Abstract: Provided is an information processing device that prevents fraudulent updating of registered facial images. The information processing device comprises a database and an updating unit. The database stores a first facial image of a user. In accordance with at least the similarity between the first facial image and a second facial image, the updating unit determines whether to update the first facial image using the second facial image.

Abstract: Techniques for adaptive machine learning training via in-flight feature modification are described. A training monitor captures training data during the training of a machine learning model, and a metric generator creates metrics such as feature importance metrics based on the data. A rule evaluation engine determines whether any modification conditions are met for any of the features based on the metrics, and based on such a determination can cause the in-flight training job to be modified.

Abstract: An information processing system includes a user database that stores information obtained by associating first information that specifies a station with second information that indicates an entrance and exit authentication scheme available in a ticket examination system of the station; an information extraction unit that extracts, from the user database, the second information associated with input first information; and an output unit that outputs the second information extracted by the information extraction unit.

Abstract: Techniques are provided for generation of secure video and tamper detection of the secure video. A methodology implementing the techniques according to an embodiment includes selecting a subset of macroblocks from a video frame to be transmitted and calculating a low frequency metric on each of the selected macroblocks. The method also includes performing a hash calculation on the low frequency metrics to generate a frame signature, encrypting the frame signature (using a private key) to generate an encrypted watermark, and modifying pixels of each of the selected macroblocks to generate the secured video frame, the modifications based on bits of the encrypted watermark that are associated with the selected macroblock. The method further includes authenticating a received video frame by comparing a calculated frame signature to an authenticated frame signature, the authenticated frame signature decrypted (using a public key) from an extracted watermark of the received video frame.

Abstract: Provided is a system and method for enabling of access to a computer resource by a computer system comprising: providing to a user an interface configured to receive a request for access to a computer resource; determining if the user is permitted to access the computer resource based on a user profile; providing a user verification interface configured to receive user identity verification information; determining if the user identity verification information is valid in response to a reply to the request for user identify verification information; and in response to determining that the user is permitted access to the computer resource and that the user verification information is valid: updating a security policy to reflect that the user is permitted to access the computer resource, and providing access to the computer resource for a limited time duration.

Abstract: An example computer system for authenticating a user can include: one or more processors; and non-transitory computer-readable storage media encoding instructions which, when executed by the one or more processors, causes the computer system to create: an analytical engine programmed to track activities of the user outside of a metaverse and within the metaverse; a query engine programmed to generate a series of questions for the user based upon the activities of the user outside of the metaverse and within the metaverse; and an authentication engine programmed to authenticate the user based upon responses to the series of questions provided by the user.

Abstract: Disclosed are a real and virtual identity verification circuit, a system thereof and an electronic transaction method. The circuit is capable of being built in or connected with an electronic device to allow a user to carry out electronic identity verification with his or her unique biological characteristic on a remote server. The real and virtual identity verification circuit comprises a memory unit, an acquisition unit, a processing unit and a communication unit. A verification key code is stored by the memory unit. The acquisition unit acquires the biological characteristic and generates a corresponding biological characteristic code. The processing unit processes the verification key code and the biological characteristic code according to a deal process to generate a corresponding unverified code, and the communication unit transmits the unverified code to the server and awaits a verification result of the electronic identity verification.

Abstract: A face authentication apparatus includes a face image acquisition unit, a collation unit, a time measurement unit, and a threshold change unit. The face image acquisition unit acquires a face image of an authentication target. The collation unit performs face authentication on the face image of the authentication target on the basis of a threshold. The time measurement unit measures the elapsed time from the time of starting operation of the face authentication apparatus. The threshold change unit restricts changing of the threshold to a value larger than a value determined depending on the measured elapsed time.

Abstract: Aspects of the subject disclosure may include, for example, a device comprising: a processing system including a processor; and a memory that stores executable instructions that, when executed by the processing system, facilitate performance of operations, the operations comprising: receiving from user equipment an indication that a user has been authenticated by the user equipment via a biometric process; responsive to the receiving of the indication, obtaining user profile data associated with the user; responsive to the receiving the user profile data, selecting a first service provider from among a plurality of service providers; and routing communications between the first service provider and the user equipment. Other embodiments are disclosed.

