Abstract: An information processing apparatus includes, a processor configured to execute a process including, determining whether a relationship between biometric information acquired from a living body and biometric information stored in a storage unit satisfies a predetermined standard, creating first authentication information by detecting predetermined operation when the relationship between the biometric information acquired from the living body and the biometric information stored in the storage unit does not satisfy the predetermined standard, comparing the first authentication information and second authentication information stored in the storage unit, and activating the information processing apparatus when the first authentication information and the second authentication information match.

Abstract: Providing multi-dimensional password/challenge authentication for a computer device includes, in response to a login request, sending a login webpage, the webpage at least comprising a set of randomly generated icons with graphical attributes for sequentially selecting; and, determining whether each icon choice entered by a user complies with at least a dimensional option preset for each digit of a preset password according to at least a dimensional option of the digit.

Abstract: A system, method and device for controlling security of a beacon. The system includes a beacon device configured to broadcast a beacon identifier, and change the beacon identifier to another beacon identifier and to broadcast the other beacon identifier when a request to change the beacon identifier is received. The control device is configured to map and store the beacon identifier and service information and provide the service information to a terminal device that has received the beacon identifier and has accessed the control device. The control device also provides information on the other beacon identifier to replace the beacon identifier, and utilize the other beacon identifier to retrieve the service information for preventing an unauthorized user from changing information and enhance information security.

Abstract: An extensible platform gives app developers more control and granularity when developing apps and making them secure. App developers are able to use an app wrapping process to have more control over including non-security related features, such as managerial and administrative features, and more granularity with respect to security features included in the apps they develop. The app wrapping software is extended to be viewed more as a platform for the app developer to customize app security and administrative features without losing the efficiency and simplicity of the original app wrapping process of the present invention.

Abstract: In an aspect, a wireless communication between a transmitter and a receiver involves determining updated keys according to a key management process for MAC layer encryption. Such key is propagated to a transmitter MAC and though a receiver key management process to a receiver MAC. After a delay, transmitter MAC device begins using the updated key, instead of a prior key, for payload encryption. Receiver MAC continues to use the prior key until a packet that was accurately received fails a message integrity/authentication check. Then, the receiver MAC swaps in the updated key and continues to process received packets. The packet data that failed the message integrity check is discarded. Transmitter MAC retries the failed packet at a later time, and if the packet was accurately received and was encrypted by the transmitter MAC using the updated key, then the receiver will determine that the message is authentic and will receive it and acknowledge it.

Abstract: Methods, systems, apparatuses, and computer program products are provided for remediating suspected attempted security breaches. For example, a method is provided that includes receiving information regarding at least one authentication attempt and determining, based at least in part on the information regarding the at least one authentication attempt, whether the at least one authentication attempt comprises a suspected attempted security breach. The method further includes causing, in an instance in which it is determined that the at least one authentication attempt comprises a suspected attempted security breach, at least one recording to be captured via at least one recording device communicatively coupled to the at least one processor and causing at least a portion of the at least one recording to be compared against at least one database.

Abstract: An information processing apparatus includes a storage unit capable of storing authentication information corresponding to a web service. Information is output in a web page corresponding to a first web service so as to cause a display unit to display, via a web browser, an indicator to receive an instruction to delete the authentication information stored in the storage unit. Upon receiving the instruction by the output indicator, deletion processing of authentication information corresponding to a second web service different from the first web service is executed in the storage unit.

Abstract: A plurality of user terminals or sensors transmit data encrypted by individual cryptographic key, a server receives the encrypted data items, and executes a data process according to a program defining a decryption process sequence. Bit slice expression data is generated by performing a bit slice process with respect to the plurality of encrypted data items which are decryption target, bit slice expression key based on the cryptographic key of each encrypted data item is generated, round key is generated based on a bit slice expression key, a decryption process including operation and movement processes of a block unit of the bit slice expression data, and an operation using the round key is executed, and a plurality of plain text data items corresponding to the plurality of encrypted data items are generated by a reverse conversion of the data with respect to the decryption process results.

Abstract: A medical imaging system includes a data store having stored medical imaging data and a computer. The system may be in a medical treatment room and is adapted to receive and display imaging data from a medical procedure. The computer has a graphical user interface that receives authentication credentials. An authenticator alternately prevents or allows a user access by logging the user into the system using the authentication credentials. A file accessor receives received medical imaging data and stores it in the data store, and retrieves the stored medical imaging data and provides it to the graphical user interface for display. Documentation data is received through the graphical user interface and is stored in the data store without requiring the user to provide the authentication credentials or be logged into the system. The user cannot access the stored medical imaging data before providing the authentication credentials and being logged into the system.

Abstract: Systems and methods of operating a computing system may involve securely printing a print document sent from a client device to a target printer. In one example, the method may include verifying an operating environment of the target printer and generating a plurality of security keys to implement asymmetric encryption of the print document.

Abstract: A terminal authentication method for vehicle network connection is disclosed. The terminal authentication method includes acquiring unique identification information of a terminal, generating a certificate of network authentication using the unique identification information, copying the generated certificate of network authentication in the terminal, and performing authentication of the terminal access to a network using a network authentication application in the terminal and the copied certificate of network authentication.

