35th week of 2013 patent applcation highlights part 81 |
Patent application number | Title | Published |
20130227595 | METHODS AND APPARATUS TO IDENTIFY AUDIENCE MEMBERS - Methods and apparatus are disclosed to identify audience members. An example method includes detecting selection an identification key on a remote control. The identification key is input by a user using an input on the remote control. The remote control is to control a consumer electronic device. The example method includes generating an audio signal to identify the user based on the identification key. The audio signal is electronically detectable. The example method includes outputting the audio signal via a speaker. | 2013-08-29 |
20130227596 | Enhancing Live Broadcast Viewing Through Display of Filtered Internet Information Streams - A method is described for supplementing a live broadcast. The method is performed on a server system having one or more processors and memory storing one or more programs for execution by the one or more processors to perform the method. The server system receives first keywords related to the live broadcast. The server system then receives a plurality of input streams, wherein each input stream includes a plurality of events. The server system then extracts second keywords from the plurality of events. The server system then determines the relevance of each event in the plurality of events to the live broadcast by correlating the first and second keywords. The server system then transmits the relevant events to a client device. | 2013-08-29 |
20130227597 | PERSONAL PROGRAM CHANNEL - Method, device, and storage medium for receiving a request for a program from a user device; transmitting the program to the user device; storing tuning information associated with the request of the program; generating a program log that includes a user's viewing history based on the tuning information; analyzing the program log to identify programs of interest to the user; generating personal program channel information based on the analyzing, wherein the personal program channel information includes a schedule of programs; and providing to the user device a personal program channel that operates according to the schedule of programs. | 2013-08-29 |
20130227598 | Broadcast Media with Targeted Advertising - Systems and methods are provided for renting a peripheral storage entity to a remote client. From the service provider's vantage, one method transceives negotiation signals between a remote first client (the user) and a service provider, via a network link. Using the negotiation signals, the service provider agrees to rent a peripheral storage entity to the first client, and sends digital content from the peripheral storage entity via the network link to the remote first client. The peripheral storage entity may be located with the service provider or with a remote second client. System and methods are also provided from the perspective of remote clients that are either receiving or supplying peripheral storage entity content. | 2013-08-29 |
20130227599 | METHOD AND SYSTEM FOR RECEIVING AND PROCESSING DIGITAL CONTENT - An intelligent device is configured to receive a DTV signal that includes audio/visual information as well as data signals in a datacast format. The datacast format includes web pages, e.g., in the HTML (hypertext markup language) format of the world wide web. An intelligent filter modifies itself based on user behavior and user preferences in terms of the web pages that a viewer routinely visits. The intelligent filter is then used to identify certain web pages of the pages that are being broadcast and these identified web pages are stored in a cache memory for later use by the viewer. A second tuner can be used to poll multiple channels when updating the cached contents. Cached web pages avoid broadcast latencies (due to periodic updating) and thereby are displayed faster to the viewer. | 2013-08-29 |
20130227600 | METHOD AND APPARATUS FOR IMAGE PROCESSING, PROGRAM, AND RECORDING MEDIUM - An information processing apparatus includes a managing unit that manages a scale calculated based on descriptions of an operation performed on a predetermined item and a series to which the item belongs in association with each other, a first extracting unit that extracts items belonging to the same series as top N series, obtained by sorting the scales, from among a plurality of items, a taste managing unit that manages taste of a user, a second extracting unit that calculates the degree of similarity between the taste managed by the taste managing unit and each item to extract items with higher degrees of similarity, and a recommending unit that recommends a predetermined number of items among the items extracted by the first extracting unit and the items extracted by the second extracting unit to the user. | 2013-08-29 |
20130227601 | Inferring Demographic Compositions Of Television Audiences - Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for inferring a demographic composition of a television audience of a television program. In one aspect, a method extrapolates television audience demographics from rated programs to unrated programs by attributing demographics of rated programs to unrated programs when the rated and unrated program are related by demographically rated channel tunes. | 2013-08-29 |
20130227602 | ELECTRONIC APPARATUS, CONTROL SYSTEM FOR ELECTRONIC APPARATUS, AND SERVER - According to one embodiment, an electronic apparatus includes, a receiver configured to receive a stream, a memory configured to store the stream, an analyzer configured to analyze the stream to generate comparison data, an acquisition module configured to acquire object information indicative of an identity of an object, from a database, by using feature data corresponding to the comparison data, and a controller configured to control the memory so that the object information acquired by the acquisition module and the stream are stored in the memory. | 2013-08-29 |
20130227603 | Image Selection from Captured Video Sequence Based on Social Components - In one embodiment, a mobile device analyzes frames before and after a particular frame of a real-time video to identify one or more social network objects, and selects one or more frames before and after the particular frame based on social network information for further storage in the mobile device. | 2013-08-29 |
20130227604 | AUTOMATED FORENSIC DOCUMENT SIGNATURES - Methods and systems are provided for a proactive approach for computer forensic investigations. The invention allows organizations anticipating the need for forensic analysis to prepare in advance. Forensic signatures are created including a digital fingerprint and other information associated with a file. In one aspect, informational signatures are created, which may assist in determining what information is included in a file. In another aspect, the digital fingerprint may represent contents of the file and is resistant to minor modification of the file. In another aspect, fingerprints can be compared in parallel on different computers. | 2013-08-29 |
20130227605 | SYSTEM AND METHOD TO DISTRIBUTE VIDEO-ON-DEMAND CONTENT - Method, system and computer-readable medium to distribute VOD content are disclosed. A method of displaying video content includes accessing an association table for video-on-demand (VOD) content. The association table includes a first segment entry associated with a first video segment of a first length and a second segment entry associated with a second video segment of a second length that is longer than the first length. The first segment entry includes a first multicast group ID and the second segment entry includes a second multicast group ID. The method further includes receiving the first video segment via the first multicast group ID, displaying the received first video segment, and receiving the second video segment via the second multicast group ID within a period of time of displaying the first video segment. | 2013-08-29 |
20130227606 | SERVER APPARATUS AND TERMINAL APPARATUS - In a server apparatus delivering emergency information to a client, a delivery settings management section manages delivery settings of the emergency information for each of registered clients. When an input receives an emergency information item, a client identifying section refers to the delivery settings managed by the delivery settings management section, and identifies, among the registered clients, the client to which the emergency information item received by the input is to be delivered. A transmitter sends the emergency information item to the client identified by the client identifying section. | 2013-08-29 |
20130227607 | INTERFACES TO ALLOW VIDEO AD SERVING INTO A MOBILE PHONE APPLICATION VIDEO STREAM - A method of providing advertisements includes requesting, by a software development kit for an application, an advertisement from an advertisement server in response to playback of a video content item by the application; receiving the advertisement from the advertisement server based on the requesting; displaying, with the application, the advertisement received from the advertisement server; collecting a set of metrics while the advertisement is displayed; and providing the set of metrics to the advertisement server. | 2013-08-29 |
