39th week of 2018 patent applcation highlights part 54 |
Patent application number | Title | Published |
20180276317 | ADAPTIVE BUG-SEARCH DEPTH FOR SIMPLE AND DEEP COUNTEREXAMPLES - Aspects of the present invention include methods, systems and computer program products. The method includes a processor providing a netlist indicative of connectivity and functional states of components of an integrated circuit design; iteratively searching through the netlist at a selected depth to locate errors within the netlist by a plurality of trials, each of the plurality of trials having a plurality of iterations; adaptively adjusting the selected depth depending on any errors within the netlist being located, the selected depth increasing over time from an initial value as between the plurality of iterations; and adaptively adjusting an amount of coverage of the netlist depending on any errors within the netlist being located, the amount of coverage of the netlist decreasing over time from an initial amount as between the plurality of iterations. | 2018-09-27 |
20180276318 | ADAPTIVE BUG-SEARCH DEPTH FOR SIMPLE AND DEEP COUNTEREXAMPLES - Aspects of the present invention include methods, systems and computer program products. The method includes a processor providing a netlist indicative of connectivity and functional states of components of an integrated circuit design; iteratively searching through the netlist at a selected depth to locate errors within the netlist by a plurality of trials, each of the plurality of trials having a plurality of iterations; adaptively adjusting the selected depth depending on any errors within the netlist being located, the selected depth increasing over time from an initial value as between the plurality of iterations; and adaptively adjusting an amount of coverage of the netlist depending on any errors within the netlist being located, the amount of coverage of the netlist decreasing over time from an initial amount as between the plurality of iterations. | 2018-09-27 |
20180276319 | Method and Apparatus for Checking Constructability of a Building Information Model - A system for determining constructability of a building project comprises a processor to execute software instructions, a storage device accessible by the processor in which to store a database, the database to store therein a building products information model (PIM), the PIM comprising a first plurality of building products, the database further to store therein a building information model (BIM) for the building project, wherein the BIM comprises a second plurality of building products. A user interface (UI) via receives input from a user and transmits output to a user according to software instructions executed by the processor. In one embodiment, software instructions executed by the processor cause the system to receive input from a user via the UI to select the BIM, search the PIM for at least one of the second plurality of building products in the BIM, and replace the at least one of the second plurality of building products in the BIM with one or more of the first plurality of building products in the PIM, responsive to the search of the | 2018-09-27 |
20180276320 | SYSTEMS AND METHODS FOR GENERATING MULTI-FUNCTIONAL ARCHITECTURAL DESIGN FOR FACILITATING INTER-ENVIRONMENTAL ARCHITECTURE IMPLEMENTATION - Systems and methods for generating multi-functional architectural design to facilitate an inter-environmental architecture implementation in a computing device. The traditional systems and methods consider a single architecture technique as a collection of activities and do not semantically support the process of architecting. Embodiment of the present disclosure provide for generating the multi-functional architectural design to facilitate the inter-environmental architecture implementation by defining a plurality of architectural components, gathering a set of unstructured architectural problems, transforming the set of unstructured architectural problems into a set of structured architectural information, performing an analysis of a set of architectural solutions, formulating, by an architecture technique | 2018-09-27 |
20180276321 | METHOD AND APPARATUS FOR TESTING DESIGN OF SATELLITE WIRING HARNESS AND SIGNAL PROCESSING UNITS - A method of testing designs of wiring harnesses includes generating a virtual electrical system including virtual wiring harnesses that interconnect virtual modules of communications circuitry including signal sources and signal destinations. The method also includes testing signal pathways and thereby the virtual wiring harnesses. The testing includes generating a simulated signal that is input to a specific electrical connection at a signal source and routed through a signal pathway to a specific electrical connection to a signal destination. The testing includes verifying receipt of the simulated signal by the specific electrical connections via the signal pathway. And in an instance in which receipt is not verified, the testing includes identifying a particular electrical connection at which an error occurred in the receipt of the simulated signal, and a particular virtual wiring harness and a particular virtual module respectively connected to and including the particular electrical connection. | 2018-09-27 |
20180276322 | FAILURE DIAGNOSIS APPARATUS, MONITORING APPARATUS, FAILURE DIAGNOSIS METHOD AND RECORDING MEDIUM - In one embodiment, a failure diagnosis apparatus includes a simulation module configured to simulate a target device to output virtual measured data obtained when the target device is in at least any one of one or more failure modes. The apparatus further includes a measured data obtaining module configured to obtain measured data that is measured from the target device. The apparatus further includes a failure mode identifying module configured to identify a failure mode of the target device based on the virtual measured data and the measured data. | 2018-09-27 |
20180276323 | Automation Facility and Method for Operating the Automation Facility - A method for operating an automation facility, wherein and to an the automation facility includes a simulation server, which has a simulation framework for simulation of the process behavior of sensors and/or actuators in accordance with a simulation model, where a large number of simulation models is stored in the simulation server, which can be loaded into the simulation framework, includes a simulation interface for simulating the communication behavior of the sensors and/or actuators and for connecting the modelled process behavior to a controller, and includes an operator system for process control and process operation such that it becomes possible to verify, in a simplified manner within the context of what is known as a “Factory Acceptance Test” (FAT) during the test or during the verification of functionality, whether testing was performed with the simulation models provided for this purpose. | 2018-09-27 |
20180276324 | SYSTEM AND METHOD FOR ENERGY USAGE ACCOUNTING IN SOFTWARE APPLICATIONS - A method for generating an energy usage profile for a software program executed in a computing device includes generating a call trace of an executed system call, identifying a first power consumption and duration of a first power state due to the first system call using a model, identifying a second power consumption and duration of a second power state based on the model, and generating an energy usage profile for the software program. The energy usage profile includes energy consumption of the computing device for the system call based on the first power consumption level multiplied by the first duration and the second power consumption level multiplied by the second duration associated an identifier for the call trace. | 2018-09-27 |
20180276325 | Consumer Performance Index Scoring for Websites and Web-Based Applications - A computer implemented method creating a benchmark for consumer satisfaction of website or web application performance includes aggregating real user measurement (RUM) data captured from devices of users during sessions on a website or web application, the RUM data including a landing page load time of each user and whether a bounce occurred. The probability that each tenant will bounce is then modeled. Next, an ordered discrete set of lethal dose (LD) values is calculated and the tenants are then filtered for erroneousness. An ordered set of mean LD values is calculated, and that set is reduced to exactly 10 | 2018-09-27 |
20180276326 | SENSOR DATA ANOMALY DETECTOR - Methods and systems are provided that are effective to generate an alarm for a vehicle. The methods include receiving, by a device, a first sensor value from a first sensor for the vehicle. The methods further include receiving, by the device, a second sensor value from a second sensor for the vehicle. The methods further include retrieving, by the device, an instruction from a memory disposed in the vehicle while the memory is in a write-protected mode. The methods further include evaluating, by the device, the first sensor value and the second sensor value based on the instruction. The methods further include determining, by the device, that the first sensor value is outside a range associated with the first sensor based on the evaluation. The methods further include transforming, by the device, the determination into an alarm. | 2018-09-27 |
20180276327 | IGBT MODELING METHOD AND CIRCUIT SIMULATION METHOD - An IGBT modeling method includes creating piece-wise line functions describing a collector-emitter voltage v | 2018-09-27 |
20180276328 | EQUIVALENT CIRCUIT CONSTRUCTION METHOD, SIMULATION METHOD AND SIMULATION DEVICE - An equivalent circuit is capable of, while having a simple configuration, accurately expressing a superposition characteristic and having excellent practicality and workability. A current sensor and a voltage source are connected in series between external terminals of an equivalent circuit. A reference state element having an impedance forms a closed loop with a current source. A current flowing through the equivalent circuit and detected by the current sensor is reproduced by the current source and then applied to the reference state element, so that a potential difference is generated across the reference state element. A voltage obtained by multiplying the potential difference by a correction coefficient is outputted by the voltage source. By setting the correction coefficient to be dependent on the current or an inter-terminal voltage, the impedance represented by the equivalent circuit can be reproduced as a characteristic dependent on the current I or the inter-terminal voltage. | 2018-09-27 |
