Systems and methods are disclosed which use a block chain (“blockchain”) to enable the establishment of file dates and the absence of tampering, even for documents held in secrecy and those stored in uncontrolled environments, but which does not require trusting a timestamping authority or document archival service. In an exemplary operation, an internet browser retrieves a website document, hashes at least a portion of the website document to produce a first hash value, retrieves blockchain registration data for the website document; compares the first hash value with a second hash value found in a blockchain; and responsive to the first and second hash values matching, displays a verification indication. Some embodiments may be used as parental controls for internet browsers.

Systems and methods for processing log data are provided. A set of data chunks is determined. Each data chunk is associated with a set of events, which are grouped according to a primary time dimension field of each event of the set of events. A metadata structure is determined for each of the data chunks. The metadata structure includes comprises a range of the primary time dimension field of all of the events in the data chunk and a range of a secondary time dimension field of all of the events in the data chunk. A subset of the data chunks is selected. A data chunk associated with at least one event of the plurality of events is generated according to the secondary time dimension field of the at least one event.

Methods and apparatus for a secure time service are disclosed. A time server including a time source, a cryptographic key and a cryptographic engine is instantiated within a provider network. A time service endpoint receives a timestamp request from a client. The endpoint transmits a representation of the request to the time server, and receives, from the time server, an encryption of at least a timestamp generated using the time source. A response comprising the encryption of at least the timestamp is transmitted to the requesting client.

A device and methods are described that comprise at least one host application and a rich execution environment. At least one interface is operably coupled to the REE for communicating with a remote server. A security sub-system comprises a security monitoring and control circuit coupled to the REE and connectable to the remote server via the REE and the at least one interface. The security monitoring and control circuit comprises an analytics circuit configured to detect an anomaly following a compromisation of the device. The security monitoring and control circuit is arranged to treat the REE as an untrusted component and in response to a detection of a compromisation of the REE or a component in the device that is accessible by the REE by the analytics circuit, the security monitoring and control circuit is configured to re-establish a secure connection to the remote server that tunnels through the REE and at least partially removes the compromisation from the device.

A machine may be configured to detect an anomalous event based on metrics pertaining to a production system. For example, the machine analyzes a time series of values associated with a metric pertaining to a production system. The machine identifies a pattern associated with the time series based on the analysis of the time series. The pattern may describe an occurrence of particular values at particular timestamps of the time series. The machine determines a range of potential values for a next timestamp in the time series based on the pattern. The machine assigns a score value to an actual value associated with the metric and corresponding to the next timestamp. The assigning of the score value may be based on a comparison of the actual value and the range of potential values. The machine identifies the actual value as a candidate for an alert based on the score value.

Systems and methods include obtaining a set of events, each event in the set of events comprising a time-stamped portion of raw machine data, the raw machine data produced by one or more components within an information technology or security environment and reflects activity within the information technology or security environment. Thereafter, a first neural network is used to automatically identify variable text to extract as a field from the set of events. An indication of the variable text is provided as a field extraction recommendation, for example, to a user device for presentation to a user.

A process for generating an access credential by a communication device may include determining whether a communication device successfully executed a predetermined shutdown sequence when the communication device last transitioned to an inactive state, determining whether the communication device has synchronized with an authorization network subsequent to transitioning back to an active state, and generating the access credential including a timestamp. The access credential may indicate whether the access credential has reliable timestamp information. The access credential can be provided to an access device associated with an authorization network to authenticate the communication device.

Aspects relate to apparatuses and methods for determining and processing dormant data records on an immutable sequential listing. An exemplary apparatus includes a processor configured to monitor a plurality of timestamps associated with a plurality of data records stored on the immutable sequential listing, where the data record includes a job resume, detect inactivity in a first data record of the plurality of data records over a predetermined time period as a function of a first timestamp of the first data record, wherein the predetermined time period may be set by the user, tag, as a function of the inactivity, the first data record as an inactive first data record, and process, as a function inactivity, the first data record, wherein processing may include adding additional data or archiving inactive data records from the immutable sequential listing.

Systems and methods for use in verifying a request for access to data in a system comprising a first module having access to a first trusted indicator of time, a second module having access to an untrusted indicator of time and a computing device having access to a second trusted indicator of time. The first module generates a password using at least the first trusted indicator of time. The second module receives a password associated with the request for access to data and validates the received password using at least the untrusted indicator of time. The second module then causes a message to be transmitted to the computing device, the message comprising data indicative at least of the untrusted indicator of time used to validate the received password. The computing device then generates data indicative of a comparison between the untrusted indicator of time and the second trusted indicator of time, and uses the generated data to provide said access to data.

A computer-implemented method for secure identification of a device being associated at a specific location, thus allowing a user to activate a procedure connected to the specific location where the device is placed, said device being disconnected from internet, comprising the following steps: an enrollment process performed through an application miming on a mobile device, said enrollment process associating the device hardware parameters to the specific location and recording and storing these data on a back-end application miming on a central system; a generation process performed on the device, said generation process generating and displaying on the device a graphical code OTP based with limited lifetime; a validation process of the graphical code OTP based; if the received graphical code OTB based is validated, the user is allowed to activate, through his mobile device, the procedure connected to the specific location.