39th week of 2013 patent applcation highlights part 76 |
Patent application number | Title | Published |
20130254789 | TELEVISION RECEIVER AND CHANNEL SELECTION METHOD - At power-on of a television receiver, a selection part selects a channel most likely to be selected by a user among all channels over which the television receiver is capable of receiving programs, based on pieces of program history information of program history databases. | 2013-09-26 |
20130254790 | RESOURCE CONSERVATION FOR PACKET TELEVISION SERVICES - The present invention controls delivery of television content to conserve network resources based on whether the television content is being viewed on a television monitor. A television gateway may monitor a viewer's interactions with the television gateway to determine whether the television content is being viewed at the associated television monitor, or detect whether the television monitor is on or off. Upon determining that the viewer is not viewing the television content, various actions can be taken to conserve network resources. | 2013-09-26 |
20130254791 | Multimedia Content Viewing Confirmation - Disclosed herein is a computer implemented method and system for confirming that a viewer viewed multimedia content on a client device. A multimedia content owner uploads multimedia content on a server. The client device receives the multimedia content from the server and plays the multimedia content on a display screen of the client device. A random challenge is presented to the viewer by overlaying the random challenge on the multimedia content. A response for the presented random challenge is invoked from the viewer. A correct or partially correct response from the viewer confirms that the multimedia content has been viewed by the viewer. A response report is generated based on the response from the viewer. The viewer is credited with an item of value and the multimedia content owner is debited a fee, if the response report confirms the multimedia content was viewed by the viewer. | 2013-09-26 |
20130254792 | METHOD AND APPARATUS FOR USING LOW POWER RF CIRCUITS AND EDID DATA AND CONTROL FOR DISPLAY MONITORING - A method and means for display control and monitoring include an extended display identification (EDID) means and communicating with the display using radio frequency communication and extended display identification commands via the extended display identification means to monitor the display's status and to control the display's functionality controllable via the extended display identification commands. The means can include an EDID circuit for interfacing with a display and communicating with at least the display using EDID packets, an RF interface for providing RF communications, an antenna for receiving and transmitting RF packets and a processor for translating the received RF packets to EDID packets and vice-versa. | 2013-09-26 |
20130254793 | Broadcast Source Identification Based on Matching Via Bit Count - An end user can sample a radio or television broadcast, generate a user representation of the broadcast sample, and send the user representation to a comparison system, which also receives known representations of content broadcast by multiple different stations. The known representations are stored in a continuous fashion, and represent actually broadcast content. The comparison system identifies the source of the broadcast sample by comparing the user representation to the known representations associated with each of the different stations using a bit count method, such as the Hamming distance. By comparing two representations of content that was actually broadcast, a broadcast source can be identified without requiring the use of watermarks, timestamps, or a database of discreet content items. | 2013-09-26 |
20130254794 | SIMULATION METHOD AND SYSTEM - A simulation method and system. A computing system receives a first audio and/or video data stream. The first audio and/or video data stream includes data associated with a first person. The computing system monitors the first audio and/or video data stream. The computing system identifies emotional attributes comprised by the first audio and/or video data stream. The computing system generates a second audio and/or video data stream associated with the first audio and/or video data stream. The second audio and/or video data stream includes the data without the emotional attributes. The computing system stores the second audio and/or video data stream. | 2013-09-26 |
20130254795 | METHOD FOR SETTING A WATCHING LEVEL FOR AN AUDIOVISUAL CONTENT - The invention discloses a method for setting a watching level to an audiovisual content which some frames are already annotated with watching levels. Upon the reception of the audiovisual content, frames annotated with watching levels are extracted and displayed in a single view. One of the displayed frames is selected by the user, the watching level of the selected frame being set as watching level to the audiovisual content. | 2013-09-26 |
20130254796 | DIGITAL TELEVISION SIGNAL FOR RECEIVING PSIP DATA, METHOD OF PROCESSING DIGITAL TELEVISION SIGNAL, AND DIGITAL TELEVISION RECEIVER - A digital television signal for receiving program and system information protocol (PSIP) data, a method for processing the digital television signal, and a digital television receiver are disclosed. The digital television signal used in the digital television receiver in order to receive a program system information protocol (PSIP) data from a broadcast transmitter includes a rating region table containing the PSIP data. Herein, the rating region table includes a global rating value field defining a global rating value which is valid for all graphical rating regions, a rating region field defining a specific graphical rating region to be associated with the rating region table, and at least one local rating value field identifying a local rating value which is valid for the specific graphical rating region only. | 2013-09-26 |
20130254797 | CROSS-PLATFORM ADVERTISEMENT SYNCHRONIZATION - In some example embodiments, a television transmission that a user is viewing at a given time is determined and a website that the user is viewing at the given time is also determined. A first advertisement transmitted at the given time on the television transmission is further determined and a second advertisement transmitted on the website is synchronized with the first advertisement transmitted at the given time on the television transmission. | 2013-09-26 |
20130254798 | AUGMENTED BROADCASTING STREAM TRANSMISSION DEVICE AND METHOD, AND AUGMENTED BROADCASTING SERVICE PROVIDING DEVICE AND METHOD - An augmented broadcasting stream transmission device and method and an augmented broadcasting service providing device and method capable of ensuring that augmented broadcasting metadata arrive at a receive terminal in a time more rapid as compared to a corresponding video frame by a predetermined time are provided. | 2013-09-26 |
20130254799 | USE OF MESSAGES IN OR ASSOCIATED WITH PROGRAM SIGNAL STREAMS BY SET-TOP TERMINALS - Methods of operating a communications system comprise, in one example, inserting advertising in a program stream by a receiving device based, at least in part, on an encrypted segmentation message embedded in the program steam. The at least one segmentation message defines an expanse of the program stream to receive the advertising. At least one embedded decoy message is included in the program stream, as well. In one example the receiving device, which may be a set-top terminal, for example, is coupled to a display device, such as a television, at a user location. A method of operating a receiving device coupled to a display device at a user location is also disclosed, comprising programming the receiving device to record a program and recording the program based, at least in part, on at least one segmentation message in a program stream. Systems are disclosed, as well. | 2013-09-26 |
20130254800 | USE OF MESSAGES IN OR ASSOCIATED WITH PROGRAM SIGNAL STREAMS BY SET-TOP TERMINALS - Methods of operating a communications system comprise, in one example, inserting advertising in a program stream by a receiving device based, at least in part, on an encrypted segmentation message embedded in the program steam. The at least one segmentation message defines an expanse of the program stream to receive the advertising. At least one embedded decoy message is included in the program stream, as well. In one example, the receiving device, which may be a set-top terminal, for example, is coupled to a display device, such as a television, at a user location. A method of operating a receiving device coupled to a display device at a user location is also disclosed, comprising programming the receiving device to record a program and recording the program based, at least in part, on at least one segmentation message in a program stream. Systems are disclosed, as well. | 2013-09-26 |
20130254801 | INCREMENTAL TRANSMISSION OF DATA - In one form, the present teachings provide a method and apparatus for broadcasting an event. The method includes receiving data related to an event via an uplink. Another aspect of the method includes determining whether the data is broadcast on a recurring basis. The method also includes determining whether a transponder channel associated with multiplexed program channels has any unused data or bandwidth to broadcast a portion of the data along with the multiplexed program channels. Additionally, the method includes broadcasting the portion of the data in a data stream. | 2013-09-26 |
