Abstract: Implementations of the present invention contemplate utilizing the communicative connections between a telematics service provider (TSP), a communication device, and a telematics unit in a vehicle to manage personalized information of a subscriber. Implementations contemplate the removal of personalized information of a subscriber from data stores located at a vehicle, the uploading of personalized information of a subscriber to a database of an operations control center of the TSP, and the downloading of personalized information of a subscriber by a telematics unit of a vehicle from an operations control center of the TSP. Implementations enable personalized information of a subscriber to be removed from a vehicle remotely in order to prevent a user of the vehicle from accessing personalized information of the subscriber. Furthermore, implementations enable personalized information of a subscriber to be accessed by a vehicle in order to provide a subscriber with a customized experience in the vehicle.

Abstract: Systems and methods, including computer software adapted to perform certain operations, can be implemented for remotely defining security data for authorizing access to data on a client device. Permission indicators are associated with a sequence of instructions, and a protected activity is associated with one or more of the permission indicators and with an instruction within the sequence of instructions. The one or more permission indicators and the sequence of instructions are provided to a remote device. The remote device determines whether execution of the instruction is permitted based, at least in part, on the one or more permission indicators, and the remote device performs the protected activity if execution of the instruction is permitted.

Abstract: A password recovery technique for access to a system includes receiving a request from a first party to recover the first party's password to access the system, receiving a selection of a second party from the first party, sending a message to the second party requesting that the second party authorize the request to recover the first party's password, receiving authorization from the second party for the request to recover the first party's password, and resetting the first party's password responsive to receiving authorization from the second party.

Abstract: An improved system and method are disclosed for peer-to-peer communications. In one example, the method enables endpoints to securely send and receive messages to one another within a hybrid peer-to-peer environment.

Abstract: The present invention extends to methods, systems, and computer program products for managing applications in non-cooperative environments. Embodiments of the invention provide the ability to manage non-cooperative applications and operating systems. For example, applications and operating systems at a user's (e.g., an information worker's) personal device (e.g., smartphone) can be appropriately managed to provide more secure access to a corporate IT infrastructure. An IT worker can programmatically repackage an application, deploy it to a user's personal device, and manage the user's ability to use the application through policy.

Abstract: A method for providing a sensitive text alert includes monitoring a key selected on a keyboard of a computer system. The key selected is reported to a key-logger application executing on the computer system. The reported key selected is appended to a string file. At least one portion of the string file is compared to a database of sensitive words/phrases. An alert is generated when it is determined that the compared at least one portion of the string file matches an entry in the database of sensitive words/phrases. The generated alert is superimposed on a display device of the computer system.

Abstract: A method, non-transitory computer readable medium and apparatus for processing a request from a server of a machine-to-machine service provider are provided. For example, the method receives the request from the server of the machine-to-machine service provider to communicate with a machine-to-machine device, determines whether to authorize the request based upon a policy in a privacy database, and enables communications between the server of the machine-to-machine service provider and the machine-to-machine device if the request is authorized based upon the policy.

Abstract: A system and method is provided for implementing platform security on a consumer electronic device having an open development platform. The device is of the type which includes an abstraction layer operable between device hardware and application software. A secured software agent is provided for embedding within the abstraction layer forming the operating system. The secured software agent is configured to limit access to the abstraction layer by either blocking loadable kernel modules from loading, blocking writing to the system call table or blocking requests to attach debug utilities to certified applications or kernel components.

Abstract: A computer-implemented method is presented herein. The method obtains a first content item from an online source, and then generates a characterizing signature of the first content item. The method continues by finding a previously-saved instance of the characterizing signature and retrieving data associated with a second content item (the second content item is characterized by the characterizing signature). The method continues by analyzing the data associated with the second content item, corresponding data associated with the first content item, and decision criteria. Thereafter, either the first content item or the second content item is identified as an original content item, based on the analyzing. The other content item can be flagged as an aggregated content item.

Abstract: Some demonstrative embodiments include apparatuses, systems and/or methods of securing a service Identifier (ID). For example, a wireless device may include a Secure Service Identifier (SSID) processor to determine a SSID corresponding to a service, the SSID including an encrypted value being based on a service name key from a service provider of the service and a service name corresponding to the service; and a radio to transmit a wireless message including the SSID.

Abstract: Ensuring the security of a data transmission by verifying an identity of a user, comprising: a prior step of enrolling a terminal of the user, comprising: an association of a authentic identity data item of the user and a data item of a terminal available to the user and communicating via a network, the association being stored with data for contacting the terminal via the network, and a determination of an identity derived from at least said information, stored in the memory of the terminal, in correspondence with a data item specific to the user, for the purposes of a later strong authentication based on both the data item specific to the user and on the derived identity, as well as a current step of verifying the user identity.

