公开(公告)号：US20220374763A1

公开(公告)日：2022-11-24

申请号：US17323099

申请日：2021-05-18

申请人： International Business Machines Corporation

发明人： Zhongshu Gu ,  Jayaram Kallapalayam Radhakrishnan ,  Ashish Verma ,  Enriquillo Valdez ,  Pau-Chen Cheng ,  Hani Talal Jamjoom ,  Kevin Eykholt

IPC分类号： G06N20/00

摘要： Techniques for distributed federated learning leverage a multi-layered defense strategy to provide for reduced information leakage. In lieu of aggregating model updates centrally, an aggregation function is decentralized into multiple independent and functionally-equivalent execution entities, each running within its own trusted executed environment (TEE). The TEEs enable confidential and remote-attestable federated aggregation. Preferably, each aggregator entity runs within an encrypted virtual machine that support runtime in-memory encryption. Each party remotely authenticates the TEE before participating in the training. By using multiple decentralized aggregators, parties are enabled to partition their respective model updates at model-parameter granularity, and can map single weights to a specific aggregator entity. Parties also can dynamically shuffle fragmentary model updates at each training iteration to further obfuscate the information dispatched to each aggregator execution entity. This architectural prevents the aggregator from being a single point-of-failure, and serves to protect the model even if all aggregators are compromised.

公开(公告)号：US20190190712A1

公开(公告)日：2019-06-20

申请号：US16284254

申请日：2019-02-25

申请人： International Business Machines Corporation

发明人： Pau-Chen Cheng ,  Shu-Jen Han ,  Jianshi Tang

IPC分类号： H04L9/08 ,  H04L9/06 ,  G09C1/00 ,  G06F21/72 ,  G06F7/58

CPC分类号： H04L9/0869 ,  G06F7/588 ,  G06F21/72 ,  G09C1/00 ,  H04L9/0662 ,  H04L2209/12

摘要： A random value generator is provided that comprises a carbon nanotube structure that generates a random output current in response to a voltage input. The random value generator includes a random value output circuit coupled to the carbon nanotube structure that receives the random output current from the carbon nanotube structure and generates a random output value based on the received random output current from the carbon nanotube structure.

公开(公告)号：US20180034629A1

公开(公告)日：2018-02-01

申请号：US15219422

申请日：2016-07-26

申请人： International Business Machines Corporation

发明人： Pau-Chen Cheng ,  Shu-Jen Han ,  Jianshi Tang

IPC分类号： H04L9/08 ,  G06F21/72 ,  G06F7/58

CPC分类号： H04L9/0869 ,  G06F7/588 ,  G06F21/72 ,  G09C1/00 ,  H04L9/0662 ,  H04L2209/12

摘要： A random value generator is provided that comprises a carbon nanotube structure that generates a random output current in response to a voltage input. The random value generator includes a random value output circuit coupled to the carbon nanotube structure that receives the random output current from the carbon nanotube structure and generates a random output value based on the received random output current from the carbon nanotube structure.

公开(公告)号：US20160323321A1

公开(公告)日：2016-11-03

申请号：US15207298

申请日：2016-07-11

申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION

发明人： Pau-Chen Cheng ,  Stephen C. Gates ,  Lawrence Koved ,  Wilfried Teiken

IPC分类号： H04L29/06 ,  G06F21/62

CPC分类号： H04L63/20 ,  G06F21/6218 ,  H04L9/14 ,  H04L63/04 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/083 ,  H04L63/0861 ,  H04L2209/80 ,  H04W12/06

摘要： Systems and methods for protecting a data item include, upon initiation of transfer of the data item from a server to a client device, determining a sensitivity score and a current protection level of the data item. A policy is applied to determine an appropriate protection for the data item based upon the sensitivity score and the current protection level. A protected data item is provided to the client device by applying the appropriate protection to the data item.

公开(公告)号：US09432375B2

公开(公告)日：2016-08-30

申请号：US14281955

申请日：2014-05-20

申请人： International Business Machines Corporation

发明人： Pau-Chen Cheng ,  Lawrence Koved ,  Kapil K. Singh

IPC分类号： G06F21/00 ,  H04L29/06 ,  G06F21/45 ,  G06F21/62

CPC分类号： H04L63/10 ,  G06F21/45 ,  G06F21/62 ,  H04L63/102 ,  H04L63/105 ,  H04L63/20

摘要： Generating a resource access control decision is provided. A user trust value associated with a user identifier of a user requesting access to a protected resource is modulated based on an estimated risk value associated with a context of a resource access request. The resource access control decision is generated based on the modulated user trust value associated with the user requesting access to the protected resource.