20130227608 | LATE-BINDING OF ADVERTISEMENTS USING RDMA CONNECTIVITY - A system and method are provided for inserting customized or personalized advertisements into video content presented to a viewer. In general, the system includes an ad content server and a late-binding ad insertion system serving a number of client devices including a client device of the viewer. Utilizing Remote Direct Memory Access (RDMA), the late-binding ad insertion system obtains customized advertisements for the viewer from the ad content server. The late-binding ad insertion system then provides the video content having the customized advertisements inserted therein to the client device for presentation to the viewer. | 2013-08-29 |
20130227609 | METHOD AND APPARATUS FOR ADDING AUXILIARY VISUAL OBJECTS TO AN IMAGE OR AN IMAGE SEQUENCE - A method and an apparatus for adding an auxiliary visual object to an image or a sequence of images are described. Metadata, which includes at least information about the three-dimensional structure of a scene depicted in the image or the sequence of images, and which is provided together with the image or the sequence of images, is retrieved upon a user request to add an auxiliary visual object. A position for an auxiliary visual object in the image or the sequence of images is determined from the retrieved metadata. The auxiliary visual object is then added to the image or the sequence of images in accordance with the determined position. | 2013-08-29 |
20130227610 | PROGRAM GUIDE APPARATUS - A receiver acquires program guide information in an image signal receiver, and program guide method and apparatus using the same. In the program guide apparatus, information immediately required by a user is obtained first, and information of less preferential channels is obtained next, thus presenting a smooth interface to the user. The method of acquiring program guide information for channels includes acquiring the program guide information for each channel by scanning accessible channels while a received program is not displayed. The program guide apparatus includes a tuner tuning a channel, a program guide information detector, a memory, a key input, a microprocessor, and a character signal generator. | 2013-08-29 |
20130227611 | Method and system for tracking network use - An interactive media delivery system enables interactive media programming to a multimedia device and also tracks a subscriber's use of the multimedia device. For example, the device tracks events, such as a change in programming, a change in channel selection, and/or the subscriber's interaction with a particular interactive services application. Each event may be stored as an event record in a database, and one or more of the event records may be merged with content data to form event timelines of programming or other activity to the multimedia device over a selected time period. Further, timelines may be analyzed to generate ratings and other information about programming and may also be correlated with demographics data for marketing analysis. | 2013-08-29 |
20130227612 | SYSTEM AND METHOD FOR ORGANIZING A MEDIA PROGRAM GUIDE ACCORDING TO POPULARITY - Elements of a media program guide are organized in order of a popularity ranking The popularity rating may be assigned by assigning values to preference terms, analyzing associations of the preference terms to data related to media programs and assigning the popularity ranking of the media programs based on the associations. Associations of the preference terms to the data may be extracted from social media communications or based on numbers of viewers. | 2013-08-29 |
20130227613 | DIGITAL TELEVISION SIGNAL, DIGITAL TELEVISION RECEIVER, AND METHOD OF PROCESSING DIGITAL TELEVISION SIGNAL - A digital television (DTV) signal for use in a DTV receiver includes an extended text table (ETT) which includes a header and a message body. The header includes a table identification extension field which serves to establish uniqueness of the ETT, and the message includes an extended text message (ETM). If the ETT is an event ETT, the table ID extension field includes an event identification which specifies an identification number of an event associated with the ETT. On the other hand, if the ETT is a channel ETT, the table identification extension field includes a source identification which specifies a programming source of a virtual channel associated with the ETT. A section-filtering unit included in the DTV receiver is able to use table identification extension fields of a plurality of ETTs for section-filtering a pertinent event or channel ETT from the ETTs. | 2013-08-29 |
20130227614 | DIGITAL BROADCAST RECEIVER AND METHOD FOR PROCESSING CAPTION THEREOF - A digital cable broadcast receiver and a method for automatically processing caption data of various standards and types, is disclosed. The digital broadcast receiver includes: a demultiplexer for dividing a received broadcast stream into video data, audio data, supplementary information; a controller for determining whether caption data included in the video data is digital caption data or analog caption data on the basis of caption information included in the supplementary information, and outputting a control signal according to a result of the determining; a digital caption decoder for extracting and decoding digital caption data from the video data according to the control signal; and an analog caption decoder for extracting and decoding analog caption data from the video data according to the control signal. | 2013-08-29 |
20130227615 | USER DEFINED RULES FOR ASSIGNING DESTINATIONS OF CONTENT - A media guidance application is provided by which users can define rules for assigning user equipment devices as destinations for media content. For example, a user may define a rule by which selected media content having attributes that satisfy a user-defined condition are downloaded, recorded, or streamed to a particular, user-specified user equipment device. The user may define and manage rules using media guidance menus, and may restrict other users from accessing the rules (e.g., parents restricting children). | 2013-08-29 |
20130227616 | SYSTEMS AND METHODS FOR VIDEO/MULTMEDIA RENDERING, COMPOSITION, AND USER-INTERACTIVITY - An interactive video/multimedia application (IVM application) may specify one or more media assets for playback. The IVM application may define the rendering, composition, and interactivity of one or more the assets, such as video. Video multimedia application data (IVMA data may) be used to define the behavior of the IVM application. The IVMA data may be embodied as a standalone file in a text or binary, compressed format. Alternatively, the IVMA data may be embedded within other media content. A video asset used in the IVM application may include embedded, content-aware metadata that is tightly coupled to the asset. The IVM application may reference the content-aware metadata embedded within the asset to define the rendering and composition of application display elements and user-interactivity features. The interactive video/multimedia application (defined by the video and multimedia application data) may be presented to a viewer in a player application. | 2013-08-29 |
20130227617 | System and Method for Construction, Delivery and Display of iTV Content - iTV content is created and deployed using a server component adapted to allow content developers to create applications according to an authoring specification that describes a framework for same; a transport component including an operator-deployed application management system configured to optimize and deliver the applications to one or more clients; and a client component adapted to render the applications through a television so as to permit user interaction therewith. The authoring specification provides for the presentation of content through one or more templates defined therein, allowing application definition and behavior to remain common across multiple client device types, middleware platforms, and/or iTV operating environments. The framework for applications accommodates advertising, promotions, content placement packages and/or programming campaign definitions, so as to permit a selection of a specific advertisement, promotion or content at a time of preparation of the iTV content by the server, and/or a time of execution of the applications by the client. | 2013-08-29 |
20130227618 | APPARATUS AND METHOD FOR PROVIDING MOBILE IPTV SERVICE IN MOBILE COMMUNICATION SYSTEM AND BROADCASTING SYSTEM - In a mobile communication system and a broadcasting system, an Advanced Base Station (ABS) periodically broadcasts a buffering data packet of broadcast buffering content in providing a Mobile Internet Protocol TeleVision (Mobile IPTV) service. The broadcast buffering content represents content in which a buffering data packet corresponding to a predetermined buffering capacity is periodically broadcasted, and the buffering data packet represents a data packet that is transmitted to be buffered in advance before the broadcast buffering content is actually provided to Advanced Mobile Stations (AMSs). | 2013-08-29 |
