Abstract: The invention refers to a method for authorizing access to a third party application, called client (2), to protected resources owned by a user (1) and hosted in a server (3). The method comprising: the client being used by the user asking for a temporary token to the server; the server sending a first SMS to the user, said first SMS providing means to authenticate the user; authenticating the user by the means provided in previous two steps; the user authorizing the client; the server sending a second SMS to the user providing some information needed to obtain an access token; the client getting the information of the previous step from the user and the access token; the client accessing protected resources using the access token.

Abstract: A method for notifying a first device of a status of an application includes transmitting an application state transition notification message from a second device to the first device when a state transition of the application has occurred, wherein the application state transition notification message comprises information regarding at least a current state of the application and a reason of the state transition; and transmitting an application state transition response message from the first device to the second device in response to the application state transition notification message.

Abstract: The present invention relates to a method and a system for operating a device (100).

Abstract: A disclosed image forming apparatus includes an authentication information reception unit configured to receive first authentication information input to the image forming apparatus, an authentication control unit configured to send the first authentication information to a first authentication apparatus connected to the image forming apparatus via a network and cause the first authentication apparatus to carry out a first authentication based on the first authentication information, and an authentication information recording unit configured to record, when the first authentication based on the first authentication information has succeeded, the first authentication information therein as second authentication information.

Abstract: Session-specific information stored to a cookie or other secure token can be selected and/or caused to vary over time, such that older copies will become less useful over time. Such an approach reduces the ability of entities obtaining a copy of the cookie from performing unauthorized tasks on a session. A cookie received with a request can contain a timestamp and an operation count for a session that may need to fall within an acceptable range of the current values in order for the request to be processed. A cookie returned with a response can be set to the correct value or incremented from the previous value based on various factors. The allowable bands can decrease with age of the session, and various parameter values such as a badness factor for a session can be updated continually based on the events for the session.

Abstract: A service integration platform system for providing Internet services includes: an interface configured to receive a service request message that is initiated by a user of an application provided by an Independent Software Vendor (ISV), the service request message being implemented according to an Application Programming Interface (API) type and including a plurality of platform-level parameters that conform to the API type.

Abstract: The disclosure discloses a method and system for enhancing the security of a user security model. In the solution of the disclosure, after a Simple Network Managing Protocol (SNMP) server acquires a multi-byte original password of a user, detects whether the original password is composed of a specific byte string repeated multiple times; and if so, the user is prompted to reconfigure a password. In accordance with the solution provided by the disclosure, the disclosure greatly enhances the security of version V3 for the SNMP server side, solves the problem that the vulnerability exists in the security defined in version V3 in the prior art, and avoids the security hidden danger caused by the fact that illegal users can use the password different from the password of the authorized user to log on the SNMP server.

Abstract: A method for authenticating video content includes: receiving a digital signature, an unsecured video fingerprint, and an unsecured video content from a transmitting node at a receiving node in a communication network; determining if the digital signature is consistent with the unsecured video fingerprint at the receiving node to verify the unsecured video fingerprint; and determining if the unsecured video fingerprint is consistent with the unsecured video content at the receiving node to verify the unsecured video content in a manner that tolerates a predetermined measure of loss in the unsecured video content. If the unsecured video fingerprint and the unsecured video content are verified, the unsecured video content is authenticated for subsequent use at the receiving node. A receiving node associated with the method includes an input module, a fingerprint verification module, a content verification module, and a controller module.

Abstract: Systems and methods are provided herein in relation to notifications about alternative viewing opportunities for recording and playback of media programs. In particular, the systems and methods provide users with information related to alternative recorded programming viewing opportunities for programs scheduled for recording by a user.

Abstract: An NLFSR of length k, configured to output a sequence of masked values x?i=xi+mi according to a masked recurrence x?n+k=f(x?n, . . . , x?n+k?1), the NLFSR including a nonlinear feedback function configured to compute f(x?n, . . . , x?n+k?1) so as to obtain a feedback value, a correction function configured to compute (mn, . . . , nn+k?1)+mn+k+h(mn, mn+k?1, xn, . . . , xn+k?1) to obtain a correction value c, and a corrector configured to correct the feedback value {circumflex over (x)}?n+k using the correction value c to obtain a corrected feedback value which forms x?n+k.

Abstract: In a key pair management method for use in an image forming device, one or more key pairs which are usable for secure communication between the image forming device and an external device are stored into a first area of a memory. A key pair required for the secure communication with the external device is received from the first area of the memory. After the key pair is received from the first area of the memory, the key pair required for the secure communication with the external device is generated in an asynchronous mode and stored into the first area of the memory again. The secure communication between the image forming device and the external device is performed using the key pair received from the first area of the memory.

