The present application relates to the handling of what are generally referred to as denial of service (DoS) attacks. More specifically, the present application relates to a method and system for protecting one or more on-line Web service application servers from DoS and/or distributed DoS (DDoS) attacks.

A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is big data driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.

Techniques are described for enrolling an authentication device for generating time-based one-time passwords (TOTPs) for use with multi-factor authentication (MFA). A user is prompted to initiate an enrollment procedure after successful authentication based on a first authentication factor in connection with a request for a resource protected by an access management (AM) system. The authentication device contacts the AM system to establish that the authentication device is a trusted device (e.g., through validation of an authentication token contained in a Quick Response (QR) code generated by the AM system). After the authentication device has been established as a trusted device, the AM system sends a shared secret to the authentication device, which uses the shared secret to complete enrollment (e.g., by generating a TOTP for verification by the AM system). A session is then created for the user to enable access to the protected resource.

The invention discloses trusted computing nodes (TCNs) configured to control their location and migration of applications run on virtual machines resident thereon. The invention allows a controlled use of cloud computing resources and virtual network functions by sensitive applications. This is achieved by embedding a secure processing unit (SPU) and a localization unit (LU) in the TCNs. The LU acquires GNSS signals and the TCN generates a secure location message comprising a secure ID and a locstamp of the TCN. A TCN Registry may be created by an operator of a collection of TCNs as a database of trust scores of the trusted computing nodes which will be used to control the allocation of tasks to said TCNs based, at least in part; on the trust scores. The trust scores may also be used directly by the other TCNs to allocate the tasks which they have control on.

A liquid additive mixing apparatus is provided that has a plurality of chambers containing additives, as well as a system for mixing the additives. One or more additives are mixed with water to form a mixing fluid. The mixing fluid is placed in a first tank that is fluidly connected to a cement mixing unit. A cementing operation is executed during which the mixing fluid from the first tank is mixed with a cement to form a slurry. A capillary electrophoresis (CE) instrument is employed to monitor at least one additive parameter and detect deviations from a predetermined tolerance for the at least one additive parameter.

A method including detecting a modular surgical device within bounds of a surgical operating room, connecting the modular surgical device to a surgical hub, connecting the surgical hub to a cloud-based system, transmitting surgical data associated with a surgical procedure being performed in the surgical operating room from the modular surgical device to the surgical hub, and transmitting the surgical data from the surgical hub to the cloud-based system.

Systems and methods for token processing are disclosed. An access device can provide access device data to a mobile communication device. The communication device generates a token request including the access device data and communication device data and sends the token request to a server computer. The server computer returns a token and a token cryptogram to the mobile communication device. The token and the cryptogram may be used in a transaction.

Systems and methods are provided for persistent login. Such persistent login may be based on linking user identity across accounts of different entities to allow each entity to maintain control over their respective sets of user data, while providing a streamlined user experience that avoids much of the repetitive need to login to different services with different login credentials (e.g., during periods of heavy use). Such persistent login may utilize a set of tokens issued and exchanged between devices of the partnering entities. Such tokens may include an access token, refresh token, and identity token. When a user associated with a first entity requests access to information secured by a second entity, such request may be associated with the access token. If the access token is determined to be expired, the refresh token may be used to refresh the access token, which may also trigger issuance of a new refresh token. The refreshed access token may be used in conjunction with the identity token to access the requested information secured by the second entity.

A system for committing event data includes an interface and a hardware processor. The interface is configured to receive modified input data for desired events. The hardware processor is configured to retrieve the desired events from a desired aggregate; select requested event to modify from the desired aggregate; replace input data of the requested event with the modified input data to create a modified aggregate; replay events of the modified aggregate N to generate a new state of aggregate N; and provide the new state of aggregate N.

Disclosed are systems and methods for performing distributed, keyless authorized electronic transactions. The disclosed systems and methods provide an electronic transaction framework where hardware and/or software devices can be used to authenticate users and/or authorize transactions involving such users. The disclosed framework operates as a distributed system in that it can be built without an entity that all parties must trust. The framework relies entirely on one-way functions and avoids using both symmetric and asymmetric cryptography; therefore, the framework does not have secret keys that can be compromised. The framework provides a distributed, electronic authorization system that does not require a reference clock to which components are synchronized, thereby enabling dynamic, agile authorization with improved security for user and transactional data.