45th week of 2014 patent applcation highlights part 56 |
Patent application number | Title | Published |
20140331240 | METHOD, DEVICE AND SYSTEM FOR USING AND INVOKING OAUTH API - The present invention provides methods, devices and systems for using and invoking an Oauth API. The method includes: receiving registration information for registering an Oauth API; generating an Oauth API invoking associated interface according to the registration information, and binding it with the registered Oauth API, to generate binding information; receiving an increasing Oauth API message and responding, generating a client requesting Oauth API interface, an Oauth API returned information processing interface and a client customer serial number managing interface, which correspond to the registered Oauth API; receiving a publishing application message, responding to the publishing application message, and generating a deployment package which includes the client requesting Oauth API interface, the Oauth API returned information processing interface and the client customer serial number managing interface; sending the binding information and the deployment package to an application running engine, based on which the application running engine complete Oauth API scheduling. | 2014-11-06 |
20140331241 | SYSTEM AND METHOD WITH AUTOMATED MEDIA-FILE-BASED QUIZZING - Automatic generation of questions and evaluation answers about a media item is provided for a system such as a video on demand system. A virtually unlimited number of questions can be generated without the need for subjective information. Questions about a media item are generated by selecting a media segment of the media item. At least part of the media item within the selected media segment is shown to a user. The user is asked to indicate a position within the media item where the user thinks that the segment is located. The indicated position is compared to the actual position of the segment to evaluate the answer. | 2014-11-06 |
20140331242 | MANAGEMENT OF USER MEDIA IMPRESSIONS - Systems, methods, and computer-readable storage media are described herein for aggregating viewing data for one or more types of media content. Image data depicting a viewing area of a display device are received. A type of media content being displayed on the display device when the images are captured is identified. Based on the image data, a number of persons may be determined, as well as characteristics about the persons, responses of the persons toward the media content, and levels of engagement of the persons in the media content, or a portion thereof. Each determined item of information may comprise a viewing record for the media content. The viewing records for the media content may then be aggregated to create viewing data for the content, and the viewing data may be distributed to a content provider. | 2014-11-06 |
20140331243 | SYSTEM AND METHOD FOR DIGITAL MEDIA CONTENT CREATION AND DISTRIBUTION - A method and system for providing on-site content delivery and on-demand content access. The method comprising recording digital media content on a DMR device, managing distribution of the digital media content to one or more remote devices, automatically distributing the digital media content to the one or more remote devices, the distributed digital media content configured for local hosting at the one or more remote devices, and monitoring consumption of the digital media content distributed to the one or remote devices. | 2014-11-06 |
20140331244 | Object Model For Delivering Live Tv Programming Streams To Client Device - In embodiments of an object model for domain-based content mobility, a client object model architecture ( | 2014-11-06 |
20140331245 | METHODS AND APPARATUS FOR SELECTING DIGITAL INTERFACE TECHNOLOGY FOR PROGRAMMING AND DATA DELIVERY - Methods and apparatus for selecting digital (network) interface technology for programming and data delivery over, e.g., a content-based network. In one embodiment, the network comprises an HFC cable or satellite network that includes a server process interfacing with a plurality of customer premises equipment (CPE), and/or associated client devices, each having different capabilities profiles. The server determines the one or more capabilities possessed by the CPE, and evaluates one or more program or content choices for possible delivery to that CPE based on its profile. The server generates a list of programs or content based on this evaluation, and transmits this list to the CPE, which displays the list for viewing by a user. The user is therefore offered a list of available content that is compatible with their specific configuration. A business and operational rules engine is also optionally employed to control the operation of the foregoing processes to accomplish particular business or operational goals. | 2014-11-06 |
20140331246 | INTERACTIVE CONTENT AND PLAYER - A tool is provided that may allow a user to create unique content for a media item such as a movie. A movie may be received. An indication of an object in the movie may be received from an author. Supplemental content for the object in the movie may be received as may be an interactivity data. The interactivity data may specify a manner by which a user may interact with the movie using a device such as a camera and/or a microphone. The movie may be encoded to include the interactivity data and/or supplemental content. | 2014-11-06 |
20140331247 | SERVER SIDE ADAPTIVE BIT RATE REPORTING - A method and system for reporting a percentage of an advertisement played by a smart appliance is disclosed. The server receives data from a smart appliance. The server detects a marker in the data corresponding to a segment of an advertisement of a session played by the smart appliance. The server maps the marker to a percentage played of the advertisement in the session by the smart appliance. The server reports the percentage played of the advertisement in the session by the smart appliance to at least one tracking element. | 2014-11-06 |
20140331248 | STREAMING VIDEO NETWORK SYSTEM - A distributed, digital, network-based, streaming video allows users to view live streaming digital video from multiple video sources in operating rooms at any location connected to a network. One or more video sources in an operating room are connected to a streaming video encoder capable of converting the video to a network packet stream. Once the digital video stream is available on the network, it may be accessed and routed through the use of a streaming video control server. The streaming video control server is responsible for user authentication and access for remote viewing and video source selection. The control server also provides audit logging services, operating room selection and overall system resource allocation. The video control server also provides a network-based remote control interface, which enables other systems to communicate on the streaming video network, and allows for remote control of visualization from an integrated operating room control system. | 2014-11-06 |
20140331249 | TELEVISION DELIVERY SYSTEM - A system, device, and method for receiver access control in an interne television system uses a push mechanism to distribute access control information from a distribution device to an access device. The access device uses the access control information to make receiver access control decisions for a subsequently received request from a host to join a television channel multicast group. | 2014-11-06 |
20140331250 | INFORMATION PROCESSING APPARATUS, SERVER APPARATUS, INFORMATION PROCESSING METHOD, SERVER PROCESSING METHOD, AND PROGRAM - [Object] To improve the reliability of an application processed together with broadcast content. | 2014-11-06 |
20140331251 | METHOD AND APPARATUS FOR UPDATING OF SUPPLEMENTARY INFORMATION IN TV PROGRAMS - A method and a TV receiver for updating child protection information on the TV receiver are suggested. The suggested method scans receivable TV channels, searches for child protection information and stores such information together with the associated TV channel number in a memory. If the user switches to a new TV channel then as a first step it is checked if for the newly selected TV channel and child protection information is stored and if it is within a predefined allowed range. In this way adolescent users are effectively protected against offensive content. | 2014-11-06 |
20140331252 | ENTITLEMENT MANAGEMENT FOR VIDEO CUSTOMERS - A method includes receiving, at a server device, a request to generate an entitlement identifier (ID) associated with a customer transaction. The method also includes determining a customer ID, a video content ID, and a time window associated with the customer transaction. The method includes determining, by the server device, the entitlement ID based on the customer ID, video content ID, and the time window. The method also includes providing the entitlement ID to a user device associated with the customer. The user device is configurable to receive access to video content based on the entitlement ID. | 2014-11-06 |
20140331253 | NETWORKS, SYSTEMS AND METHODS FOR ENHANCED AUTO RACING - Networks, systems and displays for providing derived data and predictive information for use in multivariable component systems and activities; and in particular for use in motor racing such as in NASCAR®, Indy Car, Grand-Am (sports car racing), and/or Formula 1® racing. More particularly, there are systems equipment and networks for the monitoring and collecting of raw data regarding races, both real time and historic. This raw data is then analyzed to provide derived data, predictive data, virtual data, and combinations and variations of this data, which depending upon the nature of this data may be packaged, distributed, displayed and used in various setting and applications. | 2014-11-06 |
