25th week of 2014 patent applcation highlights part 85 |
Patent application number | Title | Published |
20140173664 | INFORMATION TERMINAL SYSTEM - When a user selects a topic tag included in a posted article on a display of a timeline obtained from an SNS server, an SNS client looks up an information channel related word table registering correspondence between a TV channel and a term related to the TV channel, searches a TV channel registering correspondence with a term and the topic tag, and causes the TV control to receive the searched TV channel and display and output the received program. | 2014-06-19 |
20140173665 | RECEIVING APPARATUS, RECEPTION METHOD, TRANSMITTING APPARATUS, TRANSMISSION METHOD, AND PROGRAM - The present invention relates to a receiving apparatus, a reception method, a transmitting apparatus, a transmission method, and a program that enable data broadcasting content and an application program executed in linkage with the broadcasting content to be started according to priorities. | 2014-06-19 |
20140173666 | INTERNET VIDEO AGGREGATION SYSTEM WITH REMOTE CONTROL - Methods and systems for presentation of content through an interface to provide personalized video feeds to a user. A selective feed is generated by combining a first service feed and a second service feed. A control feed is sent to a second end-user device based on the selective feed and receiving input from a first end-user device. In some embodiments, playback on the second end-user device is controlled by input received from the first end-user device. | 2014-06-19 |
20140173667 | MOBILE PHONE, DISPLAY METHOD AND COMPUTER PROGRAM - A mobile phone capable of displaying video and other information in a user-friendly manner without interrupting video display in the case where other information is displayed during the display of received video. The mobile phone, on receipt of an external event via a wireless unit during display by a display unit of video constituting a TV program received by a tuner, partitions a screen based on a partition ratio stored in a partition information storage unit, and displays both video constituting the TV program and information composed of information showing the occurrence of an external event, information related to an originator, and the like. | 2014-06-19 |
20140173668 | FAST BLIND SCAN METHOD INSENSITIVE TO ADJACENT CHANNEL INTERFERENCE - A fast blind scan method first initializes pointers to fetch a block of spectrum and then checks whether the block contains a high spectrum signal and whether the difference between a carrier frequency of the high spectrum signal and a start pointer is greater than a first threshold. When the high spectrum signal is absent or the difference is not greater than the first threshold, it checks whether there is a full band channel in the block. When the full band channel exists, a signal detection and parameter extraction operation is performed and the start pointer is set to be a frequency of a second cross point. Then, it checks whether the difference between the start pointer and an end pointer is greater than a second threshold and, if not, a carrier frequency pointer is set to enable a tuner to fetch a next block. | 2014-06-19 |
20140173669 | Method to provide a virtual cockpit experience to the flying passenger - A processing unit for providing aircraft information to passengers of an aircraft, a system comprising the processing unit, an aircraft comprising the system, a method for providing aircraft information to passengers of an aircraft, as well as a computer program for performing the method. The processing unit comprises: a receiving component for receiving cockpit video data representing one or more cockpit video images of at least a section of the cockpit of the aircraft; and a processing component for processing the received cockpit video data such that the processed cockpit video data is retrievable on demand to provide the one or more cockpit video images to the passengers of the aircraft. | 2014-06-19 |
20140173670 | ACCESSING REMOTE VIDEO DEVICES - A control server receives a local input to control a remote video device and sends an indication of the local input to the remote video device to control, access, or operate the remote video device. Video data indicative of images provided by the remote video device in response to the local input are relayed to the control server by the remote video device or associated components. A plurality of remote video devices can be simultaneously controlled, accessed, or operated. Control code sets for remote video devices are mapped to a local interface control set. Local input is translated to a remote video device command based on such mappings. | 2014-06-19 |
20140173671 | DIGITAL BROADCASTING SYSTEM AND METHOD OF PROCESSING DATA IN DIGITAL BROADCASTING SYSTEM - The present invention provides a method of processing data. The method of processing data includes receiving a broadcasting signal where mobile service data are multiplexed with main service data, extracting transmission-parameter-channel signaling information and fast-information-channel signaling information from a data group within the received mobile service data; obtaining first program table information describing virtual channel information of an ensemble and a service provided by the ensemble using the fast-information-channel signaling information, the ensemble the ensemble corresponding to a virtual channel group of the received mobile service data, obtaining information indicating that second program table information, which describes an additional service provided by the ensemble, is included in the ensemblem and parsing the second program table information according to the obtained information; and providing the additional service by using the second program table information. | 2014-06-19 |
20140173672 | Cross Layer Coordinated Channel Bonding - Different data communication architectures receive a wide variety of content, including audio and video content, for consumers. The architectures employ channel bonding to deliver more bandwidth than any single communication channel can carry. In some implementations, the communication architectures receive distributed video programming in the form of MPEG2 TS packets, flagged by marker packets. Channel bonding synchronization information may be present in packets defined above the data-link layer or received in fields within data-link layer frames. | 2014-06-19 |
20140173673 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, PROGRAM, AND APPLICATION INFORMATION TABLE TRANSMITTING APPARATUS - [Object] To appropriately control simultaneous presentation of broadcast content and an application. | 2014-06-19 |
20140173674 | SERVER GPU ASSISTANCE FOR MOBILE GPU APPLICATIONS - Various technologies described herein pertain to performing collaborative rendering. A GPU of a mobile device can generate a mobile-rendered video stream based on a first instance of an application executed on the mobile device. A GPU of a server can generate one or more server-rendered video streams based on instance(s) of the application executed on the server. Based on the one or more server-rendered video streams, the server can generate a compressed server-manipulated video stream. The mobile device can further combine the mobile-rendered video stream and the compressed server-manipulated video stream to form a collaborative video stream, and a display screen of the mobile device can be caused to display the collaborative video stream. The mobile-rendered video stream can have a first level of a quality attribute and the collaborative video stream can have a second level of the quality attribute greater than the first level of the quality attribute. | 2014-06-19 |
20140173675 | Distributed Infrastructure - Novel tools and techniques for implementing distributed infrastructure are provided. In some techniques, a plurality of user devices, each at a customer premises, can provide video calling services over a network. In some embodiments, each of one or more user devices might be established as a distributed infrastructure element for cloud computing, cloud-based application hosting, and/or cloud-based data storage. One or more software applications, customer data, and/or media content (collectively, “hosted content”) might be provided to the one or more user devices for hosting thereon. Resource usage information and/or network connectivity information might be collected for each user device, and suitability of a user device to host the hosted content might be determined based at least in part on the collected resource usage information and/or network connectivity information. One or more courses of action may be determined, and invoked, based on performance metrics of the user devices. | 2014-06-19 |
20140173676 | FAST CHANNEL CHANGE - A request for a unit of video information is received from a remote video receiver. An initial transmission rate for the unit of video information is determined based at least in part on a decoder model and a typical steady-state transmission rate for the unit of video information. The initial transmission rate is faster than the typical steady-state transmission rate. For a first time period after receiving the request, a first portion of the unit of video information is transmitted to the remote video receiver at the initial transmission rate. The first time period, the initial transmission rate, or both are determined so as not to overflow an input buffer that is based at least in part on the decoder model. For a second time period after the first time period, a second portion of the unit of video information is transmitted to the remote video receiver at the typical steady-state transmission rate. | 2014-06-19 |
20140173677 | MEDIA STREAM HANDLING - The invention refers to providing a sequence of media segments ( | 2014-06-19 |
