Abstract: Various embodiments provide methods performed by an modem-assisted-service-classification (MASC) client application operating on a multi-SIM computing device for implementing MASC functionality for two or more subscriptions. In various embodiments, the MASC client may implement MASC functionality by associating MASC policies for one or more access point names (APNs) with a specific subscription and by applying those policies to applications associated with those one or more APNs while that specific subscription is in active communication with its network. Thus, by managing a mapping of subscriptions, APNs/networks, and applications, the MASC client may enable implementation of MASC functionality for a multi-SIM computing device.

Abstract: An information security attachment device for voice communication and an information security method for voice communication using the same are provided. The information security attachment device includes a user interface unit, a compression unit, an encryption and decryption unit, and a conversion unit. The user interface unit receives an information security request from a user, and displays whether or not information security is being performed. The compression unit compresses a voice signal. The encryption and decryption unit encrypts the compressed voice data in response to an information security request or an information security control command, requests a terminal to send the encrypted voice data, decrypts the encrypted voice data in response to an information security request or an information security control command, and outputs the decrypted voice data. The conversion unit restores the voice data to an analog voice signal, and outputs the restored analog voice signal.

Abstract: Disclosed herein is a system to validate information about a user, or users, derived from publicly-accessible data. The system comprises a validation system that uses private data about the user to validate the user information derived from the publicly-accessible data. The validation system may receive a validation request in connection with an inconclusive result derived from the publicly-accessible data.

Abstract: A cloud storage system includes an encryption server configured to encrypt a plurality of data by using encryption keys having a hierarchy, the hierarchy of encryption keys corresponding to a relationship among the plurality of encrypted data, and a cloud storage server configured to store the plurality of encrypted data.

Abstract: A system and method for dynamic and secure communication and synchronization of personal data records through a distributed network. More specifically, a system that receives, stores and secures personal data records for users and then transmits and synchronizes personal data records between users in a distributed network based on rule-based security controls.

Abstract: A method is provided for identifying a compromised client device from a masquerading device. The method includes capturing a plurality of attributes from a network device connecting to a web service. In a specific embodiment, each of the attributes represents a parameter, and the plurality of parameters uniquely identifying the network device from a plurality of other networks devices. The method maintains the network device substantially free from any software programs associated with the capturing of the plurality of attributes. That is, in a specific embodiment, the method does not rely on installing executable code in the network device to capture the attributes. Based on information associated with the attributes, the method can determine if the network device is compromised.

Abstract: A system for viewing at a client device a series of three-dimensional virtual views over the Internet of a volume visualization dataset contained on centralized databases employs a transmitter for securely sending volume visualization dataset from a remote location to the centralized database, more than one central data storage medium containing the volume visualization dataset, and a plurality of servers in communication with the centralized databases to create virtual views based on client requests. A resource manager load balances the servers, a security device controls communications between the client device and server and the resource manager and central storage medium. Physically secured sites house the components. A web application accepts at the remote location user requests for a virtual view of the volume visualization dataset, transmits the request to the servers, receives the resulting virtual view from the servers, and displays the resulting virtual view to the remote user.

Abstract: The various implementations described herein include systems, methods and/or devices used to enable secure erase in a memory device. In one aspect, the method includes detecting a secure erase trigger. The method further includes determining a secure erase algorithm from among one or more secure erase algorithms to use in accordance with the detected secure erase trigger. The method further includes performing a secure erase operation in accordance with the selected secure erase algorithm, the secure erase operation including: (1) signaling a secure erase condition to a plurality of controllers on the memory device, (2) erasing one or more non-volatile memory devices on the memory device, (3) monitoring the secure erase operation, and (4) recording data related to the secure erase operation.

Abstract: A method for processing an operation request includes: detecting by a terminal an operation request, and sending an operation request message to a smart card; receiving by the smart card the operation request message, storing by the smart card the operation request message, generating by the smart card a joint password, generating a signature message, sending by the smart card at least the signature message to the terminal; outputting by the smart card a prompt message about the joint password, if the smart card detects that the smart card is disconnected from the terminal after the terminal obtains the signature message; receiving by the terminal the joint password, using the joint password as a password to be verified, notifying a verification device by the terminal to verify the signature message, and triggering by the verification device a procedure responding to the operation request if the signature message is successfully verified.