20130254802 | SELECTION OF ADVERTISEMENTS FOR PLACEMENT WITH CONTENT - Methods, systems, and apparatus, including computer program products, for selecting advertisements. A request for sponsored content for presentation with a content item in a document is received. One or more candidate sponsored content items are identified based on one or more criteria. The criteria includes information related to the content item independent of the document, and information related to the document. One or more of the candidate sponsored content items are selected. The selected sponsored content items are transmitted for presentation with the content item. | 2013-09-26 |
20130254803 | SYSTEM AND METHOD FOR INTERNET PROTOCOL TELEVISION PRODUCT PLACEMENT DATA - A system and method are disclosed for sending advertising data to an end user device. The system includes but is not limited to a processor in data communication with a computer readable medium; and a computer program embedded in the computer readable medium, the computer program including but not limited to instructions to send first password data to a first group of end user devices that have exchanged a first advertising key data in a first advertising category; and instructions to send first advertising data encoded using the first password to the first group of end user devices. | 2013-09-26 |
20130254804 | CONVERTING, NAVIGATING AND DISPLAYING VIDEO CONTENT UPLOADED FROM THE INTERNET TO A DIGITAL TV VIDEO-ON-DEMAND PLATFORM - Video content is uploaded via the Internet to a video-on-demand (VOD) server identified by a title and a hierarchical address of categories and subcategories for categorizing the title. The VOD server converts and stores the video content at a storage address in a video content database linked to the title. The title is listed in a location of an electronic program guide (EPG) using the same categories and subcategories as in its hierarchical address. Any TV subscriber can access the EPG and navigate through its categories and subcategories to find a title for viewing on the TV. This can enable many, new blogging or podcasting-like programs by popular “Hosts” to be self-published on the Internet and readily navigated for display on TV. The EPG can also store TV program addresses as bookmarks and allow them to be shared with other subscribers or with friends and contacts online by sending to their email addresses. | 2013-09-26 |
20130254805 | Opportunistic Video Advertisement from Clients Cache - Advertisements are shown to users when the queue underflows to avoid video stalls in players/plugins so users see minimum disruption in video quality. The advertisements are pre-fetched and cached at the mobile phone to schedule them during queue underflows. If there is no congestion in the network, the queue does no underflow and advertisements are shown only to meet ad contracts. During network congestion or disruption, the queue might underflow and specific advertisements are shown to equalize network unavailability until sufficient video data has been received. | 2013-09-26 |
20130254806 | System and Method for Displaying a Media Program Stream on Mobile Devices - A system and method of displaying a sequence of media clips using a application program operating on a user's computer that natively displays web content such that each media clip is automatically displayed after the previous clip is completed, where the sequence is controlled and determined at a remote location from the user's computer and the display of the sequence on the user's computer occurs without any ongoing interaction with the application. | 2013-09-26 |
20130254807 | APPARATUS, SYSTEMS AND METHODS FOR RICH MEDIA ELECTRONIC PROGRAM GUIDES - Electronic program guide (EPG) systems and methods are operable to incorporate image information into an EPG generated at a media device. An exemplary embodiment receives an image associated with a program, processes the received image into a rich media EPG image, receives program presentation schedule information that specifies a presentation schedule of a plurality of programs, wherein the program is one of the plurality of programs scheduled for presentation, associates an identifier with the rich media EPG image and the program, and generates a rich media EPG schedule based upon the received program presentation schedule information and the identifier. | 2013-09-26 |
20130254808 | ELECTRONIC APPARATUS AND DISPLAY CONTROL METHOD - According to at least one embodiment, an electronic apparatus includes a TV module and a Web browser module. The TV module extracts EPG information from a broadcast signal, extracts program information of a broadcast program from the EPG information, transmits the program information to the Web browser module, receives external video data from the Web browser module, and displays video by using the external video data. The Web browser module receives the program information from the TV module, extracts keywords from the program information, retrieves information relating to a keyword of the keywords after the keyword is transmitted to a server, and transmits the external video data for displaying the retrieved information to the TV module. | 2013-09-26 |
20130254809 | DYNAMIC ADJUSTMENT OF ELECTRONIC PROGRAM GUIDE DISPLAYS BASED ON VIEWER PREFERENCES FOR MINIMIZING NAVIGATION IN VOD PROGRAM SELECTION - Items of video content offered for viewing on a video-on-demand (VOD) platform of a digital TV service provider are each assigned a respective title and hierarchical address corresponding to hierarchically-arranged categories and subcategories within which the title for the video content is to be categorized. The title is listed in a location of an electronic program guide (EPG) using the same categories and subcategories as its hierarchical address. Any TV subscriber can access the EPG and navigate through its categories and subcategories to find a title for viewing on the TV. The EPG dynamically adjust its display listings of each level of categories, subcategories, and titles in order to minimize the number of remote control keypresses needed for a viewer to navigate to a title of interest. In one basic form, the EPG display is reordered by listing more frequently visited categories or subcategories first, and other less frequently visited categories or subcategories lower on the listing or out-of-sight on another page of the display. | 2013-09-26 |
20130254810 | VIDEO PROCESSING APPARATUS, VIDEO PROCESSING SYSTEM INCLUDING THE SAME, AND INFORMATION PROVIDING METHOD IN VIDEO PROCESSING APPARATUS - There are provided a video processing apparatus, a video processing system, and an information providing method in the video processing apparatus. The video processing apparatus includes: a communication part performing communication with a service providing server providing broadcasting services; a video processing part performing video processing with respect to the broadcasting services; an output part outputting information on the broadcasting services; and a controller controlling the communication part, the output part and the video processing part to transmit user information and viewing information with respect to the video processing apparatus to the service providing server, to receive recommendation information based on the user information and the viewing information from the service providing server, and to output the received recommendation information, respectively. | 2013-09-26 |
20130254811 | INTELLIGENT SYSTEM AND METHODS OF RECOMMENDING MEDIA CONTENT ITEMS BASED ON USER PREFERENCES - A system and method for making program recommendations to users of a network-based video recording system utilizes expressed preferences as inputs to collaborative filtering and Bayesian predictive algorithms to rate television programs using a graphical rating system. The predictive algorithms are adaptive, improving in accuracy as more programs are rated. | 2013-09-26 |
20130254812 | IPTV RADIO DEVICE USING LOW-BANDWIDTH CONNECTION - Providing audio services to an Internet television device using a low-bandwidth Internet connection, including: configuring the Internet television device to operate and receive audio services using a low-bandwidth Internet connection; presenting a list of authorized services on a display of the Internet television device; receiving a search word for desired services, searching using the search word and aggregating search results, and presenting a playlist of services and stations obtained from the search results based on user's playback history and device's modular capabilities, when the desired services are not in the list of authorized or recommended services; enabling a customer to select a service from the list of authorized services or playlist of services and stations; and generating and streaming audio portion of the selected service to the Internet television device. Keywords include IPTV and low-bandwidth. | 2013-09-26 |
20130254813 | Recording in a Local Network - A media playing device ( | 2013-09-26 |
20130254814 | SYSTEM AND METHOD FOR MANAGING, CONVERTING AND DISPLAYING VIDEO CONTENT ON A VIDEO-ON-DEMAND PLATFORM, INCLUDING ADS USED FOR DRILL-DOWN NAVIGATION AND CONSUMER-GENERATED CLASSIFIED ADS - A video-on-demand (VOD) content delivery system has a VOD Application Server which manages a database of templates ordered in a hierarchy for presentation of video content elements of different selected types categorized in hierarchical order. The templates include those for higher-order displays which have one or more links to lower-order displays of specific content. The VOD Application Server, in response to viewer request, displays a high-order templatized display, and in response to viewer selection of a link, displays the lower-order display of specific content. The hierarchical templatized displays enable viewers to navigate to an end subject of interest while having a unique visual experience of moving through a series of displays to the end subject of interest. | 2013-09-26 |