20140173678 | BROADCAST TRANSMITTING APPARATUS, BROADCAST RECEIVING APPARATUS, AND THE METHOD THEREOF - A broadcast receiving apparatus is disclosed. The broadcast receiving apparatus includes a receiver configured to receive a broadcast signal which includes video data; a detector configured to detect error information for determining whether there is an error in a packet identifier information, regarding the video data and correction information for correcting the packet identifier information; and a controller configured to detect the packet identifier information using the correction information, and detect the video data using the corrected packet identifier information, when it is determined that the error occurs in the packet identifier information. | 2014-06-19 |
20140173679 | DIGITAL BROADCAST RECEIVER AND INFORMATION UPDATING METHOD THEREFOR - A digital broadcast receiver on a mobile body includes: a tuner that receives a broadcast signal of a physical channel; a signal intensity detector that detects a signal intensity of the broadcast signal; a current position detector that detects a current position of the mobile body; a movement direction detector that detects a movement direction of the mobile body; a reception judging unit that controls the tuner to judge whether the physical channel can be received; an area information storage unit that stores receivable area information indicating a receivable area of the physical channel; and an area information updating unit that determines, when it is judged that the physical channel can be received, a position apart from the current position in the movement direction according to the signal intensity as a receivable position, and updates the receivable area information to extend the receivable area to the receivable position. | 2014-06-19 |
20140173680 | FULL-FRAME BUFFER TO IMPROVE VIDEO PERFORMANCE IN LOW-LATENCY VIDEO COMMUNICATION SYSTEMS - Embodiments of apparatuses and methods to decrease a size of a memory in a low-latency video communication system are described. A control unit is configured to monitor a condition associated with at the communication link. The control unit is configured to receive the video content over a link based on monitoring. A memory comprising a full-frame buffer is coupled to the control unit. The full-frame buffer is configured as a history buffer to store a full frame of the video in a coding format that matches the coding format of the video content received over the link. A display unit is coupled to the history buffer. A portion of the full-frame buffer is configured as a network streaming buffer. | 2014-06-19 |
20140173681 | METHOD OF PROCESSING NON-REAL TIME SERVICE AND BROADCAST RECEIVER - A method of receiving and process a broadcast signal including a Non-Real Time (NRT) service and a broadcast receiver are disclosed herein. A method of processing a broadcast signal including a Non-Real Time (NRT) service, the method comprises receiving and processing a signaling information table including access information of the NRT service, receiving and storing data of the NRT service based on the signaling information table in non-real time, extracting access information of additional information relating to the NRT service from the signaling information table, and downloading the additional information relating to the NRT service based on the extracted access information. | 2014-06-19 |
20140173682 | AUTHENTICATION FOR SECURE WIRELESS COMMUNICATION - A method and apparatus for use in authentication for secure wireless communication is provided. A received signal is physically authenticated and higher layer processed. Physical authentication includes performing hypothesis testing using a channel impulse response (CIR) measurement of the received signal and predetermined referenced data. Higher layer processing includes validating the signal using a one-way hash chain value in the signal. Once a signal is authenticated, secure wireless communication is performed. | 2014-06-19 |
20140173683 | METADATA DRIVEN REAL-TIME ANALYTICS FRAMEWORK - Methods, systems, and computer program products are provided for developing application definition packages, and deploying the application definition packages at cloud services to produce real-time data analytics applications. In one implementation, a selection is received of an application definition package that defines a real-time data analytics application. The application definition package indicates an application name and includes at least one payload definition, reference data definition, and query definition. A domain name is provided for the real-time data analytics application, and a cloud service is generated that is associated with the domain name. The application definition package is applied to an application template to generate a finalized real-time data analytics package. The finalized real-time data analytics package is instantiated in the cloud service to create a network-accessible instance of the real-time data analytics application. | 2014-06-19 |
20140173684 | METHODS, SOFTWARE, AND DEVICES FOR AUTOMATICALLY SCORING PRIVACY PROTECTION MEASURES - Methods, software and devices for scoring privacy protection processes implemented by an organization are disclosed. Implementation metrics and evidence indicators are received from units of the organization. Implementation metrics each represent extent of implementation of one of the privacy protection processes. Evidence indicators each indicate an electronic document providing evidence of extent of implementation of one of the privacy protection processes. Each electronic document is associated with at least one of the implementation metrics for which the electronic document provides supporting evidence. For each particular privacy protection process implemented by each particular organizational unit, applicable privacy protection rules are identified and a user interface is provided to facilitate assessing compliance of that organizational unit with applicable privacy protection rules. The user interface presents applicable privacy protection rules, implementation metrics received for the particular organizational unit implementing the particular privacy protection process, and the electronic documents associated with those implementation metrics. | 2014-06-19 |
20140173685 | CONTROLLING MODIFICATION OF ELECTRONIC DEVICE CABLING - A cabling modification control unit controls modification of electronic device cabling with physical locks and includes a processing unit and a communication unit. The processing unit is configured to process a cable modification request and configured to generate a control signal based on the result of processing the cable modification request. The communication unit is configured to communicate the control signal to an electronic device component. The control signal is configured to control a physical lock associated with the electronic device component to permit or prevent modification of the electronic device cabling. The electronic device component includes a port configured to connect to the electronic device cabling and a physical lock that is configured to prevent connection or disconnection of the electronic device cabling to the port based on the control signal received from the modification control unit. | 2014-06-19 |
20140173686 | Device Communication Based On Device Trustworthiness - Techniques for assessing the trustworthiness of a target device that a user device is attempting to communicate with are described. A user device may request one or more trustworthiness attributes of a target device before exchanging data with the target device. The user device may receive the one or more trustworthiness attributes of the target device, and determine, based on the received one or more trustworthiness attributes of the target device, a set of one or more security policies to enforce on a communication channel used for exchanging data between the user device and the target device. A communication channel between the user device and the target device can then be established according to the set of one or more security policies. | 2014-06-19 |
20140173687 | DISTRIBUTED COMPUTING SYSTEM - A Policy Enforcement Point (PEP) enforcement module ( | 2014-06-19 |
20140173688 | Method and System for Providing Device-Specific Operator Data for an Automation Device in an Automation Installation - Method and system for providing device-specific operator data for an automation device in an automation installation, which automation device authenticates itself to an authentication server in the automation installation via at least one authentication credential, wherein if up-to-date device-specific operator data from the installation operator of the automation installation are available for the automation device, then the up-to-date device-specific operator data are tied to the authentication credential of the authentication device. | 2014-06-19 |
20140173689 | PROVIDING A REAL-TIME INDICATION OF PLATFORM TRUST - Methods and apparatuses for providing a real-time indication of platform trust are provided. Embodiments include an integrity reporting module determining that a platform is currently operating in a system management mode (SMM) and receiving from an integrity measurement module, an integrity measurement results signal. Embodiments also include the integrity reporting module determining whether the received integrity measurement results signal indicates the platform is trusted. If the received integrity measurement results signal indicates that the platform is trusted, the integrity reporting module provides to a user of the platform, a real-time visual indication that the platform is trusted. If the received integrity measurement results signal indicates that the platform is not trusted, the integrity reporting module provides to the user a real time visual indication that the platform is not trusted. | 2014-06-19 |