20130227619 | Wireless Network Antenna Apparatus and Method - An antenna for broadcast television programming includes a tuner and demodulator located with the antenna to generate a demodulated television program stream. A network interface is connected to the tuner and demodulator to provide the television program stream to a network, preferably a wireless network. A television set located remotely from the antenna receives the television program stream via the network and displays the program. A portable control device may be connected to the network. Reception of the broadcast programming is improved by controlling the directionality of the antenna in response to the demodulated signal. A service provider may poll the wireless network antenna to determine which broadcast programs are received and may provide extended programming television programs to the user by an internet connection to the user's network. | 2013-08-29 |
20130227620 | Wireless Transmission Set Top Box - A wireless transmission set top box, comprising: a box body, a plurality of circuit boards, a power supply and radiator module; of which the box body consists of a connecting zone for interfacing with external mobile communication device; a plurality of circuit boards are located within the box body, and comprised of a plurality of electronic circuit components and a wireless transmission module, allowing to provide wireless transmission signals to the display for showing the control signals of the mobile communication device. | 2013-08-29 |
20130227621 | METHOD AND APPARATUS FOR DOWNLOADING ANCILLARY PROGRAM DATA TO A DVR - A method and apparatus for downloading ancillary program data to a DVR. An embodiment allows multimedia device users to select programs to record or download movie or music over a network, such as the Internet, from a content provider. The system automatically downloads and stores ancillary program data that is directly related to, and associated with, a program that has been selected for recording or content requested for download. When a user selects a program to view the user is offered the opportunity to browse ancillary program data associated with the program and view an ancillary program data. The service can charge the content provider or an advertiser for each time their ancillary program data is viewed by a user. The ancillary programming is deleted when the associated recorded program is deleted. | 2013-08-29 |
20130227622 | APPARATUS, SYSTEMS AND METHODS FOR ACCESSING AND SYNCHRONIZING PRESENTATION OF MEDIA CONTENT AND SUPPLEMENTAL MEDIA RICH CONTENT IN RESPONSE TO SELECTION OF A PRESENTED OBJECT - Media rich content systems and methods are operable to provide access to supplemental media rich content in response to user selection of a presented object of interest. An exemplary embodiment receives at a media device a video stream comprising at least a plurality of video frames, wherein at least one of the video frames is configured to present an object of interest; processes a supplemental media rich content trigger associated with the at least one video frame, wherein the supplemental media rich content trigger comprises information that identifies a region where the object of interest is presented in the video frame, and comprises information configured to access supplemental media rich content associated with the object of interest; receives a user selection of the object of interest presented in the at least one video frame; and presents the supplemental media rich content on a presentation device. | 2013-08-29 |
20130227623 | identifying a signal route for delivery of video-on-demand to a subscriber terminal - “A set top box includes an interface to a video on demand system, the interface adapted to receive communications from one or more modulators of a modulator group of the video on demand system. The set top further includes a decoder configured to extract a modulator group identifier periodically inserted into communications directed the set top box from the one or more modulators, the modulator group identifier unique to a physical transmission path from a headend of the video on demand system to the one or more modulators. The set top includes a video-on-demand request interface to the video on demand system, the video on demand request interface configured to output a request for video on demand data including the modulator group identifier.” | 2013-08-29 |
20130227624 | Meta Channel Network-Based Content Download Technology - Content download technology, in which a network-based video scheduled to be played at a particular time is identified, and multiple sources from which the network-based video is available for downloading are identified. An initial source from which to download the network-based video is selected from among the multiple sources, and a first process to download the network-based video from the initial source is initiated. Progress of the download of the network-based video is monitored. When an estimated amount of time remaining for the download of the network-based video from the initial source to complete does not enable viewing of the network-based video at the particular time without interruption, an alternative source from which to download at least a portion of the network-based video is selected from among the multiple sources, and a second process to download at least the portion the network-based video from the alternative source is initiated. | 2013-08-29 |
20130227625 | METHODS AND APPARATUS FOR MANAGING NETWORK RESOURCES USED BY MULTIMEDIA STREAMS IN A VIRTUAL PIPE - Some embodiments are directed to a method performed by a pipe control node for managing network resources that are used to transport network traffic. The method includes allocating network resources to a virtual pipe for transporting a plurality of multimedia streams through the network. Utilization of the network resources by the plurality of multimedia streams transported through the virtual pipe is monitored relative to the network resources allocated to the virtual pipe. The network resources that are used by the plurality of multimedia streams transported through the virtual pipe are managed in response to the monitored utilization. Some other embodiments are directed to a corresponding pipe control node that manages network resources which are used to transport network traffic. | 2013-08-29 |
20130227626 | System and Method for Dynamic Bandwidth Allocation - A system and method for conserving bandwidth for a data connection. A television is detected to have been turned off. Recording information is requested from a digital video record. A content stream to the digital video recorder and the television is terminated in response to receiving the recording information and determining the DVR is inactive. | 2013-08-29 |
20130227627 | ELECTRONIC SYSTEM COMPRISING MEANS FOR COMPUTING PERSONALIZATION PARAMETERS OF DATA TO BE REPRODUCED AND MEANS FOR SELECTING DATA TO BE REPRODUCED AS A FUNCTION OF SAID PARAMETERS, ASSOCIATED LOCAL DATA TRANSMISSION NETWORK AND SELECTION METHOD OF DATA TO BE REPRODUCED - This electronic system, comprises: a first electronic device comprising means for reproducing audio and/or video data; a second electronic device comprising means for transmitting data to be reproduced to the first device; and a third electronic device, connected to the second device and comprising a memory to store personal information associated with a user of the third device. The third device comprises means for computing personalization parameters of the data to be reproduced, based on the personal information, and means for transmitting the computed personalization parameters to the second device, without any transmission of the personalization parameters via the Internet network. The second device comprises means for selecting data to be reproduced in relation to the received personalization parameters, the selecting means being connected to the transmission means. | 2013-08-29 |
20130227628 | APPARATUS FOR PROVIDING MULTIMEDIA SERVICES AND METHOD THEREOF - Disclosed are a transmitter and a receiver for providing multi-layered multimedia services, and a method thereof. The transmitter for providing multimedia services includes a multiple description coding unit that performs multiple description coding (MDC) with respect to at least one source to thereby output a description sequence with respect to each of the at least one source, a description multiplexing unit that multiplexes the description sequence in units of descriptions to thereby output a single multiplexing description sequence, and a transmission code block processing unit that divides and modulates the single multiplexing description sequence to thereby generate a transmission block. Therefore, it is possible to provide high-quality multimedia services while ensuring graceful performance degradation and scalability. | 2013-08-29 |
20130227629 | SYSTEM, VIDEO DISPLAY APPARATUS, CONTENT SERVER, AND INFORMATION TERMINAL DEVICE - A content server includes a stored search keyword information receiver for receiving stored search keyword information transmitted from a video display apparatus or a information terminal device, a content extractor for extracting a content to be recommended, from a content group stored in the content server on the basis of the received stored search keyword information, and a recommended content information transmitter for transmitting information on the extracted content to be recommended to the video display apparatus. The video display apparatus includes a recommended content information receiver for receiving the information on the content to be recommended, and a display unit capable of displaying the information on the content to be recommended. The information terminal device includes a keyword information storage unit capable of storing the stored search keyword information required to extract the content to be recommended. | 2013-08-29 |