20130254815 | APPARATUS AND METHODS FOR MANAGING DELIVERY OF CONTENT IN A NETWORK WITH LIMITED BANDWIDTH USING PRE-CACHING - Apparatus and methods for managing provision of content to devices in a content delivery network. In one exemplary embodiment, content with a high probability of viewership is sent to consumer premises equipment (CPE) during off-peak periods and stored prior to viewing. An application is utilized to manage decisions related to content provision. The computer program will identify content that is likely to be of interest users associated with respective CPE, and schedule provision of that content in advance of viewing. Then, the system will develop a plan for optimal scheduling of transmission of content to CPEs, often including the use of trickle downloads. The scheduling plan is based collected statistical and historical data on network resource demand to make scheduling decisions. The system allows for the shifting of bandwidth utilization from periods of high demand to those of low demand, and increased performance with regard to user experienced latency. | 2013-09-26 |
20130254816 | TEMPORAL VIDEO TAGGING AND DISTRIBUTION - A method and apparatus for temporal tagging of videos in response to identification of locations on the video where persons in a contact list of a user are identified in response to facial recognition. The temporal tags can be retained within the video, or contained separately in a metadata file having fields to indicate time locations in the video and identified persons seen at those locations. Use of the temporal tags allows for automatic distribution of content relevant to the recipient, based on their presence in the video, or of persons in the video of which they are interested. | 2013-09-26 |
20130254817 | SYSTEMS, METHODS AND COMPUTER READABLE MEDIA FOR INSTANT MULTI-CHANNEL VIDEO CONTENT BROWSING IN DIGITAL VIDEO DISTRIBUTION SYSTEMS - Techniques for delivery and presentation/display of audio-visual signals over electronic communications network channels are disclosed herein. In an exemplary embodiment, a video server for an IPTV system is disclosed. The system includes a video extractor/transporter (shortly referred to as video extractor) for extracting encoded audio-visual signals from at least one video source, and distributing the signals over the electronic communications network channels. The system also includes control logic which can receive control messages from receivers and invoke the video extractor to extract audio-visual signals therefrom. | 2013-09-26 |
20130254818 | Interactive Content with Enhanced Network Operator Control - A method includes receiving, at a media device, a content signal sent to the media device from a data center via a network. The content signal includes a hot key signal indicating availability of alternate content. The method includes determining, at the media device, that the hot key signal is relevant to content sent by the media device to a display device. The method also includes sending, via the media device to the display device, a hot key associated with the hot key signal to the display device to be displayed with the content. | 2013-09-26 |
20130254819 | BROADCASTING RECEIVER AND METHOD OF INTERFACING RESOURCE INFORMATION BETWEEN A HOST DEVICE AND A POD, SENDING HOST DEVICE RESOURCE INFORMATION AND OBTAINING HOST DEVICE RESOURCE INFORMATION - A broadcasting receiver and method of interfacing resource information between a host device and a POD, sending host device resource information and obtaining host device resource information are disclosed. A POD sends a resource information requesting message. And a host device receives the resource information requesting message and responds with a resource information message including a resource identifier defined in a resource information table which includes information indicating whether the host device supports A-mode. Using a “conditional access” feature provided by a conventional cable security card, content received through any type of transport protocol (including an IP protocol) including a wired/wireless network can be protected and A-mode resource information can be systematically defined together with other-mode IP communication resource and the resource information of different modes can be integrated and transmitted to the host device. | 2013-09-26 |
20130254820 | Methods for Accessing Media Over the Internet - Systems and methods for delivering media over a network are provided. Multiple media assets are stored on a server, as well as a representation for at least one media asset. The representation of a media asset is delivered to a client. A client user request based on selection of a representation is received, and the represented media asset is delivered from the server in response to the client user request. | 2013-09-26 |
20130254821 | Method and System for Providing Complete Internet Anywhere with Partial Server Processing - Methods and systems are described for providing complete Internet anywhere with partial server processing in which a request is sent from a set-top-box (STB) to a server communicatively coupled with the STB to process a portion of a web page that is unsupported by a web browser running on the STB. In one such method, the STB sends to the server an unsupported content request associated with a portion of a web page that is unsupported by a web browser executing on the STB. The STB receives a data stream from the server in response to the unsupported content request. The data stream was generated at the server by processing the unsupported portion of the web page. The STB composites the received data stream with another portion of the web page, that is supported by the web browser, to produce the web page. | 2013-09-26 |
20130254822 | System for Creating and Displaying a Media Program Stream - A system and method of displaying a sequence of media clips on a webpage rendered by a browser operating on a user's computer such that each media clip is automatically displayed after the previous clip is completed, where the sequence is controlled and determined at a remote location from the user's computer and the display of the sequence on the user's computer occurs without any ongoing interaction with the browser by the user. | 2013-09-26 |
20130254823 | SERVER APPARATUS AND METHOD FOR SWITCHING TRANSMITTING SYSTEM - A server apparatus is provided with: a pair of unit parts which can be used for a double system containing an active system and a spare system; a pair of main control parts which can be used for the double system containing an active system and a spare system, and can control the pair of the unit parts and can monitor each other. The main control part used as an active system includes a detection means and a system switch means. When the detection means detects that one of the processing units contained in the unit part used as the active system is broke down, the system switch means changes the broken processing unit from the active system to the spare system, and changes the processing unit which is paired with the broken processing unit from the spare system to the active system. | 2013-09-26 |
20130254824 | TRIGGER COMPACTION - A method, non-transitory computer-readable storage medium, and reception apparatus for processing one or more triggers associated with audio/video (A/V) content, and an information providing apparatus for providing the one or more triggers. The method includes receiving by the reception apparatus the A/V content and a first trigger associated with the received A/V content. Further, the reception apparatus retrieves a trigger parameters table (TPT), associated with the A/V content, from a TPT server identified in the received first trigger. The TPT defines at least one event associated with the A/V content and defines, for each of the at least one event, a parameter used to perform a process and corresponding to the respective event. | 2013-09-26 |
20130254825 | ENHANCED POLICY CONTROL FRAMEWORK FOR OBJECT-BASED MEDIA TRANSMISSION IN EVOLVED PACKET SYSTEMS - There are provided measures for an enhanced policy control framework for object-based media transmission in Evolved Packet Systems. Such measures exemplarily comprise setting transmission conditions of an object-based video data transmission session, receiving selection information indicative of a selected at least one of a plurality of video objects of said object-based video data transmission session, and modifying said transmission conditions based on said received selection information. | 2013-09-26 |
20130254826 | METHOD AND APPARATUS FOR PROVIDING BROADCAST CONTENT AND SYSTEM USING THE SAME - A method and apparatus for providing broadcast content by an adaptive streaming service and a system using the same are provided, in which a content transmission server configures and transmits a manifest file including a content IDentifier (ID), and a client device receives the manifest file, determines whether the content ID included in the manifest file is identical to an ID of user-requested content for recording, and records a content segment received from a content providing server, if the content ID included in the manifest file is identical to the ID of the user-requested content. | 2013-09-26 |
20130254827 | METHOD, SYSTEM, SERVER AND TERMINAL FOR MANAGING DIGITAL TELEVISION BUSINESS DATA - A method, server and terminal for managing digital television business data are disclosed in the present invention. By means that the mobile terminal forwards a business request, which is required to be sent from a digital television reception terminal to a business server, to the business server and the business server provides the corresponding business service for a user via a unidirectional digital television network, the present invention solves the problem that the unidirectional digital television reception terminal in the art can not obtain bidirectional interactive television business data, and allows the user to enjoy bidirectional interactive television business functions without having to replace the digital television reception terminal and the unidirectional digital television network, thereby greatly enhancing user experience. | 2013-09-26 |
