| 18th week of 2016 patent applcation highlights part 73 |
| Patent application number | Title | Published |
|---|
| 20160127303 | INTELLIGENTLY SHARING MESSAGES ACROSS GROUPS - Identifying recipients to receive communication based on content selection may be provided. An indication of content selected by a user is received. The content may be part of group communication that is communicated among users via an online communication application. The content and an author of the content are identified. One or more criteria may be applied to the content to determine the recipients of the communication. The communication may be transmitted as a single message to the recipients simultaneously. | 2016-05-05 |
| 20160127304 | AUTOMATIC SCHEDULING OF CONTENT DELIVERY - A content delivery system coupled to a computer network can provide large volumes of content to large numbers of recipients. The content is collected into digests and individual articles to be sent in email via an email channel established by the content delivery system to the recipients through the computer network. Content producers submit content for aggregation into various email deliveries and submit initial scheduling information. The scheduling information may specify target characteristics of preferred recipients of the content as well as general and initial scheduling preferences for email delivery. The content delivery system utilizes the initial scheduling information as a starting point for scheduling email deliveries. The system measures levels of content interaction by the recipients to gauge corresponding interest levels in the content. Using recipient interest levels as feedback, the content delivery system is able to modify and extend scheduling details to optimally schedule further deliveries of content. | 2016-05-05 |
| 20160127305 | VISIBILITY CONTROL FOR DOMAIN NAME SYSTEM SERVICE DISCOVERY - Techniques are provided for performing domain name system (DNS) service discovery based on policy evaluations. In an embodiment, policy data is represented as DNS-SD records and is used to control visibility of services for service requesting devices. The policy data may describe policies for a particular type of a service or a particular service delivery unit. The visibility of service delivery units is determined through evaluations of the policies in policy data. In some embodiments, additional metadata may be retrieved to be used in the policy evaluations. In certain embodiments, based on the policy evaluations service data about only a subset of service delivery units available is returned to a service requesting device in response to a DNS-SD query. | 2016-05-05 |
| 20160127306 | Packet Transmission Method, Apparatus, and System in Multicast Domain Name System - A packet transmission method, apparatus, and system in a multicast domain name system (mDNS), which are used to resolve a network bandwidth waste problem due to much service information needs to be transmitted in an mDNS-based network. The method includes, converting, by a relay, a known-answer service query packet that is sent by a user terminal and used to query service information in an mDNS, into a unicast known-answer service query packet and sending the unicast known-answer service query packet to a gateway, receiving, by the relay, a unicast known-answer service answer packet that is sent by the gateway and includes service information unknown to the user terminal, and converting, by the relay, the unicast known-answer service answer packet into a multicast known-answer service answer packet and sending the multicast known-answer service answer packet to the user terminal. | 2016-05-05 |
| 20160127307 | CLUSTER-BASED NETWORK FILE SERVER - Methods and systems for managing, storing, and serving data within a virtualized environment are described. In some embodiments, a data management system may manage the extraction and storage of virtual machine snapshots, provide near instantaneous restoration of a virtual machine or one or more files located on the virtual machine, and enable secondary workloads to directly use the data management system as a primary storage target to read or modify past versions of data. The data management system may allow a virtual machine snapshot of a virtual machine stored within the system to be directly mounted to enable substantially instantaneous virtual machine recovery of the virtual machine. | 2016-05-05 |
| 20160127308 | METHOD FOR KEEPING REMOTE CONNECTION, ELECTRONIC DEVICE AND SERVER - A method for keeping remote connection, an electronic device, and a server are provided. After establishing a first network connection, the electronic device enters a power-saving state from an operation state. While operating in the power-saving state, a communication module of the electronic device continuously detects a keep-alive packet transmitted by the server via the first network connection. If an error of reception of the keep-alive packet occurs, the electronic device returns to the operation state from the power-saving state in response to a wake-up signal, so as to re-establish a second network connection between the electronic device and the server. | 2016-05-05 |
| 20160127309 | METHOD FOR PREVENTING COLLISIONS BETWEEN ADDRESSES IN DEVICE-TO-DEVICE COMMUNICATIONS - Methods for preventing address collisions in device-to-device (D2D) communications are disclosed. An operation method of a first terminal in a wireless communication network may comprise configuring an internet protocol (IP) address of the first terminal used for D2D communications; generating an announcement frame based on an address resolution protocol (ARP) including the IP address; and transmitting the announcement frame. Thus, a problem of collisions between IP addresses in D2D communications can be resolved. | 2016-05-05 |
| 20160127310 | DISTRIBUTED INDUSTRIAL CONTROL MONITORING AND MANAGEMENT - An industrial control system provides for a bottom-up configuration and incremental growth in size and complexity without requiring system-specific programming at a central control or display point. XML packets are transmitted from the controllers upon event occurrences and controllers are assigned human meaningful names and group names. By knowing the addressing information for a single controller in a named group of controllers, the identity, addressing and basic status for other members of the group are provided graphically. This can allow operation in a low-bandwidth environment, including LTE cellular communications. | 2016-05-05 |
| 20160127311 | RECLAIMING LEASED IP ADDRESSES IN WIRELESS NETWORKS - Methods, systems and computer readable media for reclaiming DHCP leased IP address from disassociated clients in a WLAN are described. | 2016-05-05 |
| 20160127312 | Optimization of Resource URLS in Machine-to-Machine Networks - A mechanism for forming and using shortened Uniform Resource Locators or URLs for resources available within a Machine-to-Machine, M2M, network enables the use of a Domain Name Server based routing of M2M messages between entities within the M2M network domain without requiring the memory-intensive storage that would be required for indicating the full network topology associated with the actual resource locations. | 2016-05-05 |
| 20160127313 | Identifying Port Misconnections On A Network Device - Identifying port misconnections on a network device is disclosed. In an embodiment, host-to-port configuration data for a second network device is received at a first network device, wherein the host-to-port configuration data identifies, for each port of a plurality of ports of the second network device, a host that was connected to the port of the second network device. A particular host that is currently connected to a particular port of a plurality of ports of the first network device is determined. A second host was connected to a port of the second network device that corresponds to the particular port of the first network device, where the second host is different than the particular host, is determined. In response to determining that the particular host is different than the second host, an alert signal associated with the particular port is presented. | 2016-05-05 |
| 20160127314 | Front End Processor for Short Message Service Centers - A communication gateway which includes a short-message-system network element is disclosed. The communication gateway includes a short-message-system network element to transmit short-message data to a plurality of session-initiation-protocol endpoints and a front-end processor coupled with the short-message-system network element to provide session-initiation-protocol services for translating the short-message data transmitted between the plurality of session-initiation-protocol endpoints. | 2016-05-05 |
| 20160127315 | FIREWALL BASED PREVENTION OF THE MALICIOUS INFORMATION FLOWS IN SMART HOME - A system for preventing malicious attacks on a device in a Smart Home network comprises logical circuitry suitable to compare information flows in said network with legal information flows stored in memory means. | 2016-05-05 |
| 20160127316 | HIGHLY SECURE FIREWALL SYSTEM - A firewall system with closed ports configured to reject the data packets and create a readable log of rejected data packets. A port listening processor utilizes multiple daemon processors to receive and process information from the data packets to open ports using the dynamically modifiable port specific data structures. | 2016-05-05 |
