38th week of 2014 patent applcation highlights part 238 |
Patent application number | Title | Published |
20140283005 | BEHAVIOMETRIC SIGNATURE AUTHENTICATION SYSTEM AND METHOD - The present invention discloses a method of verifying the authenticity of a provided signature, comprising the steps of: receiving a set of sampled data points, each sampled data point being associated with a different position along the signature; identifying a set of characterising nodes within the set of sampled data points using a set of predetermined characterising nodes comprised in a pre-stored user profile; determining if each identified characterising node lies within a predetermined threshold range of a corresponding predetermined characterising node; and generating a positive verification when the characterising nodes lie within the predetermined threshold range. A system arranged to carry out the method is also disclosed. | 2014-09-18 |
20140283006 | APPLICATION AUTHENTICATION METHOD AND ELECTRONIC DEVICE SUPPORTING THE SAME - A method for operating an electronic device is provided. The method includes executing, by a processor of the electronic device operable in a first mode (e.g. a trusted execution environment (TEE)) or a second mode (e.g. a non-trusted execution environment (NTEE)), wherein the first mode is more secure than the second mode; receiving, by the processor operating in the first mode, data or information related to a first software program stored in a first memory region; and authenticating, by the processor operating in the first mode, at least a portion of the data or information using a second software program stored in a second memory region. | 2014-09-18 |
20140283007 | Temporal Security for Controlled Access Systems - A method for gaining access or entry to a system. The method comprises (a) beginning a secure system act by a user; (b) beginning counting of time intervals concurrent with execution of step (a); (c) ending the secure system act by the user; (d) capturing a final time interval count concurrent with execution of step (c); (e) determining whether the secure system act matches a correct secure system act; (d) determining whether the final time interval count matches a correct final time interval count; and (e) granting the user access or entry to the system responsive affirmative results of step (d). | 2014-09-18 |
20140283008 | LOCKOUT-TAGOUT AND SAFETY COMPLIANCE SYSTEMS AND METHODS - The present application discloses systems and methods for systems and methods of creating, administrating, assigning, and managing lockout-tagout (LOTO) procedures and other safety compliance procedures. | 2014-09-18 |
20140283009 | SYSTEM AND METHOD FOR COMPOSING AN AUTHENTICATION PASSWORD ASSOCIATED WITH AN ELECTRONIC DEVICE - A method for composing an authentication password associated with an electronic device is implemented by a password composing system including a display, a receiving unit, and a processing unit. In the method, the display is configured to display a start point, and a plurality of displayed paths. The receiving unit is configured to detect a set of user-input movements of a contact point at the display. The processing unit is configured to determine whether the user-input movements conform with a predefined valid user-input gesture, store a plurality of codes corresponding to the valid user-input gestures, and to compose the authentication password according to valid ones of the series of the user-input movements. | 2014-09-18 |
20140283010 | Virtual key management and isolation of data deployments in multi-tenant environments - Tenants in a multi-tenant shared deployment are provided their own distinct key spaces over which they control a key management system. In this manner, virtual key management domains are created on a per-tenant (per-customer) basis so that, whenever a particular customer's data is co-tenanted, stored, transmitted or virtualized in the IT infrastructure of the provider's datacenter(s), it is secured using key management materials specific to that customer. This assures that the entirety of a tenant's data remains secure by cryptographically isolating it from other tenants' applications. The virtual key management domains are established using a broadcast encryption (BE) protocol and, in particular, a multiple management key variant scheme of that protocol. The broadcast encryption-based virtual key management system (VKMS) and protocol achieves per-tenant (as well as per-application) secured isolation of data and can be used across any combination of resources in or across all levels of a co-tenanted IT infrastructure. | 2014-09-18 |
20140283011 | APPLICATION LICENSING FOR A CENTRALIZED SYSTEM OF MEDICAL DEVICES - Centralized systems execute one or more applications for monitoring and operating a plurality of network enabled medical devices. An indication to start a selected application at the centralized system or at a network enabled medical device is received at the centralized system/network enabled medical device. The selected application may require a license to operate and, at the time the indication is received, may have a first license available. Instead of using the first license, the centralized system/network enabled medical device may determine to inherit at least a portion of a second license to operate the selected application. The centralized system/network enabled medical device may inherit at least the portion of the second license to form an inherited license, where the inherited license enables features of the selected application. Using the inherited license, the selected application is started with the enabled features. Related apparatus, systems, techniques and articles are also described. | 2014-09-18 |
20140283012 | METHOD OF LOCKING AN APPLICATION ON A COMPUTING DEVICE - A computer-implemented method entails steps of receiving user input signifying that an application on a computing device is to be locked and, in response to the user input, locking a user within the application to thereby permit the user to utilize functionalities of the application without exiting from the application or switching to another application on the computing device. | 2014-09-18 |
20140283013 | METHOD AND APPARATUS FOR UNLOCKING A FEATURE USER PORTABLE WIRELESS ELECTRONIC COMMUNICATION DEVICE FEATURE UNLOCK - Embodiments provide a method and apparatus for unlocking a feature of a user portable wireless electronic communication device. The user portable wireless electronic communication device can include a camera configured to capture a characteristic of a waving hand of a user across the user portable wireless electronic communication device. The user portable wireless electronic communication device can include a controller coupled to the camera. The controller can determine whether the user is authorized to access a locked feature of the user portable wireless electronic communication device based on the captured characteristic. The controller can unlock the locked feature if the user is authorized to access the feature. | 2014-09-18 |
20140283014 | User identity detection and authentication using usage patterns and facial recognition factors - In a mobile communication device having segregated workspaces respectively associated with a plurality of users, methods and systems are provided for confirming an authorized user in an appropriate account including a corresponding one of the segregated workspaces. Start-up processing of the device includes taking a picture of an authorized image of the authorized user with the device camera. Current activities of the device by the user are monitored relative to a predetermined set of device activities and usage rules. Certain activities are indicative of a change in user of the device from the authorized user. Upon detection of such a change, the current image of the current user of the device is acquired with the device camera. The current image is compared with the authorized image and if the comparison fails to detect a match, the current user is prompted to initiate a log-in process. | 2014-09-18 |
20140283015 | GRAVITY-BASED ACCESS CONTROL - Apparatus and methods are provided for gravity-based access control. An apparatus may be secured with a gravity-based password that reflects a pattern of manipulation or movement of the apparatus. As the apparatus is moved or reoriented, data produced by a sensor (e.g., an accelerometer, a gyroscope, a position sensor) is assembled to form the password. Elements of the password may identify surfaces of the apparatus as it is flipped or placed in different orientations, or may represent the received sensor data (e.g., acceleration force of gravity, displacement). The sensor data may be multi-dimensional. A target or model password is received and saved, and a user must recreate or re-enter the same pattern in order to unlock the device or otherwise make it available for use. | 2014-09-18 |
20140283016 | Security Device, Methods, and Systems for Continuous Authentication - Methods, systems, and computer programs are presented for securing a computing device. One security device includes a processor, memory and a connector. The memory includes a computer program that, when executed by the processor, performs a method. The method includes operations for detecting that the connector is coupled to a second computing device, and for determining a user associated with the security computing device. In addition, the method includes operations for receiving periodic images from an image capture device coupled to the second computing device, and for performing continuous authentication operations to validate an identification of the user based on the periodic images. The user is disabled from using the second computing device after an authentication operation fails. | 2014-09-18 |
