46th week of 2014 patent applcation highlights part 66 |
Patent application number | Title | Published |
20140337886 | COMMUNICATING PRIMARY CONTENT STREAMS AND SECONDARY CONTENT STREAMS INCLUDING TARGETED ADVERTISING TO A REMOTE UNIT - The invention relates to a method and system to communicate primary and secondary content streams to at least one remote unit, for example, via a television channel in a targeted television environment. The secondary content stream comprises a plurality of tertiary content streams (e.g., video streams) providing commercials, advertisements or any other content. The tertiary content streams are included in the secondary content stream as a mosaic so that each tertiary content stream is a subset or portion of an active display area or frame provided by the single secondary content stream. In one exemplary embodiment, the method and system provide targeted or specific commercial advertisements to demographically selected audiences. | 2014-11-13 |
20140337887 | METHOD AND APPARATUS OF CHANNEL SWITCHING USING PRE-ACQUISITED PSI TABLE - The present invention provides a method and apparatus for switching channels to reduce channel zapping time, which use channel information generated prior to channel switching and generates audio and video data of a switched channel, thereby skipping a process of calculating channel information of a channel to be switched at the time of channel switching. | 2014-11-13 |
20140337888 | OPTIMIZED HTML5 ELECTRONIC PROGRAMMING GUIDE APPLICATION - An electronic programming guide (EPG) data manager module is provided. The EPG data module provides an event driven infrastructure to provide EPG data to a hypertext markup language 5 (HTML5) applications. The HTML5 EPG application presents an EPG data window in a user interface on a display device. The EPG data is provided to the EPG application in scriptable data objects generated to be rendered by the HTML5 EPG application based upon the EPG data window to be presented. | 2014-11-13 |
20140337889 | SYSTEM AND METHOD FOR PRESENTING INFORMATION ASSOCIATED WITH A MEDIA PROGRAM - A system that incorporates teachings of the present disclosure may include, for example, an apparatus having a processor adapted to receive a message from a portable communication device communicatively coupled to a set-top box presenting a media program and to retrieve from the message a media descriptor associated with the media program. The processor is further adapted to identify according to the media descriptor one or more images of one or more performers commonly presented in the media program, to monitor one or more frames of a live media feed including the media program, and compare the one or more human figures to the one or more images of performers. The processor can also be adapted to recognize a performer from the comparison, to retrieve information associated with the performer, and to transmit the information to the portable communication device. Other embodiments are disclosed. | 2014-11-13 |
20140337890 | DISPLAY APPARATUS CAPABLE OF PROVIDING A SOCIAL NETWORK SERVICE (SNS) MESSAGE AND DISPLAY METHOD THEREOF - A display method and apparatus are disclosed. The display method includes selecting a broadcasting channel to display a broadcast program, accessing an outside server to receive a SNS (Social Network Service) message corresponding to at least one of the broadcasting channel and the broadcast program among SNS messages registered with the outside server, and displaying the received SNS message on a picture displaying the broadcast program. The display apparatus includes a receiving unit for selecting a broadcasting channel to receive a broadcast program; a signal processing unit for processing the received broadcast program for display, a communication unit for accessing an outside server for receiving a SNS (Social Network Service) message registered with the outside server; said SNS message corresponding to at least one of the broadcasting channel and the broadcast program among SNS messages registered with the outside server; and a control unit to control the signal processing unit to display the received SNS message on the picture displaying the broadcast program. | 2014-11-13 |
20140337891 | DIGITAL BROADCAST RECEIVER CONTROLLED BY SCREEN REMOTE CONTROLLER AND SPACE REMOTE CONTROLLER AND CONTROLLING METHOD THEREOF - A method is described for controlling a television. While receiving and displaying a broadcast signal on a screen of the television, the television receives a first signal from a remote controller and displays a control icon corresponding to the remote controller on the screen. The screen is partitioned into a first and second partition, the first partition being a broadcast signal display region continuing to display the broadcast signal, and the second partition being a television control region that includes television control icons and/or subregions. A second signal is wirelessly received from the remote controller, the second signal representing a movement of the remote controller. The control icon is moved across the screen of the television in response to the movement of the remote controller. A channel list is displayed based on whether the second sign is recognized within or out of the second partition. | 2014-11-13 |
20140337892 | DISPLAY APPARATUS AND USER INTERFACE SCREEN PROVIDING METHOD THEREOF - A display apparatus comprising a display configured to display a plurality of spaces in a form of a polyhedron is provided. The plurality of spaces each correspond to a different category. The apparatus displays a rotatable Graphical User Interface (GUI), a user interface is configured to receive a user interaction for the GUI, and a controller is configured to, when one of the plurality of spaces in a form of a polyhedron is selected as the GUI is rotated according to the user interaction, control to display a selected space as a main space, and display at least one content-related information included in a category corresponding to the selected space. | 2014-11-13 |
20140337893 | SYSTEMS AND METHODS FOR RECORDING CONTENT FROM A DIFFERENT SOURCE WHEN PREVIOUS CONTENT RUNS OVER - Systems and methods for recording content from a different source when previous content runs over are provided. A recording of a first media asset from a first content source is scheduled. The first media asset is scheduled for transmission from the first content source at a start time following a scheduled transmission end time of a second media asset from the first content source. Transmission of the second media asset from the first content source is determined to run past the scheduled end time. A determination is made, based on a visual component and/or an audible component of the second media asset, that transmission of the first media asset at the start time from the first content source has been changed to a second content source. The recording of the first media asset is modified to record the first media asset at the start time from the second content source. | 2014-11-13 |
20140337894 | SERIES REMINDERS AND SERIES RECORDING FROM AN INTERACTIVE TELEVISION PROGRAM GUIDE - An interactive television program guide system with program series reminder and recording capabilities is provided. The system allows a user to set a reminder or schedule a recording for a single episode or for each episode of a program series. In addition, other options may be provided that allow the user to determine, for example, whether to schedule reminders/recordings for episodes on all channels on which the program airs or only on a selected channels, whether to schedule reminders/recordings for all episodes including reruns or only new episodes, whether to schedule reminders/recordings for network or syndicated episodes, and whether to schedule reminders/recordings for episodes on all days or only on selected days of the week. Before the scheduled broadcast time of each episode of each selected program series, the system sends a reminder message to the user that reminds the user of the program episode or sends a record command to a videocassette recorder to initiate recording of the episode. The system allows a user to view a list of all currently requested program reminders and scheduled program recordings. The user may update, change, or cancel any entry in either list or the system may automatically update the lists to match new broadcast schedule information. If the user sets a reminder or schedules a recording that conflicts with an existing reminder or recording, the system may inform the user of the conflict and allow the user to resolve the conflict or the system may resolve the conflict. | 2014-11-13 |
20140337895 | UNIFIED CONTENT POSTING - Methods, apparatuses and systems to provide a unified content posting mechanism. | 2014-11-13 |
20140337896 | METHOD AND APPARATUS FOR DATA RATE CONTROLLER FOR A CODE BLOCK MULTIPLEXING SCHEME - A receiver is used with third code blocks based on first code blocks, second code blocks, and a planning code block. The first code blocks are associated with a first sequence number and modulated with a first modulation scheme. The second code blocks are associated with a second sequence number and modulated with a second modulation scheme. The planning code block associates the third code blocks with the first code blocks and the second code blocks. The receiver includes a de-multiplexing portion, which includes a code block selector and a look up table, that outputs a de-multiplexed signal based on the third code blocks. The code block selector selects a code block from the third code blocks to output as the de-multiplexed signal based on entries in the look up table. The receiver also includes a recovery portion that outputs received code blocks based on the de-multiplexed signal. | 2014-11-13 |
20140337897 | Systems And Methods For Receiving And Transferring Video Information - Devices and methods for receiving and/or processing digital data. The devices may include a satellite modem, a transport module, and/or a processing module. The satellite modem, the transport module and/or the processing module may be formed on a single semiconductor substrate. | 2014-11-13 |
