Systems and methods are described for the generation of domain names that may be associated with a particular user device and may be encrypted to obfuscate the domain names of content requested by the user device.

A method of sharing encrypted data includes, by an electronic device, receiving a password from a user to perform an action, receiving a salt value, generating a user key using the password and salt value, receiving an encrypted key location identifier value, decrypting the encrypted key location identifier value to obtain a key location identifier, receiving an encrypted read token value, decrypting the encrypted read token value using the user key to obtain a read token value, and transmitting the read token value and the key location identifier to a server electronic device.

Apparatus and methods for encrypting captured media. In one embodiment, the method includes capturing media data via use of a lens of an image capture apparatus; obtaining a number used only once (NONCE) value from the captured media data; obtaining an encryption key for use in encryption of the captured media data; using the obtained NONCE value and the obtained encryption key for encrypting the captured media data; and storing the encrypted media data. In some variants, the media is encrypted prior to storage, thereby obviating any instances in which the captured media data resides in a wholly unencrypted instance. Apparatus and methods for decrypting encrypted captured media are also disclosed.

Fingerprint encryption method and device, fingerprint decryption method and device, storage medium and terminal are provided. The fingerprint encryption method includes: acquiring a fingerprint image; dividing the fingerprint image into a plurality of block images according to a preset window, wherein a size of the block image is the same with a size of the preset window; determining identifiers of the plurality of block images, wherein the identifiers of the plurality of block images have a first preset order; and determining, according to the identifiers of the plurality of block images and a received encryption order, a plurality of encrypted block images to obtain an encrypted fingerprint image. Security of fingerprint storage or fingerprint transmission is enhanced.

A method for partially unmasking an object in a video stream comprises: displaying a first video stream in which objects are covered by privacy masks; receiving user input regarding a selection of an object being covered by a privacy mask, wherein the object has a first portion being associated with a first privacy level and a second portion being associated with a second, higher, privacy level; checking that a permission associated with the user input grants access to video data depicting object portions being associated with the first privacy level; giving access to video data depicting the first portion of the object; and displaying a second video stream which differs from the first video stream in that it includes the video data depicting the first portion of the object, while the second portion of the object is still covered by a privacy mask.

Methods, apparatus and computer program product for protecting a confidential integrated circuit design process. The computer-implemented method includes receiving a design specification dataset from a first untrusted computing device; extracting confidential design specification data from the design specification dataset; encrypting the confidential design specification data to produce encrypted confidential design specification data; generate a first encryption key to be associated with the encrypted confidential design specification data; retrieving a confidential design specification data subset for replacing a design element subset with a security hard macro (SHM) placeholder design element set; generating a security hard macro (SHM) placeholder feature set comprising those security hard macro (SHM) placeholder features representing mappings from the confidential design specification data subset to the SHM placeholder design element set; and transmitting, to the first untrusted computing device, the encrypted confidential design specification data, the first encryption key, and the SHM placeholder feature set.

In one embodiment, an apparatus includes: a control circuit to receive a message authentication code (MAC) for an epoch comprising a plurality of flits; a calculation circuit to calculate a computed MAC for the epoch; a cryptographic circuit to receive the epoch via a link and decrypt the plurality of flits, prior to authentication of the epoch; and at least one memory to store messages of the decrypted plurality of flits, prior to the authentication of the epoch. Other embodiments are described and claimed.

A security level tagging process to enable a user to associate a security level descriptor with a file, or a namespace directory where files and subdirectories inherit the security level descriptor from a parent directory. A parser can be used to automatically set a security level descriptor based on the contents of the file and/or attributes of files, or an administrator can associate a security level to a storage tier in the file system so that files are placed on the storage tiers with the matching security level as the file security level descriptor. The placement of the file on a storage tier depends on the data security level descriptor of the file and the security level of the storage so that files are placed on tiers where security level associated with the tier is greater than or equal to data security level of the file. Files can be migrated among storage tiers as their security levels may change.

The technology described in this document can be embodied in a method for preventing access to a secure system based on determining a captured image to be of an alternative representation of a live person. The method includes capturing an image of a subject illuminated by an infrared (IR) illumination source, and extracting, from the image, a portion representative of an iris of the subject. The method also includes determining that an amount of high-frequency features in the portion of the image satisfies a threshold condition indicative of the image being of an alternative representation of a live person, and in response, identifying the subject in the image to be an alternative representation of a live person. Responsive to identifying the subject in the image to be an alternative representation of a live person, the method further includes preventing access to the secure system.

Methods and apparatus for emerging use case support in user space networking architectures. In one embodiment, an apparatus configured to segregate packet data based on a packet type is disclosed. The exemplary embodiment provides a custom data type registry that enables the definition, addition, removal, modification, and/or prioritization of custom packet processing rules. Variants of the registry may support custom ethertype packets, network packets, and/or transport packets. In another embodiment, mechanisms for enabling an intermediary packet processing stage are described. Intermediary packet processing may enable user space system extensions that support e.g., packet filtering, packet modification, and/or other forms of packet processing.