20140283017 | COMMUNICATING VIA A BODY-AREA NETWORK - In a first example of “Body-Area Networking” (“BAN”), a user wishing to access his electronic device ingests a small pill carrying a transmitter. The transmitter's signal carries an identification code that traverses the user's BAN and is read by the device. If the device recognizes that identification code as authenticate, then the device grants the user the desired access. In another example, the user again swallows a transmitter. When the user shakes hands with another person, the signal originating at the ingested transmitter is carried across the BAN of the first user, travels across the handshake to the BAN of the second user, then traverses the second user's BAN to her device. In a third example, a media player transmits audio information across the BAN to a headset worn by the user. The headset receives the signal, demodulates it, and renders the audio to the user. | 2014-09-18 |
20140283018 | MECHANISMS FOR LOCKING COMPUTING DEVICES - Various systems and methods for locking computing devices are described herein. In an example, a portable device comprises an electro-mechanical lock; and a firmware module coupled to the electro-mechanical lock, the firmware module configured to: receive an unlock code; validate the unlock code; and unlock the electro-mechanical lock when the unlock code is validated. In another example, device for managing BIOS authentication, the device comprising an NFC module, the NFC module comprising an NFC antenna; and a firmware module, wherein the firmware module is configured to: receive an unlock code from an NFC device via the NFC antenna; validate the unlock code; and unlock a BIOS of the device when the unlock code is validated. | 2014-09-18 |
20140283019 | INFORMATION TERMINAL - In an information terminal including a touch panel defining a plurality of touch points for security data entry by selecting and designating the touch points forming a prescribed graphic security pattern, the first touch point is confirmed only when a pointing member has continued to remain within a prescribed region surrounding the touch point for more than a first prescribed time period while the remaining touch points can be confirmed on a less rigorous condition so that the first touch point can be confirmed only when the user intentionally designates the first touch point, and an inadvertent confirmation of an unintended touch point as the first touch point can be effectively avoided. | 2014-09-18 |
20140283020 | System For Binding An Accessory To A Smartphone Or Tablet PC Application - This disclosure relates to software applications particularly for smart phone which are used to control or access hardware, particularly headsets. The software is available at no cost to anyone, but to control its use, it is coded so that only buyers of designated hardware can use it. | 2014-09-18 |
20140283021 | User Identification System for Parental and Security Controls - A user identification system is provided for better parental and security controls on devices that require a user touch them for proper use. The user identification system comprises a base unit, a mobile unit, and the human body that provides signal transmission through capacitive coupling. A signal is sent from the base unit when it is contacted by a user, and the mobile unit sends a response signal containing the user identification. One embodiment of the mobile unit is a data transfer medium (i.e. “smartphone”). Embodiments of the base unit include a media device remote control and a computer input device. | 2014-09-18 |
20140283022 | METHODS AND SYSEMS FOR IMPROVING THE SECURITY OF SECRET AUTHENTICATION DATA DURING AUTHENTICATION TRANSACTIONS - A method for improving the security of secret authentication data during authentication transactions is provided that includes converting the secret authentication data of a user into scrambled secret authentication data by associating a different text-string with each item of information included in the secret authentication data. The method also includes capturing the scrambled secret authentication data with a communications device, and conducting an authentication transaction with the captured authentication data. | 2014-09-18 |
20140283023 | COMMON LOCATION OF USER MANAGED AUTHORIZATION - A method and apparatus for managing authorizations to access personal data of a user is disclosed. A computer retrieves a set of authorizations for a plurality of web based applications, wherein an authorization enables an application of the plurality of web based applications to access at least a portion of the personal data of the user. The computer presents the set of authorizations on a graphical user interface. The computer receives a user input indicating a change to a particular authorization in the set of authorizations for a particular web based application in the plurality of web based applications. Responsive to receiving the user input indicating the change to the particular authorization in the set of authorizations, the computer then stores the change to the particular authorization in the set of authorizations for the plurality of web based applications to access the personal data. | 2014-09-18 |
20140283024 | Method for efficient behavioral analysis on a mobile station - Disclosed is a method for efficient behavioral analysis on a mobile station. In the method, one or more first behavioral characteristics associated with a first state of a finite state machine are observed. The one or more first behavioral characteristics may comprise a first subset of observable behavioral characteristics. The mobile station transitions from the first state to a second state. One or more second behavioral characteristics associated with the second state of the finite state machine are observed. The one or more second behavioral characteristics may comprise a second subset of the observable behavioral characteristics. | 2014-09-18 |
20140283025 | SYSTEMS AND METHODS FOR MONITORING ACTIVITY WITHIN RETAIL ENVIRONMENTS USING NETWORK AUDIT TOKENS - Systems and methods for monitoring activity within retail environments using network audit tokens are disclosed herein. According to an aspect, a method may include using a processor and memory of a first computing device for determining information associated with an activity of the first computing device within a network environment. The method also includes receiving a network audit token from a second computing device within the retail environment. Further, the method includes communicating the information associated with the activity to a third computing device in response to receipt of the network audit token. | 2014-09-18 |
20140283026 | METHOD AND APPARATUS FOR CLASSIFYING AND COMBINING COMPUTER ATTACK INFORMATION - A method and apparatus for classifying and combining computer attack information identifying as malicious events, events in a network that cause organizationally or functionally distant entities to become closer to each other, the method comprising identifying as malicious events, events in a network that cause organizationally or functionally distant entities to become closer to each other. | 2014-09-18 |
20140283027 | Auditing User Actions in Treatment Related Files - The subject matter disclosed herein provides methods for monitoring treatment related files for the occurrence of audit events and logging these occurrences. In one aspect, there is provided a method that can include associating one or more audit events with one more files stored in a database. The files can be related to providing a treatment to a patient, and the audit events can include the viewing of the one or more files. The method can further include monitoring the one or more files for an occurrence of the one or more associated audit events, and adding a log entry to a log when the associated audit events occurs in the files. The log entry can identify the files in which the associated audit events occurs and an entity that initiated the audit event. Related apparatus, computer program products, systems, techniques and articles are also described. | 2014-09-18 |
20140283028 | MALICIOUS REQUEST ATTRIBUTION - Methods, apparatuses, and computer readable media for malicious request attribution are presented. For example, according to one aspect, requests for one or more records may be received from a requesting computing device. A determination may be made that the requests are of a malicious nature. Responsive to determining that the requests are of a malicious nature, one or more requests for obtaining information about the requesting computing device may be generated, and communicated to the requesting computing device. In some embodiments, at least one of the one or more requests for obtaining information about the requesting computing device may be configured to cause the requesting computing device to fail to properly render at least a portion of a web page comprising at least one of the one or more records. | 2014-09-18 |
