Techniques for monitoring an access request are described. For instance, a method comprises: obtaining a request parameter indicating a target storage space to which the access request is directed; determining a target address range of the target storage space based on the request parameter; determining, in a set of kernel logs, a target kernel log associated with the access request based on the target address range, the set of kernel logs recording operations that occur in a kernel of an operating system; and determining information of an operation of the access request based on the kernel log, the operation corresponding to the target kernel log.

A network device comprises a network interface configured to transmit packets via a network link, and timestamp circuitry configured to modify a packet that is to be transmitted by the network interface circuitry by embedding a future timestamp in the packet. The future timestamp corresponds to a transmit time at which the packet is to be transmitted by the network interface circuitry, and the transmit time occurs after the timestamp circuitry embeds the timestamp in the packet. Time gating circuitry is configured to i) receive the packet, ii) determine when a current time indicated by a clock circuit reaches the transmit time, iii) hold the packet from proceeding to the network interface circuitry prior to the current time reaching the transmit time, and iv) release the packet in response to the current time reaching the transmit time.

The present disclosure provides systems and methods for authenticating photographic data. In one embodiment, a method comprises providing an image authentication application for use on a client device, the application configured to control image capture and transmission; receiving an image data file from the application at the authentication server comprising a photographic image captured by the application and metadata associated therewith; applying a watermark to the photographic image to create a watermarked image; applying date and time information to the tagged image; applying location information to the tagged image; creating a web address associated with the image data file; uploading the photographic image, the tagged image, or both to the web address; and transmitting an authenticated image file to the client device, the authenticated image file comprising one or more of: the watermarked image, the photographic image, the date and time information, geographic information, and the web address.

A process to investigate intrusions with an investigation system is disclosed. The process receives forensic facts from a set of forensic events on a system or network. A suspicious fact is identified from the forensic facts. A related fact from the forensic facts is identified based on the suspicious fact.

A service management system facilitates and validates service on building management systems installed in a building with an access control system. A service workflow module receives device events from control panels of the building management systems and combines them with local service data from mobile computing devices of technicians performing the service, generating service events. A validation module receives the service events and retrieves access control events from an access control system controller of the access control system and determines whether they are coherent. The service workflow module also infers the location of the technician based on the access control events and sends service eligible devices to be displayed on the mobile computing devices of the technicians. In an alternative embodiment, device events from a building automation system such as a heating, ventilation and air-conditioning system are further used to validate the service events.

An apparatus in one embodiment comprises a processing platform that includes a plurality of processing devices. The processing platform is configured to implement a master control plane and a plurality of messaging interfaces. Each messaging interface corresponds to one of a plurality of infrastructure controllers residing on an infrastructure under management by the processing platform. The master control plane is configured to communicate with each of the plurality of infrastructure controllers via the corresponding messaging interface. The plurality of infrastructure controllers are each configured to manage a corresponding one of a plurality of infrastructure components of the infrastructure under management. The master control plane is configured to communicate an instruction to a given infrastructure controller of the plurality of infrastructure controllers via the corresponding messaging interface and the given infrastructure controller is configured to modify the corresponding infrastructure component based at least in part on the communicated instruction.

Technology related to evaluating cyber-risk for synchrophasor systems is disclosed. In one example of the disclosed technology, a method includes generating an event tree model of a timing-attack on a synchrophasor system architecture. The event tree model can be based on locations and types of timing-attacks, an attack likelihood, vulnerabilities and detectability along a scenario path, and consequences of the timing-attack. A cyber-risk score of the synchrophasor system architecture can be determined using the event tree model. The synchrophasor system architecture can be adapted in response to the cyber-risk score.

The specification discloses a blockchain-based advertisement monitoring method and apparatus, and an electronic device. The method may include: obtaining blockchain verification information of a target advertisement from a blockchain, the blockchain verification information comprising identification information of a playing device of the target advertisement, a first signature associated with a screenshot image of the target advertisement, and a second signature associated with the identification information of the playing device; decrypting the first signature and the second signature based on a public key of the playing device to obtain a to-be-verified screenshot information and a to-be-verified identification information, respectively; verifying the to-be-verified identification information against the identification information of the playing device; and after the to-be-verified identification information is verified: obtaining an advertisement resource corresponding to the identification information of the playing device; and verifying the to-be-verified screenshot information against the obtained advertisement resource.

A system and method for generating a random number from an IP network is provided. A first datagram is transmitted from a first system to a second system and back to the first system. A second datagram is transmitted from the first system to the second system and back to the first system. The time elapsed between transmission of the first datagram to the second system and receipt of the first datagram back at the first system is measured as a first elapsed time. The time elapsed between transmission of the second datagram to the second system and receipt of the second datagram back at the first system is measured as a second elapsed time. The difference between the first elapsed time and the second elapsed time provides a random value.

Described herein are various technologies pertaining to facilitating digital rights management of patient healthcare records. A computing system executing an electronic health records application (EHR) receives an attribute of a healthcare worker and a patient identifier from a client computing device. The computing system retrieves a computer-readable file for the patient, the computer-readable file comprising a plurality of file records and a file access portion. A file record in the plurality of file records comprises a data portion and an access portion. The computing system transmits data in the data portion to the client computing device only when both the file access portion of the computer-readable file and the access portion of the file record include the attribute of the healthcare worker.