20140173690 | METHOD AND APPARATUS FOR SECURITY MECHANISM FOR PROXIMITY-BASED ACCESS REQUESTS - An approach is provided for providing security mechanism for proximity-based interactions among devices. At least one first device (e.g., a memory tag) may determine a request for interaction between the at least one first device and at least one second device (e.g., a mobile phone), wherein at least the at least one first device is associated with at least one first antenna and at least one second antenna. The at least one first device may determine a first signal received by the at least one first antenna and a second signal received by the at least one second antenna. Further, the at least one first device may determine one or more differences in one or more characteristics of the first signal and the second signal. Furthermore, the at least one first device may process and/or facilitate a processing of the one or more differences to determine whether to allow the interaction. | 2014-06-19 |
20140173691 | METHOD AND SYSTEM FOR AUTOMATED USER AUTHENTICATION FOR A PRIORITY COMMUNICATION SESSION - An approach is provided for automated user authentication for a priority communication session. An authentication platform receives a session request for establishing a priority communication session over a data network between a user device and a service platform. The authentication platform determines network information and device information associated with the session request and the user device, respectively. The authentication platform further determines user history information regarding one or more prior communication sessions of a user of the user device. The authentication platform authenticates the user based on the network information, the device information, and the user history information for establishing the priority communication session. | 2014-06-19 |
20140173692 | Bring your own device system using a mobile accessory device - A BYOD solution using a combination device is described. This combination device is comprised of an employee owned smart mobile device ( | 2014-06-19 |
20140173693 | Cookie Optimization - Disclosed herein is a system and method for optimizing a cookie or token in a web service or other claims based domain system. A user presents an identity token to the domain system which verifies the identity claim as authentic and then determines what accounts the user has access to on the domain. The user is issued an intermediate token by the system which includes the locations of the accounts the user has access to. The user then selects the account they wish to interact with and receives an account token back to the user for the specific account, including any of the privileges the user has on the account. The account token also includes information that the user has multiple accounts on the domain. The user is able to switch accounts on the domain system without having to revalidate their credentials to the domain system. | 2014-06-19 |
20140173694 | MULTI-TENANCY GOVERNANCE IN A CLOUD COMPUTING ENVIRONMENT - A cloud computing system includes a plurality of tenants that are permitted to access cloud hosted applications. The system includes an input governance layer associated with each application, and an output governance layer associated with each application. The input governance layer and the output governance layer include an encapsulation of a cloud hosted application. The governance layers receive a request from a tenant-user to access a first application on the cloud computing system, check a governance database to determine if the tenant-user is authorized to access the first application, and allows or denies access accordingly. | 2014-06-19 |
20140173695 | TOKEN BASED ACCOUNT ACCESS - A user account may be accessed by a mobile device by transmitting a login token from the mobile device to a server, which can authenticate the login token and grant the mobile device access to the user account. The login token can be generated by accessing the user account on a separate user device, such as a personal computer, and requesting a login token. The request may be sent to a server and a login token can be generated and sent by the server to the separate user device. The login token may then be transmitted to the mobile device and account access on the mobile device can be granted based on the login token. | 2014-06-19 |
20140173696 | WEB CONFERENCE OVERSTAY PROTECTION - Embodiments of the present invention disclose a method, computer program product, and system for managing participants of a web conference that follows a first web conference. A computer determines that a second web conference will use a web conference channel continuously following the completion of a first web conference using the web conference channel. The computer determines that a participant of the first web conference that is connected to the web conference channel at the start of the second web conference is not authorized to attend the second web conference and the computer disconnects from the web conference channel the participant that is not authorized to attend the second web conference. | 2014-06-19 |
20140173697 | Identity Attribute Exchange and Validation Ecosystem - Methods and systems are described herein for performing attribute authentication for use by a relying party in providing access to a resource as requested by a user. Attribute authentication may be performed entirely by a single identity service provider, or by multiple identity service providers each authenticating a subset of a plurality of user attributes, such as name, address, phone, email, and the like. Each attribute may be authenticated with a level of assurance. Levels of assurance may vary from attribute to attribute. Different levels of assurance may be required for different attributes before the relying party may grant access to the user-desired resource. An authentication broker may act as a registry or broker of identity service providers, and may store information usable by relying parties to establish a trust relationship with a particular identity service provider on demand, as needed by a relying party. | 2014-06-19 |
20140173698 | Software publisher and device authentication using customizable multimedia - A process for authentication that gives users a warning against malicious web applications is disclosed. The disclosed process gives the user an audiovisual when viewing the correct web application. The audiovisual is known as a “totem” in this document. The totem can be an image that is shown to the user, audio that is played to the user, or a video or animation (with or without audio) that is played to the user. The user selects their totem as part of the disclosed process. The totem is stored locally using web storage in the user's browser. The totem can only be accessed by the correct web application, and thus cannot be presented to the user by a malicious web application seeking to impersonate the correct web application. The disclosed process thus gives the user, even one not “computer savvy”, a strong warning indication about a malicious web applications. | 2014-06-19 |
20140173699 | ASSIGNING PERMISSIONS BASED ON ORGANIZATIONAL STRUCTURE - Permission to access an organization's resources may be automatically assigned based on one or more structures within that organization. In one example, structural maps of an organization are received, where the structural maps indicate the reporting hierarchy of the organization, geographic subdivisions, substantive subdivisions, etc. Templates are received describing how permissions are to be assigned to particular substructures within the organization. The templates are then fitted to the organization, and permissions to access particular resources are assigned to members of the organization based on the templates. An administrator may modify the assigned permissions. Work requests may be routed to people based on which people have permission to access the resources involved in the work request. | 2014-06-19 |
20140173700 | SYSTEM AND METHOD FOR APPLICATION USAGE CONTROLS THROUGH POLICY ENFORCEMENT - A method includes a particular user application, without operating system kernel access, performing the operations of: identifying a set of applications that a user has permission to access, receiving a request to a access a particular application of the set of applications, and causing execution of the particular application. | 2014-06-19 |
20140173701 | WEB CONFERENCE OVERSTAY PROTECTION - Embodiments of the present invention disclose a method, computer program product, and system for managing participants of a web conference that follows a first web conference. A computer determines that a second web conference will use a web conference channel continuously following the completion of a first web conference using the web conference channel. The computer determines that a participant of the first web conference that is connected to the web conference channel at the start of the second web conference is not authorized to attend the second web conference and the computer disconnects from the web conference channel the participant that is not authorized to attend the second web conference. | 2014-06-19 |
20140173702 | SYSTEMS, METHODS, AND APPARATUSES FOR IMPLEMENTING CROSS ORGANIZATIONAL DATA SHARING - In accordance with disclosed embodiments, there are provided methods, systems, and apparatuses for implementing cross organizational data sharing including, for example, means for storing customer organization data in a database of the host organization; allocating at least a sub-set of the customer organization data to be shared as shared data; configuring a hub to expose the shared data to a proxy user and configuring the proxy user at the hub with access rights to the shared data; configuring one or more spokes with access rights to the shared data of the hub via the proxy user; receiving a request from one of the hubs for access to the shared data of the customer organization via the proxy user at the hub; and returning a response to the hub having made the request. Other related embodiments are disclosed. | 2014-06-19 |