| 20160127317 | METHOD AND APPARATUS FOR DISPLAYING HTTPS BLOCK PAGE WITHOUT SSL INSPECTION - The present disclosure discloses a method and system for displaying an HTTPS block page without SSL inspection. Specifically, a network device snoops a first message transmitted between a client device and a network resource. The first message is transmitted as part of a SSL Handshake between the client device and the network resource to establish a SSL session. Moreover, the network device determines whether the client device is authorized to access the network resource. If not, the network device blocks the establishment of a SSL session between the client device and the network resource, and spoofs the network resource for establishing the SSL session between the client device and the network device instead of establishment of the SSL session between the client device and the network resource. Otherwise, the network device refrains from blocking the establishment of the SSL session between the client device and the network resource. | 2016-05-05 |
| 20160127318 | SECURITY SERVICES FOR END USERS THAT UTILIZE SERVICE CHAINING - Embodiments described herein provide security for end users of User Equipment (UE) that utilize service chaining for Service Data Flows (SDFs). One embodiment comprises a Policy and Charging Rules Function (PCRF) that determines that a service chain is enabled for a SDF requested by an end user of a UE. The PCRF identifies a service function implemented in the service chain that processes the SDF based on a generic security policy, and identifies a security rule for the end user for filtering the SDF by the service function. The PCRF provides the security rule to the service function for filtering the SDF within the service chain. | 2016-05-05 |
| 20160127319 | METHOD AND SYSTEM FOR AUTONOMOUS RULE GENERATION FOR SCREENING INTERNET TRANSACTIONS - A computer system for evaluating transactions in a network includes a storage medium, one or more processors coupled to said storage medium, and computer code stored in said storage medium. Computer code, when retrieved from said storage medium and executed by said one or more processor, causes the system to receive a plurality of transactions over the network, and automatically generating rules for evaluating the transactions, using the computer system. Each of the rules includes variables and partition of values of the variables, each partition having an assigned score. The computer system also automatically combining the rule scores to form a final score. | 2016-05-05 |
| 20160127320 | Proxy Forwarding of Local Traffic by Edge Devices in a Multi-Homed Overlay Virtual Private Network - A first provider edge network device that is configured in a multi-homed virtual private network for a data center in which there are one or more peer edge network devices including a second edge network device, receives from the second edge network device a message indicating that a link for a particular Ethernet segment of the second edge network device in the data center is down. Information is stored at the first edge network device indicating state of links for Ethernet segments associated with each of the one or more other edge network devices at the data center. The first edge network device forwards of traffic for the particular Ethernet segment locally on Ethernet segments in the data center on behalf of the second edge network device. The proxy forwarding is performed for traffic for the particular Ethernet segment that originates from the data center, that is, for “same-site” traffic. | 2016-05-05 |
| 20160127321 | METHOD AND SYSTEM FOR VPN ISOLATION USING NETWORK NAMESPACES - One embodiment of the present invention provides a system for providing exclusive access to a virtual private network (VPN) connection to an authorized application. During operation, the system creates a unique network namespace that is different from a default network namespace of a host system. The system then places a pseudo network interface associated with the VPN connection into the unique network namespace. Furthermore, the system places at least one socket for an authorized application into the unique network namespace. The system also precludes unauthorized applications on the host from accessing the unique network namespace, thereby facilitating exclusive access to the VPN connection by the authorized application. | 2016-05-05 |
| 20160127322 | MASKING DATA WITHIN JSON-TYPE DOCUMENTS - A method comprising using at least one hardware processor for: receiving input from a user with respect to masking of a data element in one or more documents of a java script object notation (JSON) type, wherein the input comprises: an identifier of the data element, and one or more constraints for masking the data element based on the hierarchy of the one or more documents of the JSON-type; and generating a masking rule for the one or more documents of the JSON-type based on the input. | 2016-05-05 |
| 20160127323 | TRUSTED DEVICE CONTROL MESSAGES - Two endpoint devices communicate with one another in a secure session using a secure protocol. Trusted control messages are passed upstream from one of the endpoint devices through one or more additional secure sessions to a centralized managing server. Additionally, trusted control messages are passed downstream from the centralized manager server through secure sessions to one or more of the endpoint devices. Each endpoint device is integrated into a terminal device. | 2016-05-05 |
| 20160127324 | PRIVACY PROTECTED INTERNET NETWORKS, SUBNETWORKS AND SUB-SUBNETWORKS - A computerized methods and systems to create, control and manage restricted scope and closed internet interactive networks, subnetworks and sub-subnetworks. The invention permits the protected network, subnetworks and sub-subnetworks to be connected to an open or previously established network, yet still remaining protected, secure and anonymous. Entrance into the protected interactive networks, subnetworks and sub-subnetworks by the user is achieved through a protected network device, anonymous address code, anonymous access code and/or anonymous login information. As the user interacts with the digital elements within the protected interactive networks, subnetworks and sub-subnetworks, a database of said interactions is created and used by the protected network provider in various ways, such as for user behavior information. No personal identifiable information is stored within interactive networks, subnetworks and/or sub-subnetworks and communication on said networks is unique, which inhibits and deters the targeting of the networks by cyber-criminals. | 2016-05-05 |
| 20160127325 | SCRAMBLING BUSINESS DATA - Methods and system are disclosed that scramble business data before transferring to a test environment. In one aspect, a business data scrambling logic may detect a transfer of the business data from a proprietary database (e.g., source database) to another database (e.g., target database) in test environment. The business data scrambling logic may determine metadata associated with the business data stored in source tables in the source database. Based on the metadata, the columns in the source tables including indicia may be identified. For the identified columns, alias values and associated hash codes may be generated. In the target database, target tables may be generated upon transferring the business data from the source database to the target database. The target tables may include values (e.g. actual values) and alias values associated with the business data. The alias values may represent scrambled business data. | 2016-05-05 |
| 20160127326 | TELECOMMUNICATION METHOD FOR SECURELY EXCHANGING DATA - The invention provides for a telecommunication method of securely exchanging unencrypted data between a telecommunications device and a first server computer system via a digital cellular wireless telecommunications network, wherein the telecommunications device is a battery powered mobile end user telecommunications device, wherein the method comprises the steps of: encrypting the unencrypted data using a first encryption algorithm into first encrypted data, sending the first encrypted data to a second server computer system via a first network connection of the digital cellular wireless telecommunications network, storing the first encrypted data by the second server computer system, sending an order request to the first server computer system via a second network connection of the digital cellular wireless telecommunications network by the telecommunications device, sending a data publishing request to the second server computer system, generating a cryptographic key pair, sending the first encrypted data, the public key, and the private key to the telecommunications device, decrypting the first encrypted data into the unencrypted data, encrypting the unencrypted data into second encrypted data using the public key, sending the second encrypted data to the second, generating a web service for providing the second encrypted data via an URL, sending the URL to the telecommunications device, sending the URL and the private key, requesting the second encrypted data from the second server computer system, sending the second encrypted data to the first server computer system by the second server computer system using the wired network connection, decrypting the second encrypted data by the first server computer system into the unencrypted data, and combining the order request with the unencrypted data. | 2016-05-05 |
| 20160127327 | ROAMING CONTENT WIPE ACTIONS ACROSS DEVICES - Content on a device is encrypted and protected based on a data protection key. The protected content can then be copied to cloud storage, and from the cloud storage the protected content can be transferred to various other ones of the user's devices. A key used to retrieve plaintext content from the protected content is associated with an identifier of a particular device that provides the key, the device providing the key being the device that generated the key, or another managed device to which the protected content was transferred. A wipe command can similarly be transferred to the various ones of the user's devices, causing any keys associated with a particular device to be deleted from each of the various ones of the user's devices. | 2016-05-05 |
