Abstract: A method and a system for authenticating users by implementing artificial intelligence techniques is provided. A graphical user interface (GUI) is rendered on a computing device of a user by a server. The GUI displays objects in random motion. The objects are selected in a sequential manner by the user to form a pattern. With each selection of the object, a corresponding confidence score is determined that is based on a set of factors. Further, the selected object becomes static and the remaining objects that are yet to be selected continue to move in random motion. On forming the pattern, the aggregate of confidence scores is determined to authenticate the user.

Abstract: A method includes transmitting, by a user device associated with a user to a transportation service provider, a request for a service comprising entry into a controlled area associated with the service. The method further includes receiving, by the user device from the transportation service provider, a token to allow the user device to connect with the service and to allow entry into the controlled area associated with the service. The method further includes transmitting, by the user device to a security device associated with the transportation service provider, the token. The security device restricts access to the controlled area associated with the service. The method further includes receiving, by the user device from the security device responsive to the transmitting of the token, the access to the controlled area associated with the service.

Abstract: A method of communicating using a wireless gateway. The method comprises receiving a first message in a first radio spectrum band by a first radio transceiver of a wireless gateway, determining by a first processor of the wireless gateway that the first message is a trusted message transmitted by a first source device, transmitting the first message by the first radio transceiver in the first radio spectrum, receiving a second message in a second radio spectrum band by a second radio transceiver of the wireless gateway, determining by the first processor that the second message is a trusted message transmitted by a second source device, and transmitting a third message by the second radio transceiver in the second radio spectrum band to the second source device, wherein the third message directs the second source device to transmit the second message to the wireless gateway in the first radio spectrum band.

Abstract: The embodiments of the present disclosure relate to information processing technology and provide a method for identity authentication, capable of effectively improving security and accuracy in identity authentication. The method includes: receiving an authentication request transmitted from a client, the authentication request carrying identity authentication information of a user; authenticating the identity authentication information; collecting behavior characteristic information related to the user in a number of dimensions when the identity authentication information is determined to be valid; matching and recognizing an identity of the user by comparing the collected behavior characteristic information with original characteristic information in the respective dimensions. The embodiments of the present disclosure can be applied in a process for user identity authentication.

Abstract: An example imaging device includes a communication engine to transmit a broadcast message including a broadcast ID corresponding to the imaging device. The communication engine further is to receive a session token from a central server in response to a request for accessing the imaging device received from a user device in receipt of the broadcast ID. The session token is to connect the imaging device to a user session corresponding to a user of the user device. The imaging device further comprises a user authorization engine to obtain preliminary user details from the central server using the session token. The preliminary user details include a login ID and a user-selected authentication mode. The user authorization engine is to set-up a user login session using the preliminary user details for receiving user authentication approval from the central server to allow the user to access the imaging device.

Abstract: A method comprises collecting, by a computing device located at an edge of a network, data items corresponding to information transmitted by endpoints using the network, generating, by the computing device, a probabilistic hierarchy using the data items, generating, by the computing device using the probabilistic hierarchy and natural language data, a similarity metric, generating, by the computing device using the probabilistic hierarchy, the natural language data, and the similarity metric, an ontology, detecting, by the computing device using the ontology, an anomaly, and in response to detecting the anomaly, sending a notification.

Abstract: In one embodiment, a system on chip includes a first endpoint to issue a non-posted memory write transaction to a memory and a Peripheral Component Interconnect (PCI)-based fabric including control logic to direct the non-posted memory write transaction to the memory, receive a completion for the non-posted memory write transaction from the memory and route the completion to the first endpoint. Other embodiments are described and claimed.