20130254828 | DEVICES AND METHODS FOR DYNAMIC BROADCAST - A dynamic broadcast system as well as a terminal and a control device for use in such a dynamic broadcast system are presented. Transmission parameters, transmission times and transmission paths used for broadcasting and providing content, either via a broadcast network or a broadband network to terminals used in the dynamic broadcast system are dynamically controlled. Further, a decision logic is provided that dynamically decides transmission parameters, transmission times and transmission paths used for broadcasting and providing content based on monitoring data carrying information on user specific content usage and/or transmission quality data carrying information on the quality of a transmission link between a broadband server and a terminal and/or of a reception of content broadcast by a broadcast transmitter. | 2013-09-26 |
20130254829 | Securing A Computing Environment Against Malicious Entities - The subject disclosure is directed towards securing network data traffic through a trusted partition of the computing environment. A proxy service may communicate transaction data from a client to security-critical code within the trusted partition, which compares the transaction data to a security policy from a commercial electronic entity. If the transaction data includes malicious content, a security component framework of the trusted partition may reject the transaction data and terminate communications with the client. If the transaction data does not include malicious content, the security component framework may communicate a secured version of the transaction data and retrieve response data from the commercial electronic entity, which may be further communicated back to the client. | 2013-09-26 |
20130254830 | APPARATUS AND METHOD FOR ASSURING COMMUNICATIONS OF CORPORATE USERS - A secure communication capability is disclosed. The secure communication capability is adapted to assure communications by or otherwise associated with a corporate user. The communications by or associated with the corporate user may be supported using a corporate user device(s) and/or a personal user device(s). The communications by or associated with the corporate user may be assured regardless of various elements or factors (e.g., regardless of one or more of a user device used for the communication, a communication channel used for the communication, a communication medium used for the communication, a communication mode used for the communication, and the like). In this manner, a secure blanket is imposed over all communication mechanisms used to support communication by or otherwise associated with the corporate user regarding corporate matters and/or personal matters. | 2013-09-26 |
20130254831 | METHOD AND APPARATUS FOR CONTEXT AWARE MOBILE SECURITY - An approach is provided for causing a change in a security policy of a device based on contextual information. The approach involves determining context information associated with a device. The approach also involves determining a security policy of the device. The approach further involves determining a change of the context information. The approach additionally involves processing the determined change of the context information to cause, at least in part, a revision of the security policy of the device. | 2013-09-26 |
20130254832 | Security Protection Domain-Based Testing Framework - Methods and apparatus for security protection domain-based testing. A testing framework enables the same certification tests to be run across different protection domains or operation modes, and on different platforms or devices. The testing framework may, for example, be directed to testing implementations of the Java Platform, Micro Edition (Java ME®) using Connected Device Configuration (CDC) or Connected Limited Device Configuration (CLDC) as the configuration layer and Mobile Information Device Profile (MIDP) as the profile layer. Different Mobile Information Device Profile (MIDP) specifications (e.g., MIDP 2.x and MIDP 3.x specifications) may be supported. The testing framework may be deployed in the context of compatibility testing and technology compatibility kits (TCKs). The testing framework may, for example, be applied in compatibility testing for Java ME® platform technology implementations. | 2013-09-26 |
20130254833 | METHODS AND SYSTEMS FOR CONTROLLING ACCESS TO COMPUTING RESOURCES BASED ON KNOWN SECURITY VULNERABILITIES - Methods and systems are provided for fine tuning access control by remote, endpoint systems to host systems. Multiple conditions/states of one or both of the endpoint and host systems are monitored, collected and fed to an analysis engine. Using one or more of many different flexible, adaptable models and algorithms, an analysis engine analyzes the status of the conditions and makes decisions in accordance with pre-established policies and rules regarding the security of the endpoint and host system. Based upon the conditions, the policies, and the analytical results, actions are initiated regarding security and access matters. In one described embodiment of the invention, the monitored conditions include software vulnerabilities. | 2013-09-26 |
20130254834 | IMPLEMENTING POLICIES FOR AN ENTERPRISE NETWORK USING POLICY INSTRUCTIONS THAT ARE EXECUTED THROUGH A LOCAL POLICY FRAMEWORK - A policy framework is maintained on the computing device, and the computing device communicates with a policy server of an enterprise network over a network to receive a set of policy instructions. The policy instructions are executed through the policy framework in order to implement one or more policies that control the mobile computing device's access to resources of the enterprise network. | 2013-09-26 |
20130254835 | ACCESS AUTHORIZATION HAVING EMBEDDED POLICIES - A facility for receiving an embedded policy is provided. The facility checks an application program image for the presence of an embedded policy. If an embedded policy is detected, the facility extracts the policy from within the application program image. The facility may then apply the extracted policy to the application program image before the application program image is loaded and/or executed. Moreover, the facility may check the application program image's integrity prior to extracting the embedded policy. | 2013-09-26 |
20130254836 | BROWSER SECURITY STANDARDS VIA ACCESS CONTROL - A computing system is operable to contain a security module within an operating system. This security module may then act to monitor access requests by a web browser and apply mandatory access control security policies to such requests. It will be appreciated that the security module can apply mandatory access control security policies to such web browser access attempts. | 2013-09-26 |
20130254837 | Rights Management Services Integration with Mobile Device Management - Rights management services (RMS) integration with mobile device management (MDM) may be provided. A functionality associated with a document may be restricted according to a document management policy. After the document has been transmitted to a receiving device, a request to un-restrict the at least one functionality associated with the document may be received. If it is determined that the receiving device complies with the document management policy, the functionality associated with the document may be un-restricted. | 2013-09-26 |
20130254838 | SYSTEM AND METHOD FOR DATA MINING AND SECURITY POLICY MANAGEMENT - A method is provided in one example and includes generating a query for a database for information stored in the database. The information relates to data discovered through a capture system. The method further includes generating an Online Analytical Processing (OLAP) element to represent information received from the query. A rule based on the OLAP element is generated and the rule affects data management for one or more documents that satisfy the rule. In more specific embodiments, the method further includes generating a capture rule that defines items the capture system should capture. The method also includes generating a discovery rule that defines objects the capture system should register. In still other embodiments, the method includes developing a policy based on the rule, where the policy identifies how one or more documents are permitted to traverse a network. | 2013-09-26 |
20130254839 | REAL TIME LOCKDOWN - A system and method that trusts software executables existent on a machine prior to activation for different types of accesses e.g. execution, network, and registry. The system detects new executables added to the machine as well as previously existent executables that have been modified, moved, renamed or deleted. In certain embodiments, the system will tag the file with a flag as modified or newly added. Once tagged, the system intercepts particular types of file accesses for execution, network or registry. The system determines if the file performing the access is flagged and may apply one or more policies based on the requested access. In certain embodiments, the system intercepts I/O operations by file systems or file system volumes and flags metadata associated with the file. For example, the NT File System and its extended attributes and alternate streams may be utilized to implement the system. | 2013-09-26 |
