Abstract: A method for attribute based group access control includes receiving, by a data event monitor of an access control management system, a notification identifying a data object uploaded to a data store. The method includes analyzing, by the data event monitor, at least one characteristic of the data object, wherein analyzing further comprises analyzing metadata associated with the data object. The method includes generating, by a data analysis engine of the access control management system, based upon the analyzing, at least one attribute-based access control rule. The method includes associating, by an access group generator of the access control management system, a group identifier with the data object, the group identifier specifying a type of user satisfying the at least one attribute-based access control rule.

Abstract: Embodiments of the present disclosure include systems and methods for scanning for and identifying sensitive data in unexpected locations of data storage structures. Once sensitive data is found in unexpected locations of data storage structures, actions can be taken to remediate the unexpected storage of the sensitive data.

Abstract: A method for securing data access by containerized applications includes intercepting, by a first container executing on a first computing device and associated with a containerized application in a second container executing on the first computing device, a first Internet Protocol (IP) request from the containerized application. The first container determines that the IP request is addressed to a second computing device executing a resource that the containerized application is authorized to access. The first container encrypts a payload portion of the IP request and transmits, to the resource, a second IP request with the encrypted payload portion. The first container receives, from the resource, a response. The first container requests, from a third computing device, a cryptographic key for decrypting the response. The first container decrypts, with the cryptographic key, a payload portion of the response and transmits, to the containerized application, the decrypted payload portion of the response.

Abstract: A method for securing data access by containerized applications includes intercepting, by a first container executing on a first computing device and associated with a containerized application in a second container executing on the first computing device, a first Internet Protocol (IP) request from the containerized application. The first container determines that the IP request is addressed to a second computing device executing a resource that the containerized application is authorized to access. The first container encrypts a payload portion of the IP request and transmits, to the resource, a second IP request with the encrypted payload portion. The first container receives, from the resource, a response. The first container requests, from a third computing device, a cryptographic key for decrypting the response. The first container decrypts, with the cryptographic key, a payload portion of the response and transmits, to the containerized application, the decrypted payload portion of the response.

Abstract: A method for multi-factor, biometrics-based, secure data signature includes generating, by a biometrics reader device, a first biometric measurement using a physical characteristic of a user. The method includes selecting, by at least one noise-resistant feature transformation and hashing module executing on a processor of a computing device, a code word in a set of code words, wherein selecting further comprises applying an error correcting code to the first biometric measurement. The method includes generating, by the at least one noise-resistant feature transformation and hashing module, a first hash, wherein generating further comprises executing a hashing algorithm and using the selected code word as input to the hashing algorithm. The method includes generating, by the at least one noise-resistant feature transformation and hashing module, a public key and a private key, using the first hash. The method includes electronically signing, with the private key, data associated with the user.

Abstract: Techniques are described for communicating between two organizations without exchanging sensitive private information. One of the methods includes generating a token representative of private data. The method includes identifying at least one entity associated with the private data. The method includes associating the token with at least one entity. The method also includes providing information identifying at least one entity and the token to a machine learning system.

Abstract: An article manufactured in a mould and which comprises a structural composite of plastics layers, the article having a wall defining an internal space for holding contents therein; wherein, the wall is formed from at least two layers of plastics materials; wherein a first of said layers comprises a thermoplastics material and at least a second layer comprises a thermosetting resin and a fibrous layer.

Abstract: A method of restricting data access based on properties of at least one of a process and a machine executing the process includes receiving, by an access control management system, from a first computing device, information associated with an encrypted data object. The method includes requesting, by the access control management system, from a verifier, verification that a second computing device executes a process in accordance with a process attribute identified in the information associated with the encrypted data object. The method includes sending, by the access control management system, to the second computing device, the received information associated with the encrypted data object, responsive to the verification of the process attribute.

Abstract: A system and method for detecting anomalies in very large datasets is disclosed. The method includes calculating statistics for data elements in a data set over a range of time periods. These statistics are arranged into a 2D array and analyzed using a machine learning algorithm to detect anomalous regions. The method also includes steps of analyzing time series of the data based on detected anomalous regions, correcting any errors in the datasets, and storing the corrected values in a separate database to maintain data integrity.

Abstract: A method of restricting data access based on properties of at least one of a process and a machine executing the process includes receiving, by an access control management system, from a first computing device, information associated with an encrypted data object. The method includes requesting, by the access control management system, from a verifier, verification that a second computing device executes a process in accordance with a process attribute identified in the information associated with the encrypted data object. The method includes sending, by the access control management system, to the second computing device, the received information associated with the encrypted data object, responsive to the verification of the process attribute.