20130227630 | METHOD AND SYSTEM FOR MANAGING BANDWIDTH - A bandwidth management system, receiver, and method of managing bandwidth in a content delivery system are described. In one embodiment, the method includes: identifying two or more content items which are associated with at least some common content and which are temporally related; determining a relative priority of the least some of the identified content items; and allowing a receiver requesting the content associated with a lower priority content item to access a multicast associated with a higher priority content item. | 2013-08-29 |
20130227631 | Cable with Fade and Hot Plug Features - In an embodiment, a host computing device includes an internal display and also includes a connector to connect to an external display. A cable is provided to connect to the connector and to connect to the external display. The cable includes video processing capabilities. For example, the cable may include a memory configured to store a frame buffer. The frame buffer may store a frame of video data for further processing by the video processing device in the cable. The video processing device may manipulate the frame in a variety of ways, e.g. scaling, rotating, gamma correction, dither correction, etc. | 2013-08-29 |
20130227632 | CATV Entry Adapter and Method for Distributing CATV and In-Home Entertainment Signals - A cable television (CATV) entry adapter connects to a CATV network and serves as a hub in an In-Home Entertainment (IHE) network. IHE signals may be communicated between passive and active ports of an embodiment of the entry adapter through a pair of directional couplers which allow an IHE-enabled embedded multimedia terminal device (eMTA) at the passive port to communicate with multimedia devices of the IHE network connected to the active ports. An IHE frequency rejection filter is used in some embodiments to confine IHE signal to a single subscriber premise. In some embodiments a bidirectional IHE bandpass filter is used to enable IHE signals to pass between the passive and active ports of the CATV entry adapter. | 2013-08-29 |
20130227633 | Video Processing Device and Video Processing Method - According to one embodiment, a video processing device comprises a communication unit which communicates with other video processing devices via communication paths, a remote controller communication unit which receives operation signals corresponding to operations of a predetermined key of a remote controller, and a control unit which performs processing by selecting either a first control mode that controls operations of the video processing device by the operation signals from the remote controller unit or a second control mode that controls operations of other video processing devices by the operation signals from the remote controller communication unit. | 2013-08-29 |
20130227634 | SYSTEM AND METHOD FOR PROTECTING SERVICE-LEVEL ENTITIES - An architecture is provided for protecting service-level entities. Such an architecture may escrow service requests prior to forwarding the requests to the service, and checking may be performed prior to releasing the request to the service. A crumple zone (CZ) architecture may be provided that buffers incoming service requests and may intercept attacks and/or sustain damage in lieu of the services being protected. The CZ may include an outward interface that is accessed by other entities, and the underlying service is not accessed directly. Elements of the CZ receive service requests, analyze them, and determine whether they can be safely executed by the underlying service. | 2013-08-29 |
20130227635 | Mechanism for Applying Security Category Labels to Multi-Tenant Applications of a Node in a Platform-as-a-Service (PaaS) Environment - A mechanism for applying security category labels to multi-tenant applications of a node in a PaaS environment is disclosed. A method of embodiments includes generating, by a virtual machine (VM), a unique security category label (SCL) for each local user identification (UID) maintained by the VM, assigning, for each local UID maintained by the VM, the unique SCL associated with the local UID to one or more Internet Protocol (IP) addresses mapped to the local UID, receiving a request to initialize an application on the VM, assigning a local UID of the local UIDs maintained by the VM to the application, assigning files of the application the unique SCL associated with the local UID of the application, and assigning the unique SCL associated with the local UID of the application to a running process of the application. | 2013-08-29 |
20130227636 | OFF-DEVICE ANTI-MALWARE PROTECTION FOR MOBILE DEVICES - Techniques for off-device anti-malware protection for mobile devices are disclosed. In some embodiments, off-device anti-malware protection for mobile devices includes receiving a software inventory for a mobile device, in which the software inventory identifies a plurality of applications installed on the mobile device; and determining whether one or more of the plurality of applications identified in the software inventory are associated with malware based on a policy. In some embodiments, the off-device anti-malware protection for mobile devices further includes enforcing the policy on the mobile device. In some embodiments, the off-device anti-malware protection for mobile devices is provided as a cloud service. | 2013-08-29 |
20130227637 | METHOD AND APPARATUS FOR MANAGEMENT OF MULTIPLE GROUPED RESOURCES ON DEVICE - A method and computing device for managing grouped resources comprising receiving, at the computing device, a policy for a set of grouped resources; applying the policy; locking at least one of the computing device or the set of grouped resources associated with the policy; waiting for receipt of an authentication parameter at the computing device; verifying the authentication parameter; associating the set of grouped resources with the authentication parameter; and unlocking the least one of the computing device or the set of grouped resources. | 2013-08-29 |
20130227638 | PROVISIONING AUTHORIZATION CLAIMS USING ATTRIBUTE-BASED ACCESS-CONTROL POLICIES - Disclosed are methods and devices for provisioning authorization claims, which are enforced to control access of users to objects (resources) in a computer system ( | 2013-08-29 |
20130227639 | PROVISIONING ACCESS CONTROL USING SDDL ON THE BASIS OF A XACML POLICY - A method is disclosed, and a corresponding data carrier and policy converter, for producing at least one Security Descriptor Definition Language, SDDL, rule from an eXtensible Access Control Markup Language, XACML, policy (P), wherein said at least one SDDL rule is enforceable for controlling access to one or more resources in a computer network. A reverse query is produced indicating a given decision (d), which is one of permit access and deny access, and a set (R) of admissible access requests. Based on the reverse query, the XACML policy (P) and the given decision (d) are translated into a satisfiable logic proposition in Boolean variables (v | 2013-08-29 |
20130227640 | METHOD AND APPARATUS FOR WEBSITE SCANNING - Described is a website scanning apparatus comprising a policy analysis device for determining whether a link in a target website belongs to a known web application used by the target website. If the link belongs to the identified web application, then a vulnerability scanning is not performed on the link; a crawler device for obtaining the link content that the link points to; a web application identification device for determining whether the link belongs to a known web application; a full scan device for performing a full vulnerability scanning on a link determined as not belonging to the known web application; and a known web application vulnerability detection device for performing vulnerability detection for the identified web application according to known vulnerabilities to determine whether the known vulnerabilities exist in the website. A website scanning method employed by the website scanning apparatus is also described. | 2013-08-29 |
20130227641 | SYSTEMS AND METHODS TO ENFORCE SECURITY POLICIES ON THE LOADING, LINKING, AND EXECUTION OF NATIVE CODE BY MOBILE APPLICATIONS RUNNING INSIDE OF VIRTUAL MACHINES - Methods and systems described herein relate to enhancing security on a device by enforcing one or more policies on the loading, linking, and/or executing of native code by one or more applications executing on the device. | 2013-08-29 |
20130227642 | APPARATUS AND METHOD FOR DETECTING ILLEGAL USER - An apparatus for detecting an illegal user includes a user characteristics analysis unit configured to analyze difference of unique characteristics between an illegal program and a normal user; and a recognition method determination unit configured to determine a recognition method for recognizing the illegal program on the basis of the difference of the unique characteristics. Further, the apparatus for detecting the illegal user includes an illegal user detection unit configured to detect the illegal user using the illegal program within a game by the recognition method. | 2013-08-29 |
