Abstract: Technologies are provided in embodiments to manage an authentication confirmation score. Embodiments are configured to identify, in absolute session time, a beginning time and an ending time of an interval of an active user session on a client. Embodiments are also configured to determine a first value representing a first subset of a set of prior user sessions, where the prior user sessions of the first subset were active for at least as long as the beginning time. Embodiments can also determine a second value representing a second subset of the set of prior user sessions, where the prior user sessions of the second subset were active for at least as long as the ending time. Embodiments also determine, based on the first and second values, a decay rate for the authentication confidence score of the active user session. In some embodiments, the set is based on context attributes.

Abstract: Embodiments pertaining to managing access in one or more computing systems can include an operations controller in communication with the one or more computing systems for managing commercial transactions of the one or more computing systems and an access management controller in communication with the operations controller. The access management controller can receive an input including user roles and actions associated with the one or more computing systems. The access management controller can provide the input to the operations controller for implementation of access rules in accordance with relationships between the user roles and the actions. The access management controller can attempt to access in the one or more computing systems at least a portion of the user roles and the actions after the operations controller has implemented the access rules. The access management controller can compare the attempted access with the relationships to determine access discrepancies.

Abstract: A system is disclosed for monitoring the status of a website operating on a host and for remedying any identified problems. A first platform is coupled to the host for monitoring the website and periodically transmits status information about the website. A second platform is coupled to the first platform for periodically receiving the status information about the at least one feature. The second platform is configured to compare the received status information with a copy of the website and based thereon determine if the website has been compromised. The second platform is further configured to output an alert signal after determining that the website has been compromised. A third platform is coupled to the second platform and separately coupled to the host computer. The third platform is configured to receive the alert signal from the second platform and to forward the alert signal to the host computer.

Abstract: Systems and methods for automatically logging into a user account are described, including receiving, using a device, data from an external source or from two or more sources comprising an internal source and another source, wherein the external source is not a user; determining, using the device, that at least a portion of received data is new data; and based on the received data, automatically logging in, from the device, to an account of the user.

Abstract: Systems and methods disclosed herein relate to the protection of a plurality of protected personas on a protected network that may be isolated from a telecommunication service provider's network that supports a portable electronic device. The plurality of personas may be generated by the owners and/or administrators of the network on which the personas reside. Activating a persona on a device, whether that device is owned and maintained by the business or businesses affiliated with the protected network, enables access to a plurality of data on the business's network and restricts access to at least some of the capabilities and functionality of the device available under the original persona. Data created or modified while the protected persona is activated on the device may not be accessed while the original persona is active and may be uploaded dynamically or manually to the protected network.

Abstract: A terminal and method for receiving a broadcast service by the terminal in a broadcast system are provided. The method includes performing a registration procedure for subscription and reception of the broadcast service through a Browser And Content Mobile Broadcast (BSCAST) Subscription Management (BSM) responsible for managing subscription information; receiving a Long Term Key Message (LTKM), including key information for encryption of the broadcast service, generated from the BSM; receiving a completed Short Term Key Message (STKM), the completed STKM being generated by performing Message Authentication Code (MAC) processing on a partially created STKM; receiving, from a Broadcast Service Distribution/Adaptation (BSD/A) which is responsible for transmitting the broadcast service, an encrypted broadcast service which is encrypted by a Traffic Encryption Key (TEK) for deciphering the broadcast service; and deciphering the encrypted broadcast service by the TEK obtained using the LTKM and the completed STKM.

Abstract: A flexible content sharing system may comprise a network based application built on a client device using information from dissociated user experience component (UXC), application logic and execution layer (ALEL), and content distribution system (CDS) payloads. An ALEL engine may communicate a request from the network based application to a CDS module. The CDS module may interface the ALEL engine and a CDS server. The ALEL engine can act as a gate keeper and securely communicates requests from client devices to the CDS server. The CDS server is configured to manage and alert the ALEL of any enterprise policies that may be applicable to the client devices connected to the ALEL engine which, in turn, notifies the client devices to comply with the enterprise policies. The CDS server may synchronize any change made to the content by any of the client devices running network based applications.

Abstract: One embodiment of the present invention provides a system for detecting insider attacks in an organization. During operation, the system collects data describing user activities. The system extracts information from the data that includes user information and user communications. The system then generates a topic-specific graph based on the extracted information. The system analyzes a structure of the graph to determine if one or more rules have been violated. The system may determine that a rule associated with the graph has been violated and signal an alarm in response to detecting the rule violation.

Abstract: Secure configuration of a mobile application (“app”) includes sending the required configuration data for the app to the user's mobile computing device in a communication, for example an email with an attachment. A verification value is included in the attachment to protect the authenticity and integrity of the configuration data. A challenge code is issued to the user (or group of users). The challenge code is used to verify the configuration data.

Abstract: A method for processing packets, an electronic device and a storage medium are proposed. The present invention presets a defense module preventing DoS in the mobile terminal. A connection requesting side establishes connection with the defense module according to three-handshake principle of TCP, and a defense module sends a SYN packet to a mobile terminal as the connection requesting side. When the defense module successfully handshakes with the mobile terminal, connection between the connection requesting side and the mobile terminal is created, so that DoS attack, especially SYN attack can be effectively prevented. When mobile terminals, especially mobile phones are network hotspot, attack on internal mobile terminal from external network can be effectively prevented.