Abstract: An integrated-circuit device includes a bus system, a plurality of master components, a plurality of slave components, and hardware filter logic. The bus system is configured to carry bus transactions and security-state signals for distinguishing between secure and non-secure transactions. The master components are switchable between a secure and a non-secure state. The hardware filter logic is configured to intercept bus transactions at an interception point, positioned within the bus system such that bus transactions from at least two of the master components and at least two slave components pass the interception point. It is also configured to use i) a slave address of the intercepted bus transaction, and ii) the security state of the intercepted bus transaction, to determine whether to allow the transaction, in accordance with a set of filtering rules, and to block intercepted bus transaction that are determined not to be allowed.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for blockchain network digital ticket transfer. One of the methods includes receiving a request from a client device to transfer a digital ticket from a blockchain network to a target server by a blockchain network node. The blockchain network node determines whether the client device is authorized to transfer the digital ticket based on a digital signature in the request, and transmits a notification message to the target server if the digital signature is valid. The blockchain network node receives a confirmation message from the target server indicating validity of the client device, and transfers the digital ticket to the target server.

Abstract: A method may include receiving activity data associated with a user, wherein the activity data relates to online activity involving a product type, identifying the product type associated with the activity data, and predicting, based on the activity data, that the user is likely to purchase a product of the product type. The method may include generating, based on predicting that the user is likely interested in purchasing the product of the product type, an annotation to indicate that a potential transaction to purchase the product is forthcoming, and storing the annotation in a profile associated with an account of the user. The method may include detecting a transaction to purchase the product, wherein the transaction involves a payment from the account, and performing an action associated with a fraud analysis of the transaction based on the annotation.

Abstract: Providing a private data exchange is described. An example computer-implemented method can include providing a data exchange by a cloud computing service on behalf of an entity. The data exchange may comprise several data listings provided by one or more data providers. The data listings reference one or more data sets stored in a data storage platform associated with the cloud computing service. The method may also include designating a data exchange administrator account of the data exchange. The data exchange administrator account may be associated with the entity and may be capable of: granting and denying requests from data consumers to access the data exchange; and granting and denying requests from data providers to publish data listings on the data exchange.

Abstract: A computer-implemented method. The method includes receiving a data structure being a network having nodes linked by links. The nodes have corresponding classes representing corresponding distinct notices to airmen (NOTAMs). The nodes are linked such that any given node is linked to at least one other node. The links represent corresponding pre-determined mathematical degrees of relevance between pairs of linked nodes. The links point from a corresponding less relevant node to a corresponding more relevant node. The nodes are pre-ranked in a prioritized order according to the pre-determined mathematical degree of relevance. The method also includes receiving a request to display the NOTAMs on a display device. The method also includes retrieving the NOTAMs associated with the nodes in the prioritized order. The method also includes commanding the NOTAMS to be displayed on the display device in the prioritized order.

Abstract: A game processing apparatus displays an image of virtual space on a display that displays an image by using a sensor for identifying the position and direction of a certain body part of a player and the display. A controller in the game processing apparatus displays the image of the virtual space on the display in accordance with the position and direction of the certain body part of the player, and, when an information providing condition regarding the position and direction of the certain body part of the player is satisfied, outputs to-be-provided information.

Abstract: A processing system includes a detecting unit that detects an operator operation to set a recording medium onto an image processing apparatus or to move part of the image processing apparatus wherein the operator operation is an operation performed by an operator, and a controller that registers a registration processes and performs, in response to detected operator operation, a registration process among registration processes registered in advance wherein if one or more of the registration processes satisfy a predetermined condition, the controller registers the one or more of the registration processes which are changed not to perform in response to the operator operation or to perform the one or more of the registration processes after performing a particular process.

Abstract: A media client device, including a memory and capable of processing Quadrature Amplitude Modulation (QAM) channels and IP channels, may receive a recording request to record content on an Internet Protocol (IP) channel. The media client device may provide, to a first device, a source Universal Resource Locator (URL) corresponding to the content, and receive, from the first device, encrypted content (e.g., an encrypted version of the content). The media client device may store, in the memory, the encrypted content, and provide, to a second device, information regarding the encrypted content to permit the second device to generate and store a license and a key. The media client device may receive a playback request to play the content, and obtain, from the second device, the license and the key. The media client device may decrypt, using the license and the key, the stored, encrypted content to obtain the content.

Abstract: An evaluating method can be performed by a computer. The method includes acquiring two-dimensional data represented by a plurality of character types, converting the two-dimensional data to three-dimensional data by classifying the acquired two-dimensional data into a dimension of the plurality of character types, analyzing a feature of the three-dimensional data, and evaluating input data described in the plurality of character types based on the analyzed feature.