20130227643 | WIRELESS ACCESS TO DEVICE FUNCTIONS - In an embodiment, a method includes permitting a wireless client to wirelessly access an internal network of a Wi-Fi capable device. The method also includes presenting a reduced set of device functions to the client when the device operates in an open mode, and presenting an increased set of device functions to the client when the device operates in a secure mode. | 2013-08-29 |
20130227644 | SIPTO decision method and device for H(e)NB system - The disclosure claims a Selected Internet Protocol Traffic Offload (SIPTO) decision method and device for a Home (evolved) Node-B (H(e)NB) system, both the method and device can judge whether a H(e)NB has the SIPTO authority, and can allow the H(e)NB to implement the SIPTO if the H(e)NB has the SIPTO authority. The method and device of the disclosure can support the SIPTO of the H(e)NB. | 2013-08-29 |
20130227645 | TERMINAL AND METHOD FOR ACCESS POINT VERIFICATION - A terminal to determine a security status of an AP includes an AP retrieval unit to identify an AP connectable with the terminal, an AP determination unit to connect with the AP and determine whether the AP is vulnerable, and a controller to control the connection with the AP if the AP is determined to be vulnerable. A method for determining a security status of an AP with a terminal includes identifying a connectable AP, connecting the terminal with the AP, determining whether the AP is vulnerable, and controlling the connection with the AP if the AP is determined to be vulnerable. | 2013-08-29 |
20130227646 | METHODS AND APPARATUS FOR LARGE SCALE DISTRIBUTION OF ELECTRONIC ACCESS CLIENTS - Methods and apparatus for large scale distribution of electronic access control clients. In one aspect, a tiered security software protocol is disclosed. In one exemplary embodiment, a server electronic Universal Integrated Circuit Card (eUICC) and client eUICC software comprise a so-called “stack” of software layers. Each software layer is responsible for a set of hierarchical functions which are negotiated with its corresponding peer software layer. The tiered security software protocol is configured for large scale distribution of electronic Subscriber Identity Modules (eSIMs) | 2013-08-29 |
20130227647 | SHARED NETWORK ACCESS VIA A PEER-TO-PEER LINK - An electronic device receives a request for access to the infrastructure network (and, more generally, a ‘resource’) from the other electronic device via a peer-to-peer link. In response to the request, the electronic device determines that it has access to the infrastructure network, and provides a response to the other electronic device via the peer-to-peer link indicating that the electronic device has access to the infrastructure network. Then, the electronic device establishes secure communication with the other electronic device, and provides access information to the other electronic device via the peer-to-peer link using the secure communication. This access information facilitates access to the infrastructure network. | 2013-08-29 |
20130227648 | ON BOARD VEHICLE NETWORK SECURITY - The present disclosure describes a microprocessor executable network controller operable to at least one of (a) isolate at least one other on board computational component in a vehicular wireless network not affected by a security breach event from a computational component affected by the security breach event and (b) isolate an on board computational component in the vehicular wireless network and affected by the security breach event from the at least one other on board computational component not affected by the security breach event. | 2013-08-29 |
20130227649 | METHODS AND DEVICES FOR MAINTAINING A DOMAIN - The invention proposes methods and devices for managing domains. The domains comprise a plurality of member devices, and the method comprises the steps of: storing (S | 2013-08-29 |
20130227650 | Vehicle-Mounted Network System - Provided is a method capable of enhancing security of a vehicle-mounted network while reducing processing loads in each vehicle-mounted control device. | 2013-08-29 |
20130227651 | METHOD AND SYSTEM FOR MULTI-FACTOR BIOMETRIC AUTHENTICATION - An approach for enabling multi-factor biometric authentication of a user of a mobile device is described. A biometric authenticator captures, via a mobile device, first and second biometric data for a user. The biometric authentication further associates the first biometric data and the second biometric data. The biometric authenticator then initiates a multi-factor authentication procedure that utilizes the first biometric data and the second biometric data to authenticate the user based on the association. | 2013-08-29 |
20130227652 | TERMINAL AND METHOD FOR ASSIGNING PERMISSION TO APPLICATION - A terminal to assign permission to an application includes a storage device to store an application list including information of applications authorized to receive manager permission, and an application processor to receive a request for the manager permission from the application and to determine to allow the manager permission to the application in response to a determination that the application is included in the application list. A method that uses a processor to assign permission to an application includes receiving a request for manager permission from the application, determining, using the processor, whether the application is included in an application list including information of applications authorized to receive manager permission, and determining whether to allow the manager permission to the application if the application is included in the application list. | 2013-08-29 |
20130227653 | SYSTEM AND METHOD FOR STREAMLINED REGISTRATION OF PRODUCTS OVER A COMMUNICATION NETWORK AND FOR VERIFICATION AND MANAGEMENT OF INFORMATION RELATED THERETO - The system and method of the present invention to provide at least one unique identification code (UID) registration center comprises of plural authorized parties' account. Each account comprises at least one product data file with UID, in which UID is associated with a product, to enable over at least one communication network (such as cloud computing), to access, verify, edit, transfer, transmit, and/or otherwise manage at least one information item, including ownership right related to the product transfer between each party, etc. application corresponding to registered products in the UID registration center. Also enable product to product (machine to machine) data exchange each other, which is part of Internet of Thing application. | 2013-08-29 |
20130227654 | SYSTEM AND METHOD FOR CONCURRENT SESSIONS IN A PEER-TO-PEER HYBRID COMMUNICATIONS NETWORK - An improved system and method are disclosed for peer-to-peer communications. In one example, the method provides for concurrent sessions to be maintained by multiple endpoints. | 2013-08-29 |
20130227655 | TICKET-BASED CONFIGURATION PARAMETERS VALIDATION - Aspects describe spectrum authorization, access control, and configuration parameters validation. Devices in an ad-hoc or peer-to-peer configuration can utilize a licensed spectrum if the devices are authorized to use the spectrum, which can be determined automatically. Aspects relate to distribution of authorization tickets by an authorization server as a result of validating a device's credentials and services to which the device is entitled. An exchange and verification of authorization tickets can be performed by devices as a condition for enabling a validated wireless link using the spectrum. | 2013-08-29 |
20130227656 | METHOD AND APPARATUS FOR ACCESS CREDENTIAL PROVISIONING - A method and apparatus are provided for access credential provisioning. A method may include receiving, at a first mobile apparatus, information about a second mobile apparatus. The first mobile apparatus may be provisioned with network access credential information to be transferred from the first mobile apparatus to the second mobile apparatus. The method may further include causing the information about the second mobile apparatus to be provided to a provisioning apparatus for the network. The method may additionally include receiving authorization form the provisioning apparatus to transfer the network access credential information from the first mobile apparatus to the second mobile apparatus. The method may also include, in response to receipt of the authorization, causing the network access credential information to be provided to the second mobile apparatus. A corresponding apparatus is also provided. | 2013-08-29 |
20130227657 | COMMUNICATION WITH A WEB COMPARTMENT IN A CLIENT APPLICATION - A secure communication method between a web compartment and a client application can allow network updates to be used for a client application. For example, a secure communication method can allow predefined operations to be carried out on a client machine. An example web compartment can include an iframe tag and the communication can be a string command, such as by using a postmessage API. Such a structure allows some user interface elements to be supplied from a client device and other user interface elements to be supplied a server computer. | 2013-08-29 |
