Abstract: This invention discloses a method for discovering vulnerabilities of operating system access control based on model checking. In this method, security attribute and security specifications of operating system access control module are analyzed to construct the access control model. To discover vulnerabilities in the model, security analysis is performed for access control functionality with theorem proving techniques, and consistency of abstract machine specification and correctness and completeness of the components are verified with model checking tools. This method provides theoretical and technical support for studies in the field of operating system security.

Abstract: Source code is managed through a source code management system and one or more static application security testing scanners check the source-code for vulnerabilities. The scanners generate vulnerability reports that are processed by a vulnerability tracker. The vulnerability tracker computes the scopes of identified vulnerabilities from the source-code and generates scope and offset fingerprints (e.g., hashes that uniquely identify vulnerabilities based on their surrounding scope). The fingerprints used for deduplication and vulnerability tracking. The vulnerability tracker may generate a refined vulnerability report that includes a set of deduplicated vulnerabilities with the corresponding fingerprints. The refined vulnerability report and related data may be stored in a vulnerability database for use in vulnerability management.

Abstract: Applications on a device are assigned scores based on their attributes, update status, and source. A device is a assigned a score based on its attributes and the scores of applications installed thereon. the device score may be combined with an evaluation of user behavior to obtain a user score. The scores may be used to invoke security actions with respect to data and services of an enterprise. Security reports for a network environment may be modified such that the severity of threats accounts for policies and attributes of the environment. Security of a device may be evaluated locally, including the training of a model to identify anomalous authentication or usage behavior. Security of a device may be reduced to a score lacking personal information that may be used by a server to select access controls for a device.

Abstract: Systems and methods for determining and displaying platform-specific end-to-end security vulnerabilities via a graphical user interface (GUI) are disclosed. To provide users with visual indications of vulnerable computing aspects associated with a computing platform, the system identifies computing aspects associated with a platform. The system then obtains from a security entity, security-vulnerability descriptions that are associated with the platform. Using the security-vulnerability descriptions, the system then determines threat levels for each security-vulnerability description and then, using the determined threat levels, determines a computing aspect impact level for each computing aspect associated with the platform. The system then generates for display on a GUI, a graphical layout comprising each computing aspect impact level for each computing aspect associated with the platform.

Abstract: A storage circuit stores secret information. A software processing circuit obtains an operation task and generates scheduling instructions corresponding to the operation task. After receiving the scheduling instructions, a hardware processing circuit obtains the secret information from the storage circuit when the flag bit in the scheduling instruction is a valid value, determines, based on the secret information, data addresses of one or more pieces of operation data required for completing the operation corresponding to the scheduling instruction, and obtains the one or more pieces of operation data based on the data addresses to complete the operation corresponding to each scheduling instruction.

Abstract: A system for processing data within a Trusted Execution Environment (TEE) of a processor is provided. The system may include: a trust manager unit for verifying identity of a partner and issuing a communication key to the partner upon said verification of identity; at least one interface for receiving encrypted data from the partner encrypted using the communication key; a secure database within the TEE for storing the encrypted data with a storage key and for preventing unauthorized access of the encrypted data within the TEE; and a recommendation engine for decrypting and analyzing the encrypted data to generate recommendations based on the decrypted data.

Abstract: The present technology relates to a signal processing device and a signal processing method for enabling reduction of a processing load while ensuring safety. The signal processing device includes a control unit that acquires designation information indicating a designated portion to be encrypted in output data and an encryption processing unit that encrypts the designated portion indicated by the designation information in the output data using a key. Furthermore, the designated portion indicated by the designation information is changed with time. The present technology can be applied to an in-vehicle camera.

Abstract: An apparatus, such as a memory system (e.g., a NAND memory system), can have a controller with a first error correction code component and a memory device (e.g., a NAND memory device) coupled to the controller. The memory device can have an array of memory cells, a second error correction code component coupled to the array and configured to correct data from the array, and a cryptographic component coupled to receive the corrected data from the second error correction code component.

Abstract: Techniques for configuring data protection settings for data of an industrial system or an electric power system are provided. The industrial system or the electric power system includes at least one gateway via which the data are transmitted to a computing resource for processing and/or storing. One or several privacy-preserving techniques to be applied to the data are automatically determined. The one or several privacy-preserving techniques being determined based on data privacy requirements for the data and processing operations to be performed on the data by the computing resource. The determined one or several privacy-preserving techniques are automatically applied.