20140173703 | Method and Apparatus for Providing Network Security Using Role-Based Access Control - A method and apparatus for providing network security using role-based access control is disclosed. A network device implementing such a method can include, for example, an access control list. Such an access control list includes an access control list entry, which, in turn, includes a user group field. Alternatively, a network device implementing such a method can include, for example, a forwarding table that includes a plurality of forwarding table entries. In such a case, at least one of the forwarding table entries includes a user group field. | 2014-06-19 |
20140173704 | SYSTEM, DEVICE, AND METHOD FOR AUTHENTICATION OF A USER ACCESSING AN ON-LINE RESOURCE - A system, device and method for authenticating a user. The system, device and method may employ a computing device for providing credentials required for access to an on-line resource available over a network. The computing device may connect to the on-line resource to register a user. The computing device may receive from the on-line resource at least one request for a credential to identify the user. In response to the request, the computing device may generate a random credential, store the random credential in association with an on-line resource identifier and the request in a data store accessible to the computing device and, submit the random credential to the on-line resource to register the user. | 2014-06-19 |
20140173705 | DISTRIBUTED AUTHENTICATION USING PERSISTENT STATELESS CREDENTIALS - Techniques and tools are described for performing distributed authentication using persistent stateless credentials. Distributed authentication can be performed during egress by obtaining a principal identifier, generating an expiration time, obtaining a secret key identifier that identifies a secret key, generating an initialization vector, encrypting the principal identifier and the expiration time to produce a ciphertext, creating a credential, and providing the credential for persistence at a client device. The credential comprises the ciphertext, the initialization vector, the secret key identifier. Distributed authentication can be performed during ingress by obtaining a credential, extracting a ciphertext, an initialization vector, and a secret key identifier from the credential, obtaining a secret key identified by the secret key identifier, decrypting the ciphertext to produce a principal identifier and an expiration time and authenticating the credential using, at least in part, the principal identifier and the expiration time. | 2014-06-19 |
20140173706 | APPARATUS AND DATA PROCESSING SYSTEMS FOR ACCESSING AN OBJECT - A system and method for providing access to an object over a network may comprise hosting an object on a distributed data processing system accessible over the network, the object contained within a cell; generating, by a cell access provider, a unique and random address for the cell containing the object, utilizing an address resolution module and providing, by the cell access provider, the unique and random address to a computing device of a unique consumer; and upon receipt of the unique and random address from the unique user, matching the unique and random address with the cell to facilitate access by the unique user to the object. The object may comprise a virtual object acting as a cell for facilitating access to one or more additional objects. The virtual object cell may contain one or more unique and random addresses facilitating access to one or more additional objects. | 2014-06-19 |
20140173707 | Disabling Unauthorized Access To Online Services - The present invention relates to a method that enables a user to easily, quickly, and securely disable access to any or all of the online services they use by means of an application managed by a service provider that communicates with those online services that agree to deny access when they receive such communications. When a user denies access, no one is able to log in to any of the online services even if someone has correctly entered the user's login credentials. An “online service” as used herein encompasses any service, such as banking or credit card websites or mobile apps, connected to the Internet that enables a user to log in to the service, and also includes an online service provided by a business to its employees. | 2014-06-19 |
20140173708 | CLOUD BASED PASSWORD MANAGEMENT - The present invention extends to methods, systems, and computer program products for providing a cloud based password manager that automatically logs in users from any computer. The cloud based password manager does not require that the user install a local plug-in or other tool to perform automatic login. In this sense, unlike current password managers, the password manager of the present invention is completely cloud based. By simply using any browser or a dedicated app on any computer, the user can request a website and receive a copy of the website with the user logged in even if the user has never used the computer. | 2014-06-19 |
20140173709 | SECURE USER ATTESTATION AND AUTHENTICATION TO A REMOTE SERVER - Secure authentication to a remote application operating on a remote server across a network includes detecting a login associated with the remote application; and in response to the detected login, offloading the login process to an isolated execution environment configured to receive a login request message from the browser application; identify confidential information stored in the secure memory storage and associated with the remote application; populate the login request message with the identified confidential data; transmit the populated login request message to the remote application; receive a login response message from the remote application upon successful login; and transmit the login response message to the browser application, wherein only the isolated execution environment can read and write to the secure memory storage. | 2014-06-19 |
20140173710 | METHOD AND APPARATUS FOR INFORMATION VERIFICATION - The present disclosure provides a method and an apparatus for user verification. A terminal device recognizes a sequence of click operations made by the user according to a maneuver prompted on a terminal device. The sequence of click operations carries operation information from which a click pattern characteristic, such as a characteristic code, can be determined. Upon receiving the determined click pattern characteristic, a server verifies the user input by matching the click pattern characteristic with a verification code set or stored by the server. The click pattern characteristic may be based on recognizing clicking or tapping operations performed by the user at a specified time and/or in a designated area. The method enables user verification on devices that lowers the rate of errors in the user input of verification codes. | 2014-06-19 |
20140173711 | ANTI-PHISHING SYSTEM FOR CROSS-DOMAIN WEB BROWSER SINGLE SIGN-ON - A system and method for cross-domain web browser single sign-on is described. A client accesses a workflow view from a service provider. An identity provider of the service provider generates an authentication process view. The authentication process view has the workflow view provided by the service provider and a logon form view provided by the identity provider. | 2014-06-19 |
20140173712 | NETWORK SECURITY SYSTEM WITH CUSTOMIZABLE RULE-BASED ANALYTICS ENGINE FOR IDENTIFYING APPLICATION LAYER VIOLATIONS - Methods, devices, and storage media storing instructions to obtain logs from a security device and one or multiple service-providing devices, wherein the logs include information pertaining to traffic flow activity at an application layer associated with a service; store rules that identify behavior ranging from unintentional through intentional for one or multiple communication layers including an application layer; interpret the logs based on the rules; determine whether a violation exists based on the interpreting; and generate a notification that indicates the violation exists in response to a determination that the violation exists. | 2014-06-19 |
20140173713 | Verification Code Generation and Verification Method and Apparatus - The present invention discloses a verification code generation and verification method, including: displaying a verification code display region on a touch display module, where the verification code display region includes at least one user-recognizable verification code element; sensing a touch action of a user on the touch display module, and determining a position of the touch action on the touch display module; and comparing whether the position of the touch action of the user on the touch display module is the same as a position of the verification code element to determine whether a verification code is correctly input. The verification code generation and verification method in the embodiments of the present invention is convenient for the user to input a verification code for verification, and brings a good verification effect while facilitating operations. Further, the present invention discloses a verification code generation and verification apparatus. | 2014-06-19 |
20140173714 | INFORMATION PROCESSING APPARATUS, AND LOCK EXECUTION METHOD - A lock execution method for information processing apparatus, includes performing a first authentication based on input information from a user after an application of a power source, preparing authentication information for a second authentication to be corresponded to the input information after the first authentication succeeds, performing the second authentication using the prepared authentication information, issuing a command to execute a lock operation for the information processing apparatus after the second authentication by the authentication succeeds, and invalidating at least some of content of manipulation input during a period time until the lock operation is completed after the command is issued at the issuing. | 2014-06-19 |