20140283029 | SYSTEM AND METHOD FOR DETECTION OF ROGUE ROUTERS IN A COMPUTING NETWORK - A method and apparatus for detecting the presence of a rogue router in a computer network is described. The method may include transmitting a router solicitation message. The method may also include receiving a plurality of response messages to the router solicitation message from a first plurality of router devices, wherein the response messages are used to perform an operation other than assigning an internet protocol (IP) address to the device. | 2014-09-18 |
20140283030 | PROTECTING NETWORKS FROM CYBER ATTACKS AND OVERLOADING - Packets may be received by a packet security gateway. Responsive to a determination that an overload condition has occurred in one or more networks associated with the packet security gateway, a first group of packet filtering rules may be applied to at least some of the packets. Applying the first group of packet filtering rules may include allowing at least a first portion of the packets to continue toward their respective destinations. Responsive to a determination that the overload condition has been mitigated, a second group of packet filtering rules may be applied to at least some of the packets. Applying the second group of packet filtering rules may include allowing at least a second portion of the packets to continue toward their respective destinations. | 2014-09-18 |
20140283031 | SYSTEMS AND METHODS FOR DETERMINING TRUST LEVELS FOR COMPUTING COMPONENTS - Systems and methods for determining trust levels for components of a computing application including a development framework, a trust matrix, a trust level calculation module, a visual design subsystem, and a deployment subsystem, where trust levels are associated with components, combinations of components, graphs, and blueprints, where trust levels relate to categories of use. | 2014-09-18 |
20140283032 | INTER-PROCESSOR ATTESTATION HARDWARE - Embodiments of an invention for inter-processor attestation hardware are disclosed. In one embodiment, an apparatus includes first attestation hardware associated with a first portion of a system. The first attestation hardware is to attest to a second portion of the system that the first portion of the system is secure. | 2014-09-18 |
20140283033 | SYSTEMS AND METHODS FOR TOKENIZING USER-GENERATED CONTENT TO ENABLE THE PREVENTION OF ATTACKS - The present invention relates to systems and methods for the tokenization of user-generated content in order to prevent attacks on the user-generated content. The systems and methods initially pre-process the user-generated content string utilizing a secondary input of target language. Pre-processing may also include initialization of finite state machines, token markers and string buffers (text, HTML tag name, HTML attribute name, HTML attribute value, CSS selector, CSS property name, and CSS property value). The user-generated content string is scanned by rune, and the system sends each rune to a specific buffer based upon signaling by individual finite state machine states. Buffers are then converted to token stream nodes to be inserted into the token stream. The tokens represent a string of characters and are symbolically categorized according to activated finite state machine states. | 2014-09-18 |
20140283034 | SECURE DEVICE PROFILING COUNTERMEASURES - Systems and method are disclosed for performing profiling on a secure device. In embodiments, a plurality of counters are established. Each counter may be related to a different type of message. When the secure device receives and/or processes a message, it determines the type of message and adjusts a counter related to the determined message type. A ratio may be computed between the different counters. When the ratio deviates from a threshold, the secure device may be performing illegitimate operations, and one or more countermeasures are deployed against the illegitimate secure device. | 2014-09-18 |
20140283035 | TECHNIQUES FOR PREDICTING AND PROTECTING SPEARPHISHING TARGETS - Techniques for predicting and protecting spearphishing targets are disclosed. In one particular exemplary embodiment, the techniques may be realized as a system for predicting and protecting spearphishing targets. The system may comprise one or more processors communicatively coupled to a network. The one or more processors may be configured to identify one or more potential spearphishing targets based on information from an organization, receive additional information associated with the one or more potential spearphishing targets and the organization from publicly available sources, determine a threat level of a spearphishing attack on the one or more potential spearphishing targets based on the information from the organization and the additional information, and generate a report of the one or more potential spearphishing targets and the threat level associated with the one or more potential spearphishing targets. | 2014-09-18 |
20140283036 | MITIGATING JUST-IN-TIME SPRAYING ATTACKS IN A NETWORK ENVIRONMENT - An example method for mitigating JIT spraying attacks in a network environment is provided and includes protecting an output of a just-in-time (JIT) compiler against attacks during application execution at least by intervening from outside the application into a JIT page generated by the JIT compiler in a memory element of a host. In a specific embodiment, the intervening can include rewriting the JIT page. In specific embodiments, the method can further include generating a shadow page corresponding to the JIT page in the memory element. The method can further include randomly choosing at least one block of instructions in the JIT page, moving the at least one block of instructions to the shadow page, and replacing the at least one block of instructions in the JIT page with at least one of invalid opcodes and halt instructions. | 2014-09-18 |
20140283037 | System and Method to Extract and Utilize Disassembly Features to Classify Software Intent - A system and method operable to identify malicious software by extracting one or more features disassembled from software suspected to be malicious software and employing one or more of those features in a machine-learning algorithm to classify such software. | 2014-09-18 |
20140283038 | Safe Intelligent Content Modification - A computer-implemented method for deflecting abnormal computer interactions includes receiving, at a computer server system and from a client computer device that is remote from the computer server system, a request for web content; identifying, by computer analysis of mark-up code content that is responsive to the request, executable code that is separate from, but programmatically related to, the mark-up code content; generating groups of elements in the mark-up code content and the related executable code by determining that the elements within particular groups are programmatically related to each other; modifying elements within particular ones of the groups consistently so as to prevent third-party code written to interoperate with the elements from modifying from interoperating with the modified elements, while maintain an ability of the modified elements within each group to interoperate with each other; and recoding the mark-up code content and the executable code to include the modified elements. | 2014-09-18 |
20140283039 | ENHANCED SECURITY FOR HARDWARE DECODER ACCELERATOR - A software security layer may be used to protect a system against exploitation of a hardware encoder accelerator by malicious data embedded in the one or more frames of encoded digital streaming data. It is emphasized that this abstract is provided to comply with the rules requiring an abstract that will allow a searcher or other reader to quickly ascertain the subject matter of the technical disclosure. It is submitted with the understanding that it will not be used to interpret or limit the scope or meaning of the claims. | 2014-09-18 |
20140283040 | Hard Object: Lightweight Hardware Enforcement of Encapsulation, Unforgeability, and Transactionality - A hardware-implemented method to support three desirable software properties: encapsulation, referential integrity/capabilities, and transactions. These properties in turn may be used to support software correctness, specifically the enforcement of invariants, and computer security, specifically protecting parts of programs from each other within a single process. | 2014-09-18 |
20140283041 | MALICIOUS CODE DETECTION TECHNOLOGIES - An embodiment of the present application provides technologies for detecting malicious content embedded in a content downloaded from an external source. The downloaded content converted into an opcode sequence by a web browser in a computing device. The opcode sequence is compared with a pre-stored opcode signature. The opcode signature comprises multiple sentences, and each sentence has multiple clauses. Each clause may include a matching opcode, a condition, an instruction, and an identifier. When a matching opcode in a clause matches with an opcode of the opcode sequence, and the condition as specified in the clause is determined to be true, the instruction in the clause is taken and next sentence identified by the identifier is taken to match the opcode sequence. Eventually, the last taken clause in the opcode signature may instruct whether opcode sequence contains malicious code. | 2014-09-18 |
