A method includes providing, by a first electronic device, a first request to a second electronic device for the second electronic device to provide data to the first electronic device representing content that is stored in a security component of the second electronic device. The first electronic device receives the response from the second electronic device to the first request and, in response thereto, the first electronic device stores data in the first electronic device representing content that is stored in a security component of the second electronic device. The method includes performing cross-attestation. Performing the cross-attestation includes, in response to an attestation request that is provided by a verifier to the first electronic device, the first electronic device providing to the verifier data representing content that is stored in the security component of the first electronic device and data representing the content stored in the security component of the second electronic device.

An integrated circuit device includes encryption circuitry to encrypt a data packet and scheduler circuitry to receive the encrypted data packet from the encryption circuitry. The scheduler circuitry monitors a duration of time associated with egress of the encrypted data packet, holds the encrypted data packet until the duration of time matches a threshold duration of time, and transmits the encrypted data packet in response to the duration of time matching the threshold duration of time.

Representative embodiments of operating a secured device requiring user authentication include receiving a request from a user for operating the device without prior authentication; granting the user temporary access to the device in accordance with a security policy that specifies a predetermined time interval and/or a predetermined number of device operations within which authentication must occur to continue at least some operations of the device; computationally storing an audit trail identifying the temporary access and actions performed during the temporary access; and upon determining that authentication has not been provided within the predetermined time interval or number of device operations, preventing at least some operations of the device and updating the audit trail to specify expiration of the temporary access.

Resource watermarking and management actions on electronic resources are described. In one example, a process for resource watermarking and management actions includes receiving, from a client device, a request to perform an action on an electronic resource and a device profile for the client device. The device profile can include at least one attribute of the client device. The process also includes identifying a watermark template for the electronic resource, determining descriptive data of the watermark template based on the request to perform the action and whether the device profile complies with a compliance rule, overlaying the watermark template and the descriptive data onto the electronic resource, and determining that the client device is authorized to perform the action on the electronic resource in response to the electronic resource being united with the watermark template.

Information is identified as sensitive and a lapsed time job (Chron Job) is created that will allow the deletion of sensitive information after a period of time. The interval could be set to be longer than vacation or other planned use, and yet short enough to limit the period where risk to the organization or individual is incurred. The Chron Job could be integrated with the user's calendar, such that the Chron Job considers holiday time as a means of delaying execution of the Chron Job which would allow a shorter interval to be selected. In addition to deletion of the information identified as sensitive, additional steps could also be taken, such as the purging of the recycle bin, modification of the FAT, and optionally the deletion of related information. Once information is identified as sensitive, the information and derivative works are tracked and managed.

Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for managing blockchain-based centralized ledger systems. One of the methods includes: transmitting a timestamp request for a to-be-timestamped block in a blockchain to a trust time server by a ledger server in a centralized ledger system that stores data in the blockchain, the trust time server being associated with a trust time authority and independent from the centralized ledger system, the blockchain including a plurality of blocks storing transaction data, receiving a timestamp and associated signature for the to-be-timestamped block from the trust time server by the ledger server, and storing information of the timestamp and the associated signature for the to-be-timestamped block in the blockchain by the ledger server.

Methods and systems for using consent policies to determine whether to proceed with actions relative to persons based on a hierarchy of consent values for that person are described. Responsive to a query, records are retrieved which pertain to a person's consent for another entity to perform an action relative to the person in view of data privacy laws. A consent policy is selected. The selected consent policy includes rules that are configurable to reflect a manner to comply with data privacy laws. The selected consent policy is applied to the records. Applying the selected consent policy comprises applying rules to find a result for a second level of the hierarchy of consent values, determining a result for a first level of the hierarchy of consent values, and applying rules to determine whether to proceed with the action relative to the person.

Methods, systems and computer program products are provided for detection of slow brute force attacks based on user-level time series analysis. A slow brute force attack may be detected based on one or more anomalous failed login events associated with a user, alone or in combination with one or more post-login anomalous activities associated with the user, security alerts associated with the user, investigation priority determined for the user and/or successful logon events associated with the user. An alert may indicate a user is the target of a successful or unsuccessful slow brute force attack. Time-series data (e.g., accounted for in configurable time intervals) may be analyzed on a user-by-user basis to identify localized anomalies and global anomalies, which may be scored and evaluated (e.g., alone or combined with other information) to determine an investigation priority and whether and what alert to issue for a user.

Improved computer-implemented methods for evidencing the existence of a digital document, anonymously evidencing the existence of a digital document, database management for systems for evidencing the existence of a digital document, and verifying the data integrity of a digital document provide increased reliability, security and enhance trust from users and third parties.

A tamper resistant element (TRE) in a device can operate a primary platform and support a “Smart Secure Platform”. The TRE may not keep time when electrical power is removed from the TRE. The device can receive (i) a certificate for an image delivery server (IDS) with a first timestamp and (ii) a signed second timestamp from a certificate authority, comprising a signature according to the Online Certificate Status Protocol (OCSP) with stapling. The device can forward the certificate and second timestamp to the TRE. The device can receive a ciphertext and an encrypted image from the IDS, where the ciphertext includes a third timestamp from a Time Stamp Authority (TSA), and forward the data to the TRE. The TRE can conduct a key exchange to decrypt the ciphertext. The TRE can compare the second and third timestamps to verify the certificate has not been revoked.