20140173715 | INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING METHOD, DEVICE, AND AUTHENTICATION APPARATUS - An information processing system includes a function unit having a plurality of functions; an execution command unit that prompts the function unit to execute one of the plurality of functions; an authentication information obtaining unit that obtains authentication information of a user; and a user authentication and function determination unit that authenticates the user based on the authentication information of the user and determines one function from the plurality of functions. The execution command unit prompts the function unit to execute the one function determined by the user authentication and function determination unit. | 2014-06-19 |
20140173716 | METHOD AND APPARATUS FOR MANAGING AND ACCESSING PERSONAL DATA - Managing and accessing personal data is described. In one example, an apparatus has an application processor, a memory to store data, a receive and a transmit array coupled to the application processor to receive data to store in the memory and to transmit data stored in the memory through a wireless interface, and an inertial sensor to receive user commands to authorize the processor to receive and transmit data through the receive and transmit array. | 2014-06-19 |
20140173717 | SYSTEM AND METHOD OF SECURE DATA ENTRY - A computational device having a user interface is disclosed, the user interface enables a user to securely enter data into the computational device. In particular, the user interface may include a user input portion and a user output portion. The user input portion may be partitioned into a number of input zones, each having a data value associated therewith that when engaged by a user causes the data value associated with the engaged input zone to be provided as input to the computational device. | 2014-06-19 |
20140173718 | MICROCOMPUTER, MIDDLEWARE, AND OPERATING METHOD FOR THE SAME - A microcomputer has a processing unit; a plurality of registers; a storage storing hardware initialization data that includes an initial value and a register address in which the initial value is set, the processing unit performing a process including: setting the initial value in a register having the register address based on the hardware initialization data; performing a functional capability limitation releasing processing to determine whether authentication data in an authentication register, which is selected in advance from the plurality of registers, is correct based on an authentication information for releasing limitations on a functional capability of a function, and to put a function corresponding to the authentication information into an executable state when the authentication data is correct; and executing the function which is put into the executable state to realize the functional capability of the executed function. | 2014-06-19 |
20140173719 | INDUSTRIAL MANIPULATING SYSTEM WITH MULTIPLE COMPUTERS AND INDUSTRIAL MANIPULATING METHOD - An industrial manipulating system includes a plurality of computers and an input assembly shared by the computers. A response capability of the computer is interrupted to operation commands. A camera is used to take a photograph of a current operator and determination is made whether the photograph contains a face image of the current operator. The response capability of the identified computer is restored to the operation commands when the photograph contains the face image of the current operator. | 2014-06-19 |
20140173720 | SYSTEM AND METHOD FOR CONTROLLING THE ON AND OFF STATE OF FEATURES AT RUNTIME - Methods and systems are provided for turning on and off features at run time. The method includes providing a unique enabling predicate (e.g., an “if enabled” statement) for one or more executable features (blocks of code), configuring a permissions library, and caching the configured permissions library. The method further includes interrogating the cache with the first “if enabled” predicate, executing the block of code (feature) if the cache yields “true” for the requesting user, and not executing the code block if the cache yields “false” for the requesting user. | 2014-06-19 |
20140173721 | MANIPULATING SCREEN LAYERS IN MULTI-LAYER APPLICATIONS - A method performed on a device includes receiving, from a user, a finger-touch-initiated request for access to a layer of a multi-layer application on the device, the multi-layer application having a plurality of user interface layers. The method may also include identifying a finger of the user used to provide the finger-touch-initiated request, the finger associated with one of the layers of the multi-layer application. The layer associated with the identified finger of the user may be operated on. Each finger of the user can be associated with a different layer of the multi-layer application. Fingerprints can be used to differentiate each finger and/or to identify the user by fingerprint recognition techniques. Fingerprints can be used to vary the access parameters of a layer of the application and/or to provide security levels for accessing the layers of the multi-layer application. | 2014-06-19 |
20140173722 | Methods and Systems for Mitigating Attack Traffic Directed at a Network Element - An exemplary method includes an attack traffic mitigation system 1) identifying a range of ports left open by a firewall for a network element to receive network traffic provided by a computing device, 2) designating a subset of one or more ports included in the range of open ports as being included in a legitimate port range configured to receive legitimate network traffic provided by the computing device, and 3) directing the network element to drop network traffic provided by the computing device and received by each port included in the range of open ports that is not included in the legitimate port range. Corresponding methods and systems are also disclosed. | 2014-06-19 |
20140173723 | REPUTATION OF NETWORK ADDRESS - Example embodiments disclosed herein relate to determining a reputation of a network address. A long-term reputation of the network address is determined. A short-term reputation of the network address is determined based on the long-term reputation and trend information associated with the long-term reputation. | 2014-06-19 |
20140173724 | Tuning of Data Loss Prevention Signature Effectiveness - In at least one embodiment, a method and a system include capability to fine-tune a data loss prevention system. An example method includes gaining access to or creating an alert database and a signature set by an analytics module and an adjustment module, where the alert database includes an alert validity attribute for each alert; quantifying for each signature contained in the signature set an effect on the change in the number of alerts from its removal; determining with an analytics module whether any signature has a ratio of valid to false positive alerts less than a threshold; and when at least one signature has the ratio less than the first threshold identifying and removing with an adjustment module at least one signature from the signature database having a ratio less than the threshold where the signature is removed from the signature set, and repeating quantifying and determining. | 2014-06-19 |
20140173725 | TRAFFIC SEGMENTATION IN PREVENTION OF DDOS ATTACKS - Systems, methods, and computer storage media for traffic segmentation in prevention of DDoS attacks are provided. Data associated with one or more users of a particular service or network is collected. Legitimate properties associated with the data are identified. In embodiments, the legitimate properties are shared with one or more related services. One or more requests are received for the service or related services and request properties are identified. The legitimacy of the one or more requests is predicted based on a comparison of the legitimate and request properties. | 2014-06-19 |
20140173726 | METHODS AND SYSTEMS FOR PREVENTING UNAUTHORIZED ACQUISITION OF USER INFORMATION - The embodiments provide methods and systems for detecting and preventing phishing of a user's information, such as their username and password. In one embodiment, a website detects as a threshold matter whether the user has arrive at the site due to an automatic redirection from a prior visited site or by the user having clicked on a link to the website from the previous site. If this threshold is met, then the prior website is evaluated based on various criteria to determine if it appears to be a phishing site. If phishing is suspected, then the user may be notified and various other protective actions may be performed. | 2014-06-19 |
20140173727 | Tuning of Data Loss Prevention Signature Effectiveness - In at least one embodiment, a method and a system include capability to fine-tune a data loss prevention system. An example system includes a computer readable storage medium for storing at least one alert database and at least one associated signature set to each alert database; an analytics module in communication to the computer readable storage medium, the analytics module analyzes at least one alert database present on the computer storage medium to determine whether any signatures from the signature set associated with the alert database being analyzed are ineffective based at least on a ratio of valid alerts to false positive alerts for individual signatures selected from a group including a plurality of signatures present in the signature set; and an adjustment module in communication to the computer readable storage medium and the analytics module, the adjustment module removes at least one ineffective signature from the signature set. | 2014-06-19 |