| 20160127328 | INVISIBLE TWO FACTOR AUTHENTICATION AND INCREMENTAL DYNAMIC DATA - In an example embodiment, invisible two factor authentication is performed by receiving, at a first machine, a registration request from a second machine, with the registration request encrypted using a common hash key. Then, in response to the receiving of the registration request, a server key is generated that is unique to the first machine and to the second machine. The registration request is responded to with the server key encrypted using the common hash key. Encrypted data is then received from the client machine, and this encrypted data is decrypted using the server key. In another example embodiment, in response to a determination that a data source has changed, incremental dynamic data processing is performed by identifying dynamic data relevant to records in the data source marked for distribution and, based on the existence of a state for each piece of dynamic data, marking the dynamic data for distribution. | 2016-05-05 |
| 20160127329 | SYSTEMS AND METHODS FOR PROVIDING CONDITIONAL ACCESS TO TRANSMITTED INFORMATION - Controlling access to position information at a receiver, or at another device external to the receiver. Various considerations, including a requested service type, a user type, a device type, a software application type, a payment, and/or other characteristics associated with a particular software application or distributor of that software application, may be used to control access to position information. | 2016-05-05 |
| 20160127330 | RESOURCE LOCATORS WITH KEYS - Requests are pre-generated to include a cryptographic key to be used in fulfilling the requests. The requests may be encoded in uniform resource locators and may include authentication information to enable a service provider to whom the requests are submitted to determine whether the requests are authorized. The requests may be passed to various entities who can then submit the requests to the service provider. The service provider, upon receipt of a request, can verify the authentication information and fulfill the request using a cryptographic key encoded in the request. | 2016-05-05 |
| 20160127331 | METHOD AND SYSTEM FOR ENCRYPTED COMMUNICATIONS - Method and device of encrypting communication between a server and a peripheral device are disclosed. The method includes: a server receiving a session request from a control device, the session request including a predetermined device ID of a peripheral device associated with the control device; generating a first session key for encrypting and decrypting future communication between the peripheral device and the server; identifying a pre-stored encryption key corresponding to the predetermined device ID from a database, wherein the pre-stored encryption key is also pre-stored in the peripheral device; encrypting the first session key using the pre-stored encryption key; sending the encrypted first session key to the peripheral device via the control device; and encrypting communication to the peripheral device in a respective communication session using the first session key. | 2016-05-05 |
| 20160127332 | OFF-HOST AUTHENTICATION SYSTEM - An off-host authentication system includes an authentication information handling system (IHS) that is coupled to a network. The off-host authentication system also includes a host processing system. An off-host processing system in the off-host authentication system is coupled to the host processing system and is coupled to the authentication IHS through the network. The off-host processing system provides an encrypted primary authentication item to the authentication IHS through the network. The off-host processing system then receives an encrypted secondary authentication token from the authentication IHS through the network. The off-host processing system then decrypts the encrypted secondary authentication token to produce a decrypted secondary authentication token and uses the decrypted secondary authentication token to retrieve a tertiary authentication token. The off-host processing system then provides the tertiary authentication token to the host processing system for use in logging a user into a user IHS that includes the host processing system. | 2016-05-05 |
| 20160127333 | Technologies for Secure Inter-Virtual Network Function Communication - Technologies for secure inter-virtual network function communication include a computing device to determine a cryptographic key for secure communication over at least one of an inter-virtual network function (VNF) network, an inter-virtual network function component (VNFC) network, or a VNF-VNFC network based on a security policy of the computing device; and. The computing device securely communicates over at least one of the inter-VNF, inter-VNFC, or VNF-VNFC network based on the determined cryptographic key. | 2016-05-05 |
| 20160127334 | RESUMPTION OF PLAY FOR A CONTENT-DELIVERY SESSION - Multimedia content may be delivered to content consumer devices via a content-delivery network. Encrypted content and cryptography keys for decrypting the content may be distributed from a data center to various nodes of the content-delivery network, each node acting as a semi-independent content-delivery system. Each content-delivery system is capable of delivering received content to end-users and implementing a key-management scheme to facilitate secure content-delivery and usage tracking, even when the content-delivery system is disconnected from the data center. Further, each content-delivery system may generate an authorization-token that can be transmitted to other systems in the content-delivery network, enabling the other systems to quickly determine that a request to resume a previous content-delivery session has already been authorized. | 2016-05-05 |
| 20160127335 | DIRECTORY SERVICE DEVICE, CLIENT DEVICE, KEY CLOUD SYSTEM, METHOD THEREOF, AND PROGRAM - Name information which is generated by using a value corresponding to a decryption key and address information of a key cloud device which provides a cloud-key management type decryption service in which the decryption key is used are stored in a storage of a directory service device in a manner to associate the name information with the address information, and a searching unit of the directory service device searches the storage by using the inputted name information to obtain address information corresponding to the inputted name information. | 2016-05-05 |
| 20160127336 | PREVENTING PERSISTENT STORAGE OF CRYPTOGRAPHIC INFORMATION USING SIGNALING - Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations. Signaling methods are used to notify virtual machine instances of serialization events in order to prevent keying material from being stored persistently. | 2016-05-05 |
| 20160127337 | SYSTEMS AND METHODS FOR CLOUD DATA SECURITY - Techniques for providing data security services with respect to cloud-based services are described. Examples include a security service provider (“SSP”) configured to perform or provide one or more security-related services or functions with respect to or on behalf of some other system or service. The other system or service may be, for example, a cloud-based system that provides network-accessible services. The SSP allows a user of the cloud-based service to provide and manage one or more security-related services, such as data storage, encryption, decryption, key management, and the like. By using and controlling the SSP, the user can be confident that his or her data is being securely represented and stored, even though it is being operated upon by a cloud-based service that is not under the user's control. | 2016-05-05 |
| 20160127338 | AGGREGATE SERVICE WITH ENHANCED REMOTE DEVICE MANAGEMENT - One embodiment provides a method, including: receiving, from a client device, a request by a user to access an aggregate service device; authenticating, at the aggregate service device, the user to provide access to at least one remote device; providing, by the aggregate service device, data analogous to data of the at least one remote device; receiving, by the aggregate service device, a selection of data accessible by the user from the at least one remote device; and facilitating data transfer associated with the selection of data. Other aspects are described and claimed. | 2016-05-05 |
| 20160127339 | AGGREGATE SERVICE WITH ENHANCED CLOUD DEVICE MANAGEMENT - One embodiment provides a method, comprising: receiving, from a client device, a request by a user to access an aggregate service device; authenticating, at an aggregate service device, the user to provide access to a plurality of cloud storage accounts of the user hosted by a single cloud storage service; providing, by the aggregate service device, data analogous to data of the plurality of cloud storage accounts; receiving, by the aggregate service device, a selection of data accessible by the user from the plurality of cloud storage accounts of the user; and facilitating data transfer associated with the selection. | 2016-05-05 |
| 20160127340 | METHOD AND APPARATUS FOR CONNECTING A COMMUNICATION DEVICE TO A DEPLOYABLE NETWORK WITHOUT COMPROMISING AUTHENTICATION KEYS - A method and apparatus is provided for connecting a communication device to a deployable system. The deployable system obtains at least one deployable key derived on a fixed system for the deployable system based on an existing key stored on a database of the fixed system, wherein the existing key is used to authenticate a communication device. The deployable system stores the derived key. Subsequent to the storing, the deployable system is activated to provide communication resources to communication devices disconnected from the fixed system. The activated deployable system is not connected to the fixed system. The activated deployable system receives an authentication request from the communication device requesting connection to the deployable system; generates authentication vectors using the at least one derived deployable key; and authenticates an authentication response received from the communication device using the authentication vectors. | 2016-05-05 |