20180276329 | COMPONENT POSITION DETECTION METHOD AND INFORMATION PROCESSING APPARATUS - A non-transitory, computer-readable recording medium having stored therein a program for causing a computer to execute a process that includes: setting a starting point and a target component on a circuit of a circuit diagram; tracing lines based on connection relationship of a component located between the starting point and the target component; counting the number of lines between the starting point and the target component; determining positional relationship of components based on the counted number of the lines; and outputting information that the positional relationship is inappropriate when determination result indicates that the positional relationship is inappropriate. | 2018-09-27 |
20180276330 | INFORMATION PROCESSING APPARATUS, DESIGN SUPPORT METHOD, AND NON-TRANSITORY COMPUTER-READABLE RECORDING MEDIUM FOR RECORDING DESIGN SUPPORT PROGRAM - An information processing apparatus: calculates, for each part at a first time point, a first priority determination value for a first priority based on a first shortest distance between a first viewpoint and the parts and a first projection distance between a first screen center at the first time point and the parts; calculates, for each part at a second time point, a second priority determination value for a second priority based on a second shortest distance between the first viewpoint and the parts and a second projection distance between a second screen center at the second time point and the parts; calculates a third priority determination value by replacing the first view point with viewpoint candidates; selects a new first viewpoint among the first viewpoint and the viewpoint candidates; and reproduces an image of the parts at the first time point as viewed from the new viewpoint. | 2018-09-27 |
20180276331 | METHOD AND APPARATUS FOR TESTING RF PERFORMANCE OF A SATELLITE WIRING HARNESS AND SIGNAL PROCESSING UNITS - A method of testing a design of a satellite payload transponder with modules of radio frequency (RF) communications circuitry includes executing a modeling application for establishing a modeling environment for generating a virtual satellite payload transponder and virtual test equipment. The virtual satellite payload transponder has virtual modules of RF communications circuitry, with functionality equivalent to that of the satellite payload transponder with modules of RF communications circuitry. The virtual test equipment has functionality equivalent to that of physical test equipment in conjunction with modular test system software. The modeling environment establishes an executable block diagram for performing a simulation of executed satellite payload transponder command, RF signal performance and telemetry response testing, utilizing a given version of the modular test system software corresponding to the modules of RF communications circuitry of the design of the satellite payload transponder. | 2018-09-27 |
20180276332 | SYNTHETIC MULTIPLETS FOR MULTIPLETS DETERMINATION - Disclosed herein include methods and systems for identifying multiplet expression profiles. A plurality of synthetic multiplet expression profiles can be generated from a plurality of expression profiles. An expression profile can be identified as an expression for a singlet or a multiplet using a machine learning model trained using the plurality of synthetic multiplet (e.g., doublet) expression profiles. | 2018-09-27 |
20180276333 | CONVOLUTIONAL ARTIFICIAL NEURAL NETWORKS, SYSTEMS AND METHODS OF USE - The present application discloses an image-based computational and genetic framework for creating and using maps of genetic features which can be used to identify genetic features associated with a defined characteristic. | 2018-09-27 |
20180276334 | Gene test platform method - A gene test platform method gives a recommendation based on a test result to a subject and comprises steps of a subject's test result in a gene test being input to a supporting advice module; the supporting advice module producing a therapeutic formula combination which is correlated with significant genetic data as per the test result and transmitted to a gene test user interface; the gene test user interface displaying the recommended therapeutic formula combination to a subject and further comprising a feedback interface through which a subject raises any question or sends any feedback immediately. | 2018-09-27 |
20180276335 | SYSTEMS AND METHODS FOR DETECTING STRUCTURAL VARIANTS - Systems and method for identifying long deletions can obtain sequencing information for a plurality of amplicons in and around a potential region from a nucleic acid sample. The sequencing information can include a plurality of reads that can be mapped to a reference sequence. Using information, such as where reads map to a reference sequence and relative abundance of reads for the amplicons, structural variants can be identified and a determination can be made if the nucleic acid sample is homozygous or heterozygous for the structural variant. | 2018-09-27 |
20180276336 | Methods Of Associating Genetic Variants With A Clinical Outcome In Patients Suffering From Age-Related Macular Degeneration Treated With Anti-VEFG - Disclosed herein are methods and compositions for associating a genetic variant with intraretinal fluid. Also disclosed herein are methods and compositions for associating a genetic variant with visual acuity, anatomic outcomes or treatment frequency. | 2018-09-27 |
20180276337 | Method for identifying radiation induced genes and long non-coding RNAs and Application Thereof - The present invention provides a method for identifying radiation induced genes and long non-coding RNAs and its application thereof, the method comprises the steps of: (1). Provide expression values of genes and long non-coding RNAs; (2). Execute weighted gene correlation network analysis (WGCNA) by a computer system to calculate Pearson correlation coefficients of pairs of the genes and long non-coding RNAs based on the expression values of the genes and long non-coding RNAs; and (3). Perform a screening step by the computer system to identify radiation induced genes and long non-coding RNAs based on the Pearson correlation coefficients of the pairs of the genes and long non-coding RNAs with a value more than 0.75. | 2018-09-27 |
20180276338 | Systems and Methods for Identifying Exon Junctions from Single Reads - Systems and methods are used to identify an exon junction from a single read of a transcript. A transcript sample is interrogated and a read sequence is produced using a nucleic acid sequencer. A first exon sequence and a second exon sequence are obtained using the processor. The first exon sequence is mapped to a prefix of the read sequence using the processor. The second exon sequence is mapped to a suffix of the read sequence using the processor. A sum of a number of sequence elements of the first exon sequence that overlap the prefix of the read sequence, of a number of sequence elements of the second exon sequence that overlap the suffix of the read sequence, and of a constant is calculated using the processor. If the sum equals a length of the read sequence, a junction is identified in the read using the processor. | 2018-09-27 |
20180276339 | SYSTEM AND METHOD FOR ALGORITHMIC EXTRACELLULAR VESICLE POPULATION DISCOVERY AND CHARACTERIZATION - Methods and systems for extracellular vesicle characterization are provided herein. Embodiments of the methods include inputting measured physical, biological, or chemical aspects of extracted extracellular vesicles. Next, an information architecture that characterizes relationships between biological entities and diseases in humans or other vertebrates is generated. Then, relationships between the measured physical, biological, or chemical aspects of the isolated extracellular vesicles with the information architecture are automatically inferred, thereby characterizing extracellular vesicles. | 2018-09-27 |
20180276340 | SYSTEM AND METHOD FOR DRUG TARGET AND BIOMARKER DISCOVERY AND DIAGNOSIS USING A MULTIDIMENSIONAL MULTISCALE MODULE MAP - A new method and system can be implemented to identify, analyze and display hierarchies of condition-specific gene, network or pathway activities or aberrations. Methods are also presented related to biomarker and drug-target identification and diagnosing new patients or samples with diseases or disease subtypes. Further, methods are presented related to predicting patient survival or response to treatment. Finally, methods are presented that can provide information of biological agricultural or medical interest. Methods provided herein include methods of making a multidimensional multiscale module map for identifying, analyzing and displaying hierarchies of network or pathway activities, the multidimensional multiscale map, and systems for discussing genomic features of a subject or sample with the multiscale module map. | 2018-09-27 |
20180276341 | SECURE PERSON IDENTIFICATION AND TOKENIZED INFORMATION SHARING - Systems and methods for accessing patient data include, in response to a request for consent for a medical professional to access patient data of a patient, receiving a request from the patient for a token validating an identity of the patient. The token is transmitted to the patient. The consent is received from the patient with data access attributes using the token. The data access attributes include an expiration time associated with the consent and a granular level of access defining one or more subsets of the patient data the medical professional is authorized to access. A notification is transmitted to a communication address associated with the medical professional. The notification indicates that the medical professional is authorized to access the patient data in accordance with the data access attributes. | 2018-09-27 |
