by the different network connected service providers to accept user data delete requests are identified. The protocols are executed.

Abstract: A non-transitory computer readable storage medium has instructions executed by a processor to maintain digital identities. Each digital identity has identity attributes different than identity attributes associated with a real individual utilizing the digital identity. Each digital identity has an associated attribute for compartmentalized network activity. Interactions between the digital identities and a virtual card provider are supported to secure virtual cards for the digital identities. Interactions between the digital identities and a persona management application are brokered, including delivering the virtual cards for the digital identities to the persona management application.

Abstract: A non-transitory computer readable storage medium has instructions executed by a processor to maintain a digital wallet with digital identities. Each digital identity has identity attributes different than identity attributes associated with a real individual utilizing the digital identity, an associated attribute for compartmentalized network activity, a digital identity key pair, and a designated block chain. Interactions between the digital identities of the digital wallet and a digital identity services platform are supported.

Abstract: The present disclosure provides compositions and methods for template-free double stranded geometric enzymatic nucleic acid synthesis of arbitrarily programmed nucleic acid sequences.

Abstract: An apparatus has a processor and a memory connected to the processor. The memory stores instructions executed by the processor to store identity attributes including real identity attributes for a real individual and at least two sets of digital identity attributes each operative as a personal privacy proxy with compartmental identity attributes. The at least two sets of digital identity attributes each include a digital identity name, a digital identity mobile device number and a digital identity email address. The at least two sets of digital identity attributes are evaluated to produce a similarity measure. The real individual is provided with a recommendation based upon the similarity measure.

Abstract: An apparatus has a processor and a memory connected to the processor. The memory stores instructions executed by the processor to compute computer network activity reputation attributes for a digital identity. The digital identity has identity attributes different than identity attributes associated with a real individual utilizing the digital identity for computer network activity. The storage of the computer network activity reputation attributes for the digital identity is coordinated within a block chain system distributed across a block chain network of computers. Computer network activity reputation attributes for the digital identity are supplied in response to a request from a machine. The computer network activity reputation attributes are communicated over a network of computers to the machine.

Abstract: A machine has a network interface circuit to provide connectivity to networked machines. A processor is connected to the network interface circuit. A memory is connected to the processor and the network interface circuit. The memory stores cryptographically protected data, an identity management contract and identity stewards specifying individuals to administer the identity management contract. The memory stores instructions executed by the processor to receive a request to identify a legal identity for a digital identity, collect from certain networked machines, via the network interface circuit, consent from the identity stewards, where the consent includes cryptographic identity packets. The cryptographic identity packets are combined to render the legal identity for the digital identity. Transaction data specifying the legal identity for the digital identity is supplied. The transaction data is recorded to a distributed ledger associated with at least a subset of the networked machines.

Abstract: A machine has a network interface circuit to provide connectivity to networked machines. A processor is connected to the network interface circuit. A memory is connected to the processor and the network interface circuit. The memory stores cryptographically protected data, a data access policy and a steward group specifying individuals to administer the data access policy. The memory stores instructions executed by the processor to receive a request to access the cryptographically protected data. Authentication tokens from individuals in the steward group are collected. It is determined that the authentication tokens satisfy the data access policy to establish a data access state. A decrypted version of the cryptographically protected data is supplied to one or more of the networked machines to establish a transaction. The transaction is recorded with a distributed ledger associated with at least a subset of the networked machines.

Abstract: An apparatus has a processor and a memory connected to the processor. The memory stores instructions executed by the processor to store identity attributes including real identity attributes for a real individual and a digital identity with digital identity data attributes operative as a personal privacy proxy for the real individual. Web site input forms are automatically filled alternately using the real identity attributes and the digital identity attributes.

Abstract: An apparatus includes a processor and a memory connected to the processor. The memory stores instructions executed by the processor to store identity attributes including real identity attributes for a real individual and a digital identity with digital identity data attributes operative as a personal privacy proxy for the real individual. A digital identity management system is hosted to communicate with digital identity applications that observe a common application program interface. Each digital identity application implements at least one digital network function for the digital identity.

Abstract: An apparatus has a processor and a memory connected to the processor. The memory stores instructions executed by the processor to store identity attributes including real identity attributes for a real individual and at least two sets of digital identity attributes each operative as a personal privacy proxy with compartmental identity attributes. The at least two sets of digital identity attributes include a first machine generated digital identity email address associated with a first role and a second machine generated digital identity email address associated with a second role.

Abstract: A machine has a processor and a memory connected to the processor. The memory stores instructions executed by the processor to execute a messaging application to coordinate exchanges of messages over a network. A secure channel is maintained separate from the messaging application. The secure channel processes cryptographic blocks delivered to and received from the message application.

Abstract: A processing module operating method includes using a processing module physically connected to a wireless communications device, requesting that the wireless communications device retrieve encrypted code from a web site and receiving the encrypted code from the wireless communications device. The wireless communications device is unable to decrypt the encrypted code. The method further includes using the processing module, decrypting the encrypted code, executing the decrypted code, and preventing the wireless communications device from accessing the decrypted code.

Abstract: An exemplary system includes at least one valve configured to control fluid flow in a dual-clutch transmission system. A solenoid is operably connected to the at least one valve and configured to move the valve to a plurality of positions. A primary processing unit is in communication with the solenoid and configured to determine an intended position of the valve. A controller is configured to receive the intended position of the valve from the primary processing unit and generate a primary control signal associated with the intended position of the valve. The solenoid is configured to move the valve to the intended position based on the primary control signal. A secondary processing unit is configured to receive information from the primary processing unit and prevent the primary control signal from controlling the solenoid if the primary processing unit is unable to control the solenoid.

Abstract: A secure computing module (SCM) is configured for connection with a host device. The SCM includes a processor for performing secure processing operations, a host interface for coupling the processor to the host device, and a memory connected to the processor wherein the processor logically isolates at least some of the memory from access by the host device. The SCM also includes a proximate-field wireless communicator connected to the processor to communicate with another SCM associated with another host device. The SCM generates a secure digital signature for a financial transaction package and communicates the package and the signature to the other SCM using the proximate-field wireless communicator. Financial transactions are performed from person to person using the secure digital signature of each person's SCM and possibly message encryption.

Abstract: In a system, method, GUI, apparatus, and/or computer-readable media for providing a secure, proximity based peer-to-peer payment transaction service a signal may be received from a personal electronic device (PED) by a server. An identity of the PED may be verified based on the received signal and, upon verification the PED may be enabled to discover one or more offers to participate in a transaction provided by one or more sellers. A selection and acceptance of an offer may be received from the PED and funds to a seller providing the selected offer.

Abstract: Systems, apparatus, and methods for verifying a user's identity and conducting a transfer of funds via a payment proxy system are herein provided. A message including a request for verification of the user's identity and/or a transfer of funds via a proxy payment system may be received. The message may also include user identification information and/or a token. Completion of the identification verification and/or requested funds transfer may be dependent upon verification of user identification information and/or a token.