20130254840 | PROVIDING MULTIPLE AUTHENTICATIONS TO AUTHENTICATE USERS WITH RESPECT TO A SYSTEM AND FILE SYSTEMS OFFERRED THROUGH THE SYSTEM - Provided are a method, system, and computer program product for providing multiple authentications to authenticate users with respect to a system and file systems offered through the system. A request is received from a user to access a system, wherein the system provides access to a plurality of file systems. A first authentication of the user with respect to the system is performed. In response to success of the first authentication with respect to the system, a request by the user is received to access a selected one of the file systems. A second authentication is performed of the user with respect to the selected file system. The user is allowed access to the selected file system in response to success of the second authentication. | 2013-09-26 |
20130254841 | SECURE CLOUD COMPUTING PLATFORM - A secure cloud computing platform. The platform has a pool of secure computing devices such that each can be allocated to a customer as with other computing resources. Each secure computing device may be configured by a customer with a key and software for performing operations on sensitive data. The customer may submit data, defining a job for execution on the platform, as cyphertext. The secure computing device may perform operations on that data, which may include decrypting the data with the key and then executing the software to perform an operation on cleartext data. This operation, and the data on which it is performed, though in cleartext, may be inaccessible to the operator of the cloud computing platform. The device may operate according to a secure protocol under which the software is validated before loading and the device is provisioned with a key shared with the customer. | 2013-09-26 |
20130254842 | OPERATION OF MOBILE DEVICE AS TRUSTED MOBILE WEB CLIENT OR TRUSTED MOBILE WEB SERVER - A method of operating a mobile device comprises executing a trusted service application in a trusted operating system through secure access, executing a trusted web server module in the trusted operating system, wherein the trusted web server module is configured to transfer information using an internet protocol and the information is generated by execution of the trusted service application, and executing a user application in a rich operating system through normal access, wherein the user application is configured to relay communication between a remote web server and the trusted web server module through a security session. | 2013-09-26 |
20130254843 | METHOD FOR CONTROLLING ACCESS TO VISUAL MEDIA IN A SOCIAL NETWORK - A method for controlling access to a visual medium in a social network comprising user units connected to a social network site server associated to a database and a to a distorted visual medium server storing visual media posted by users of the social network. A visual medium is selected by a posting user on a user unit and made available to at least one entitled user of said social network. The posting user defines a list of entitled users to be entitled to access the visual medium, said list of entitled users comprising at least one identifier identifying at least one entitled user, said identifier being associated to a parameter defining an access level to the selected visual medium. The selected visual medium is uploaded to the distorted visual medium server in association with the list of entitled users. The distorted visual medium server stores the visual medium in a memory and applies a distortion effect so as to obtain at least one distorted visual medium degraded according to a predefined degradation level. An entitled user iden tified on the list receives, from the distorted visual medium server, the visual medium distorted according to a degradation level corresponding to the parameter defining the access level associated to the identifier of the entitled user. The distortion effect applied on the original visual medium preferably consists of a scrambling operation performed on the original visual medium to obtain a scrambled visual medium. The access level defines the rights of a user for descrambling the scrambled visual medium into a reconstructed visual medium. Depending on the user access level, the reconstructed visual medium can be a partially descrambled visual medium or a fully descrambled visual medium according to the user access level. | 2013-09-26 |
20130254844 | Targeted Muting for Communication Between Electronic Appliances - A method for controlling the flow of data in a near field communication appliance having an interposed element and a plurality of secure elements connected to the interposed element is disclosed. The method includes receiving a first communication at a first one of the secure elements. The first communication is sent by an external appliance and suited to an application located in one of the secure elements. The method further includes testing, by means of the first secure element, whether the first secure element contains the application. The first secure element is muted if the first secure element does not contain the application. A corresponding near field communication appliance and terminals are also disclosed. | 2013-09-26 |
20130254845 | DIGITAL DATA AUTHENTICATION - A method for protecting a digital document and user data typed into a digital document is presented. The method comprises computation of an authentication tag when the document is sent from a server. A similar authentication tag is computed when the document is shown on a client. When another document referenced in the document is requested by the client from the server, the authentication tag computed by the client is attached to the request for that other document. The server receiving the request compares the authentication tag it computed with the one it received to verify if the request came from an authentic copy of the document. The method is suitable for protection of online banking, online investment, online shopping, and other electronic applications. | 2013-09-26 |
20130254846 | METHOD FOR A CLIENT DEVICE TO ACCESS TO REMOTE SECURE DATA ON A REMOTE SECURE DEVICE - The invention relates to a method for a client device ( | 2013-09-26 |
20130254847 | IDENTITY SERVICES FOR ORGANIZATIONS TRANSPARENTLY HOSTED IN THE CLOUD - Embodiments of the invention are disclosed for establishing single identity/single-sign on (SSO) on a cloud computing platform. In an embodiment, a user is validated to the cloud computing platform, and identifies a domain. After establishing that the user has control of the domain, the cloud computing platform configures a directory service for the domain. The user may then use the directory service on the cloud computing platform to log in to his or her computer, as well as software services hosted on the cloud computing platform. | 2013-09-26 |
20130254848 | SYSTEM AND METHOD FOR CONTROLLING ACCESS TO A RESOURCE - Methods, devices, and computer-readable storage media are provided. In some embodiments, a server receives from a browser on a client a request to access a first web page. In response to receiving the request, the server sends to the client a second web page including an embedded executable program configured to run within the browser on the client, wherein the embedded executable program, when executed on the client, is operable to obtain a ticket-granting ticket stored on the client and send the ticket-granting ticket to the server. The server receives the ticket-granting ticket from the embedded executable program on the client. Furthermore, the server determines whether a user associated with the ticket-granting ticket is authorized to access the first web page. In response to determining that the user is authorized to access the first web page, the server grants the requested access to the first web page. | 2013-09-26 |
20130254849 | Bypass Login for Applications on Mobile Devices - In one embodiment, a social-networking system authenticates a user of a mobile device, receives a request from the mobile device to install a software application, transmits data to the mobile device comprising the software application and an installation identifier (ID), receives another request including the installation ID from the mobile device to authorize the software application, evaluates the installation ID for validity, and transmits yet another response to the mobile device in accordance with the evaluation. | 2013-09-26 |
20130254850 | Proxy Bypass Login for Applications on Mobile Devices - In one embodiment, an intermediate server receives a request with a secure ID to authorize a software application, transmits the secure ID to a social-networking system, receives an access token from the social-networking system indicating that the software application has been authorized, evaluates the access token for validity, and transmits a response to the mobile device indicating the software application is authorized. | 2013-09-26 |
20130254851 | COMPUTERIZED AUTHORIZATION SYSTEM AND METHOD - A computerized authorization system configured to authorize electronically-made requests to an electronic entity. The computerized authorization system comprises a store configured to store an indication of at least one predetermined electronic authorization device configured to authorize each electronically-made request. The computerized authorization system is further configured such that: in response to receiving an electronically-made request to the electronic entity, an indication of the request is output to the at least one predetermined electronic authorization device configured to authorize the request as indicated in the store; and in response to receiving an indication of authorization from the at least one predetermined electronic authorization device, an indication of authorization of the request is output to the electronic entity. | 2013-09-26 |