20140173728 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR MOUNTING AN IMAGE OF A COMPUTER SYSTEM IN A PRE-BOOT ENVIRONMENT FOR VALIDATING THE COMPUTER SYSTEM - A system, method, and computer program product are provided for mounting an image of a computer system in a pre-boot environment for validating the computer system. In use, an image of a computer system is mounted in a pre-boot environment of the computer system, where the image includes a file system structure and initialization data of the computer system. Furthermore, at least one task is performed on the mounted image for validating the computer system. | 2014-06-19 |
20140173729 | PROVIDING A FAST, REMOTE SECURITY SERVICE USING HASHLISTS OF APPROVED WEB OBJECTS - A security system and service, which improves the performance of SECaaS services, is described. A security server system tracks the content that has successfully passed through its security modules and distributes this information to the end user client devices as hashlist information. The remote client devices can then safely bypass the cloud for a significant fraction of Web object requests by using information on a locally stored hashlist to validate Web objects. | 2014-06-19 |
20140173730 | Security Method and Apparatus - In accordance with an example embodiment of the present invention, there is provided a method comprising: maintaining a local database of trusted uniform resource locators (URL) where an URL is qualified to said database based on fulfilling predetermined criteria; detecting a request to access a uniform resource locator (URL); obtaining reputation data for the URL from a reputation server or from a local reputation scanner; comparing the obtained reputation data of the requested URL with the reputation data of the requested URL that is stored in the local database of trusted URLs if any; if there is a conflict between the reputation data obtained and the reputation data stored in the local database of trusted URLs, using the reputation data stored in the local database of trusted URLs to determine whether access to the URL is allowed. | 2014-06-19 |
20140173731 | System and Method for Unified Communications Threat Management (UCTM) for Converged Voice, Video and Multi-Media Over IP Flows - A method and system for unified communications threat management (UCTM) for converged voice and video over IP is disclosed. A computer-implemented method for threat management receives an incoming packet. The incoming packet is broken into sub-packets and fed to a plurality of packet processing engines. Each packet processing engine inspects the sub-packets and annotate the sub-packets with meta-data. The annotated sub-packets are combined and processed by a plurality of application engine to generate a processed packet. The processed packet is classified and stored in a database. | 2014-06-19 |
20140173732 | Advocate for Facilitating Verification for the Online Presence of an Entity - Some embodiments provide an advocate system to facilitate automated online presence verification for different entities on behalf of the entities. The advocate system places service providers on notice that profiles and information hosted by them and that form the online presence for a particular entity should first be verified with that particular entity. The advocate system further facilitates online presence verification by 1) directly or indirectly connecting the service providers that are placed on notice with the appropriate authoritative entities to facilitate the verification of the profiles and information, 2) selectively targeting service providers hosting profiles and information that are unverified, 3) automatedly verifying hosted profiles and information based on a verified profile lists and verified information that authoritative entities provide to a central repository. In so doing, the advocate system prevents potential damage to the authoritative entity's credibility while also mitigating potential for fraud, identity theft, etc. | 2014-06-19 |
20140173733 | EXPLOIT DETECTION AND REPORTING OF A DEVICE USING SERVER CHAINING - A server configured for managing server access by a first client application of a device over a communications network. The server receives a status message from the first client application over the communications network, the first client application managed by the server, the message including at least one compliance characteristic associated with a security policy of the server and an unique identification of the device. The server can access the security policy and compare the at least one compliance characteristic with a corresponding policy of the security policy to determine a current state of the device as contrary to the corresponding policy and in response generate a compromised status indicator for the device. The server can also access a storage to obtain a network address associated with a second server managing a second client application of the device and send a device status message to the network address of the second server including the compromised status indicator and identification data uniquely identifying the device to the second server. | 2014-06-19 |
20140173734 | METHODS, MEDIA, AND SYSTEMS FOR DETECTING AN ANOMALOUS SEQUENCE OF FUNCTION CALLS - Methods, media, and systems for detecting an anomalous sequence of function calls are provided. The methods can include compressing a sequence of function calls made by the execution of a program using a compression model; and determining the presence of an anomalous sequence of function calls in the sequence of function calls based on the extent to which the sequence of function calls is compressed. The methods can further include executing at least one known program; observing at least one sequence of function calls made by the execution of the at least one known program; assigning each type of function call in the at least one sequence of function calls made by the at least one known program a unique identifier; and creating at least part of the compression model by recording at least one sequence of unique identifiers. | 2014-06-19 |
20140173735 | COMPUTER PROGRAM, METHOD, AND SYSTEM FOR PREVENTING EXECUTION OF VIRUSES AND MALWARE - Preventing execution of viruses or malware on a computing device includes compiling an inventory recordation of legitimate applications and terminating execution of any application not on the inventory recordation while in a protected mode. An instantaneous and unprompted inventory recordation known as a “snapshot” can be performed by the computer program. A user may further train the computer program to identify legitimate applications routinely accessed by the user and to be updated to the inventory recordation, such that the inventory recordation is personal to the user. After training, the protected mode can be activated. A smart icon graphical user interface is utilized, that automatically toggles between locked and unlocked depending on if the computing device is at risk or not, to place the computing device in a protected or unprotected mode. | 2014-06-19 |
20140173736 | Method and system for detecting webpage Trojan embedded - The present disclosure is applicable to the field of computer security technology and provides a method and system for detecting webpage Trojan embedded. The method includes: obtaining webpage contents; parsing the obtain webpage contents, and extracting script objects; constructing an object execution engine to simulate the execution of the contents of the script objects; monitoring the simulation execution of the contents of the objects, and when an abnormal behaviour occurs, determining that the contents of the objects contain dangerous data. The present disclosure can effectively improve the efficiency of webpage Trojan embedded detection, and reduce the undetected rate and the error rate of webpage Trojan embedded detection. | 2014-06-19 |
20140173737 | DEVICE AND METHOD FOR REMEDIATING VULNERABILITIES - Exemplary methods, apparatuses, and systems receive data describing a first software component used by a software product and vulnerability data describing a vulnerability in the first software component. A vulnerability score is calculated for the software product based upon the vulnerability data for the first software component. The vulnerability score is recalculated for the software product based upon receiving an updated status of the vulnerability in the first software component from bug tracking software, a waiver of the vulnerability of a software component, the addition of another software component, or another update to the software product or component(s). The task of remediation of the vulnerability in the first software component can be assigned to a user and tracked. A user interface is provided to enable users to monitor the vulnerabilities of software products or components. | 2014-06-19 |
20140173738 | USER DEVICE SECURITY PROFILE - Attribute data of an endpoint computing device is collected that describes attributes of the endpoint computing device. The attribute data is communicated to a security score generator and security score data is received for the endpoint computing device. A graphical dashboard interface is caused to be presented on a display device, the dashboard interface presenting a plurality of security ratings based on the security score data, each security rating representing an amount of risk determined to be associated with a corresponding user activity on the endpoint device in a plurality of user activities. | 2014-06-19 |
20140173739 | AUTOMATED ASSET CRITICALITY ASSESSMENT - A set of attributes of a particular asset of a computing environment is identified that are determined from data collected by one or more utilities in the computing environment. A criticality rating is automatically determined for the particular asset based at least in part on the set of attributes. A security activity is caused to be performed relating to the particular asset based on the automatically determined criticality rating of the particular asset. | 2014-06-19 |
