Techniques are described for transaction-based read and write operations in a distributed system. In an embodiment, an authorization protocol overlaid onto a transaction to control access to each of the data pools. Using the techniques described herein, the DTRS provides authorization mechanism to ensure that the entity, which hosts the data pool, may only access the data set from an originating entity based at least upon the access rules of the originating entity set for the data set. Additionally, the DTRS's read/write transactions keep the data pools of the DTRS in synch with each other, so each data pool stores the same data sets as another data pool of the DTRS. When a data integrity service of an entity generates a new data entry from a user transaction with a client application, a new write request is generated for the DTRS to which the data integrity service belongs. The DTRS receives the data entry and its metadata from the data integrity service and performs steps to update all data pool of the DTRS, in an embodiment.

A disclosed computer-implemented method includes receiving and indexing the raw data. Indexing includes dividing the raw data into time stamped searchable events that include information relating to computer or network security. Store the indexed data in an indexed data store and extract values from a field in the indexed data using a schema. Search the extracted field values for the security information. Determine a group of security events using the security information. Each security event includes a field value specified by a criteria. Present a graphical interface (GI) including a summary of the group of security events, other summaries of security events, and a remove element (associated with the summary). Receive input corresponding to an interaction of the remove element. Interacting with the remove element causes the summary to be removed from the GI. Update the GI to remove the summary from the GI.

Geofence crossing-based control systems and techniques are described herein. For example, a geofence crossing control technique may include receiving a location signal indicative of a range of locations in which a mobile computing device is located; receiving a velocity signal indicative of a speed and direction of the mobile computing device; generating, for each of a plurality of candidate geofence crossing times, a performance indicator based on the location signal, the velocity signal, and a boundary of the geofence; selecting a geofence crossing time from the plurality of candidate geofence crossing times based on the performance indicators; and transmitting a control signal representative of the geofence crossing time. Other embodiments may be disclosed and/or claimed.

Techniques are disclosed in which a secure circuit controls a gating circuit to enable or disable other circuity of a device (e.g., one or more input sensors). For example, the gating circuit may be a power gating circuit and the secure circuit may be configured to disable power to an input sensor in certain situations. As another example, the gating circuit may be a clock gating circuit and the secure circuit may be configured to disable the clock to an input sensor. As yet another example, the gating circuit may be configured to gate a control bus and the secure circuit may be configured to disable control signals to an input sensor. In some embodiments, hardware resources included in or controlled by the secure circuit are not accessible by other elements of the device, other than by sending requests to a predetermined set of memory locations (e.g., a secure mailbox).

A computer-implemented method for evidencing the existence of a digital document has the steps of obtaining one or a plurality of time stamp(s) of the digital document, obtaining one or a plurality of cryptographic hash(es) of the digital document, generating one or a plurality of evidence key(s) based on the time stamp(s) and the cryptographic hash(es), and storing the evidence key(s) to provide one or a plurality of stored evidence key(s). A computer system for evidencing the existence of a digital document is also provided. A computer-implemented tag chain system is also described.

The authentication of a client to multiple server resources with a single sign-on procedure using multiple factors is disclosed. One contemplated embodiment is a method in which a login session is initiated with the authentication system of a primary one of the multiple server resources. A first set of login credentials is transmitted thereto, and validated. A token is stored on the client indicating that the initial authentication was successful, which is then used to transition to a secondary one of the multiple resources. A second set of login credentials is also transmitted, and access to the secondary one of the multiple resources is granted on the basis of a validated token and second set of login credentials.

A computer-implemented method for metadata-based retention of personal data may be provided. The method comprises recording data by a recording system. The data comprise payload data and metadata comprising information about the payload data and an event type; and a rule is associated with the event type, wherein the rule is indicative whether the data shall be stored persistently or temporary. The method comprises further segmenting the recorded data into a plurality of non-overlapping data segments, encrypting each data segment of the plurality of non-overlapping data segments with a unique key each, transmitting the encrypted data segments wirelessly, and storing, using a secure service container, selected ones of the plurality of non-overlapping data segments as a function of the rule.

Methods, systems and computer program products are provided for detection of slow brute force attacks based on user-level time series analysis. A slow brute force attack may be detected based on one or more anomalous failed login events associated with a user, alone or in combination with one or more post-login anomalous activities associated with the user, security alerts associated with the user, investigation priority determined for the user and/or successful logon events associated with the user. An alert may indicate a user is the target of a successful or unsuccessful slow brute force attack. Time-series data (e.g., accounted for in configurable time intervals) may be analyzed on a user-by-user basis to identify localized anomalies and global anomalies, which may be scored and evaluated (e.g., alone or combined with other information) to determine an investigation priority and whether and what alert to issue for a user.

An example apparatus includes: memory; instructions in the apparatus; and at least one processor to execute the instructions to: check for proof of trust information in one or more pre-determined positions in a trusted digital image, the proof of trust information including a secure output marker, the secure output marker indicative of information corresponding to a trusted output area of the trusted digital image; decrypt the secure output marker using one or more security keys from a trusted execution environment (TEE), the TEE isolated from a computing application; and enable activation of a trusted output indicator in response to a match between first data corresponding to the secure output marker and second data corresponding to the trusted output area of the trusted digital image.

A method is disclosed and includes receiving an alias resolve request message comprising an alias from a transfer server, and then transmitting the alias resolve request message comprising the alias to plurality of mapping computers. Then, a plurality of alias resolve response messages are received from the plurality of mapping computers, the plurality of alias resolve response messages respectively comprising a plurality of credentials or tokens. A credential or token from the plurality of credentials or tokens is then determined and transmitted to transfer server computer. The transfer server computer conducts a transaction process using the determined credential or token.