20140283042 | DETECTION OF NON-VOLATILE CHANGES TO A RESOURCE - Policies are communicated to a kernel service of an Operating System (OS) that define resource identifiers and events. When an event is received (from the kernel service) for a resource, the event is noted. Subsequent events received (from the kernel service) are: tracked, evaluated, and a determination is made whether a near real-time or real-time notification is to be sent. | 2014-09-18 |
20140283043 | SYSTEMS AND METHODS FOR DETECTING AND PREVENTING FLOODING ATTACKS IN A NETWORK ENVIRONMENT - A method for processing network traffic data includes receiving a packet, and determining whether the packet is a previously dropped packet that is being retransmitted. A method for processing network traffic content includes receiving a plurality of headers, the plurality of headers having respective first field values, and determining whether the first field values of the respective headers form a first prescribed pattern. A method for processing network traffic content includes receiving a plurality of packets, and determining an existence of a flooding attack without tracking each of the plurality of packets with a SYN bit. | 2014-09-18 |
20140283044 | Method and Device For Preventing Application in an Operating System From Being Uninstalled - Provided are a method and device for preventing the application in an operating system from being uninstalled. The method includes monitoring the operation executed for the application; determining whether the operation executed for the application is to uninstall the application; displaying at the client a prompt whether it is agreed to uninstall the application, if the operation executed for the application is to uninstall the application; the prompt whether it is agreed to uninstall the application may be displayed at the client after the operation executed for the application is determined to uninstall the application. Therefore, the method may prevent the malicious software from uninstalling maliciously, enhancing the security of the intelligent terminal | 2014-09-18 |
20140283045 | MANAGING VIRTUAL COMPUTING TESTING - Systems, methods, and interfaces for the management of virtual machine networks and other programmatically controlled networks are provided. Hosted virtual networks are configured in a manner such that a virtual machine manager of the virtual network may monitor activity such as user requests, network traffic, and the status and execution of various virtual machine instances to determine possible security assessments. A security assessment may be performed before, after, or simultaneous to the execution of the activity associated with the security assessment event. The execution of an activity may further be synchronous with the results of the security assessment. The timing of the assessment may correspond to the type of assessment or type of activity that is requested or detected. | 2014-09-18 |
20140283046 | ANTI-MALWARE SCANNING OF DATABASE TABLES - Technologies for determining malware may include causing a query of contents of a field of a database. The field may include a large object. The technologies may also include obtaining results of the query of the contents of the field and determining whether the results of the query of the contents of the field indicate malware. | 2014-09-18 |
20140283047 | INTELLIGENT CYBERPHYSICAL INTRUSION DETECTION AND PREVENTION SYSTEMS AND METHODS FOR INDUSTRIAL CONTROL SYSTEMS - The embodiments described herein include a system and a method. In one embodiment, a system includes a device monitoring component configured to measure control system behavior and an intrusion prevention system communicatively coupled to the device monitoring component and a communications network. The intrusion prevention system includes a control system analysis component configured to analyze the control system behavior measured by the device monitoring component against a first rule set to determine whether an anomaly, an intrusion, or both are present. | 2014-09-18 |
20140283048 | DATA TREND ANALYSIS - According to an example, a method for data trend analysis may include retrieving data from data sources, associating the data with a time, and identifying co-occurrences of terms and concepts within the data. In response to determining that co-occurrences of term and concept pairs reach a predefined threshold, the method may include adding the term and concept pairs to an ontology. The method may include logging occurrences of terms in the ontology within the data with respect to associated data times, identifying a plurality of time periods, and for one of the plurality of time periods and for the logged terms, determining a first score indicative of a weighted term frequency metric for a logged term within the data during the one time period, and determining a second score indicative of a commonality of a presence of the logged term within the data among the plurality of time periods. | 2014-09-18 |
20140283049 | HANDLING INFORMATION SECURITY INCIDENTS - Methods, systems, computer-readable media, and apparatuses for handling information security incidents are presented. In some embodiments, a computing device may receive information indicating that a network address is associated with an information security incident. Subsequently, the computing device may monitor activity associated with the network address. Based on the monitoring, the computing device may determine whether the network address represents an information security threat. In response to determining that the network address represents an information security threat, the computing device may cause one or more remediation actions to be performed. In some arrangements, the information security incident may be a denial of service attack. In additional or alternative arrangements, the network address may be located in a particular net block, and the computing device may evaluate one or more remediation criteria, which may include analyzing network activity for one or more other addresses that are located within the net block. | 2014-09-18 |
20140283050 | METHOD AND APPARATUS FOR COLLECTING INFORMATION FOR IDENTIFYING COMPUTER ATTACK - A computer-implemented method and apparatus for identifying attacks, comprising: receiving information related to a computerized network, the information comprising description of the network and events occurring within the network; processing the events, comprising determining whether additional data is required; responsive to determining that additional information is required, collecting the additional information and processing the additional information; and providing attack information based on the information and on the additional information, wherein the additional information is more resource consuming to obtain or process than the information. | 2014-09-18 |
20140283051 | SYSTEM AND METHOD THEREOF FOR MITIGATING DENIAL OF SERVICE ATTACKS IN VIRTUAL NETWORKS - A method for efficient mitigation of denial of service (DoS) attacks in a virtual network. The method maintains a security service level agreement (SLA) guaranteed to protected objects. The method comprises ascertaining that a denial of service (DoS) attack is performed in the virtual network; checking if the DoS attack affects at least one physical machine hosting at least one protected object, wherein the protected object is provisioned with at least a guaranteed security service level agreement (SLA); determining, by a central controller of the virtual network, an optimal mitigation action to ensure the at least one security SLA guaranteed to the least one protected object; and executing the determined optimal mitigation action to mitigate the DoS attack, wherein the optimal mitigation action is facilitated by means of resources of the virtual network. | 2014-09-18 |
20140283052 | HETEROGENEOUS SENSORS FOR NETWORK DEFENSE - Heterogeneous sensors simultaneously inspect network traffic for attacks. A signature-based sensor detects known attacks but has a blind spot, and a machine-learning based sensor that has been trained to detect attacks in the blind spot detects attacks that fail to conform to normal network traffic. False positive rates of the machine-learning based sensor are reduced by iterative testing using statistical techniques. | 2014-09-18 |
20140283053 | SYSTEMS AND METHODS FOR ZONE-BASED INTRUSION DETECTION - Systems and methods for zone-based intrusion detection are described herein. The system may comprise a multi-tenant system; a server communicatively coupled with the multi-tenant system; a zone-based intrusion detection module running on the server; a zone within the server, the zone being a tenant and including at least one process running on it; and a debugger module that examines the process in real-time. | 2014-09-18 |