20140173740 | METHODS AND SYSTEMS FOR DETERMINING HARDENING STRATEGIES - A system and method for determining at least one hardening strategy to prevent at least one attack, comprising: performing processing associated with obtaining at least one attack graph, the at least one attack graph comprising at least one goal condition, at least one initial condition, and at least one exploit; performing processing associated with obtaining at least one allowable action that disables the at least one initial condition; performing processing associated with obtaining costs associated with the at least one allowable action; and performing processing associated with utilizing the at least one allowable action to determine at least one recommended strategy from the at least one allowable action taking into account the costs. | 2014-06-19 |
20140173741 | SYSTEM AND METHOD FOR DYNAMIC ANALYSIS TRACKING OBJECTS FOR APPLICATION DATAFLOW - Systems and methods are provided for dynamic analysis tracking objects for application dataflow. A system receives a data object from a data source, creates a source tracking object for the data object, and records information associated with the data source into the source tracking object. The system creates a copy of the data object for a tracking event in the application program, creates a flow tracking object for the tracking event, and records information associated with the tracking event into the flow tracking object as the tracking event processes the copy of the data object. The system outputs the copy of the data object to a data sink, creates a sink tracking object for the data sink, and records information associated with the data sink into the sink tracking object. The system outputs the source tracking object, the flow tracking object, and the sink tracking object as dynamic analysis of dataflow in the application program. | 2014-06-19 |
20140173742 | SYSTEM AND METHOD FOR DYNAMIC ANALYSIS WRAPPER OBJECTS FOR APPLICATION DATAFLOW - Systems and methods are provided for dynamic analysis wrapper objects for application dataflow. A system creates a wrapper object that points to a data object received from a data source, creates a source tracking object for the wrapper object, and records information associated with the data source into the source tracking object. The system creates a copy of the wrapper object for a tracking event in an application program, creates a flow tracking object for the tracking event, and records information associated with the tracking event into the flow tracking object as the tracking event processes the copy of the wrapper object. The system outputs the copy of the wrapper object to a data sink for the application program, creates a sink tracking object for the data sink, and records information associated with the data sink into the sink tracking object. The system outputs the source tracking object, the flow tracking object, and the sink tracking object as dynamic analysis of dataflow in the application program. | 2014-06-19 |
20140173743 | SYSTEM AND METHOD FOR DYNAMIC ANALYSIS TRACKING OBJECT ASSOCIATIONS FOR APPLICATION DATAFLOW - Data source information is recorded into a source tracking object embedded in a wrapper object pointing to a data object from the data source. Tracking event information is recorded into a flow tracking object embedded in a wrapper object copy as the tracking event processes the wrapper object copy. Other tracking event information is recorded into another flow tracking object embedded in another wrapper object as the other tracking event processes the other wrapper object. The flow tracking object is associated with the other flow tracking object in response to a field retrieval of the wrapper object copy from the other wrapper object. The wrapper object copy is output to a data sink. Data sink information is recorded into a sink tracking object embedded in the wrapper object copy. The tracking objects are output as dynamic analysis of dataflow in the application program. | 2014-06-19 |
20140173744 | SYSTEM AND METHODS FOR SCALABLY IDENTIFYING AND CHARACTERIZING STRUCTURAL DIFFERENCES BETWEEN DOCUMENT OBJECT MODELS - A security auditing computer system efficiently evaluates and reports security exposures in a target Web site hosted on a remote Web server system. The auditing system includes a crawler subsystem that constructs a first list of Web page identifiers representing the target Web site. An auditing subsystem selectively retrieves and audits Web pages based on a second list, based on the first. Retrieval is sub-selected dependent on a determined uniqueness of Web page identifiers relative to the second list. Auditing is further sub-selected dependent on a determined uniqueness of structural identifiers computed for each retrieved Web page, including structural identifiers of Web page components contained within a Web page. The computed structural identifiers are stored in correspondence with Web page identifiers and Web page component identifiers in the second list. A reporting system produces reports of security exposures identified through the auditing of Web pages and Web page components. | 2014-06-19 |
20140173745 | AUTOMATED HUMAN INTERFACE DEVICE OPERATION PROCEDURE - The present invention provides an automated human interface device operation procedure electrically activated in one computer in which Mac OS X v10.4 or a higher version is installed, makes a browser program automatically executed by the computer without manual intervention, fetch/enter a specific Uniform Resource Locator for login, and is automatically unloaded with all steps completed. | 2014-06-19 |
20140173746 | APPLICATION REPOSITORY - Methods of providing an application repository based on an age level of a user to create an age-appropriate experience for younger users of an electronic device are disclosed. Certain applications can be associated with the application repository. The content of any application associated with the repository can then be based on the associated age level. For example, if an educational application is associated with an application repository, then the educational elements of the application can be targeted to the specific age level associated with the repository. | 2014-06-19 |
20140173747 | DISABLING ACCESS TO APPLICATIONS AND CONTENT IN A PRIVACY MODE - Methods of disabling access to applications and content in a privacy mode are provided. One or more private applications can be selected on an electronic device. A privacy mode can be enabled, and access to the private applications can be disabled. Additionally, access from public applications to content associated with the private applications can be disabled. Such a feature makes for a more robust privacy mode that can maintain the privacy of content that may otherwise be accessible. | 2014-06-19 |
20140173748 | SOCIAL NETWORKING WITH DEPTH AND SECURITY FACTORS - An online interactive communication and chatting system and method for providing information to a web site having different levels of user interactions, with the provided information being available to or shareable with registered users of the system at specific levels thereof. The provided information is keyed to the different levels of user interaction, with different Key Phrases being respectively linked to the different levels. The correct entry of a Key Phrase provides access to a linked level with communication, chatting and information available therein to registered users correctly entering the Key Phrase. Incorrect entry of a Key Phrase provides access to incorrect information generated by the system. | 2014-06-19 |
20140173749 | METHOD AND APPARATUS FOR PROVIDING A SPECIFIC USER INTERFACE IN A SYSTEM FOR MANAGING CONTENT - A method and apparatus for managing use of protected content by providing a specific user interface to an application program used to render the content. The method includes identifying a user interface description associated with content, building a specific user interface based on the user interface description, and replacing the standard user interface of an application program used to render the content with the specific user interface. The specific user interface can be unique to the user, unique to a Web site, or otherwise customized. | 2014-06-19 |
20140173750 | Provisioning a Computing System for Digital Rights Management - Various embodiments utilize hardware-enforced boundaries to provide various aspects of digital rights management or DRM in an open computing environment. Against the backdrop of these hardware-enforced boundaries, DRM provisioning techniques are employed to provision such things as keys and DRM software code in a secure and robust way. Further, at least some embodiments utilize secure time provisioning techniques to provision time to the computing environment, as well as techniques that provide for tamper-resistant storage. | 2014-06-19 |
20140173751 | SYSTEM AND METHOD FOR CHATTING WITH MACHINES - A human-machine chatting system facilitates real-time two-way communications between a user and a machine. During operation, the system monitors performance of a machine, runs a chat application on behalf of the monitored machine, and determines whether a user is authorized to access performance information associated with the monitored machine. In response to the user being authorized to access the performance information, the system allows the user to obtain the performance information via the chat application. | 2014-06-19 |
20140173752 | HANDLING REPEATED REQUESTS FOR THE SAME USER DATA - In accordance with some embodiments, data may be automatically provided on preordained conditions for specific types of data. Thus specific types of data or specific requestors may be treated differently. The system may be programmed to respond appropriately to requests for certain types of data from certain types of requestors. This offloads the need to review specific requests in many cases and enables an automated system for providing requested data as appropriate. | 2014-06-19 |