20130227658 | OPENID/LOCAL OPENID SECURITY - Identity management, user authentication, and/or user access to services on a network may be provided in a secure and/or trustworthy manner, as described herein. For example, trustworthy claims may be used to indicate security and/or trustworthiness of a user or user device on a network. Security and/or trustworthiness of a user or a user device on a network may also be established using OpenID and/or local OpenID, a secure channel between a service and the user device, and/or by including a network layer authentication challenge in an application layer authentication challenge on the user device for example. | 2013-08-29 |
20130227659 | AUTOMATED DEVICE PROVISIONING AND ACTIVATION - A method and a network system for storing a plurality of device credentials associated with a device group comprising a plurality of wireless devices managed by an entity that is different from a network system operator, each of the plurality of device credentials associated with a different wireless device, each wireless device of the device group coupled or capable of being coupled to the network system over a wireless access network; providing a secure interface configured to assist the entity in creating or modifying at least a portion of a device-group service policy associated with the device group, the device-group service policy configured to assist the network system in controlling, monitoring, or accounting for device-group communications over the wireless access network; provisioning one or more elements based on the device-group service policy; identifying the device-group communications; and applying the device-group service policy based on the identified device-group communications. | 2013-08-29 |
20130227660 | REGISTRATION SERVER, GATEWAY APPARATUS AND METHOD FOR PROVIDING A SECRET VALUE TO DEVICES - The present invention relates to auto-provisioning of authentication data for client devices. A registration server includes a gateway determination unit, which is configured to determine a gateway apparatus transferring a request signal from a device, and a processing unit. The processing unit is configured to transmit a first signal including a token and first access information of the gateway apparatus to the device if an identifier of the gateway apparatus is stored on the server, and to transmit a second signal indicating a positive response to the gateway apparatus when it obtains the token and the identifier based on a third signal received in response to the first signal. The gateway apparatus sends the secret value to the device when it receives the second signal. | 2013-08-29 |
20130227661 | SYSTEMS AND METHODS FOR GENERATING AND AUTHENTICATING ONE TIME DYNAMIC PASSWORD BASED ON CONTEXT INFORMATION - The invention relates to a system and method for generating and authenticating one time dynamic password based on the context information related to a user. It involves retrieving user context information and generating a dynamic value based on that. The first one time dynamic password is generated at the user device using the first dynamic value and the user PIN. The first dynamic value along with the user identifier is sent to the authentication server. The authentication server sends the user identifier to the context management server. The context management server has access the context information used to generate the first dynamic value and based on that they generate a second dynamic value. The authentication server receives this value and generates the second one time dynamic password and if it matches with the first one time dynamic password then the authentication server authenticates the first one time dynamic password. | 2013-08-29 |
20130227662 | Method of Generating a Token to be Used in a Uniform Resource Identifier - A method of generating a token to be used in a Uniform Resource Identifier (URI) for use in the retrieval of a data item by a user device is provided. Security setting data relating to the data item is received. A token to be used in a URI is generated. The token is associated with the data item. The token is transmitted to a user device. Generating comprises selecting a length of the token at least partly on the basis of the security setting data. | 2013-08-29 |
20130227663 | METHOD, A SYSTEM AND A NETWORK ELEMENT FOR IMS CONTROL LAYER AUTHENTICATION FROM EXTERNAL DOMAINS - The method comprises: i) obtaining, an authentication registrar (S-CSCF) of a IMS control layer, two sets of IMS credentials for a user: a first set from a user equipment (UE) and a second set from a Home Server Subscriber, or HSS ( | 2013-08-29 |
20130227664 | CENTRAL BIOMETRIC VERIFICATION SERVICE - Based on information on a biometric print of a user of a mobile device and user associated identification, the user is biometrically authenticated over a network for access to an online service. When a request from the user for access to an online service is received, a server checks the identification to determine if the user or mobile device is registered for a biometric based verification service. If registered, a sample biometric print is obtained from the user and compared to a stored template biometric print of the authorized user associated with the mobile device to determine if there is a match. When there is a match, the user is biometrically authenticated and is granted access to the online service. | 2013-08-29 |
20130227665 | MULTICHANNEL DEVICE UTILIZING A CENTRALIZED OUT-OF-BAND AUTHENTICATION SYSTEM (COBAS) - A multichannel security system is disclosed, which system is for granting and denying access to a host computer in response to a demand from an access-seeking individual and computer. The access-seeker has a peripheral device operative within an authentication channel to communicate with the security system. The access-seeker initially presents identification and password data over an access channel which is intercepted and transmitted to the security computer. The security computer then communicates with the access-seeker. A biometric analyzer—a voice or fingerprint recognition device—operates upon instructions from the authentication program to analyze the monitored parameter of the individual. In the security computer, a comparator matches the biometric sample with stored data, and, upon obtaining a match, provides authentication. The security computer instructs the host computer to grant access and communicates the same to the access-seeker, whereupon access is initiated over the access channel. | 2013-08-29 |
20130227666 | METHODS AND SYSTEMS FOR AUTHENTICATING USERS - A method of authenticating users to reduce transaction risks includes indicating a desire to conduct a transaction and determining whether the transaction requires access to protected resources. Moreover, the method determines whether inputted information is known, determines a state of a communications device when the inputted information is known, and transmits a biometric authentication request from a server to an authentication system when the state of the communications device is enrolled. Additionally, the method includes validating the communications device, capturing biometric authentication data in accordance with a biometric authentication data capture request with the communications device, biometrically authenticating the user, generating a one-time pass-phrase and storing the one-time pass-phrase on the authentication system when the user is authenticated, comparing the transmitted one-time pass-phrase against the stored one-time pass-phrase, and granting access to the protected resources when the transmitted and stored one-time pass-phrases match. | 2013-08-29 |
20130227667 | METHODS AND APPARATUS FOR PROVIDING APPLICATION CREDENTIALS - Methods and apparatus for providing an application credential for an application running on a device. In one embodiment, a method provides an application credential to an application running on a device, wherein the application credential is used by the application to authenticate to a data server. The method comprises receiving a request to generate the application credential, wherein the request includes an application identifier. The method also comprises generating the application credential using the application identifier and a master credential associated with the device. | 2013-08-29 |
20130227668 | SECURE SINGLE SIGN-ON - Systems and methods that provide secure single sign-on are described herein. When a user provides credentials to a client device, the credentials may be intercepted and cached at a secure location, such as within a trusted environment. When a client process, such as a remote desktop program running on the client device, requests the credentials for single sign-on to a server providing remote desktop services, the credentials may be secured, such as within an opaque container that may be accessed only components running in trusted environments, and provided to the client process. The client process may be running in an untrusted environment, such as an operating system session. The client device may forward the secured credentials to a trusted environment in the server, effectuating single sign-on. | 2013-08-29 |