20140331254 | System, Apparatus, and Method for Preparing Images for Integration and Combining Images into an Integrated Image - At least a first image, such as a motion video image, is prepared for integration with at least a second image, such as a motion video image and/or a still image. The first image may be a barker, and the second image may be a menu or programming guide. To prepare the first image for integration, a first compressed image is formed, restricted to a first region of a first image area by representing at least one segment of a first image within the first region with a reference to another segment of the first image within the first region. The second image may also be prepared for integration by forming a second compressed image. The second compressed image may be restricted to a second region of a second image area by representing at least one segment of the second image within the second region with a reference to another segment of the second image within the second region. The first and second images are combined by selecting a portion of the first compressed image, selecting a portion of the second compressed image, and combining the selected portions to form an integrated image. | 2014-11-06 |
20140331255 | SYSTEM AND METHOD FOR PROVIDING TELEVISION SERVICES - A method includes receiving video content and interactive callback data. The interactive callback data includes an interactive callback address that indicates a location of interactive content. The interactive callback data is associated with an on-screen image that is displayable with at least a portion of the video content, where the on-screen image indicates availability of the interactive content. The method also includes receiving a command to discontinue display of the on-screen image. | 2014-11-06 |
20140331256 | APPARATUS AND METHOD FOR PROVIDING INFORMATION IN CONJUNCTION WITH MEDIA CONTENT - An apparatus and method for providing information in conjunction with media content, including a receiver, wherein the receiver receives at least one of a transmission of media content and a broadcast of media content, wherein the media content includes at least one of broadcast media content and entertainment media content, and further wherein the receiver receives information regarding the media content, a processor for processing at feast one of the received media content and the received information regarding the media content, a display device for visually displaying the information regarding the media content, and/or a speaker device for audibly announcing the information regarding the media content. | 2014-11-06 |
20140331257 | INFORMATION PROCESSING SYSTEM AND INFORMATION PROCESSING METHOD - An information processing system configured from multiple digital broadcast program analysis devices ( | 2014-11-06 |
20140331258 | APPARATUS AND METHOD FOR NETWORKING MEDIA CONTENT CONSUMPTION STATUS IN A GROUP OF USERS - A method and apparatus for allowing users in a user group to interact and exchange media content characteristics in a network as a part of the entertainment experience is described. The method and apparatus include identifying a group of users from a plurality of users in a network, detecting a change in at least one content consumption characteristic by a first user, the content consumption characteristic associated with the first user consuming media content, providing information related to the change in the least one content consumption characteristic to other users in the identified group, detecting a change in at least one content consumption characteristic by a second user in the group of users, the change based on the information related to the change by the first user, and providing information related to the change by the second user to the other users in the identified group. | 2014-11-06 |
20140331259 | APPARATUS AND METHOD FOR RECEIVING DIGITAL BROADCAST - There is provided a digital broadcast receiving apparatus for recommending a program to sufficiently reflect a user's taste based on capturing position information of a still image. | 2014-11-06 |
20140331260 | MISSED CONTENT ACCESS GUIDE - Arrangements for providing available playback options for missed portions of broadcast content may be presented. A request to present an electronic programming guide that comprises indications of a plurality of television programs currently being broadcast may be received. A missed portion of each television program of the plurality of television programs may have already been broadcast. For each television program of the plurality of television programs, a plurality of content resources from which the missed portion of each television program of the plurality of television programs may be retrievable may be analyzed. A first source from the plurality of content resources from which the missed portion of a television program is retrievable may be identified. The electronic programming guide may be configured and output to comprise an indication of availability of the missed portion of the television program. | 2014-11-06 |
20140331261 | METHOD FOR EXECUTING USER COMMAND ACCORDING TO SPATIAL MOVEMENT OF USER INPUT DEVICE AND IMAGE APPARATUS THEREOF - An electronic device including a display, a receiver to receive, from an input device, a first information about a movement of the input device and a second information indicating whether a predetermined button on the input device is pressed, and a controller to control the display to display a plurality of visual guide items representing a plurality of functions of the electronic device for guide a user how to move the input device to select a function among the plurality of functions, determine a movement direction of a pointing position while the predetermined button of the input device is pressed based on the first and the second information, detecting whether the predetermined button is released based on the second information and in response to the detecting that the predetermined button is released, executing a function among the plurality of functions based on the movement direction of the pointing position and displaying a visual guide item among the plurality of visual guide items corresponding to the executed function in a highlight state. | 2014-11-06 |
20140331262 | ADAPTIVE VIDEO SERVER WITH VIRTUAL FILE SYSTEM AND METHODS FOR USE THEREWITH - A streaming video server includes a virtual file system that receives a request for a selected one of the plurality of video programs from a client device. The selected one of the plurality of video program is retrieved from the at least one video source in response to the request. A plurality of encoded segments are generated from the selected one of the plurality of video programs, based on at least one encoding parameter that is adjusted in response to context data relating to the streaming session for the selected one of the plurality of video programs. | 2014-11-06 |
20140331263 | INPUT LAG ESTIMATION FOR WI-FI DISPLAY SINKS - A source device comprising a processor and a Wi-Fi module for communicating with a sink device to stream audio/video data. The processor is configured to one of either A) identify manufacturer and model of the sink device, retrieve input lag data for the sink device from a database indexed by manufacturer and model of the sink device, and optimize encoding of the audio/video data by adjusting transmission parameters based on the input lag data; or B) generate a signal, detect the signal reproduced at the sink device, measure the input lag between generation of the signal and reproduction thereof at the sink device, and optimize encoding of the audio/video data by adjusting transmission parameters based on the input lag data. | 2014-11-06 |
20140331264 | CONTENT ANNOTATION TOOL - A content annotation tool is disclosed. In a configuration, a portion of a movie may be obtained from a database. Entities, such as an actor, background music, text, etc. may be automatically identified in the movie. A user, such as a content producer, may associate and/or provide supplemental content for an identified entity to the database. A selection of one or more automatically identified entities may be received. A database entry may be generated that links the identified entity with the supplemental content. The selected automatically identified one or more entities and//or supplemental content associated therewith may be presented to an end user. | 2014-11-06 |
20140331265 | INTEGRATED INTERACTIVE TELEVISION ENTERTAINMENT SYSTEM - A system and method are disclosed for enhancing a television viewing experience by a group of one or more users. The experience is enhanced by integrating services from a number of different sources. This integration of services aggregates cloud data, identifies content from the aggregated cloud data that is potentially of interest to the user, and distributes that content to a main display or one or more secondary computing devices associated with the one or more users in the group. | 2014-11-06 |
20140331266 | CACHING OF CONTENT - There is described a system of operating a network entity to distribute a media stream in a communications network. A plurality of different versions of the media stream are available from a content source, each version having a respective quality level different to that of the other versions and each version of the media stream comprises a plurality of consecutive portions. A first request is received from a user device for a portion of a first one of the versions of the media stream stored at a content source and a caching procedure is performed in response to receiving the first request. The caching procedure comprises requesting from the content source at least one portion of at least one of the other versions of the media stream or at least one other portion of the first one of the versions of the media stream; receiving the requested at least one portion or the at least one other portion; and causing the received at least one portion or the at least one other portion to be cached at a cache in the communication network. | 2014-11-06 |