Abstract: A method for securing data access by containerized applications includes intercepting, by a first container executing on a first computing device and associated with a containerized application in a second container executing on the first computing device, a first Internet Protocol (IP) request from the containerized application. The first container determines that the IP request is addressed to a second computing device executing a resource that the containerized application is authorized to access. The first container encrypts a payload portion of the IP request and transmits, to the resource, a second IP request with the encrypted payload portion. The first container receives, from the resource, a response. The first container requests, from a third computing device, a cryptographic key for decrypting the response. The first container decrypts, with the cryptographic key, a payload portion of the response and transmits, to the containerized application, the decrypted payload portion of the response.

Abstract: An article manufactured in a mould and which comprises a structural composite of plastics layers, the article having a wall defining an internal space for holding contents therein; wherein, the wall is formed from at least two layers of plastics materials; wherein a first of said layers comprises a thermoplastics material and at least a second layer comprises a thermosetting resin and a fibrous layer.

Abstract: A method of restricting data access based on properties of at least one of a process and a machine executing the process includes receiving, by an access control management system, from a first computing device, information associated with an encrypted data object. The method includes requesting, by the access control management system, from a verifier, verification that a second computing device executes a process in accordance with a process attribute identified in the information associated with the encrypted data object. The method includes sending, by the access control management system, to the second computing device, the received information associated with the encrypted data object, responsive to the verification of the process attribute.

Abstract: A method includes receiving, by an access control management system, from a first client device, information associated with an encrypted data object. The access control management system receives, from a second client device, a request for the information. The access control management system verifies that a user of the second client device is identified in the received information. The access control management system selects an identity provider, based on a user identifier included in the received information, the user identifier associated with the user of the second client device. The access control management system requests from the selected identity provider, authentication of the user of the second client device. The access control management system sends, to the second client device, the received information. The access control management system stores an identification of at least one of the second client device and the received request for the information.

Abstract: A method includes receiving, by an access control management system, from a first client device, information associated with an encrypted data object. The access control management system receives, from a second client device, a request for the information. The access control management system verifies that a user of the second client device is identified in the received information. The access control management system selects an identity provider, based on a user identifier included in the received information, the user identifier associated with the user of the second client device. The access control management system requests from the selected identity provider, authentication of the user of the second client device. The access control management system sends, to the second client device, the received information. The access control management system stores an identification of at least one of the second client device and the received request for the information.

Abstract: Described in this disclosure is a battery retention device which may include an integral gasket configured to provide an interface between a portion of a battery compartment and a circuit board. The battery retention device may comprise an elastomeric material and one or more retention features configured to prevent Euler buckling in batteries positioned in tandem with one another.

Abstract: A method for distributing cryptographic data to trusted recipients includes receiving, by an access control management system, from a first client device, information associated with an encrypted data object, the information including an identification of a platform for generating an integrity measurement digitally signed by a root of trust. The access control management system receives, from a second client device, a request for the information associated with the encrypted data object. The access control management system verifies that the second client device includes the platform for generating the integrity measurement digitally signed by the root of trust. The access control management system determines, based on the verification of the second client device, not to authenticate the second client device. The access control management system sends, to the second client device, the received information associated with the encrypted data object, responsive to the determination.

Abstract: Method of preparing a crosslinked oxidation resistant ultrahigh molecular weight polyethylene polymer (UHMWPE) involves 1) forming a blend containing UHMWPE powder, a crosslinker, and optionally an antioxidant; 2) applying first conditions of pressure and heat to consolidate the UHMWPE and 3) applying second conditions of heat to activate the crosslinker and crosslink the consolidated UHMWPE. The crosslinker activates at high temperature and is peroxide free.

Abstract: A device for detection of tampering with the interior of sports implements or other hollow opaque objects. The device is inserted in the interior of the object and includes an RFID tag with supporting microcircuitry for transmission of a signal. The signal can be detected outside of the device. Persistence of the signal indicates that the body of the object has not been breached or otherwise adulterated. The microcircuitry includes a kill switch that terminates the signal when the interior of the object has been compromised. Inability to detect a signal indicates tampering of the object. The device enables quick and easy screening of objects for compliance with rules or performance standards.

Abstract: A method for distributing cryptographic data to trusted recipients includes receiving, by an access control management system, from a first client device, information associated with an encrypted data object, the information including an identification of a platform for generating an integrity measurement digitally signed by a root of trust. The access control management system receives, from a second client device, a request for the information associated with the encrypted data object. The access control management system verifies that the second client device includes the platform for generating the integrity measurement digitally signed by the root of trust. The access control management system determines, based on the verification of the second client device, not to authenticate the second client device. The access control management system sends, to the second client device, the received information associated with the encrypted data object, responsive to the determination.