| 20160127341 | A Method and Apparatus for Anonymous and Trustworthy Authentication in Pervasive Social Networking - A method for anonymous authentication may comprise: issuing token information to a first node registered with a network entity, wherein the token information indicates one or more tokens for the first node; distributing a token list to a plurality of nodes registered with the network entity, wherein the token list is associated with respective tokens for the plurality of nodes comprising at least the first node and a second node, and wherein the token information and the token list are used for an anonymous authentication between the first node and the second node. | 2016-05-05 |
| 20160127342 | System and Method for Providing Security Monitoring - The present disclosure describes systems and methods for processing security sensor data that enhances the ability of a user to quickly and efficiently review portions of the sensor data streams. | 2016-05-05 |
| 20160127343 | AUTHENTICATING DATA TRANSFER - In an embodiment, a method for authenticating data transfer is provided. A user-agent is redirected between an enterprise, an intermediary platform, and an application server. | 2016-05-05 |
| 20160127344 | PASSWORD-LESS AUTHENTICATION SYSTEM AND METHOD - A processor-implemented method for authenticating a login without a password. The method includes: receiving a request to authenticate a login, the request including a user identifier and excluding a password; based on the user identifier, identifying a device to be used to authenticate the login; and in response to determining that a login confirmation message has been received from the identified device, authenticating the login. | 2016-05-05 |
| 20160127345 | System And Method For Providing A Content Delivery Network Via A Motor Vehicle - A cache server disposed in a motor vehicle receives and caches content from a content distribution network when a load of a cellular link to the content distribution network is low. The cache server determines that the motor vehicle is turned off, broadcasts a wireless signal as part of a wireless network when the motor vehicle is turned off, and provides a device access to the content cached in the cache server via the wireless network. | 2016-05-05 |
| 20160127346 | MULTI-FACTOR AUTHENTICATION - The disclosed invention is a system and method that allows for authentication of a user to a network using a token. The user can use movements or gesture that are recorded by an accelerometer and the token interacts with a device and authenticates the user to the system. The token may be part of the device or stand alone. The various aspects of the present invention capture a novel design for an authentication token that authenticated the token and the user of the token. | 2016-05-05 |
| 20160127347 | AGGREGATE SERVICE WITH USER INTERFACE - One embodiment provides a method, including: receiving authentication input, at a device, that is sent to an aggregate service device; requesting file system data, retrieved by the aggregate service device, analogous to data stored on a remote device and data stored on a cloud storage device; receiving at the device, after providing the authentication input to the aggregate service device, the file system data from the aggregate service device; and displaying, on the device, a user interface in the form of a file manager application generated from the requested file system data. | 2016-05-05 |
| 20160127348 | LINKED REGISTRATION - Secure registration of a new application with a server system is provided. An old application has been registered with the system. A first link between the new application and the system establishes a first key and first check data is communicated from the system to the new application and passed to the old application. A second link between the old application and the system establishes a second key based on input of a credential to the old application; the first check data is communicated from the old application to the system. Enciphered second check data is communicated from the system to the old application over the second link and further encrypted by the old application using a third key. This generates doubly-enciphered check data which is passed to the new application and decrypted using the first key and a fourth key, generated at the new application based on the first check data and input of the credential to the new application. | 2016-05-05 |
| 20160127349 | DATA PROCESSING SYSTEM, DATA PROCESSING APPARATUS AND LOG IN METHOD - A data processing system including a data processing apparatus, includes a user data storing unit that stores user data of a user who uses a first service, the user data including first authentication data used for logging in the first service and user specifying data; a determining unit that determines, when the user who uses the first service sets second authentication data used for logging in a second service different from the first service, user specifying data usable as the second authentication data from the user specifying data included in the user data; and a management unit that sets the user specifying data determined to be usable as the second authentication data in the user data of the user who uses the first service as the second authentication data, and manages the user data as user data of the user who uses the first service and the second service. | 2016-05-05 |
| 20160127350 | MULTIPLE INPUT BASED PASSWORDS - A computer-implemented method, carried out by one or more processors, for utilizing one or more input methods for passwords. In an embodiment, the method comprises the steps of determining, by one or more processors, one or more input methods supported for a password entry, wherein the password entry verifies a user's credentials; receiving, by one or more processors, a candidate password through the one or more input methods, wherein each character of the candidate password has an associated input method; and storing, by one or more processors, the candidate password as the password entry, along with the associated input method for each character of the candidate password. | 2016-05-05 |
| 20160127351 | CONTINUOUS MULTI-FACTOR AUTHENTICATION - Technologies for continuously authenticating a user via multiple authentication factors include a computing device for generating a continuous authentication assertion indicating that continuous authentication of a user is being monitored, sending the continuous authentication assertion to a key distribution center server, and requesting and receiving an initial ticket from the key distribution center server. Such technologies may also include requesting a service ticket from the key distribution center server for accessing a service provider server, receiving a service ticket from the key distribution center server including the continuous authentication assertion, requesting access to the service provider server with the service ticket including the continuous authentication assertion, and accessing the service provider server in response to the continuous authentication assertion being verified. | 2016-05-05 |
| 20160127352 | STEP-UP AUTHENTICATION FOR SINGLE SIGN-ON - A method for authenticating a user seeking access to first and second resources that have different authentication levels. The method includes receiving a primary token that is associated with a first authentication event of the user and authenticates the user to access the first resource, and receiving a first request to access the second resource. The method further includes receiving first credentials of the user. The method further includes, responsive to validating the first credentials, generating a second authentication event, associating the second authentication event with the primary token, and issuing a first secondary token that authenticates the user to access the second resource. | 2016-05-05 |
| 20160127353 | METHOD AND APPARATUS FOR ENABLING SECURED CERTIFICATE ENROLLMENT IN A HYBRID CLOUD PUBLIC KEY INFRASTRUCTURE - In a method a public key infrastructure (PKI) device receives a certificate signing request (CSR) and an identity assertion cryptographically bound to an end entity issuing the CSR. The PKI device validates the authenticity and integrity of the CSR using the identity assertion. In response to validating the authenticity and integrity of the CSR, the PKI device issues a certificate based on at least one of the CSR and fields in the identity assertion. | 2016-05-05 |
| 20160127354 | MANAGEMENT METHOD AND ARRANGEMENT FOR OUTPATIENT ELECTROCARDIOGRAPHY ON A PATIENT - A management method for outpatient electrocardiography on a patient using an ECG recorder, an administration network, a first mobile device and at least one second mobile device is provided. In order to initialize outpatient electrocardiography on a patient, the first mobile device is connected to the ECG recorder and to the administration network and in the process an identification code assigned to the ECG recorder is transmitted from the ECG recorder to the administration network. After the verification of the authorizations of the mobile device, at least one certificate assigned to the ECG recorder is provided by the administration network and is transmitted to the ECG recorder for storage via the mobile device. The second mobile device is connected to the ECG recorder and to the administration network and in the process the identification code assigned to the ECG recorder is transmitted from the ECG recorder to the administration network. | 2016-05-05 |