Abstract: A device and method for provided access to distributed data sources includes a cloud security server configured to associate any number of data sources and client devices with a cloud security server account. The cloud security server assigns trust levels to the data sources and the client devices. A client device requests data from the cloud security server. The cloud security server authenticates the client device and verifies the trust levels of the client device and the requested data. If verified, the cloud security server brokers a connection between the client device and the data source, and the client device accesses the requested data. Data sources may include cloud service providers and local storage devices. The cloud security server may assign a trust level to a client device for a limited time or revoke a trust level assigned to a client device. Other embodiments are described and claimed.

Abstract: An example described herein may involve receiving a temperature measurement associated with an input component, wherein the temperature measurement is received from a temperature sensor, and wherein the temperature measurement indicates a temperature of an input element of the input component; determining that the temperature of the input element satisfies a threshold temperature; and causing an infrared element to emit infrared light in association with a position of the input component. While the infrared element is emitting the infrared light, capture information associated with a user interacting with the input component may be obfuscated.

Abstract: Systems and methods mediate permissions for applications on user devices using predictive models. Data communications are monitored on a user device for permission requests and responses. A predictive model is trained with these permission requests and responses until a threshold is met. Then, a default permission response is provided on behalf of the user device in response to a permission request.

Abstract: Working from home is becoming more and more commonplace. Ensuring that remote workers are following prescribed data protection measures becomes more important, and challenging. Safe and Secure Remote Working Environment (SSRWE) monitors an environment and determines if a non-compliant element is present. For example, a condition of working from home may be that no notetaking or electronic devices, especially ones comprising a camera, be visible to a system camera capturing the field of view in front of a display. If a non-compliant situation is discovered, the display may be redacted and/or other action taken to protect sensitive information.

Abstract: A method to synchronize tags between two databases comprises receiving a first command to add a tag to a resource in a first database, the tag comprising a key value pair that defines an access privilege associated with the resource. A determination is made that the tag satisfies validation criteria associated with a second database. The tag is stored in the first database, and an entry for the tag is added to a synchronization table, wherein the entry lacks a synchronized flag. A synchronization process is performed between the first database and the second database. A determination is made that the entry of the synchronization table lacks the synchronized flag. A copy of the tag is then written to the second database, and the synchronized flag for the entry in the synchronization table is set.

Abstract: Cybersecurity active defense in data storage systems are disclosed herein. An example system includes a file system, and an architecture installed on the file system, the architecture being configured to protect the file system in a zero trust manner from a malicious attack by a source system, the architecture including a controller that is configured to determine file-level operations of files in the file system that are indicative of a malicious event, block a user account or machine address interacting with the files, prevent data exfiltration or data corruption of the files, and provide an alert to an administrator regarding the files.

Abstract: This disclosure provides methods and techniques of referencing row access policy (RAP) protected mapping tables in a RAP for a data table are disclosed herein. An example method of referencing a mapping table in a data table using nested RAP includes defining, by a processing device, a first access policy for the mapping table to control access by specific users or under specific conditions. The processing device further defines a second access policy attached to the data table referencing the mapping table. The processing device in response to a query, executes the second access policy of the data table to provide a response or operation of data associated with the data table and the mapping table. Executing the second access policy invokes executing the first access policy of the mapping table.

Abstract: Differential privacy composition determination in secure computation and communication of a dataset is provided. A method for differential privacy composition determination includes determining a differential privacy configuration that includes a first privacy parameter and a second privacy parameter, determining a privacy loss distribution, and providing a number of composition operations. The method also includes determining a third privacy parameter and a fourth privacy parameter for a differential privacy composition based on the differential privacy configuration, the privacy loss distribution, and the number of composition operations. The method further includes controlling the dataset based on at least one of the third privacy parameter and the fourth privacy parameter.