20140337898 | DVB-S RECEIVER DEVICE, ADAPTER FOR INTERCONNECTING A TUNER AND A SCART CONNECTOR OF THE DVB-S RECEIVER DEVICE, AND METHOD FOR AUTOMATICALLY DETECTING AN OUTPUT VOLTAGE OF THE TUNER - A Digital Video Broadcasting-Satellite (DVB-S) receiver device includes a tuner, a SCART (Syndicat des Constructeurs d'Appareils Radiorécepteurs et Téléviseurs) connector and a system on chip (SOC). The tuner is for generating an output voltage. The SCART connector is for receiving the output voltage. The SOC is configured to receive a voltage signal associated with the output voltage outputted by the SCART connector, to digitize the voltage signal into a digital value, and to determine whether the digital value conforms with a default value so as to output a determination result. | 2014-11-13 |
20140337899 | METHODS, SYSTEMS AND COMPUTER PROGRAM PRODUCTS FOR PROVIDING A MEDIA FILE TO A DESIGNATED SET-TOP BOX - Methods of providing a media file include receiving the media file and an identification of a destination set-top box for the media file at a server device. The received media file is transmitted from the server device to the identified set-top box in an Internet protocol television (IPTV) multimedia format. | 2014-11-13 |
20140337900 | Interactive Video - A person's video watching experience is enhanced. A request is received to play a video. In response to the request, a device is used to play the video to the person. In response to playing of the video, an event outside the video that is related to the video and affects the person is initiated. | 2014-11-13 |
20140337901 | NETWORK PERSONAL VIDEO RECORDER SYSTEM, METHOD AND ASSOCIATED SUBSCRIBER DEVICE - A network personal video recorder (NPVR) system, method and associated subscriber device. In one method operating at an NPVR element, a request for recording a program asset may be received from a first subscriber. Responsive thereto, the NPVR element verifies whether the requested program asset is available in an external content system associated with the NPVR element. The requested program asset is recorded in a content database if there is no equivalent copy of the program asset available in the associated external content system or in the NPVR system for another subscriber. | 2014-11-13 |
20140337902 | System and Method for Delivering Companion Content - A system and method for providing companion content on a device that downloads content associated with a media presentation playing on a media player and displays the downloaded content at times synchronized to time-offsets (from the start of the program) of the presentation by signals from the media player. | 2014-11-13 |
20140337903 | SEAMLESS TRICK-MODE WITH DECREASED LATENCY FOR LIVE TRANSCODE STREAMING - A method for performing trick-mode operations with decreased latency for transcode streaming includes receiving and recording a stream of video data. A single transcoder may transcode the stream of video data and generate output video data in an output buffer following. Segmentation index information may be generated that refers to the output data in the output buffer. Skip-backwards, skip-ahead, and resume requests received from a client device are responded by retrieving transcoded video data from the output buffer or retrieving and transcoding video data from an input storage. A method for performing skip-ahead trick-mode operation with decreased latency may use two transcoders such as two threads of the single transcoder to transcode temporally current content and forward content. The forward content may be associated with a forward time offset with respect to the temporally current content. The transcoded forward content is provided in response to skip-ahead trick mode request. | 2014-11-13 |
20140337904 | METHODS OF IMPLEMENTING MULTI MODE TRICKPLAY - A method of operating a server and an IP client device for presentation of video content to a viewer that includes a trickplay function. The server partitions media chunks into several sub chunks and includes information about the sub chunks in a manifest. The client plays the needed sub chunks to implement a desired play rate. As an alternative to providing sub chunk information in the manifest, the server sends key frame information in the manifest. The client plays needed frames of the key frames to implement a desired play rate. The sub chunk information as well as key frame information is encoded into the manifest as a standard comment or chunk filename. In another alternative, the IP client sends a trickplay request and based on that, the server signals either the sub chunks to be played or the key frames to be played to affect the desired speed. In yet another variation, the server can also remove the unwanted sub chunks or key frames to affect the desired play rate at the IP client. | 2014-11-13 |
20140337905 | SYSTEM AND METHOD FOR DELIVERING EXTENDED MEDIA CONTENT - A system and method for identifying and delivering extended media content. An extended content system receives requests to record or play identified broadcast content. The extended content system automatically obtains or preserves extended media content related to the identified broadcast content. In some instances, the system informs a subscriber that extended media content is available. If requested by the subscriber, the extended content system obtains the identified broadcast content and extended media content and provides the same to the subscriber in either a Set-Top-Box format or an Over-The-Top format. | 2014-11-13 |
20140337906 | TECHNIQUE FOR PROVIDING ON A PROGRAM CHANNEL COMPOSITE PROGRAMMING CONTENT ATTRIBUTED TO DIFFERENT SOURCES - In providing composite programming content from different sources on a program channel, a host processor joins IP multicast groups for which “live” contents from multiple sources are provided. Specifically, the host processor collects packets containing the live contents based on their destination addresses associated with the IP multicast groups. Segments of the received live contents are selected to realize the composite programming content, which is provided on the program channel. | 2014-11-13 |
20140337907 | SYSTEM AND METHOD FOR CONTENT TRANSMISSION NETWORK SELECTION - A content transmission selection system is disclosed. The content transmission selection system receives requests from viewers for specific video content items. Using characteristics of the designated content item, the content transmission selection system determines whether to transmit the content item over a broadcast network or a broadband network. | 2014-11-13 |
20140337908 | SYSTEM FOR RETRIEVAL OF EXECUTABLE APPLICATIONS - A system for retrieval of executable applications, comprising: a broadcast tele-vision receiver apparatus; and a server; wherein the broadcast television receiver apparatus includes a communication unit having an interface for bidirectional communication with a network and adapted to determine channel information from a currently decoded channel carried in a broadcast television signal, the channel information identifying the currently decoded channel, the communication unit being further adapted to send the channel information to a server over the network, and to receive application information from the server, the application information describing a set of applications which are available for execution, and to receive executable code components for the set of applications corresponding to the application information, and wherein the broadcast television receiver apparatus further includes a data processor adapted to execute the application whilst the channel is decoded; and wherein the server is adapted to receive the channel information over the network, to determine the application information by analyzing the channel information, and to send the application information to the communication unit. | 2014-11-13 |
20140337909 | NETWORK PERSONAL VIDEO RECORDER SYSTEM, METHOD AND ASSOCIATED SUBSCRIBER DEVICE - A network personal video recorder (NPVR) system, method and associated subscriber device. In one method operating on an NPVR element, a request for playing back a program asset is received from a first subscriber. If the program asset is determined to be in an associated content system, the method includes performing retrieving the program asset's location information from the associated content system, retrieving external media content from at least one of a local media campaign management system and a national media campaign management system wherein the external media content was included in a broadcast transmission of the program asset, building a playlist including the program asset and inserting the external media content into the playlist at appropriate insertion points, and transmitting the playlist including the program asset and the inserted external media content to the first subscriber. | 2014-11-13 |
20140337910 | METHOD, SYSTEM AND APPARATUS FOR IMAGE CAPTURE, ANALYSIS AND TRANSMISSION - A method, system and apparatus for image capture, analysis and transmission are provided. A link aggregation method involves identifying controller network ports to a source connected to the same subnetwork; producing packets associating corresponding controller network ports selected by the source CPU for substantially uniform selection; and transmitting the packets to their corresponding network ports. An image analysis method involves producing by a camera an indication whether a region of an image differs by a threshold extent from a corresponding region of a reference image; transmitting the indication and image data to a controller via a communications network; and storing at the controller the image data and the indication in association therewith. The controller may perform operations according to positive indications. A transmission method involves receiving user input in respect of a video stream and transmitting, in accordance with the user input, selected data packets of selected image frames thereof. | 2014-11-13 |
