Exemplary system, method, and computer-accessible medium for transmitting or generating an encrypted message(s) to or for a receiver(s) from a sender(s), can be provided, which can include, for example, generating an electronic public key(s) and an electronic private key(s) for the sender(s), generating first information based on (i) data of the sender(s), (ii) a state(s) of the sender(s), and/or (iii) a type of the sender(s), electronically selecting an electronic message signal(s) and a time stamp(s) based on the first information, generating a message(s) based on the electronic message signal(s) and the time stamp(s), generating the encrypted message(s) by encrypting the message(s) using the electronic private key(s), and transmitting the encrypted message(s) to the receiver(s).

A system for distributed key storage, comprising a requesting device communicatively connected to a plurality of distributed storage nodes, the requesting device designed and configured to receive at least a confidential datum, select at least a distributed storage node of a plurality of distributed storage nodes, whereby selecting further comprises receiving a storage node authorization token from the at least a distributed storage node, querying an instance of a distributed authentication listing containing authentication information using at least a datum of the storage node authorization token, retrieving an authentication determination from the instance of the authentication listing, and selecting the at least a distributed storage node as a function of the authentication determination, generate at least a retrieval authentication datum, and transmit the at least a confidential datum and the at least a retrieval verification datum to the at least a distributed storage node.

This disclosure relates to protecting the confidential information of multiple entities using secure multi-party computation (MPC) and k-anonymity techniques. In some aspects, a method includes receiving, by a first MPC computing system from a client device, a content request including encrypted user group identifiers. Each encrypted user group identifier is encrypted using a first encryption key of a second MPC computing system. For each encrypted user group identifier, a request is transmitted to the second MPC computing system. The request includes the encrypted user group identifier. For each user group identifier that satisfies a k-anonymity, the first MPC computing system receives, from the second MPC computing system, a plaintext value of the user group identifier. The first MPC computing system transmits a selection parameter request to one or more platforms. The selection parameter request includes the plaintext value of the user group identifier.

An indication of a security alert and a context for the security alert is received. The context includes one or more entities related to the context and a timestamp for the security alert. Data sources for the one or more entities are searched during a time window around the timestamp. One or more anomaly detection models are executed to identify anomalies that are related to the security alert based on the context. Identified anomalies for investigation of the security alert are output.

Aspects of the disclosure relate to account lineage tracking and automatically executing responsive actions upon detecting an account lineage. A computing platform may receive a first account-change message from a source-level interceptor. The first account-change message may include information identifying a source account associated with a first computing device and identifying a first target account. The first target account may be associated with a target application configured to access the target database. The computing platform may receive a second account-change message from a database-level interceptor. The second account-change message may include information identifying the first target account as a database-level source account and identifying a second target account associated with one or more target databases. After receiving the first and second account-change messages, the computing platform may generate a notification comprising information associated with an account lineage between the source account and the second target account.

The present disclosure relates to systems, non-transitory computer-readable media, and methods for dynamically controlling ephemeral messaging threads and ephemeral message duration settings across computing devices while improving security by maintaining end-to-end encryption. In particular, in one or more embodiments, the disclosed systems can transmit encrypted ephemeral messages, including ephemeral message duration settings and ephemeral setting timestamps. The disclosed systems can decrypt received messages on receiving client devices and dynamically apply ephemeral message duration settings to different message threads. For example, the disclosed systems can modify existing duration settings at a receiving client device to match a received ephemeral message duration setting based on determining that the received ephemeral setting timestamp predates an existing setting timestamp. Further, the disclosed systems can apply the ephemeral message duration setting to delete ephemeral messages from an ephemeral message thread.

A method includes displaying on a graphic user interface (GUI) of a computing device of a user, a log of computing operations performed by the user at computing terminals of entity servers respectively managed by entities. The user uses a unique authorization identifier provided by the authorizing entity to authorize the computing operations at the computing terminals of the entity servers. The user provides a fraud indication through the GUI that at least one computing operation in the log is fraudulent. Memory-jogging visual units are displayed on the GUI to the user that cause the user to recall performing the at least one computing operation identified as being fraudulent. An entry of the at least one computing operation in an operation database is marked as a valid operation authorized by the user when receiving a recognition indication and potentially fraudulent when no recognition indication by the user.

Methods and apparatus for a secure time service are disclosed. A time server including a time source, a cryptographic key and a cryptographic engine is instantiated within a provider network. A time service endpoint receives a timestamp request from a client. The endpoint transmits a representation of the request to the time server, and receives, from the time server, an encryption of at least a timestamp generated using the time source. A response comprising the encryption of at least the timestamp is transmitted to the requesting client.

A network device comprises a network interface configured to transmit packets via a network link, and timestamp circuitry configured to modify a packet that is to be transmitted by the network interface circuitry by embedding a future timestamp in the packet. The future timestamp corresponds to a transmit time at which the packet is to be transmitted by the network interface circuitry, and the transmit time occurs after the timestamp circuitry embeds the timestamp in the packet. Time gating circuitry is configured to i) receive the packet, ii) determine when a current time indicated by a clock circuit reaches the transmit time, iii) hold the packet from proceeding to the network interface circuitry prior to the current time reaching the transmit time, and iv) release the packet in response to the current time reaching the transmit time.

Systems and methods are provided for persistent login. Such persistent login may be based on linking user identity across accounts of different entities to allow each entity to maintain control over their respective sets of user data, while providing a streamlined user experience that avoids much of the repetitive need to login to different services with different login credentials (e.g., during periods of heavy use). Such persistent login may utilize a set of tokens issued and exchanged between devices of the partnering entities. Such tokens may include an access token, refresh token, and identity token. When a user associated with a first entity requests access to information secured by a second entity, such request may be associated with the access token. If the access token is determined to be expired, the refresh token may be used to refresh the access token, which may also trigger issuance of a new refresh token. The refreshed access token may be used in conjunction with the identity token to access the requested information secured by the second entity.