Abstract: Some embodiments relate to systems and method for secure information sharing using an information sharing engine. The information sharing engine configured to manage data access keys and data access control configuration, store the data access keys and data access control configuration on a distributed ledger network and selectively retrieve the data access keys from the distributed ledger network based on the data access control configuration.

Abstract: Provided here are systems and method for non-intrusive authentication of a user. Such systems and methods may include in an embodiment a waveform generator to generate a message, encrypt the message, and transmit the encrypted message to one or more transmitters. The system may include a decryption engine to receive a bone conduction signal from one or more receivers, process the bone conduction signal, decrypt the processed bone conduction signal, and separate a bone conduction token portion from the decrypted bone conduction signal. The system may include an authentication engine to analyze the bone conduction signal, authenticate a user for the operation detected based on a comparison of the analyzed bone conduction signal and the pilot portion of the message exceeding a preselected threshold, and verify bone conduction signal authenticity via the bone conduction token portion and the token portion.

Abstract: A device attempts to access a resource that requires a multi-factor authentication (MFA), and receives, from an MFA server device, a challenge form. The device performs natural language processing on the challenge form to determine a first location of an input for a security code and a second location of a verify button. The device provides, to an email server device, a request to access emails associated with a user of the device, and receives access to multiple emails associated with the user. The device processes the multiple emails to identify an MFA email in the multiple emails, and identifies a security code in the MFA email. The device provides the security code at the first location, and selects the verify button at the second location. The device provides the security code to the MFA server device, and receives information indicating whether the device is authenticated.

Abstract: A method for authorizing access to one or more secured computer resources includes obfuscating a reference biometric vector into an obfuscated reference biometric vector using a similarity-preserving obfuscation. An authentication biometric vector is obfuscated into an obfuscated authentication biometric vector using the similarity-preserving obfuscation. A similarity of the obfuscated authentication biometric vector and the obfuscated reference biometric vector is tested. Based on the similarity being within an authentication threshold, access to the one or more secured computer resources is authorized.

Abstract: An illustrative method for authenticating a user is disclosed. A security threshold is received from a third party. Environmental conditions associated with a device are assessed to determine a suitable subset of a plurality of biometric authentication modalities for authenticating the user and an unsuitable subset not available for authenticating the user. The plurality of biometric authentication modalities are displayed, where the suitable subset is selectable by the user and the unsuitable subset are not selectable by the user. A selection of a biometric authentication modality from the suitable subset is received, and user authentication data for the selected biometric authentication modality is received.

Abstract: A method including encrypting, by a user device based at least in part on utilizing a symmetric key, a folder stored on the user device; encrypting, by the user device based at least in part on utilizing an assigned public key associated with the user device, the symmetric key to determine a single-encrypted symmetric key; encrypting, by the user device based at least in part on utilizing a trusted key specific to the user device, the single-encrypted symmetric key to determine a double-encrypted symmetric key; and storing, by user device, the double-encrypted symmetric key in an associated memory. Various other aspects and techniques are contemplated.

Abstract: A computing system comprising a receiver configured to receive a biometric-based cryptographic key, a user input configured to receive a first set of user input data under direction of the user, and a processor coupled to the receiver and to the user input, wherein the processor is configured to receive an indicator of a first forcing function and a first plurality of input parameters for the first forcing function, wherein the processor is configured to determine a first output cryptographic key in response to the biometric-based cryptographic key, the first set of user input data, the first forcing function, and the first plurality of input parameters, without reference to any encrypted forms of the first output cryptographic key, and wherein the processor is configured to use the first output cryptographic key to access a first digital asset stored on a remote server.

Abstract: An electric lock control method includes: performing a first determination of whether a person is present in a predetermined region surrounding an electric lock, based on first information generated by an electronic device; when it is determined that a first person is present in the predetermined region in the performing of the first determination, performing a second determination of whether the first person is a person who is permitted to unlock the electric lock, based on second information related to movement of the first person; and controlling a state of the electric lock based on a result of the second determination, the state being a locked state or an unlocked state.

Abstract: Methods and systems for access control involve dynamically controlling an access to firmware running a certified feature in an energy meter and a non-certified feature in the energy meter. The access can be based on a bifurcation between the certified feature and the non-certified feature running in the energy meter on one or more of a single microcontroller or a group of different microcontrollers.