20140337911 | OPEN API DIGITAL VIDEO RECORDER AND METHOD OF MAKING AND USING SAME - A digital video recorder is disclosed. The digital video recorder includes at least one memory device, a plurality of communication access points for receiving at least one program play, an open application programming interface associated with the at least one memory device, and at least one correlation engine in communication with the open application programming interface. The plurality of applications correspondent to the open application programming interface allow a user to manipulate metadata associated with ones of the programs plays and the metadata relates to interframe interactivity with detailed aspects of the ones of the program plays. The at least one correlation engine provides for correlation among at least for the interframes of the program play to ones of the interframes of other ones of the program plays, and among the interframe interactivity to the interframes of the program play to interframe interactivity with the other ones of the interframes of the other ones of the program plays. | 2014-11-13 |
20140337912 | ELECTROSTATIC DISCHARGE PROTECTION ARRANGEMENT - An interconnection via a High Definition Multimedia Interface (HDMI) cable between a television receiver and a set-top box, embodying an invention feature, is obtained via an HDMI cable. In HDMI specifications 1.0 through 1.3a, pin | 2014-11-13 |
20140337913 | METHOD, APPARATUS, AND SYSTEM FOR ISOLATING A TEMPORARY PARTITION ON A HOST - A method, apparatus and system enable a temporary partition on a host to be isolated. More specifically, a temporary partition may be initialized in a partitioned host, assigned its own security policy and given the necessary resources to complete a task. Thereafter, the temporary partition may be dismantled. Since the temporary partition is isolated from the remaining partitions on the host, the temporary partition may be allowed to run a “weaker” security policy than the rest of the partitions because the isolation of the temporary partition ensures that the security of the remaining partitions may remain uncompromised. | 2014-11-13 |
20140337914 | Policy-based automated consent - A technique for intelligent automated consent is described by which a client may be automatically authorized to access a resource owner's protected information (e.g., a profile) based on the owner's previous authorization decisions and/or other client classifications. Using this approach to granting consent, the resource owner is not required to intervene during the authorization step for each client that is requesting access. Clients may be categorized, and authorization given to individual clients based on the category to which they belong and/or the scope of the access request. The technique may be implemented with user-centric identity protocols, as well as with delegated authorization protocols. The technique provides for policy-based consent grants. | 2014-11-13 |
20140337915 | System And Method For Creating Unique Digital Content Compilations - A computer network implemented system includes a server application linked to a computer server, wherein the server application and the computer server are operable to enable an Internet platform that enables one or more administrative users to select digital media content items from one or more content libraries to form the digital merchandise compilations, associate one or more rules related to the consumption of the digital merchandise compilations, including the rights of users or groups of users to access, retrieve, trade, transfer or otherwise use the digital merchandise compilations, or components thereof (“consumption attributes”), and enforce the one or more consumption attributes regardless of the users or groups of users, or network-connected device(s) associated with such user or groups of users. Each digital merchandise compilation constitutes a unique media object, where the actions of the users relative to the media object is defined by the consumption attributes. | 2014-11-13 |
20140337916 | Evaluating Security of Data Access Statements - Techniques are provided for evaluating the security of data access statements. Specifically, in one embodiment of the claimed subject matter there is provided a technique for evaluating the security of data access statements, comprising: evaluating the criticality of multiple SQL statements contained in multiple sessions accessing a database; generating a critical item set from the multiple sessions, each element in the critical item set indicating one or more SQL statements contained in a session; extracting at least one association rule from the critical item set, each of the at least association rule indicating a sequence of SQL statements contained in a session; and calculating the criticality of each of the at least one association rule. | 2014-11-13 |
20140337917 | VERIFYING ACCESS-CONTROL POLICIES WITH ARITHMETIC QUANTIFIER-FREE FORM CONSTRAINTS - A system and method is provided for verifying an access-control policy against a particular constraint for a multi-step operation. In disclosed embodiments, the method includes expressing the access-control policy as a first quantifier-free form (QFF) constraint and identifying the particular constraint as a second QFF constraint. The method also includes identifying an operation vector and providing copies of the operation vector associated with steps in the multi-step operation. The method also includes determining a third QFF constraint using the first QFF constraint, the second QFF constraint, and the copies of the operation vector. The method also includes solving the third QFF constraint to determine a solution and outputting a result of the solving. | 2014-11-13 |
20140337918 | CONTEXT BASED SWITCHING TO A SECURE OPERATING SYSTEM ENVIRONMENT - Generally, this disclosure provides devices, systems, methods and computer readable media for context based switching to a secure OS environment including cloud based data synchronization and filtration. The device may include a storage controller to provide access to the secure OS stored in an initially provisioned state; a context determination module to monitor web site access, classify a transaction between the device and the website and identify a match between the web site and a list of web sites associated with secure OS operation or a match between the transaction classification and a list of transaction types associated with secure OS operation; and an OS switching module to switch from a main OS to the secure OS in response to the identified match. The switch may include updating state data associated with the secure OS, the state data received from a secure cloud-based data synchronization server. | 2014-11-13 |
20140337919 | SYSTEMS AND METHODS FOR REMOTE ACCESS TO COMPUTER DATA OVER PUBLIC AND PRIVATE NETWORKS VIA A SOFTWARE SWITCH - Provided are systems and methods for performing network-based digital data software switching between geographically dispersed subject computing devices, to obtain full access to digital data from the non-transitory computer-readable media of geographically dispersed computing devices such that the entire physical or logical media from each device is fully accessible to one or more user computers on the Internet. This is achieved via network-based digital data software switching systems that may be implemented on public or private networks. The data software switching system may be implemented on a private network for use by a private entity, or it may be achieved via a “cloud computing” model whereupon the user obtains, from a public network such as the Internet, the use of both dedicated and shared resources to engage the data software switching capability. | 2014-11-13 |
20140337920 | Secure Element as a Digital Pocket - The disclosure includes a system and method in which one or more virtual resources are presented to a secure element; and the one or more virtual resources are mapped to available resources based on a model architecture for the secure element in order to provide hardware abstraction, the available physical resources varying based on the model architecture and an associated host device, the virtual resources allowing consistent interaction with the virtual resources regardless of variation in the physical resources available and their location. The hardware abstraction increases the versatility of the secure element and may contribute to the secure element's functionality. The secure element providing functionality to replace most items carried in an individual's pockets, e.g., logical and physical keys, a thumb drive, identification, credit and debit cards, etc. | 2014-11-13 |
20140337921 | SECURITY AND ACCESS SYSTEM BASED ON MULTI-DIMENSIONAL LOCATION CHARACTERISTICS - An invention is provided for system security and access based on multi-dimensional location characteristics. The invention includes collecting contextual information characterizing a specific location during a first time period utilizing a contextual data collection device (CDCD), wherein the contextual information indicates specific characteristics of the location and is collected at the location. Then, a contextual location fingerprint (CLF) is created based on the collected contextual information. In general, the CLF is a data space of values mapped over specific period of time. In operation, new contextual information is collected at a location occupied by a device to be verified during a second time period. The new contextual information then is compared to the CLF and authenticating the device fir the new contextual information is within predefined parameters of the CLF. | 2014-11-13 |
20140337922 | COMMUNICATIONS HUB FOR USE IN LIFE CRITICAL NETWORK - Secured communications between patient portable communicators (PPC) and a central authority (CA) via an unsecured network are implemented using software implemented by a communications device. The communications device provides for detecting, using a multiplicity of disparate communication protocols, presence of entities requesting a network connection and determining whether or not each of the entities is a PPC, establishing, only for the entities determined to be PPCs, a connection to the CA via the unsecured network using the disparate communication protocols, authenticating only the PPCs to the CA, and facilitating communication of PPC data between the PPCs and the CA via the communications device and the unsecured network upon successful PPC authentication. The PPC data comprises at least some patient implantable medical device data acquired by the PPCs. | 2014-11-13 |