Abstract: The present invention is for more optimally performing recording and reproduction of stereoscopic video. In the present invention, parallax information is utilized to store, in a recording medium, stereoscopic video including left-eye images and right-eye images. Particularly, for video content that contains stereoscopic images, information is obtained regarding the amount of variation in parallactic angle having a given or larger value, a variation time that the variation in parallactic angle takes, and the number of times that the variation in parallactic angle occurs. An evaluation value is calculated that corresponds to the degree of eye fatigue on the basis of the amount of variation, the variation time, and the number of times of the variation. According to the present invention, the video content is encoded in such a manner that the evaluation value is within a given range, and then recorded in the recording medium.

Abstract: Authentication data indicates a plurality of types of operation which a user should perform in a predetermined order via a touch panel and a number of fingers, as to each one of the plurality of types of operation, with which the user should touch the touch panel when performing an operation corresponding to the one of the plurality of types of operation. An authentication processing execution unit executes authentication processing by determining, based on a result of detection by the touch panel, whether or not an operation corresponding to each of the plurality of types of operation has been performed in the predetermined order by touching the touch panel with a number of fingers set for each of the plurality of types of operation.

Abstract: Methods, apparatus and articles of manufacture for behavioral detection of suspicious host activities in an enterprise are provided herein. A method includes processing log data derived from one or more data sources associated with an enterprise network over a given period of time, wherein the enterprise network comprises multiple host devices; extracting one or more features from said log data on a per host device basis, wherein said extracting comprises: determining a pattern of behavior associated with the multiple host devices based on said processing; and identifying said features representative of host device behavior based on the determined pattern of behavior; clustering the multiple host devices into one or more groups based on said one or more features; and identifying a behavioral anomaly associated with one of the multiple host devices by comparing said host device to the one or more groups across the multiple host devices.

Abstract: Systems and methods are disclosed for responding to security events in real time. The disclosed systems and methods utilize the vast amount of risk and asset knowledge collected in a security data warehouse and aggregated in a security information manager, without the expense and latency associated with performing such calculations in real time. The disclosed systems and methods, thereby, significantly extend the time intervals feasible for temporal analysis.

Abstract: Innovations for quantum key management harness quantum communications to form a cryptography system within a public key infrastructure framework. In example implementations, the quantum key management innovations combine quantum key distribution and a quantum identification protocol with a Merkle signature scheme (using Winternitz one-time digital signatures or other one-time digital signatures, and Merkle hash trees) to constitute a cryptography system. More generally, the quantum key management innovations combine quantum key distribution and a quantum identification protocol with a hash-based signature scheme. This provides a secure way to identify, authenticate, verify, and exchange secret cryptographic keys.

Abstract: An internet-based content platform that includes subscribable channels is provided. The internet-based content platform provides channels to end users. The internet-based content platform receives a selection of a paid channel from the list of channels from the end user. The paid channel includes a plurality of media items including at least one paid media item and at least one free media item. The internet-based content platform receives a selection of one of the plurality of media items from the end user. The internet-based content platform determines whether the selected media item is a free item or a paid item. When the selected media item is a paid item, the internet-based content platform requests subscription information of the end user. When the selected media item is a free item, the internet-based content platform provides the at least one free media item to the end user.

Abstract: Described herein are techniques for regulating access to a remote resource using two-factor authentication based on information regarding a host machine of a portable storage drive that stores an operating system that is booted by the host machine. The information regarding the host machine of a portable storage drive may be used as a second factor in a two-factor authentication. Such information regarding the host machine may include, in some embodiments, information retrieved from a secure storage of the host machine, such as from a cryptoprocessor of the host machine. The information may include an identifier for the host machine or may be a user credential pre-provisioned to the host machine to be used in two-factor authentication.

Abstract: Disclosed are a logical network separation method and apparatus. The logical network separation method includes generating a first hash key on the basis of address information included in a service request packet, generating hash information on the basis of a transmission property of the service request packet corresponding to the first hash key when the same hash key as the first hash key is not in the hash table, and generating the policy about the reception of the service response packet corresponding to the service request packet on the basis of a destination of the service request packet. Accordingly, it is possible to block a cyber attack such as hacking, a malicious program, etc.

Abstract: An architecture is provided for a widely distributed security system (SDI-SCAM) that protects computers at individual client locations, but which constantly pools and analyzes information gathered from machines across a network in order to quickly detect patterns consistent with intrusion or attack, singular or coordinated. When a novel method of attack has been detected, the system distributes warnings and potential countermeasures to each individual machine on the network. Such a warning may potentially include a probability distribution of the likelihood of an intrusion or attack as well as the relative probabilistic likelihood that such potential intrusion possesses certain characteristics or typologies or even strategic objectives in order to best recommend and/or distribute to each machine the most befitting countermeasure(s) given all presently known particular data and associated predicted probabilistic information regarding the prospective intrusion or attack.