Abstract: The present invention is directed to a system and method of distributing game play instructions to players during a game, more specifically a system and method for allowing a portable remote terminal and/or a game apparatus to dynamically transmit and/or receive in game instructions in real-time concerning game play instructions to be effected on the field or court, and to be distributed to one, a plurality, or all team players wearing a headgear configured to receive audio transmissions of the game play instructions from a game play apparatus, another headgear and/or the portable remote terminal.

Abstract: Verification of trustworthiness of a computing platform is provided. The trustworthiness of the computing platform is dynamically assessed to determine whether a root of trust exists on the computing platform. Responsive to determining existence of the root of trust, data is unsealed from a sealed storage facility. The sealed storage facility is unsealed responsive to a root of trust being determined to exist on the computing platform. The data can be used to attest to the trustworthiness of the computing platform to other device on a network.

Abstract: A method and apparatus for obtaining an encryption key for an item of data transmitted from a client to a server. The method includes: determining a number R of registers available within the client for carrying out a plurality of calculations of encryption keys; determining a maximum number N of iterations necessary for obtaining at least one encryption key at the server; obtaining a structure of data representative of a key calculation state effected within the R available registers; calculating the at least one encryption key as a function: —of the number of available registers R, by performing at most N calls to a pseudo-random function F and —of the data structure; so that the at least one encryption key can be obtained from a combination of at most T=CR+NN?1 encryption keys based on a secret previously shared between the server and client.

Abstract: Methods, systems, and apparatus for voice authentication and command. In an aspect, a method comprises: receiving, by a data processing apparatus that is operating in a locked mode, audio data that encodes an utterance of a user, wherein the locked mode prevents the data processing apparatus from performing at least one action; providing, while the data processing apparatus is operating in the locked mode, the audio data to a voice biometric engine and a voice action engine; receiving, while the data processing apparatus is operating in the locked mode, an indication from the voice biometric engine that the user has been biometrically authenticated; and in response to receiving the indication, triggering the voice action engine to process a voice action that is associated with the utterance.

Abstract: A method and structure for enhancing protection for at least one of software and data being executed on a computer. A file to comprise a secure object is constructed, using a processor on a build machine, the secure object to be executed on a target machine different from the build machine. The secure object comprises at least one of code and data that is to be encrypted when the secure object is stored on the target machine. The encrypted stored secure object is decrypted by the target machine when executed by the target machine after retrieval from a memory on the target machine. The decryption uses a system key of the target machine. The secure object is stored, upon completion of construction, in an encrypted state as a completed secure object, and the secure object is completed without the build machine having the system key of the target machine.

Abstract: Embodiments are directed to providing access to a resource over a network. A client device may request access to a server. An application may be provided to the client device. The application may cause control of the client device to be switched from a first desktop to a secure desktop. The secure desktop may be configured to restrict applications access to within the secure desktop. An indication of the resource on the server to map to may be received at the client device. The indicated resource may be mapped onto a file system on the client device. Mapping may comprise using a remote file access protocol, using DLL injection, or adding a kernel module to an operating system on the client device. The mapped resource may be constrained to be accessed through the secure desktop.

Abstract: A method is provided for provisioning a device certificate. A device certificate request is transmitted from a communication device to a server in a communication network using an established communications channel between the communication device and the server. The device certificate request comprises at least a user identifier and a device identifier. The server provides to the communication device a device certificate that includes the user identifier and the device identifier and that is signed by a private key of a certificate authority.

Abstract: The present invention concerns the field of broadcast encryptionmethod, i.e. a method to organize the distribution of keys into a group of users so that it is possible to manage the revocation of one member of the group in an efficient way. The proposed solution is a private encryption key ciphertext constant collusion-resistant broadcast encryption. The main idea behind the invention is to mix the notion of efficient tree-based key derivation (also called subset management) with individual and personalized key blinding thus achieving a full collusion-resistant broadcast encryption system. The key de-blinding is performed at the last moment thanks to a cryptographic technique called pairings (also known as bilinear maps) resulting in a global key commonly shared by all authorized (non-revoked) devices.

Abstract: Embodiments of the invention relate to generating security permissions for applications. A static analysis on an application is carried out to determine security exceptions and to determine the application components responsible for the security exceptions. The determined security exceptions are analyzed to calculate permissions required for each component. A security policy file that includes a hierarchy of the required permissions suitable for the type of application is formatted and applied to the application to provide a security enabled application.