Systems, methods and products for determining the trustworthiness of anonymous sensors, including a sensor health check, a data ballpark check, a reputation comparison, and optional “last resort” procedures. The sensor health check examines sensor operating parameters to see if they fall within an envelope of expected values. If not, the sensor is unhealthy and is not trusted. The data ballpark check determines whether the sensor's traffic data falls within a predefined envelope of values. If the sensor is healthy and the traffic is within expected ranges, the sensor is trusted. If the traffic data is outside expected ranges, the reputation comparison, determines whether IP addresses, domains or other IOCs in the traffic data are found in the reputation list which may corroborate the traffic as trustworthy because it represents malicious or not-in-the-wild traffic. “Last resort” procedures may include applying safelists/blocklists, signature controls etc. to verify sensor/data trustworthiness.

Embodiments of the invention are directed to the utilization of trust tokens to perform secure message transactions between two devices. A trust token transmitted in a message from one device may include first data that is digitally signed by a trust provider computer, and second data that is digitally signed by the device itself. Upon receipt of a message containing a trust token, the recipient may utilize the first data to verify with the trust provider computer that the sender of the message is a trusted party. The trust provider computer may provide the recipient device the public key of the sender. The recipient may utilize the second data and the provided public key to verify that the sender signed the message and that the message is unaltered. These techniques may increase detection of relay, replay, or other man-in-the-middle attacks, decreasing the likelihood that such attacks will be successful.

A vehicle-to-X communication device for a vehicle, containing: a sending device for sending out vehicle-to-X messages, a receiving device for receiving vehicle-to-X messages, and a processing apparatus for processing vehicle-to-X messages to be sent and received. The communication device is configured to send out information for identifying a manufacturer of the vehicle and is furthermore configured to determine, by the processing apparatus, a level of trust of a vehicle-to-X message of a further vehicle received by the receiving device, utilizing information for identifying a manufacturer of the further vehicle which is contained by the vehicle-to-X message of the further vehicle. Furthermore, a corresponding method is disclosed.

A method for HyperText Transfer Protocol (HTTP) based fingerprint and classification. The method includes training a HTTP-based machine-learning model, using machine-learning training techniques and a historical dataset of labelled Access Point HTTP service response features collected. The method is useful to detect benign or malicious classes, to assess the potential trustworthiness, to detect any type of bad behavior of an HTTP server, and any other threats that modify or implement an AP HTTP server or webpage. The method takes advantage of the captive portal detection packet exchange between a station and an Access Point (AP) to passively classify the AP.

An overlay to existing infrastructure that establishes trusted paths in a communication network to fulfill a fundamental need to identify and protect a trusted plane of devices and/or applications on a need specific basis is described. Establishing trusted paths operationally fulfills a fundamental need to identify and protect a trusted plane of devices and/or applications on a need specific basis as an overlay to the existing relatively unsecured network.

Systems, methods, and computer-readable media are provided for managing mutual and transitive trust relationships between resources, such as Fog/Edge nodes, autonomous devices (e.g., IoT devices), and/or analog/biological resources to provide collaborative, trusted communication over a network for service delivery. Disclosed embodiments include a subject resource configured to assign an observed resource to a trust zone based on situational and contextual information. The situational information may indicate a vector of the observed resource with respect to the subject resource. The contextual information may be based in part on whether a relationship exists between the subject resource and the observed resource. The subject resource is configured to determine a trust level of the observed resource based on the determined trust zone. Other embodiments are disclosed and/or claimed.

A computer readable medium having executable code that causes one or more processors to: receive at least one of a first image of the user or a first representation of a face of the user; if a first image of the user was received, then generate a generated representation of the face of the user using the first image; capture a second image of the user and generate a second representation of the face of the user using the second image; receive an authentication factor; determine validity of the authentication factor; reduce a confidence threshold based on the authentication factor; determine a likelihood of a match between the second representation and at least one of the first representation and the generated representation; and permit access by the user to a secure asset in instances where the likelihood of a match meets the confidence threshold.

A method includes executing instructions associated with a public engagement computing platform on a server, publishing an agenda of a live event on the public engagement computing platform, and determining a set of trusted locations corresponding to a set of users of a number of client devices accessing the agenda. The method also includes analyzing communication pertinent to the agenda from at least a subset of the set of users, scoring at least the subset of the set of users based on the analyzed communication in accordance with the determined set of trusted locations and a relevance of the analyzed communication with respect to the agenda, and, in accordance with the scoring, determining a placement of the analyzed communication in an order of publicly viewable analyzed communication that is part of all analyzed communication pertinent to the agenda.

A multi-modal portal system provides an authorization prior to establishing a visual interface connection between a support user or caller and a client user or receiving party. Once the caller is authorized, the caller is permitted to drop-in such that a visual interface connection is established with the receiving party. The authorization can be based on a profile configuration that indicates whether the caller has the credentials required for the visual interface. The authorization can require that a notification be sent to a trusted user or primary contact or the caller can be associated with a profile configuration that allows for a pre-authorization without requiring the notification. Also, a trusted user can be provided access to control an optical instrument associated with a client user where the client user is associated profile configuration or both.

A multi-modal portal system provides an authorization prior to establishing a visual interface connection between a support user or caller and a client user or receiving party. Once the caller is authorized, the caller is permitted to drop-in such that a visual interface connection is established with the receiving party. The authorization can be based on a profile configuration that indicates whether the caller has the credentials required for the visual interface. The authorization can require that a notification be sent to a trusted user or primary contact or the caller can be associated with a profile configuration that allows for a pre-authorization without requiring the notification. Also, security is enhanced by validating network devices and providing resiliency in data paths between network devices and data aggregators.