20180276342 | Scalable and Traceable Healthcare Analytics Management - A mechanism is provided in a data processing system comprising at least one processor and at least one memory, the at least one memory comprising instructions executed by the at least one processor to cause the at least one processor to implement a healthcare analytics management system. A healthcare analytics development sub-system of the healthcare analytics management system develops an analytics pipeline of a set of analytics assets for a selected healthcare based on a set of business needs for a healthcare analytics client and a healthcare analytics model based on the set of analytics assets and the set of business needs. The healthcare analytics model links to the analytics pipeline. A model deployment module of a healthcare analytics operation sub-system of the healthcare analytics management system deploys the healthcare analytics model on a set of computing devices of the selected healthcare consumer. Responsive to a model monitoring module of the healthcare analytics operation sub-system detecting a performance deviation of the deployed healthcare analytics model for performance deviation from the set of business needs for the healthcare analytics client, a model feedback module of the healthcare analytics operation sub-system determines improvement needs for the healthcare analytics model. The model feedback module feeds the improvement needs back to the healthcare analytics development sub-system. The healthcare analytics development sub-system customizes the healthcare analytics model based on the improvement needs | 2018-09-27 |
20180276343 | Scalable and Traceable Healthcare Analytics Management - A mechanism is provided in a data processing system comprising at least one processor and at least one memory, the at least one memory comprising instructions executed by the at least one processor to cause the at least one processor to implement a healthcare analytics management system. A healthcare analytics development sub-system of the healthcare analytics management system develops an analytics pipeline of a set of analytics assets for a selected healthcare based on a set of business needs for a healthcare analytics client and a healthcare analytics model based on the set of analytics assets and the set of business needs. The healthcare analytics model links to the analytics pipeline. A model deployment module of a healthcare analytics operation sub-system of the healthcare analytics management system deploys the healthcare analytics model on a set of computing devices of the selected healthcare consumer. Responsive to a model monitoring module of the healthcare analytics operation sub-system detecting a performance deviation of the deployed healthcare analytics model for performance deviation from the set of business needs for the healthcare analytics client, a model feedback module of the healthcare analytics operation sub-system determines improvement needs for the healthcare analytics model. The model feedback module feeds the improvement needs back to the healthcare analytics development sub-system. The healthcare analytics development sub-system customizes the healthcare analytics model based on the improvement needs | 2018-09-27 |
20180276344 | CONFLICTING NOMENCLATURE RECONCILIATION SYSTEM - A system and method for reconciling conflicting identifiers from a first entity and a second entity is disclosed. The first entity and the second entity may be associated with a contract for goods to be delivered to an address of an organization. The system and method may include receiving, from the first entity via a first user interface or the second entity via a second user interface, respective files including respective identifiers. The system and method may include updating, in a database, an entry associated with the organization based on the received identifiers such that an organization address identifier assigned by the first entity is associated with an account identifier assigned by the second entity. | 2018-09-27 |
20180276345 | SYSTEM AND METHOD TO MONITOR MENTAL HEALTH IMPLICATIONS OF UNHEALTHY BEHAVIOR AND OPTIMIZE MENTAL AND PHYSICAL HEALTH VIA A MOBILE DEVICE - A method including: receiving physiological and external data of a user; predicting that the user is gravitating towards an undesirable mental state based on the physiological and external data; and providing the user with an ameliorative action in response to the prediction that the user is gravitating towards the undesirable mental state. | 2018-09-27 |
20180276346 | Networks For Organic Reactions And Compounds - A method for analyzing a collection of organic chemical reactions and compounds reported in the literature in the form of a complex network in either a normal, one-mode graph or a bipartite graph is disclosed. Also disclosed are methods, algorithms, computer-readable storage mediums and other applications derived from the analysis of this graph/network theory. | 2018-09-27 |
20180276347 | Processing method and processing apparatus for efficacy of combined drug - Provided are a processing method and a processing apparatus for efficacy of a combined drug. The processing method includes: obtaining dose-effect curve band of expected additive effect of the combined drug; obtaining actual dose-effect relationship curve formed by actual effect value of the combined drug with a dose change of one target component drug in the combined drug; comparing a positional relationship between the actual dose-effect relationship curve and the dose-effect curve band; and outputting the efficacy of the combined drug as a synergistic effect when the actual dose-effect relationship curve is located above the dose-effect curve band, outputting the efficacy of the combined drug as an antagonistic effect when the actual dose-effect relationship curve is located below the dose-effect curve band, and outputting the efficacy of the combined drug as an additive effect when the actual dose-effect relationship curve is located within a range of the dose-effect curve band. | 2018-09-27 |
20180276348 | PRODUCING CHEMICAL FORMULATIONS WITH COGNITIVE COMPUTING - A cognitive computing system for producing chemical formulations, in some embodiments, comprises: neurosynaptic processing logic; and one or more information repositories accessible to the neurosynaptic processing logic, said one or more repositories storing resources, wherein the neurosynaptic processing logic determines a first chemical formulation to achieve a target and to satisfy one or more constraints, produces and tests said first chemical formulation, and analyzes the results of the test using said resources to determine a second chemical formulation, wherein the second chemical formulation more closely achieves the target and satisfies the one or more constraints than the first chemical formulation. | 2018-09-27 |
20180276349 | DIGITAL CONTENT EDITING APPARATUS, DIGITAL CONTENT PLAYBACK APPARATUS, DIGITAL CONTENT DECRYPTING APPARATUS, WEB CONTENT PLAYBACK APPARATUS, WEB CONTENT DECRYPTING APPARATUS, DIGITAL CONTENT ENCRYPTING/DECRYPTING SYSTEM, AND DIGITAL CONTENT ENCRYPTING/DECRYPTING METHOD - A digital content editing apparatus includes: a digital content generating unit for processing data and generating digital content constituted by a group of files, the digital content; and an encrypting unit for encrypting encryption target files among the group of files constituting the digital content generated by the digital content generating unit by using a part of the group of non-encryption target files among the group of files constituting the digital content. | 2018-09-27 |
20180276350 | MESSAGING SECURITY - Disclosed herein is a method for obscuring, from a recipient, at least a portion of media and enabling the recipient to observe the obscured media when the recipient has permission, the method comprising processing at least a portion of a first version of media to produce a second version of the media such that the at least a portion of the media in the second version is obscured when observed, sending the second version for observation by a recipient when the recipient does not have permission to observe the first version, and sending data representative of the at least a portion of the first version of the media to enable the recipient to observe the at least a portion of the first version of the media when the recipient has permission to observe the first version. | 2018-09-27 |
20180276351 | SYSTEM AND METHOD FOR EVENT-BASED VEHICLE OPERATION - Embodiments of a method and/or system for facilitating event-based vehicle operation can include determining a vehicle route; determining geographic regions for the vehicle route; monitoring the determined geographic regions for events; determining an event of interest from the detected events; and/or dynamically facilitating modification of vehicular operation of the vehicle based on the event of interest, such as in response to determination of the event of interest. | 2018-09-27 |
20180276352 | USER INTERFACE SWITCHING METHOD AND TERMINAL - The application provides a user interface switching method and a terminal. After the terminal triggers a TUI display request of a CA according to a first operation on a CA interface by a user, the terminal switches a display environment of the CA from an REE to a TEE according to the TUI display request, and then displays a TA interface that is of the CA and that is in the TEE. In this case, the user may perform an operation of inputting sensitive information on the TA interface, and a malicious program that runs in the REE cannot access a hardware device to obtain the input operation in the TEE by the user. Therefore, t sensitive information of the user is stolen is prevented, thereby effectively enhancing security of the input operation by the user. | 2018-09-27 |
20180276353 | SETTING AND TERMINATING RESTRICTED MODE OPERATION ON ELECTRONIC DEVICES - A first electronic device is configured to operate in a restricted mode of operation, which restricted mode may be terminated or continued by one or more remotely located authorization devices, according to predetermined criteria. In a restricted mode, a first set of permitted applications stored on the first electronic device are executable, and a first set of data is accessible. While operating in the restricted mode, the first device detects a termination condition of the restricted mode and transmits an indication of the termination condition to one or more authorization devices. After transmitting the request, the first electronic devices receives an indication that the restricted mode of the operation has been continued according to predetermined criteria. Responsive to receiving the indication, the first electronic device continues to operate in the restricted mode according to the predetermined criteria. | 2018-09-27 |