20140331267 | Advanced Wireless IPTV Set Top Box - An advanced wireless IP STB is provided with multiple built-in antennas capable of capturing plural downstream transmissions simultaneously on dedicated receivers using different modem technologies without the use of wires to the home. The proposed solution facilitates the advanced wireless IP STB being able to receive multiply sourced data traffic, including, for example, IPTV, digital TV, web TV, radio web, internet chat: written, voice and video, GPS tracking locator signals, media player web support, web based video gaming, You Tube and the like video streaming, TV surveillance, video intercom surveillance, and much more. The advanced wireless IP STB is configured to be able to establish a broadband (internet) session through previously assigned or negotiated channel assignments between one or more modems and plural remote wireless infrastructures widely deployed in a municipality, such as WIMAX, LTE, WCDMA, CDMA 1x, TDSCMA, GSM, GPRS, EDGE, 5G or the like. | 2014-11-06 |
20140331268 | METHOD FOR RECEIVING MEDIA AND DEVICE THEREOF - A method for receiving media according to one embodiment comprises the following steps: selecting a receiving channel; receiving a media transport stream transmitted through the receiving channel; generating a media storage stream based on the received media transport stream; and recording the media storage stream. The media transport stream comprises at least one sync bite which represents data removed from the media transport stream. | 2014-11-06 |
20140331269 | Audio/Video Channel Transbonding In A Network Device - A data communication architecture delivers a wide variety of content, including audio and video content, to consumers. The architecture employs channel bonding to deliver more bandwidth than any single communication channel can carry. The architecture includes intermediate network devices that may receive content and send content using different groups of communication channels. The network device may process content received across a first set of communication channels for transmission across a second set of communication channels different from the first set. Such processing may preserve a program order of the content during delivery to a destination device. | 2014-11-06 |
20140331270 | DYNAMICALLY CONFIGURABLE FREQUENCY BAND SELECTION DEVICE BETWEEN CATV DISTRIBUTION SYSTEM AND CATV USER - A frequency band selection device that can be inserted into a signal transmission line of a CATV system on the premise of a user includes at least two signal path sets between a tap side and a premise side. Each signal path set includes two discrete signal paths, a high frequency signal path for a downstream bandwidth and a low frequency signal path for an upstream bandwidth. The high frequency signal path and the low frequency signal path are separated by a cut-off transition frequency that is different for each signal path set. The device further includes a switch controller having at least two discrete switch positions. The switch controller chooses one of the switch positions as a result of an information signal. Each of the switch positions corresponds to a respective one of the signal path sets. | 2014-11-06 |
20140331271 | RECEIVER, PROGRAM, AND RECEPTION METHOD - A receiver includes: a broadcast contents acquisition unit configured to acquire contents from a broadcast signal; a determination unit configured to determine whether a received application is an application whose reference to the contents has been permitted; a recording unit configured to record, in a first storage area, an application whose reference to the contents has been determined to have been permitted by the determination unit, and record, in a second storage area, an application whose reference to the contents has been determined not to have been permitted by the determination unit; an execution unit configured to execute the application recorded in at least one of the first storage area and the second storage area; and a reference refusal unit configured to refuse reference to the contents acquired by the broadcast contents acquisition unit due to execution of an application other than the application recorded in the first storage area. | 2014-11-06 |
20140331272 | Location based enforcement of mobile policy - Disclosed are systems, apparatus, devices, methods, computer program products, computer media, and other implementations, including a method that includes communicating data representative of one or more location-based restrictions corresponding to a venue area to a mobile device determined to be located within the venue area, and controlling, by at least one venue server, use at the mobile device of services available at the venue area from one or more nodes associated with the venue area based, at least in part, on a determination, by the at least one venue server, of whether the mobile device complies with the location-based restrictions corresponding to the venue area. | 2014-11-06 |
20140331273 | CENTRALIZED MOBILE APPLICATION MANAGEMENT SYSTEM AND METHODS OF USE - An application launcher is disclosed for retrieving and permitting launch of multiple mobile applications through a single, secure authentication process, and a method of use. The method includes receiving a request to launch one or more applications through a single authentication process. The method further includes authenticating a user through an application launcher. The method further includes appending a security token to one or more applications upon authentication of the user to enable the user to launch the one or more applications through the single authentication process provided by the application launcher. | 2014-11-06 |
20140331274 | SECURITY SYSTEM FOR PHYSICAL OR VIRTUAL ENVIRONMENTS - Systems and methods for performing intra-zone and inter-zone security management in a network are provided. According to one embodiment, an association is formed by a network security device between a first zone including a first set of devices and a first set of security policies defining a first type of security scanning to be performed on packets originated within the first zone and between a second zone including a second set of devices and a second set of security policies defining a second type of security scanning to be performed on packets originated within the second zone. A first zone packet is received by the network security device. It is determined whether the destination is within the first zone. If so, then the first type of security scanning is performed. A second zone packet is received by the network security device. It is determined whether the destination is within the second zone. If so, then the second type of security scanning is performed. | 2014-11-06 |
20140331275 | CONTEXT-AWARE PERMISSION CONTROL OF HYBRID MOBILE APPLICATIONS - Controlling access to secure resources of a data processing system is provided. An input-to-output mapping of an application installed on the data processing system is generated that determines whether a secure resource in the data processing system is shared with an external entity associated with the application and under what specified conditions. It is determined whether the specified conditions exist during runtime of the application. In response to determining that the specified conditions do not exist during runtime of the application, sharing of the secure resource of the data processing system with the external entity associated with the application is prevented. In response to determining that the specified conditions do exist during runtime of the application, sharing of the secure resource of the data processing system with the external entity associated with the application is allowed. | 2014-11-06 |
20140331276 | METHODS AND APPARATUS TO MEASURE COMPLIANCE OF A VIRTUAL COMPUTING ENVIRONMENT - Methods, apparatus, systems and articles of manufacture are disclosed to measure compliance of a virtual computing environment. An example method disclosed herein includes determining, with a processor, a maximum surprisal value of a policy to be enforced on a computing resource in a computing environment, the maximum surprisal value corresponding to a probability of the computing resource being in-compliance with the policy without testing the computing resource with respect to the policy, determining a current surprisal value of the computing resource with respect to the policy based on knowledge of at least one condition of policy being at least one of satisfied by or inapplicable to the computing resource, and determining a compliance score of the computing resource with respect to the policy based on the maximum surprisal value of the policy and the current surprisal value of the computing resource with respect to the policy. | 2014-11-06 |
20140331277 | METHODS AND APPARATUS TO IDENTIFY PRIORITIES OF COMPLIANCE ASSESSMENT RESULTS OF A VIRTUAL COMPUTING ENVIRONMENT - Methods, apparatus, systems and articles of manufacture are disclosed to identify priorities of compliance assessment results of a virtual computing environment. An example method disclosed herein to identify priorities for defects includes associating, with a processor, a first defect with an asset class and a repair action, the first defect indicative of a computing resource being out of compliance with a policy, determining, with the processor, a priority for the defect based on past repair actions performed to correct past defects corresponding to the same asset class, and displaying the defect in rank order with a plurality of other defects based on the priority. | 2014-11-06 |
20140331278 | SYSTEMS AND METHODS FOR VERIFYING IDENTITIES - A method for authenticating the identity of a principal is provided. The method may include storing security information related to a principal which includes a plurality of guardians, as well as contact information and rating information for each. The method may include storing a security policy related to a requester, the security policy comprising a security set having verification parameters. The method may include receiving a request to authenticate the identity of the principal. The method may include selecting particular guardians based at least in part on the verification parameters. The method may include establishing communication links, using the contact information, between the principal and each of selected guardians. The method may include determining a result of each communication link authentication session, and based at least in part on the results, the rating information, and the verification parameters determining whether the principal is authenticated. | 2014-11-06 |
