A system and method for real-time threat detection for encrypted communications are provided. A method includes monitoring a data stream in a network, such as an M2M network, including encrypted message data and non-encrypted metadata associated with the encrypted message data being transmitted between endpoints on the network. The method includes extracting data stream metadata from the data stream including data points extracted from the non-encrypted metadata. The method includes enriching the data stream metadata with contextual data relating to one or more of threat, vulnerability and reputation data points and being obtained from one or more signal sources to output enriched data. The enriched data is analysed and a risk probability score associated therewith is calculated. An action is initiated in accordance with the risk probability score so as to mitigate a threat present on the network.

An embodiment of an automatic key delivery system is described, An automatic key delivery system comprises the following operations. Herein, a first token is generated and provided to a first network device. Thereafter, a first key value pair, including the first token and a first key segment of a cryptographic key, is received by a first relay server and a second key value pair, including the first token and a second key segment of the cryptographic key, is received from a second relay server. In response, a second token to be provided to the first relay server and the second relay server. Thereafter, the first and second key segment are returned from the first and second relay servers based on usage of the second token as a lookup in order to recover the cryptographic key for decryption of an encrypted content from the first network device.

A method for encrypting data when a device is offline is disclosed. In the method, a determination is made as to whether a successful connection with a remote server computer can or cannot be made. If a connection cannot be made, then data can be encrypted with an ephemeral public key. Later, then a connection is available, the encrypted data can be transmitted to the remote server computer for processing.

A system and method for providing security for the transmission and displaying of media having a media repository having media, a media receiving unit for receiving media from the media repository and a display device for displaying the media, one or more sensors that operate to obtain scanned information which is transmitted to one or more identification data centers that compares the scanned information with reference information and a determination is made if an individual wishing to view the displayed media is an authorized individual and if not, the media is not displayed on the display device.

An apparatus comprising a processor configured to cause the apparatus to perform operations including: detecting a protected wireless network; observing a set of encrypted wireless data packets being transmitted by one or more devices participating in the protected wireless network, wherein configuration information for participating in the protected wireless network has been encoded according to a predefined protocol in sizes or times of transmission of the set of encrypted wireless data packets; determining the configuration information based on sizes or times of receipt of a portion of each of the set of encrypted wireless data packets; and participating in the protected wireless network using the determined configuration information.

The present embodiments relate to providing near real-time communications from a public network to a private network. A first computing device in a public network can obtain data packets to be provided to the private network from an application executing on the first computing device. A trust module executed by the first computing device can authenticate the user, application, and the data packets to be provided to the private network and add metadata relating to the sending user, recipient user, etc. The data packets can be forwarded to the private network via a cross-domain system (CDS). The metadata and the digital signature on the data packets can be verified by a trust module executing on a second computing device in the private network. The second computing device can receive the data packets and store the data packets for subsequent actions to be performed in the private network.

A system for resource sharing across multi-cloud storage arrays includes a plurality of storage arrays and a cloud array storage (CAS) application. The plurality of storage resources are distributed in one or more cloud storage arrays, and each storage resource comprises a unique object identifier that identifies location and structure of the corresponding storage resource at a given point-in-time. The cloud array storage (CAS) application manages the resource sharing process by first taking an instantaneous copy of initial data stored in a first location of a first storage resource at a given point-in-time and then distributing copies of the instantaneous copy to other storage resources in the one or more cloud storage arrays. The instantaneous copy comprises a first unique object identifier pointing to the first storage location of the initial data in the first storage resource and when the instantaneous copy is distributed to a second storage resource, the first unique object identifier is copied into a second storage location within the second storage resource and the second storage location of the second storage resource is assigned a second unique object identifier.

Techniques are disclosed for securing traffic flowing across multi-tenant virtualized infrastructures using group key-based encryption. In one embodiment, an encryption module of a virtual machine (VM) host intercepts layer 2 (L2) frames sent via a virtual NIC (vNIC). The encryption module determines whether the vNIC is connected to a “secure wire,” and invokes an API exposed by a key management module to encrypt the frames using a group key associated with the secure wire, if any. Encryption may be performed for all frames from the vNIC, or according to a policy. In one embodiment, the encryption module may be located at a layer farthest from the vNIC, and encryption may be transparent to both the VM and a virtual switch. Unauthorized network entities which lack the group key cannot decipher the data of encrypted frames, even if they gain access to such frames.

Systems, apparatuses, and methods are disclosed for quantum entanglement authentication (QEA). An example method includes transmitting, a first electronic identification of a first subset of a first set of entangled quantum particles to a first computing device, transmitting, by the classical communications circuitry, a second number to a second computing device, wherein each entangled quantum particle in the first set of entangled quantum particles is entangled with a respective entangled quantum particle in a second set of entangled quantum particles, receiving, from the first computing device, a first number, the first number representative a measurement of the first subset of the first set of the entangled quantum particles, and in an instance in which the second number corresponds to the first number, authenticating a session between the first computing device and the second computing device.

Methods and systems for selecting and delivering content are provided. More particularly, content can be delivered to an output device from a user device through a device adaptor, such as an over-the-top (OTT) device. The OTT device or devices available to the user device are determined by a communication server. In particular, the OTT device or devices available to the user device are limited to those OTT devices associated with an output device in the user's room, or that the user is otherwise authorized to access.