| 20160127355 | EMBEDDED EXTRINSIC SOURCE FOR DIGITAL CERTIFICATE VALIDATION - A computer uses the information included within a digital certificate to obtain a current date and time value from a trusted extrinsic trusted source and the computer compares the obtained current date and time value to a validity period included in the digital certificate to determine if the digital certificate is expired. The information included within the digital certificate specifying an extrinsic source for the current date and time value can be included in an extension of the digital certificate, and the information can specify a plurality of extrinsic sources. | 2016-05-05 |
| 20160127356 | INFORMATION PROCESSING SYSTEM AND AUTHENTICATION METHOD - An information processing system includes a service utilizing device and at least one information processing device to provide a service for the service utilizing device. A temporary code issuing unit to issue a temporary code is provided in the information processing device. A device authentication token generation unit is provided in the service utilizing device and generates a device authentication token by using the temporary code obtained from the information processing device. A device authentication ticket issuing unit is provided in the information processing device and verifies whether the device authentication token obtained from the service utilizing device is valid by using the temporary code and issues a device authentication ticket depending on a verification result. An access unit is provided in the service utilizing device and accesses a resource in the information processing device by using the device authentication ticket obtained from the information processing device. | 2016-05-05 |
| 20160127357 | Method for safeguarding a network - A method for safeguarding a network made up of at least one first device and one second device. The first device derives a first challenge from physical properties of a first communication channel between the first device and the third device. In addition, the first device transmits the first challenge to the second device via a second communication channel between the first device and the second device. The first device receives a first response, corresponding to the first challenge, from the third device via the first communication channel and receives a second response, corresponding to the first challenge, from the second device via the second communication channel. The first device compares the first response and the second response to one another to verify that the second device is communicating with the third device. | 2016-05-05 |
| 20160127358 | PROVIDING A SECURITY MECHANISM ON A MOBILE DEVICE - Disclosed are methods, apparatus, systems, and computer program products for providing a security mechanism on a mobile device before performing an action on a database record in an on-demand database service. The action to be performed can be identified for requesting third-party information. When the third-party information is provided by a user who does not have authorization to access data locally or remotely from the mobile device, the action is performed on the database record but the security mechanism can be activated for display on the mobile device. When the security mechanism is traversed, the mobile device can be unlocked and a user can access the database record in the on-demand database service. | 2016-05-05 |
| 20160127359 | COMPLIANT AUTHENTICATION BASED ON DYNAMICALLY-UPDATED CRTEDENTIALS - A system, method and a computer-readable medium for authenticating a user in a live manner in non-face-to-face transactions, including a user downloading an authentication application from a server to a pervasive computing device, and after downloading the application, having an icon residing on the display of the device. When the authentication application is activated by the user, biographical and multi-biometric information of the user is requested by the application, and subsequently submitted to an authentication engine residing in a secure network cloud. The authentication process further includes, verifying by the authentication engine all of the requested information, compliance with government regulations such as CFT/AML, and the 4 | 2016-05-05 |
| 20160127360 | SYSTEMS AND METHODS FOR AUTHENTICATING A USER BASED ON SELF-PORTRAIT MEDIA CONTENT - Systems, methods, and non-transitory computer-readable media can receive an indication that a user is attempting to authenticate as a particular identity. A media content item captured using a front-facing device camera can be acquired. The media content item can include graphical data representing the user. The graphical data can be analyzed, at least in part, to produce a confidence score representing a likelihood that the user corresponds to the particular identity. The user can be authenticated as the particular identity when the confidence score at least meets a specified authentication threshold. | 2016-05-05 |
| 20160127361 | AUTHENTICATION TERMINAL - An authentication terminal comprising an authentication apparatus authenticating an authentication subject, an artifact operating in accordance with an input signal and a signal processing section is provided. When an authentication result in the authentication apparatus is passed, the signal processing section inputs an input signal without including information of the authentication subject in the artifact and outputs an output signal in accordance with an operation result of the artifact as the authentication result. | 2016-05-05 |
| 20160127362 | AUTHENTICATION SYSTEM, AUTHENTICATION METHOD AND SERVICE PROVIDING SYSTEM - An authentication system comprising an authentication terminal and an authentication server is provided. The authentication terminal comprises an authentication apparatus authenticating an authentication subject, an artifact operating in accordance with an input signal and a signal processing section inputting an input signal without including information of the authentication subject designated by the authentication server in the artifact and outputting an output signal in accordance with an operation result of the artifact as an authentication result when the authentication result in the authentication apparatus is passed. The authentication server authenticates the authentication subject based on the output signal. | 2016-05-05 |
| 20160127363 | Method and System for Verifying the Identity of a User of an Online Service - A method for verifying the identity of a user of an online service, with the steps of: when a user is connected (A | 2016-05-05 |
| 20160127364 | Apparatus and Method for Host Abstracted Networked Authorization - An information handling system includes a host processing system and an authentication processing system. The authentication processing system authenticates to the host processing system based upon a shared secret. An authentication module of the authentication processing system operates as a master authentication module to establish an authentication area, determine that a first device is a first trusted device of the authentication module, determine that the first device is within the authentication area, authenticate the first device on the authentication area based upon the determination that the first device is within the authentication area, determine that a second device is a second trusted device of the authentication module, determine that the second device is not within the authentication area, and prevent the second device from authenticating on the authentication area based upon the determination that the second device is not within the authentication area. | 2016-05-05 |
| 20160127365 | AUTHENTICATION TOKEN - The disclosed invention is a system and method that allows for authentication of a user to a network using a token. The token interacts with a device and authenticates the user to the system using lower power consumption and minimal bandwidth user for communication. The token may be part of the device or stand alone. The various aspects of the present invention capture a novel design for an authentication token that eliminates the need for user interaction with the token. | 2016-05-05 |
| 20160127366 | ANONYMOUS SIGNATURE SCHEME - Technologies are generally described for providing an anonymous signature scheme. In some examples, a method performed under control of an end device ma | 2016-05-05 |
| 20160127367 | SYSTEMS AND METHODS FOR PRIVATELY PERFORMING APPLICATION SECURITY ANALYSIS - Systems and methods for analyzing applications on a mobile device for risk so as to maintain the privacy of the application user are provided. In the example method, the process receives a request from a mobile device. The request includes a cryptographic representation of application information for an application residing on a mobile device. The method includes comparing the cryptographic representation to an application information database that includes cryptographic representations of applications. The method also includes automatically remediating, e.g., quarantining and retiring, the application if the application matches an application that is a known risk in the database. Exemplary embodiments provide companies with controls to prevent specific applications—which have specific behaviors and are present on mobile devices being used by employees—from being used by employees, without the company having any visibility into what particular applications are being used by the employees on the mobile device. | 2016-05-05 |