Abstract: A computer-implemented method to protect against a vulnerability event is described. A first set of security policies is enforced. A client device is monitored for a vulnerability event. Upon detecting a vulnerability event, a vulnerability level corresponding to a current environment is determined. A second set of security policies is selected based on the vulnerability level. The second set of security policies is enforced.

Abstract: A method begins by a requesting entity sending a distributed storage network (DSN) access request to a request verification entity, wherein the DSN access request includes a signed certificate and DSN accessing information. The method continues by a request verification entity sending a signed DSN access request to the requesting entity when the request verification entity signs the DSN access request after verifying the signed certificate and the DSN accessing information. The method continues by the requesting entity sending the signed DSN access request to a DSN accessing entity. The method continues by the DSN accessing entity sending an authorized DSN access request to the DSN via a network connection when the DSN accessing entity verifies a signature of the request verification entity, wherein the authorized DSN access request includes, at a minimum, the DSN accessing information.

Abstract: Security is enhanced for a user of an electronic device by providing a method for managing user login behavior. When an entered password that is different from a defined password is received, the method includes identifying alternative characters for at least one character of the entered password based on a location of a key corresponding to the character of the entered password on a keyboard used to enter the password. When the alternative characters are identified, a variation of the entered password is generated by replacing a character of the entered password with an alternative character of the character. When information relating to the variation matches information relating to the defined password, the entered password is determined to be valid.

Abstract: A security system, including a receiver for receiving a downloadable, a scanner, coupled with the receiver, for scanning the downloadable to identify suspicious computer operations therein, a code modifier, coupled with the scanner, for overwriting the suspicious computer operations with substitute computer operations, if at least one suspicious computer operation is identified by the scanner, and for appending monitoring program code to the downloadable thereby generating a modified downloadable, if at least one suspicious computer operation is identified by the scanner, and a processor, coupled with the code modifier, for executing programmed instructions, wherein the monitoring program code includes program instructions for the processor to validate input parameters for the suspicious computer operations during run-time of the downloadable. A method is also described and claimed.

Abstract: Apparatus for assessing threat to at least one computer network in which a plurality of systems (301, 302, 303, 304, 305, . . . 30n) operate is configured to determine predicted threat activity (13), to determine expected downtime of each system in dependence upon said predicted threat activity, to determine loss (12A, 12B, 12C, 12D, 12E, . . . , 12m) for each of a plurality of operational processes (31A, 31B, 31C, 31D, 31E, . . . 31m dependent on the downtimes of the systems, to add losses for the plurality of processes so as to obtain a combined loss (12SUM) arising from the threat activity.

Abstract: In a large network, it can be difficult to pinpoint and track down the causes of breaches of established policies. A policy compliance server allows traversal of notifications according to breaches, organizes the breaches (vulnerabilities and violation) according to severity and recurrence, and identifies related rules, network entities and configuration changes, which may be related to the breach. An integrated graphical user interface (GUI) provides efficient, timely traversal and analysis of rule breaches across the network to allow quick, efficient identification of the underlying cause or condition of the rule breach. A discoverer gathers configuration data including notifications of changes, alerts, and conditions in the network that are pertinent to the rule breaches. A compliance engine evaluates the configuration data against the rules to identify breaches.

Abstract: An apparatus, system, and method for authorizing endpoints of a push pathway for push notifications are described herein. In one example embodiment, an identity provider element authenticates a first endpoint of the push pathway, determines an authentication token associated with the first endpoint, and determines a channel identifier in response to a successful validation of the authentication token associated with the first endpoint. In this embodiment, the identity provider element also authenticates a second endpoint of the push pathway, determines an authentication token associated with the second endpoint, and determines a handle for the push pathway in response to a successful validation of both the authentication token associated with the first endpoint and the authentication token associated with the second endpoint. The push pathway is established for transmission of push notifications from the first to the second endpoint upon establishing the handle for the push pathway.

Abstract: A display component (108) displays multiple icons that a user can touch. A multi-layered sensing component (104) includes at least a high resolution sensing component (204) and a low resolution sensing component (202). The low resolution sensing component is activated to detect objects touching the multi-layer sensing component. In response to the low resolution sensing component detecting an object touching one of the multiple icons, the low resolution sensing component is deactivated and at least a portion of the high resolution sensing component over the touched icon is activated. The high resolution sensing component senses the user's fingerprint, which is authenticated. After sensing the user's fingerprint, the high resolution sensing component is deactivated and the low resolution sensing component is reactivated.

Abstract: Described herein are methods, network devices and machine-readable storage media for detecting whether a message is a phishing attack based on the collective responses from one or more individuals who have received that message. The individuals may flag the message as a possible phishing attack, and/or may provide a numerical ranking indicating the likelihood that the message is a possible phishing attack. As responses from different individuals may have a different degree of reliability, each response from an individual may be weighted with a corresponding trustworthiness level of that individual, in an overall determination as to whether a message is a phishing attack. A trustworthiness level of an individual may indicate a degree to which the response of that individual can be trusted and/or relied upon, and may be determined by how well that individual recognized simulated phishing attacks.

Abstract: An information processing apparatus, a software update method, and an image processing apparatus capable of encrypting and decrypting information using values uniquely calculated from booted primary modules or booted backup modules with less effort are disclosed. The information processing apparatus includes primary modules and the same kinds of backup modules, and includes a value storage unit storing values calculated from the modules, an encryption information storage unit storing information unique to the modules, an information decryption unit decrypting the information unique to the modules using the values in the value storage unit, and an encryption information update unit, when the module is updated, encrypting the information unique to the modules based on a value calculated from the each kind of the primary modules or the backup modules after the update.