A method and apparatus for integrity protecting data that include and perform: receiving as input data any new digital information from one or more sources; forming a protection block representing the input data received during a first period of time, if any; forming a digital descriptor using at least the protection block; and producing a delay-coding verification code based on the digital descriptor and a previous verification code.

There is provided a communication device including: a communication section that executes communication with another node; and a control section that controls the communication by the communication section, the control section adding, to a packet directed toward a transmission destination node by a transmission source node, header information containing at least path information between the communication device located in a stage subsequent to the transmission source node and a target node located in a stage preceding the transmission destination node, and causing the communication section to send the packet toward another node residing in a path.

In an embodiment, a submission history table is maintained by tracking an identification of each user making a submission of a confidential data value and a timestamp of when the corresponding submission was made. A first confidential data value submission is received from a user having a first identification. Member usage information for the user having the first identification, are retrieved based on the first identification. The submission history table is referenced to determine a length of time since the user having the first identification last made a submission of confidential data. It is determined that the user having the first identification is not permitted to submit confidential information based on the member usage information and the length of time since the user having the first identification last made a submission of confidential data. In response to the determining, the first confidential data value is discarded.

User authentication techniques based on geographical locations associated with a client device are provided. An example method for authentication of the client device includes receiving an authentication request from the client device. The method may include establishing current geographical location of the client device based on metadata received from the client device. The method may further include establishing a trusted tolerance geographical area based on historical location area associated with the client device. After establishing the trusted tolerance geographical area, the method may proceed with determining whether the current geographical location of the client device is within the trusted tolerance geographical area. The method may further include authenticating the client device based on the determination that the current geographical location of the client device is within the trusted tolerance geographical area.

A process for generating an access credential by a communication device may include determining whether a communication device successfully executed a predetermined shutdown sequence when the communication device last transitioned to an inactive state, determining whether the communication device has synchronized with an authorization network subsequent to transitioning back to an active state, and generating the access credential including a timestamp. The access credential may indicate whether the access credential has reliable timestamp information. The access credential can be provided to an access device associated with an authorization network to authenticate the communication device.

A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is big data driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.

An authentication method is disclosed. To authenticate a user, a mobile device may request identification and verification from the user. Upon receiving a positive identification and verification response from the user, the mobile device may generate a cryptogram using a user identification (ID) associated with the user, a timestamp, a device ID associated with the mobile device, a service provider application ID associated with the service provider application, and a service provider device ID. The mobile device may transmit the generated cryptogram, the user ID, the timestamp, the device ID, the service provider application ID, and the service provider device ID, to a service provider computer associated with the service provider application. The service provider computer may decrypt the cryptogram and compare the decrypted data elements to the received data elements to validate and authenticate the user.

An access control system comprising a reader configured to make an ingress or egress determination using information received from one or more mobile devices is described. The reader may be further configured to store information about ingress and egress events for analysis by a system administrator.

A method for validating a timestamp, including receiving a first data packet, including first useful data, from a first transmitter, receiving a second data packet, including a first timestamp associated with the first useful data, comparing the first timestamp to a predefined second timestamp, which is associated with the first useful data, to determine a first validated timestamp, which is associated with the first useful data, receiving a third data packet, including second useful data, from a second transmitter, which is different from the first transmitter, receiving a fourth data packet, including a third timestamp associated with the second useful data, comparing the third timestamp to a predefined fourth timestamp, which is associated with the second useful data, to determine a second validated timestamp, which is associated with the second useful data, and comparing the first validated timestamp to the second validated timestamp.

Approaches, techniques, and mechanisms are disclosed for providing referral identity systems and services. The referral identity system can provide a hardware based system for identifying users and the devices they are using and recognizing referrals from one device to another and/or from one user to another. Each of the users can be uniquely identified using a device identifier associated with a device that the user is using. The authentication and identity services can be used to license software and/or devices coupled with such software dynamically using integrated hardware, software, and firmware, and provide a validated identification difficult to spoof.