Abstract: A method includes encoding a data segment into a set of encoded data slices using erasure coding; storing, in storage units of a storage network, the set of encoded data slices, in accordance with a shared key-based encryption system (SKBES) having keys shared with the storage units; retrieving, at a periodic rate and in accordance with the SKBES, the set of encoded data slices from the storage units of the storage unit to verify whether individual slices of the set of encoded data slices have been corrupted. When one of the set of encoded data slices stored in one of the storage units has been corrupted, rebuilding the one of the set of encoded data slices by: retrieving the decode threshold number of other slices of the set of encoded data slices, in accordance with the SKBES; reconstructing the one of the set of encoded data slices based on the erasure encoding, to generate a reconstructed data slice; and storing, in accordance with the SKBES, the reconstructed data slice in the one of the storage units.

Abstract: An internally-constructed permissions graph database enabling a user to construct and alter the graph database permissions within the graph database. Edge permissions define whether a one node can View, Edit, or Manage another node. A node can view another node if there is at least one edge path connecting the nodes having a “View” permission. Similarly, a node can “Edit” or “Manage” another node if there is at least one edge path connecting the nodes having allowing “Edit” and/or “Manage” permissions, respectively. If a contiguous path of permission edges does not exist from the “caller node” to the “requested node” to be acted upon, then permission to perform the desired action or operation on that node is not granted. Edges have permissions, and Nodes have properties. A “Caller Node” makes Requests upon and “Requested Node,” which are limited by edge permissions.

Abstract: A method of accessing objects with fine-grained access control (FGAC) in a relational database management system (RDBMS) storing a segmented column-major database. For each object with access restrictions, an artificial neural network (ANN), is trained by generating an equally distributed segment map of segmented data entries, so that the map reproduces the row disposition in the unsegmented object. When a user access request is received, these ANNs are referred to determine if any of the objects to be accessed are subject to access restrictions. If that is the case, then the ANN creates a pseudo-view construct of its associated object which is limited to data entries that the user has permission to access. The pseudo-views are then injected into the user access request to embed the fine-grained access controls for subsequent processing of the request, which can then proceed without further regard to user-specific access restrictions.

Abstract: A system device and a method for managing access to data in an automation environment are disclosed. The data is associated with assets in an automation environment, where the data includes one of restricted data and unrestricted data. The automation environment is accessible via one or more computing platforms including a plurality of computing resources that are classifiable into a trusted computing platform and a non-trusted computing platform. The method includes classifying analytics operations performable on the data into a first operation set that is executable on the trusted computing platform. The analytics operations are associated with one or more applications executable on at least one of the computing platforms. The method includes enabling access to at least one of the unrestricted data and a first unrestricted output of the first operation set outside the trusted computing platform by a communication operation.

Abstract: Row-level security (RLS) may provide fine-grained access control based on flexible, user-defined access policies to databases, tables, objects, and other data structures. A RLS policy may be an entity or object that defines rules for row access. A RLS policy may be decoupled or independent from any specific table. This allows more robust and flexible control. A RLS policy may then be attached to one or more tables. The RLS policy may include a Boolean-valued expression.

Abstract: An embodiment associates a user's post data that with a category from a predefined list of categories based on the post content. The embodiment analyzes, using machine learning, the post data for potentially sensitive content and generates a first sensitive data indicator identifying potentially sensitive information in the post data and an associated first confidence value. The embodiment generates explanatory data identifying a feature that contributed to the post data being identified as potentially sensitive, and generates a modified version of the post data that modifies the feature. The embodiment analyzes the modified post data for potentially sensitive content and generates a second sensitive data indicator and a second confidence value indicating that the post data is more likely to contain sensitive data than the modified post data. The embodiment alerts the user regarding the potentially sensitive data and recommends changing the post based on the modified feature value.

Abstract: Systems, methods and non-transitory computer readable media for ownership determination in privacy firewalls are provided. A request of a user to perform an action for creating a new data collection using source data collections may be received. In response to the user not having permission to view at least part of at least one of the source data collections and the user not being an owner of the at least one of the source data collections, it may be determined that the user is not an owner of the new data collection, and in response to the user being at least an owner of the data collection or having permission to view the entire data collection for all source data collections, it may be determined that the user is an owner of the new data collection.

Abstract: System, method, and/or computer program product embodiments for automatic removal of sensitive data items from records are disclosed. In one or more embodiments, a record with a sensitive field (for storing a sensitive data item) is linked to a self-removal data policy that includes a condition set. When the condition set is true, the sensitive data item is automatically removed from the record without deleting the record and without removing other data items stored in other fields of the record. Conditions may be associated with a time period following the upload or storage of the sensitive date item, the occurrence of an event that requires the sensitive date item, a read or approval of the sensitive data item, etc. A user may modify a condition in the condition set to make the condition more stringent or less stringent.

