Abstract: The present invention is related to method and system for online activation of a wireless internet service, which are capable of automatically transferring a MAC address required for an online activation of wireless internet services to an online activation server, thereby eliminating the subscriber burden of having to know the MAC address and preventing incorrect input of the MAC address.

Abstract: An electronic device includes a touch screen. When the electronic device wakes up and works in a locked state, a notification interface including a predetermined unlocking area is displayed on the touch screen. A user pattern formed by at least two fingers of a user located within the predetermined unlocking area is detected. The electronic device is unlocked if the user pattern matches a predetermined unlocking pattern.

Abstract: Methods and apparatus for arranging event opportunities are disclosed. For example, the method detects the event opportunity that matches user profiles of at least two users who are unassociated with one another, verifies a safety parameter for one of the at least two users, wherein the safety parameter is defined by the one of the at least two users, and if the safety parameter is satisfied, sending an invitation to the event opportunity to each of the at least two users.

Abstract: A system and method are provided for restricting various operations in a file system based on security contexts. An object security context including permissible roles and defining a set of access permissions associated with each of the permissible roles is assigned to a file system object. A user security context is assigned to a user based on authentication information from the user, and the user security context identifies a user role for the user. An executable security context is assigned to an executable program. When the user has launched the executable program, a process is created and assigned the user security context and the executable security context. Responsive to the process attempting to access the file system object, at least one of the user security context and executable security context is verified against the object security context to determine if the attempted access should be allowed.

Abstract: In a method, implemented by a first device connected to a wireless network, for assisting in provisioning a second device for connection to the wireless network, the first device receives, via the wireless network and from a remote server, a public key corresponding to a private key stored in the second device. The first device uses the public key to encrypt network security information stored in the first device, the network security information including information that is useable to securely connect to the first wireless network. The first device wirelessly transmits, for reception by the second device, a signal carrying the encrypted network security information.

Abstract: Provided are an identity (ID)-based encryption and signature method and a terminal that use an ID of a transmitter or a receiver as a part of the filename or the extension of a file transmitted to the receiver by the transmitter. Accordingly, it is possible to enable a user to visually recognize that the file has been provided with security. Also, it is possible to designate an associated program for the extension, and the user can easily decrypt or verify the file through the designated associated program.

Abstract: An apparatus and method for zero knowledge proof security techniques within a computing platform. One embodiment includes a security module executed on a processing core to establish a domain of trust among a plurality of layers by sending a challenge from a verification layer to a first prover layer, the challenge comprising an indication of at least one selected option; in response to receiving the challenge, generating first verification information at the first prover layer based on the secret and the indication of the selected option; sending the first verification information to at least a second prover layer, the second prover layer generating second verification information based on the first verification information and the indication of the selected option; and performing a verification operation at the verification layer using the second verification information based on the selected option.

Abstract: Input challenge based authentication techniques are described in which data regarding a user's input signature is employed for authentication of the user to access resources. Different users have distinct input signatures that are indicative of the manner in which each individual user provides input including at least typing characteristics and timing data. Data regarding input signatures may be captured from user interaction with computing devices and associated with user accounts. Once sufficient data regarding a user's input signature is captured, access to a user account may be controlled at least in part based on the input signature. To do so, an input challenge that indicates a non-secret pattern of input is presented to the user in connection with an authentication sequence. The user reproduces the non-secret pattern of input and selective access to the user account is granted depending upon whether or not the reproduction matches the input signature.

Abstract: Devices, methods, and systems capable of an enabling transmission and receipt of secure and non-secure data are discussed in this document. According to some embodiments, a network apparatus can transmit ciphered and unciphered data. The network apparatus transmits a first signal indicating a cipher to be used and transmits a second signal indicating that non-secure data is to be transmitted and received unciphered. The network apparatus can cipher secure data and transmits ciphered-secure data and unciphered-non-secure data. A wireless terminal can receive the first and second signals, the ciphered secure data, and the unciphered non-secure data. The wireless terminal can deciphers the received secure data and does not decipher the received non-secure data. System embodiments can include both network-side and network terminal components. Embodiments of the present invention enable secure transmission of data in concert with efficient processing.

Abstract: According to one embodiment, an electronic device includes a content transmitter. The content transmitter is configured to output a content item including first data and second data to one transmission path, by applying a first copyright protection system to copyright protection of the first data and applying a second copyright protection system to copyright protection of the second data. The first copyright protection system involves encryption of data to be copyright-protected. The second copyright protection system involves no encryption of data to be copyright-protected.

Abstract: Methods and systems for using and providing trustworthy DNS resolutions are provided. A method for using trustworthy DNS resolutions may include obtaining a DNS resolution listing for a domain name and validating the listing's plausibility using a plausible range list. The method may also include selecting a DNS resolution from the DNS resolution listing based on a requested host associated with the domain name. The method may further include initiating a connection to the host using the selected DNS resolution. A method for providing trustworthy DNS resolutions may include obtaining a plurality of potential DNS resolutions for a domain name. The method may also include generating a DNS resolution listing for a domain name and providing the DNS resolution listing. A system may include a DNS resolution selection module and a connection module. Another system may include a DNS resolution inquiry module and a DNS resolution listing provision module.

