Abstract: Disclosed herein are systems, methods, computer readable media and special purpose processors for obfuscating code. The method includes extracting an operation within program code, selecting a formula to perform the equivalent computation as the extracted operation, and replacing the extracted operation with the selected formula. The formula can be selected randomly or deterministically. The extracted operation can be an arithmetic operation or a Boolean operation.

Abstract: A method and apparatus for automatically publishing content based identifiers are described. In one embodiment, the method comprises accessing an electronic communication to obtain a content based identifier (CBI) contained in the electronic communication. In one embodiment, the method may also comprise using the CBI to validate integrity of a hash chained log.

Abstract: A secure computing device (14) includes a secure processing section (30) having a tamper detection circuit (58) and a monotonic counter (68). The tamper detection circuit (58) detects an event which suggests that the trust associated with the secure processing section (30) may have been compromised. When such an event is detected, a security breach is declared and trusted software (38) is disabled. After a security breach is declared, the monotonic counter (68) may be reclaimed. The monotonic counter (68) provides a monotonic count value (70) that includes an LSB portion (80) and an MSB portion (82). The LSB portion (80) is obtained from a binary counter (72). The MSB portion (82) is obtained from a register (84) of independent one-time-programmable bits. The monotonic counter (68) is reclaimed by programming one of the one-time programmable bits to guarantee that future counting of the monotonic counter will be monotonic relative to all past counting.

Abstract: The present invention provides a system, method and apparatus for securely exchanging security keys and monitoring links in an IP communications network. The apparatus is disposed between the local device and the remote device and receives a security key associated with the secure communication(s) for the local device. The apparatus then uses the security key to decode one or more messages transmitted between the local device and the remote device. The apparatus may initiate one or more security protocols whenever the decoded message(s) satisfy one or more criteria. Note that the present invention can be implemented as a computer program embodied on a computer readable medium wherein each step is performed by one or more code segments.

Abstract: A computer system which is configured to load executable programs. This configuration first accepts an operator defined key; withdraws an encrypted executable program from memory; and, using the operator defined key, decrypts the encrypted executable program into a functional executable program. It is this functional executable program which is used by the processing unit. During shutdown, each executable program is checked to see if it was derived from an encrypted executable program; those that aren't, are verified as being legitimate by the operator prior to their storage into the memory.

Abstract: An information processing system includes: an organization information storage that stores organization information which defines an organization including users and groups of the users; a usage control information storage that stores usage control information which is for controlling use of control target information by each user in the organization defined by the organization information and defining a user or a group of users who or which is permitted to use the control target information and a usage range of the control target information in which the user or the group of the users is permitted to use the control target information; a judgment unit that judges whether or not an inconvenience resulting from a change of the organization occurs in the usage control information stored in the usage control information storage based on the organization information stored in the organization information storage; and a countermeasure unit that performs a countermeasure against the inconvenience in a case where th

Abstract: The control unit includes a CPU which generates an access signal for performing writing or reading on the external memory, encryption/decryption means which, when the access signal is used for writing, encrypts an address designated by the CPU to generate a write address and encrypts write data contained in the access signal to generate write encrypted data, and which, when the access signal is used for reading, encrypts an address designated by the CPU to generate a read address and decrypts the encrypted data read from the external memory to generate plaintext data, and external control means which writes the write encrypted data in a position designated by the write address generated by the encryption/decryption means and which reads the encrypted data from a position designated by the read address generated by the encryption/decryption means and supplies the same to the encryption/decryption means for its decryption.

Abstract: Embodiments of the systems, devices, and methods described herein generally facilitate the secure transmittal of security parameters. In accordance with at least one embodiment, a representation of first data comprising a password is generated at the first computing device as an image or audio signal. The image or audio signal is transmitted from the first computing device to the second computing device. The password is determined from the image or audio signal at the second computing device. A key exchange is performed between the first computing device and the second computing device wherein a key is derived at each of the first and second computing devices. In at least one embodiment, one or more security parameters (e.g. one or more public keys) are exchanged between the first and second computing devices, and techniques for securing the exchange of security parameters or authenticating exchanged security parameters are generally disclosed herein.

Abstract: A malware scanner 2, for malware such as computer viruses, worms, Trojans and the like, utilizes the external call characteristics associated with known items of malware to identify the presence of malware within a computer file. Malware written in a high level language when compiled can take a variety of different forms as object code, but these different object code forms will usually share external call characteristics to a sufficient degree to allow the presence of such external call characteristics to properly and accurately generically identify different compiled variants of the source code malware.

Abstract: Embodiments of the invention provide for encryption and decryption of data in a TDMA network using TDMA time values. In some embodiments, TDMA time values can be transmitted to terminals from a network controller using a burst time plan. These TDMA time values along with other data and/or counters can be combined to create a one-time key, which can be used to both encrypt data and/or decrypt data. Embodiments of the invention can decrease communication overhead by using the TDMA time value for TDMA purposes as well as for encryption purposes.