20140337923 | Efficient Automatic Sharing of Network Access Among Devices - An access point device is configured to improve usability of tethering, while improving battery life and managing data usage among and by the tethered devices. Both access point devices and client devices can remain in a low power state without a high power radio being powered until a shared network connection is to be used. To establish a connection to a network for the client device, the client device communicates with the access point device over a lower power communication device, such as a low power radio. The access point device activates its higher power radio. The two devices then connect over the high power radio, allowing the client device to then to use the access point device as a router to connect to a computer network. | 2014-11-13 |
20140337924 | METHODS AND SYSTEMS FOR DYNAMIC LICENSE MANAGEMENT - Methods and systems for management of licenses for licensed features activatable on a server. In response to receipt of a request for activation of a requested feature on the server, a license count and a feature usage count are determined. It is determined whether the license count is sufficient to satisfy the request. When the license count is sufficient to cover the request, activation of the requested feature on the server is allowed. Otherwise, the request is refused. | 2014-11-13 |
20140337925 | Secure Application Leveraging of Web Filter Proxy Services - Secure application leveraging of a filter proxy service may be provided. In response to receiving a request to access a resource, a filter proxy service may be used to determine whether the request to access the resource is approved. If the request to access the resource is approved, the access to the resource may be allowed to continue. | 2014-11-13 |
20140337926 | SYSTEMS AND METHODS FOR ON-DEMAND PROVISIONING OF USER ACCESS TO NETWORK-BASED COMPUTER APPLICATIONS AND PROGRAMS - Provided are systems and methods for on-demand provisioning and de-provisioning of user access to network-based computer programs and applications, which provide on-demand user access provisioning when one or more programs or applications demand that role-based access be granted, in whole or part, to an application program by an approving authority, on an as needed basis. | 2014-11-13 |
20140337927 | AUTHORIZATION OF MEDIA CONTENT TRANSFER BETWEEN HOME MEDIA SERVER AND CLIENT DEVICE - A method for authorizing media content transfer between a home media server and a client device and provisioning DRM credentials on the client device, the method comprising receiving a service authorization credential at a client authorization server from a PKI provisioning server, wherein the service authorization credential is associated with a client device, and sending a validation response from the client authorization server to the PKI provisioning server if the client authorization server determines that the service authorization credential was previously provided by the client authorization server to the client device, wherein the validation response releases the PKI provisioning server to send DRM credentials to the client device. | 2014-11-13 |
20140337928 | INFORMATION PROCESSING DEVICE, INFORMATION MANAGEMENT METHOD, AND INFORMATION PROCESSING SYSTEM - An information processing device for managing information saved in a save location, including an authentication unit configured to manage first authentication information and second authentication information in association with each other, said first authentication information required to authenticate a client device requesting an operation relevant to the information, and said second authentication information required for authentication at said save location that saves the information; a save location monitor unit configured to monitor the information saved in the save location by using the second authentication information, and update index information of the information saved in the save location; and an information management unit configured to create a list of the information saved in the save location by using the index information of the information saved in the save location, and provide the list to the client device. | 2014-11-13 |
20140337929 | METHOD FOR PROVIDING DRM SERVICE AND ELECTRONIC DEVICE THEREOF - Provided is an electronic device. The electronic device includes at least one processor for executing a plurality of operating systems; and a mobile high-definition link (MHL) module. The operating systems include a normal operating system for controlling a content service and a secure operating system for receiving information for controlling digital rights management (DRM) content from the MHL module and controlling a DRM service. | 2014-11-13 |
20140337930 | SYSTEM AND METHOD FOR AUTHORIZING ACCESS TO ACCESS-CONTROLLED ENVIRONMENTS - Systems and methods are provided for authorizing a user to access an access-controlled environment. The system includes a system server platform that communicates with fixed PC's, servers and mobile devices (e.g., smartphones) operated by users. The systems and methods described herein enable a series of operations whereby a user attempting to access an access-controlled environment is prompted to biometrically authenticate using the user's preregistered mobile device. Biometric authentication can include capturing images of the user's biometric features, encoding the features as a biometric identifier, comparing the biometric identifier to a previously generated biometric identifier and determining liveness. In addition, the authentication system can further authorize the user and electronically grant access to the access-controlled environment. In this manner the secure authentication system can, based on biometric authentication, authorize a user's access to devices, online services, physical locations or any networked environment that require user authorization. | 2014-11-13 |
20140337931 | INDIRECT AUTHENTICATION - Techniques are provided for granting authorization to restricted content on a display device from an authorizing device. In one embodiment, the display device may operate in a display mode where only unrestricted content is accessible. To access restricted content, the display device may transmit an authorization request signal to the authorizing device. The authorizing device, having received the authorization request, prompts an authorized user to enter an authentication input, such as a password or gesture, on the authorizing device. Upon verification of the authentication input, the authorizing device is authenticated. An authorization signal is transmitted to the display device, and the display device may operate in an authorized mode, having access to otherwise restricted content or functions. | 2014-11-13 |
20140337932 | DISPERSED STORAGE NETWORK WITH ACCESS CONTROL AND METHODS FOR USE THEREWITH - In a dispersed storage network where slices of secure user data are stored on geographically separated storage units ( | 2014-11-13 |
20140337933 | SYSTEM AND METHOD FOR SECURE RECIPROCAL EXCHANGE OF DATA - A system for transmission of data from a first device operated by a first user includes a wireless device and a database. The wireless device is used by a second user and includes a memory for storage of data. The database is in network communication with the first device and the wireless device. The database receives and stores data from the first device. The database can synchronize a portion of the data from the first device with the memory of the wireless device on a periodic basis that is determined by the second user. The wireless device can include a mobile phone. Data from the first device can include a current mode of access of the first user. The database can synchronize a portion of the data from the first device with the memory of the wireless device automatically according to a predetermined time determined by the second user. Further, the database can synchronize a portion of the data from the first device with the memory of the wireless device whenever the data received by the database from the first device changes. In certain embodiments, the portion of the data from the first device that is synchronized between the database and the memory of the wireless device can be determined by the second user using the second device. | 2014-11-13 |
20140337934 | SYSTEM AND METHODS FOR ACCESS CONTROL BASED ON A USER IDENTITY - System and methods for access control in a Universal Plug and Play (UPnP) network are based on a user identity. A control point has an identity assertion capability for identifying a user. The control point is configured to declare a value of an attribute associated with the identity assertion capability. A device is communicatively coupled to the control point via the UPnP network. The device has a first access control list and a trusted-to-identify access control list (TIA). The device is configured to permit the user to perform one or more actions based upon whether the user identity appears as a subject in the first access control list. | 2014-11-13 |
20140337935 | FAST-ACCESSING METHOD AND APPARATUS - A fast-accessing method may comprise: establishing a first security connection between a first network node and a user equipment; obtaining first information from a second network node, wherein the first information comprises at least one of system information of the second network node and an identifier of a security algorithm selected by the second network node for the user equipment; providing second information to the second network node, in response to an indication of the second network node from the user equipment, wherein the second information comprises security information related to the user equipment; and sending the first information to the user equipment for establishing a second security connection between the user equipment and the second network node. | 2014-11-13 |