Abstract: An improved technique involves sending a user's authentication information to a local authentication device that computes a risk score and sends the risk score to a remote authentication server that determines whether the user is able to be authenticated. When the user makes an authentication or transaction request from an electronic device such as a computer or smartphone, the electronic device sends predictor values such as geo location and wireless signal strength to the local authentication device. The local authentication device then computes a risk score based on the received predictor values and historical predictor values. The local authentication device sends this risk score to a remote authentication server which determines from this risk score and other factors whether the user is able to be authenticated.

Abstract: The present invention relates to a method and a system for collecting and providing reports of activities of medical service providers, while encrypting confidential information. Specifically, the present invention provides systems and methods for collecting and providing information from medical claim transactions without information for specifically identifying the particular medical service provider. The present invention also allows for correlation of medical claim transactions with providers' information without using information that can be used to specifically identify the particular medical service provider (provider identifier).

Abstract: Disclosed are a data transmission/reception apparatus and method. A secret key generation unit uses a user ID as a public key to generate a secret key corresponding to the user ID. An encryption/decryption unit sets a user ID intended to receive data as an input value to encrypt the data using a certain method and decrypt the encrypted data using a certain method on the basis of a secret key corresponding to a user ID of a receiver generated by the secret key generation unit. The transmission apparatus and method according to the present invention allow for secure communication between terminals without server intervention by encrypting data using an ID-based encryption technique for safe data communication and then communicating the encrypted data.

Abstract: A system and method for enabling searchable encryption of encrypted documents stored by a client on one or more storage providers includes a broker server in communication with the client and the one or more storage providers. The broker server is adapted to transfer the encrypted documents between the client and the one or more storage providers and to maintain information indicating where the encrypted documents are transferred. The broker server further stores information for at least one encrypted index for the encrypted documents and a test function for a searchable encryption mechanism used to encrypt the at least one encrypted index.

Abstract: A system and method for identifying infection of unwanted software on an electronic device is disclosed. A software agent configured to generate a bait and is installed on the electronic device. The bait can simulate a situation in which the user performs a login session and submits personal information or it may just contain artificial sensitive information. Parameters may be inserted into the bait such as the identity of the electronic device that the bait is installed upon. The output of the electronic device is monitored and analyzed for attempts of transmitting the bait. The output is analyzed by correlating the output with the bait and can be done by comparing information about the bait with the traffic over a computer network in order to decide about the existence and the location of unwanted software.

Abstract: A system for securing data and information transmitted via entails is disclosed. The system includes a sender-side device from which an email including a first code is transmitted. The first code comprises instructions for manipulating server-side processing of the email. The system includes a filter module which determines whether the first code is present within the email, and subsequently transmits the email to a processing server in case if the first code is present within the email. The system includes a processing server which processes the email in accordance with the instructions specified in the first code and generates a first link, thereby enabling the email sender to access and modify the access policy for the email. The processing server further authenticates the intended recipient of the email via an OTP before enabling the intended recipient to access the parts of the email.

Abstract: Methods and apparatuses are described for secure video conferencing. A server computing device receives a request to establish a video conference for a sensitive transaction from a first device associated with a user. The server authenticates the first device. The server establishes a conference between the first device and a second device of a second party to the sensitive transaction. The server transmits video images associated with cameras coupled to the first device to the second device, the images comprising a view of the user and an area surrounding the user. The server determines whether persons other than the user are present in the area surrounding the user. The server transmits an alert to the second device if persons other than the user are present, where the alert includes a prompt on the second device for the second party to confirm with the user whether the other persons are authorized.

Abstract: Various embodiments are disclosed that relate to security of a computer accessory device. For example, one non-limiting embodiment provides a host computing device configured to conduct an initial portion of a mutual authentication session with an accessory device, and send information regarding the host computing device and the accessory device to a remote pairing service via a computer network. The host computing device is further configured to, in response, receive a pairing certificate from the remote pairing service, the pairing certificate being encrypted via a private key of the remote pairing service, and complete the mutual authentication with the accessory device using the pairing certificate from the remote pairing service.

Abstract: Web page loading time may be decreased with the use of a page-maintained storage cache on a client device. In various implementations, a server may receive a request for a web page from a web browser that is on the client device. The server may provide a chunk reassembler to the client device that determines whether any chunks in the web page are already stored on the client device. Subsequently, the server may send one or more chunk of the web page to the client device when the chunk reassembler determines that the one or more chunks of the web page are missing from the client device. The chunk reassembler may then instruct the web browser to assemble the one or more received chunks with the one or more chunks that are stored on the client device into the web page for presentation on the client device.