A system for monitoring actual access to data elements in an enterprise computer network and providing associated data, the system including an at least near real time data element audit subsystem providing audit output data including at least one of a time stamp, identification of an accessor, user depository stored data regarding the accessor, accessed data element data, affected data element data, type of access operation, source IP address of access and access outcome data, in at least near real time, relating to actual access to data elements in the enterprise computer network, and an additional data providing subsystem receiving in at least near real time at least a part of the audit output data and utilizing the at least part of the audit output data for providing additional data which is not part of the audit output data.

A surveillance system connectable to a network, comprising a communication module and a management module; said system being configured to, during an initialization phase: a. intercept a first message being sent to a first device; b. intercept a second message said second message being a response from the first device to the first message; c. calculate a time interval between the interception of the first message and the second message; d. repeat the steps a. to c. to determine further time intervals; e. determine a distribution of said time intervals; f. store the distribution and during a surveillance phase, intercept a third message said message being sent to the first device; intercept a fourth message said fourth message being a response to the third message; calculate a new time interval between the interception of the third and fourth messages; and verify that the new time interval is within the distribution.

A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.

A system is configured to authorize client access to an application programming interface (API) of a host device. A proxy is configured to handle network traffic between a host and a client. Clients engage the host through the proxy to access an API of the host. An authorized client-side application permitted use of the API includes an API request to the proxy. The proxy determines whether an internet protocol (IP) address of the client and the token match an existing IP-token pair. If no match exists, the proxy determines whether the token matches an existing token. The proxy authorizes the client access to the API when the IP and token match an existing pair or if the token does not match an existing token and the token is verified by the proxy.

Various systems, mediums, and methods herein describe mechanisms that enable client devices to have access to data based on various address configurations. A smart phone system may be configured to receive a request. The smart phone system may also be configured to determine an address based at least on the request received, where the address provides access to data on a website. The smart phone system may also determine the address based on a receipt of the address generated by a server system. The smart phone system may also determine a timestamp associated with a transfer of the address at a geolocation. The smart phone system may also determine one or more time periods from the timestamp associated with the transfer of the address at the geolocation. The address may provide access to the data on the website during the one or more time periods.

Systems, methods, and apparatuses for location-based automated authentication are disclosed. A system comprises a mobile device, a sensor and a backend platform. The sensor and the backend platform are in network communication. The mobile device is operable to continuously transmit Bluetooth Low Energy (BLE) signals comprising encrypted transitory identifiers. The sensor is operable to receive a BLE signal from the mobile device when the mobile device is within a predetermined range, and communicate over a network connection the encrypted transitory identifier comprised in the BLE signal to the backend platform. The backend platform is operable to extract a unique identifier and a changing encrypted identifier from the received encrypted transitory identifier, generate a changing encrypted identifier, and validate a user identification by comparing the generated changing encrypted identifier and the extracted changing encrypted identifier.

The described technology provides a capability to perform in-session updates to entitlements associated with a user's access to content served by a web application. The content may be from one or more external servers. The technology provides for automatically detecting changes to entitlements, and without requiring a user of an active session to initiate a new session, updating entitlement data in a memory such that subsequent requests for data made by the client in the same active session are serviced using the updated entitlements.

A process certifies an interaction between a user and an Organization. A Company WEB server requests an acquisition system (WIAS) generate a new redirection URL address (F-URL), simultaneously with sending a pre-redirected HTML form, the (F-URL) pointing to a gateway for verifying in the request the presence of a TOKEN/COOKIE indicating instantiation of a dedicated acquisition memory-storage on the server. If the TOKEN/COOKIE is not present the dedicated acquisition memory-storage is instantiated in the server and the certified acquisition step is started. Upon completion of the step for certified acquisition of the interaction the request of the user is again directed to the original URL address (O-URL), with confirmation of the acceptance to the user, the application of a time mark and an identification symbol, obtaining a certification having legal proof value, sent to a device for storing legal proof certifications.

A system, method, and computer program product are provided for securing authorization tokens using client instance specific secrets. Tokens are valid for service requests only if time constraints and additional security constraints are met by additional information stored in the token in hashed form. A required comparison of a timestamp in a client service request header to the current server time limits the useful token life, e.g., to a few minutes. The service request header also includes data generated based on a secret previously assigned to a specific client instance. The secret may be generated by the server according to a public/private key scheme and sent to a particular client instance only once, e.g., during initial device registration. The secret may be omitted from service requests for public information. Service request headers may include device identifiers, so that service requests from known rogue clients may be ignored.

A method according to one embodiment includes communicating a wireless advertisement that identifies a clock status of a real-time clock of the access control device, wherein the clock status includes a clock status value indicating that the real-time clock has not been set, establishing a wireless communication connection with a computing device in response to the wireless advertisement, transmitting a session random value to the computing device, receiving a clock update token from the computing device, wherein the clock update token is indicative of an authority of the computing device to update the real-time clock of the access control device, authenticating the clock update token based on at least the session random value, and updating the real-time clock based on a received update time in response to successful authentication of the clock update token.