| 20160127368 | Method, Apparatus, and System for Controlling Access of User Terminal - A method, an apparatus, and a system for controlling access of a user terminal, where the method includes receiving, by a controller, an authentication packet sent by an access switching node through an established data tunnel; obtaining, by the controller, a source media access control (MAC) address of the authentication packet; after access authentication implemented on a user terminal, determining, from a maintained correspondence between MAC addresses of user terminals and interface identifiers, an interface identifier corresponding to the MAC address of the successfully-authenticated user terminal, where the interface identifier identifies an interface connected to the user terminal; and sending, by the controller, the determined interface identifier to the access switching node through an established control tunnel, and instructing the access switching node to enable the interface corresponding to the interface identifier. | 2016-05-05 |
| 20160127369 | METHOD, DEVICE AND SYSTEM FOR USER AUTHENTICATION - A method of user authentication is disclosed. The method is performed at a server device having one or more processors and memory for storing programs to be executed by the one or more processors. The method includes receiving, from a first terminal device, a service request including identification information of the user. The method includes generating a verification code in response to the service request. The method also includes establishing, based on the identification information of the user, a voice communication with a second terminal device in response to a failure of sending a non-voice message including the verification code to the user in a non-voice communication method. The method further includes sending, during the voice communication and to the second terminal device, a voice message including the verification code such that the user uses the verification code to authenticate the service request at the first terminal device. | 2016-05-05 |
| 20160127370 | TECHNIQUES FOR CALL-BASED USER VERIFICATION - Techniques for call-based user verification are described. In one embodiment, for example, an apparatus may comprise a processor circuit and a storage component. The apparatus may further comprise a session component, an identification (ID) component, a mapping component, and a verification component. The session component may be operative on the processor circuit and configured to receive session data from a client device and store the session data in the storage component. The ID component may be operative on the processor circuit and configured to request ID data from a server, receive ID data from the server, and send the ID data to the client device. The mapping component may be operative on the processor circuit and configured to map the session data with the ID data. The verification component may be operative on the processor circuit and configured to receive a confirmation from the client device, request verification from the server, and upon receiving verification from the server, verify the client device. Other embodiments are described and claimed. | 2016-05-05 |
| 20160127371 | SYSTEM AND METHOD FOR PROVIDING ERROR HANDLING IN AN UNTRUSTED NETWORK ENVIRONMENT - An example method is provided and may include receiving a DIAMETER-based error over an SWm interface by a first evolved packet data gateway (ePDG) for a user equipment (UE) attempting to connect to the first ePDG; determining an Internet Key Exchange version two (IKEv2) error type corresponding to the DIAMETER-based error; and communicating the IKEv2 error type to the UE over an SWu interface. In some cases, the IKEv2 error type can be included in a notify payload or in a vendor ID payload for an IKE authentication response (IKE_AUTH_RESP) message. By distinguishing the IKEv2 error type, the UE can determine whether the error is a temporary or a permanent type and can determine whether to attempt to connect again to the first ePDG after a period of time or attempt to connect to another ePDG, which can help to reduce unnecessary signaling and provide better connectivity and user experience. | 2016-05-05 |
| 20160127372 | HIERARCHICAL AUTHENTICATION AND AUTHORIZATION SYSTEM - A method for controlling access to a system for supporting home control activities includes hierarchical authorization of the user. Access in an online mode, in which there is a connection between a central platform and a home control device, is granted by the central platform, in particular user rights are derived, and the user only has the right of access to the home control device if the right of access to the central platform is in place. In an offline mode, rights stored locally on the home control device control access. Access to the applications is granted by the home control device, in particular application-specific user rights are derived, and a user only has the right of access to the applications if the right of access to both the home control device and also to the central platform is in place. | 2016-05-05 |
| 20160127373 | AUTOMATIC CONNECTED VEHICLE DEMONSTRATION PROCESS - The present invention is directed toward an automatic connected vehicle demonstration method and system for automatically designating any registered vehicle as a demonstrator vehicle, and further allowing for the demonstrator vehicle to also have one or more subscription-based events based on demonstrator vehicle status. In one more embodiments, a computer implemented method provides for registering, deregistering, and managing a dealer's inventory of demonstration vehicles. | 2016-05-05 |
| 20160127374 | Using Third Party Information To Improve Predictive Strength for Authentications - Embodiments of the present invention are directed to methods and systems for utilizing the history of previous authentications and authorizations related to third party computers, as factors in determining whether a current request for accessing a resource should be authorized. A processor server computer, in determining whether to authorize access to the resource, may generate and send a query message to one or more of the third party computers to obtain authorization activity that the third party computers may have regarding a user and/or a device associated with the request. The processor server computer may use the authorization activity from the third party computers in determining whether the request is an authentic request and that the request should be authorized. | 2016-05-05 |
| 20160127375 | METHOD AND APPARATUS FOR SECURE WIRELESS SHARING - A method for generating a secure one-time network for a new device includes receiving an instruction at an access point for generation of a one-time network. A wireless network adapter is configured by the access point when connected to the access point. The wireless network adapter is moved to the new device and the one-time network is activated by the access point. The new device uses the wireless network adapter to access the resources of the access point via the one-time network. Access to the one-time network via the wireless adapter is performed without exposing any network keys to the user of the new device. | 2016-05-05 |
| 20160127376 | METHOD, SYSTEM AND APPARATUS FOR NETWORK MANAGEMENT BASED ON BUSINESS RELATIONSHIP INFORMATION - A method for providing a dynamic business network and data management service system includes defining an account for a co-operation organization for accessing the dynamic business network and data network management service system. At least one co-operation organization is defined having at least one co-operation relation, wherein the co-operation relation is associated with at least two accounts. Business relationship information is defined based on the co-operation relation. The business relationship information is maintained in a system server, wherein the business relationship information has inbound information and outbound information associated to the at least two accounts. A set of context centric applications is provided accessible for the at least two accounts over a network and configured to operate on the business relationship information associated to the at least two accounts. Each context centric application is configured to generate at least one data entity and dynamically share the at least one data entity using at least one context centric application for the at least two accounts. | 2016-05-05 |
| 20160127377 | POLICY PARTIAL RESULTS - Technology for policies with reduced associated costs is disclosed. A policy may include an ordered rule set. When evaluated, the highest priority rule in the order that does not skip may control the policy outcome. Rules within a policy may have associated costs, such as data fetch and evaluation costs. In some contexts, it may be less important to evaluate every rule than to evaluate the policy quickly. Reduced policies that have one or more rules removed or that skip evaluation of some rules may be created for these contexts. When a rule of a policy is skipped, it may result in a possibility of a false allow or false deny. In some cases, rules may be duplicative. Removal or skipping of duplicative rules does not increase the possibility of a false allow or false deny. By using reduced policies in identified contexts, policy evaluation costs may be reduced. | 2016-05-05 |
| 20160127378 | INTERNET ACCESS AUTHORIZATION AND REGULATION SYSTEMS AND METHODS FOR CONTROLLED ENVIRONMENT OF AN INSTITUTIONAL FACILITY - Access and regulations systems to facilitate safe and secure access of web content by residents of an institutional facility such as a correctional facility includes an administrator workstation to define authorized and prohibited web content and associated secondary restrictions, a resident workstation displaying on a predetermined list of web content, and a server receiving and processing the authorized and prohibited web content and requests made by institutional residents. | 2016-05-05 |