Abstract: A system and method of managing tasks and organizations is provided herein.

Abstract: A software application may have access to: (i) an identification condition that indicates a first subset of configuration-element attributes that can be used to identify configuration elements, and (ii) an exception indicating a second subset of the attributes that a module does not support. The software application may be configured to: based on the identification condition and the exception, search representations of configuration elements in a persistent storage in attempt to find a matching representation that characterizes information from the module, where the matching representation is found when one of the representations and the information from the module contain identical values for all of the attributes in the first subset excluding those also in the second subset; based on the search, determine that the matching representation is not found; and write, to the persistent storage, a new representation specifying values for attribute(s) according to the information from the module.

Abstract: Disclosed embodiments relate to systems and methods for centrally analyzing and managing scripts. Techniques include identifying, at a centralized script execution resource in a network environment, a first script; identifying, at the centralized script execution resource, a security risk indication for the first script; determining, at the centralized script execution resource, a security context for the first script; and performing, based on the security risk indication and the security context, at least one of: determining whether to execute the first script at the centralized script execution resource on behalf of the at least one of the endpoint resources, executing the first script at the centralized script execution resource on behalf of the at least one of the endpoint resources, or determining execution conditions for execution of the first script at the centralized script execution resource on behalf of the at least one of the endpoint resources.

Abstract: A method of migrating user workloads across a computer cluster, may include detecting a parameter associated with an end-user experience (EUE) during the emulation of a virtual machine (VM) operated within a virtual desktop infrastructure (VDI) environment; creating a composite score descriptive of the EUE; and migrating a workload associated with the VM among the computer cluster when a threshold composite score is reached.

Abstract: The disclosure provides a method and a system for automatically discovering an inference rule, a medical knowledge database and a retrieval method. The method includes: acquiring a relation matrix for each medical relation, the relation matrix representing a relationship between vectors of the medical entities having the medical relation; and acquiring the inference rules based on the relation matrices for the plurality of medical relations, each inference rule including a first medical relation, a second medical relation and a third medical relation, the inference rule representing that the third medical relation is inferred from the first medical relation and the second medical relation.

Abstract: The concepts and technologies disclosed herein are directed to security de-escalation for data access. A user device can define a security de-escalation rule. The user device can define a multi-tiered security zone within a user device file system utilized by a memory of the user device. The multi-tiered security zone can include a plurality of security tiers. The user device can identify data for de-escalation in accordance with the security de-escalation rule. The user device can de-escalate the data to generate de-escalated data by storing the data identified for de-escalation in a less secure security tier of the plurality of security tiers of the multi-tiered security zone. The user device can receive a data access request from an external user device. The user device can verify a data access credential contained in the data access request. The user device can provide the de-escalated data to the external user device.

Abstract: A system and method for dynamically altering static parameters on a live network device is disclosed. The system includes a live network device having a plurality of parameters configured thereon that control the application of services to subscriber packet flows and a machine learning device operable to monitor the subscriber packet flows and apply a machine learned model to identify patterns in the monitored subscriber pack flows. The machine learning device is further operable to dynamically alter at least one of the plurality of parameters on the network device based upon the patterns in the monitored subscriber packet flows.

Abstract: A first electronic device is associated with a serviceable item. The first electronic device includes a user input; an output device; and a control circuit. The first electronic device is configured to identify user interaction with the user input; generate a code unique to the user interaction with the user input; and output, via the output device and to a second electronic device associated with the user, a temporary session identifier comprising the code, the temporary session identifier useable by the second device to establish a communication session with a server. The user may communicate information about the serviceable item to the server over the communication session in an attempt to facilitate servicing of the serviceable item.