20130227669 | METHOD AND SYSTEM FOR TRAFFIC ENGINEERING IN SECURED NETWORKS - Aspects of a method and system for traffic engineering in an IPSec secured network are provided. In this regard, a node in a network may be authenticated as a trusted third party and that trusted third party may be enabled to acquire security information shared between or among a plurality of network entities. In this manner, the trusted third party may parse, access and operate on IPSec encrypted traffic communicated between or among the plurality of network entities. Shared security information may comprise one or more session keys utilized for encrypting and/or decrypting the IPSec secured traffic. The node may parse IPSec traffic and identify a flow associated with the IPsec traffic. In this manner, the node may generate and/or communicate statistics pertaining to said IPSec secured traffic based on the flow with which the traffic is associated. | 2013-08-29 |
20130227670 | SERVICE AGGREGATION IN A CLOUD SERVICES CENTER - A cloud center infrastructure system may include a service aggregator connected directly to a provider network. The service aggregator may be configured to receive, via the provider network, a data unit from a customer device, associated with a customer; identify a first device, associated with a first traffic processing service, based on a sequence of traffic processing services associated with the customer; and send the data unit to the first device, wherein the first device is located in a cloud services center, and wherein the first device is connected to the service aggregator over a Layer 2 connection. | 2013-08-29 |
20130227671 | SECURE IN-BAND SIGNALING METHOD FOR MOBILITY MANAGEMENT CROSSING FIREWALLS - An in-band signaling method that enables secure updates of a care-of-IP address for a mobile host that roams between access networks. In the illustrative embodiment described herein, a mobile host includes an intelligent interface that handles IP networking functions and tunnels IP packets between the mobile host and the mobile host's home agent/remote access server (HA/RAS) transparently, as if the mobile host established a connection to a communicating or destination host (DST) from the home network (where the HA/RAS resides). In accordance with an aspect of the invention, there is provided an in-band signaling method that employs encrypted three-way handshake signaling messages that are embedded in encapsulated IP packets to enable care-of IP address updates. This method can effectively protect mobile hosts from denial-of-service attacks and is transparent to NAT/NAPT firewalls. The signaling messages are communicated between the home agent and the mobile host, in a manner transparent to any NAT/NAPT firewall in the network. | 2013-08-29 |
20130227672 | NEXT GENERATION SECURE GATEWAY - A system includes a cloud-computing infrastructure to provide multitenant access from a public Internet Protocol (IP) network and multiple instances of a virtualized secure gateway operating on one or more physical devices within the cloud-computing infrastructure. The multiple instances of the virtualized secure gateway provide a point of entry to a private IP network. Each instance of the multiple instances of the virtualized secure gateway is configured to terminate multiple virtual private network (VPN) tunnels from a single customer accessing the private IP network via the public IP network, and each instance of the multiple instances of the virtualized secure gateway resides on a different processing core of the physical devices within the cloud-computing infrastructure. | 2013-08-29 |
20130227673 | APPARATUS AND METHOD FOR CLOUD NETWORKING - When a communication node receives a packet from a user terminal, the communication node inquires into a dynamic path mapping table and requests user authentication of the user terminal from a cloud networking control apparatus, if a VSI corresponding to information of the packet does not exist. If a user is an authenticated user, the cloud networking control apparatus performs provisioning of the VSI and transmits information of a VSI in which provisioning is performed to the communication node. After the VSI is set, the communication node connects the VSI to a virtual private network and transfers the packet to the VSI that is connected to the virtual private network. | 2013-08-29 |
20130227674 | SYSTEMS INVOLVING FIREWALL OF VIRTUAL MACHINE TRAFFIC AND METHODS OF PROCESSING INFORMATION ASSOCIATED WITH SAME - Systems and methods are disclosed involving compute nodes configured to define and/or otherwise processing information associated with one or more virtual machines. In one exemplary implementation, a compute node may be configured to enable a firewall between the virtual machine and at least a portion of a network. Moreover, the firewall may be configured to detect undesired traffic based on a list of rules or an Ethernet bridge table associated with communication between the virtual machine and the network. Various features may also relate to the compute node being configured to lock the virtual machine in response to the firewall detecting undesired traffic associated with the virtual machine. | 2013-08-29 |
20130227675 | TABLET COMPUTER - A tablet computer comprises an operating system, including an application framework layer and an application layer, and an overlay system. The overlay system controls access to application programs and provides a first user interface and a second operating environment associated with a second user interface. Optionally, the overlay system provides a first operating environment associated with the first user interface. The overlay system includes an access control configured to permit or deny a request for access in the second operating environment to resources and/or data. Optionally, the overlay system is executed in the application framework layer of the operating system and may comprise a hypervisor providing an operating platform comprising the first user interface, the second operating environment, and an application space providing access to the application layer. | 2013-08-29 |
20130227676 | ACCESS REQUEST AUTHENTICATION AND AUTHORIZATION INFORMATION GENERATION - An access request authentication method, an authorization information generation method, an access request authentication system, and a hardware device. The access request authentication method includes: obtaining the current clock information; receiving a first access request, where the first access request includes a first input code; and determining whether to authorize the first access request based on the current clock information and the first input code. | 2013-08-29 |
20130227677 | PASSWORD AUTHENTICATION - A user credential comprising a user password and a one-time password (OTP) may be provided to access a computing system. The user password is authenticated and the network connection status of the computing system is determined. If the computing system is offline, the user password and the OTP are stored in memory and the user is granted a first level of access to the computing system. Upon detecting that the network connection status of the computing system has changed to online, the user password and the OTP are provided to an authentication server for authentication. If the authentication of the user password and the OTP is successful, the user is granted a second level of access to the computing system, the second level of access being higher than the first level of access. | 2013-08-29 |
20130227678 | METHOD AND SYSTEM FOR AUTHENTICATING USER OF A MOBILE DEVICE VIA HYBRID BIOMETICS INFORMATION - A system and method is provided that authenticates a user using hybrid biometrics information, such as a user's image information, a user's voice information, etc. The user authentication method includes: acquiring a number of biometrics information; generating a number of authentication information corresponding to the acquired biometrics information; and performing an integral user authentication based on the by generated authentication information. | 2013-08-29 |
20130227679 | METHOD FOR ACCESSING AN APPLICATION AND A CORRESPONDING DEVICE - The invention relates to a method for accessing an application. A token includes at least one application that is executable by a device. The token is coupled to the device. The method comprises the following steps. The token sends to the device data for identifying the token and data for authenticating the token. The device analyses whether the token identification data is included within a list of at least one authorized token. Only if the token identification data is included within a list of at least one authorized token, then the device analyses whether the token is authenticated. And only if the device authenticates the token, then the device authorizes to execute the application. The invention also relates to a corresponding device. | 2013-08-29 |
20130227680 | AUTOMATED PROTECTION AGAINST COMPUTER EXPLOITS - Protection of a computer system against exploits. A computer system has a memory access control arrangement in which at least write and execute privileges are enforced for allocated portions of memory. An association of the process thread and the first portion of memory is recorded. A limited access regime in which one of the write and execute privileges is disabled, is established, and is monitored for any exceptions occurring due to attempted writing or execution in violation thereof. In response to the exception being determined as a write exception, the associated process thread is looked up, and analyzed for a presence of malicious code. In response to the exception type being determined as an execute exception, the first portion of memory is analyzed for a presence of malicious code. In response to detection of a presence of malicious code, execution of the malicious code is prevented. | 2013-08-29 |