20130254852 | PROVIDING MULTIPLE AUTHENTICATIONS TO AUTHENTICATE USERS WITH RESPECT TO A SYSTEM AND FILE SYSTEMS OFFERED THROUGH THE SYSTEM - Provided are a method, system, and computer program product for providing multiple authentications to authenticate users with respect to a system and file systems offered through the system. A request is received from a user to access a system, wherein the system provides access to a plurality of file systems. A first authentication of the user with respect to the system is performed. In response to success of the first authentication with respect to the system, a request by the user is received to access a selected one of the file systems. A second authentication is performed of the user with respect to the selected file system. The user is allowed access to the selected file system in response to success of the second authentication. | 2013-09-26 |
20130254853 | SYSTEM AND METHOD FOR PEER-TO-PEER HYBRID COMMUNICATIONS - An improved system and method are disclosed for peer-to-peer communications. In one example, the method enables two endpoints to directly establish and maintain a communication session after authenticating with an access server. | 2013-09-26 |
20130254854 | INDIVIDUAL AND INSTITUTION VIRTUALIZATION MECHANISMS - A virtualization capability is adapted support virtualization for an individual or an institution. The virtualization for an individual or an institution may be provided using mappings of real information to virtual information. The virtualization for an individual or an institution may be used to support secure communications by the individual or an institution (e.g., electronic communications, non-electronic communications, or the like). The virtualization for an individual or an institution may include various types of E.164 Number Mapping (ENUM) virtualization, such as user ENUM virtualization, infrastructure ENUM virtualization, private ENUM virtualization, enterprise ENUM virtualization, and the like. The virtualization for an individual or an institution may include virtualization for online transactions in a manner that hides real information associated with the individual or an institution (e.g., name, mailing address, or the like) from the online vendor. The virtualization for an individual or an institution may include other types of virtualization. | 2013-09-26 |
20130254855 | DYNAMIC RENDERING OF A DOCUMENT OBJECT MODEL - The present application relates to a computer having a processor configured to execute a set of instructions to render a customised version of a restricted document object model. A restricted element in a document object model is identified and at least one rule associated with the restricted element is accessed. The at least one rule is applied to the restricted element to generate a modified document object model which is then rendered. A related computer-implemented method is also covered by the present application. The present application relates to server-side authentication techniques; content filtering based on user-specific and context-based requirements; and audit trail techniques. | 2013-09-26 |
20130254856 | Password Generation And Management - A computer implemented method and system for generating and managing multiple passwords associated with multiple online accounts is provided. The computer implemented method and system provides a password management platform accessible by a computing device via a network. The password management platform acquires information on the online accounts and user passwords associated with the online accounts via a graphical user interface (GUI) provided by the password management platform. The password management platform generates one or more unique secure random passwords to replace the user passwords for each of the online accounts on receiving an indication via the GUI. The password management platform stores the generated unique secure random passwords associated with each of the online accounts for managing access to each of the online accounts. The password management platform provides direct and secure access to the online accounts using the stored user passwords or the generated unique secure random passwords. | 2013-09-26 |
20130254857 | Preventing Unauthorized Account Access Using Compromised Login Credentials - User login information submitted as part of an attempt to log into a computer system is evaluated for unauthorized or illegitimate use based on indicators of suspicious behavior. Example indicators of suspicious behavior include whether the login information is known to have been compromised, whether the login attempt originates from a network source or a physical source that has previously originated an attempt to log in using login information known to have been compromised, and whether multiple login attempts using the login information from multiple users has originated from the source. A suspicion index can be calculated based on the presence of the indicators of suspicious behavior. The system can require enhanced authentication based on the measurement of suspicious behavior. | 2013-09-26 |
20130254858 | Encoding an Authentication Session in a QR Code - A system and method is provided for authenticating logins. An authentication server may receive a request for an authentication code from a requesting site, wherein the request is associated with a login session being performed via the requesting site and a first device associated with a user. The authentication server may generate the authentication code, wherein the authentication code comprises a universally unique identifier and an identifier that identifies the authentication server. The authentication server may communicate the generated authentication code to the requesting site. The authentication server may receive the universally unique identifier from a second device associated with the user, wherein the universally unique identifier is retrieved by decoding an optically captured representation of the authentication code at the second device. The authentication server may determine whether the login session is authenticated based on the universally unique identifier. | 2013-09-26 |
20130254859 | INFORMATION PROCESSOR, AUTHENTICATION CONTROL METHOD, AND STORAGE MEDIUM - An information processor is disclosed that includes an authentication part configured to authenticate a user based on predetermined information; an information obtaining part configured to obtain first information to be used to authenticate the user from an external device; and an authentication control part configured to cause the authentication part to authenticate the user by inputting information based on the first information to the authentication part as the predetermined information. The information obtaining part is configured to obtain the first information using a program module whose correlation with the information obtaining part is recorded in a recording medium. | 2013-09-26 |
20130254860 | SYSTEM AND METHOD FOR CONFIGURING ACCESS TO ELECTRONIC MAILBOXES - A system and method for configuring access to an electronic mailbox based on limited configuration parameters received from a user. A database stores configuration conventions for a mail domain. A mailbox interface module receives configuration information from a user that is limited in the configuration parameters required for accessing the electronic mailbox. The module retrieves configuration conventions for the mail domain from the database and generates sets of potentially valid configuration parameters based on the retrieved configuration conventions and user supplied configuration information for accessing the mailbox. | 2013-09-26 |
20130254861 | System and Method for Providing Access to an Information Handling System - An information handling system includes a memory and a detector circuit. The memory is configured to store a first electrocardiogram measurement. The detector circuit is configured to receive a second electrocardiogram measurement in response to a specific combination of keys of a keyboard being pressed for a specific period of time, wherein each key in the specific key combination includes an electrocardiogram sensor on a top surface of the key, to authorize a user and log the user onto the information handling system when the second electrocardiogram measurement matches the first electrocardiogram measurement, and otherwise: to deny access to the information handling system; to increase a counter; to determine whether the counter has exceeded a threshold; and to request that an input window is displayed when the counter has exceeded the threshold. | 2013-09-26 |
20130254862 | MOBILE DEVICE-BASED AUTHENTICATION - Mobile device-based authentication is disclosed. A first biometric input corresponding to a first biometric feature of the user is captured on the mobile device. A first set of biometric data is derived from the captured first biometric input. The first set of biometric data is transmitted to a remote authentication server. Thereafter, a secondary authentication instruction is transmitted to the site resource in response. Access to the site resource is permitted based upon a validation of the first set of biometric data, and a second biometric input that is captured on the site resource in response to the secondary authentication instruction received thereon. The first set of biometric data and the second set of biometric data are validated by remote authentication server substantially contemporaneously. | 2013-09-26 |