20140283054 | Automatic Fraudulent Digital Certificate Detection - A computing device analyzes digital certificates received from various different sites (e.g., accessed via the Internet or other network) in order to automatically detect fraudulent digital certificates. The computing device maintains a record of the digital certificates it receives from these various different sites. A certificate screening service operating remotely from the computing device also accesses these various different sites and maintains a record of the digital certificates that the service receives from these sites. In response to a request to access a target site the computing device receives a current digital certificate from the target site. The computing device determines whether the current digital certificate is genuine or fraudulent based on one or more of previously received digital certificates for the target site, confirmation certificates received from the certificate screening service, and additional characteristics of the digital certificates and/or the target site. | 2014-09-18 |
20140283055 | PROVIDING ALERTS BASED ON UNSTRUCTURED INFORMATION METHODS AND APPARATUS - A system, method, and apparatus for providing alerts based on unstructured information are disclosed. An example method includes receiving a data item from a remotely located information source, the data item including unstructured information. The method also includes determining a threat score for the data item by matching information associated with the data item to pre-identified information associated with a numerical value. The method further includes responsive to the threat score exceeding a predetermined threshold, creating a Common Alerting Protocol data structure that includes at least a portion of the information associated with the data item and transmitting the Common Alerting Protocol data structure. | 2014-09-18 |
20140283056 | Linear Address Mapping Protection - Technologies for securing an electronic device include determining addresses of one or more memory pages, injecting for each memory page a portion of identifier data into the memory page, storing an indication of the identifier data injected into each of the memory pages, determining an attempt to access at least one of the memory pages, determining any of the identifier data present on a memory page associated with the attempt, comparing the indication of the identifier data with the determined identifier data present on the memory page, and, based on the comparison, determining whether to allow the access. | 2014-09-18 |
20140283057 | TCP VALIDATION VIA SYSTEMATIC TRANSMISSION REGULATION AND REGENERATION - The present invention provides a technique for validating TCP communication between a client requesting resources and a server providing requested resources to protect the specified server from a denial of service attack wherein a plurality of clients initiate communication with a server, but do not complete the communication for the purpose of denying service to the server from other legitimate clients. Through systematic transmission regulation of TCP packets, an intermediary apparatus or set of apparatuses, can, to a high degree of certainty, validate client connections to protect the server from this saturated condition. The communication is then reproduced by the apparatus or apparatuses. | 2014-09-18 |
20140283058 | GENERIC UNPACKING OF APPLICATIONS FOR MALWARE DETECTION - A technique for detecting malware in an executable allows unpacking of a packed executable before determining whether the executable is malware. In systems with hardware assisted virtualization, hardware virtualization features may be used to iteratively unpack a packed executable in a controlled manner without needing knowledge of a packing technique. Once the executable is completely unpacked, malware detection techniques, such as signature scanning, may be employed to determine whether the executable contains malware. Hardware assisted virtualization may be used to facilitate the scanning of the run-time executable in memory. | 2014-09-18 |
20140283059 | Continuous Monitoring of Computer User and Computer Activities - Methods, systems, and computer programs are presented for securing a computer device. One method includes an operation for capturing interaction data for a user interfacing with the computer device, the interaction data including keyboard inputs and screen captures taken periodically. Further, the method includes operations for extracting semantic meaning of the interaction data, and generating a schema, based on the extracted semantic meaning, to create meaningful tags for the interaction data. The schema is analyzed based on a model in order to identify security threats, and an alarm is created when non-conforming behavior for the model is detected. | 2014-09-18 |
20140283060 | MITIGATING VULNERABILITIES ASSOCIATED WITH RETURN-ORIENTED PROGRAMMING - The disclosed embodiments provide a system that operates a processor in a computer system. During operation, the system identifies one or more return sites associated with a call instruction of a software program. Next, the system restricts execution of a return from the call instruction by the processor to the one or more return sites. | 2014-09-18 |
20140283061 | ATTACK DETECTION AND PREVENTION USING GLOBAL DEVICE FINGERPRINTING - This disclosure describes a global attacker database that utilizes device fingerprinting to uniquely identify devices. For example, a device includes one or more processors and network interface cards to receive network traffic directed to one or more computing devices protected by the device, send, to the remote device, a request for data points of the remote device, wherein the data points include characteristics associated with the remote device, and receive at least a portion of the requested data points. The device also includes a fingerprint module to compare the received portion of the data points to sets of data points associated with known attacker devices, and determine, based on the comparison, whether a first set of data points of a first known attacker device satisfies a similarity threshold. The device also includes an security module to selectively manage, based on the determination, additional network traffic directed to the computing devices. | 2014-09-18 |
20140283062 | APPARATUS, SYSTEM AND METHOD FOR SUPPRESSING ERRONEOUS REPORTING OF ATTACKS ON A WIRELESS NETWORK - According to one embodiment, a method for suppressing erroneous alert messages for suspected network attacks comprises a first operation of determining an intrusion event. This may be conducted at a first network device. Then, the intrusion event is verified prior to transmission of the alert message. The verification may be conducted at a second network device. Thereafter, transmission of the alert message is suppressed in response to verifying that the intrusion event has been erroneously determined. | 2014-09-18 |
20140283063 | System and Method to Manage Sinkholes - A system and method operable to manage and/or distribute sinkholes. | 2014-09-18 |
20140283064 | NETWORK ATTACK OFFENSIVE APPLIANCE - A network system for launching a cyber-offensive countermeasure to improve network security is provided. For example, a system that enables launching a cyber-offensive countermeasure on a network may include a receiving section that receives packets routed on the network and analyzes the received packets to detect an attack directed toward a device on the network when the attack is external to the device, an editing section that edits the received packets, and a transmitting section that transmits the edited packets on the network. | 2014-09-18 |
20140283065 | SERVER-ASSISTED ANTI-MALWARE CLIENT - A host-based antimalware client can interface with a server-based antimalware support server. A file is identified at a host device. It is determined whether local reputation data for the file is available at the host device for the file. A query is sent to an antimalware support system relating to the file. Particular reputation data is received from the antimalware support system corresponding to the query. It is determined whether to allow the file to be loaded on the host device based at least in part on the particular reputation data. | 2014-09-18 |
20140283066 | SERVER-ASSISTED ANTI-MALWARE CLIENT - An antimalware support system is provided to support one or more host-based antimalware clients. A query is received from a particular host device that identifies a file detected by an antimalware tool local to the particular host device. Reputation data is determined for the file, and a response to the query is sent to the particular host device. The query response includes the reputation data determined for the file. | 2014-09-18 |
20140283067 | DETECTING THE INTRODUCTION OF ALIEN CONTENT - A computer-implemented method for identifying abnormal computer behavior includes receiving, at a computer server subsystem, data that characterizes subsets of particular document object models for web pages rendered by particular client computers; identifying clusters from the data that characterize the subsets of the particular document object models; and using the clusters to identify alien content on the particular client computers, wherein the alien content comprises content in the document object models that is not the result of content that is the basis of the document object model served. | 2014-09-18 |
20140283068 | PROTECTING AGAINST THE INTRODUCTION OF ALIEN CONTENT - In one implementation, a computer-implemented method can identify abnormal computer behavior. The method can receive, at a computer server subsystem and from a web server system, computer code to be served in response to a request from a computing client over the internet. The method can also modify the computer code to obscure operational design of the web server system that could be determined from the computer code, and supplement the computer code with instrumentation code that is programmed to execute on the computing client. The method may serve the modified and supplemented computer code to the computing client. | 2014-09-18 |
