これは、情報セキュリティ (InfoSec) に関する世界中の英語の出版物と特許の最新のセレクションです。多数の科学オンラインジャーナルの中から、情報セキュリティ、infosec、ランサムウェア、認証、フィッシング、マルウェア、ファイアウォール、暗号化、侵入検知、侵入防止、ゼロデイ攻撃、多要素認証、公開鍵、秘密鍵、アクセス制御、サービス拒否、ソーシャルエンジニアリング、セキュリティ意識、暗号化、CIA トライアド、アンチウイルス、暗号に分類され、焦点を絞っています。
Methods and apparatuses for managing personnel records and credentials for access control
Patent published on the 2026-06-11 in US under Ref US20260161810 by TYCO FIRE & SECURITY GMBH [CH] (Ruter Luke [us], Ouellette Jason M [us], Holton Glenn Kilburn [us])
Abstract: Aspects of the present disclosure include methods, apparatus, and systems for receiving, at a user management system, a first credential associated with at least one of an end user or a mobile device of the end user, obtaining, at the user management system, a personnel profile of the end user, mapping, based on the personnel profile, the first credential to a list of credentials authorized to access an asset associated with a physical access control security system, and transmitting, from the u[...]
Our summary: This disclosure presents methods and systems for managing personnel records and access credentials. It involves receiving credentials linked to end users or their devices. The system maps these credentials to authorized access lists for physical security assets.
access control, personnel records, user management, credential mapping
Patent
Single tap payment transactions
Patent published on the 2026-06-11 in US under Ref US20260162113 by AMERICAN EXPRESS TRAVEL RELATED SERVICES CO INC [US] (Simharaghu Mukund Shankar [us], Eby Alaric M [us], Maddukuri Ajay Babu [us])
Abstract: Disclosed are various embodiments for a single tap payment transaction. First, a user of a computing device can be authenticated. Then, in response to authentication of the user, the user can be prompted to select a payment credential. Next, the payment credential and a digital identity document associated with the user can be provided to a payment terminal in data communication with the computing device through an NFC radio. Subsequently, a receipt for a transaction can be received from the pay[...]
Our summary: The process involves authenticating a user on a device. The user selects a payment credential and transmits it via NFC to a payment terminal. A receipt confirming the transaction and identity verification is then received.
NFC, payment transactions, digital identity, authentication
Patent
Advanced multi-factor authentication methods for head-mounted displays utilizing biometric data, visual verification, optical character recognition, a
Patent published on the 2026-06-11 in US under Ref US20260161833 by ADEIA GUIDES INC [US] (Harb Reda [us], Chen Tao [us], Xu Ning [us], Lal Dhananjay [us])
Abstract: Methods and systems are provided for multi-factor authentication (MFA) using a head-mounted display (HMD) and a mobile device. A method includes biometric data collection and comparison for secure access. A simplified MFA method provides a region of interest (ROI) (e.g., a bounding box) for user interaction and verification. An MFA method provides an ROI and verification component, enhancing security through visual verification. Another MFA method includes optical character recognition (OCR) to [...]
Our summary: Advanced multi-factor authentication methods utilize biometric data and visual verification for secure access. The system incorporates optical character recognition for code verification displayed on mobile devices. It enhances user interaction and security through a region of interest and trusted connections between devices.
multi-factor authentication, biometric data, optical character recognition, head-mounted display
Patent
Method, device and system for secure retrieval of ue private information using akma in wireless network
Patent published on the 2026-06-11 in WO under Ref WO2026118303 by ZTE CORP [CN] (Wen Wu [cn], Liu Peilin [cn], Xing Zhen [cn], You Shilin [cn], Liu Yuze [cn])
Abstract: This disclosure generally relates to network security in wireless communication. Performed by first network element, the method includes: transmitting, to a second network element, a first message to request sensitive information a user equipment (UE), the first message carrying an AKMA (Authentication and Key Management for Applications) key identifier (A-KID) for identifying an AKMA key of the UE.[...]
Our summary: The method involves a first network element requesting sensitive UE information from a second network element. It transmits a message containing an AKMA key identifier to identify the UE s AKMA key. This process enhances security in wireless communications.
network security, wireless communication, AKMA, user equipment
Patent
System and method for role based access control for a storage system
Patent published on the 2026-06-11 in US under Ref US20260161377 by DELL PRODUCTS L P [US] (Liang Qiancheng [cn], Liu Emily [cn], Geng Plocen [cn], Jiang Eric [cn], V Hitesh [in], Lv Tracy [cn], Chandrasekaran Hari Prasad [in])
Abstract: [0000] A method, computer program product, and computing system for installing a middleware plug-in on a server connected to a storage area network (SAN) environment including a plurality of pre-existing storage controllers and a corresponding plurality of distinct storage resources. The method, computer program product, and computing system may further include defining a plurality of storage resource pools (SRPs) through the middleware plug-in, populating each SRP with one or more storage resou[...]
Our summary: This system enables role-based access control for storage resources in a SAN environment. It involves defining storage resource pools and user-roles through a middleware plug-in. End-users are assigned to roles to manage access to storage resources effectively.
role-based access control, storage area network, middleware plug-in, storage resource pools
Patent
Methods and systems for universal identity verification for fido passkey registration
Patent published on the 2026-06-11 in US under Ref US20260162110 by CAPITAL ONE SERVICES LLC [US] (Rahman Narmeen [us], Osborn Kevin [us], Jones John [us])
Abstract: [0000] Described herein are methods and systems for universal identity verification for FIDO key registration. Some embodiments include receiving, at a server associated with a website, a request from a user account to register, with the website, a FIDO key associated with the user account. In response to receiving the request, causing, by the server, a program on a device associated with the user account to be initiated, the program to permit the device to receive encrypted data from a contactl[...]
Our summary: The document describes methods for universal identity verification during FIDO key registration. It details a process where a server initiates a program on a user s device to receive encrypted data from a contactless card. Upon successful identity validation, the FIDO key is registered with the website.
identity verification, FIDO key, authentication server, contactless card
Patent
Temporality as a Harmonizing and Extending Factor
Published on 2026-06-10 by @OXFORD
Abstract: AbstractSocial engineering (SE) attacks are among the most prevalent and persistent threats to organizations, carrying severe financial and legal consequences. Despite their severity and frequency, academic discourse addressing countermeasures that organizations can apply to minimize their occurrence remains fragmented, often relying on disparate conceptualizations that limit their practical uptake. In addition, widely recognized cybersecurity frameworks, such as NIST or ISO/IEC ones, broadly ad[...]
Our summary: The study harmonizes social engineering countermeasures using temporality as an analytical lens. It categorizes these measures into six themes and organizes them within a temporal framework. This approach enhances understanding of SE attacks and promotes a dynamic defense-in-depth strategy.
cybersecurity, social engineering, countermeasures, temporality
Publication
End-to-end encryption, chat control, and the future of the right to encryption in digital services
Published on 2026-05-13 by @OXFORD
Abstract: AbstractOne of the pressing issues in the regulation of digital communications services is how to ensure effective cryptographic protection of user communications. This issue is analysed in relation to the so-called “right to encryption” and the risks associated with using encrypted messengers to disseminate illegal content, including CSAM and extremist content. The response to this threat is various countries’ adoption of a new category of regulations, which deliberately weaken certain tr[...]
Our summary: The article discusses the challenges of regulating end-to-end encryption (E2EE) in digital communications. It examines the balance between user privacy and the need to combat illegal content dissemination. Proposed regulatory strategies aim to weaken E2EE while ensuring effective protection of user communications across the EU digital market.
encryption, regulation, digital communications, E2EE
Publication