Abstract: A standard track smart home system, comprising: a gateway device (1), a power interface of the gateway device (1) being respectively connected to a power supply live line (L) and a power supply zero line (N), the gateway device (1) remotely connecting to at least one user terminal, and the gateway device (1) being also used for connecting to a plurality of first expansion devices (10); and a standard track (T), the gateway device (1) and the plurality of first expansion devices (10) being arranged side by side on the standard track (T) and connected to one another by means of a plurality of wiring terminals, and outgoing interfaces of each of the first expansion devices (10) being respectively connected to one or more smart home devices.

Abstract: Described herein includes a permission management system that optimizes determination of whether a user has permission to perform an operation using an attribute table. The system may include a permission processor for: determining whether the requesting user has permission to perform the operation, the determining including: generating an attribute table comprising the one or more target users and one or more user attributes, the one or more user attributes comprising metadata associated with the one or more target users; storing the attribute table on the database; generating a reduced attribute table, the generating comprising removing one or more target users from the attribute table; and applying the one or more permission rules to each of the target users remaining in the reduced attribute table.

Abstract: A method, system and computer-usable medium for mitigating security breaches associated with dissemination of protected data. In certain embodiments, the method includes receiving information communicated to a secured network from a source external to the secured network and determining whether the received information includes protected data. If the received information includes protected data, a determination is made as to whether the receipt of the protected data is anomalous. If the receipt of the protected data is anomalous, one or more sources of egress of the protected data from the secured network are identified. By identifying the sources of egress, actions may be taken to prevent future egress of the protected data.

Abstract: In a dataset exchange environment in which datasets are available for exchange or transformation, a dataset validation platform may be configured to update a cryptographically signed record based on each dataset that is available via the data exchange environment. The dataset validation platform may be further configured to control access to the datasets based on whether a request to access a particular dataset is compliant with an availability requirement of the particular dataset. The dataset validation platform may be further configured to update the cryptographically signed record based on requests to access the datasets, transformations that are based on the datasets, or modifications to the availability requirement of the datasets, such as a modification to a privacy limitation or other availability requirement indicating a criteria for usage of the requested dataset.

Abstract: A driving authorization system for a vehicle includes a connectivity unit for communication at least with a key and a keyless access authorization system. A server has an access lock, which can be activated or deactivated by the key and/or the keyless access authorization system. The keyless access authorization system is an application on a mobile device, further having an immobilizer. The immobilizer is designed in such a way that it is activated when the access lock is activated by the application and is deactivated again in this case only when the access lock is deactivated by the application.

Abstract: Various systems and methods are provided for calculating a data criticality score upon ingesting a data object into a data storage system. This data criticality score can be used to control subsequent access requests for the data object. In one embodiment, a computer system receives a data object at a first node comprising a decision engine. The decision engine generates a data criticality score based, at least in part, on one or more inputs related to the data object. After calculating the data criticality score, the system uses the data criticality score to determine whether a given action is allowable for the data object. After determining whether the given action is allowable, the system receives a user request to perform a first action on the data object. The system then determines whether the user request should be granted with respect to the first action, and if allowable, performs the first action.

Abstract: A method for processing a cryptographic operation request includes receiving, at a hardware security module (HSM), the cryptographic operation request including a cryptographic key and at least one authorization token, determining, by the HSM, whether an access control list (ACL) associated with the cryptographic key of the cryptographic operation request is authorized to govern access to the cryptographic key, and validating, by the HSM, the at least one authorization token. When the at least one authorization token is valid and the ACL is authorized to govern access to the cryptographic key of the cryptographic operation request, the method includes processing, by the HSM, the cryptographic operation request.

Abstract: Trusted client security factor-based authorizations. The techniques allow a server to authorize client requested operations to access a protected resource or service based on trusted client security factors that are obtained at client machines and provided to the server.

Abstract: An electronic vaping device may be designed to enhance or facilitate its use. For example, the electronic vaping device may: allow a capability of the electronic vaping device to provide vapor to be altered (e.g., disabled, reduced, enabled, or increased) in some situations (e.g., to prevent unauthorized vaping by a child, teenager or other individual); be able to communicate with an external communication device (e.g., a smartphone, a computer, etc.) to convey a notification of potential unauthorized use of the electronic vaping device (e.g., by a child, teenager or other unauthorized user); implement a physical deterrent to its unauthorized use; be able to visually convey information (e.g., advertisements, notifications, etc.); and/or be able to capture images and/or sounds (e.g., record pictures and/or video, speech, music, etc.).

