Techniques and mechanisms are disclosed for configuring actions to be performed by a network security application in response to the detection of potential security incidents, and for causing a network security application to report on the performance of those actions. For example, users may use such a network security application to configure one or more modular alerts. As used herein, a modular alert generally represents a component of a network security application which enables users to specify security modular alert actions to be performed in response to the detection of defined triggering conditions, and which further enables tracking information related to the performance of modular alert actions and reporting on the performance of those actions.

A forwarding method is applied to a constrained node and includes: receiving authentication information; determining whether the authentication information is received for the first time; and if the authentication information is received not for the first time, forwarding the authentication information; or if the authentication information is received for the first time, determining whether the authentication information is valid authentication information, and if the authentication information is not valid authentication information, discarding the authentication information, or if the authentication information is valid authentication information, verifying the valid authentication information, and forwarding the valid authentication information after the verification succeeds.

A system for distributed key storage, comprising a requesting device communicatively connected to a plurality of distributed storage nodes, the requesting device designed and configured to receive at least a confidential datum, select at least a distributed storage node of a plurality of distributed storage nodes, whereby selecting further comprises receiving a storage node authorization token from the at least a distributed storage node, querying an instance of a distributed authentication listing containing authentication information using at least a datum of the storage node authorization token, retrieving an authentication determination from the instance of the authentication listing, and selecting the at least a distributed storage node as a function of the authentication determination, generate at least a retrieval authentication datum, and transmit the at least a confidential datum and the at least a retrieval verification datum to the at least a distributed storage node.

Various systems, mediums, and methods herein describe mechanisms that enable client devices to have access to data based on various address configurations. A smart phone system may be configured to receive a request. The smart phone system may also be configured to determine an address based at least on the request received, where the address provides access to data on a website. The smart phone system may also determine the address based on a receipt of the address generated by a server system. The smart phone system may also determine a timestamp associated with a transfer of the address at a geolocation. The smart phone system may also determine one or more time periods from the timestamp associated with the transfer of the address at the geolocation. The address may provide access to the data on the website during the one or more time periods.

A system for tracking electronic communications of a subscriber includes a gateway configured to track a communication between a mobile device and a subscriber mobile device that has a subscriber software module associated with a subscriber business number. The gateway is configured to send the communication to an Enterprise Information Archiving system. The gateway also is configured to: (i) if the communication is sent from the subscriber software module intended for the mobile device, send the communication to the mobile device via at least one of an SMS, MMS, and voice communication capability of the mobile device; and (ii) if the communication is sent from the mobile device to the subscriber business number via at least one of an SMS, MMS, and voice communication capability of the mobile device, send the communication to the subscriber software module associated with the subscriber business number.

Methods, systems, and computer program products are provided for real-time compromise detection based on behavioral analytics. The detection runs in real-time, during user authentication, for example, with respect to a resource. The probability that the authentication is coming from a compromised account is assessed. The features of the current authentication are compared with the features from past authentications of the user. After comparison, a match score is generated. The match score is indicative of the similarity of the authentication to the user's history of authentication. This score is then discretized into risk levels based on the empirical probability of compromise based on known past compromised user authentications. The risk levels may be used to detect whether user authentication is occurring via compromised credentials.

One example method includes accessing stored data, associating a unique identifier with the data, creating a hash by hashing a combination that comprises the unique identifier and the data, transmitting the hash to a notary service, receiving, from the notary service, a digital signature that corresponds to the hash, appending the digital signature to the data, and storing, as an object, a combination that comprises the digital signature, the data, and the unique identifier.

Embodiments of the present application disclose a forwarding method, a forwarding apparatus, and a forwarder for authentication information in the Internet of Things. The method is applied to a constrained node and includes: receiving authentication information; determining whether the authentication information is received for the first time; and if the authentication information is received not for the first time, forwarding the authentication information; or if the authentication information is received for the first time, determining whether the authentication information is valid authentication information, and if the authentication information is not valid authentication information, discarding the authentication information, or if the authentication information is valid authentication information, verifying the valid authentication information, and forwarding the valid authentication information after the verification succeeds. The embodiments of the present application can reduce resources of the constrained node, and improve performance of the Internet of Things.

This disclosure relates to creating a Bluetooth and/or BLE connection between two devices without using a UUID and/or MAC address. For example, a first device storing a private key may enter advertising mode to create a Bluetooth/BLE connection. An advertising packet (e.g., advertising channel packet data unit (PDU)) may be transmitted (e.g., in encrypted format). A second device may enter scanning or initiator mode and may receive the advertising packet. A second device may request that a user log into an account associated with the first device (e.g., a customer account, a financial account, an employee account, and/or the like) in order to initiate a Bluetooth/BLE connection. A second device user may enter login credentials via the second device, which may then be transmitted to a backend system. A backend system may receive and validate the login credentials and, in response, transmit a public key to the second device. The public key may be transmitted in an encrypted format. A second device may receive the public key and may use the public key to perform a public/private key handshake in order to validate the first device. The handshake may then be validated by the first device and a Bluetooth and/or BLE connection may be created.

A node system implements a method for node relay communication. A description of a flow entry including an address in a flow and a private key is received. The flow entry and the private key are stored in a database indexed to a flow ID. A packet comprising an authentication code and packet data including packet sequence information and a Flow ID is received. A look up in the database of a flow entry corresponding to the Flow ID of the packet is performed. The packet is either ignored or forwarded to the address in the flow, depending on the result of the look-up.