| 20160127379 | SUPERVISED ONLINE IDENTITY - Technologies to facilitate supervision of an online identify include a gateway server to facilitate and monitor access to an online service by a user of a “child” client computer device. The gateway server may include an identity manager to receive a request for access to the online service from the client computing device, retrieve access information to the online service, and facilitate access to the online service for the client computing device using the access information. The access information is kept confidential from the user. The gateway server may also include an activity monitor module to control activity between the client computing device and the online service based on the set of policy rules of a policy database. The gateway server may transmit notifications of such activity to a “parental” client computing device for review and/or approval, which also may be used to update the policy database. | 2016-05-05 |
| 20160127380 | SYSTEM AND METHOD TO VERIFY PREDETERMINED ACTIONS BY A COMPUTER ON A NETWORK - A system, a method, and a computer program for identifying a device on a network that participates in communication sessions, where the device may rotate its IP address between communication sessions. A plurality of unauthorized communication sessions that are carried out on different IP addresses are captured, stored, and analyzed to determine whether the same device was used during the communication sessions. The communication sessions may be analyzed to verify whether a predetermined file was downloaded, uploaded, or otherwise offered for copying, sharing or distribution. | 2016-05-05 |
| 20160127381 | NETWORK CONNECTION METHOD, HOTSPOT TERMINAL AND MANAGEMENT TERMINAL - Embodiments of the disclosure provide a network connection method, a hotspot terminal, and a management terminal. A hotspot terminal receives an Internet access request sent by a mobile terminal. The hotspot terminal sends an input request to the mobile terminal according to the received Internet access request. The hotspot terminal receives user identity information sent by the mobile terminal. The hotspot terminal receives a permission confirmation instruction that is entered by an administrator according to the user identity information. The hotspot terminal determines Internet access permission of the mobile terminal according to the received permission confirmation instruction. According to the network connection method provided in the embodiments of the disclosure, a problem where a process in which a mobile terminal logs in to a remote network by using a hotspot terminal becomes tedious and complex is resolved. | 2016-05-05 |
| 20160127382 | DETERMINING VARIABLE WAIT TIME IN AN ASYNCHRONOUS CALL-BACK SYSTEM BASED ON CALCULATED AVERAGE SUB-QUEUE WAIT TIME - A method includes a workload management (WLM) server that receives a first CHECK WORKLOAD command for a workload in a queue of the WLM server. It may be determined whether the workload is ready to run on a WLM client. If the workload is not ready to run, a wait time for the workload with the WLM server is dynamically estimated. The wait time is sent to the WLM client. If the workload is ready to run, then a response is sent to the WLM client that workload is ready to run. | 2016-05-05 |
| 20160127383 | AGGREGATE SERVICE WITH FILE SHARING - One embodiment provides a method, including: sending, from a device, input from a user requesting access to data retrievable by an aggregate service device; sending, from the device, input from the user selecting, from the aggregate service device, a selection of data; and sending a distribution command; wherein the distribution command comprises information related to distributing a pointer indicating the selection of data. | 2016-05-05 |
| 20160127384 | METHOD AND SYSTEM FOR GEOLOCATION VERIFICATION OF RESOURCES - A method of geolocation verification, including obtaining the geolocation of an operating system, generating a unique system ID for an installed operating system, and transmitting the geolocation of the operating system and a system ID to a data repository. The method further includes receiving a request to either initiate deployment of, or grant access to, a computer object associated with the operating system, identifying if the computer object requires geolocation verification, then identifying an object ID associated with the computer object and communicating each of the object ID, the geolocation of the operating system, and the system ID, to a domain controller for assessment. The method also includes searching the data repository to identify one or more geolocation object resource claims associated with the object ID, and comparing the geolocation resource claims with the communicated geolocation of the operating system. | 2016-05-05 |
| 20160127385 | METHOD AND APPARATUS FOR SYNCHRONIZING AN ADAPTABLE SECURITY LEVEL IN AN ELECTRONIC COMMUNICATION - A method of communicating in a secure communication system, comprises the steps of assembling as message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient. | 2016-05-05 |
| 20160127386 | Restricting Communications Between Subscriber Machines - A method of transferring information between subscribers associated with a communication service is disclosed. The method includes receiving a first handle address associated with a first subscriber device, in which the first subscriber device transfers information to a group of subscriber devices, each of the group of subscriber devices is linked to different handle addresses, and each of the different handle addresses is included in a group of handle addresses. The method also includes determining whether the first handle address is included in the group of handle addresses, transferring information from the first subscriber device to the group of subscriber devices in response to the first handle address being included in the group of handle addresses, and verifying that the transferred information was received by the group of subscriber devices. A corresponding system and computer-readable device are also disclosed. | 2016-05-05 |
| 20160127387 | Method for Combining Multiple Signal Values in the Dendritic Cell Algorithm - Artificial Immune Systems (AIS) including the Dendritic Cell Algorithm (DCA) are an emerging method to detect malware in computer systems. A DCA module may receive an output or signal from multiple indicators concerning the state of at least a portion of the system. The DCA module is configured to combine the plurality of signals into a single signal vector. The DCA module may be configured to sort the received signals based on signal type and magnitude of each signal. The DCA module may then use a decay factor to weight the received signals so that a large number of “nominal” signals do not drown out a small number of “strong” signals indicating a malware attack. The decay factor may be exponentially increased each time it is applied so that all received signals are considered by the DCA module, but so that the “nominal” signals may have a minimal effect. | 2016-05-05 |
| 20160127388 | SIMILARITY SEARCH AND MALWARE PRIORITIZATION - Methods, system, and media for determining similar malware samples are disclosed. Two or more malware samples are received and analyzed to extract information from the two or more malware samples. The extracted information is converted to a plurality of sets of strings. A similarity between the two or more malware samples is determined based on the plurality of the sets of strings. | 2016-05-05 |
| 20160127389 | PREVENTING URL CONFUSION ATTACKS - Methods and apparatus are disclosed for detecting illegitimate or spoofed links on a web page. Illegitimate links can be detected by receiving a web link that includes link text and a link address, generating normalized link text based upon the link text, wherein characters in the link text that are visually similar are represented by a single normalized character identifier in the normalized text, determining whether the normalized link text is in the format of a link address, and determining that the text is safe when the normalized link text is not in the format of a link address. The techniques disclosed herein further involve determining whether the normalized link text matches the link address, determining that the text is safe when the normalized link text matches the link address, and determining that the text is unsafe when the normalized link text does not match the link address. | 2016-05-05 |
| 20160127390 | METHOD AND APPARATUS FOR DETECTING PORT SCANS IN A NETWORK - A method and an apparatus for detecting a port scan in a network are disclosed. For example, the method extracts statistics from a message, detects the port scan for a source internet protocol address, determines whether a port scan record exists for the source internet protocol address, creates a port scan record for the source internet protocol address that is extracted when the port scan record does not exist, determines an elapsed time when the port scan record does exist, wherein the elapsed time is determined as a difference between the time stamp that is extracted and a recorded time stamp, sets the recorded time stamp to be the extracted time stamp when the elapsed time is less than an intra-scan time, and determines the port scan has ended for the source internet protocol address when the elapsed time is not less than the intra-scan time. | 2016-05-05 |
| 20160127391 | ENTERPRISE INTRUSION DETECTION AND REMEDIATION - Events are securely packaged and transmitted from peripherals of terminals and from secure input/out modules (SIOMs) of terminals. The events are collected and mined in real time for security risk patterns and dynamic remedial actions are pushed back down to the terminals, peripherals, and SIOMs. | 2016-05-05 |