Abstract: An apparatus and a method with image recognition-based security are disclosed. The method includes, for an unlocked terminal, tracking a face detected in a previous frame, detecting a background region change between the previous frame and a current frame based on a region of the tracked face, when the background region change is not detected, determining whether a state maintenance time fails to meet a preset time, in response to the state maintenance time failing to meet the preset time, determining an operation mode to be a first operation mode for determining whether recognition succeeds for the current frame, performing the first operation mode, including performing face detection with respect to the current frame, and maintaining the unlocked state of the terminal for the current frame when the face is detected as a result of the performing of the face detection, representing that the recognition succeeded for the current frame.

Abstract: In some embodiments, systems and methods provide distributed item authentication. In some embodiments systems comprise: a housing; a set of sensor systems; a transceiver; and an authentication control circuit configured to: obtain first sensor data of an item being authenticated, obtain an initial identification of the item; access an item authentication block specific to the item; obtain a first set of authentication instructions; control one or more sensor systems in accordance with the first set of authentication instructions; compare multiple current authentication sensor data to the set of multiple historic authentication sensor data; confirm that each of a threshold number of the multiple current authentication sensor data is consistent within a threshold variation of a corresponding one of the set of multiple historic authentication sensor data; and cause the item authentication block to be updated to include the confirmation of authentication of the item.

Abstract: A measurement unit of multiple measurement units is received. The measurement unit represents a portion of a biometric measurement of a user in response to a request to authenticate the user. Whether the measurement unit corresponds to a template unit of multiple template units is determined. The template unit represents a portion of a biometric template that represents a characteristic of the user that distinguishes the user from other users. Responsive to determining that the measurement unit corresponds to the template unit, a sub-result of multiple sub-results is determined based on a comparison between the measurement unit and the template unit. The sub-result indicates a similarity between the measurement unit and the template unit. The sub-result is sent to a node of the multiple nodes. The authentication of the user is based at least in part on the sub-result.

Abstract: Embodiments are directed to a computing system with permission control via data redundancy. The computing system includes a memory and a permission control circuit coupled to the memory. The permission control circuit encodes a first data vector by using a bit position register with a first permission control code for a first user, writes the encoded first data vector into the memory, and updates content of the bit position register from the first permission control code to a second permission control code for a second user. The encoded first data vector written into the memory is inaccessible for the second user based on the updated content of the bit position register.

Abstract: A computer-implemented method for generating a proof of identify may include (1) generating a unique single user profile (USUP) based on data derived from the computing device; (2) encrypting the USUP, which may include retrieving at least one encryption value set, generating at least one character matrix based on the USUP, and executing at least one transformation operation on the at least one character matrix; (3) storing the encrypted USUP as a binary fingerprint; and (4) transmitting the binary fingerprint to a computing device. A computer-implemented method for self-authenticating may include (1) generating a first USUP based on data derived from the computing device; (2) obtaining a first binary fingerprint; (3) deriving a second USUP from the first binary fingerprint; (4) obtaining a second binary fingerprint; (5) deriving a third USUP from the second binary fingerprint; and (6) stopping decryption when the three USUPs do not match.

Abstract: A system, method, and token for vitality verification is disclosed. The token includes a biometric sensor configured to obtain a token reading of an individual, a clock module, and a memory including a cryptographic key and an enrollment reading of the individual. The token also includes a one-time passcode (OTP) generator, and a processor communicatively coupled to the biometric sensor, the clock module, the memory, and the OTP generator. The processor is configured to determine a vitality of the individual at the time the token reading was obtained, compare the token reading with the enrollment reading, and generate, in response to the token reading matching the enrollment reading and determining the vitality of the individual, a token OTP string including a token OTP generated by the OTP generator by applying a one-way function to a token message including the cryptographic key, the enrollment reading, and a timestamp.

