Abstract: An information processing apparatus and method that prior to using a digital certification considers a validity expiration date of the digital certificate as well as a usable deadline of an algorithm or a public key used in the digital certificate.

Abstract: One embodiment of a method of integrating software applications includes customizing properties of an InfoVista application to accept a format of login strings provided by a SiteMinder application; modifying authentication information in properties of the InfoVista application to match authentication information that is to be sent from the SiteMinder application; and customizing the SiteMinder application to pass authentication information needed by the InfoVista application for login of a user into the InfoVista application using a single sign-on interface provided by the SiteMinder application. Other methods and systems are also provided.

Abstract: When being triggered by a call setting request that has been made, dummy information that is different from information to be transmitted and is information used for creating a path on which encrypted communication is to be performed is generated. The path on which the encrypted communication is to be performed is established by using the generated dummy information. A responding process of responding to the call setting request is performed after the path on which the encrypted communication is to be performed has been established. Thus, in the case where information that is obtained after the responding process of responding to the call setting request is encrypted and transmitted, it is possible to transmit the information while maintaining the real-time characteristics of the information to be transmitted.

Abstract: A method for single sign-on with established federation includes triggering a single sign-on operation from a first service to a second service, retrieving, by the first service, an associated federation key and pseudo identification for a user agent, generating, by the first service, a token signed with a federation key for the user agent based on the pseudo identification, redirecting, by the first service, the user agent to the second service, wherein the user agent transfers the token to the second service, verifying, by the second service, the token and determining an associated identification in the second service, and returning, by the second service, a resource to the user agent.

Abstract: This document describes tools that constrain a login to a subset of access rights. In one embodiment, the tools generate a constrained password by executing a cryptographic algorithm on a user ID, general password, and one or more desired constraints. The constrained password is used in place of the general password to gain access rights that are a subset of the access rights that would be granted if the general password were used instead.

Abstract: A method may include storing user information associated with a first user, where the user information includes at least two of location information, presence information, address book information or calendar information. The method may also include storing access control information identifying criteria for allowing parties to access the user information and receiving, from a first party, a request for access to at least a first portion of the user information. The method may further include determining, based on the access control information, whether the first party is authorized to access the first portion of the user information and providing access to the first portion of the user information, when it is determined that the first party is authorized to access the first portion of the user information.

Abstract: The present disclosure describes methods, systems, and computer program products for interactive authentication can include receiving a valid authentication credential or an invalid authentication credential associated with a digital identity. The credentials can be received from an end user at an input device in association with a login attempt. If a valid authentication credential is received, it is determined whether an identification token is received with the valid authentication credential. If received, the identification token is identified as a token included in a list of valid tokens associated with the digital identity at an authentication system. In response to the determination that the identification token is included in the list of valid tokens, it is determined whether a lockout period associated with the identification token in the list of valid tokens has expired. If expired, the end user associated with the login attempt can be authenticated.

Abstract: Concepts and technologies are described herein for a mechanism by which participants who have been invited to attend a conference event and who are physically present within a conference event environment, such as a meeting room, can provide authentication credentials to join the conference event via a conference event environment system. When an individual attempts to join a conference event via a conference event environment system, the individual is prompted to provide his or her authentication credentials to join the conference event via the conference event environment system to participate in the conference event. The conference event environment system may inherit the individual's permissions, such as in regards to whether or not the individual has been permitted to present content during the conference event. A conference event roster may be used to indicate that the individual has joined the conference via the conference event environment system.

Abstract: A method for entering a passcode within a mobile device begins with receiving an indication of a user attempt to access the mobile device. A passcode entry display including a plurality of touch points is generated responsive to the indication. Each of the plurality of touch points includes at least two visual identifiers associated therewith. The passcode entry display is displayed on an interface of the mobile device and the passcode is received responsive to user selection of a sequences of the plurality of touch points associated with a predetermined sequence of at least one of the visual identifiers. The arrangement of the at least two visual identifier associated with the plurality of touch points of each passcode entry display differs from an arrangement of the at least two visual identifiers in a previous and a subsequent passcode entry display.

Abstract: Methods and systems for sharing mobile security information are disclosed. According to an embodiment, a method for sharing mobile security information includes: providing to a user of the mobile device an option to share the mobile security information, extracting content from mobile security information upon receiving the user's selection, and posting the extracted content to a social network service.

