A system and method are disclosed for secure multi-party computations. The system performs operations including establishing an API for coordinating joint operations between a first access point and a second access point related to performing a secure prediction task in which the first access point and the second access point will perform private computation of first data and second data without the parties having access to each other's data. The operations include storing a list of assets representing metadata about the first data and the second data, receiving a selection of the second data for use with the first data, managing an authentication and authorization of communications between the first access point and the second access point and performing the secure prediction task using the second data operating on the first data.

Generating a verifiable pairwise claim. Receiving a request for issuing a verifiable claim that is associated with a subject entity and is verifiable by one or more verifying entities. The request includes at least an encrypted portion using a particular type of encryptography. Verifying that the subject entity is associated with a subject of the verifiable claim based on decrypting the encrypted portion using the particular type of cryptography. In response to verifying that the subject entity is associated with the subject of the verifiable claim, issuing the verifiable claim that is structured to be verifiable only by the one or more verifying entities.

A Bluetooth device (702) is disclosed, the Bluetooth device being provisioned with a security credential (710) that is shared with an authentication server (706). The Bluetooth device comprises processing circuitry configured to use a Bluetooth pairing mechanism to establish a pairing with a Bluetooth gateway (704a-c) by establishing a shared secret key with the Bluetooth gateway and to perform an Extensible Authentication Protocol (EAP) authentication method towards the authentication server using the security credential, wherein performing the EAP authentication method comprises using the paired Bluetooth gateway to forward messages to and from the authentication server. The processing circuitry is further configured to bind the pairing established with the paired Bluetooth gateway to the performed EAP authentication method. Also disclosed are a Bluetooth gateway and methods performed by a Bluetooth device and a Bluetooth gateway.

This disclosure relates to data security and cryptography. In one aspect, a method includes updating a user interface of a client device to present user interface controls that enable a user to specify data privacy settings that define how entities collect, store, and use data of the user. The data security system receives a request to modify a data privacy setting for one or more entities from the client device based on user interaction with one or more of the user interface controls. The request includes an ephemeral user identifier for the user and an attestation token. The data security system validates the request using at least the ephemeral user identifier and the attestation token. The data security system transmits data instructing the entity to modify usage of the user data based on the modified given data privacy setting to each of the one or more entities.

A VXLAN access authentication method includes: An authentication point device receives a VXLAN authentication packet, where the VXLAN authentication packet is a VXLAN packet. The VXLAN authentication packet includes a VXLAN header and an authentication request sent by a terminal, the VXLAN header includes a first VNI, and the authentication request includes an authentication credential. The authentication point device obtains permission of the terminal or a second VNI based on the authentication credential. The permission of the terminal corresponds to the second VNI. The authentication point device sends the permission of the terminal or the second VNI to a control point device, where the control point device is a device that encapsulates the authentication request into the VXLAN authentication packet. In this application, VXLAN access authentication is performed on an overlay network, so that configuration complexity can be reduced when a VXLAN access authentication mode is modified or created.

A user authentication method performed by an authentication management server constituting a block chain network with a target device may comprise receiving, from the target device, a transaction including authentication information of a user and a unique value of the target device; determining a token of the user stored in a smart contract based on the authentication information; and authenticating the user based on validity information of the token, ownership information of the token, and the transaction.

A method is disclosed. The method includes receiving a broadcast signal from a beacon device, the broadcast signal encoding a first credential associated with a first entity. In response to receipt of the broadcast signal, the mobile communication device transmits the received first credential to an authentication system. The authentication system determines if the first entity associated with the broadcast signal is authentic and generates a confirmation message confirming the authenticity of the first entity. The mobile communication device then receives the confirmation message indicating that the first entity is authentic. The mobile communication thereafter receives and transmits a second credential for the mobile communication device to the beacon device, which transmits the second credential to the authentication system. The authentication system then confirms the authenticity of the mobile communication device. Then, the beacon device can initiate an interaction process with the user of the mobile communication device.

A lighting device includes a light source configured to emit a light and a sensor configured to receive identification information from an asset tag of a physical asset. The lighting device further includes a processor configured to send the identification information received from the asset tag and location information of the lighting device to a control device. The processor is further configured to receive a usage control message from the control device and transmit the usage control message, where the usage control message controls whether the physical asset is used at a location indicated by the location information.

A method, apparatus and product for chat-based application interface for automation. Using a natural language interface, receiving user input. Based on the user input, determining an automation process of a computer program having a user interface (UI), to be executed. The automation process is executed by utilizing the UI to input data thereto or execute functionality thereof. Additionally or alternatively, a conversation to be implemented by a natural language interface may be defined. The conversation is configured to obtain from the user one or more values corresponding to one or more parameters. The conversation is associated with a parameterized automation process depending on the one or more parameters. The parameterized automation process is invoked automatically by a natural language interface and using one or more values provided by the user to the natural language interface for the one or more parameters.

Techniques are disclosed relating to detecting and prevent phishing attacks (such as man-in-the-middle attacks) related to multi-factor authentication (MFA) or two-factor authentication (2FA) processes. A system is described that makes a determination of whether to permit or deny a subsequent authentication step (e.g., a 2FA authentication step) based on a level of trust determined between the computing device making the initial authentication request to a service computer system and the computing device being asked to implement the subsequent authentication step (such as a mobile device). The computing device associated with the subsequent authentication step assesses the trust between the devices and makes the determination of whether to permit or deny the subsequent authentication step. The present techniques enhance computer system security against phishing attacks while maintaining a satisfying user experience for legitimate users.