Abstract: A set of distance measurable encrypted feature vectors can be derived from any biometric data and/or physical or logical user behavioral data, and then using an associated deep neural network (“DNN”) on the output (i.e., biometric feature vector and/or behavioral feature vectors, etc.) an authentication system can determine matches or execute searches on encrypted data. Behavioral or biometric encrypted feature vectors can be stored and/or used in conjunction with respective classifications, or in subsequent comparisons without fear of compromising the original data. In various embodiments, the original behavioral and/or biometric data is discarded responsive to generating the encrypted vectors. In another embodiment, distance measurable or homomorphic encryption enables computations and comparisons on cypher-text without decryption of the encrypted feature vectors. Security of such privacy enabled embeddings can be increased by implementing an assurance factor (e.g.

Abstract: Techniques for securing data in a storage device are disclosed. The storage device includes one or more authentication components including one or more of a biometric reader, a positioning system, and a wireless receiver. The storage device further includes a security subsystem configured to secure data using multiple authentication factors obtained using the one or more authentication components.

Abstract: The present application discloses a method, system, and computer system for detecting malicious files. The method includes receiving a sample, extracting an embedded script from the sample, applying a malicious script detector in connection with determining whether the sample is malicious, and in response to determining that the sample is malicious sending, to a security entity, an indication that the sample is malicious.

Abstract: A card, such as a payment card, or other device may include an electronics package. The electronics package may include an RFID antenna. The RFID may not be utilized to access data on the card, or other device, until the appropriate manual input is received into the card or other device. Such manual input may take the form of a manual press of a physical button or the manual activation of a virtual button on a touch-screen device (e.g., a touch-screen mobile phone or card).

Abstract: An information management system according to the present invention includes one or more measuring devices and one or more information terminals configured to receive information related to measurement values from the one or more measuring devices. When each information terminal receives an input indicating that a measurement value displayed on one of the measuring devices and a measurement value displayed on the information terminal match each other, the information management system pairs the measuring device and the information terminal.

Abstract: A method for authenticating a user using biometrics and digitized handwritten signature is provided. A biometric stylus performs fingerprint recognition on the user who uses the biometric stylus to create a handwriting pattern on a handwriting input device, and transmits encrypted identification data to the handwriting input device when the fingerprint recognition is successful. The handwriting input device transmits the encrypted identification data and the handwriting pattern to a verification server. The verification server verifies the handwriting pattern, and decrypts the encrypted identification data for verifying an identity of the user when the handwriting pattern is successfully verified.

Abstract: A user terminal apparatus is provided. The user terminal apparatus for performing a remote control function for an electronic apparatus includes a communication unit configured to communicate with an electronic apparatus for providing a text input user interface (UI), an input unit configured to receive a user command for input of a specific text on the text input UI, a fingerprint scanner provided in the input unit and configured to recognize a user fingerprint, and a controller configured to recognize a user fingerprint according to the user command and to transmit information corresponding to the recognized user fingerprint to the electronic apparatus in response to the electronic apparatus entering a preset text input mode.

Abstract: Methods and systems are provided for changing an encryption key for biometric templates in a database without changing the content within the database. A first biometric template is encrypted with a first encryption key to create a first encrypted first biometric template. A transformation is applied to the first encrypted first biometric template to create a second encrypted first biometric template. A second encryption key is generated based on the first encryption key and the transformation permitting the use of the second encryption key to compare presented biometrics encrypted with the second encryption key with templates stored in the database.

Abstract: It is provided a method for selectively granting access to a physical space secured by a barrier. The method is performed in a credential evaluator and comprises the steps of: determining a matching list containing a strict subset of credential identifiers of credentials within range of an antenna provided in a proximity of the barrier, wherein the matching list is based on how long each credential has been within range of the antenna; obtaining a set of biometric templates, consisting of biometric templates respectively associated with the credential identifiers of the matching list; obtaining biometric data of a person being closest to the barrier; and wherein a positive match between biometric data and one of the biometric templates is a necessary condition for granting access to the physical space.

Abstract: A method by one or more computing devices to detect anomalous accesses to a system. The method includes generating a technical maturity profile of a system user based on analyzing historical commands submitted by the system user to the system and determining whether an access by the system user to the system is anomalous based on determining technical maturity attributes of a command submitted by the system user to perform the access and comparing the technical maturity attributes of the command to the technical maturity profile of the system user.