20180276354 | IMAGE PROCESSING APPARATUS AND METHOD, INCLUDING USER AUTHENTICATION, AND STORAGE MEDIUM - An image processing apparatus which is capable of realizing security improvements without degrading the usability. A user is authenticated, and an operation screen accepting an operation input from the user is displayed. A job is executed according to an instruction of the user authenticated by the user authenticating unit. It is determined whether or not the job of which execution is instructed by the user, is being executed when the user authenticating unit authenticates the user. A first operation screen through which the user inputs an instruction for the job in execution is displayed when the job executing unit is executing the job, of which execution is instructed by the user, whereas another operation screen through which another user inputs an instruction for another job is displayed when not. | 2018-09-27 |
20180276355 | DATA PROCESSING SYSTEMS AND COMMUNICATIONS SYSTEMS AND METHODS FOR INTEGRATING PRIVACY COMPLIANCE SYSTEMS WITH SOFTWARE DEVELOPMENT AND AGILE TOOLS FOR PRIVACY DESIGN - A privacy compliance monitoring system, according to particular embodiments, is configured to track a user's system inputs and responses to questions regarding a particular privacy campaign in order to monitor any potential abnormal or misleading response. In various embodiments, the system is configured to track changes to a user's responses, monitor an amount of time it takes a user to respond, determine a number of times that a user changes a response and/take other actions to determine whether a particular response may be abnormal. In various embodiments, the system is configured to automatically flag one or more questions based on determining that the user may have provided an abnormal response. | 2018-09-27 |
20180276356 | TERMINAL DEVICE AND METHOD FOR PERFORMING USER AUTHENTICATION BY MEANS OF BIOMETRIC DATA - The present invention provides an authentication which is performed by means of simultaneously inputting biometric data such as fingerprint, iris and the like when inputting an authentication number, wherein input area provided to a user varies such that biometric data can be input and recognized accurately and easily. Therefore, the present invention enhances convenience for a user and increases security and reliability of authentication. | 2018-09-27 |
20180276357 | IC CARD AND METHOD FOR CONTROLLING IC CARD - An integrated circuit (IC) card of an embodiment includes a communicator, a storage storing biometric authentication information, an acquirer, and a processor. The communicator communicates with a terminal device. The acquirer acquires biometric information of a user. The processor collates the biometric information of the user acquired by the acquirer with the biometric authentication information stored in the storage and stores a collation result into the storage at an activation time. | 2018-09-27 |
20180276358 | IC CARD AND METHOD FOR CONTROLLING IC CARD - An integrated circuit (IC) card of an embodiment includes a communicator, a storage storing a plurality of pieces of biometric authentication information, an acquirer, and a processor. The communicator communicates with a terminal device. The acquirer acquires biometric information of a user. The processor collates the biometric information acquired by the acquirer with each of the plurality of pieces of biometric authentication information stored in the storage in a case that the communicator receives a command from the terminal device and updates some of the plurality of pieces of biometric authentication information stored in the storage with information on the basis of the biometric information acquired by the acquirer in accordance with collation results for the biometric authentication information. | 2018-09-27 |
20180276359 | SYSTEM AND METHOD FOR POWERING ON ELECTRONIC DEVICES - This disclosure relates generally to electronic devices, and more particularly to system and method for powering ON electronic devices. In one embodiment, the method comprises receiving a movement pattern provided by a user using the electronic device during a switched OFF state of the electronic device, recording a mechanical movement of a spring-loaded pendulum in response to the movement pattern, validating the mechanical movement against one or more pre-stored patterns, and powering ON the electronic device from the switched OFF state based on a validation. The spring-loaded pendulum is housed within the electronic device. | 2018-09-27 |
20180276360 | PHYSICAL TOKEN-LESS SECURITY SCREENING USING BIOMETRICS - In physical token-less security screening using biometrics, a person provides biometric data to a security computing device as part of a security screening. The biometric data is used by the security computing device to look up an identifier (such as an airline account identifier or a security status identifier) for the person from a security back end. The identifier is used by the security computing device to obtain electronic pass information (such as an electronic boarding pass or a security screening status indicator) from a third party computing system (such as an airline computing system or a clearinghouse), which may be used to clear the person and/or otherwise facilitate the security screening. In some implementations, these techniques may also be used for physical token-less pass processing (such as boarding pass-less airline processing, confirmation of assigned traveling credentials, or determination of security protocols). | 2018-09-27 |
20180276361 | THREE-DIMENSIONAL FINGERPRINT SCANNER - A method and/or computer system generates a three-dimensional image of a fingerprint. One or more sensors detect a first user's finger being pressed against a first fingerprint scanner, where the first user's finger has a first user's fingerprint that comprises fingerprint ridges that form fingerprint grooves. A light source on a rotating platform transmits offset light against the first user's finger as the light source rotates on the rotating platform. A camera captures shadow images of shadows in the fingerprint grooves. One or more processors receive and analyze the shadow images in order to determine a shape and depth of the fingerprint grooves. The processor(s) generate a first digital fingerprint file that represents the shape and depth of the fingerprint grooves, and store the first digital fingerprint file for use in future biometric verification of the first user. | 2018-09-27 |
20180276362 | SYSTEM AND METHOD FOR REAL WORLD BIOMETRIC ANALYTICS THROUGH THE USE OF A MULTIMODAL BIOMETRIC ANALYTIC WALLET - A system and method for real world biometric analytics through the use of a multimodal analytic wallet. The system includes a biometric wallet comprising a pervasive repository for storing biometric data, the pervasive repository including at least one of a biometric layer, a genomic layer, a health layer, a privacy layer, and a processing layer. The biometric wallet further comprises a biometric analytic interface configured to communicate the biometric data to one or more devices. | 2018-09-27 |
20180276363 | TRUSTED DEVICE - A trusted device, such as a wristwatch, is provided with authentication circuitry, used to perform an authentication operation to switch the trusted device into an authenticated state. Retention monitoring circuitry monitors the physical possession of the trusted device by the user following the authentication operation and switches the trusted device out of an authenticated state if the trusted device does not remain in the physical possession of the user. While the trusted device remains in the physical possession of the user, communication triggering circuitry is used to detect a request to establish communication with a target device that is one of a plurality of different target devices and communication circuitry is used to communicate with that target device using an authenticated identity of the user. | 2018-09-27 |
20180276364 | SECURING CREDENTIALS WITH OPTICAL SECURITY FEATURES FORMED BY QUASI-RANDOM OPTICAL CHARACTERISTICS OF CREDENTIAL SUBSTRATES - Systems and methods are described for securing credentials with optical security features formed by quasi-random optical characteristics (QROCs) of credential substrates. A QROC can be a pattern of substrate element locations (SELs) on the substrate that includes some SELs that differ in optical response from surrounding SELs. During manufacturing, a QROC of a substrate can be characterized, hidden by a masking layer, and associated with a substrate identifier. During personalization, personalization data can be converted into an authentication graphic formed on the substrate by de-masking portions of the masking layer according to a de-masking pattern. The graphic formation can result in a representation that manifests a predetermined optical response only when the de-masking pattern is computed with knowledge of the hidden QROC. The authentication graphic and optical response can facilitate simple human authentication of the credential without complex or expensive detection equipment. | 2018-09-27 |
20180276365 | ACCESS CONTROL TO PROTECTED RESOURCE BASED ON IMAGES AT CHANGING LOCATIONS IDENTIFIABLE BY THEIR TYPE - A method is provided for controlling access to a protected resource in a computing system, which includes storing an indication of a selection of an access image type, receiving an access request for accessing the protected resource, and determining one or more access locations of an access grid of images, the access locations (and possibly the corresponding images) changing along a sequence of access requests. The method also includes generating the access grid to include corresponding access images of the access image type for the access locations and one or more other image types different from the access image type, displaying the access grid, and controlling the access to the protected resource according to a selection of one or more selected images in the access grid. | 2018-09-27 |
20180276366 | METHOD AND SYSTEM FOR AUTHENTICATING IDENTITY USING VARIABLE KEYPAD - The present invention relates to a system for authenticating a financial transaction, and a combination password and signature information identity authentication server, according to one embodiment of the present invention, comprises: a variable keypad generating unit for generating a variable keypad including encryption keys and a signature input part which receives an input of the signature of a user, wherein the position of each of the encryption keys is changed every time the encryption keys are generated; an authentication information saving unit for saving authentication information of a user of a mobile terminal; and an authentication unit for receiving, from the mobile terminal, position information of the encryption keys according to the order inputted by the user, and signature information inputted by the user on the signature input part, and using same to authenticate identity. | 2018-09-27 |
