Disclosed is a scalable, graph-based approach to detecting anomalous accesses to resources in a computer network. Access events are represented as edges between resource nodes and accessing nodes (e.g., corresponding to users) in a bipartite graph, from which vector representations of the nodes that reflect the connections can be computed by graph embedding. For an access event of interest, an anomaly score may be computed based on dissimilarities, in terms of their embedding distances, between the associated accessing node and other accessing nodes that have accessed the same resource, and/or between the associated resource node and other resource nodes that have been accessed by the same accessing node.

Embodiments may generally be directed components and techniques to detect a request to provide banking account information over a one or more voice connections, identify the requested banking account information, and generate speech data representing the banking account information requested. In embodiments further include communicating the speech data to another device.

Some embodiments may provide systems, methods and computer program code to method to facilitate an interaction involving a user which include determining that a user authentication is required to complete the interaction, identifying at least a first verified device associated with the user, and transmitting an authentication message to the at least first verified device.

Apparatus, systems, processes, and computer-readable mediums for facilitating the use of drones are described. For one embodiment, such a system includes a user element having a user application computer program configured to instruct a user interface device to facilitate use of user data and use of mission parameter(s) for a proposed drone mission. An owner element includes an owner application computer program configured to facilitate use of owner data and use of at least one drone parameter. A fleet system element is communicatively coupled to the user element and to the owner element and includes a computer system processor configured to facilitate use of a fleet record and use of at least one fleet parameter.

A data management and storage (DMS) cluster of peer DMS nodes manages data of a tenant of a multi-tenant compute infrastructure. The compute infrastructure includes an envoy connecting the DMS cluster to virtual machines of the tenant executing on the compute infrastructure. The envoy provides the DMS cluster with access to the virtual tenant network and the virtual machines of the tenant connected via the virtual tenant network for DMS services such as data fetch jobs to generate snapshots of the virtual machines. The envoy sends the snapshot from the virtual machine to a peer DMS node via the connection for storage within the DMS cluster. The envoy provides the DMS cluster with secure access to authorized tenants of the compute infrastructure while maintaining data isolation of tenants within the compute infrastructure.

Disclosed are systems, servers and methods for a multi-tenant framework that manages and controls operations of software as a service (SaaS) applications and services, and the data and metadata (e.g., files) created, updated and interacted with therefrom. The disclosed framework provides a centralized approach to managing the entitlement and provisioning of SaaS applications on client devices across a variety of channels on a network. The disclosed SaaS framework is configured for management, control, deployment and synchronization between devices, applications, systems and platforms both on-premises (on-prem or local devices/storage) and/or hosted on a network (e.g., a cloud platform, service or platform).

This disclosure relates to data security and cryptography. In one aspect, a method includes updating a user interface of a client device to present user interface controls that enable a user to specify data privacy settings that define how entities collect, store, and use data of the user. The data security system receives a request to modify a data privacy setting for one or more entities from the client device based on user interaction with one or more of the user interface controls. The request includes an ephemeral user identifier for the user and an attestation token. The data security system validates the request using at least the ephemeral user identifier and the attestation token. The data security system transmits data instructing the entity to modify usage of the user data based on the modified given data privacy setting to each of the one or more entities.

A VXLAN access authentication method includes: An authentication point device receives a VXLAN authentication packet, where the VXLAN authentication packet is a VXLAN packet. The VXLAN authentication packet includes a VXLAN header and an authentication request sent by a terminal, the VXLAN header includes a first VNI, and the authentication request includes an authentication credential. The authentication point device obtains permission of the terminal or a second VNI based on the authentication credential. The permission of the terminal corresponds to the second VNI. The authentication point device sends the permission of the terminal or the second VNI to a control point device, where the control point device is a device that encapsulates the authentication request into the VXLAN authentication packet. In this application, VXLAN access authentication is performed on an overlay network, so that configuration complexity can be reduced when a VXLAN access authentication mode is modified or created.

A method for data processing is performed by an operation data recording device. The method includes: in response to a data access request sent by a client for a target vehicle, generating symmetric keys for symmetrically encrypting operation data of the target vehicle, in which the symmetric keys are generated based on a user ID and a primary public key for a third party, and the user ID is carried in the data access request; obtaining target encrypted data by symmetrically encrypting the operation data using the symmetric keys; and sending the target encrypted data to the client.

Systems and methods for counter resynchronization can include one or more servers each including a memory and one or more processors. The one or more servers can be in data communication with a transmitting device. The one or more processors can be configured to determine one or more reset events. The one or more processors can be configured to generate a resync value. The one or more processors can be configured to transmit, via one or more scripts, the resync value to the transmitting device according to one or more prioritization factors and in response to the one or more reset events. The one or more processors can be configured to replace the counter value with the resync value in accordance with the one or more prioritization factors.