Abstract: System(s), method(s), and/or technique(s) (“tools”) are described that enable a user to permit multiple tasks requiring elevated rights with as little as one rights elevation. For example, the tools may enable an installation wizard operating within a limited-rights context to perform multiple tasks that require a higher-rights context with a single rights elevation by the user. The tools may do so using an object agent, an instance of which may be created by the installation wizard following a single rights elevation. This instance of the object agent then creates instances of other objects without requiring that the user elevate his or her rights. These other objects' instances may then run the tasks that require the higher-rights context.

Abstract: System(s), techniques, and/or method(s) (“tools”) are described that enable a user to elevate his or her rights. The tools may do so by switching a user to an account having higher rights or a different, higher-rights context of a same account. The tools may elevate a user's rights after a user enters a secure access sequence, such as Control+Alt+Delete, clicks on a button, or enters credentials. The tools may also enable a user to identify tasks that need higher rights to be performed by visually correlating graphic indicia with these tasks.

Abstract: Prior art quarantine networks were implemented by two methods, the IEEE802.1x method and the DHCP method, but these methods both have different problems. The problem with the IEEE802.1x method is that it is difficult to make the transition from an existing management framework. The problem with the DHCP method is that it is difficult to prevent attacks on the network itself, and to repeat client quarantine. The present invention implements client login authentication and client security status quarantine independently, and controls layer-2 connectivity based on the respective results. This permits quarantine using an existing management framework, as well as enhancing network protection by layer-2 connection control and permitting repeat quarantine of the client using the same IP address. Moreover, by incorporating other layer-2 connectivity control mechanisms, flexible layer-2 connectivity control outside the quarantine network can also be implemented.

Abstract: This invention concerns a method for processing computer system input data including at least one detection step for a specific word INSTR present among said data. In the method according to the invention, the specific word to be detected represents an instruction necessary for the execution of a program present among said data. Because it focuses detection on the means necessary for the execution of an attack program that thus reveal the presence of said program, the invention can be used to simply and effectively detect different types of attacks.

Abstract: An apparatus and method for providing at least one root certificate are disclosed. Specifically, a plurality of root certificates is received and stored. Afterwards, a request is received from a first endpoint device for a desired root certificate, where the desired root certificate is used by the first endpoint device to verify an identity of a second endpoint device. Furthermore, the first endpoint device and the second endpoint device are associated with different certificate hierarchies. The desired root certificate is then sent to at least the first endpoint device.

Abstract: Provided is a method of hiding a specified directory with no effect on compatibility with an existing file system. According to an aspect of the invention, an apparatus for managing a hidden area includes a hidden area generation unit which sets a portion of the data area as a hidden area and records meta data for the set hidden area, a hidden area release unit which moves a directory entry of a root directory of the hidden area into the directory entry area and returns a cluster recorded with the meta data to release the set hidden area, and an access control unit which controls an access to the hidden area when the hidden area is set.

Abstract: A system and method for authenticating the source of, protecting the contents of, and ensuring the integrity of information. The information may be any digital information which can be stored in a computer file. The information is encapsulated in a computer file which also includes the biometrically verified identity of the person who packaged the information. The contents of the computer file are encrypted, and a unique message digest value is generated and stored in a secure central database. The message digest value functions as the digital signature of the encrypted information, and is used to ensure the integrity of the information.

Abstract: A data communication apparatus which causes the eavesdropper to take a significantly increased time to analyze a cipher text and provides high concealability is provided. A multi-level code generation section 111a generates, based on predetermined key information 11, a multi-level code sequence 12 in which a signal level changes so as to be approximately random numbers. A multi-level processing section 111b combines the multi-level code sequence 12 and information data 10, and generates a multi-level signal 13 having a plurality of levels corresponding to the combination of the multi-level code sequence 12 and the information data 10. A modulator section 112 treats the multi-level signal a predetermined modulating processing and generates a modulated signal.

Abstract: Biometric parameters acquired from human forces, voices, fingerprints, and irises are used for user authentication and access control. Because the biometric parameters are continuous and vary from one reading to the next, syndrome codes are applied to determine biometric syndrome vectors. The biometric syndrome vectors can be stored securely while tolerating an inherent variability of biometric data. The stored biometric syndrome vector is decoded during user authentication using biometric parameters acquired at that time. The syndrome codes can also be used to encrypt and decrypt data.

Abstract: In one embodiment, a Central Processing Unit having a processing core. The processing core connects to an internal memory bus having N address lines and X data lines. A cache connects to the internal memory bus and uses M of N bits of the N address lines to address data stored in the cache. A cryptographic unit in the CPU encrypts data written to an external memory and decrypts data read from the external memory. The cryptographic unit encrypts and decrypts N-M address lines of the internal memory bus and the data lines of the bus.

Abstract: Embodiments of multimedia transmitters, receivers and methods for communicating multimedia content in a wireless network are generally described herein. Other embodiments may be described and claimed. In some embodiments, a checksum is generated by decoding the multimedia content to respond to queries from a multimedia content source within a predetermined time period, a propagation delay associated with the wireless multimedia link is determined, and transmission of the multimedia content over the wireless multimedia link is inhibited when a response from the multimedia receiver exceeds a propagation delay by a predetermined time period.

Abstract: Automatic recognition apparatus (100, 700) includes multiple automatic recognition subsystems (102, 104, 106) that are cable of producing estimates of the probability that a subject matches a particular identity, a probability estimate combiner (108) that receives estimates from the multiple automatic recognition subsystems (102, 104, 106) and produces a combined estimate, and a decayer that (111) that decreases the certainty of the combined estimate over time while avoiding changing estimates to values that would suggest strong information contrary to the initial values of the combined estimates.