A mobile device may include an authenticator and a processor. The authenticator may generate an authorization request with a secure token to access a server. The processor may access the server using an authorization token, if the authenticator receives the authorization token in response to the authorization request. The authenticator may embed the authorization request with a plurality of parameters to allow the server to determine, based upon at least one of the plurality of parameters, if the authorization token should be given to the mobile device.

A configuration in which a reliable source of illegal copy content is analyzed using content in which a reproduction path can be set is realized. Content which has a segment area including a plurality of items of variation data which can be decrypted using different keys and in which a reproduction path corresponding to the selected variation data can be set is used. Each item of variation data is configured such that embedded information such as a digital watermark can be acquired from decrypted data. Each item of variation data includes a 192-byte source packet or a 6144-byte aligned unit. A reproduction device selects and reproduces one item of variation data from each segment area on the basis of a variation data identifier recorded in the variation data.

Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for managing transaction requests in ledger systems. One of the methods includes: receiving a plurality of transaction requests by a computing system, each of the plurality of transaction requests including content information of a corresponding transaction and authentication information of the corresponding transaction, storing each of the plurality of transaction requests in a request stream by the computing system, obtaining storage information of a transaction request of the plurality of transaction requests in the request stream by the computing system, and storing the storage information of the transaction request in an index of an index stream and authentication information of a transaction corresponding to the transaction request in a storage element of a storage stream by the computing system, the storage element corresponding to the index, the index stream being associated with the storage stream.

A sending device may send data intended for a target device. An intermediate device may intercept the data sent from the sending device and forward the communications to the target device. Security data (e.g., a security certificate for authentication) along with an encrypted version of the security data may be sent at the application layer such that it passes from the sending device, through the intermediate device, and to the target device without being analyzed or modified by the intermediate device. The target device may use the encrypted security data and the security data to verify the identity of the sending device.

A computer-implemented method includes receiving, by a computing device within a networking environment, a workload for execution within the networking environment; initiating, by the computing device, transfers of the workload to a plurality of network elements within the cloud networking environment; providing, by the computing device, tracking information of the workload as the workload traverses through the plurality of network elements; and storing or outputting, by the computing device, the tracking information regarding of the workload.

Whether testing intrusion detection systems, conducting training exercises, or creating data sets to be used by the broader cybersecurity community, realistic user behavior is a desirable component of a cyber-range. Existing methods either rely on network level data or replay recorded user actions to approximate real users in a network. Probabilistic models can be fit to actual user data (sequences of application usage) collected from endpoints. Once trained to the user's behavioral data, these models can generate novel sequences of actions from the same distribution as the training data. These sequences of actions can be fed to emulator software via configuration files, which replicate those behaviors on end devices. The models are platform agnostic and can generate behavior data for any emulation software package. In some embodiments a latent variable is added to faithfully capture and leverage time-of-day trends.

A distributed security system and method are disclosed that enable access to known threat events from threat intelligence feeds when the system includes public cloud components. A cloud-based security policy system stores observable events for security incidents detected by and sent from user devices within an enterprise network. The observable events include observable indicators for characterizing the observable events. The threat events within the feeds include threat indicators for characterizing the threat events. An on-premises connector within the enterprise network downloads the observable indicators from the security policy system and the threat indicators from the feeds. In response to determining that any observable indicators match any threat indicators, the on-premises connector provides access to the threat events and/or the observable events having the matching indicators. In one example, the on-premises connector generates opaque query strings for users on user devices to access the threat events/observable events having the matching indicators.

In a computer-implemented method for signing a message by a user device of a public key infrastructure (PKI) system, the message and a user public key are sent to at least one attestation server and a server signature on the message is received from the attestation server. The server signature attests the validity of the user public key and is bound to the user public key and the message. The message and the server signature are signed with a user private key, thereby providing a user signature on the message. An attestation server and a related computer program product are also provided.

An authentication apparatus includes a memory that stores information regarding a device and other device located in the vicinity of the device in association with each other; a receiving unit that, in a case where there is an authentication request from the device, receives information regarding other device located in the vicinity of the device at a time of the authentication request; and an authentication unit that authenticates the device based on the information regarding the other device stored in the memory and the information regarding the other device that is received by the receiving unit at the time of the authentication request.

In a method for performing symmetric stream encryption of data using a keystream and for transmitting the encrypted data, wherein the keystream is generated using at least one feedback shift register, which is initialized by filling with a defined bit sequence, the data to be encrypted is distributed into data packets, wherein each data packet is encrypted separately. The one or more feedback shift register(s) is/are re-initialized in order to encrypt each data packet, wherein at least a first bit sequence and a second bit sequence are used in each case to initialize the one or more feedback shift registers, wherein the first bit sequence is added to each encrypted data packet in clear text or in coded form and the second bit sequence represents a secret key that is not added to the encrypted data packets. The encrypted data packets are transmitted in packet switching mode together with the respectively added bit sequence and optionally header data.