20130254863 | AUTHENTICATION OF AN END USER - A method and system for authenticating access of secure information by a user device. An authentication request for accessing the secure information is received, the authentication request including a user identifier of a user at the user device. A position of a secret quadrilateral within a first pattern of colored quadrilaterals is determined and is identifiable by the user identifier; the secret quadrilateral includes an authenticating color. The first pattern of colored quadrilaterals including the secret quadrilateral is generated. A second pattern including colored nodes that include the authenticating color at positions within a transparent authenticating card assigned to the user. The first pattern and the second pattern are sent to the user. Location information from the user device is received. It is determined that the subset of nodes that include the authenticating color, which allows access to the secure information by the user device. | 2013-09-26 |
20130254864 | SYSTEM AND METHOD FOR PORVIDING A CERTIFICATE TO A USER REQUEST - Provided is a system and method for providing a certificate, and more specifically a certificate for network access upon a second system based on at least one criteria and an established identity with a first system. The method includes receiving criteria, such as at least one predefined attribute. Also received from a user known to a first system is a request for network access to a second system, the request having at least one identifier. The first system is then queried with the identifier for attributes associated with the user. The attributes associated with the user are evaluated to the predefined attribute(s). In response to at least one attribute associated with the user correlating to the predefined attribute(s), providing a certificate with at least one characteristic for network access on the second system to the user. An associated system for providing a Certificate is also provided. | 2013-09-26 |
20130254865 | SYSTEM AND METHOD FOR PROVIDING A CERTIFICATE TO A THIRD PARTY REQUEST - Provided is a system and method for providing a certificate, and more specifically a certificate for network access upon a second system based on at least one criteria and an established identity with a first system. The method includes receiving criteria, such as at least one predefined attribute. Also received from a user known to a first system is a request for network access to a second system, the request having at least one identifier. The first system is then queried with the identifier for attributes associated with the user. The attributes associated with the user are evaluated to the predefined attribute(s). In response to at least one attribute associated with the user correlating to the predefined attribute(s), providing a certificate with at least one characteristic for network access on the second system to the user. An associated system for providing a Certificate is also provided. | 2013-09-26 |
20130254866 | SYSTEM AND METHOD FOR PROVIDING A CERTIFICATE BASED ON GRANTED PERMISSIONS - Provided is a system and method for providing a certificate, and more specifically a certificate for network access upon a second system based on at least one criteria and an established identity with a first system. The method includes receiving criteria, such as at least one predefined attribute. Also received from a user known to a first system is a request for network access to a second system, the request having at least one identifier. The first system is then queried with the identifier for attributes associated with the user. The attributes associated with the user are evaluated to the predefined attribute(s). In response to at least one attribute associated with the user correlating to the predefined attribute(s), providing a certificate with at least one characteristic for network access on the second system to the user. An associated system for providing a Certificate is also provided. | 2013-09-26 |
20130254867 | SYSTEM AND METHOD FOR PROVIDING A CERTIFICATE BASED ON LIST MEMBESHIP - Provided is a system and method for providing a certificate, and more specifically a certificate for network access upon a second system based on at least one criteria and an established identity with a first system. The method includes receiving criteria, such as at least one predefined attribute. Also received from a user known to a first system is a request for network access to a second system, the request having at least one identifier. The first system is then queried with the identifier for attributes associated with the user. The attributes associated with the user are evaluated to the predefined attribute(s). In response to at least one attribute associated with the user correlating to the predefined attribute(s), providing a certificate with at least one characteristic for network access on the second system to the user. An associated system for providing a Certificate is also provided. | 2013-09-26 |
20130254868 | SYSTEM AND METHOD FOR MULTIMEDIA MULTI-PARTY PEERING (M2P2) - Embodiments of the present invention pertain to systems and methods for implementing a platform to support multimedia services peering with multiple independent competing parties, such as carriers or service providers. More particularly, certain embodiments of the invention pertain to deployment of the same physical platform or device by using soft- and hard-virtual separation of resources. Each party is allowed to retain full control over its logical resources space, even when a party is not using any of its resources. However, the multimedia multi-party peering provider maintains complete overview of the utilization of resources by each party via an active monitoring and enforcing method. | 2013-09-26 |
20130254869 | Electronic Device For Communication In A Data Network Including A Protective Circuit For Identifying Unwanted Data - An electronic device for communication in a data network including a communication circuit adapted for performing the network communication, which communication includes controlling a plurality of network layers, the layers including a physical layer, a link layer and at least one higher order layer, the communication circuit includes a protective circuit for identifying unwanted data. The electronic device is characterised in that the protective circuit is arranged to monitor data during transmission of data from the electronic device, and identify unwanted data, and the communication circuit is adapted to avoid transmission of the unwanted data identified by the protective circuit. In this way the network is protected against excessive traffic, for example during a Denial of Service attack. | 2013-09-26 |
20130254870 | Detecting and Thwarting Browser-Based Network Intrusion Attacks By a Virtual Machine Monitoring System, Apparatus, and Method - Detecting and thwarting attacks for intellectual property misappropriation is provided by directing retrieval of resources using uniform resource identifiers to a browser operating within a virtual machine whose IP address is within a range external to a trusted network sub-circuit. Such a virtual machine is constrained by a monitor application which terminates the virtual machine if characteristics of browser-based intrusion or network attack are observed within the virtual machine. | 2013-09-26 |
20130254871 | DISTRIBUTED COMPUTER NETWORK ZONE BASED SECURITY ARCHITECTURE - A method and apparatus is disclosed herein for distributed zone-based security. In one embodiment, the method comprises: determining an ingress security zone associated with an ingress of a first network device based on a first key and a media access control (MAC) address of a source of a packet; determining an egress security zone of a second network device based on a MAC address of a destination for the packet and a second key; performing a policy lookup based on the ingress security zone and the egress security zone to identify a policy to apply to the packet; and applying the policy to the packet. | 2013-09-26 |
20130254872 | SYSTEM AND METHOD FOR MITIGATING A DENIAL OF SERVICE ATTACK USING CLOUD COMPUTING - A system and method for mitigating a denial of service attack that includes distributing network communication messages directed at a resource within a resource cloud, directing the distributed network communication messages, filtering the network communication messages according to filter parameters that relate to the legitimacy of the communication message, and sending the communication message to the resource if the communication message is filtered as legitimate or performing a request limiting response to the communication message if the communication message is filtered as illegitimate. | 2013-09-26 |
20130254873 | SECURE CONTROLLER FOR BLOCK ORIENTED STORAGE - A storage controller includes a command pointer register. The command pointer register points to a chain of commands in memory, and also includes a security status field to indicate a security status of the first command in the command chain. Each command in the command chain may also include a security status field that indicates the security status of the following command in the chain. | 2013-09-26 |
20130254874 | METHOD FOR PREVENTING INFORMATION DISPLAYED ON SCREEN FROM BEING VIEWED WITHOUT AUTHORIZATION AND DISPLAY DEVICE HAVING ANTI-VIEWING FUNCTION - A computerized method prevents information displayed on a screen of a display device from being viewed by unauthorized persons. Images in front of the screen are captured at regular intervals using an image capturing device of the display device. Faces are recognized from each of the captured images using facial recognition technologies. Whether or not the screen is in a state of being viewed by one or more unauthorized persons is determined according to the faces recognized as such in each of the captured images. A predetermined anti-viewing display is displayed on the screen to prevent the information being displayed on the screen from being viewed by any unauthorized person, when the screen is determined to be in the state of being viewed by any unauthorized person. | 2013-09-26 |