20140283069 | PROTECTING AGAINST THE INTRODUCTION OF ALIEN CONTENT - In one implementation, a computer-implemented method can identify abnormal computer behavior. The method can receive, at a computer server subsystem and from a web server system, computer code to be served in response to a request from a computing client over the internet. The method can also modify the computer code to obscure operational design of the web server system that could be determined from the computer code, and supplement the computer code with instrumentation code that is programmed to execute on the computing client. The method may serve the modified and supplemented computer code to the computing client. | 2014-09-18 |
20140283070 | COMPUTER NETWORK ATTRIBUTE BILATERAL INHERITANCE - Current approaches to managing security intelligence data often address both threat and malicious behavior at the individual computer level, tracked by the Internet Protocol (IP) address. For example, important facts, observed behavior, and other indications that are tracked by security organizations are only tracked with respect to individual IP addresses. Bilateral network inheritance generally refers to inheriting a variety of attributes from parents to children and from children to parents in a computer network hierarchy. The computer network hierarchy may comprise various entities such as, for example, top level entities, autonomous systems, address ranges, and individual IP addresses. | 2014-09-18 |
20140283071 | APPLICATION MALWARE ISOLATION VIA HARDWARE SEPARATION - A system for application malware isolation via hardware separation for use in a networked server-client system in the event of a possible malicious intrusion including a client; and a remote application physically separate from the client, the remote application interactively connected with the client over an encrypted network, the remote application comprising an isolation encoding module configured to create a secure version of potentially malicious client content, the remote application further comprising an application isolation container configured to run operations of interest to the client, so as to perform application malware isolation via hardware separation in the server-client system. | 2014-09-18 |
20140283073 | MANAGING ROGUE DEVICES THROUGH A NETWORK BACKHAUL - Managing rogue devices in a network through a network backhaul. A rogue device is detected in a network and a rogue device message that includes the rogue device is sent to a plurality of switches in a backhaul of the network. The rogue device is added into a rogue monitor table. Whether the rogue device is In-Net or Out-Of-Net is determined using forwarding tables of the plurality of switches in the backhaul of the network and the rogue monitor table. Mitigation is performed using a nearest switch to the rogue device of the plurality of switches in the backhaul of the network if it is determined that the rogue device is In-Net. | 2014-09-18 |
20140283074 | METHOD AND SYSTEM FOR PROTECTIVE DISTRIBUTION SYSTEM (PDS) ANDINFRASTRUCTURE PROTECTION AND MANAGEMENT - A method and system for managing a protective distribution system is disclosed. The method includes monitoring an information transmission line, detecting a disturbance on the information transmission line, displaying the disturbance as a graphical representation, comparing the disturbance to a preset threshold, and triggering an alert if the disturbance is greater than the preset threshold or the number of disturbances less than the preset threshold meets a preset number within a preset time period. A system for managing a protective distribution system is also provided. The system includes a set of instructions which when executed causes a processor to perform a method for managing an information transmission line. The system further includes an intrusion detector, an optical line terminal and/or network switch, an optical circuit switch, an optical test access point device, and a network analytic tool | 2014-09-18 |
20140283075 | STORAGE APPLIANCE AND THREAT INDICATOR QUERY FRAMEWORK - Systems are described for capturing network traffic data and efficiently storing the data on solid state storage devices. The systems can include a capture process module, a storage management module, and a query module. The storage management module can include circuitry configured to hold an arbitrarily large number of solid state storage devices configured to appear to a host system as a single large solid state drive. | 2014-09-18 |
20140283076 | PROFILING CODE EXECUTION - Technologies for securing an electronic device may include determining a plurality of rules, monitoring execution of the electronic device, generating a notification that one of the operations has occurred based upon the rules, and, based on the notification and the pattern of the operations, determining whether the operations are indicative of malware. The rules may include an identification of a plurality of entities of the electronic device to be monitored, an identification of one or more operations between the entities to be monitored, and an identification of a pattern of the operations to be monitored. | 2014-09-18 |
20140283077 | PEER-AWARE SELF-REGULATION FOR VIRTUALIZED ENVIRONMENTS - Technologies for self-regulation for virtualized environments may include, by a virtual machine on an electronic device, detecting an attempted anti-malware operation by a monitored module, determining anti-malware operation levels of one or more other virtual machines on the electronic device, and, based on the attempted anti-malware operation and upon the anti-malware operation levels, determining whether to allow the attempted operation. | 2014-09-18 |
20140283078 | SCANNING AND FILTERING OF HOSTED CONTENT - A system includes a server computer configured to host a plurality of web pages. A scanner is configured to scan the plurality of web pages to identify malicious links contained in the plurality of web pages. A proxy server is configured to filter the malicious links from content of the plurality of web pages served from the server computer to a user in response to a request from the user. | 2014-09-18 |
20140283079 | STEM CELL GRID - A stem cell grid is disclosed. The stem cell grid includes the ability to incorporate characteristics of a stem cell into a network device. In the event that the network device fails or otherwise becomes unavailable for use by other network devices, the network device is automatically replicated within a virtualized environment and then the replica of the network device is used instead of the failed and/or unavailable network device. | 2014-09-18 |
20140283080 | IDENTIFYING STORED VULNERABILITIES IN A WEB SERVICE - A computer identifies each web method, of a web service, declared in a web services description language (WSDL) file. The computer adds a node within a directed graph for each web method identified. The computer identifies pairs of web methods declared in the WSDL file in which a match exists between an output parameter of one of the web methods and an input parameter of another one of the web methods. The computer adds an edge within the directed graph for each of the pairs of web methods identified. The computer generates one or more sequences of web methods based on nodes connected by edges within the directed graph, wherein each of the one or more sequences includes at least one of the pairs of web methods identified. The computer tests each of the one or more sequences of web methods to identify stored vulnerabilities in the web service. | 2014-09-18 |
20140283081 | TECHNIQUES FOR CORRELATING VULNERABILITIES ACROSS AN EVOLVING CODEBASE - Methods, apparatus, and systems for characterizing vulnerabilities of an application source code are disclosed. Steps for characterizing vulnerabilities include traversing a representation of the application source code, generating a signature of a potential vulnerability of the application source code, and determining characteristics of the potential vulnerability based on a correlation between the generated signature of the potential vulnerability and previously stored signatures of potential vulnerabilities. | 2014-09-18 |
20140283082 | SYSTEMS AND METHODS FOR DETERMINING POTENTIAL IMPACTS OF APPLICATIONS ON THE SECURITY OF COMPUTING SYSTEMS - A computer-implemented method for determining potential impacts of applications on the security of computing systems may include (1) identifying an application subject to a security vulnerability assessment, (2) requesting information that identifies a potential impact of the application on a vulnerability of at least one computing system to at least one exploit associated with the application, (3) receiving the information that identifies the potential impact of the application on the vulnerability of the computing system, wherein the information may be derived at least in part from data from at least one additional computing system on which the application has previously been installed and (4) directing a determination about an installation of the application on the computing system based at least in part on the information that identifies the potential impact of the application on the vulnerability of the computing system. Various other methods, systems, and computer-readable media are also disclosed. | 2014-09-18 |