Abstract: Techniques for data sharing between two computing devices are described. In an example, a computer system determines a first presence of a first user relative to a first computing device. The computer system also determines a first identifier of the first user. The first identifier is associated with operating the first computing device. The operating comprises sharing data with a second computing device. The computer system also determines a second presence of a second user relative to the second computing device. The computer system also determines a second identifier of the second user. The second identifier associated with operating the second computing device. The computer system cause the data to be shared with the second computing device based on the first presence, the first identifier, the second presence, and the second identifier.

Abstract: Systems for providing secure access to systems are provided. A computing device may receive a request to access functionality which may include login credentials of a user. Upon receiving the request to access functionality, the computing device may execute a scan of an area surrounding the computing device to detect any wearable devices within proximity of the computing device that are linked to the computing device. The authenticating information and, in some examples, detected, linked wearable device, may be validated. Based on the validation, authentication response data may be generated and transmitted to an authentication computing platform which may cause the authentication computing platform to validate the authentication response data and cause the computing device to connect to a client interface computing platform.

Abstract: A system and method for sharing electronic data between participants of a phone conference, such as an online presentation, without a need to exchange passwords to link two devices together for data transfer nor go through a login procedure to access the data resource. To achieve this, the participants use a device or software application that samples the audio of the phone conversation and creates a stream of audio fingerprints. The streams of fingerprints are sent to a matching service on the internet. This matching service finds the fingerprints that correspond to the same conversation among the streams of simultaneous users. Once a match is found with a high enough confidence level, the matching service exchanges identifiers such as public IP addresses and sends those back to the fingerprinting units. When instructed by the user, the units can then proceed to setup a secure data connection.

Abstract: A shoulder-surfing resistant authentication method and system includes a computing device, such as a smart phone, which includes a display for presenting an interactive virtual environment. During the authentication process, the user enters a passcode by modifying one or more attributes of one or more icons that are presented relative to the interactive environment. Such attributes may include one or more of the type of movement the icons perform, the change in position or visual characteristics of the icons relative to the virtual environment, as well as the removal and/or addition of one or more icons relative to the virtual environment. The entered passcode is then compared with a previously stored or “set” passcode to authenticate the user before granting access to the computing device.

Abstract: A computer system, computer program product and computer-implemented method for performing a task. The computer system includes a sensor and a processor. The sensor is attachable to an article and is sensitive to a parameter indicative of a pattern of use of the article. The processor is configured to: determine a standard pattern of use of the article from a measurement of the parameter obtained during a training period, determine a tracked pattern of use of the article from a measurement of the parameter obtained during a tracking period, and generate a reminder to perform the task when the tracked pattern of use deviates from the standard pattern of use. A device receives the reminder in order to presenting the reminder to a user.

Abstract: Disclosed are various embodiments for updating IoT endpoints. A software update package can be deployed to a IoT gateway. The software package can have lifecycle scripts and software executable for installation on IoT endpoints. The lifecycle scripts represent different lifecycle phases of the update process.

Abstract: A data anonymization computer system selectively anonymizes data items from data structures prior to forwarding the data structures to a third-party network service. The data anonymization computer system identifies at least a respective data item of the data structure that meets a set of conditions, including at least a first condition in which at least a portion of the respective data item has a format that coincides with the predetermined format and replaces a set of characters of the respective data item having the format with a string of characters of a respective token of a pool of tokens. The data anonymization computer system forwards the data structures to the third-party network service with each of the respective data items having the string of characters of the respective token in place of the replaced set of characters.

Abstract: Systems and methods are provided for data security grading. An exemplary method for data security grading, implementable by a computer, may comprise receiving a request to access a query data field, searching for the query data field from a security level table, in response to finding the query data field from the security level table, obtaining from the security level table a security level corresponding to the query data field, and in response to not finding the query data field from the security level table, determining a security level corresponding to the query data field based at least on a lineage tree and the security level table. The lineage tree may trace the query data field to one or more source data fields, and the security data level table may comprise one or more security levels corresponding to the one or more source data fields.