20130227681 | SYSTEM, APPARATUS, AND METHOD FOR VERIFYING AUGMENTED REALITY SERVICE - A system for the verifying the security of information provided to an augmented reality service includes a terminal and a server. The terminal collects information about an object and transmits the object information to the server. The server transmits tag information related to the object information to the terminal. The terminal determines if the tag information includes harmful information. If the tag information includes harmful information, the terminal may process the harmful information with a vaccine or transmit the tag information to the server for processing. The terminal displays the object information and tag information according to a user settings related to the display of tag information including harmful information. | 2013-08-29 |
20130227682 | Apparatus for E-Learning and method therefor - A method or apparatus for assisting a user to access a plurality of eBooks is provided. When a user accesses an eBook, the method or apparatus can assist the user to seek assistance from the Internet, or prepare homework, while at the same time, prevent plagiarisms of homework. | 2013-08-29 |
20130227683 | QUANTIFYING THE RISKS OF APPLICATIONS FOR MOBILE DEVICES - Quantifying the risks of applications (“apps”) for mobile devices is disclosed. In some embodiments, quantifying the risks of apps for mobile devices includes receiving an application for a mobile device; performing an automated analysis of the application based on a risk profile; and generating a risk score based on the automated analysis of the application based on the risk profile. | 2013-08-29 |
20130227684 | METHOD AND SYSTEM FOR PROTECTION AGAINST INFORMATION STEALING SOFTWARE - Methods and systems reduce exposure to a dictionary attack while verifying whether data transmitted over a computer network is a password. In one aspect, a method includes performing a search of network traffic based, at least in part, on a weak validation using a Bloom filter based on an organizational password file, determining the existence of a password in the network traffic based only on the weak validation, and determining whether to block, alert, or quarantine the network traffic based at least in part on the existence of the password in the network traffic. | 2013-08-29 |
20130227685 | SYSTEM AND METHOD FOR INTELLIGENT COORDINATION OF HOST AND GUEST INTRUSION PREVENTION IN VIRTUALIZED ENVIRONMENT - A distributed and coordinated security system providing intrusion-detection and intrusion-prevention for the virtual machines (VMs) in a virtual server is described. The virtualization platform of the virtual server is enhanced with networking drivers that provide a “fast path” firewall function for pre-configured guest VMs that already have dedicated deep packet inspection security agents installed. A separate security VM is deployed to provide virtual security agents providing deep packet inspection for non pre-configured guest VMs. The network drivers are then configured to intercept the data traffic of these guest VMs and route it through their corresponding virtual security agents, thus providing a “slow-path” for intrusion detection and prevention. | 2013-08-29 |
20130227686 | METHOD AND APPARATUS FOR BLOCKING MALICIOUS ACCESS TO PROCESS - An apparatus for blocking an external access to a browser includes an access monitor for monitoring whether a program is accessing the browser; and a document-object acquisition detector for detecting whether the program detected to access the browser by the access monitor acquires a document object of the browser; and an injection blocker for blocking the access of the program to the browser when the document object acquisition detector detects the document object acquisition by the corresponding program. | 2013-08-29 |
20130227687 | MOBILE TERMINAL TO DETECT NETWORK ATTACK AND METHOD THEREOF - A method for detecting a network attack in a wireless terminal, including storing, in a pattern database (DB), information about an attack pattern that is determined using a plurality of control bits indicating a type of a socket data packet, receiving a socket data packet of a target selected to be accessed through a wireless communication interface identifying the at least one socket data packet received, and generating a socket access history by extracting the plurality of control bits indicating the type of the socket data packet using the at least one socket data packet identified, and determining whether a network is under attack, using the pattern DB and the socket access history. | 2013-08-29 |
20130227688 | METHOD AND APPARATUS FOR DETECTING TAMPERED APPLICATION - A method and an apparatus for detecting a tampered application are provided. The method of detecting a tampered application includes acquiring a package of an application, extracting and installing a first execution code from the acquired package of the application, extracting a second execution code from the package of the application when an execution command of the application is received after the first execution code is installed, and performing a preset operation when the second execution code differs from the first execution code. | 2013-08-29 |
20130227689 | METHOD AND SYSTEM FOR PACKET ACQUISITION, ANALYSIS AND INTRUSION DETECTION IN FIELD AREA NETWORKS - A system for intrusion detection in a field area network where data is transmitted via packets, includes a processor for analyzing the packets to ascertain whether the packets conform to a sets of rules indicating an intrusion, and a database for storing an alert indicating an intrusion if the packets conform to at least one rule in the sets. The sets of rules are for field network layer data, internet protocol traffic data and field area application traffic data. A method for detecting intrusion in a field area network where data is transmitted via packets, including analyzing the packets to ascertain whether the packets conform to the sets of rules, and storing an alert indicating an intrusion if the packets conform to at least one rule in the sets of rules. | 2013-08-29 |
20130227690 | PROGRAM ANALYSIS SYSTEM AND METHOD THEREOF - A program analysis system that analyzes a program while adjusting time elapse velocity in program execution environment sets analysis conditions such as time elapse velocity in the execution environment, program execution start time and execution termination time, adjusts the time elapse velocity and the program execution start time according to the determination of an analysis manager, executes the program till the execution termination time, monitors the execution environment, acquires an action record of the program, analyzes the action record, and clarifies the behavior of the program. Further, the program analysis system resets the analysis conditions based upon a result of analysis, re-analyzes, monitors communication between a sample and an external terminal, and varies the time elapse velocity set by the analysis manager to prevent time-out from occurring in communication. | 2013-08-29 |
20130227691 | Detecting Malicious Network Content - Systems and methods for detecting malicious content on portable data storage devices or remote network servers are provided. In an exemplary embodiment, a system comprises a quarantine module configured to detect one or more portable data storage devices upon insertion of the devices into a security appliance, wherein the security appliance is configured to receive the portable data storage devices, a controller configured to receive from the security appliance, via a communication network, data associated with the portable data storage devices, an analysis module configured to analyze the data to determine whether the data includes malware, and a security module to selectively identify, based on the determination, the one or more portable data storage devices storing the malware. | 2013-08-29 |
20130227692 | SYSTEM AND METHOD FOR OPTIMIZATION OF ANTIVIRUS PROCESSING OF DISK FILES - A system and method for optimization of AV processing of disk files. The system includes an AV scanner, a data cache module, an AV service and file analysis module. The optimization allows for reduction of time needed for the AV processing. Trusted files associated with a trusted key file are found. The trusted files that have been found are cached and excluded from further AV processing and the AV processing time is reduced. | 2013-08-29 |
20130227693 | SOFTWARE MODULE OBJECT ANALYSIS - In one implementation, an object analysis system identifies an object within a software module, and determines a size of the object based on at least one operation within the software module. The object analysis system identifies the object and determines the size of the object without reference to source code of the software module. | 2013-08-29 |
20130227694 | HYGIENIC CHARGING STATION FOR MOBILE DEVICE SECURITY - A mobile device charging station configured to analyze, measure and respond to/correct the state of a mobile device. The charging station can employ an embedded cryptographic subsystem that can make use of anti-tamper/tamper evident techniques to protect stored firmware images/cryptographic material. | 2013-08-29 |