Abstract: A device includes a first bus, a second bus, a processor configured to communicate with a storage circuit through the first bus and to communicate with a debug host through the second bus and a control circuit configured to inhibit transfer of data from the second bus to the debug host while receiving authentication information from the debug host and to enable transfer of data from the second bus to the debug host responsive to authentication of the received authentication information. The control circuit may be configured to inhibit data transfer from the second bus to the debug host by causing dummy data to be transmitted to the debug host over a transmit channel between the device and the debug host.

Abstract: Various embodiments described and illustrated here include one or more of systems, methods, software, and data structures that may be used to implement policies for hardware access and monitoring control in concert with a premises security system that controls ingress and egress of a facility. One embodiment includes identifying when certain devices are removed or decoupled from a computer and preventing one or more users of that computer from leaving a facility within which the computer is located.

Abstract: A method for accessing a user's account by customer support without viewing the user's private data includes receiving, in an application module communicating with a web service, a request for authentication by a support person using a linked user-support login name. The method includes authenticating the user, authenticating the support person and retrieving a current session of the user as viewed by the user on an electronic screen of a processing device of the user. The method further includes dynamically redacting private data of the user from the user session to create a redacted user session, and delivering the redacted user session for display in an electronic screen of a processing device of the support person.

Abstract: Outputs from at least one pseudo-random source are used to encode hidden value. The hidden value is encoded using index based quantities, for example, based on numerically ordering a sequence of outputs from pseudo-random source(s). In some examples, the numerical ordering of re-generated device-specific quantities is used to re-generate the hidden value, without necessarily requiring additional error correction mechanisms. Information leak may be reduced by constructing system whose “syndrome” helper bits are random, as measured, for example, by NIST's Statistical Tests for Randomness In some examples, index based coding provides coding gain that exponentially reduces total error correction code complexity, resulting in efficiently realizable PRS-based key generation systems. In some examples, index based coding allows noisy PRS to be robust across conditions where conventional error correction code cannot error correct.

Abstract: An information processing system including an information processing device connected to a first communication network, a terminal device connected to the first communication network, and a server device connected to a second communication network. The server device includes a receiving unit, a first request unit, and a providing unit. The receiving unit receives an instruction from the terminal device to provide the information processing device with a predetermined service. The first request unit presents a test to the information processing device to authenticate whether or not the information processing device is being operated by a human. The providing unit provides the information processing device with the service in accordance with the instruction. The terminal device includes an instruction unit and a response unit. The instruction unit sends the instruction to the server device. The response unit makes a response to the test on behalf of the information processing device.

Abstract: An image forming apparatus communicates with an authenticating server which stores user information for identifying a user and authentication information included in a storing medium. An authentication requesting unit transmits the user information input to the image forming apparatus to the authenticating server to authenticate the user. An authentication result obtaining unit obtains the user authentication result from the authenticating server. A display unit displays a registering mode for registering the authentication information corresponding to the input user information and a deleting mode for deleting the authentication information corresponding to the input user information so that the modes can be selected according to the obtained authentication result.

Abstract: Computer-based systems and method for automating the workflow for generating and sending e-mails with attached reports to external recipients in order to reduce security breaches in certain business reporting processes. The system may utilize a first computer system that may import data eligible for attachment to be sent with the e-mail based on user-entered search criteria. The attachments may be strongly encrypted using an encryption program on the user's computer. In some embodiments, a password for decrypting the attachment may be unique to combination of third party (e.g., trading name) and the role of the external recipient with respect to the attachment.

Abstract: In one or more implementations, a computing device receives an indication that a device is attempting to pair with the computing device. If a user is not currently authenticated with respect to the computing device, inputs received by the device are restricted from being used by the computing device for uses other than authenticating the user.

Abstract: A method is performed at a computer system having one or more processors and memory storing one or more programs executed by the one or more processors. The method includes generating a document, including marking one or more portions of the document as private; and sending the document to an intermediary system for transmission to a destination system. Prior to the document being transmitted to the destination system, the marked portions of the document are encrypted by the intermediary system using a key that is unavailable to the destination system.

Abstract: A system and method for initiating and maintaining a secure wireless communication between a wireless analyzer and a target network (e.g., a hospital network connected to a LIS and/or HIS). The present disclosure provides novel processes and systems for securely networking a wireless analyzer with a Wi-Fi network without the need for an operator or user to engage in manual initiation steps on, or through, the wireless analyzer.