20180276367 | MODIFYING SECURITY STATE WITH SECURED RANGE DETECTION - In some embodiments, a first device performs ranging operations to allow a user to access the first device under one of several user accounts without providing device-access credentials. For example, when a second device is within a first distance of the first device, the first device determines that the second device is associated with a first user account under which a user can access (e.g., can log into) the first device. In response to the determination, the first device enables at least one substitute interaction (e.g., a password-less UI interaction) to allow the first device to be accessed without receiving access credentials through a user interface. In response to detecting an occurrence of the substitute interaction, the user is allowed to access the first device under the first user account. In some embodiments, the substitute interaction occurs while the first device is logged into under a second user account. | 2018-09-27 |
20180276368 | AUTHENTICATION MANAGEMENT - Disclosed aspects relate to authentication management. A first valid authentication input may be established with respect to access enablement to a computing asset. A second valid authentication input may be established with respect to access enablement to the computing asset. A triggering event may be detected. The first valid authentication input may be deactivated based on the triggering event. The second valid authentication input may be activated based on the triggering event. The graphical user interface may be presented which may appear to prompt for the first valid authentication input. The second valid authentication input may be received via the graphical user interface. Access enablement with respect to the computing asset may be authenticated in response to receiving the second valid authentication input. | 2018-09-27 |
20180276369 | OS Security Filter - A system and method for protecting against the unauthorized use of operating system level commands is disclosed. The system includes a computer module including: a processor configured for performing data operations; a memory unit configured to store instructions executable by the processor; and an operating system module for supporting basic functions of the computer module, such as scheduling tasks, executing applications, and controlling peripherals. A virtual keyboard is connected to the computer module for creating one or more events or sequences of events recognizable by the operating system module. A system level command filter module is provided for filtering system level commands from the one or more recognizable events or sequences of events. | 2018-09-27 |
20180276370 | BRINGING A NON-ISOLATED APPLICATION INTO AN ISOLATION LAYER WITH AN ISOLATED APPLICATION - Bringing a non-isolated computer application into an isolation layer with an isolated computer application. In one embodiment, a method may include isolating a first computer application by executing the first computer application as a virtualized first computer application in an isolation layer. The method may also include receiving a request, from the virtualized first computer application, to share a computer object with a second computer application that is not executing in the isolation layer. The method may further include, in response to the receiving of the request, several acts. These acts may include executing, in real-time, at least a portion of the second computer application as a virtualized second computer application in the isolation layer. These acts may also include creating a virtualized computer object based on the computer object in the isolation layer. These acts may further include sharing the virtualized computer object in the isolation layer. | 2018-09-27 |
20180276371 | SAMPLE-SPECIFIC SANDBOX CONFIGURATION BASED ON ENDPOINT TELEMETRY - A method for determining sandbox configurations for malware analysis is described. In one embodiment, the method may include receiving a plurality of files, extracting at least one element from at least one file from the plurality of files, identifying one or more properties associated with an endpoint, determining a correlation between the at least one extracted element and the one or more properties of the endpoint, and determining one or more sandbox configurations based at least in part on the determined correlation. In some cases, the endpoint is related to at least one of the plurality of files. | 2018-09-27 |
20180276372 | SYSTEM AND METHODS FOR SANDBOXED MALWARE ANALYSIS AND AUTOMATED PATCH DEVELOPMENT, DEPLOYMENT AND VALIDATION - A system and methods for sandboxed malware analysis and automated patch development, deployment and validation, comprising a business operating system, vulnerability scoring engine, binary translation engine, sandbox simulation engine, at least one network endpoint, at least one database, a network, and a combination of machine learning and vulnerability probing techniques, to analyze software, locate any vulnerabilities or malicious behavior, and attempt to patch and prevent undesired behavior from occurring, autonomously. | 2018-09-27 |
20180276373 | Method for Providing a Security-Critical Software Application on a Computer Unit - A method is provided for providing a software application on a computer unit. The method comprises the following steps: carrying out an AOT compilation of the software application present in the form of source code to generate assembler code from the source code of the software application; obfuscating the assembler code of the software application; posting the obfuscated assembler code of the software application to a software distribution platform; and downloading the obfuscated assembler code to the computer unit. Further, a corresponding computer unit is provided. | 2018-09-27 |
20180276374 | Checking a security value calculated for a part of a program code - An apparatus includes a first processing resource to execute a program code, and a second processing resource separate from the first processing resource. The program code includes an embedded execution unit. The execution unit, during execution of the program code, calculates a first security value for a part of the program code. The second processing resource runs a validation program. The validation program receives the first security value, checks the first security value against a second security value calculated from a corresponding part of a reference copy of the program code to obtain a check result, returns the check result to the execution unit. The execution unit performs a security-related action in response to a check result indicating a mismatch between the first security value and the second security value. | 2018-09-27 |
20180276375 | SYSTEM AND METHOD FOR DETECTING A CYBER-ATTACK AT SCADA/ICS MANAGED PLANTS - System for detecting a cyber-attack of a SCADA system managed plant. Each industrial computerized device of the system comprises a processor configured with a data validation module to determine whether data flow outputted from a SCADA-connected controller is authentic, and with an alert issuing mechanism activated following detection that the outputted data flow is indicative of a cyber-attack. The at least one dedicated industrial computerized device is operable to passively monitor in parallel data communicated between each of the controllers and the SCADA system including the outputted data at the nearest points of each of the controllers; seek mismatches between the plant state and the physical operation model; if a mismatch is detected, determine whether the mismatch is indicative of a cyber-attack perpetrated with respect to one of the controllers or an operational malfunction; and upon detecting a cyber- attack, activate the alert issuing mechanism to issue a security alert. | 2018-09-27 |
20180276376 | SYSTEM AND METHOD FOR HIGH FREQUENCY HEURISTIC DATA ACQUISITION AND ANALYTICS OF INFORMATION SECURITY EVENTS - This document discloses a heuristic data analytics method and system for analysing potential information security threats in information security events. In particular, the heuristic data analytics method and system analyses Binary Large Objects (BLOBs) of structured and unstructured information security events at high speed and in real-time to anticipate potential security breaches that will occur in the near future using algorithms and large scale computing systems. | 2018-09-27 |
20180276377 | SECURITY MITIGATION ACTION SELECTION BASED ON DEVICE USAGE - Examples disclosed herein relate to selecting a security mitigation action based on device usage. In one implementation, a processor selects a security mitigation action for a device based on information related to usage of the device and associated usage limitations associated with the selected security mitigation action. The processor may output information related to the selected security mitigation action. | 2018-09-27 |
20180276378 | LABELING OBJECTS ON AN ENDPOINT FOR ENCRYPTION MANAGEMENT - Threat detection instrumentation is simplified by providing and updating labels for computing objects in a context-sensitive manner. This may include simple labeling schemes to distinguish between objects, e.g., trusted/untrusted processes or corporate/private data. This may also include more granular labeling schemes such as a three-tiered scheme that identifies a category (e.g., financial, e-mail, game), static threat detection attributes (e.g., signatures, hashes, API calls), and explicit identification (e.g., what a file or process calls itself). By tracking such data for various computing objects and correlating these labels to malware occurrences, rules can be written for distribution to endpoints to facilitate threat detection based on, e.g., interactions of labeled objects, changes to object labels, and so forth. In this manner, threat detection based on complex interactions of computing objects can be characterized in a platform independent manner and pre-processed on endpoints without requiring significant communications overhead with a remote threat management facility. | 2018-09-27 |
20180276379 | ENDPOINT MALWARE DETECTION USING AN EVENT GRAPH - A data recorder stores endpoint activity on an ongoing basis as sequences of events that causally relate computer objects such as processes and files, and patterns within this event graph can be used to detect the presence of malware on the endpoint. The underlying recording process may be dynamically adjusted in order to vary the amount and location of recording as the security state of the endpoint changes over time. | 2018-09-27 |