Abstract: Systems and methods are disclosed for aggregating and indexing a patient operational longitudinal record and extracting statistics therefrom. In one example, a system for storing and indexing entries in a patient operational longitudinal record may include at least one memory storing instructions and at least one processor configured to execute the instructions to: receive a health update from an authenticated device; map the health update to a health record; apply at least one stored rule to the health update and the health record to determine additional operational data; index and store the health update and the additional operational data in association with the health record; and allow access to the health record based on an associated security protocol.

Abstract: A system and method for determining consent user interface validity for a provided consent user interface of a web form presenting consent information, comprising: accessing a consent user interface presented on a web form; determining one or more configuration attributes of the consent user interface; accessing one or more privacy regulations associated with presenting consent information; comparing the one or more configuration attributes of the consent user interface to each of the one or more privacy regulations; determining whether the consent user interface is compliant with each of the one or more privacy regulations; and in response to determining that the consent user interface is not compliant with one or more privacy regulations, flagging the consent user interface.

Abstract: A network system enables a user to record media in connection with a user operating a service application to participate in a transport service. In examples, the network system includes a user computing device on which media is recorded and stored in an unrenderable state. The user can elect to make a media recording submission for a particular service activity (e.g., trip provided or received by user). In response to the media recording submission, the user computing device identifies one or more media files that contain media data which depict the service activity. The identified media foes are transmitted to a service computing system where the media files can be rendered.

Abstract: A method for creating a tamper-evident digital content. The method includes receiving a portion of the digital content at a computing device. The method further includes encrypting the portion of the digital content by the computing device when the portion of the digital content is selected for proof-of-verification. The method further includes sending the encrypted portion of the digital content from the computing device to a distributed ledger system. The method further includes retrieving, by the computing device, hash identification data associated with the encrypted portion of the digital content from the distributed ledger system. The method further includes creating, by the computing device, an updated portion of the digital content using the retrieved hash identification data. The method further includes storing the updated portion of the digital content in a storage device by the computing device.

Abstract: To efficiently determine cross tabulation while keeping confidentiality. A flag conversion unit (11) converts a format of a share of a flag that represents a boundary between groups. A boundary number setting unit (12) generates a share of a vector in which the next element number is set when the flag representing a group boundary is true and the number of records is set when the flag is false. A sorting unit (13) generates a share of a sorted vector which has been sorted by a permutation that moves vectors such that the last elements of each group are sequentially arranged from beginning A count calculation unit (14) sets a difference between the value of one element and the value of the preceding element in the sorted vector and generates a share of a vector representing the number of records in each group.

Abstract: Provided is a digital fingerprint generator. The digital fingerprint generator includes: a control circuit, configured to generate a control word; a first pulse generation circuit, connected to the control circuit, and configured to output a first pulse signal in response to the control word; a second pulse generation circuit, connected to the control circuit, having a same structure as the first pulse generation circuit, and configured to output a second pulse signal in response to the control word; and an output circuit, connected to the first pulse generation circuit and the second pulse generation circuit, and configured to output a digital fingerprint based on the first pulse signal and the second pulse signal according to a predetermined first rule.

Abstract: A pattern detector circuit is provided in a security chip, wherein the pattern detector circuit monitors accesses of a plurality of configuration registers, each of the plurality of configuration registers having a corresponding address. In response to receiving from a host a predefined sequence of accesses of the plurality of configuration registers for one or more operations to the plurality of configuration registers, a processor in the pattern detector circuit determines a value indicative of a current version of a netlist for the security chip. The determined value is made available to be obtained by a read operation by the host at a specific configuration register address.

Abstract: Various examples are directed to systems and methods for providing a digital fingerprint of a selected portion of a memory device to a host device. A host device executing at a host device may send a to a driver a command to produce digital fingerprint data. The command may include an output pointer indicating a memory location of the local memory. The driver may generate a modified command that does not include the output pointer. The driver may send the modified command to a memory device. The driver may receive a reply comprising the digital fingerprint data and write the digital fingerprint data to a location at the memory location of local memory of the host device indicated by the output pointer.