20140331279 | SECURITY ENGINE FOR A SECURE OPERATING ENVIRONMENT - The presenting invention relates to techniques for implementing a secure operating environment for the execution of applications on a computing devices (e.g., a mobile phone). In The secure operating environment may provide a trusted environment with dedicated computing resources to manage security and integrity of processing and data for the applications. The applications may be provided with a variety of security services and/or functions to meet different levels of security demanded by an application. The secure operating environment may include a security engine that enumerates and/or determines the security capabilities of the secure operating environment and the computing device, e.g., the hardware, the software, and/or the firmware of the computing device. The security engine may provide security services desired by applications by choosing from the security capabilities that are supported by the secure operating environment and the computing device. | 2014-11-06 |
20140331280 | Network Privilege Manager for a Dynamically Programmable Computer Network - A network security policy may be implemented at network switches as a set of active packet disposition directives. In a dynamically programmable network, the network switches can be dynamically reprogrammed with new packet disposition directives. An event auditor passively monitors network traffic and provides network activity data indicative of network flows to a network privilege manager. The network privilege manager determines a current network context based on the network activity data. In response to the current network context, the network privilege manager selects a security policy and generates one or more flow policy directives in accordance with the selected policy. | 2014-11-06 |
20140331281 | IN-LINE FILTERING OF INSECURE OR UNWANTED MOBILE DEVICE SOFTWARE COMPONENTS OR COMMUNICATIONS - Techniques for in-line filtering of insecure or unwanted mobile components or communications (e.g., insecure or unwanted behaviors associated with applications for mobile devices (“apps”), updates for apps, communications to/from apps, operating system components/updates for mobile devices, etc.) for mobile devices are disclosed. In some embodiments, in-line filtering of apps for mobile devices includes intercepting a request for downloading an application to a mobile device; and modifying a response to the request for downloading the application to the mobile device. In some embodiments, the response includes a notification that the application cannot be downloaded due to an application risk policy violation. | 2014-11-06 |
20140331282 | Methods and Systems for Identifying, Verifying, and Authenticating an Identity - A method of authenticating the identity of a user is disclosed. The method may include registering a user, where registering the user includes receiving identification of a plurality of individuals associated with the user and a communication address for each of the plurality of individuals. The method may also include receiving a request to authenticate the identity of the user. The method may further include selecting at least one of the plurality of individuals to serve as an authentication agent. The method may additionally include initiating at least a first communication between the user and the authentication agent via the communication address. The method may moreover include receiving a second communication from the authentication agent. The method may furthermore include sending a message indicating the identity of the user is authenticated based at least in part on the second communication including a confirmation of the identity of the user. | 2014-11-06 |
20140331283 | Differentiating Between Good and Bad Content in a User-Provided Content System - A system differentiates good content from bad content in a user-provided content system. Messages are analyzed for features that characterize messages. A feature may occur in one or more messages. A feature that has more than a threshold number of occurrences in messages in a time interval is identified for further analysis. Enhanced authentication is requested from senders of the messages with occurrences of the identified feature. Based on the rate at which senders of the messages pass authentication, the content associated with the message is determined to be good content or bad content. Subsequent messages are blocked or successfully delivered based on whether features occurring in the messages are indicative of good content or bad content. | 2014-11-06 |
20140331284 | INTEGRATION OF HOME SECURITY INTO EXISTING INFRASTRUCTURE - Embodiments relate to administering access to a wireless network by detecting a connective proximity of a device to the network, determining that the device is an authorized device based on information, connecting the authorized device to the network, and causing the connection of the authorized device to the network to be provided as an output status. | 2014-11-06 |
20140331285 | Mobile Device Locking with Context - A method and system for locking a mobile device on an interface are described. A user logs on to a mobile device with a user name. The mobile device then determines a context for the mobile device based on one or more operational parameters and/or the user name. For example, a context for the mobile device may be a current location of the device. Based on the context and user name, the mobile device may run in locked mode. In locked mode, applications are selected to be presented on the mobile device based on the user name and context. The mobile device is locked on a springboard that presents only the selected applications to the user for launching. A user may switch between launched applications on the mobile device, but the user may only switch between launched applications that are presented on the springboard. | 2014-11-06 |
20140331286 | EVENT DRIVEN SECOND FACTOR CREDENTIAL AUTHENTICATION - A reader configured to perform dual-factor authentication is provided. The reader is configured to analyze credential data as well as event-based user inputs. The event-based user inputs are received in response to the reader presenting one or more events to a user and monitoring the user's reaction thereto. Utilization of an event-based user input enables the reader to perform dual-factor authentication without necessarily being provided with a keyboard or other advanced user input device. | 2014-11-06 |
20140331287 | AUTHENTICATION POLICY ENFORCEMENT - A method of operating a network message interceptor for enforcing an authentication policy for communication over a network between first and second network endpoints, the interceptor being in communication with the network and external to the first and second endpoints, the network including transport layer security, the method comprising the steps of: intercepting a handshake message transmitted over the network between the first and second endpoints; extracting a certificate for an authenticating one of the endpoints from the handshake message; determining a validity status of the certificate for confirming an identity of the authenticating endpoint; and preventing communication between the first and second endpoints based on a negatively determined validity status of the certificate. | 2014-11-06 |
20140331288 | ACCESS GATING OF NOISY PHYSICAL FUNCTIONS - A system and methods are disclosed that limiting the number of challenge/response pairs available to an adversary. In accordance with the various aspects of the present invention, gate the access to an authentication module with a gatekeeper. The system can create a challenge/response protocol whereby the amount of challenge/response information leaked is controlled by the server. The device cannot leak challenge/response pairs when the device is in the possession of or being queried by an adversary or false device. | 2014-11-06 |
20140331289 | METHOD AND DEVICE FOR PLAYING A VIDEO AND COMPUTER-READABLE STORAGE MEDIUM - A method and device for playing a video are disclosed. The method includes: receiving video information of a video to be shared, playing progress information of the video to be shared, and an identification of a terminal corresponding to a friend invited by a user, which are transmitted by a user terminal; obtaining a video stream of the video to be shared according to the video information of the video to be shared and the playing progress information of the video to be shared; and transmitting the video stream of the video to be shared to the user terminal and the terminal corresponding to the friend. With the method and the device, the respective terminals are enabled to watch the same video together simultaneously and synchronously, thereby improving interactivity among the users when sharing the video. | 2014-11-06 |
20140331290 | Managing Secure Sharing of Private Information Across Security Domains by Individuals Having a Service Authorization - A system and method of granting a service authorization to a service provider in a regulating or funding agency of a first organization to access one or more individual's information in a second organization, where a service authorization comprises an authorization to access information and to provide specific services from said regulating or funding agency, the request for service authorization coming from an organization from an individual, patent or guardian of the individual, or regulating or funding organization, for service to be provided to an individual whose private information is stored within the second organization. A system for approving or rejecting the service authorization requests is provided based on authorization of the service provider, as well as a system and method for recording and sharing the outcomes of all decisions with the organization. If a service authorization is approved, it may be integrated into the organization's own workflow. | 2014-11-06 |