20140283083 | SYSTEM AND METHOD FOR CORRELATING LOG DATA TO DISCOVER NETWORK VULNERABILITIES AND ASSETS - The system and method described herein relates to a log correlation engine that may cross-reference or otherwise leverage existing vulnerability data in an extensible manner to support network vulnerability and asset discovery. In particular, the log correlation engine may receive various logs that contain events describing observed network activity and discover a network vulnerability in response to the logs containing at least one event that matches a regular expression in at least one correlation rule associated with the log correlation engine that indicates a vulnerability. The log correlation engine may then obtain information about the indicated vulnerability from at least one data source cross-referenced in the correlation rule and generate a report that the indicated vulnerability was discovered in the network, wherein the report may include the information about the indicated vulnerability obtained from the at least one data source cross-referenced in the correlation rule. | 2014-09-18 |
20140283084 | AUTOMATIC MALIGNANT CODE COLLECTING SYSTEM - An automatic malignant code collecting system comprises a first database configured to store detection target website information, a virtual machine controller configured to read the website information from the first database and transmit the website information, a first virtual machine configured to periodically gain access to a website using the website information and to collect a malignant code and evidence thereof if an abnormal event occurs when the first virtual machine gains access to the website, a second virtual machine configured to periodically gain access to the same website as accessed by the first virtual machine using the website information received from the virtual machine controller and to collect a malignant code and evidence thereof if an abnormal event occurs when the second virtual machine gains access to the website, and a second database configured to store the malignant code and the evidence thereof collected by the first virtual machine and the second virtual machine. | 2014-09-18 |
20140283085 | INTERNET PROTOCOL THREAT PREVENTION - Blocking high-risk IP connections in real-time while allowing tailoring of an acceptable risk profile to match the security requirements of network resources. By acquiring IP threat information about IP addresses, including risk confidence levels, assigning weighting factor values corresponding to various characteristics of the IP addresses, and mathematically transforming the risk confidence levels using the weighting factor values, traffic from IP addresses posing unacceptable levels of risk is blocked. Further, mathematically transforming risk confidence level to a user-defined acceptable risk level permits allowing traffic from the IP addresses having an acceptable level of risk. | 2014-09-18 |
20140283086 | System and Method for Performing Sensitive Geo-Spatial Processing in Non-Sensitive Operator Environments - Methods and systems are disclosed including transmitting, by processor of a server computer, image raster content of a geo-referenced aerial image to an operator user device without the geo-referencing information of the geo-referenced aerial image; receiving, by the processor of the server computer from the operator user device, image coordinates, which may be in the form of pixel row/column, representing an object or region of interest selected within the image raster content of the geo-referenced aerial image by a data processing operator of the operator user device; and translating the image coordinates into real-world geographic coordinates. The processor may calculate measurements based on the real-world geographic coordinates and may store real-world geographic coordinates and/or measurements. The geo-referenced aerial image may be isolated such that a data processing operator may not be able to pan or zoom outside of the isolated geo-referenced aerial image. | 2014-09-18 |
20140283087 | SELECTIVE CONTENT SHARING ON COMPUTING DEVICES - Described herein are architectures, platforms and methods for selective content sharing feature in a computing device and more particularly, a system that supports user configurable application-level privacy is described. | 2014-09-18 |
20140283088 | Preventing stack buffer overflow attacks - Improved buffer overflow protection for a computer function call stack is provided by placing a predetermined ShadowKEY value on a function's call stack frame and copying the ShadowKEY, a caller EBP, and a return pointer are pushed onto a duplicate stack. The prologue of the function may be modified for this purpose. The function epilogue is modified to compare the current values of the ShadowKEY, caller EBP, and the return pointer on the function stack to the copies stored on the duplicate stack. If they are not identical, an overflow is detected. The preserved copies of these values may be copied back to the function stack frame thereby enabling execution of the process to continue. A function prologue and epilogue may be modified during compilation of the program. | 2014-09-18 |
20140283089 | SENSITIVE PERSONAL INFORMATION DATA PROTECTION - A computing device may be configured to provide operations related to providing additional security for sensitive personal information (SPI) in data records of an enterprise. The SPI is extract from the data records and mask sequence values associated with the SPI are generated. A master translation table is updated with the association of the mask sequence values to the entries of SPI and the mask sequence values are merged into the data records to be used in place of the SPI to safeguard the SPI. The table containing the mask sequence values is stored separately. | 2014-09-18 |
20140283090 | LICENSING USING A NODE LOCKED VIRTUAL MACHINE - A method of licensing software to a particular instance of a virtual machine that is being run as part of an Active Directory domain. Since a virtual machine is a simulation of a physical machine, i.e. a computer, it can easily be cloned to produce an exact duplicate. This poses a problem when it is desired to license an instance of software for use only on a particular virtual machine. The technology disclosed allows for software to be licensed for execution only on a particular instance of a virtual machine that is being run as part of an Active Directory domain. | 2014-09-18 |
20140283091 | DIFFERENTIALLY PRIVATE LINEAR QUERIES ON HISTOGRAMS - The privacy of linear queries on histograms is protected. A database containing private data is queried. Base decomposition is performed to recursively compute an orthonormal basis for the database space. Using correlated (or Gaussian) noise and/or least squares estimation, an answer having differential privacy is generated and provided in response to the query. In some implementations, the differential privacy is ε-differential privacy (pure differential privacy) or is (ε,δ)-differential privacy (i.e., approximate differential privacy). In some implementations, the data in the database may be dense. Such implementations may use correlated noise without using least squares estimation. In other implementations, the data in the database may be sparse. Such implementations may use least squares estimation with or without using correlated noise. | 2014-09-18 |
20140283092 | Controlled Application Distribution - An application sender can control the distribution and use of an application using an authorization token encapsulating distribution terms submitted by the application sender and the application license specification submitted by a developer of the application. The application sender can access an application store and perform various functions such as selecting one or more applications for use by an application receiver, combining one or more applications into a bundle for use by an application receiver, and/or combining several applications to form a new application for use by an application receiver. The application receiver can utilize the application in accordance with the authorization token generated by the distribution terms. | 2014-09-18 |
20140283093 | METHOD, APPARATUS, SYSTEM, AND COMPUTER READABLE MEDIUM TO PROVIDE SECURE OPERATION - Technologies are provided in embodiments for receiving an enclave program for operation in an enclave, identifying at least one shared object dependency of the enclave program, determining whether the shared object dependency corresponds to at least one enclave shared object, causing association between the shared object dependency and the enclave shared object in circumstances where the shared object dependency corresponds to the enclave shared object, and causing association between the shared object dependency and an enclave-loadable non-enclave shared object in circumstances where the shared object dependency fails to correspond to the enclave shared object. | 2014-09-18 |