20140173753 | CONTROLLING CONSUMPTION OF HIERARCHICAL REPOSITORY DATA - One exemplary embodiment involves receiving, from an administrator device, a first request to provide a set of privileges to at least one of a set of users and a set of user groups to access private resources referenced by a path of a networked hierarchical repository, the set of privileges including at least one authorized access privilege. The embodiment also involves modifying a metadata associated with the private resources to indicate the set of privileges to provide to the at least one of the set of users and the set of user groups, the metadata associated with the private resources being modified to at least indicate the authorized access privilege. Additionally, the embodiment involves receiving a second request for authorized access to a set of resources associated with the networked hierarchical repository and providing the authorized access based on whether the metadata associated with the set of resources indicates to provide the authorized access. | 2014-06-19 |
20140173754 | Identity Attribute Exchange and Validation Broker - Methods and systems are described herein for performing attribute authentication for use by a relying party in providing access to a resource as requested by a user. Attribute authentication may be performed entirely by a single identity service provider, or by multiple identity service providers each authenticating a subset of a plurality of user attributes, such as name, address, phone, email, and the like. Each attribute may be authenticated with a level of assurance. Levels of assurance may vary from attribute to attribute. Different levels of assurance may be required for different attributes before the relying party may grant access to the user-desired resource. An authentication broker may act as a registry or broker of identity service providers, and may store information usable by relying parties to establish a trust relationship with a particular identity service provider on demand, as needed by a relying party. | 2014-06-19 |
20140173755 | ORCHESTRATED INTERACTION IN ACCESS CONTROL EVALUATION - An orchestrated access system is described herein that provides an access control decision function that is augmented by interfacing with a real-time collaborative communication system that maintains a state of various users' availability to communicate. The orchestrated access system provides real-time approvals for access control scenarios where the policy would not otherwise grant access. The system provides an experience for the requesting user to select an appropriate approver among multiple potential approvers based on the relationship of the potential approver to the requesting user, the relationship of the potential approver to the resource, and the availability of the potential approver for real-time communication. The system can provide a record of approver and request parameters in a database to optimize further interactions. Thus, the orchestrated access system provides an improved experience for granting access to resources within an organization for both the requesting user and the approver(s). | 2014-06-19 |
20140173756 | PLATFORM-HARDENED DIGITAL RIGHTS MANAGEMENT KEY PROVISIONING - Embodiments of an invention for platform-hardened digital rights management key provisioning are disclosed. In one embodiment, a processor includes an execution unit to execute one or more instructions to create a secure enclave in which to run an application to receive digital rights management information from a provisioning server in response to authentication of the application by a verification server. | 2014-06-19 |
20140173757 | Method And System For Integrating Remote Devices Into A Domestic VLAN - A gateway network device may establish secure connections to a plurality of remote network devices using tunneling protocols to distribute to the remote network devices multimedia content received from one or more content providers. The consumption of the multimedia content may originally be restricted to local network associated with the gateway network device. The secure connections may be set up using L2TP protocol, and the L2TP tunneling connections may be secured using IPSec protocol. Use of multimedia content may be restricted based on DRM policies of the content provider. DRM policies may be implemented using DTCP protocol, which may restrict use of the multimedia content based on roundtrip times and/or IP subnetting. Each content provider may use one or more VLAN identifiers during communication of the multimedia content to the gateway network device, and the gateway network device may associate an additional VLAN identifier with each secure connection. | 2014-06-19 |
20140173758 | Local Device Awareness - Certain embodiments may take the form of a method of operating an electronic device to find and determine an identity of other local devices. The method includes transmitting electromagnetic signals from a first electronic device to find devices within a prescribed distance of the first device and receiving electromagnetic response signals from a second electronic device within the prescribed distance from the first electronic device. The method also includes identifying the second electronic device using information received in the electromagnetic response signals. Additionally, the method includes determining if the second electronic device is aware of other electronic devices and, if the second electronic device is aware of other electronic devices, obtaining identifying information of the other devices from the second electronic device. | 2014-06-19 |
20140173759 | RIGHTS-MANAGED CODE - Methods, systems, and computer program products are provided for providing controlled access to source code. The source code is encrypted. Access rights to the encrypted source code are configured. The encrypted source code is hosted at a network-accessible location. An access attempt for the encrypted source code by a digital rights management (DRM) enabled software development tool is received. Access to the encrypted source code by the DRM enabled software development tool is enabled according to the configured access rights. | 2014-06-19 |
20140173760 | MANAGING LICENSES OF MEDIA FILES ON PLAYBACK DEVICES - Embodiments are described herein for managing licenses of media files on playback devices in a media system. In some embodiments, each media file is purchased based on a number of licenses, each license granting permission to store the media file on a single playback device. Each media file may have an associated number of one or more licenses that specifies the maximum number of playback devices on which the media file may be stored at the same time (concurrently). The media system may comprise a home central licensing (HCL) device, a primary storage device, and playback devices coupled via a network. The primary storage device may be used to initially store newly purchased media files. The HCL device may allow or prohibit distribution of the media files on the primary storage device to playback devices by using a license manager data structure storing licensing information for each media file. | 2014-06-19 |
20140173761 | METHOD AND APPARATUS FOR PROTECTING AN APPLICATION PROGRAM - A method and apparatus for protecting an application in a user digital device are provided. The method includes downloading an application module and installing an application; receiving an execution request for the application; extracting authentication information from the application module, extracting an authentication element included in the application from the application, generating an authentication signature using the authentication element; comparing a reference authentication signature included in the authentication information with the generated authentication signature; and if the reference authentication signature is identical to the generated authentication signature, normally executing the application. | 2014-06-19 |
20140173762 | SYSTEM, METHOD, AND COMPUTER-READABLE RECORDING MEDIUM FOR SUPPORTING LICENSE ACQUIREMENT - A system including a computer and having a part that stores identification data and status data in association with the identification data, a part that receives a request to acquire a license corresponding to a designated identification data, a part that receives a designation of an electronic device, a part that designates the identification data, obtains license data corresponding to the designated identification data, and updates the status data associated with the designated identification data, the updated status data indicating that the license is being used, a part that transmits the license data to the electronic device via a network and instructs the electronic device to acquire the license, and a part that provides a part that receives an instruction for re-executing obtaining of the license data depending on whether the status data is updated and instructs to re-execute the obtaining of the license data. | 2014-06-19 |
20140173763 | COUNTERFEIT PREVENTION FOR OPTICAL MEDIA - A method and system are provided for counterfeit prevention for optical media. In one example, a system is provided for verifying authenticity information on an optical medium. The system receives the optical medium including a fingerprint having at least one probabilistic feature. A probabilistic feature is a physical feature having both a substantial chance to be read as a first value and a substantial chance to be read as a second value. The system receives an o-DNA signature-at-issuance. The system calculates an o-DNA signature-at-verification by reading each probabilistic feature plural times. The system calculates a vector-of-differences between the o-DNA signature-at-issuance and the o-DNA signature-at-verification. The vector-of-differences includes a maximum distance metric between the o-DNA signature-at-issuance and the o-DNA signature-at-verification. The vector-of-differences indicates the optical medium is authentic if the maximum distance metric is less than a threshold. | 2014-06-19 |