20140337936 | Relationship-Based Authorization - Methods and apparatus, including computer program products, related to relationship-based authorization. In general, data characterizing a request for authorization to a computer-based resource is received, and the authorization may be provided based on one or more relationships of a requesting principal. A determination may be made as to whether a requesting principal is authorized, which may include determining whether the requesting user has a relationship with a principal that has management rights of the computer-based resource and determining whether the relationship allows for an access, such as a use of the computer-based resource, if the requesting principal has a relationship with the other principal. If there is no such relationship, a determination may be made as to whether an organization of the requesting principal has a relationship with the other principal that allows for the access. | 2014-11-13 |
20140337937 | METHODS AND DEVICES FOR DETECTING UNAUTHORIZED ACCESS TO CREDENTIALS OF A CREDENTIAL STORE - Methods and devices for detecting unauthorized access to credentials of a credential store on a computing device are disclosed herein. In one broad aspect, the method comprises monitoring a plurality of credentials of the credential store accessed within a period associated with a first setting, and responsive to determining that a number of credentials accessed within the period exceeds a threshold associated with a second setting, outputting, in a user interface, an indication of potential unauthorized access to the credential store. In at least one embodiment, each of the credentials accessed within the period is associated with a different user account. | 2014-11-13 |
20140337938 | BOOKMARKING AND LASSOING IN A GEO-SPATIAL ENVIRONMENT - A method, apparatus and system of bookmarking and lassoing in a geo-spatial environment are disclosed. In one embodiment a method of bookmarking a plurality of entries includes receiving a lasso drawn on a geo-spatial map by a user, obtaining a region on the geo-spatial map based on the lasso, obtaining the plurality of entries from within the region, creating a plurality of bookmarks corresponding to the plurality of entries, associating the plurality of bookmarks with the user, and enabling access to the plurality of entries by the user using the plurality of bookmarks. The method may further include associating the plurality of entries with a group. The method may also include providing additional information corresponding to the plurality of entries to the user. The method may include presenting a mass profile edit option to the user for the plurality of entries. | 2014-11-13 |
20140337939 | CLIENT DISTRIBUTION SYSTEM, CONTENT DISTRIBUTION METHOD, AND CLIENT TERMINAL - The user of any one portable terminal sends a content information request including a user ID to a distribution server. In response, the distribution server distributes a stream data of content that can be used on the user's terminal. If the user of first portable terminal intends to let a second portable terminal try out a certain content, the user sends to the distribution server the trial permission information including the user's own user ID, a content ID of the content of interest, and a digital signature. The distribution server authenticates the received information before distributing a streaming data of a trial-oriented content with the content ID and user ID attached to it as search keys. This allows the content that can be used on a given user terminal to be tried out on another user terminal without the latter user having recourse to the steps of searching for the content in question. | 2014-11-13 |
20140337940 | Remote Provisioning of 3GPP Downloadable Subscriber Identity Module for Virtual Machine Applications - A method is presented of providing a subscriber identity for the provision of services on behalf of the subscriber in a virtual computing environment. The method includes receiving a request to establish an execution environment for a virtual machine-to-machine equipment, vM2 M E. The vM2ME is provided, comprising software for execution in the virtual computing environment and a downloadable Subscriber Identity Module. A Communications Module, CM, is set up for execution in a domain of a virtualisation platform. The CM provides an end-point for communications between the vM2ME and a 3GPP network. The Subscriber Identity Module is installed for execution together with the CM, the Subscriber Identity Module including a 3GPP identity of the subscriber, security data and functions for enabling access to the vM2ME via the 3GPP network. | 2014-11-13 |
20140337941 | METHODS AND DEVICES FOR PROVIDING WARNINGS ASSOCIATED WITH CREDENTIALS TO BE STORED IN A CREDENTIAL STORE - Methods and devices for providing a warning associated with credentials to be stored in a credential store on a computing device are disclosed herein. In one broad aspect, the method comprises receiving a request to store, in the credential store, at least one credential for a specified service, determining whether a secure connection between the computing device and the specified service is available, associating the specified service with a level of security based on at least one of an availability of the secure connection or one or more properties of the secure connection, and providing a warning in response to determining that at least one credential stored in the credential store corresponds to the at least one credential for the specified service and is for a service that is associated with a level of security different from the level of security with which the specified service is associated. | 2014-11-13 |
20140337942 | Personalized Security Management - Systems and methods for personalized security management of online applications are provided. A determination may be made that a condition for constructing an increased authentication proposal for access to an online financial service is satisfied. The increased authentication proposal may be associated with (i) a user of the online financial service and (ii) a user request option associated with the online financial service. Based upon the determination that the condition is satisfied, the increased authentication proposal may be generated and transmitted for presentation to the user. An increased authentication proposal response may then be received, and the increased authentication proposal response may be processed in order to store, in association with the user and the user request option, (i) an indication of an increased authentication condition and (ii) an indication of an increased authentication mechanism. | 2014-11-13 |
20140337943 | METHOD FOR SECURE USER AND TRANSACTION AUTHENTICATION AND RISK MANAGEMENT - To provide a user signature on a network transaction, a security server receives transaction information representing a transaction between a network user and a network site, such as a website, directly from the network site. The security server calculates a one-time-password based on the received transaction information and a secret shared by the security server and the network site, but not by the user. The security server transmits the calculated one-time-password for application as the user's signature on the transaction. The one-time-password is independently calculable by the network site based on the shared secret. | 2014-11-13 |
20140337944 | SYSTEMS AND METHODS FOR PROCESSING AND TRANSMITTING SENSOR DATA - Systems and methods for continuous measurement of an analyte in a host are provided. The system generally includes a continuous analyte sensor configured to continuously measure a concentration of analyte in a host and a sensor electronics module physically connected to the continuous analyte sensor during sensor use, wherein the sensor electronics module is further configured to directly wirelessly communicate sensor information to one or more display devices. Establishment of communication between devices can involve using a unique identifier associated with the sensor electronics module to authenticate communication. Times tracked at the sensor electronics module and the display module can be at different resolutions, and the different resolutions can be translated to facilitate communication. In addition, the frequency of establishing communication channels between the sensor electronics module and the display devices can vary depending upon whether reference calibration information is being updated. | 2014-11-13 |
20140337945 | CONTEXT-AWARE ADAPTIVE AUTHENTICATION METHOD AND APPARATUS - A context-aware adaptive authentication method may comprise: determining a context for a user; adjusting automatically an authentication configuration for the user based at least in part on the context, wherein different matching accuracies of an authentication algorithm for the same authentication input data are associated with respective authentication configurations; and performing an authentication of the user with the authentication configuration, wherein for the user under a safe context, the authentication is performed by decreasing a matching accuracy of the authentication algorithm. | 2014-11-13 |
20140337946 | PASSWORD RESET SYSTEM - A customer initiated password reset system resets user passwords on a variety of network entities, such as internal systems, allowing simultaneous reset with a minimum number of user specified passwords that nonetheless satisfy the password specifications of these internal systems. Thereby, the user avoids the tedium of logging into each of these systems, changing their password, logging out, etc., for each system with the likelihood of creating unique passwords for each system that have to be remembered. By further incorporating a score metric based upon how many character sets are touched, a required degree of complexity can be measured and enforced against the password specifications. Advantageously, a table-based approach to enforcing password reset against the multiple password specifications facilitates making and fielding updates. | 2014-11-13 |