20140283094 | SYSTEM AND METHOD FOR SYSTEMATIC DETECTION OF FRAUD RINGS - The present invention provides, in at least one embodiment, a system, and method for detecting fraud rings. The system gathers a small group of highly likely fraudsters. The system then looks for groups of these likely fraudsters who are interconnected. When the interconnections are strong, these groups are likely to be fraud rings. Once fraud rings are detected, the links can be applied to better prevent fraud and to help in criminal investigations. | 2014-09-18 |
20140283095 | COLLABORATIVE PUBLISHING WITHIN A SOCIAL NETWORK - Exemplary methods, apparatuses, and systems select a plurality of entities within a social network. Content published by each entity to the social network is received by a plurality of users of the social network that follow the plurality of entities within the social network. One or more of the plurality of entities is selected based upon a characteristic of the plurality of following users. Permission is received from the plurality of entities to publish content to the social network on behalf of each entity. Utilizing the permission, content within a single theme is published to the social network on behalf of each of the plurality of entities, wherein the content within the single theme is published on behalf of each of the plurality of entities contemporaneously with each of the others of the plurality of entities. | 2014-09-18 |
20140283096 | VALIDATING NORMALIZED CODE REPRESENTATIONS - A request that includes an indication of an execution context and data that represents executable code is obtained. An analysis of the data is initiated based on generating a first templatized representation of the executable code. A list of clearance indicators that indicate a blocking status associated with respective forms of templatized representations is accessed. A workflow policy is determined based on the accessing of the list of clearance indicators. The list of clearance indicators is updated, based on a result of the analysis of the data. | 2014-09-18 |
20140283097 | Anonymizing Sensitive Identifying Information Based on Relational Context Across a Group - Mechanisms are provided for relational context sensitive anonymization of data. A request for data is received that specifies a relational context corresponding to a selected group of selected persons selected from a global group of persons based on the relational context. The relational context specifies one or more attributes of selected persons in the selected group that establishes a relationship between the selected persons and distinguishes the selected persons from non-selected persons in the global group that are not in the selected group. For the relational context, based on a corpus of personal information data corresponding to the selected persons, key attributes in the personal information data are determined and a rarity value for each key attribute is determined. Selected key attributes are then anonymized based on the determined rarity value for each of the key attributes within the relational context of the selected group. | 2014-09-18 |
20140283098 | MUTUALLY ASSURED DATA SHARING BETWEEN DISTRUSTING PARTIES IN A NETWORK ENVIRONMENT - An apparatus for sharing information between entities includes a processor and a trusted execution module executing on the processor. The trusted execution module is configured to receive first confidential information from a first client device associated with a first entity, seal the first confidential information within a trusted execution environment, receive second confidential information from a second client device associated with a second entity, seal the second confidential information within the trusted execution environment, and execute code within the trusted execution environment. The code is configured to compute a confidential result based upon the first confidential information and the second confidential information. | 2014-09-18 |
20140283099 | PRIVACY AWARE DHCP SERVICE - Generally, this disclosure describes a system including a privacy aware DHCP service and a user device. The user device includes a trusted execution environment including a client privacy agent configured to request a first Internet Protocol (IP) address from a DHCP service and to determine a device privacy score based, at least in part, on a DHCP policy; memory comprising secure storage configured to store the first IP address; and communication circuitry configured to establish at least one connection between the user device and at least one entity over a network using the first IP address. The client privacy agent is configured to monitor communication activity over the connection(s), to update the device privacy score based, at least in part, on the communication activity, and to close the connection(s) if the device privacy score is outside an acceptable privacy score range, the acceptable privacy range bounded by a privacy threshold. | 2014-09-18 |
20140283100 | DISPLAY PRIVACY WITH DYNAMIC CONFIGURATION - Generally, this disclosure provides systems, devices, methods and computer readable media for dynamic configuration of display privacy. The device may include a context determination module configured to determine a usage context for the device; a content attribute determination module configured to determine privacy attributes associated with data content to be displayed by the device; and a privacy decision module configured to trigger a privacy mode based on the usage context and the privacy attributes, the privacy decision module further configured to generate a switching signal to a switchable privacy filter in response to the privacy mode. | 2014-09-18 |
20140283101 | COMPUTING SYSTEM WITH PRIVACY MECHANISM AND METHOD OF OPERATION THEREOF - A computing system includes a context module configured to determine a sharing context; an option module, coupled to the context module, configured to generate a sharing option for the sharing context based on a default set for the sharing context, a user's past sharing selection for the sharing context, and a personalization degree for the sharing context; and a privacy preference module, coupled to the option module, configured to estimate a user's privacy preference based on the sharing option. | 2014-09-18 |
20140283102 | METHOD FOR RECEIVING ENTERED DATA AND INFORMATION PROCESSING DEVICE - A computer displays a first screen for left eye and a second screen for right eye in a same display region of a display device. The computer acquires an event corresponding to an operation performed on a screen displayed in the display region. The computer identifies a screen used as a standard screen from among the first screen and the second screen. The computer identifies an instruction provided by the event on basis of the screen used as the standard screen. | 2014-09-18 |
20140283103 | Systems and methods to extend ROM functionality - Various embodiments allow for flexible and secure updates of drivers for numerous types of external memory devices by utilizing an address-selection mechanism within a simple and secure ROM code to enable the loading of a dynamic routine from an external source into a dynamic memory. In certain embodiments, the routine enables a simple and trusted framework to access and modify the content of any number of complex memory devices via simple commands without affecting existing security measures. This increases the usable lifetime of secure ROM code, simplifies device validation, and shortens the overall development cycle by extending the functionality of secure ROM code while keeping the ROM code and any programming thereof simple. | 2014-09-18 |
20140283104 | Object Rendering Systems and Methods - Systems and methods are described that protect intellectual property rights in connection with 3-dimensional printing processes. In certain embodiments, an object a user would like to render with a 3-dimensional printing device may be compared with one or more managed objects having certain associated intellectual property rights. If the object is found to be similar to a managed object (e.g., similar in shape, function, composition, etc.), policy associated with the managed object may be enforced in connection with rendering the object. In this manner, intellectual property rights associated with the managed objects may be enforced. | 2014-09-18 |
20140283105 | METHOD AND SERVICE FOR USER TRANSPARENT CERTIFICATE VERIFICATIONS FOR WEB MASHUPS AND OTHER COMPOSITE APPLICATIONS - Embodiments for providing user transparent certificate verifications for web mashups and other composite applications are generally described herein. In some embodiments, a content buffer is provided for holding content until receiving verification results that allow the content to be presented in a browser user interface. A browser core receives an aggregation of content from a plurality of sources and performing local verification of digital certificates associated with the content received form the plurality of sources. A browser content interface intercepts content associated with verified digital certificates from the browser core to provide content associated with verified digital certificates to the content buffer for holding. An online certification module is arranged to receive untrusted certificates from the browser content interface and to perform verification of the received untrusted certificates using online certification services and/or local certificate store on the client device. | 2014-09-18 |