Abstract: According to one embodiment of the invention, an original dump file is received from a client machine to be forwarded to a dump file recipient. The original dump file is parsed to identify certain content of the original dump file that matches certain data patterns/categories. The original dump file is anonymized by modifying the identified content according to a predetermined algorithm, such that the identified content of the original dump file is no longer exposed, generating an anonymized dump file. The anonymized dump file is then transmitted to the dump file recipient. Technical content and infrastructure of the original dump file is maintained within the anonymized dump file after the anonymization, such that a utility application designed to process the original dump file can still process the anonymized dump file without exposing the identified content of the original dump file to the dump file recipient. Other methods and apparatuses are also described.

Abstract: A present novel and non-trivial decryption system and methods are disclosed for the secure storing of bulk data using one-time pad (“OTP”) encryption. A storage device could be initialized with an OTP prior to encrypting data received from a data source. Parts of the OTP may be retrieved and used to encrypt the data. Once the data has been encrypted, it may be stored in the same location(s) from where parts of the OTP were retrieved with an optional sterilization of the locations being performed during the encryption process. Besides a data source, an initialize station could be used to facilitate the initializing of the OTP onto the storage device, storing OTP parameters corresponding to the OTP, and deleting the OTP. Additionally, a retrieval station could be used to facilitate the retrieval and decryption of encrypted code using the OTP used in the encryption process.

Abstract: A network device management apparatus includes a search unit configured to search for a network device supporting a first communication protocol, an authentication information input unit configured to input authentication information used in communication with the network device using the first communication protocol, an authentication executing unit configured to execute authentication of the network device by using the authentication information, a first checking unit configured to, when the authentication by the authentication executing unit is successful, check whether a second communication protocol different from the first communication protocol is enabled in the network device, and a setting changing unit configured to change a setting of the second communication protocol depending on a result of the checking performed by the first checking unit.

Abstract: A program conversion device generates a program by obfuscating an original program, and generates and encrypts conversion parameters for inverse conversion of the obfuscated program. The program conversion device distributes the obfuscated program together with the encrypted conversion parameters. To execute the obfuscated program, a device having a high security level decrypts the encrypted parameters by using a decryption key stored in advance, applies inverse conversion to the obfuscated program by using the decrypted conversion parameters, and executes the program resulting from the inverse conversion. A device having a low security level executes the obfuscated program without any inverse conversion.

Abstract: A system for pre-boot authentication of a virtual appliance includes one or more subsystems to receive a command to power-on an information handling system (IHS). After receiving the command to power-on the IHS, the system initializes a power-on self test (POST), passes control of the IHS to a hypervisor, loads a concurrent service environment (CSE), requests user credentials, receives user credentials, authenticates user credentials using the CSE and authorizes a specific operating system image from a plurality of images to run on the IHS via the virtual appliance after the user credentials are authenticated.

Abstract: In one embodiment, a method is provided that may include encrypting, based least in part upon at least one key, one or more respective portions of input data to generate one or more respective portions of output data to be stored in one or more locations in storage. The method of this embodiment also may include generating, based at least in part upon the one or more respective portions of the output data, check data to be stored in the storage, and/or selecting the one or more locations in the storage so as to permit the one or more respective portions of the output data to be distributed among two or more storage devices comprised in the storage. Many modifications, variations, and alternatives are possible without departing from this embodiment.

Abstract: A document file is configured to restrict, without a costly special-purpose terminal or the like, use of document data contained therein, if the document data is taken out of a predetermined location. A document file contains (i) electronic document data, (ii) usage location information indicating one or more usage locations in which use of the electronic document data is less restricted, and (ii) a data management program that causes, when a user requests use of the electronic document data, a computer to request for user location information indicating the current location of the user. Under control of the data management program, use of the electronic document data is permitted within a first usage pattern, if the user location is included in the usage locations. If not, use of the electronic document data is prohibited or permitted within a second usage pattern which is more restricted than the first usage pattern.

Abstract: A method and apparatus for providing an automated SMS registration mechanism to support authentication, authorization, creation and maintenance of PKI related tasks using web authentication that is keyed by corporate Lightweight Directory Access Protocol (LDAP) are disclosed. In one embodiment, a LDAP is protocol that organizes directory hierarchies and interfaces to directory servers that can be used by an end user to access directory listing to locate people, addresses, phone numbers, and other resources in a public Internet or a corporate intranet.

Abstract: Computers are monitored for malware communicating directly with the NIC. The infection of computers with NIC level malware is detected. Operating system level network packet transmission statistics are monitored, as are transmission counters maintained by the NIC. The operating system level transmission statistics are compared to the NIC level transmission counters for a given period of time. If the NIC counters indicate the occurrence of a greater number of transmissions than as is indicated by the operating system level statistics, it is concluded that the computer is infected with NIC level malware.

Abstract: A disclosed information processing apparatus to which an application can be added determines whether access to a resource attempted by the application is allowable, based on access control information defining whether the application is given access authority to access the resource. Information regarding the attempted access is saved in a log file in the event that the application attempts to access the resource.