In order to enable dynamic scaling of network services at the edge, novel systems and methods are provided to enable addition of add new nodes or removal of existing nodes while retaining the affinity of the flows through the stateful services. The methods provide a cluster of network nodes that can be dynamically resized to handle and process network traffic that utilizes stateful network services. The existing traffic flows through the edge continue to function during and after the changes to membership of the cluster. All nodes in the cluster operate in active-active mode, i.e., they are receiving and processing traffic flows, thereby maximizing the utilization of the available processing power.

For access policy enforcement, a method restricts access to a decryption key for private data on an electronic device. The private data is encrypted and includes group communications. The method determines an electronic device profile that includes a device time and a device location of the electronic device. The method releases the decryption key in response to the electronic device profile satisfying an access policy. The method decrypts the private data using the decryption key.

Processing circuitry may support a secure domain and a less secure domain, where secure information associated with a secure software process is prevented from being accessed by a less secure software process in the less secure domain. Shared resource is accessible to both secure and less secure software processes. In response to detection of an anomaly condition, allocation policy for the shared resource is switched from a shared allocation policy to a secure-biased allocation policy. The secure-biased allocation policy has a stronger bias of resource allocation to secure software processes than the shared allocation policy.

The subject disclosure provides systems and methods for providing privacy-preserving social attribution for electronic devices. For example, when information is received from a contact of a user at the user's electronic device, various applications at the electronic device may later display the received information. It can be desirable to attribute the displayed information received from the contact to that contact, without exposing identifying information of the contact to the displaying application. Aspects of the subject technology include a system process that generates an image including contact information, that can be rendered in a user interface of an application, without providing the image or the contact information to the application.

This document describes techniques for fine-motion virtual-reality or augmented-reality control using radar. These techniques enable small motions and displacements to be tracked, even in the millimeter or sub-millimeter scale, for user control actions even when those actions are small, fast, or obscured due to darkness or varying light. Further, these techniques enable fine resolution and real-time control, unlike conventional RF-tracking or optical-tracking techniques.

An electronic device is provided. The electronic device includes a display configured to display information, an input device configured to receive a user input, an image sensor, a processor electrically connected with the display, the input device, and the image sensor, and a non-transitory computer readable storage medium electrically connected with the processor that stores instructions that cause the processor to control the display to display first-level information as a locking mode is partially released when partial authentication passes based on bio-information acquired through the image sensor in a state in which the electronic device is in the locking mode, and control the display to display second-level information having a security level higher than a security level of the first-level information as the locking mode is fully released when full authentication passes based on a user input made through the input device.

An electronic device according to an embodiment includes a first biometric sensor to detect first biometric information, a second biometric sensor to detect second biometric information, a security module to normalize a first decision score for the first biometric information and a second decision score for the second biometric information, generate a decision function model for combined matching of the normalized first and second decision scores, set a threshold score corresponding to a sensitivity level in the decision function model, and perform user authentication for the first and second biometric information based on the decision function model to which the threshold score is applied, and a controller configured to control an operation of the electronic device based on a result of the user authentication performed by the security module. According to the present invention, the electronic device may perform user authentication by an Internet of Things (IoT).

In aspects of quantum-based security for hardware devices, a computing device includes a processor for application processing in a trusted execution environment, and includes a quantum random number generator to generate quantum random numbers sourced by multiple hardware devices in the computing device. The computing device also includes an embedded secure element that manages connection security of the multiple hardware devices, and is a single root of trust as a secure controller of the quantum random number generator. The computing device also includes a secure switch controlled by the embedded secure element, the secure switch being switchable to connect at least one of the multiple hardware devices to obtain a quantum random number from the quantum random number generator. The secure switch may be a virtualized secure switch implemented in the embedded secure element.

An image forming apparatus includes an authentication application device that registers information acquired from an authentication system, and indicating a normal application accessible by a user when the user logs in in the image forming apparatus, in temporary user information, and a normal application device that decides, upon being requested to activate itself, whether the user who has logged in in the image forming apparatus is authorized to utilize the normal application device, on a basis of the temporary user information.

This disclosure generally relate to a method and system for network policy simulation in a distributed computing system. The present technology relates techniques that enable simulation of a new network policy with regard to its effects on the network data flow. By enabling a simulation data flow that is parallel and independent from the regular data flow, the present technology can provide optimized network security management with improved efficiency.