| 20160127392 | ELECTROMAGNETIC SIGNATURE ANALYSIS FOR THREAT DETECTION IN A WIRELESS ENVIRONMENT OF EMBEDDED COMPUTING DEVICES - Systems and methods can support detecting and identifying threats associated with wireless devices. A radio receiver can collect radio frequency signals from one or more sensor antennas positioned within an electromagnetic environment. The receiver can generate data samples representing at least a portion of the radio frequency signals. Feature vectors can be generated comprising at least a portion of the data samples and attribute information. The attribute information can describe one or more features of a communicated signal within the radio frequency signals. Content of the feature vectors may be compared against signatures of known signals to identify radio frequency signals associated with a wireless attack. Content of the feature vectors may be compared against templates of known attacks to classify the identified wireless attacks. Threat information associated with the wireless attacks may be presented to one or more operator interfaces. | 2016-05-05 |
| 20160127393 | Electronic Message Analysis For Malware Detection - An electronic message is analyzed for malware contained in the message. Text of an electronic message may be analyzed to detect and process malware content in the electronic message itself. The present technology may analyze an electronic message and attachments to electronic messages to detect a uniform resource location (URL), identify whether the URL is suspicious, and analyze all suspicious URLs to determine if they are malware. The analysis may include re-playing the suspicious URL in a virtual environment which simulates the intended computing device to receive the electronic message. If the re-played URL is determined to be malicious, the malicious URL is added to a black list which is updated throughout the computer system. | 2016-05-05 |
| 20160127394 | Action Response Framework for Data Security Incidents - An incident manager application (IM) for responding to data security incidents in enterprise networks is disclosed. An IM tracks the incidents in an enterprise network by storing incident objects and incident artifact (IA) metadata created for the incidents, where the incident objects and IAs include information concerning the incidents. Incident response team (IRT) personnel of the enterprise networks can define action conditions within the IM that are associated with the incident objects. When the information within the incident objects and/or IAs meets the defined action conditions, the IM includes the objects that cause the action conditions to be satisfied in messages. Devices such as user account databases and configuration servers within the enterprise network can then download the messages and execute actions that reference the objects extracted from the downloaded messages to implement a response to the incidents. | 2016-05-05 |
| 20160127395 | System and method for network intrusion detection of covert channels based on off-line network traffic - A network intrusion detection system and method is configured to receive off-line network traffic. The off-line network traffic with a predefined format, PCAP file, is capable of indicating existence of a plurality of covert channels associated with a corresponding plurality of covert channel signatures. Each covert channel comprises a tool that communicates messages by deviating from a standard protocol to avoid detection. A plurality of covert channel processors are configured to analyze off-line network traffic. The analysis determines whether the off-line network traffic deviates from the standard protocol based on one or more covert channel signatures. The covert channels are employed in at least one standard layer of the standard protocol stack and the off-line network data traffic comprises at least one standard protocol stack having multiple standard layers. | 2016-05-05 |
| 20160127396 | INFORMATION PROCESSING APPARATUS AND IDENTIFYING METHOD - An information processing apparatus includes an adding unit and an identifying unit. The adding unit adds, to data received from a communication destination device by a program to be analyzed, a tag, by which the communication destination device is identifiable. If the tag has been added to data executed by a new program when an activation of or an activation reservation for the new program is detected, the identifying unit identifies the communication destination device identified by the tag. | 2016-05-05 |
| 20160127397 | SYSTEMS, DEVICES, AND METHODS FOR SEPARATING MALWARE AND BACKGROUND EVENTS - Embodiments relate to systems, devices, and computing-implemented methods for separating malware and background events to classify malware based on traffic data by receiving the traffic data that includes malware events and background noise, converting the traffic data into a feature vector, performing a signal processing algorithm on the feature vector to separate the malware events from the background noise, where the signal processing algorithm is associated with a malware family, determining a score for the malware events using a malware classification algorithm associated with the malware family, and applying a label associated with the malware family to the traffic data based on the score to classify the traffic data. Additionally, the malware application can be contained, removed, and/or the effects of a malware application can be neutralized based on the classification. | 2016-05-05 |
| 20160127398 | Apparatus and Method for Efficient Identification of Code Similarity - A method for identifying similarity between query samples and stored samples in an efficiently maintained reference library may include receiving a first threshold and a second threshold, receiving a plurality of binary reference samples, and processing each reference sample of the plurality of reference samples. The processing may include operations of assigning each reference sample a respective unique identifier, producing a reference sample fingerprint for each reference sample, and registering each respective unique identifier to reference sample fingerprint pair in a reference library. The registering may include scoring the reference sample fingerprint with each previously stored fingerprint in the reference library to produce a first matching score, if the first matching score meets or exceeds the first threshold for a previously stored fingerprint, determining the reference sample fingerprint to be a duplicate of the previously stored fingerprint and recording only a unique identifier associated with the reference sample fingerprint in the reference library where the unique identifier is marked as a duplicate of the previously stored fingerprint, and otherwise, if the first matching score is less than the first threshold, storing a corresponding reference sample unique identifier to reference sample fingerprint pair in the reference library. The method may further include receiving a binary query sample and processing the binary query sample via operations including producing a query sample fingerprint from the binary query sample, scoring the query sample fingerprint with each previously stored fingerprint in the reference library to produce a second matching score, and for each previously stored fingerprint for which the second matching score meets or exceeds the second threshold, reporting a corresponding reference sample unique identifier associated with the previously stored fingerprint and the second matching score. | 2016-05-05 |
| 20160127399 | Malicious Message Detection and Processing - Malicious message detection and processing systems and methods are provided herein. According to various embodiments, a method includes detecting, via an intermediary node, a link included in a message, the link being associated with an unknown resource, hashing a unique identifier for a recipient of the message, coupling the hashed identifier with the link, creating an updated link and updated message, and forwarding the updated message to the recipient. | 2016-05-05 |
| 20160127400 | MANAGING INFECTIOUS FORWARDED MESSAGES - Systems and methods for managing forwarded infectious messages are provided. Managing electronic message comprises receiving a message, forwarding the message, determining that the forwarded message is infectious after the message has been forwarded and preventing the infectious forwarded message from spreading. | 2016-05-05 |
| 20160127401 | CAPTURE TRIGGERS FOR CAPTURING NETWORK DATA - The disclosed embodiments provide a system that facilitates the processing of network data. During operation, the system provides a risk-identification mechanism for identifying a security risk from time-series event data generated from network packets captured by one or more remote capture agents distributed across a network. Next, the system provides a capture trigger for generating additional time-series event data from the network packets on the one or more remote capture agents based on the security risk, wherein the additional time-series event data includes one or more event attributes. | 2016-05-05 |
| 20160127402 | METHOD AND APPARATUS FOR IDENTIFYING AND DETECTING THREATS TO AN ENTERPRISE OR E-COMMERCE SYSTEM - Methods and apparatuses for identifying and detecting threats to an enterprise or e-commerce system are disclosed, including grouping log lines belonging to one or more log line parameters from one or more enterprise or e-commerce system data sources and/or from incoming data traffic to the enterprise or e-commerce system; extracting one or more features from the grouped log lines into one or more features tables; using one or more statistical models on the one or more features tables to identify statistical outliers; labeling the statistical outliers to create one or more labeled features tables; using the one or more labeled features tables to create one or more rules for identifying threats to the enterprise or e-commerce system; and using the one or more rules on incoming enterprise or e-commerce system data traffic to detect threats to the enterprise or e-commerce system. Other embodiments are described and claimed. | 2016-05-05 |