20140337947 | METHOD OF IMPROVING ONLINE CREDENTIALS - The invention comprises a method of providing additional assurance regarding a websites authenticity. The assurance is provided by using a credential that contains an image of the website operator or the website operator's business operations. The assurance is also provided by scanning the website associated with the credential for changes and alerting the website operator or a website visitor of the changes. The invention includes a method of ensuring the proper operation of the credential and a method of protecting the credential from mis-issuance. | 2014-11-13 |
20140337948 | SYSTEM AND METHOD FOR DETERMINING LIVENESS - Systems and methods are provided for recording a user's biometric features and generating an identifier representative of the user's biometric features and whether the user is alive (“liveness”) using mobile devices such as a smartphone. The systems and methods described herein enable a series of operations whereby a user using a mobile device can capture imagery of a user's face, eyes and periocular region. The mobile device is also configured analyze the imagery to identify and determine the position of low-level features spatially within the images and the changes in position of the low level features dynamically throughout the images. Using the spatial and dynamic information the mobile device is further configured to determine whether the user is alive and/or generate a biometric identifier characterizing the user's biometric features which can be used to authenticate the user by determining liveness and/or verify the user's identity. | 2014-11-13 |
20140337949 | SYSTEM AND METHOD FOR GENERATING A BIOMETRIC IDENTIFIER - Systems and methods are provided for recording a user's biometric features and generating an identifier representative of the user's biometric features using mobile device such as a smartphone. The systems and methods described herein enable a series of operations whereby a user using a mobile device can capture imagery of a user's face, eyes and periocular region. The mobile device is also configured analyze the imagery to identify and determine the position of low-level features spatially within the images and the changes in position of the low level features dynamically throughout the images. Using the spatial and dynamic information the mobile device is further configured to generate a biometric identifier characterizing the user's biometric features and which can be used to identify/authenticate the user by comparing the biometric identifier to a previously generated biometric identifier. | 2014-11-13 |
20140337950 | Method and Apparatus for Secure Communications in a Wireless Network - A method and apparatus for secure communications between an access point and a station in a wireless network is provided. The station receives a first message from the access point in the wireless network, the first message includes a first hashed service set identifier (SSID) generated by the access point by performing a first hash function on an SSID associated with the access point. The station generates a second hashed SSID by performing the first hash function on an SSID known by the station, determines whether the second hashed SSID matches the first hashed SSID. When the second hashed SSID matches the first hashed SSID, the station sends a second message to the access point. | 2014-11-13 |
20140337951 | SECURITY MANAGEMENT SYSTEM INCLUDING MULTIPLE RELAY SERVERS AND SECURITY MANAGEMENT METHOD - The present invention relates to a security management system of a computer network, which includes a center server and two or more relay servers. The relay servers receives at least some of data stored in the center server and stores the received at least some of data. A first relay server stores access authentication information and transmits data requested by the client to the client, when access information received from a client does not match with the access authentication information. The center server transmits a ‘block relay’ command to the first relay server and a ‘start relay’ command to a second relay server, when the center server receives information on the malicious access. Accordingly, the second relay server performs a relay function instead of the first relay server. | 2014-11-13 |
20140337952 | METHOD AND DEVICES FOR RUNNING PUSH-BUTTON CONFIGURATION SESSIONS - A method and a network node device run Push-Button Configuration sessions within a heterogeneous network, IEEE 1905.1, using a push button configuration mechanism that ensures that only one single new network node device is registered for a single push button key press event and thus overlapping Push-Button Configuration sessions within a heterogeneous network are prevented. After finishing the push button configuration mode, the number of new nodes is checked. If more than one node has been added, a configuration roll-back is performed. Preferably, the push button configuration roll-back is performed as soon as the authentication of more than one distinct node has been detected. The roll-back includes the deletion or deactivation of credentials established by the push-button configuration. | 2014-11-13 |
20140337953 | Cross-platform authentication from within a rich client - An un-authenticated user attempts to access a protected resource at a Web- or cloud-based application from within a rich client. The client has an associated local HTTP server. Upon being refused access, a browser-based login dialog is opened automatically within an embedded browser panel. After receipt of the user's login credential in the panel, the browser passes the credential server application. If the user is authenticated, the browser-based dialog receives a cookie establishing that the user is authenticated for a session. The browser then automatically makes a request to the HTTP server, passing the cookie. Upon receipt of the request at the rich client HTTP server, the rich client saves the cookie in an associated data store, shuts down the login dialog, and re-issues the original request to the server, this time passing the cookie. The rich client, having provided the cookie, is then permitted to access the resource. | 2014-11-13 |
20140337954 | Method and Apparatus for Providing Federated Service Accounts - An approach is provided for determining that a user has been authenticated for an access to at least one service using a federated identity ( | 2014-11-13 |
20140337955 | AUTHENTICATION AND AUTHORIZATION WITH A BUNDLED TOKEN - Authentication and authorization can be performed with a bundled token, which encapsulates two or more security tokens in a single security token. The bundled token can be supplied in response to a request for a token from a token service, for example. Subsequently, the bundled token can be sent in conjunction with a request for resource access, wherein more than one token is required to access the resource. | 2014-11-13 |
20140337956 | SYSTEM AND METHOD FOR MULTIFACTOR AUTHENTICATION AND LOGIN THROUGH SMART WRIST WATCH USING NEAR FIELD COMMUNICATION - A system and method for multifactor authentication and login using a smart wrist watch with at least one NFC (Near Field Communication) technology tag, with a computing device such as mobile, pda, tablets, laptop, desktop, or any similar system comprising user Authentication NFC login support and multifactor login support system or website wherein at least one NFC tag id arrayed in Smart Wrist watch is used for said device system or said website already registered at the time of sign up or setting user name and password is treated as second authentication factor. | 2014-11-13 |
20140337957 | OUT-OF-BAND AUTHENTICATION - In one aspect, the present disclosure is generally directed to a hardware token for completing an out-of-band authentication. In one embodiment, the hardware token performs a method that comprises: receiving an out-of-band encryption key from a client computing device; deriving a security credential that uniquely identifies the hardware token; transmitting the derived security credential and received out-of-band encryption key over the out-of-band communication channel to a network backend over a wireless network; receiving an in-band encryption key over the out-of-band communication channel; and transmitting the received in-band encryption key to the paired client computing device. | 2014-11-13 |
20140337958 | SECURITY FRAMEWORK FOR HTTP STREAMING ARCHITECTURE - Methods and apparatus for preventing unauthorized access to online content, including in particular streaming video and other media, are provided. In various embodiments, techniques are provided to authorize users and to authenticate clients (e.g., client media players) to a content delivery system. The content delivery system may comprise a content delivery network with one or more content or “edge” servers therein. The requesting client is sent a program at the time of content delivery. The program may be embedded in the content stream, or sent outside of the stream. The program contains instructions that are executed by the client and cause it to return identifying information to the content delivery system, which can then determine whether the client player is recognized and, if so, authorized to view the content. Unrecognized and/or altered players may be prevented from viewing the content. | 2014-11-13 |
20140337959 | SYSTEMS AND METHODS FOR CONTROLLING A LOCAL APPLICATION THROUGH A WEB PAGE - A system, computer-readable storage medium storing at least one program, and a computer-implemented method for controlling a local utility are disclosed. A first request originating from an application and including a first token is received at a local utility. The application received a web page, including a plurality of links and the first token, from a first server. The plurality of links are received by the application from a second server. The first token is authenticated. Authentication includes sending the first token to a third server. In response to authenticating the first token, a second token is generated at the local utility. The second token is sent to the application for inclusion in subsequent requests from the application. | 2014-11-13 |