Abstract: Systems and methods for improving homomorphic encryption are provided. A processor receives an encrypted ciphertext; splits the encrypted ciphertext into a plurality of smaller digits; applies a homomorphic floor function to clear a least significant bit from a current smaller digit; scales down the encrypted ciphertext, using modulus switching, thereby changing the ciphertext modulus to a new modulus; applies a bootstrapping procedure for a sign evaluation function to determine a sign of the scaled down encrypted ciphertext; and transmits the sign with the ciphertext to a server for subsequent use.

Abstract: Techniques for authenticating and authorizing user access to a component of a power plant within a private network of a renewable power plant having wind turbine generators. One technique includes providing at a local computer system in the private network a list of credentials and authorizations representing a plurality of identifiers and authenticators of users and corresponding access authorizations. The local computer is in direct communication with components of the power plant and is configured to receive a request for access from a user via a computer interface in the component in the private network. If the requested access can be granted by consulting the list of credentials and authorizations, the grant is communicated from the local computer to the computer interface in the component, and in case access cannot be granted, a request for update of the list of credentials and authorizations is communicated from the local computer system to a central computer system outside the private network.

Abstract: An authorization system includes a controller of an external computing device communicatively connected to an unmanned aerial vehicle (UAV). The controller obtains a mission kit that includes software for controlling a piece of equipment configured to be assembled on the UAV. The controller receives a license that is associated with a user and determines, based on the license, whether the piece of equipment is authorized for operation on the UAV as controlled by the user. Responsive to determining that the piece of equipment is authorized, the controller initiates transmission of at least some of the software of the mission kit to the UAV for installation by the UAV to allow the user to operate the piece of equipment.

Abstract: An electronic device is provided that includes an input device configured to receive sound, a processor, and a memory storing program instructions accessible by the processor. Responsive to execution of the program instructions, the processor is configured to identify a third party application that accesses the electronic device, and vary sound characteristics obtained by the input device based on the third party application identified to prevent a biometric algorithm from obtaining user information.

Abstract: An information processing apparatus in the present invention includes: a matching unit that matches biometric information acquired from a user requesting use of a management target with registered biometric information of each of a plurality of registrants; a determination unit that determines whether or not a registrant with which a matching result is that the matching is successful out of the plurality of registrants has usage authority for the management target; and an output unit that, when the matching result from the matching unit is that the matching failed, outputs first error information, and when it is determined in the determination unit that the registrant with which the matching result is that the matching is successful does not have the usage authority, outputs second error information different from the first error information.

Abstract: A system includes: a first camera configured to capture first images of a driver on a driver's seat within a passenger cabin of a vehicle; a second camera configured to capture second images in front of the vehicle; a driver module configured to determine a driver of the vehicle based on at least one of the first images and to determine a present driver's licensing level of the driver with a driver's licensing body; a first detection module configured to detect first occurrences of first conditions within the passenger cabin of the vehicle based on the first images; a second detection module configured to detect second occurrences of second conditions outside of the vehicle; and a reporting module configured to, based on the present driver's licensing level of the driver, selectively generate a report including at least one of the first and second occurrences.

Abstract: In some embodiments, an authentication system may be configured to process one or more tokens that incorporates one or more tailored-wavelength-range coded patterns, codes represented within a steganographic image, or “overlapping” codes. As an example, such a token may include (i) one or more invisible-ink-printed patterns printed using infrared ink corresponding to different tailored wavelength ranges within the infrared light spectrum, (ii) one or more steganographic images in which invisible-ink-printed patterns are interweaved within the steganographic images, (iii) visible-ink-printed patterns and invisible-ink-printed patterns printed substantially within the visible ink portions of the visible-ink-printed patterns, or (iv) other features, where the invisible-ink-printed patterns correspond to one or more authentication codes or other data for token authentication.

Abstract: A system includes: a first authentication unit configured to perform authentication based on biometric information that is information about a body of a first user who reserves a usage target that is a target capable of being used by the user, that is, first authentication for authenticating legitimacy of the first user; and a second authentication unit configured to perform authentication based on the biometric information of a second user who uses the usage target, that is, second authentication for authenticating that the second user is the same as the first user.