20180276380 | ENDPOINT MALWARE DETECTION USING AN EVENT GRAPH - A data recorder stores endpoint activity on an ongoing basis as sequences of events that causally relate computer objects such as processes and files, and patterns within this event graph can be used to detect the presence of malware on the endpoint. The underlying recording process may be dynamically adjusted in order to vary the amount and location of recording as the security state of the endpoint changes over time. | 2018-09-27 |
20180276381 | SYSTEMS AND METHODS FOR A VIRUS SCANNING ROUTER - A virus scanning router may manages a local network, including routing network traffic between devices on the network and routing network traffic being sent to and from such devices via an external communication system. The virus scanning router remotely scans for viruses the files stored on one or more such devices on the network. The virus scanning router may be a device trusted by the other devices on local network to facilitate the virus scanning router reading and scanning one or more files stored on such devices for viruses. The virus scanning router also takes corrective actions such as isolating the infected device or isolating an affected network zone to which the remote device belongs. | 2018-09-27 |
20180276382 | System and Method for Automation of Malware Unpacking and Analysis - An information handling system includes a storage and a processor. The storage is configured to store malware samples and malware signatures. The processor is configured to unpack a malware sample, compare the malware sample to known malware families, extract a command-and-control domain, extract encryption keys and communication parameters, store a malware signature for the malware sample, the malware signature including information required to monitor a network for activity of the malware sample or detect the malware sample on another system, and provide the command-and-control server addresses, encryption keys, and communication parameters to a botnet tracker. | 2018-09-27 |
20180276383 | AUTOMATIC DETECTION OF SOFTWARE THAT PERFORMS UNAUTHORIZED PRIVILEGE ESCALATION - Automatic detection of software that performs unauthorized privilege escalation is disclosed. The techniques cause a programmable device to obtain a trace event of a program from an event logger, parse the trace event to determine a privilege level for an event, compare the privilege level for the event to an expected privilege level, and block execution of the program based on the comparison. | 2018-09-27 |
20180276384 | SECURE DOCUMENT IMPORTATION VIA PORTABLE MEDIA - System, method and medium for securely transferring untrusted files from a portable storage medium to a computer. The invention can filter, scan and detonate untrusted files to be transferred to a computer from a portable storage medium. First, the types of files which are eligible to be selected for transfer are limited, by file type and/or content. Second, each file selected for transfer is scanned against a collection of signatures of known malware. Thus, files contain malware which has been previously identified as such can be blocked from ever being transferred to the computer. Finally, each file to be transferred is detonated by opening it in a controlled, sterile environment to determine if it adversely impact the operation of that sterile environment. Malware detected in this way can then be added to the collection of malware that can be detected by the second step. | 2018-09-27 |
20180276385 | SYSTEM AND METHOD FOR RESTORATION OF A TRUSTED SYSTEM FIRMWARE STATE - Operations include restoring a trusted system firmware state. A system stores a set of self-contained secure code in a secure code store. The system stores a set of operational code in an operational code store. The system executes the secure code or the operational code upon system start up, depending whether the system is configured in a secure mode, or in a normal operational mode. When the system is configured in secure mode, the system executes the secure code. In secure mode, the system also overwrites a current version of the operational code stored in the operational code store with a replacement version of the operational code referenced by the secure code. When the system is configured in normal operational mode, the system executes the operational code. During normal operation, the secure code store is electrically isolated. | 2018-09-27 |
20180276386 | PERSISTENT ENROLLMENT OF A COMPUTING DEVICE BASED ON A TEMPORARY USER - Systems and methods are included for causing a computing device to implement a management policy prior to a user logging into an operating system on initial boot. As part of initial boot, the computing device contacts a management server for enrollment. Installation of the operating system is paused while the management server synchronizes the software and policies on the computing device. To do this prior to login, the management server can create a temporary user account to associate with the computing device and apply a default management policy. After the installation is complete, an installed management agent can gather user inputs made during login. The management agent can send these inputs to the management server for use in creating an actual user account to associate with the computing device. | 2018-09-27 |
20180276387 | System and Method for Secure Boot of an Information Handling System Using Verification Signature and Including Verifying Applications - A verification for a secure boot process may include determining a determined signature for a compendium stored in a memory where the compendium includes a bootloader and an operating system, accessing a verification signature corresponding to the compendium, and comparing the verification signature with the determined signature where if the verification signature is the same as the determined signature, the compendium is verified as secure and a secure boot process is performed with the bootloader and operating system. The compendium may include one or more applications such that the applications may be verified as secure with the verification signature. | 2018-09-27 |
20180276388 | ENABLING A SECURE BOOT FROM NON-VOLATILE MEMORY - A system may include a host that may include a processor coupled to a non-volatile memory over a secure communication protocol, As a result, prior to release for manufacturing, a binding code may k established between the host and the non-volatile memory, In some embodiments, this binding code may be stored on the non-volatile memory and not on the host. Then during a boot up of the system, the boot up process may be initiated by the host using code associated with the host, followed by secure booting using the secure protocol using code stored on the non-volatile memory. | 2018-09-27 |
20180276389 | DETERMINING MALWARE PREVENTION BASED ON RETROSPECTIVE CONTENT SCAN - The disclosed embodiments include a method for retroactively analyzing original input content to detect malicious content in a computer system, in which the original input content has been previously processed to generate modified input content and prevented from being received by an intended recipient. The method includes accessing the original input content or a characteristic associated with the original input content, and analyzing it based on a malware detection algorithm to determine whether the original input content includes suspected malicious content, wherein the malware detection algorithm includes at least one update of a signature or behavioral characteristic that was not included in the malware detection algorithm when the modified input content was generated. When it is determined that the original input content includes suspected malicious content, the method includes analyzing the modified input content to determine whether the modified input content includes the suspected malicious content. | 2018-09-27 |
20180276390 | DISARMING MALWARE IN DIGITALLY SIGNED CONTENT - Systems and methods for disarming malicious code in digitally-signed content are provided. An example method includes determining that content is associated with a first digital signature, modifying at least a portion of digital values of the content to disable any malicious code included in the content, thereby creating modified content, and signing the modified content with a second digital signature, thereby creating signed modified content, the signed modified content including a data element corresponding to the first digital signature. | 2018-09-27 |
20180276391 | INTEGRITY CHECKING FOR COMPUTING DEVICES - A computing device may perform integrity checks on a closed operating system defining a preconfigured user portion and a preconfigured system portion using an integrity checking module. The integrity checking module may access parameters associated with an object stored on the system portion of the operating system. Files on the system portion may be accessed by submitting a query that comprises a file name, a file directory, and at least one parameter to the system portion of the operating system. The integrity checking module may provide an indication of a potential compromise to the integrity of the computing device based on the integrity check. The integrity check may be performed periodically and/or aperiodically. Updated integrity values may be compared against previously determined integrity values to update the integrity check. The integrity checking module may perform the integrity check using a signature function or hashing function to generate the integrity values. | 2018-09-27 |
20180276392 | METHOD AND SYSTEM FOR OPERATING A CACHE IN A TRUSTED EXECUTION ENVIRONMENT - A data processing system having rich execution environment (REE) and a trusted execution environment (TEE) is provided. In the data processing system, an unsecure memory is coupled to the REE and used for storing encrypted data for use in the TEE. The TEE may have a cache for storing the encrypted data after it is decrypted. The data in both the memory and the cache is organized in blocks, and the cache is smaller than the memory. An interpreter is provided in the TEE, along with a service block in the REE, for fetching and decrypting the data to be stored in the cache. The interpreter checks an integrity of the decrypted data using a hash tree having multiple levels. In the event of a cache miss, all blocks of the hash tree in a path from the data block to a root block are retrieved from the memory in one access operation. A method for operating the cache in the data processing system is also provided. | 2018-09-27 |