Abstract: Computer generated (CG) hair for a virtual character can include strand-based (instanced) hair in which many thousands of digital strands represent real human hair strands. Strand-based hair can appear highly realistic, but rendering strand-based hair in real-time presents challenges. Techniques for generating textured polygon strip (poly strip) hair for a virtual character can use as an input previously-generated strand-based hair for the virtual character. Poly strips can be generated for a sampled set of strands in the strand-based hair. Additional poly strips may be generated near hairlines or part lines. Hair textures from a hair texture library can be matched to the poly strips. The matched textures can be scaled and packed into a region of texture space (e.g., a square region), which provides improved computer access, efficiency, and speed. A rendering engine can use the poly strips and the packed hair textures to render the character's hair in real-time.

Abstract: Systems, methods, devices and non-transitory, computer-readable storage mediums are disclosed for a wearable multimedia device and cloud computing platform with an application ecosystem for processing multimedia data captured by the wearable multimedia device. In an embodiment, a wearable multimedia device obtains first configuration data specifying first operations associated with a first hand of a user of the wearable multimedia device, and second configuration data specifying second operations associated with a second hand of the user. Further, the device captures sensor data from a camera and/or a depth sensor of the wearable multimedia device, and determines a presence of the first hand and/or the second hand based on the sensor data. Further, the device performs at least one of (i) the first operations responsive to determining the presence of the first hand, or (ii) the second operations responsive to determining the presence of the second hand.

Abstract: An information processing apparatus including circuitry that acquires information indicating a spatial relationship between a real object and a virtual object, and initiate generation of a user feedback based on the acquired information, the user feedback being displayed to be augmented to a generated image obtained based on capturing by an imaging device, or augmented to a perceived view of the real world, and wherein a characteristic of the user feedback is changed when the spatial relationship between the real object and the virtual object changes.

Abstract: Methods and systems are described herein for a media guidance application that allows users to associate input schemes with physical objects in an augmented reality environment. Specifically, the media guidance application may recognize physical objects in an augmented reality environment and allow users to identify input schemes to associate with the physical objects, wherein the input schemes are ways in which users may control presentation of media content by interacting with the physical objects.

Abstract: Disclosed herein are embodiments for managing a task including one or more skills. A server stores a virtual environment, software agents configured to collect data generated when a user interacts with the virtual environment to perform the task, and a predictive machine learning model. The server generates virtual entities during the performance of the task, and executes the predictive machine learning model to configure the virtual entities based upon data generated when the user interacts with the virtual environment. The server generates the virtual environment and the virtual entities configured for interaction with the user during display by the client device, and receives the data collected by the software agents. The system displays a user interface at the client device to indicate a measurement of each of the skills during performance of the task. The server trains the predictive machine learning model using this measurement of skills during task performance.

Abstract: A method comprising: rendering, in a first state, any portion of content for rendering that is not defined as restricted content and rendering, in a second state, different to the first state, any portion of the content for rendering that is defined as restricted content; and using a combination of a user perception direction and an observation field of perception to define restricted content.

Abstract: A method for determining a gaze position of a user is provided. The method can include obtaining a target distance from the display screen to a target user, and obtaining a user image of the target user, the user image includes: a global image, a head image, and an eye image, and the global image is an image of a target space in front of the display screen. The method can further include determining a first space where eyes of the target user are located from a plurality of preset subspaces within the target space based on the target distance and the global image, and determining a gaze position of the target user on the display screen corresponding to the first space and the user image of the target user, based on a preset correspondence among the subspaces, user images, and screen coordinates on the display screen.

Abstract: A method for ascertaining a viewing direction of an eye. A laser beam emitted by a laser source is passed over at least two scanning points on the eye, using a reflection element and a deflecting element. A self-mixing effect of the scanning laser beam reflected by the eye into the laser source is used, in order to determine, for the at least two scanning points, the optical path length from the laser source to the at least two scanning points on the surface of the eye and/or a reflectivity of the eye at the at least two scanning points.

Abstract: Techniques of tracking a user's gaze includes identifying a region of a display at which a gaze of a user is directed, the region including a plurality of pixels. By determining a region rather than a point, when the regions correspond to elements of a user interface, the improved technique enables a system to activate the element to which a determined region is selected. In some implementations, the system makes the determination using a classification engine including a convolutional neural network; such an engine takes as input images of the user's eye and outputs a list of probabilities that the gaze is directed to each of the regions.