20130254875 | System and Method for Risk Assessment of Login Transactions Through Password Analysis - A system and method is provided for determining a risk associated with a login transaction. A password received during the login attempt and determination is made regarding whether the received password is derived form user information. A risk is determined based on a determination that the received password is derived from the user information. | 2013-09-26 |
20130254876 | ELECTRONIC DEVICE AND SWITCHING METHOD USING THE SAME - In a switching method of an electronic device, the electronic device receives a message sent from an earphone that is in electronic connection with the electronic device, the message comprising an input password, if the input password is equal to a password to switch an application layer into a host mode, the electronic device switches the application layer into the host mode to access private information of the application layer. | 2013-09-26 |
20130254877 | Deterministic Serialization of Access to Shared Resources In A Multi-processor System For Code Instructions Accessing Resources In a Non-Deterministic Order - Managing access to resources shared among multiple processes within a computer system. Multiple program instances of an application are almost simultaneously executed on multiple processors for fault tolerance. The replication solution supports the recording and subsequent replay of reservation events granting the shared resources exclusive access rights to the processes, when one program code instruction may request access to a set of shared resources in a non-deterministic order. | 2013-09-26 |
20130254878 | METHOD AND APPARATUS FOR DATA TRANSFER RECONCILIATION - A method and system for monitoring data transfers over a one-way data link from a send node to a receive node. A send log file monitoring and transmitting module associated with the send node on a first server outputs a send log file containing information about data sent by the send node. A receive log file monitoring and transmitting module associated with the receive node on a second server outputs a receive log file containing information about data received by the receive node. A reconciliation module on a third server receives the send log file and the receive log file and identifies any data transfer errors by comparing the send log file with the receive log file. A web server is coupled to the reconciliation module to provide user access to the identified data transfer errors. | 2013-09-26 |
20130254879 | METHOD AND SYSTEM FOR DETECTING AND MITIGATING ATTACKS PERFORMED USING CRYPTOGRAPHIC PROTOCOLS - A method and security system for detecting and mitigating encrypted denial-of-service (DoS) attacks. The system includes a DoS defense (DoSD) module configured to detect an encrypted DoS attack in an inbound traffic by analyzing attributes only in the inbound traffic that relate to at least one of a network layer and an application layer, wherein the DoSD module is further configured to mitigate a detected encrypted attack, the inbound traffic originates at a client and is addressed to a protected server; and a cryptographic protocol engine (CPE) configured to establish a new encrypted session between the client and the security system, decrypt requests included in the inbound traffic, and send encrypted responses to the client over the new encrypted session between the client and the security system. | 2013-09-26 |
20130254880 | SYSTEM AND METHOD FOR CROWDSOURCING OF MOBILE APPLICATION REPUTATIONS - A system and method in one embodiment includes modules for obtaining a collection of attributes of a mobile application, comparing one or more of the attributes with crowdsourced data associated with other mobile applications to determine one or more trustworthiness indicators, and calculating a reputation score based on the one or more trustworthiness indicators. More specific embodiments include a collection of attributes comprising a manifest, and an application behavior. Other embodiments include determining a suitable action based on the reputation score, such as changing a configuration of the mobile application, deleting the mobile application from a mobile device, generating a security alert on a display of the mobile device, etc. | 2013-09-26 |
20130254881 | Method to Detect Tampering of Data - A method to detect tampering of data includes constant acquiring of raw measurement data in a sensor unit. The raw measurement data of a defined time interval is processed in a metrology unit to obtain first measurement results. The first measurement results are transmitted to an authority at defined time instances via a communication channel. A defined fraction of raw measurement data is transmitted to the authority in a random manner via the communication channel. The raw measurement data of the defined time interval is processed at the authority to obtain second measurement results. The first and second measurement results of a time interval are compared. | 2013-09-26 |
20130254882 | MULTI-DOMAIN IDENTITY INTEROPERABILITY AND COMPLIANCE VERIFICATION - An identity management deployment, interoperability, and compliance verification is discussed. In one embodiment, the system also provides on-demand services including automated certification, monitoring, alerting, routing, and translation of tokens for federated identity related interactions between multi-domain identity management systems is provided. | 2013-09-26 |
20130254883 | METHOD AND SYSTEM FOR INFORMATION LEAK PREVENTION - A method for mitigating false positive type errors while applying an information leak prevention policy to identify important information and to prevent outward leakage. A positive criterion is defined for a positive set, and a negative criterion for a negative set of benign traffic. An ambiguity set contains items showing indications for both positive and negative sets. An ambiguity resolution criterion allows ambiguous items to be placed in/removed from the positive set or negative set. Each information item is searched for matches with the positive set. Each item in the positive set is checked for membership in the ambiguity set. The ambiguity resolution criteria are used for each member of the ambiguity set and to remove items from the positive set accordingly. The leak prevention policy is applied for all items remaining in the positive set thus protecting the important information. | 2013-09-26 |
20130254884 | SYSTEMS AND METHODS FOR BEHAVIORAL SANDBOXING - Methods and system for behavioral sandboxing are described. In one example embodiment, a system for behavioral sandboxing can include a network and a computer. The network communicatively coupled to a source of an executable application. The computer communicatively couple to the network and including a behavioral analysis module and a plurality of execution environments. The behavioral analysis module is configured to perform behavioral analysis on the executable application downloaded over the network. The plurality of execution environments including a standard execution environment and a protected execution environment. The behavioral analysis module is configured to evaluate a plurality of behavioral characteristics of the executable application to determine whether the executable application should be executed within the protected execution environment prior to execution of the executable application. The behavioral analysis module also monitors execution of the executable application to determine whether the execution environment can be changed. | 2013-09-26 |
20130254885 | SYSTEM AND METHOD FOR DETECTING POTENTIAL THREATS BY MONITORING USER AND SYSTEM BEHAVIOR ASSOCIATED WITH COMPUTER AND NETWORK ACTIVITY - A system and method is provided to monitor user and system behavior associated with computer and network activity to determine deviations from normal behavior that represent a potential cyber threat or cyber malicious activity. The system and method uses a multi-factor behavioral and activity analysis approach to determine when a trusted insider might be exhibiting threatening behavior or when a user's computer or network credentials have been compromised and are in use by a third-party. As a result, changes in insider behavior that could be indicative of malicious intent can be detected, or an external entity masquerading as a legitimate user can be detected. | 2013-09-26 |
20130254886 | Mitigating Low-Rate Denial-Of-Service Attacks in Packet-Switched Networks - A method includes determining, at a network routing device, an average packet drop rate for a plurality of aggregations of packet flows. The method also determines a threshold packet drop rate based on the average packet drop rate, a current packet drop rate for a select aggregation of the plurality of aggregations, and whether at least one packet flow of the select aggregation is potentially subject to a denial-of-service attack based on a comparison of the current packet drop rate to the threshold packet drop rate. | 2013-09-26 |
20130254887 | Prefix Hijacking Detection Device and Methods Thereof - A method of placing prefix hijacking detection modules in a communications network includes selecting a set of candidate locations. For each candidate location, a detection coverage ratio with respect to a target Autonomous System is calculated. Based on the relative size of the coverage ratios, proposed locations for the prefix hijacking detection modules are determined. | 2013-09-26 |
20130254888 | SYSTEM AND METHOD FOR IDENTIFYING SECURITY BREACH ATTEMPT OF A WEBSITE - The present invention is a method, circuit and system for detecting, reporting and preventing an attempted security breach of a commercial website (for example a banking website), such as identity theft, website duplication (mirroring/Phishing), MITB (man in the browser) attacks, MITM (man in the middle) attacks and so on. | 2013-09-26 |