20140331291 | METHOD FOR GENERATING AND CHECK-CONTROLLING NETWORK IDENTITY INDENTIFICATION CODE IN NETWORK ELECTRONIC IDENTIFICATION CARD - The present invention relates to a method for generating and check-controlling a network identity identification code in a network electronic identity. The method comprises: a server performing initialization and performing generation and distribution of random numbers; receiving and auditing a request to generate the network identity identification code from a client; if the auditing is passed, performing encryption coding and generating a network identity identification code, and then sending the network identity identification code to a network electronic identification card through the client; the network electronic identification card performing the check processing of a network identity identification code, and feeding back a result to the server; the server storing the network identity identification code into a database, and informing the user. By means of the method for generating and check-controlling a network identity identification code in a network electronic identification card, the purposes of network identity management and privacy protection are both achieved, thereby effectively protecting the network application security and identity information privacy of citizens. The method is convenient and quick in use, has stable and reliable working performance, and has a wide application range, thereby laying a strong foundation for establishment of unified network identity management and service ecosystem. | 2014-11-06 |
20140331292 | ABSTRACTED AUTHENTICATED CLIENT CONNECTIVITY APPLICATION PROGRAMMING INTERFACE (API) - A request to establish a connection to a server application executed by a server device is received at a client-side authenticated-connection application programming interface (API) from a client application executed by a client device. The connection request is sent from the client device to a server-side authenticated-connection API executed by the server device. The connection request includes user identification information usable to authenticate a user of the client application with the server-side authenticated-connection API to access the server application. A connection establishment acknowledgement is received from the server-side authenticated-connection API. A handler that represents an established connection to the server application is returned to the client application as a connection establishment acknowledgement. The client application is configured to communicate with the server application using the handler over the established connection with the separate application-specific read/write API. | 2014-11-06 |
20140331293 | Risk Adjusted, Multifactor Authentication - A computer-implemented method comprising: receiving, from a device used by a user, a request to access a resource hosted by a computer system; identifying, by the computer system, a level of risk associated with the user requesting access to the resource; adjusting, by the computer system an authentication standard for access to the resource, adjusting based on the identified level of risk; determining values for authentication factors used in authenticating the user's access to the resource; applying weights to the values for the authentication factors; and determining, based on a comparison of the weighted values to the adjusted authentication standard, whether the user is authorized to access the resource. | 2014-11-06 |
20140331294 | METHOD OF SECURING A COMPUTING DEVICE - A method of securing a computing device is disclosed. The computing device is configured to store an access key in a storage location in order for the computing device to operate in an operational mode. The method comprises removing the access key from the storage location in response to an event indicative of the end of the operational mode. | 2014-11-06 |
20140331295 | CREDENTIAL MANAGEMENT GATEWAY AND METHOD - Methods and devices for providing credentials to third parties are described. In one aspect, a method provided by a credential management gateway is described. The credential management gateway is coupled with a wireless network servicing a plurality of mobile communication devices. The method includes: receiving, from a credential requesting device, a personal credential information query, the query indicating unique identification information and type information indicating particulars of the query; and in response to receiving the personal credential information query: i) sending, to a credential management application of the mobile communication device that is associated with the unique identification information, a personal credential information request, the credential management application being configured to respond to the personal credential information request based on personal credential information stored in a secure area of a memory module associated with the mobile communication device and based on release authorization instructions; ii) receiving, from the mobile communication device, a response to the request; and iii) sending a response to the personal credential information query to the credential requesting device based on the response received from the mobile communication device, the response sent to the credential requesting device indicating whether a user associated with the mobile communication device is associated with a credential specified by the type information. | 2014-11-06 |
20140331296 | MECHANISM FOR GATEWAY DISCOVERY LAYER-2 MOBILITY - A systems and method for gateway discovery and Layer-2 mobility is operable by an access terminal that connects to an access point. The access terminal determines security credentials and addressing and routing configurations used previously. The access terminal determines whether the security credentials may be reused by the access terminal to perform authentication with an access network and also determines whether the addressing and routing configurations may be reused by the access terminal. In a related system and method, a network entity receives an inquiry from an access terminal regarding whether a prior Trusted Wireless Access Gateway (TWAG) is reusable by the access terminal as a current TWAG. The network entity determines whether the prior TWAG is reusable and may send response to the access terminal indicating whether the prior TWAG is reusable. | 2014-11-06 |
20140331297 | SECURED ACCESS TO RESOURCES USING A PROXY - A method of authentication and accessing resources is provided. A client device may send a request to a proxy device to access a resource, such as an enterprise resource. The proxy device may authenticate with one or more servers associated with the resource. During authentication, the proxy device may receive a request for a signature controlled by the client device. In response, the proxy device may send a request to the client device for the signature. The request may also include context information that identify a data structure of authentication information exchanged (or to be exchanged) during the authentication session. If the client device verifies the context information, the client device may send the requested signature. | 2014-11-06 |
20140331298 | Remote Patient Monitoring - A method for securely transmitting medical data to and from a remote location includes configuring a first electronic computing device with provisioning information to access a firewall-protected electronic data network. Medical data is received at the first electronic computing device from a second electronic computing device. The medical data is transmitted to the firewall-protected electronic data network using the first electronic computing device. The provisioning information permits a secure connection between the second electronic computing device and a third electronic computing device on the firewall-protected electronic data network. | 2014-11-06 |
20140331299 | Managing Access to an On-Demand Service - In accordance with embodiments, there are provided mechanisms and methods for managing a risk of access to an on-demand service as a condition of permitting access to the on-demand service. These mechanisms and methods for providing such management can enable embodiments to help prohibit an unauthorized user from accessing an account of an authorized user when the authorized user inadvertently loses login information. The ability of embodiments to provide such management may lead to an improved security feature for accessing on-demand services. | 2014-11-06 |
20140331300 | HYBRID CLOUD IDENTITY MAPPING INFRASTRUCTURE - In various exemplary embodiments, a system and associated method for providing a hybrid cloud computing environment are disclosed. For example, a system may authorize an enterprise user based on an enterprise identity. Once authenticated, embodiments may use mapping data and a cloud role to determine an identity to use when the enterprise user accesses a cloud. | 2014-11-06 |
20140331301 | TOGGLE BETWEEN ACCOUNTS - Techniques are described for enabling administrators of teams that use a particular service to specify which sign-on options, of multiple possible sign-on options, are assigned to the members of the teams to which the administrators belong. For example, an administrator may assign a first sign-on option, which only allows users to use native authentication, to one set of members of the team. At the same time, the administrator may assign a second sign-on option, which only allows users to use third-party single-sign-on authentication, to another set of members of the same team. | 2014-11-06 |
