Abstract: A method, apparatus and computer program product for protecting enterprise Information Technology (IT) infrastructures by automatically instantiating individualized network flow controls and/or network access controls specific to an IoT device. In this approach, an IoT device is identified, e.g., via network scanning or other observational sensors, or by receipt of information from a network administrator. In response to receiving information about the new IoT device, a control component obtains applicable network flow control and/or access control rules for the IoT device. These rules are obtained from one or more authoritative (trusted) sources, e.g., querying a website of the IoT vendor, an industry site, or an enterprise site. In this manner, applicable network flow control and/or access control rules are obtained.

Abstract: A method, apparatus and computer program product for use in identifying and blocking operation of compromised or potentially compromised IoT device(s) on a network, such as a local network behind a router or firewall. To this end, the technique provides for automated and seamless on-boarding of a “guard” system for IoT devices, preferably as those devices join (or re-join) into the network via a Dynamic Host Configuration Protocol message exchange. In operation, and in response to receipt of a DHCP discover message that includes a network location, a DHCP server uses the network location to locate and retrieve a set of flow attributes for the device. Those attributes are then associated with the IP address to be assigned to the IoT device in a network control device. The network control device then selectively identifies and/or blocks operation of the IoT device when the IoT device is compromised or potentially compromised, thereby protecting the network (or network resources) from damage or misuse.

Abstract: Transferring a set of elements between devices is provided. A set of rules governing a transfer of the set of elements from a sending client device to a receiving client device is received. The set of elements for the transfer is received from the sending client device. It is determined whether the set of rules governing the transfer of the set of elements from the sending client device to the receiving client device are met. In response to determining that the set of rules governing the transfer of the set of elements from the sending client device to the receiving client device are met, the set of elements is transferred to the receiving client device.

Abstract: A method, apparatus and computer program product for use in monitoring and controlling network behavior of Internet of Things (IoT) devices connected to a network. According to this approach, a set of network characteristics of an IoT device (e.g., as published by the device manufacturer) are assigned various risk values and then monitored over an initial time period to generate a “fingerprint” of the device's network flow. This flow is then transformed into one or more flow control rules representing “normal” or abnormal behavior of the IoT device. Preferably, the rules are instantiated into a network boundary control system (NBCS), such as an enterprise router, gateway, or the like, and then enforced, e.g., to generate alerts or others actions when the rules are triggered. The approach enables dynamic and automated threat detection and prevention based on anomalous and/or known-bad behavior.

Abstract: Embodiments for managing computing network security by one or more processors are described. A signal that is representative of authorized anomalous behavior is received. The signal includes at least one of an identity and a type of activity associated with the authorized anomalous behavior. A security incident is detected. If the detected security incident corresponds to the authorized anomalous behavior, the generating of an alert in response to the detecting of the security incident is suppressed.

Abstract: A wearable computing device receives user preferences, wherein the user preferences include information detailing one or more types of information to display based on one or more criteria being satisfied. The wearable computing device determines information to display on the wearable computing device based on the user preferences. The wearable computing device displays the determined information.

Abstract: Examples of techniques for determining security access based on user behavioral measurements are disclosed. In accordance with aspects of the present disclosure, a computer-implemented method is provided. The method may comprise performing a trust evaluation to calculate a trust penalty value for a user based on a plurality of measured user attributes. The method may further comprise determining, by a processing device, a security access level based on a predefined trust threshold and the trust penalty value for the user. The method may also comprise applying the security access level to the user.

Abstract: Examples of techniques for determining security access based on user behavioral measurements are disclosed. In accordance with aspects of the present disclosure, a computer-implemented method is provided. The method may comprise performing a trust evaluation to calculate a trust penalty value for a user based on a plurality of measured user attributes. The method may further comprise determining, by a processing device, a security access level based on a predefined trust threshold and the trust penalty value for the user. The method may also comprise applying the security access level to the user.

Abstract: Transferring a set of elements between devices is provided. A set of rules governing a transfer of the set of elements from a sending client device to a receiving client device is received. The set of elements for the transfer is received from the sending client device. It is determined whether the set of rules governing the transfer of the set of elements from the sending client device to the receiving client device are met. In response to determining that the set of rules governing the transfer of the set of elements from the sending client device to the receiving client device are met, the set of elements is transferred to the receiving client device.

Abstract: A method includes a computing device receiving data traffic flow and initializing a subroutine to assess alerts for the received data traffic flow; the computer device determining a collection of rules which produce more than a threshold of false positive alerts and more than a threshold of true positive alerts for the assessed alerts; the computer device determining a logical condition and an atomic rule element to add to the collection of rules; and the computer device implementing the added logical condition and atomic rule element if the number of assessed alerts are decreased below a value.

Abstract: A wearable computing device receives user preferences, wherein the user preferences include information detailing one or more types of information to display based on one or more criteria being satisfied. The wearable computing device determines information to display on the wearable computing device based on the user preferences. The wearable computing device displays the determined information.

Abstract: A wearable computing device receives user preferences, wherein the user preferences include information detailing one or more types of information to display based on one or more criteria being satisfied. The wearable computing device determines information to display on the wearable computing device based on the user preferences. The wearable computing device displays the determined information.

Abstract: Examples of techniques for determining security access based on user behavioral measurements are disclosed. In accordance with aspects of the present disclosure, a computer-implemented method is provided. The method may comprise performing a trust evaluation to calculate a trust penalty value for a user based on a plurality of measured user attributes. The method may further comprise determining, by a processing device, a security access level based on a predefined trust threshold and the trust penalty value for the user. The method may also comprise applying the security access level to the user.

Abstract: A computer-implemented method for managing an authentication policy for a user on a network of an organization includes determining at least one social media attribute of the user, and a social media risk value is assigned based on the at least one social media attribute of the user. The method further includes determining at least one network activity risk attribute of the user, and a network activity risk score is assigned based on the at least one network activity risk attribute. A current risk assessment score of the user is calculated based on the social media risk value and the network activity risk value. An authentication policy for the user is determined based on the current risk assessment score.

Abstract: An approach for authenticating a device is provided. The approach includes a computer implemented method for receiving a first stage biometric variable verification data for accessing the device. The approach further includes a computer-implemented method for computing a second stage binary authentication data for accessing the device. The approach further includes analyzing the received first stage biometric variable verification data and the second stage binary authentication data. The approach further includes receiving the second binary authentication data for accessing the device.

Abstract: A wearable computing device receives user preferences, wherein the user preferences include information detailing one or more types of information to display based on one or more criteria being satisfied. The wearable computing device determines information to display on the wearable computing device based on the user preferences. The wearable computing device displays the determined information.

Abstract: A wearable computing device receives user preferences, wherein the user preferences include information detailing one or more types of information to display based on one or more criteria being satisfied. The wearable computing device determines information to display on the wearable computing device based on the user preferences. The wearable computing device displays the determined information.

Abstract: A wearable computing device receives user preferences, wherein the user preferences include information detailing one or more types of information to display based on one or more criteria being satisfied. The wearable computing device determines information to display on the wearable computing device based on the user preferences. The wearable computing device displays the determined information.

Abstract: A wearable computing device receives user preferences, wherein the user preferences include information detailing one or more types of information to display based on one or more criteria being satisfied. The wearable computing device determines information to display on the wearable computing device based on the user preferences. The wearable computing device displays the determined information.

Abstract: A wearable computing device receives user preferences, wherein the user preferences include information detailing one or more types of information to display based on one or more criteria being satisfied. The wearable computing device determines information to display on the wearable computing device based on the user preferences. The wearable computing device displays the determined information.