20180276393 | OBFUSCATION OF USER CONTENT IN STRUCTURED USER DATA FILES - Systems, methods, and software for data obfuscation frameworks for user applications are provided herein. An exemplary method includes providing user content to a classification service configured to process the user content to classify portions of the user content as comprising sensitive content, and receiving from the classification service indications of the user content that contains the sensitive content. The method includes presenting graphical indications in a user interface to the user application that annotate the user content as containing the sensitive content, and presenting obfuscation options in the user interface for masking the sensitive content within at least a selected portion among the user content. Responsive to a user selection of at least one of the obfuscation options, the method includes replacing associated user content with obfuscated content that maintains a data scheme of the associated user content. | 2018-09-27 |
20180276394 | EXTENDING A ROOT COMPLEX TO ENCOMPASS AN EXTERNAL COMPONENT - In accordance with embodiments disclosed herein, there is provided systems and methods for extending a root complex to encompass an external component. A processor includes a processor core and root complex circuitry coupled to the processor core. The processor core is to execute a basic input/output system (BIOS) and an operating system (OS). The root complex circuitry includes a coherent interface port and a downstream port. The root complex circuitry is to couple to an external component via the downstream port and the coherent interface port. The BIOS, to extend a root complex beyond the root complex circuitry to encompass the external component, is to obfuscate the downstream port from the OS, define a virtual root bridge for the external component, and enable a security check at the external component to provide protection for the coherent interface port and the downstream port. | 2018-09-27 |
20180276395 | Skull Conduction-Based Telephonic Conversation Management - Managing access to confidential content is provided. An indication of an identity of a teleconference participant is received via a voice communication headset that includes a skull conduction speaker and microphone. A database is analyzed to identify confidential information the teleconference participant is not authorized to hear. Voice communication content is provided in real time to the teleconference participant. The identified confidential information the teleconference participant is not authorized to hear is muted in the voice communication content. | 2018-09-27 |
20180276396 | SYSTEM AND METHOD OF CONTROLLING ACCESS TO CONTENT USING AN ACCESSIBILITY API - Disclosed are system and methods for controlling access to content from a user application executing in an isolated environment on a user device. An exemplary method includes intercepting, by a security application, data relating to content in a graphical user interface of the user application using an accessibility application programming interface (API) exposed by an operating system of the user device, and generating a first template associated with the content based on the intercepted data. The template specifies a pattern of elements of the graphical user interface. The method further includes determining a category of the content based on a comparison of the first template with a plurality of previously generated templates; and controlling access to the content of the graphical user interface based on the determined category. | 2018-09-27 |
20180276397 | Systems and Methods for Secure, Message-Based Delivery of Mobile Application Requests - The disclosed invention comprises Systems and Methods for delivery of mobile applications' requests for services to network devices or apparatus in a secure environment. The invention features web-based configuration services allowing for the definition of delivery systems' components, including mobile devices, delivery channels, machine handlers, endpoints and pre-authentications. Machine handlers are pre-authenticated to access endpoints. Mobile applications encode their requests and send these encoded requests in message bodies to a message server. Delivery handlers send these messages to machine handlers for specified endpoints based on configuration. Machine handlers decode and submit the requests to endpoints, e.g. a printer. The invention therefore allows a user to send a mobile application request to a secured network device, such as an endpoint printer, with no intervening actions such as unwanted security requests. | 2018-09-27 |
20180276398 | SYSTEM AND METHOD FOR PROVIDING RESTRICTED ACCESS TO PRODUCTION FILES IN A CODE DEPLOYMENT ENVIRONMENT - A method for providing restricted access to a production file in a code deployment environment is presented. The method includes receiving a user request to access the production file comprising a plurality of configuration sections employed for one or more applications. Also, the method includes determining a user identity associated with the user request to access the production file. Further, the method includes identifying a permission level of the user identity based on at least one parameter of the user identity. In addition, the method includes providing restricted access to the production file based on the permission level of the user identity. | 2018-09-27 |
20180276399 | NON-TRANSITORY COMPUTER-READABLE STORAGE MEDIUM, DATA GENERATING METHOD, AND DATA GENERATING APPARATUS - A non-transitory computer-readable storage medium storing a program to execute a process including acquiring a first data file including a plurality of first records each having a first data value of a first data item and a second data value of a second data item, generating first association information indicating a correspondence between a plurality of first data values and coded data values, encoding the first data file, encrypting the first association information, obtaining a plurality of data values of the second data item in a second data file, specifying the plurality of first data values, in the plurality of first records, corresponding to the plurality of data values in the second data files, specifying a plurality of coded data values, in the encoded first data file, corresponding to the plurality of specified first data values, and merging the second data file and the plurality of specified coded data values. | 2018-09-27 |
20180276400 | SYSTEM FOR PROCESSING DATA - The present disclosure relates to transmitting a request for a set of data records, the request indicating encrypted data items associated with first and second interval boundaries, and selectively traversing a partially ordered set to determine an encrypted data item of the partially ordered set that is associated with an interval boundary of the first and second interval boundaries, based on no cache entries being associated with any encrypted data item associated with the interval boundary. The selectively traversing may include decrypting one or more portions of the partially ordered set, determining the encrypted data item of the partially ordered set, and transmitting a request to retrieve a data element of a linear order annotated to the encrypted data item of the partially ordered set associated with the interval boundary, to cause generation of a new cache entry including the encrypted data item and the data element. | 2018-09-27 |
20180276401 | CONFIGURABLE ANNOTATIONS FOR PRIVACY-SENSITIVE USER CONTENT - Systems, methods, and software for data privacy annotation frameworks for user applications are provided herein. An exemplary method includes identifying at least a first threshold quantity, an elasticity factor for modifying the first threshold quantity to a second threshold quantity, and an indication of a threshold resiliency property indicating when the second threshold quantity overrides the first threshold quantity. The method includes monitoring a content edit process of user content to identify a quantity of the user content that contains sensitive data corresponding to one or more predetermined data schemes, and during the content edit process, enabling and disabling presentation of annotation indicators for the content elements based at least in part on a current quantity with regard to the first threshold quantity, the elasticity factor for the first threshold quantity when enabled, and the indication of the threshold resiliency property. | 2018-09-27 |
20180276402 | DATA LOSS PROTECTION FOR STRUCTURED USER CONTENT - Systems, methods, and software for sensitive data handling frameworks for user applications are provided herein. An exemplary method includes receiving subsets of structured user content consolidated into associated flattened representations, the associated flattened representations having a mapping to the structured user content and accompanied by at least lengths and offset information relating to the mapping. The method includes individually parsing the subsets of structured user content to classify portions as comprising sensitive content corresponding to one or more predetermined data schemes and, for each of the portions, identifying an associated offset and length for the portion relating to the subsets of structured user content, and indicating at least the associated offset and length to the user application for marking of the sensitive content in a user interface to the user application. | 2018-09-27 |
20180276403 | PRIVACY ANNOTATION FROM DIFFERENTIAL ANALYSIS OF SNAPSHOTS - A method is provided for preventing divulgation of sensitive data in two snapshots, taken at different times, of one or more same systems in a cloud environment. The method includes identifying a set of files from among a plurality of file pairs. Each file pair is formed from a respective file that includes at least one difference with respect to each snapshot. The method includes performing a pattern reducing process that removes, from the set of files, any of the files having, as the difference, a predetermined non-sensitive difference between respective executions of a pre-determined system operation. The method includes performing a commonality reducing process that removes, from the set of files, any files having, as the difference, a common difference between different users. The method includes annotating data in remaining files in the set of files as potentially being the sensitive data, subsequent to the reducing processes. | 2018-09-27 |