20140331302 | METHOD FOR SECURING AN ELECTRONIC DOCUMENT - The object of this invention is a method for securing an electronic document. In particular, this invention relates to a method that prevents the forging of documents in which an electronic chip is incorporated. To that end, the invention proposes a method in which the data on the document medium are associated with a fingerprint of the document, so as to make them inseparable. That fingerprint is determined on the basis of measurable physical units of the electronic chip or the medium. Thus, the invention allows the combination of the physical protection of the document and the protection of the chip so as to reinforce the security of said documents. | 2014-11-06 |
20140331303 | APPARATUS AND METHOD FOR AUTHENTICATING ACCESS OF A MOBILE STATION IN A WIRELESS COMMUNICATION SYSTEM - An apparatus and a method for access authentication of a mobile station in a wireless communication system are provided. The method includes receiving a session certificate for the access authentication from a core network, transmitting the session certificate to a new access network during a handover to the new access network, and receiving an authentication result based on the session certificate from the new access network. | 2014-11-06 |
20140331304 | METHOD AND SYSTEM FOR MITIGATION OF DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACKS - A system and method for mitigating the effects of malicious internet traffic, including DDOS attacks, by utilizing a DNS Traffic Analyzer and Firewall to analyze network traffic intended for a DNS server and preventing some network traffic from accessing the DNS server. | 2014-11-06 |
20140331305 | A COMPUTER OR MICROCHIP WITH A SECURE SYSTEM BIOS AND A SECURE CONTROL BUS CONNECTING A CENTRAL CONTROLLER TO MANY NETWORK-CONNECTED MICROPROCESSORS AND VOLATILE RAM - A computer or microchip including a system BIOS located in flash memory which is located in a portion of the computer or microchip protected by an inner hardware-based access barrier or firewall, a central controller of the computer or microchip having a connection by a secure control bus with other parts of the computer or microchip, and a volatile random access memory located in a portion of the computer or microchip that has a connection for a network. The secure control bus is isolated from input from the network, and provides and ensures direct preemptive control by the central controller over the volatile random access memory, the control including transmission to or erasure of data and/or code in the volatile random access memory and control of a connection between the central controller, the volatile random access memory and at least one microprocessor having a connection for the network. | 2014-11-06 |
20140331306 | Anti-Virus Method and Apparatus and Firewall Device - An anti-virus method which includes receiving, by a first thread, data packets belonging to the same data stream, and sequentially buffering payload data of data packets bearing file content among the received data packets into a first queue, reading, by a second thread, payload data of at least one data packet from a start position of the first queue, and determining whether payload data in the first queue is file content of a compressed file. If yes, identifying a compressed format of the compressed file, querying a decompression algorithm from a mapping between a compressed format and a decompression algorithm, by using the queried decompression algorithm, reading payload data of data packets one by one from the first queue, and performing decompression processing separately on payload data that is read each time, and performing anti-virus detection separately on file content that is obtained. | 2014-11-06 |
20140331307 | METHOD OF USING A SECURE PRIVATE NETWORK TO ACTIVELY CONFIGURE THE HARDWARE OF A COMPUTER OR MICROCHIP - A computer or microchip including a network connection for connection to a public network of computers including the Internet, the network connection being located in a public unit; and an additional and separate network connection for connection to a separate, private network of computers, the additional network connection being located in a protected private unit. An inner hardware-based access barrier or firewall is located between and communicatively connects the protected private unit and the public unit; and the private and public units and the two separate network connections are separated by the inner barrier or firewall. The protected private unit includes at least a first microprocessor and a system BIOS located in flash memory. The public unit includes at least a second or many microprocessors separate from the inner barrier or firewall. The inner barrier or firewall comprises a bus with an on/off switch controlling communication input and output. | 2014-11-06 |
20140331308 | Combination of Remote Triggered Source and Destination Blackhole Filtering - A method for remote triggered black hole filtering can include advertising a first modified next hop address for a destination address of network traffic, and advertising a second modified next hop address for a source address of network traffic. The first next hop address of the destination address might be overwritten with the first modified next hop address. Filtered traffic then can be forwarded to the first modified next hop address, wherein filtered traffic comprises only network traffic addressed to the destination address or from the source address. In some cases, the filtered traffic is transported and received via a sinkhole tunnel. A second next hop address of the source address can be overwritten to a second modified next hop address. The attack traffic, which can be filtered traffic that is both addressed to the destination address and from the source address, might be forwarded to a discard interface. | 2014-11-06 |
20140331309 | Secure Network Cloud Architecture - Apparatuses, computer readable media, methods, and systems are described for requesting creation of virtual machine (VM) in a cloud environment comprising a virtual private cloud. Through various communications between a cloud DMZ, cloud provider, and/or company's network, a VM instance may be securely created, initialized, booted, unlocked, and/or monitored through a series of interactions building, in some examples, upon a root of trust. | 2014-11-06 |
20140331310 | SIGNED EPHEMERAL EMAIL ADDRESSES - Architecture for generating a temporary account (e.g., an email address) with a user-supplied friendly name and a secret used to the sign the temporary account. For example, when a user wishes to create a temporary email address to use with an online organization, a friendly name is provided and the system generates a temporary email address including the friendly name. A signing component signs the temporary email address with a secret. One or more of these secrets can be provisioned prior to the user's creation of a friendly name, which eliminates propagation delay. During use, only incoming email messages having the temporary email address signed with the secret are validated. When the user revokes the temporary email address, the secret is revoked and the revocation is propagated to network gateways, rejecting any email sent to that address. | 2014-11-06 |
20140331311 | SECURITY PROCESSING IN ACTIVE SECURITY DEVICES - Methods, systems, and apparatus, including computer program products, featuring receiving at a first security device a packet. The first security device determines that the packet is associated with a flow assigned to a distinct second security device. The first security device sends the packet to the second security device. After the second security device performs security processing using the packet, the first security device receives from the second security device a message regarding the packet. The first security device transmits the packet. | 2014-11-06 |
20140331312 | ACCESS CONTROL SYSTEM AND CONTROL METHOD THEREOF - An access control system includes a mobile device, a control device and an electronic lock module. The mobile device includes an input module, an identification module, a display module, a storage module, a battery module, a wireless transmission module and a central processor. The control device connects with the mobile device wirelessly and includes a wireless transceiver module, a power module, a memory module, an electronic control module and a microcontroller. The electronic control module of the control device is electrically connected with the electronic lock device. The identification module captures the biological characteristic of the user so as to make the identification module identify the biological characteristic of the user, so as to lower an identification burden of the access control system and ensure a usage security of the access control system. | 2014-11-06 |
20140331313 | AUTHENTICATION OF SIGNATURE USING ACOUSTIC WAVE ANALYSIS - Embodiments relate to capturing an acoustic signal generated when generating a pattern of movement for authentication of a user (e.g., signing on a touchscreen for authentication of a signature). In addition to or in lieu of a digital image of the signature, the captured acoustic signal is used as information for authenticating the signature. To capture the acoustic signals, an electronic device includes a sensor for detecting the vibration on the touchscreen. During an initial registration process, the signal from the sensor is processed and stored for use as reference information. Subsequently received signals from the sensor are compared with the reference information to identify a signer or authenticate the signature. | 2014-11-06 |
20140331314 | Time and Sleep Control System and Method - A time and sleep control system and method is disclosed. According to one embodiment, a computer-implemented method includes providing a first user interface on a computing device that provides digital content to a first user, providing a second user interface associated with an operating environment on the computing device to a second user, where the second user interface provides unrestricted access to the digital content, receiving a request that is configured to be provided by the second user to access the first user interface from the operating environment, where the request allows the second user to provide restricted access to the digital content on the first user interface, granting the request, and receiving a desired time duration on the computing device that is configured to be provided by the second user, where the desired time duration controls a length of time that the first user is allowed to access the first user interface. | 2014-11-06 |
