Abstract: According to one embodiment, an electronic device includes a content transmitter. The content transmitter is configured to output a content item including first data and second data to one transmission path, by applying a first copyright protection system to copyright protection of the first data and applying a second copyright protection system to copyright protection of the second data. The first copyright protection system involves encryption of data to be copyright-protected. The second copyright protection system involves no encryption of data to be copyright-protected.

Abstract: An immobilizer ECU generates an encryption key using key generating logic, from a SEED code included in an ID code signal sent from an electronic key, and registers the encryption key to the immobilizer ECU. The immobilizer ECU receives an instruction from a registration and deletion tool and sends, to the electronic key, a deletion request signal that requests the deletion of the SEED code. The electronic key deletes the SEED code from the electronic key if a deletion request signal has been received.

Abstract: One or more techniques and/or systems are provided for dynamically maintaining user centric data. For example, a data provider app may have knowledge about user centric data associated with a user (e.g., a social network app may have contact information for a social network friend of the user). A user centric profile may be defined for the user centric data based upon information provided by the data provider app (e.g., a contact card may be generated for the social network friend). Responsive to receiving a request for the user centric profile from a requestor app (e.g., an event planning app), the user centric profile may be exposed to the user but not to the requestor app for security and/or privacy purposes. For example, an operating system may present at least some of the user centric profile within an operating system user interface.

Abstract: Provided is a management server system that accepts a transition instruction for transition between tenants of an agent device, generates symmetric keys consisting of a first key and a second key, responds the second key to the agent device, and verifies signature information included in a transition request using the first key when the agent device makes a tenant transition request. Upon successful verification of signature information, the management server system transmits new authentication information for communication between the management server system and the agent device to the agent device. After transition of the tenant, the agent device communicates with the management server system using the new authentication information.

Abstract: A system for managing personal information of a user includes: a personal information database including personal information records of the user including data associated with the user, wherein a user is associated with a data policy including at least one permission for an accessing party to interact with a personal information record; and a data access module that receives and responds to requests from an accessing party, wherein a request may be one of: a read request specifying a personal information record to be read; and a write request specifying a personal information to be written to a personal information record to be written, wherein in response to a write request, the data access module responds with the a personal information record to be read, or updates the personal information record to be written in the personal information database, if permitted by the personal information record the privacy policy.

Abstract: The invention relates to a method for providing a user with an authenticated remote access to a remote secure device (2), said remote access being initiated from a local accessing device (1), said remote secure device (2) embedding secure data related to a specific service, characterized in that it comprises establishing a mutual authentication between said remote secure device (2) and a local secure device (3) different from the local accessing device (1) so as the user of the local accessing device (3) is able to access to the secure data of the remote secure device (2).

Abstract: In some examples, a device may include a communication interface configured to exchange signals with another device, and a computing component configured to autonomously calculate a centroid of a plurality of devices of which the device is a part, based at least in part on relative distances between the device and others of the plurality of devices and relative distances among the others of the plurality of devices, and autonomously establish the centroid as a shared secret.

Abstract: A network authentication system and method is described for authenticating multiple profile accesses from a single remote device. A device remote from a web server, yet connected to the web server via, for example, the Internet, can allow multiple users to register their profiles within the device. The profiles are registered using a pre-existing user ID and password corresponding to, for example, the user's financial accounts. Multiple profiles and, specifically, the indicia of those profiles, can appear on the display of the remote device allowing each user the ability to select their own registered profile. Access to a profile is granted when the user enters their private PIN. Once the PIN is entered, the private information such as financial account information will be securely forwarded from the web server to the remote device.

Abstract: An apparatus and method for authenticating a Non-Volatile Memory (NVM) device are provided. A host device that authenticates the NVM device transmits challenge information for authentication to the NVM device, receives pieces of authentication information in response to the challenge information from the NVM device, and authenticates the NVM device using the pieces of authentication information by the host device. The pieces of authentication information are generated based on the challenge information and secret key information stored in the NVM device.

Abstract: An apparatus includes a boundary module that determines if a mobile device is within a secure area. The mobile device includes a computing device capable of connecting to a wireless network. The apparatus includes a download module that downloads a latest version of a file from a secure server to the mobile device in response to the boundary module determining that the mobile device has entered the secure area. The apparatus includes a copy module that copies the file from the mobile device to the secure server in response to the boundary module determining that the mobile device has left the secure area and a deletion module that deletes the file from the mobile device in response to the boundary module determining that the mobile device has left the secure area and in response to the copy module completing copying the file from the mobile device to the secure server.