Abstract: Methods and systems for authenticating a user include presenting a list of themes on a user interface of a client device for user selection. Images of a plurality of objects and query prompts are presented on a client device for a theme selected from the list. Images of objects selected in response to the query prompts are received and verified to determine that the objects that are selected are theme-based objects and correspond to the query prompts. The selected objects are stored as answers to the query prompts identified for the theme and are used for authenticating the user during subsequent requests received from an application that is used to access a sensitive, digital asset.

Abstract: A system and method for updating firmware data on a computing platform in response to a firmware update request received in the form of a signed capsule file received via a runtime service is discussed. The firmware update request may be a request to update UEFI firmware and be received using the UpdateCapsule runtime service. The firmware data may include data associated with UEFI protected variables, SMBIOS data, logo data, microcode update data and pre-operating system security policy data.

Abstract: Subject matter disclosed herein may relate to at least one processor to establish a communication connection between a portable computing device and a particular external device, the at least one processor to initiate transmission of one or more signal packets representative of one or more communication, security, and/or cryptographic parameters to the particular external device responsive at least in part to the establishing the communication connection.

Abstract: A method of automatically generating secure code includes: receiving source code and security constraints for the source code, the security constraints encoding, to what extend a variable in the source code is considered secure; and generating secure code from the source code and the security constraints by replacing non-secure operations in the source code, which operate on the variables considered as secure, with secure operations; wherein a secure operation is an operation, which, when applied to at least one encrypted variable, generates an encrypted result, which, when decrypted, is the result of the non-secure operation applied to the not encrypted variable.

Abstract: The present invention provides systems and methods for providing cross-device native functionality for a native app. More specifically, the invention is directed to a JavaScript Object Notation (JSON) data exchange format for use with a native app running on a user's mobile device, wherein the exchange format is configured to improve user experience and interaction with the app. The present invention may be particularly useful in a mobile-based crowdsourcing platform in which data is continually exchanged between remote user devices and a cloud-based service for collecting and managing user-driven data based on user interaction with native apps on their devices.

Abstract: Described herein are systems and methods for displaying screenshot-proof content. In one embodiment, a method of protecting a digital content from capture by a screen capture operation of a user device comprises: receiving, by the user device, the digital content; converting a format of the digital content into a content-protected format; streaming the digital content from a local content server implemented on the user device to a local content client implemented on the user device; and causing the user device to display the digital content.

Abstract: Devices, systems, and methods are provided to provide cloud-based coordination of customer premise service appliances. A system can include a computing device comprising a communication module, a policy module, an appliance selection module, and a coordination module. The communication module receives a document request from a first client over a network connection, establishes a session with the first client in response to the document request, and receives metadata representing collected signatures at after completion of the electronic signature operation portion of the document request. The policy module manages a policy associate with a first account corresponding to the document request. The appliance selection module selects one of a plurality of document appliances.

Abstract: Embodiments of the present disclosure provide a resource access control method performed by a computing device. The computing device pre-stores an association relationship between tag information and a group resource and an association relationship between the tag information and access permission, respectively. After receiving a group resource access instruction, the group resource access instruction indicating a group resource to which a user requests access, the computing device obtains tag information granted to the user from the tag information associated with the group resource and then obtains access permission associated with the tag information based on the tag information granted to the user. Finally, the computing device compares the access permission with resource permission of the group resource, and permitting or rejecting, based on a comparison result, a group resource access requested by the user.

Abstract: There is provided a method for obtaining a user authentication image using pressure sensing. The method includes dividing a pressure sensing area corresponding to a fingerprint input window, with which a biometric feature of a user is brought into contact, into a plurality of partial areas, acquiring a plurality of image frames captured through the fingerprint input window and obtaining, for the partial areas, respective pressure sensing values synchronized with a capturing time of each of the image frames. The method further includes generating the user authentication image from the image frames based on comparison results between the pressure sensing values respectively obtained for the partial areas and one or more predetermined thresholds.