Abstract: According to one embodiment of the present invention, a method for accessing resources of a secure computing network may be provided. The method may include receiving a request to allow a user to access a secure computing network. The user may be associated with an avatar that has a unique set of one or more identifiers that are associated with the user. A security clearance level of the avatar may be determined from the unique set of identifiers of the avatar. The avatar may be authorized to access one or more virtual compartments of the secure computing network according to the security clearance level of the avatar. The virtual compartment may comprise one or more resources of the secure computing network. The method may further include facilitating display of one or more resources of a virtual compartment accessed by the avatar.

Abstract: A method is provided for Authenticator Relocation in a communication system applying an Extensible Authentication Protocol, or the like, which provides replay protection and mitigates the rogue ASN-GW problem during relocation of the Anchor Authentication, and without conducting re-authentication of the MS. The method of the invention optionally allows secure refresh of the MSK.

Abstract: A first server in a system includes confirmation requesting unit 110 that receives an authentication request from a predetermined apparatus 400 coupled through a public line and that sends a user confirmation request to a second server in the case where user authentication is successful. A second server includes a user facility identifying unit 210 that receives the user confirmation request from the first server and identifies location information of the user facility of the user and a confirmation result notifying unit 211 that receives a utilization request from a measuring apparatus linked through a dedicated line and identifies disposition location information of the measuring apparatus and that sends a notification of success of user confirmation including the identification information of the user to the first server 100 if the disposition location information of the measuring apparatus is identical to the user facility location information.

Abstract: A virtual environment firewall receives a message having a request from a virtual environment entity intended for a virtual environment controller. The virtual environment firewall determines whether the request complies with one or more governance rules of the virtual environment controller. If the request does not comply with the one or more governance rules, the virtual environment firewall processes the message to prevent the request from being processed by the virtual environment controller.

Abstract: A plurality of S-boxes is masked by one masking inverse table. Therefore, the computation cost and the use amount of the RAM necessary for masking at the time of a masking operation for defending a differential power analysis attack in a SEED encryption algorithm can be effectively reduced.

Abstract: A method including generating a plurality of convergence layer protocol data units in a packet-switched telecommunications system protocol stack; ciphering the plurality of convergence layer protocol data units using a ciphering sequence number; transferring the plurality of ciphered convergence layer protocol data units to a link layer of the packet-switched telecommunications system; discarding at least one ciphered convergence layer protocol data unit at the link layer and generating a link layer protocol data unit from at least one of the ciphered convergence layer protocol data units that has not been discarded; and transmitting the link layer protocol data unit and information relating to the discarding for a peer link layer.

Abstract: Secure re-authentication of host devices roaming between different connection and/or access points within a network controlled by the same administrative domain is described. Platform overhead associated with exchanging information for authentication and/or validation on each new connection during mobility is reduced by enabling prior authenticated network access to influence subsequent network access.

Abstract: A method and an apparatus for securing stand-alone microdevices or parts of larger processing devices are arranged for prevention of tampering, unauthorized use, and unauthorized extraction of information from an information containing region of the secured microdevice.

Abstract: An apparatus in one example, where the apparatus comprises a communication device component that performs an authentication key agreement protocol by receiving a first random nonce (RAND) and an authentication token, wherein the communication device component is configured with a shared secret key. The communication device component generates a derivation key by applying a pseudo random function to the RAND and the shared secret key. The communication device component generates a first set of session keys based on a second random nonce (RANDC) and the derivation key where the first set of session keys are used in encrypting communications.