Abstract: Disclosed is a method and system of managing user security permissions for access to resources accessible over a communications network, to participate in a designated task or conversation relating to the resources. The method and system include: assembling resources relating to the designated task or conversation into a collection and allocating security permissions for users to access said resources in the collection over the network based on whether the users are active or passive participants in the task or the conversation. Active participants have been invited to participate in the task or the conversation and passive participants have not been invited to participate in the task or the conversation, and security permissions allocated for each of the users to access said resources in the collection to the providers of the resources are communicated, such that the providers set the security permissions for each of the users to access the resources.

Abstract: Detecting synthetic keystrokes by maintaining a record of one or more keystrokes of physical keyboard input detected by an operating system of a computer, detecting a keystroke received at a computer application process that is executed by the computer, determining that the keystroke received at the computer application process is absent from the record of keystrokes of physical keyboard input, and identifying the keystroke received by the computer application process as being a synthetic keystroke.

Abstract: Methods and apparatus for providing access to content across a plurality of devices and environments. In one embodiment, a downloadable rights profile is utilized in order for a user device to determine whether to provide content to a subscriber. The user device is first registered to content delivery the network; the device then requests a rights profile indicating the rights of the subscriber associated with the device to access content. The rights profile is transmitted to the device. The rights profile may be configured to be valid only for a pre-determined time, thus enabling a subscriber's rights to be updated (including revoked). Security mechanisms may also be utilized to ensure access to content is limited only to authorized subscribers. In another embodiment, a user-based authentication procedure is utilized, thereby making the rights determination and content provision process completely agnostic to the underlying hardware.

Abstract: A computer-implemented method includes producing medical information that characterizes a group of individuals from a set of private data representing pre or post-encounter characteristics of the individuals, wherein the individuals have had encounters with a healthcare facility. The identity of the individuals is unattainable from the produced medical information. The method also includes providing the produced medical information to report the pre or post-encounter characteristics of the group.

Abstract: Systems and methods for protecting communications between at least two nodes protect the identity of a node requesting information, provide content of communications being sent and/or obscuring a type of communications being sent. Varying degrees of protection options including encryption, intermediate node termination and direct node communications are provided.

Abstract: A credential management system is described that provides a way to disable and/or rotate credentials, such as when a credential is suspected to have been compromised, while minimizing potential impact to various systems that may depend on such credentials. The credentials may be disabled temporarily at first and the availability of various resources is monitored for changes. If no significant drop of availability in the resources has occurred, the credential may be disabled for a longer period of time. In this manner, the credentials may be disabled and re-enabled for increasingly longer time intervals until it is determined with sufficient confidence/certainty that disabling the credential will not adversely impact critical systems, at which point the credential can be rotated and/or permanently disabled. This process also enables the system to determine which systems are affected by a credential in cases where such information is not known.

Abstract: Systems, apparatuses and methods are provided for managing information technology devices in an information technology environment in which at least some of the devices are connected to a network, and access of each user in the information technology environment is customized in a convenient manner.

Abstract: A computer-implemented method for securing data at third-party storage services may include (1) receiving, at a server-side computing system, a request to provide a user with access to a file that is encrypted, (2) determining, in response to the request, whether a transitory symmetric key of the user is available to encrypt a decryption key with which the file may be decrypted, (3) encrypting the decryption key with the transitory symmetric key of the user if the transitory symmetric key of the user is available or encrypting the decryption key with the public key of an asymmetric key pair designated for the user if the transitory symmetric key of the user is unavailable, and (4) storing the encrypted decryption key. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: An exemplary technique is provided for use in a decentralized electronic transfer system. A first digital code that represents a first transaction is generated from a first user's secure repository to the first user's unsecure repository. The first digital code is sent to a secure storage memory related to the unsecure repository to be stored in an area of the memory. A processor related to the unsecure repository generates a second digital code that represents a second transaction from the unsecure repository to the second user's repository. The processor retrieves the first digital code stored in the secure storage memory and publishes the retrieved digital code to validate the first transaction. In addition, the processor publishes the second digital code to validate the second transaction.

Abstract: An exemplary computer-implemented method for generating reputation ratings for URLs may include (1) identifying a URL that identifies the location of at least one web resource, (2) identifying the computing health of at least one member of a computing community that has accessed the URL, (3) generating, based at least in part on the computing health of the member(s) that accessed the URL, a reputation rating for the URL that indicates whether the URL represents a potential security risk, and then (4) providing the reputation rating for the URL to at least one additional computing device to enable the additional computing device to evaluate whether the URL represents a potential security risk. In addition, a client-side, computer-implemented method for determining whether a URL represents a potential security risk may be based at least in part on such a reputation rating. Various other methods, systems, and computer-readable media are also disclosed.