20140331315 | EYE MOVEMENT BASED KNOWLEDGE DEMONSTRATION - Embodiments of methods, apparatuses, and storage mediums associated with eye movement based knowledge demonstration, having a particular application to authentication, are disclosed. In embodiments, a computing device may determine whether a received input of a pattern of eye movements is consistent with an expected pattern of eye movements of a user when the user attempts to visually locate a piece of information embedded in a display. In embodiments, the expected pattern of eye movements may include patterns related to fixations and/or other statistical patterns, however, may not be limited to such patterns. In applications, determining consistency or correlation with the expected pattern of eye movements may identify the user by simultaneously verifying at least factors of authentication—that of biometric criteria related to a user's pattern of eye movements and a password or other information known to the user. | 2014-11-06 |
20140331316 | Functionality Watermarking and Management - A method, system and non-transitory computer-readable medium product are provided for functionality watermarking and management. In the context of a method, a method is provided that includes identifying a request to establish an association between a watermark template and a function of at least one user device and determining whether the request to establish the association between the watermark template and the function of the at least one user device is authorized. The method further includes authorizing the request to establish the association between the watermark template and the function of the at least one user device in response to a determination that the request to establish the association between the watermark template and the function of the at least one user device is authorized. | 2014-11-06 |
20140331317 | CONTEXT-AWARE PERMISSION CONTROL OF HYBRID MOBILE APPLICATIONS - Controlling access to secure resources of a data processing system is provided. An input-to-output mapping of an application installed on the data processing system is generated that determines whether a secure resource in the data processing system is shared with an external entity associated with the application and under what specified conditions. It is determined whether the specified conditions exist during runtime of the application. In response to determining that the specified conditions do not exist during runtime of the application, sharing of the secure resource of the data processing system with the external entity associated with the application is prevented. In response to determining that the specified conditions do exist during runtime of the application, sharing of the secure resource of the data processing system with the external entity associated with the application is allowed. | 2014-11-06 |
20140331318 | SECURING EMAIL COMMUNICATIONS - Methods and systems are provided for securing email communications. According to one embodiment, a network device evaluates whether a domain name of a target recipient of an outbound email is present in a local white list or a local black list. If it is found in the local white list, the email is transmitted to the target recipient. If it is found in the local black list, transmission of the email to the target recipient is prevented. When the domain name is not present in the local black list and the local whitelist, a global doppelganger database is checked. If it is found in the global doppelganger database, the email is handled according to a corresponding acceptability flag; otherwise, the validity of the domain name is dynamically verified and handled according to the verification result. | 2014-11-06 |
20140331319 | Method and Apparatus for Detecting Malicious Websites - A method and apparatus for detecting malicious websites is disclosed. | 2014-11-06 |
20140331320 | TECHNIQUES FOR DETECTING MALICIOUS ACTIVITY - Techniques for detecting malicious activity are disclosed. In one particular embodiment, the techniques may be realized as a method for detecting malicious activity including receiving information indicating a first process being executed, the first process including a plurality of first process components, receiving information specific to at least one of the plurality of first process components, determining whether the first process exhibits malicious behavior; and identifying which of the plurality of first process components is responsible for the malicious behavior based on the received information. | 2014-11-06 |
20140331321 | BUILDING FILTER THROUGH UTILIZATION OF AUTOMATED GENERATION OF REGULAR EXPRESSION - A system and method performed by a computing device connected to a network and having one or more processors and memory storing one or more programs for execution by the one or more processors. At least one packet is received over a network. The packet is analyzed to detect predetermined content. The predetermined content is selected if it is determined that the packet contains the predetermined content. Future transmission of any packet containing the predetermined content is prevented in response to selection of the predetermined content. | 2014-11-06 |
20140331322 | METHOD AND APPARATUS FOR PROVIDING FORENSIC VISIBILITY INTO SYSTEMS AND NETWORKS - Methods and systems for providing forensic visibility into systems and networks are provided. More particularly, a sensor agent may receive events defining an action of a first object acting on a target. The object, the event, and the target are then correlated to at least one originating object such that an audit trail for each individual event is created. A global perspective indicating an age, popularity, a determination as to whether the object may be malware, and IP/URL information associated with the event may then be applied to at least one of the object, the event, the target, and the originating object. A priority may then be determined and assigned to the event based on at least the global perspective. An event line containing event information is then transmitted to an end recipient where the information may be heuristically displayed. | 2014-11-06 |
20140331323 | DETECTION OF ROGUE SOFTWARE APPLICATIONS - Software applications are analyzed to determine if they are legitimate applications and warnings are provided to users to avoid installation and/or purchases of unnecessary and/or potentially harmful software based on comparisons of user-interface characteristics of the software applications to visual characteristics of authentic applications to determine to what extent they match (or do not match) or are attempting to mirror the legitimate application. | 2014-11-06 |
20140331324 | METHODS, MEDIA, AND SYSTEMS FOR DETECTING ATTACK ON A DIGITAL PROCESSING DEVICE - Methods, media, and systems for detecting attack are provided. In some embodiments, the methods include: comparing at least part of a document to a static detection model; determining whether attacking code is included in the document based on the comparison of the document to the static detection model; executing at least part of the document; determining whether attacking code is included in the document based on the execution of the at least part of the document; and if attacking code is determined to be included in the document based on at least one of the comparison of the document to the static detection model and the execution of the at least part of the document, reporting the presence of an attack. In some embodiments, the methods include: selecting a data segment in at least one portion of an electronic document; determining whether the arbitrarily selected data segment can be altered without causing the electronic document to result in an error when processed by a corresponding program; in response to determining that the arbitrarily selected data segment can be altered, arbitrarily altering the data segment in the at least one portion of the electronic document to produce an altered electronic document; and determining whether the corresponding program produces an error state when the altered electronic document is processed by the corresponding program. | 2014-11-06 |
20140331325 | ANTI-MALWARE SYSTEM AND METHOD FOR PROCESSING DATA INSYSTEM - Disclosed are an anti-malware system and a method for processing data in the system. The anti-malware system, according to one embodiment of the present invention, comprises: a host device which requests a malware detection scan on a file to be scanned; an anti-malware module which performs the malware detection scan on the file to be scanned, and which transmits the scan results to the host device, wherein a preprocessing for the malware detection scan of the file to be scanned is performed in the host device or the anti-malware module according to the size of the file to be scanned. | 2014-11-06 |
20140331326 | IT Vulnerability Management System - A system for automatically managing vulnerabilities may determine vulnerability data describing vulnerabilities in an information technology environment and then assign each vulnerability to a stakeholder for remediation. The system may receive a remediation proposal from the stakeholder, obtain approval for the remediation proposal, and facilitate remediation of the vulnerability based on the proposal. | 2014-11-06 |
20140331327 | METHOD AND SYSTEM OF RUNTIME ANALYSIS - A method and a system for detecting one or more security vulnerabilities. The method comprises providing test instructions for an application, such as a web application or a client server application, adding test code to a code segment of the application according to the test instructions, sending at least one message to the application according to the test instructions at runtime thereof, monitoring test information pertaining to at least one reaction of the application to the at least one message during an execution of the test code, performing an analysis of the at least one reaction, and detecting a presence or an absence of at least one security vulnerability according to the analysis. | 2014-11-06 |
