Systems and techniques are provided for Byzantine agreement in open networks. An indication to change a validation network for an open network from a current validation network to a next validation network may be broadcast. An agreement to change to the validation network to the next validation network may be. An instance of external validity multi-valued Byzantine agreement may be run to determine a continuing sequence number to be used by the next validation network based on the sequence numbers of amendments applied to decentralized database copies stored node computing devices of the open network. The next validation network may be switched to as the validation network for the open network after the continuing sequence number is determined. An amendment validated by the next validation network may be applied to a decentralized database copy. The amendment may include a sequence number that is higher than the continuing sequence number.

Systems, methods, and computer-readable media for on-demand security provisioning using whitelist and blacklist rules. In some examples, a system in a network including a plurality of pods can configure security policies for a first endpoint group (EPG) in a first pod, the security policies including blacklist and whitelist rules defining traffic security enforcement rules for communications between the first EPG and a second EPG in a second pods in the network. The system can assign respective implicit priorities to the one or more security policies based on a respective specificity of each policy, wherein more specific policies are assigned higher priorities than less specific policies. The system can respond to a detected move of a virtual machine associated with the first EPG to a second pod in the network by dynamically provisioning security policies for the first EPG in the second pod and removing security policies from the first pod.

There is provided an authentication system for validating identity credentials of a user attempting to access a resource provided by a remote resource provision system. The authentication system includes an input configured to receive, from the resource provision system, an authentication request comprising a cryptographic representation of digital identity data of the user and an associated token identifier, where the digital identity data comprises at least one image of an identity credential of the user. The system also includes a processor configured to: determine a pre-stored cryptographic identifier corresponding to the token identifier; and compare the received cryptographic representation with the pre-stored cryptographic identifier. The system further includes an output configured to transmit, to the remote resource provision system and in response to determining a match between the received cryptographic representation and the pre-stored cryptographic identifier, an authentication confirmation indicating successful validation of the digital identity data.

Embodiments described herein provide a user interface for interacting with a smart contract deployed to a blockchain. The user interface is custom-generated for each party to the smart contract. In particular, representations of actions that a particular party is enabled to perform and/or has already taken with respect to the smart contract are provided to that party via a user interface. A user experience generator queries the smart contract itself to determine which representations are to be provided to each party. The smart contract comprises functions and/or user experience annotations that indicate to the user experience generator which user interface representations should be provided to a particular user based on the party identity and/or the smart contract's state. The smart contract provides an event notification to the user experience generator, which prompts the user experience generator to query the smart contract to determine the allowed actions for a particular user.

Exemplary security applications and systems are described herein. Such embodiments may be configured to provide backup functionality and ransomware protection for cloud storage systems. The described embodiments may monitor cloud storage systems to detect and classify various events. And the embodiments may perform any number of actions based on classified events, such as transmitting notifications to users, preventing a user or application from accessing the cloud storage system, and/or restoring infected files.

A gateway device for a vehicle network system installed in a vehicle is provided. The vehicle network system includes a network, an electronic control unit connected to the network, and the gateway device connected to the first network and configured to communicate outside the vehicle. The gateway device receives a first frame from outside the vehicle; determines whether or not the first frame is appropriate; generates a second frame when the first frame is not determined to be appropriate; and transmits the second frame to the network. The second frame includes control information and additional information based on content of the first frame. The control information restricts processing of the additional information included in the second frame by the electronic control unit, after the second frame is received by the electronic control unit.

A device includes a processor and a memory. The processor effectuates operations including receiving signaling messages traversing a first interface or a second interface from the network traffic, translating the signaling messages into one or more events, detecting one or more anomalies by analyzing the one or more events, determining whether the one or more anomalies is indicative of an attack on a telecommunications network and performing a remediation action to the signaling messages resolving the attack when the one or more anomalies is indicative of an attack on the telecommunications network.

A first verifiable claim is received at a second entity from a first entity. The first verifiable claim is signed by the first entity. A second verifiable claim is generated. The second verifiable claim embeds the first verifiable claim therein and specifies a service that is to be performed on behalf of a fourth entity. The second verifiable claim is provided to a third entity. The second verifiable claim is configured to cause the third entity to verify the signature of the first entity with a public key associated with a decentralized identifier (DID) of the first entity to determine that the first entity is a trusted entity that is able to verify that the second entity is authorized to specify the service to be performed on behalf of the fourth entity.

Methods, systems, and computer readable media for determining time related parameter values for a communications network are disclosed. One method for determining time related parameter values for a communications network occurs at network function (NF) repository function (NRF) comprising at least one processor. The method comprises: receiving, from a first network function (NF), a service request message; determining, using network information and/or NF information, a time related parameter value associated with the service request message; and generating and sending, to the first NF, a service response message indicating the time related parameter value.

An access control system includes a plurality of physical access control readers that form a reader network which utilizes a first communication protocol. The system includes a plurality of mobile communication devices each having a first communication interface and a second communication interface. The first communication interface enables the mobile communication devices to access a mobile communication network which utilizes a second communication protocol, and the second communication interface enables the mobile communication devices to communicate with the access control readers. The plurality of physical access control readers exchange status information for the plurality of physical access control readers and for the plurality of mobile communication devices over the reader network.