Some implementations may include obtaining a security control configuration for a pair of endpoints for a security control type. A virtual security control instance of the security control type may be assigned to the pair of endpoints. The virtual security control instance may be configured according to the security control configuration. A software defined network may be configured to forward packets from one of the endpoints to the other one of the endpoints through the virtual security control instance.

Some implementations may include obtaining a security control configuration for a pair of endpoints for a security control type. A virtual security control instance of the security control type may be assigned to the pair of endpoints. The virtual security control instance may be configured according to the security control configuration. A software defined network may be configured to forward packets from one of the endpoints to the other one of the endpoints through the virtual security control instance.

A digital signature terminal device and a secure communication method are provided. The digital signature terminal includes a first module and a second module. The first module includes a communication component configured to communicate with outside and includes a central unit. The central unit includes a memory configured to store data received by the communication component. The central unit is configured to receive an operation from a user, and is controlled, in response to the operation from the user, to be simultaneously connected to the second module and disconnected from the communication component or to be simultaneously disconnected from the second module and connected to the communication component. The second module includes a signature component configured to generate a digital signature for the data, and the second module is configured to send the digital signature to the memory.

A network-based line-rate method and apparatus for detecting and managing potential malware utilizing a black list of possible malware to scan content and detect potential malware content based upon characteristics that match the preliminary signature. The undetected content is then subjected to an inference-based processes and methods to determine whether the undetected content is safe for release. Typical to inference-based processes and method, the verdict is a numerical value within a predetermined range, out of which content is not safe. The network content released if the verdict is within safe range, otherwise, the apparatus provides various options of handling such presumably unsafe content; options including, soliciting user input whether to release, block, or subject the content to further offline behavioral analysis.

A network-based line-rate method and apparatus for detecting and managing potential malware utilizing a black list of possible malware to scan content and detect potential malware content based upon characteristics that match the preliminary signature. The undetected content is then subjected to an inference-based processes and methods to determine whether the undetected content is safe for release. Typical to inference-based processes and method, the verdict is a numerical value within a predetermined range, out of which content is not safe. The network content released if the verdict is within safe range, otherwise, the apparatus provides various options of handling such presumably unsafe content; options including, soliciting user input whether to release, block, or subject the content to further offline behavioral analysis.

A system and method for secure vehicle communication of a vehicle. The system comprises a communication system comprising at least one telematics module for executing one or more telematics applications, and a session module for session management of the telematics applications, wherein the session management comprises the assigning of at least one session identification, session ID, to each telematics application, wherein the session module assigns a new session ID to each telematics application after expiration of a predetermined time period.

Various embodiments disclosed herein are related to a non-transitory computer readable storage medium. In some embodiments, the medium includes instructions stored thereon that, when executed by a processor, cause the processor to detect, on a server, a first symptom observable on a first one or more clusters. In some embodiments, the first symptom is indicative of an issue. In some embodiments, the instructions cause the processor to trigger additional data collection by a plurality of edge processing units for the first one or more of clusters, detect, in a second one or more clusters within the first one or more clusters, a second symptom indicative of the issue, and generate a remediation action for a third one or more clusters having the first symptom and the second symptom. In some embodiments, the second one or more clusters include the third one or more clusters.

By a communication control method or a communication device for controlling a vehicle exterior communication performed between an in-vehicle electronic control unit and an outside of a vehicle, connection information necessary for the vehicle exterior communication between the in-vehicle electronic control unit and a specific connection destination is prepared, and the in-vehicle electronic control unit is permitted to perform the vehicle exterior communication limited to the specific connection destination using the connection information.

An example embodiment of the present techniques determines, in response to a byte-serving request to download a portion of a resource, that the resource has previously been determined to comprise malware. Further, the byte-serving request is modified to request downloading all the resource. Additionally, all the resource is requested for downloading using the modified byte-serving request.

An example embodiment of the present techniques determines, in response to a byte-serving request to download a portion of a resource, that the resource has previously been determined to comprise malware. Further, the byte-serving request is modified to request downloading all the resource. Additionally, all the resource is requested for downloading using the modified byte-serving request.