20180276404 | AUTOMATED PERSONALIZED OUT-OF-THE-BOX AND ONGOING IN-APPLICATION SETTINGS - Systems, methods, and computer-readable storage media are provided for automating personalized out-of-the-box and ongoing in-application settings. A triggering event is detected for an exchange of information between an information service and one or more application or service. A trust level and domain of information of the one or more application or service is determined. Based on the trust level and domain of information, information to be shared with the one or more application or service is identified and the identified information is shared. The information to be shared can be all of the requested information, some of the requested information, or none of the requested information. | 2018-09-27 |
20180276405 | PRIVACY ANNOTATION FROM DIFFERENTIAL ANALYSIS OF SNAPSHOTS - A method is provided for preventing divulgation of sensitive data in two snapshots, taken at different times, of one or more same systems in a cloud environment. The method includes identifying a set of files from among a plurality of file pairs. Each file pair is formed from a respective file that includes at least one difference with respect to each snapshot. The method includes performing a pattern reducing process that removes, from the set of files, any of the files having, as the difference, a predetermined non-sensitive difference between respective executions of a pre-determined system operation. The method includes performing a commonality reducing process that removes, from the set of files, any files having, as the difference, a common difference between different users. The method includes annotating data in remaining files in the set of files as potentially being the sensitive data, subsequent to the reducing processes. | 2018-09-27 |
20180276406 | Healthcare Education Assistance Team System - A system and method to provide a rapid response of informational data and analysis involving members of the medical profession comprising remote databases having federal, state and local business data and licensing registration data; one or more than one processor accessing the remote databases, the processor accesses instructions to search and identify: non-qualified providers, licensing gaps, drug enforcement non-compliance, billing and coding violations, mischaracterization of actual services rendered, prohibited self or cross referrals, and other fraudulent or abusive practices; a central database, where data from the remote databases are is automatically accumulated, stored and assembled in response to user queries; and a user interface for entering queries and displaying results. | 2018-09-27 |
20180276407 | SECURE HIGH SPEED DATA STORAGE, ACCESS, RECOVERY, AND TRANSMISSION - Systems and methods for retrieving a data object. An example method includes: receiving a query comprising a field identifier and a field value related to the field identifier; determining the field identifier corresponds to an entry of a data map, the data map comprising a plurality of entries generated in part based on a plurality of field identifiers; in response to the determination, obfuscating at least one of the field identifier, field value, and both the field identifier and the field value to generate a record locator; identifying one or more encrypted values within the data map based on the record locator, wherein the one or more encrypted values is associated with the entry having an corresponding record locator that matches the generated record locator; and decrypting and forwarding the one or more encrypted values as a response to the query. | 2018-09-27 |
20180276408 | SYSTEMS AND METHODS FOR SECURE HIGH SPEED DATA GENERATION AND ACCESS - Systems and methods for generating a data map for retrieval of a data object. An example method includes: receiving an indication to generate a data entry for the data map, the data entry corresponding to a field identifier and a field value related to the field identifier; obfuscating the field identifier to generate a record locator associated with the data entry based, at least in part, on one or more variable storage parameters; and encrypting the field identifier and field value and storing the data entry in the data map as an encrypted field identifier and field value in association with the record locator. | 2018-09-27 |
20180276409 | METHOD TO MANAGE RAW GENOMIC DATA IN A PRIVACY PRESERVING MANNER IN A BIOBANK - A method to manage raw genomic data (SAM/BAM files) in a privacy preserving manner in a biobank. By using order preserving encryption of the reads' positions, the method provides a requested range of nucleotides to a medical unit, without revealing the locations of the short reads (which include the requested nucleotides) to the biobank. | 2018-09-27 |
20180276410 | System and Method for Providing Secure Access to Production Files in a Code Deployment Environment - A method for providing secure access to a production file in a code deployment environment is presented. The method includes receiving the production file comprising a plurality of configuration sections employed for one or more applications, wherein at least one of the configuration sections comprises at least one sensitive variable and at least one non-sensitive variable. Further, the method includes identifying the at least one sensitive variable in the at least one of the configuration sections based on an environment variable associated with the at least one sensitive variable. In addition, the method includes redacting the at least one identified sensitive variable in the at least one of the configuration sections to provide secure access to the production file. | 2018-09-27 |
20180276411 | SYSTEM AND METHOD FOR SECURELY TRANSFERRING DATA OVER A COMPUTER NETWORK - The present invention provides a method, and associated computer system and computer program product, for masking selected vulnerable data portions of a data set transmitted over a network by parsing the vulnerable data, generating masked values for the vulnerable data, updating the data set to include the masked values, then sending the updated data set to a third party for analysis. | 2018-09-27 |
20180276412 | METHOD AND SYSTEM FOR THE PROTECTION OF CONFIDENTIAL ELECTRONIC DATA - A method for protection of electronic data includes: identifying, by a processor, data of the electronic data that are associable with a person; obscuring, by the processor, the data of the electronic data associable with a person using a first cryptographic key; causing, by the processor, the electronic data with the data obscured using the first cryptographic key to be stored; and in response to the first cryptographic key no longer being considered secure, obscuring, by the processor, the data obscured using the first cryptographic key using a second cryptographic key. | 2018-09-27 |
20180276413 | COMMUNICATION DEVICE WITH SELECTIVELY SHARED ACCESS MODES AND INCOMING COMMUNICATION - A communication device includes a memory to store a contact list, a communication, and tagged contacts and tagged communication form of the tagged contacts; a processor to receive an incoming communication transmitted to the communication device determine identification information from the incoming communication; and determine if the incoming communication meets a criterion for a third party user of the communication device to view the incoming communication. To determine if the incoming communication meets the criterion, the processor compares the determined identification information from the incoming communication to the tagged communication form of the tagged contacts. If the incoming communication meets the criterion, then the processor displays the incoming communication, and if the incoming communication does not meet the criterion, then the processor does not display the incoming communication. | 2018-09-27 |
20180276414 | SYSTEMS AND METHODS FOR MULTI-REGION DATA CENTER CONNECTIVITY - Disclosed is a multi-region data center connectivity solution for seamless integration between multi-region data center users and content. The solution supports user pinning (e.g., users and their personal content can be pinned to a particular geographical location/data center); protects personal content (e.g., personal content uploaded by a user is stored in that user's pinned geographical location/data center); and enables data sharing between multi-region data center users in a manner that is seamless and transparent to end users, while respecting user privacy, complying with data sovereignty requirements, and maintaining system anonymity. | 2018-09-27 |
20180276415 | DATA PROCESSING SYSTEMS FOR GENERATING AND POPULATING A DATA INVENTORY FOR PROCESSING DATA ACCESS REQUESTS - In particular embodiments, a data processing data inventory generation system is configured to: (1) generate a data model (e.g., a data inventory) for one or more data assets utilized by a particular organization; (2) generate a respective data inventory for each of the one or more data assets; and (3) map one or more relationships between one or more aspects of the data inventory, the one or more data assets, etc. within the data model. In particular embodiments, a data asset (e.g., data system, software application, etc.) may include any entity that collects, processes, contains, and/or transfers personal data (e.g., a software application, database, website, server, etc.). A data asset may include any software or device (e.g., server or servers) utilized by a particular entity for such data collection, processing, transfer, storage, etc. The system may then utilize the generated model to fulfil a data subject access request. | 2018-09-27 |
20180276416 | Secure Boot Sequence for Selectively Disabling Configurable Communication Paths of a Multiprocessor Fabric - Disabling communication in a multiprocessor fabric. The multiprocessor fabric may include a plurality of processors and a plurality of communication elements and each of the plurality of communication elements may include a memory. A configuration may be received for the multiprocessor fabric, which specifies disabling of communication paths between one or more of: one or more processors and one or more communication elements; one or more processors and one or more other processors; or one or more communication elements and one or more other communication elements. Accordingly, the multiprocessor fabric may be automatically configured in hardware to disable the communication paths specified by the configuration. The multiprocessor fabric may be operated to execute a software application according to the configuration. | 2018-09-27 |