Abstract: An augmented reality (AR) device is provided. The AR device includes a display module configured to output light of a virtual image, a waveguide configured to transmit the output light of the virtual image to an eye of a user and to pass external light therethrough, a gaze tracking sensor configured to obtain information on the eye of the user, the information including a pupil size, a memory storing instructions, and a processor configured to execute the instructions to control the display module to adjust a brightness of the light of the virtual image based on the pupil size.

Abstract: A display system can include a head-mounted display configured to project light to an eye of a user to display virtual image content at different amounts of divergence and collimation. The display system can include an inward-facing imaging system possibly comprising a plurality of cameras that image the user's eye and glints for thereon and processing electronics that are in communication with the inward-facing imaging system and that are configured to obtain an estimate of a center of rotation of the user's eye using cornea data derived from the glint images. The display system may render virtual image content with a render camera positioned at the determined position of the center of rotation of said eye.

Abstract: In one implementation, a method for recording an XR environment. The method includes: presenting, via the display device, a graphical environment with one or more virtual agents, wherein the graphical environment corresponds to a composition of extended reality (XR) content, including the one or more virtual agents, and an image stream of a physical environment captured from a first point-of-view (POV) of the physical environment; detecting, via the one or more input devices, a user input selecting a first virtual agent from among the one or more virtual agents; and in response to detecting the user input, recording a plurality of data streams associated with the graphical environment including a first image stream of the graphical environment from the first POV and one or more data streams of the graphical environment from a current POV of the first virtual agent.

Abstract: An eye tracking system can include a first camera configured to capture a first plurality of visual data of a right eye at a first sampling rate. The system can include a second camera configured to capture a second plurality of visual data of a left eye at a second sampling rate. The second plurality of visual data can be captured during different sampling times than the first plurality of visual data. The system can estimate, based on at least some visual data of the first and second plurality of visual data, visual data of at least one of the right or left eye at a sampling time during which visual data of an eye for which the visual data is being estimated are not being captured. Eye movements of the eye based on at least some of the estimated visual data and at least some visual data of the first or second plurality of visual data can be determined.

Abstract: A method for a user activity recognition for data glasses. The data glasses include at least one integrated sensor unit. An activity of a user of the data glasses is recognized, via an evaluation of data that are detected by the integrated sensor unit, in at least one user activity recognition step carried out by a classifying unit. It is provided that when the user activity recognition step is carried out, the classifying unit takes into account information that has been ascertained in a (preferably) user-specific training step chronologically preceding the user activity recognition step, by training the classifying unit.

Abstract: An information processing device includes a processor configured to operate an operation target according to a first operation mode on a basis of biological information about a user, and operate the operation target according to a second operation mode different from the first operation mode on a basis of the biological information about the user in a case where biological information about the user is being measured and the operation target is not operated according to the first operation mode on the basis of the biological information about the user for a predetermined time or longer.

Abstract: Disclosed is an accurate control method of visual stimuli for a brain-computer interface. It is a common approach for brain-computer interfaces to evoke specific EEG signal patterns by visual stimuli and recognize the EEG signal patterns in real time. However, due to the influence of process scheduling, a process showing the visual stimuli may sometimes be dispatched out of a CPU, leading to the difficulty in guaranteeing the accuracy of the visual stimuli and the recognition effect of the EEG signal patterns. The invention designs a control method to support accurate visual stimuli of a brain-computer interface. A software system implementing the method comprises a generator, an actuator and a controller. The generator automatically generates an image sequence according to test requirements. The actuator is a module running on a GPU.

Abstract: Methods of causing performance of commands at a computing device based on neuromuscular signals from thumb-initiated gestures are provided. A method includes receiving, by a wearable device, a sequence of neuromuscular signals indicating that a user is instructing a thumb on the user's hand to contact a portion of the user's hand. The portion of the user's hand is associated with at least one input command available at a computing device. The method further includes responsive to receiving the sequence of neuromuscular signals, providing, by the wearable device, data to cause the computing device to perform the at least one input command. The method also includes in response to receiving a second sequence of neuromuscular signals indicating that the user is instructing the thumb on the user's hand to contact the portion of the user's hand twice, providing data to cause the computing device to perform a second input command.