20140337960 | TRUSTED SERVICE INTERACTION - In one embodiment a controller comprises logic configured to receive, from an application executing on an untrusted execution complex of the electronic device, a request for a secure communication session with a remote service, verify a security credential received from the remote service, establish a secure communication connection between the secure controller and the remote service, establish a secure user interface, collect one or more authentication credentials from a user via the secure user interface, forward the one or more authentication credentials to the remote service, and conduct a secure communication session with the remote service. Other embodiments may be described. | 2014-11-13 |
20140337961 | SYSTEM FOR IMPLEMENTING DYNAMIC ACCESS TO PRIVATE CLOUD ENVIRONMENT VIA PUBLIC NETWORK - A system for implementing dynamic access to a private cloud environment via a public network is provided. The private cloud environment includes a gateway device linking to the public network and a plurality of storage devices connected to the gateway device. The system includes an intermediary server and a user terminal. The user terminal is linked to the intermediary server, via the public network, for acquiring a public IP address associated with the gateway device and a port information associated with the storage devices after being authenticated by the intermediary server. Then, the user terminal is linked to the gateway device in accordance with the public IP address, and is connected to the storage devices in accordance with the port information to access data from the storage devices. | 2014-11-13 |
20140337962 | COMPUTER COMMUNICATION SYSTEM FOR COMMUNICATION VIA PUBLIC NETWORKS - A computer communication system including a client computer with an installed virtual private network (VPN) client and located in a public network, a server computer located in a corporate network, a web server remote from the client computer, a gateway computer located in the corporate network, and a VPN server computer located in the corporate network. The computer communication system is adapted to run following steps of providing a safe VPN communication connection between the client and the server computers: the client computer, using a WEB browser, downloads an application from the VPN server computer, and the downloaded application automatically configures the VPN client installed on the client computer and establishes a tunnelled connection from the client computer to the corporate network. All packets generated by the installed VPN client are forwarded through the tunnelled connection via the gateway computer to the VPN server in the corporate network. | 2014-11-13 |
20140337963 | SYSTEMS AND METHODS FOR HANDLING PACKETS FROM A TRUSTED NETWORK - Systems and methods for handling packets from a trusted network are provided. In some aspects, a system includes a communication module configured to receive a packet at a gateway from a server in a trusted network. The gateway is between the trusted network and a network external to the trusted network. The system also includes a verification module configured to determine whether the received packet is valid. The communication module is configured to route the received packet to a client in the external network if the received packet is determined to be valid. The communication module is configured to apply a corrective action to the received packet if the received packet is determined to be invalid. | 2014-11-13 |
20140337964 | Software Firewall Control - A software firewall that may be configured using rules specified for types of network interfaces rather than individual network interfaces. The network types may be specified with type identifiers that have a readily understandable meaning to a user, facilitating ease of configuring the firewall. The network types could include, for example, wired, wireless and remote access. A rule specified based on a network type can be implemented for network interfaces of that network type. The implementation may be performed automatically and may be updated based on network location awareness information. | 2014-11-13 |
20140337965 | Method and System for Access to Development Environment of Another with Access to Intranet Data - A method for secure external access to a collaborative design system is provided that includes establishing a virtual private network (VPN) tunnel between an engagement virtual machine and an external computer system, wherein the external user provides a user id and password for authorization to establish the VPN tunnel, receiving the user id and password in a web interface of the collaborative design system and identifying the engagement virtual machine the external user is allowed to access based on the user id and password, prompting the external user to log into the engagement virtual machine, wherein the user id and password are again received from the external user, issuing a security ticket to the external user when the user logs into the engagement virtual machine, and using the security ticket to authenticate accesses initiated by the external user to engagement files stored in a file system in an intranet. | 2014-11-13 |
20140337966 | PUBLIC ACCESS POINT - The invention instantiates a Personal VLAN bridge, using IEEE Std. 802.11 elements. The result is a bridge, referred to as a public access point, that is better suited for implementing public wireless data networks than the IEEE Std. 802.11 architecture. The invention also provides a location-update protocol for updating the forwarding tables of bridges that connect public access points together. The invention further provides a method for more controlled bridging, which is referred to as fine bridging. | 2014-11-13 |
20140337967 | Data Transmission Method, System, and Apparatus - A data transmission method is applied in a virtual private network (VPN) and includes: querying, by an initiating client, a VPN server for external network Internet Protocol (IP) addresses of the initiating client and a responding client; performing, by the initiating client, key negotiation with the responding client through the VPN server; after the key negotiation is completed, writing, by the initiating client, the external network IP address of the initiating client into a source address field of a to-be-sent User Datagram Protocol (UDP) packet, writing the external network IP address of the responding client into a destination address field of the to-be-sent UDP packet, and encrypting the to-be-sent UDP packet according to a key obtained through the negotiation; and sending, by the initiating client, an encrypted UDP packet to the responding client, and performing packet interaction with the responding client directly. | 2014-11-13 |
20140337968 | UNLOCKING SCHEMES - An end device may include a camera configured to capture an image of an object, a touch screen configured to receive a touch input and a processor configured to determine to unlock the end device based, at least in part, on a relation between the image of the object and the touch input. | 2014-11-13 |
20140337969 | PORTABLE COMPUTER AND OPERATING METHOD THEREOF - A portable computer and an operating method thereof are provided. The portable computer comprises an input device, a power button, a non-volatile memory, a central processing unit (CPU), an embedded controller (EC), and a chipset. The input device inputs a user password, and the non-volatile memory stores a default password. The EC, in a soft off status, determines whether the power button protection item is enabled. The EC locks the power button if the power button protection item is enabled. The EC determines whether the user password is the same as the default password. The EC unlocks the power button if the user password is the same as the default password. The chipset is coupled to the non-volatile memory, the CPU and the EC. | 2014-11-13 |
20140337970 | IMAGE PROCESSING APPARATUS THAT PERFORMS USER AUTHENTICATION, AUTHENTICATION METHOD THEREFOR, AND STORAGE MEDIUM - An image processing apparatus capable of an authentication technique which enables appropriate user authentication on an application-by-application basic without requiring users to perform time-consuming operations. A storage unit stores authentication method setting information in which authentication methods for respective ones of a plurality of applications are set. An authentication method determination unit determines an authentication method for use in authentication to be performed before a selected application is executed, based on the authentication method setting information. An authentication unit performs the authentication using the authentication method determined by the authentication method determination unit. The authentication methods include at least a first authentication method that does not require input of authentication information and a second authentication method that requires input of the authentication information. | 2014-11-13 |
20140337971 | COMPUTER INFRASTRUCTURE SECURITY MANAGEMENT - A mapping system is provided that makes use of security data collected from various data sources. Following appropriate pre-processing, the mapping system analyses the security data to provide estimated values for parameters in a security model, the security model in turn being based on one or more mathematical representations. | 2014-11-13 |
20140337972 | Social Threat Scoring - A method includes identifying data on a social network that is associated with a social entity, and determining one or more characteristics of the identified data. A reference to the identified data is generated for each of the one or more characteristics. Each generated reference is compared to one or more known references, and a risk score for a social entity is determined based on each of the comparisons. A confidence score for the risk score is determined. | 2014-11-13 |