Abstract: Authentication techniques are described to allow a person to be authenticated to interact with an organization, where a type of authentication can be determined based on an environment in which the person is located. For example, an authentication server can collect a status information related to a safety setting of a mobile device. The safety setting can be enabled, e.g., if a person is driving a vehicle. When enabled, the safety setting can prevent the person from performing one or more operations on the mobile device. Based on the collected status information, the authentication server can request the person to provide user information via the mobile device so that the authentication server can determine whether the person is authenticated to interact with an organization.

Abstract: A data processing system that can sense fatigue or the like using a neural network is provided. First, a reference image is obtained on the basis of first to n-th images (n is an integer greater than or equal to 2). Next, the first to n-th images and the reference image are input to an input layer of a neural network, first to n-th estimated ages and a reference estimated age are output from an output layer, and first to n-th data and reference data are output from an intermediate layer. After that, first to n-th coordinates are obtained in each of which an x-coordinate is a value corresponding to a difference between the reference estimated age and the first to n-th estimated ages and a y-coordinate is a value corresponding to the degree of similarity between the reference data and the first to n-th data.

Abstract: A lockset that includes a latch assembly, an interior assembly and an exterior assembly. The latch assembly includes a bolt movable between an extended position and a retracted position. The interior assembly is configured to electronically control movement of the bolt between the extended position and the retracted position. The exterior assembly includes a locking assembly configured to be mechanically coupled with the latch assembly. The interior assembly includes an interior wireless communication unit and the exterior assembly includes an exterior wireless communication unit that is configured to wirelessly communicate therebetween. In some embodiments, an exterior assembly includes a photovoltaic cell and the interior assembly includes a light source. The light source and the solar cell are configured for wirelessly communicating and for power transmission between the exterior and interior assemblies through a bore hole in the door.

Abstract: A biometric information measuring device comprising a control part that determines a degree of matching with respect to a purpose of use that is set in measured data related to multiple body compositions, based on a purpose-of-use matching degree relationship in which a degree of matching with respect to a purpose of use is associated according to a combination relationship about change directions of data related to the multiple body compositions associated by a display order with respect to the purpose of use.

Abstract: In an embodiment, processing of biometric data is split between a processor on a peripheral device and a processor of a host device that is coupled with the peripheral device. One embodiment provides a method comprising, on a peripheral device coupled with a host device, capturing biometric data using a biometric sensor of a peripheral device and pre-processing the captured biometric data using a processor of the peripheral device. The processor of the peripheral device is separate from a processor of the host device and resides within a chassis or housing of the peripheral device. The method additionally includes pre-validating the pre-processed biometric data to determine whether the pre-processed biometric data meets a minimum quality threshold and transmitting the pre-validated biometric data to the host device for validation.

Abstract: The present disclosure includes apparatuses, methods, and systems for secure communication between an intermediary device and a network. An example apparatus includes a memory, and circuitry. The circuitry is configured to determine, in response to receipt of a request for information corresponding to a particular category, an identifier associated with the particular category. The circuitry is further configured to provide, along with a signature, the determined identifier to a network device, wherein the requested information are received in response to the signature being verified by network device.

Abstract: Connected computing enables the use of highly diverse environments that support operating frameworks for contemporary civilization. But computing productivity and trustworthiness are undermined by such environments' largely inchoate organization. These environments and their identity infrastructures are fragmented, and unnecessarily unreliable, insecure, and insufficiently informative due to current computing entity (e.g., resource) identification infrastructure design, which lacks root identification reliability. Such reliability is enabled herein by a fundamentally accurate and authenticity ensuring, near-existential or existential quality, biometrically and liveness based, portable identification and provenance infrastructure. Such an infrastructure provides ubiquitously available identification information that can be used universally for identification processes.

Abstract: An authorization system includes a controller of an external computing device communicatively connected to an unmanned aerial vehicle (UAV). The controller obtains a mission kit that includes software for controlling a piece of equipment configured to be assembled on the UAV. The controller receives a license that is associated with a user and determines, based on the license, whether the piece of equipment is authorized for operation on the UAV as controlled by the user. Responsive to determining that the piece of equipment is authorized, the controller initiates transmission of at least some of the software of the mission kit to the UAV for installation by the UAV to allow the user to operate the piece of equipment.