Some examples relate generally to computer architecture software for data classification and information security and, in some more particular aspects, to verifying audit events in a file system.

A method by one or more computing devices for obfuscating challenge code. The method includes obtaining challenge code for interrogating a client, inserting, into the challenge code, code for obfuscating outputs that are to be generated by the client, where the code for obfuscating the outputs includes code for applying a first chain of reversible transformations to the outputs using client-generated random values, interning strings appearing in the challenge code with obfuscated strings, inserting code for deobfuscating the obfuscated strings into the challenge code, inlining function calls in the challenge code, removing function definitions that are unused in the challenge code due to the inlining, reordering the challenge code without changing the functionality of the challenge code, and providing the challenge code for execution by the client.

Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for obtaining identity verification information of a patient. Verifying the patient's identity by: obtaining an indication that the patient identification document is authentic, and verifying that the representation of a biometric of the patient corresponds to a biometric indicated on the patient identification document. Determining that a physical location of a computing device is proximate to a physical location of the patient. In response to verifying the patient and determining that the physical location of the computing device is proximate to the physical location of the patient, determining eligibility of the patient to receive services from the service provider.

An electronic device used for unlocking a locking device is disclosed. The electronic device according to various embodiments of the present invention may comprise: a communication module for transmitting an unlock signal; and a processor which performs authentication with respect to a user so as to unlock a locking device, changes, after the user is authenticated, a valid time configured for a first key selected among one or more keys registered on an application, and transmits the unlock signal, including information on the changed valid time and information on the first key, via the communication module. Other various embodiments are also possible.

Methods, systems, and apparatus, including computer programs encoded on computer storage media for containment of sensitive data within a communication platform. The system displays a communication interface including a first input section for receiving an input message associated with a sending user account, and a display section for displaying message information received by the sending user account from other user accounts. The system determines a requirement to input sensitive information. The system then displays a sensitive data user interface including second input section for receiving a sensitive message, and an interface control for setting an expiration time value for the sensitive message.

A metric value is determined for each event in a set of events that characterizes a computational communication or object. For example, a metric value could include a length of a URL or agent string in the event. A subset criterion is generated, such that metric values within the subset are relatively separated from a population's center (e.g., within a distribution tail). Application of the criterion to metric values produces a subset. A representation of the subset is presented in an interactive dashboard. The representation can include unique values in the subset and counts of corresponding event occurrences. Clients can select particular elements in the representation to cause more detail to be presented with respect to individual events corresponding to specific values in the subset. Thus, clients can use their knowledge system operations and observance of value frequencies and underlying events to identify anomalous metric values and potential security threats.

The present invention provides an approach for granting access and respectively denying access to an instruction set of a device. The technical teaching provides the advantage that unauthorized access can be effectively prevented. Hence, maintenance work can be performed by specialized staff and security sensitive parts of the instruction sets are secured.

A method for the secure interaction of a user with a mobile terminal and a further entity includes transmitting a secret or an image of the secret generated by a one-way function and an individual data from the user to a back-end, transmitting the image and the individual data from the back-end to a protected execution environment of a processor of the mobile terminal; notifying the user on a secure user interface of the mobile terminal, wherein the individual data is displayed to the user and wherein the user is authenticated with the secret, the user interacting with a secure element of the mobile terminal having a secure connection with the protected execution environment, via the secure user interface and the protected execution environment; and the secure element interacting with the further entity via a secured connection providing a complete security chain of all entities involved in the interaction.

In some embodiments, the present invention provides for an exemplary computer system which includes at least the following components: a network of externally owned presence (EOP) member nodes, including a supervisory EOP member node is configured to generate at least one personalized cryptographic private key for each peer EOP member node; a distributed database, storing a plurality of persistent data objects; and a plurality of self-contained self-executing software containers (SESCs); where each SESC includes an independently executable software code which is at least configured to: apply entropy to generate a state hash representative of a current state of a persistent data object, perform a data action with the persistent data object; and determine that a particular EOP member node has a permission to cause the SESC to perform the data action with the persistent data object based.

Systems, methods, and related technologies for account access monitoring are described. In certain aspects, a login request associated with a device can be analyzed and a score determined. The score and a threshold can be used to determine whether to initiate an action.