20140337973 | SOCIAL RISK MANAGEMENT - A method includes a protected social entity is determined based on one or more user inputs, and data on one or more social networks that is related to the protected social entity is monitored. A risk to the protected social entity is determined based on monitoring the data on the one or more social networks that is related to the protected social entity. The risk management data is provided to a user. | 2014-11-13 |
20140337974 | SYSTEM AND METHOD FOR SEMANTIC INTEGRATION OF HETEROGENEOUS DATA SOURCES FOR CONTEXT AWARE INTRUSION DETECTION - A semantic approach to intrusion detection is provided that can utilize traditional as well as nontraditional data sources collaboratively. The information extracted from these traditional and nontraditional data sources is expressed in an ontology, and reasoning logic rules that correlate at least two separate and/or distinct data sources are used to analyze the extracted information in order to identify the situation or context in which an attack can occur. By utilizing reasoning logic rules that contain rules that correlate at least two separate and/or distinct data sources, a threat or attack can be determined using data that is spatially (e.g., geographically) and temporally separated, resulting in a context aware IDPS that can relate disparate activities spread across time and multiple systems as part of the same attack. | 2014-11-13 |
20140337975 | METHOD FOR ANALYZING SPYWARE AND COMPUTER SYSTEM - A method for analyzing spyware and a computer system that relates to communication technology are provided. A trace of an executed spyware process is captured by the computer system. The spyware process includes a data packet returning operation that transmits a data packet to a control host as a result of executing the spyware process. The data packet returning operation has a subprogram which is extracted from the execution trace. The subprogram includes at least one call interface. Semantic information from each component of information of the at least one call interface is analyzed and output. In this manner a specific format of a data packet returned to the control host is determined, a communication protocol of the spyware is obtained, and a user may rewrite control commands of the spyware according to the obtained communication protocol, to control execution of the spyware. | 2014-11-13 |
20140337976 | METHOD FOR VEHICLE INTRUSION DETECTION WITH MOBILE ROUTER - A method of operating a mobile router installed in a vehicle is provided. The vehicle comprises a vehicle network bus coupled to a plurality of electronic control units. The mobile router comprises: a wireless wide area network interface a wireless local area network interface; an interface to the vehicle network bus; a processor; and a memory comprising a plurality of programs. The plurality of programs comprises an intrusion detection program executable by the processor. The method of operating a mobile router comprises: monitoring data on the vehicle network bus; utilizing the intrusion detection program to detect one or more anomalies in the monitored data; and generating an alert upon detection of one or more of anomalies. | 2014-11-13 |
20140337977 | AUTOMATED DEPLOYMENT OF PROTECTION AGENTS TO DEVICES CONNECTED TO A DISTRIBUTED COMPUTER NETWORK - Network traffic is monitored to detect attempted inter-network communications, including attempts by devices internal to the network to communicate with resources external to the network and attempts by devices external to the network to establish VPN sessions with resources internal to the network. Upon detecting an attempted inter-network communication, the device responsible for initiating such communication is identified. Then, it is determined whether the identified device is running a valid protection agent. If so, the attempted inter-network communication is permitted. If not, the attempted inter-network communication is blocked in compliance with a network security policy and the identified device is prompted to download and install a protection agent from a designated storage location, or to activate a previously installed protection device. The prompt may include a hyperlink for initiating download of the protection agent. | 2014-11-13 |
20140337978 | SYSTEMS, METHODS, AND MEDIA FOR GENERATING BAIT INFORMATION FOR TRAP-BASED DEFENSES - Systems, methods, and media for generating bait information for trap-based defenses are provided. In some embodiments, methods for generating bait information for trap-based defenses include: recording historical information of a network; translating the historical information; and generating bait information by tailoring the translated historical information. | 2014-11-13 |
20140337979 | Using Telemetry to Reduce Malware Definition Package Size - Clients send telemetry data to a cloud server, where the telemetry data includes security-related information such as file creations, timestamps and malware detected at the clients. The cloud server analyzes the telemetry data to identify malware that is currently spreading among the clients. Based on the analysis of the telemetry data, the cloud server segments malware definitions in a cloud definition database into a set of local malware definitions and a set of cloud malware definitions. The cloud server provides the set of local malware definitions to the clients as a local malware definition update, and replies to cloud definition lookup requests from clients with an indication of whether a file identified in a request contains malware. If the file is malicious, the client remediates the malware using local malware definition update. | 2014-11-13 |
20140337980 | METHOD, DEVICE AND TERMINAL FOR SCANNING VIRUS - Described are a method and a device for processing price, a method and an electronic commerce system for processing order sheet. The method for processing price includes: obtaining attribute information of a commodity in an electronic commerce system; distributing a charging mark to the commodity according to the attribute information of the commodity; and setting price information corresponding to the charging mark of the commodity according to a predetermined price processing rule. The information price of the commodity is pertinently customized according to the attribute information of the electronic commerce system. The commodity of the electronic commerce system is strong pertinence that price may be adjusted flexibly and efficiently, and an intelligence of the electronic commerce system is improved. | 2014-11-13 |
20140337981 | FINGERPRINT ANALYSIS FOR ANTI-VIRUS SCAN - Disclosed are systems and methods for fingerprint analysis for anti-virus scanning In an embodiment, a method of scanning for infected data items is disclosed. The method provides identifying a plurality of changed data items on a server machine. The method further provides, from a data system in communication with the server machine, performing a virus scan on the plurality of changed data items. The method further provides that the data system maintains a list of data items that the virus scan found to be infected. | 2014-11-13 |
20140337982 | Risk Prioritization and Management - Methods for managing and prioritizing risk include receiving a data set and analyzing the data set for duplicates, false positives, false negatives, and tool errors. Said duplicates, false positives, false negatives and results of tool errors are removed from the data set, creating an input file. The input file is compared against compliance standards to identify any weaknesses, defects, bugs, flaws, vulnerabilities, and/or failures in the input file. The compared input file is mapped to Common Weakness Enumeration standards. A risk prioritization can be generated based on the mapped results. At least one report can be generated based on the risk prioritization. | 2014-11-13 |
20140337983 | Entry/Exit Architecture for Protected Device Modules - The entry/exit architecture may be a critical component of a protection framework using a secure enclaves-like trust framework for coprocessors. The entry/exit architecture describes steps that may be used to switch securely into a trusted execution environment (entry architecture) and out of the trusted execution environment (exit architecture), at the same time preventing any secure information from leaking to an untrusted environment. | 2014-11-13 |
20140337984 | VERIFICATION OF SERIALIZATION CODES - An example apparatus may include a processor and a memory device including computer program code. The memory device and the computer program code may, with the processor, cause the apparatus to provide modified serialization codes for a first entity in a serialization flow to replace existing serialization codes for the first entity. In various examples, the modified serialization codes may have a representation of at least two different characters, and a number of instances of one of the characters in the representation of the modified serialization codes may be different from a number of instances of the one of the characters in the representation of the existing serialization codes. The memory device and the computer program code may further cause the apparatus to receive serialization codes from a second entity, the second entity being downstream in the serialization flow from the first entity; compare serialization codes from the second entity with the modified serialization codes; and verify the serialization codes from the second entity by determining if the serialization codes from the second entity are compatible with the modified serialization codes. | 2014-11-13 |
20140337985 | Security in Digital Manufacturing Systems - A system for digital manufacturing is described. A content repository includes digital manufacturing source files that have model information, pricing information, and rights information. A viewport for viewing a visual rendering of the digital manufacturing source file is included along with an obfuscation engine for obfuscating the digital manufacturing source file at the content repository and de-obfuscating the digital manufacturing source file at the viewport. Also included is a selection engine for choosing the digital manufacturing source file for digital manufacturing. | 2014-11-13 |