摘要翻译： 提供了生成资源访问控制决策。 基于与资源访问请求的上下文相关联的估计风险值来调制与请求访问受保护资源的用户的用户标识符相关联的用户信任值。 基于与请求对受保护资源的访问的用户相关联的调制的用户信任值来生成资源访问控制决定。

公开(公告)号：US20220374762A1

公开(公告)日：2022-11-24

申请号：US17323006

申请日：2021-05-18

申请人： International Business Machines Corporation

发明人： Jayaram Kallapalayam Radhakrishnan ,  Ashish Verma ,  Zhongshu Gu ,  Enriquillo Valdez ,  Pau-Chen Cheng ,  Hani Talal Jamjoom

IPC分类号： G06N20/00 ,  G06N5/04

摘要： Techniques for distributed federated learning leverage a multi-layered defense strategy to provide for reduced information leakage. In lieu of aggregating model updates centrally, an aggregation function is decentralized into multiple independent and functionally-equivalent execution entities, each running within its own trusted executed environment (TEE). The TEEs enable confidential and remote-attestable federated aggregation. Preferably, each aggregator entity runs within an encrypted virtual machine that support runtime in-memory encryption. Each party remotely authenticates the TEE before participating in the training. By using multiple decentralized aggregators, parties are enabled to partition their respective model updates at model-parameter granularity, and can map single weights to a specific aggregator entity. Parties also can dynamically shuffle fragmentary model updates at each training iteration to further obfuscate the information dispatched to each aggregator execution entity. This architectural prevents the aggregator from being a single point-of-failure, and serves to protect the model even if all aggregators are compromised.

公开(公告)号：US11455569B2

公开(公告)日：2022-09-27

申请号：US16243129

申请日：2019-01-09

申请人： International Business Machines Corporation

发明人： Enriquillo Valdez ,  Pau-Chen Cheng ,  Ian Michael Molloy ,  Dimitrios Pendarakis

IPC分类号： G06N20/00 ,  G06N5/02

摘要： Handshake protocol layer features are extracted from training data associated with encrypted network traffic of a plurality of classified devices. Record protocol layer features are extracted from the training data. One or more models are trained based on the extracted handshake protocol layer features and the extracted record protocol layer features. The one or more models are applied to an observed encrypted network traffic stream associated with a device to determine a predicted device classification of the device.

公开(公告)号：US10091181B2

公开(公告)日：2018-10-02

申请号：US15618283

申请日：2017-06-09

申请人： International Business Machines Corporation

发明人： Pau-Chen Cheng ,  Lawrence Koved ,  Kapil K. Singh ,  Calvin B. Swart ,  Sharon M. Trewin

IPC分类号： H04L9/32 ,  G06F21/31 ,  H04L29/06 ,  G06F21/57 ,  H04W12/06 ,  H04W12/08 ,  H04W12/12

摘要： Dynamic risk communication associated with a computer device may include automatically detecting one or more security risk factors for the computer device based on current context information associated with the computer device. Whether an attempt is being made via the computer device to manipulate the one or more risk factors in an attempt to reduce a security level of a computer-implemented authentication procedure may be determined. Responsive to determining that the attempt is being made to manipulate the one or more risk factors, a new challenge for additional identification may be communicated for presentation on a user interface device of the computer device while suppressing one or more security risk factors from being presented on the user interface device. Responsive to determining that an attempt is not being made to manipulate the one or more risk factors, the new challenge and one or more security risk factors may be communicated.

公开(公告)号：US20150106888A1

公开(公告)日：2015-04-16

申请号：US14281955

申请日：2014-05-20

申请人： International Business Machines Corporation

发明人： Pau-Chen Cheng ,  Lawrence Koved ,  Kapil K. Singh

IPC分类号： H04L29/06 ,  G06F21/31

CPC分类号： H04L63/10 ,  G06F21/45 ,  G06F21/62 ,  H04L63/102 ,  H04L63/105 ,  H04L63/20

摘要： Generating a resource access control decision is provided. A user trust value associated with a user identifier of a user requesting access to a protected resource is modulated based on an estimated risk value associated with a context of a resource access request. The resource access control decision is generated based on the modulated user trust value associated with the user requesting access to the protected resource.

摘要翻译： 提供了生成资源访问控制决策。 基于与资源访问请求的上下文相关联的估计风险值来调制与请求访问受保护资源的用户的用户标识符相关联的用户信任值。 基于与请求对受保护资源的访问的用户相关联的调制的用户信任值来生成资源访问控制决定。

公开(公告)号：US10944556B2

公开(公告)日：2021-03-09

申请号：US16284254

申请日：2019-02-25

申请人： International Business Machines Corporation

发明人： Pau-Chen Cheng ,  Shu-Jen Han ,  Jianshi Tang

IPC分类号： G06F21/00 ,  H04L9/08 ,  G06F7/58 ,  G06F21/72 ,  G09C1/00 ,  H04L9/06

摘要： A random value generator is provided that comprises a carbon nanotube structure that generates a random output current in response to a voltage input. The random value generator includes a random value output circuit coupled to the carbon nanotube structure that receives the random output current from the carbon nanotube structure and generates a random output value based on the received random output current from the carbon nanotube structure.