Abstract: Method and Apparatus for Securing a Connection in a Communications Network A method of operating a user equipment (UE) using a Generic Bootstrapping Architecture (GBA) is provided. The method includes establishing a shared secret between the UE and a Network Application Function (NAF). An authentication request is sent to a Bootstrapping Server Function (BSF) by the UE. An original parameter intended for a key derivation function and a bootstrapping transaction identifier is received from the BSF. An application request, including the bootstrapping transaction identifier, is sent by the UE to the NAF. A modified parameter is derived by the UE from the secret and the original parameter intended for the key derivation function. A cryptographic key is determined using said modified parameter in place of or in addition to the original parameter in the key derivation function, and communications with the NAF are secured using the key.

Abstract: Techniques for placing a virtual edge gateway appliance on at least one host computing system are described. In one embodiment, a virtual switch assigned to a tenant for creating virtual networks is identified. Further, at least one host computing system having access to the virtual switch is identified. Furthermore, placing a virtual edge gateway appliance on the at least one identified host computing system is recommended to allow connectivity to networks created using the virtual switch assigned to the tenant.

Abstract: Techniques are described in which to access a user's web applications, the user registers and signs on to an aggregator system using any supported login identity provider username and password. When the user registers for the first time, the system collects additional information to verify the user for a subsequent access to the system. The system also automatically creates a system secret username and secret, highly securely generated password, both of which are unknown and inaccessible to the user. The secret username and password are stored in an lightweight directory access protocol (LDAP) server or database or in a distributed cloud database system. The system also maps the login identity provider user name to the secret user name and password for subsequent usage.

Abstract: An apparatus and corresponding method are provided for encoding video signal data by applying an adaptive quantizer parameter responsive to bit-rate; where a video encoder for encoding video signal data for an image block relative to at least one reference picture includes an adaptive quantizer for applying an adaptive quantizer parameter responsive to a current bit-rate; and where a corresponding method includes initializing an adaptive quantizer, calculating the bits used by the video signal data with the adaptive quantizer, assigning bits to each of a plurality of picture types, calculating a difference in adaptive quantizer responsive to the assigned bits from the previous number of bits used by the group of pictures and obtaining an updated adaptive quantizer for the video signal data, calculating an adaptive quantizer for a portion of the video signal data, encoding the portion of the video signal data, and obtaining the actual number of bits used for the encoded portion of the video signal data.

Abstract: A relay service can relay messages between controllers and electronically controllable accessory devices that may be located remotely from the controllers. Relaying of messages by the relay service can be decoupled from any knowledge of the functionality of the accessory or the content of the messages. Device identification and relaying of messages can be managed using “relay aliases” that are meaningful only to the relay service and the endpoint devices (the controller and accessory). The endpoint devices can implement end-to-end security for messages transported by the relay service.

Abstract: A system and method for obtaining an authorization key to use a product utilizes a secured product identification code, which includes a serial number and at least one code that is generated based on a cryptographic algorithm.

Abstract: A new approach is proposed that contemplates systems and methods to support bulk authentication of an appliance associated with a user to all cloud-based services the appliance intends to access in one transaction instead of authenticating the appliance against each of the services individually. First, the appliance generates and transmits to an authentication service cluster an authentication request that includes its identification and authentication credentials in order to access to a plurality of services. Upon receiving the authentication request, the authentication service cluster authenticates the appliance for all of the services to be accessed based on the information in the authentication request. Once the appliance is authenticated, the authentication service cluster then retrieves entitlement information of the services to be accessed by the appliance, and identifies the service clusters/nodes that the appliance will connect to for the services with the fastest response time.

Abstract: Systems, methods and articles of manufacture for delivering website content to an internet user which is personalized to the user based on a persona associated with the user. A persona database system accesses personal and financial data for the user from any suitable source, such as from a tax return of the user or personal finance management application or even a questionnaire. The persona database system matches the user's data to a persona for the user from a predetermined, discrete set of personas, wherein each persona identifies a generalized profile of personal and financial characteristics of the user. Then, when a user access a website hosted by a website server, the website server accesses the persona for the user from the persona database system and the website server personalizes the website content delivered to the user based on the persona for the user.

Abstract: Presence based content access control techniques are described in which presence of users is used as a basis for enforcing content restrictions. In an implementation, applications are registered to receive feedback regarding users' presence in relation to a presentation of content via a computing device. The presence of users is recognized independently of authentication of the users to access user accounts. For example, an imaging sensor such as camera may be employed for recognition of multiple users engaged with the computing device. In addition or alternatively, presence devices associated with users such as badges, key fobs, or access cards may be detected to ascertain the presence of users. Feedback indicative of the one or more users that are recognized may then be supplied to the registered applications. The feedback enables the applications to control the presentation of content by enforcing content restrictions and/or taking other presence based actions.