Abstract: Option ROM updates are performed in a secure manner with centralized control through system initialization firmware, such as the system BIOS. An option ROM updater manages copying an option ROM update to an auxiliary subsystem if an update bit is set, such as by a secure system management interface with the BIOS. Upon detection of an update bit, the option ROM updater unlocks a write protect at the auxiliary subsystem firmware and copies an option ROM update to the auxiliary subsystem to update the option ROM. After completing the option ROM update, the option ROM updater locks write protection of the option ROM to maintain system security.

Abstract: A messaging system for a health care community includes a private network. Electronic medical records are accessible via the private network. A calendar system includes appointments of patients with medical providers. An encrypted firewall and subscriber directory limits access to the private network so that only subscribers to the private network have access to the private network. Subscribers are identified by mobile phone numbers or extensions.

Abstract: The present invention enables improvement in user convenience while reducing security degradation. To accomplish this, an information processing apparatus includes a display unit that displays an operation screen; an acceptance unit that accepts input from a user; a display control unit that controls display so as not to change the operation screen to a predetermined state when a predetermined time elapses without accepting input from the user by the acceptance unit; and an acquisition unit that acquires biological information of the user, wherein the display control unit does not change the operation screen to the predetermined state even if the predetermined time elapses without accepting input from the user by the acceptance unit if, within the predetermined time, the acquisition unit acquires biological information of the last user from whom input was accepted by the acceptance unit before the predetermined time started to be counted.

Abstract: A system for and method of system for performing dynamic extension assignment is presented. In one exemplary embodiment, the method may comprise receiving, via a network, an extension assignment request associated with a network endpoint, identifying the network endpoint based on one or more properties of the network endpoint, applying one or more rules to identify an extension to be assigned to the network endpoint based on the one or more properties of the endpoint, and assigning the extension to the network endpoint.

Abstract: Systems and techniques for incrementally updating a software stack are described. The software stack can be stored on a flash memory device on a target device. A server computer can receive a modification to a function that is part of the software stack, wherein additional memory is allocated on the flash memory device to allow the function increase in size via a software update. Next, a new memory layout can be determined for storing functions in the software stack based on the modification to the function. The server computer can then determine changes to a set of memory pages on the flash memory device based on the new memory layout. Next, the server computer can send the changes to the set of memory pages to the target device.

Abstract: A security component may be associated with a network-enabled application. The network-enabled application may request access to restricted content from a relying party (e.g., web site). The security component associated with the network-enabled application may receive authentication policy information from the relying party and send a user's authentication credentials to an assertion provider to authenticate the credentials. The relying party may trust the assertion provider to authenticate user credentials. Upon successful authentication, the assertion provider may return an assertion token to the security component and the security component may sign the assertion token as specified in the authentication policy information. Subsequently, the security token may forward the signed assertion token to the relying party and the relying party may grant access to the restricted content.

Abstract: An encryption and authentication technique that achieves enhanced integrity verification through assured error-propagation using a multistage sequence of pseudorandom permutations. The method generates intermediate data-dependent cryptographic variables at each stage, which are systematically combined into feedback loops. The encryption technique also generates an authentication tag with minimal post processing that is the size of the state.