20140331328 | Honey Monkey Network Exploration - A network can be explored to investigate exploitive behavior. For example, network sites may be actively explored by a honey monkey system to detect if they are capable of accomplishing exploits, including browser-based exploits, on a machine. Also, the accomplishment of exploits may be detected by tracing events occurring on a machine after visiting a network site and analyzing the traced events for illicit behavior. Alternatively, site redirections between and among uniform resource locators (URLs) may be explored to discover relationships between sites that are visited. | 2014-11-06 |
20140331329 | OBFUSCATING THE LOCATIONS OF ACCESS POINTS AND FEMTOCELLS - Methods and apparatuses are presented for obfuscating the locations of terrestrial wireless transceivers, including wireless access points and femtocells. According to some embodiments, a method may receive, by a mobile device, data for a terrestrial wireless transceiver, wherein the data includes location coordinates of the terrestrial wireless transceiver, and wherein the location coordinates include an error term. Additionally, the method may include determining the error term based on the data. Furthermore, the method may include determining a corrected location of the terrestrial wireless transceiver by removing the error term from the location coordinates. In some instances, the data can further include a unique identifier associated with the terrestrial wireless transceiver, and wherein the error term is further determined based on the unique identifier. | 2014-11-06 |
20140331330 | APPLYING DIGITAL RIGHTS MANAGEMENT TO MULTI-MEDIA FILE PLAYBACK - A method begins with a processing module of a centralized digital video storage (DVS) system that supports a plurality of subscriber units, receiving a request for playback of a stored multi-media file from a subscriber unit. The method continues with the processing module determining whether the stored multi-media file is a subscription based file or a publically available file. When the stored multi-media file is the subscription based file, the method continues with the processing module accessing digital rights management data regarding subscription based multi-media files to determine the subscriber unit's digital rights to the stored multi-media file. When the subscriber unit's digital rights include playback of the multi-media file, the method continues with the processing module sending a unique copy of the stored multi-media file to the subscriber unit in accordance with a unique slice retrieval pattern of the subscriber unit. | 2014-11-06 |
20140331331 | Computer-Implemented System And Method for Correlating Activity Within A User Interface With Special Information - A computer-implemented system and method for correlating activity within a user interface with special information is provided. A user interface with data entry fields is provided. One or more of the data entry fields is designated for special information. A first screen shot of the user interface is captured, and a second screen shot of the user interface is captured at a later time. The first and second screen shots are compared. A change comprising at least a portion of an entry within one of the data entry fields for special information in the second screen shot is identified between the first and second screen shots. The entry is rendered unintelligible. | 2014-11-06 |
20140331332 | CONTENT PROVIDER WITH MULTI-DEVICE SECURE APPLICATION INTEGRATION - Methods and systems for providing access to content are disclosed. The method is performed at least in part at a client computer system having a processor and memory. The method includes executing a host application associated with a first party. In some implementations, the host application is a media player. The method further includes initiating a secure communication channel between the host application and a server associated with the first party. The method further includes executing a supplemental application associated with a second party. The method further includes accessing, with the supplemental application, content licensed to the first party, wherein the licensed content is accessible to the supplemental application via the secure communication channel subject to terms of a licensing agreement. In some implementations, the content is media content, such as music, movies, and the like. | 2014-11-06 |
20140331333 | Image Analysis and Management - Systems, methods and apparatuses are described herein that allow an enterprise to analyze and manage work product images that are stored on a mobile device. Employees of an enterprise may use a mobile device to store both work product images (e.g., images of sensitive or proprietary information) and non-work product images (e.g., personal images). An enterprise may desire to enforce security protocols on the work product images, but the employee may not want the security protocols applied to the non-work product images. In some embodiments, by installing and executing an image manager that is able to analyze and manage images, the enterprise can enforce security protocols on only the work product images. Such security protocols may include the prevention of unauthorized viewing of the work product image (e.g., by encrypting the work product image) or deleting any work product image from the mobile device when the employee's employment has ended. | 2014-11-06 |
20140331334 | Display System, Display Method, Display Terminal and Non-Transitory Computer-Readable Recording Medium Stored With Display Program - A display system for displaying a document includes a tablet terminal and a head mounted display device (HMD). The tablet terminal includes a display device which does not display confidential information that a third party is not allowed to browse, but displays non-confidential information that the third party is allowed to browse with regard to the document. The HMD includes a glasses-type display unit which does not allow the third party to browse, but allows a HMD user to browse, a communication unit which receives the confidential information, and a video camera for capturing the non-confidential information displayed on the display device. The glasses-type display unit, based on the captured non-confidential information, displays the received confidential information so that the received confidential information is visually recognized by the HMD user in a state of being aligned with the non-confidential information displayed on the display device. | 2014-11-06 |
20140331335 | METHOD FOR AUTOMATICALLY TAGGING DOCUMENTS WITH MATRIX BARCODES AND PROVIDING ACCESS TO A PLURALITY OF SAID DOCUMENT VERSIONS - A method of tagging a document for future access, the method comprising the steps of: (a) Saving a document on a server, (b) Accessing said document by a tagging process program, (c) Having said tagging process program: (i) generate a tag referring to the location of said document on said server; and (ii) add said tag to said document, while said tag being visible on the printed version of the document, wherein, said tag can be scanned by a device equipped with an optical scanner and as a result said document would be accessible to said device. | 2014-11-06 |
20140331336 | EXTENSIBLE MARKUP LANGUAGE DOCUMENT MANAGEMENT METHOD AND SYSTEM - An Extensible Markup Language (XML) document management method includes: receiving an XML document management operation request sent via an XCAP protocol, by an XML Document Management Server (XDMS); determining that the XML document management operation request is in an entrustment mode, and determining whether to perform an operation described in the XML document management operation request in accordance with access permission information corresponding to an XML document, by the XDMS. | 2014-11-06 |
20140331337 | SECURE ISOLATION OF TENANT RESOURCES IN A MULTI-TENANT STORAGE SYSTEM USING A GATEKEEPER - Machines, systems and methods for controlling access to data stored on shared storage, servicing a plurality of tenants, the method comprising receiving a request from a first process to access a first data item associated with a first tenant in a multi-tenant data storage system, and providing access to the data item through a gatekeeper, in response to determining that the first process is associated with the first tenant. | 2014-11-06 |
20140331338 | DEVICE AND METHOD FOR PREVENTING CONFIDENTIAL DATA LEAKS - The present invention makes it possible to verify definition information and data in a remote environment while properly protecting confidential data definition information using encryption and the like. The present invention comprises: a step for hiding in an individual manner definition information, such as a word or partial character string representing confidential information, using encryption, hashing, or the like; a step for extracting and hiding in an individual manner a word, partial character string or other such element from data to be controlled; a step for transmitting the hidden element to a server; and a step for verifying, in a hidden manner as-is, the hidden definition information and the hidden element, and deciding whether information matching the definition information is included in the data to be controlled. | 2014-11-06 |
20140331339 | Transgenic Non-Human Assay Vertebrates, Assays and Kits - The invention provides Assay Vertebrates comprising a human antigen or epitope knock-in for testing antibodies comprising human variable regions and generated in a related Antibody-Generating Vertebrate. The invention also provides kits and methods involving these vertebrates and antibodies. The invention provides for superior assay models and assay methods of chimaeric and other test antibodies comprising human variable regions. | 2014-11-06 |