Abstract: Methods and systems are provided for creation and implementation of firewall policies. Method of the present invention includes enabling a firewall device to maintain a log of network traffic flow observed by the device. The method further includes enabling firewall device to receive an administrator request for a customized report to be generated based on log of network traffic and generating the report by extracting information from the log based on report parameters, where the report includes desired network traffic items that are associated with one or more action objects. The method further provides for firewall device to receive a directive to implement an appropriate firewall policy on one or more network traffic items responsive to interaction of administrator with one or more action objects corresponding to the network traffic items. Based on the directive and information from log, the firewall then defines and/or establishes appropriate firewall policy.

Abstract: A communication device employs a contactless secure communication interface to transmit and receive data with a computing device using close proximity extremely high frequency (EHF) communication. The communication device and the computing device periodically initiate a discovery operation mode, whereby the devices periodically transmit identifying information about the respective devices and listen for identifying information from the other device. Upon completion of the discovery mode operation, the devices enter a link-training operation mode and exchange capability information about the respective devices. During transport mode operation the communication device employs methods to manage access to data stored on the communication device by encrypting the data using one or a combination of training information or capability information as a basis for generating an encryption key.

Abstract: Systems and methods for controlling access to multiple applications on a computing device are provided. One embodiment of a system includes an access device configured to: receive a request to access a first application and a device identifier; authenticate the user using a user credential associated with the user and store the device identifier in association with a login identifier in response to authentication of the user. The access device can be further configured to receive a request to access a second application and the device identifier. The access device can allow access to the second application based on the previous authentication of the user.

Abstract: A device, method, and system for managing authorization for rendering of digital media recordings by a networked rendering device are disclosed. The device includes a processor and a memory. The device receives metadata identifying a recording of a specific audio performance, and searches for a source providing the recording. The device obtains a token authorizing the source to deliver the recording to the rendering device. The device provides the token to the source, receives the recording from the source, and renders the recording. An agent may serve as an intermediary between the rendering device and the source.

Abstract: The present disclosure is directed to a system and method for sharing sensitive personal data such as personally identifying data and financial data of a user. In an aspect the exchange of data is facilitated by a trusted contract broker, which is in communication with a client device and an external application. The contract broker having access to needs and rules for each of the client device and the external application, and the contract broker brokering the secure exchange of data between the client device and the contract broker according to said needs and rules. In an aspect, an electronic representation of a subset of personal data needed to satisfy an ad-hoc rule of said external application is generated in a client device and delivered to the external application.

Abstract: The terminal device include the file creation unit for storing a file including a public key in the external storage medium when the terminal device is connected with the external storage medium, and the decryption unit for decrypting the encrypted log using a secret key corresponding to the public key when the terminal is reconnected with the external storage medium storing the encrypted log. The image processing apparatus includes the encryption unit for encrypting a log using the public key stored in the file of the external storage medium, and storing the encrypted log in the external storage medium, when the image processing apparatus is connected with the external storage medium storing the file.

Abstract: A method for generating and check-controlling a network identity identification code in a network electronic identity is provided for the establishment of a unified network identity management and service ecosystem that effectively protects the network application security and identity information privacy of citizens. A server performs initialization and generates and distributes random numbers while receiving and auditing a request to generate a network identity identification code from a client. If the client passes the audit, encryption coding is performed and a network identity identification code is generated and sent to a network electronic identification card through the client. The network electronic identification card performs check processing of the network identity identification code, and feeds back a result to the server. The server stores the network identity identification code into a database, and informs the user.

Abstract: A method and system for graduated security in an identity management system utilize differing levels of time sensitivity, channel security and authentication security to provide a multi-dimensional approach to providing the right fit for differing identity requests. The differing levels of security can be selected by user preference, membersite request or homesite policy.

Abstract: An electronic device, a personal cloud apparatus, a personal cloud system, and a method thereof for registering personal cloud apparatus are provided. The method of the electronic device for registering the personal cloud apparatus includes pairing with the personal cloud apparatus when an application is executed, acquiring information about an access point and transmitting the same to the personal cloud apparatus to connect the personal cloud apparatus to a network, and registering the personal cloud apparatus to a registration server, when the personal cloud apparatus is connected to the network via the access point. As a result, users are able to upload or download various contents using the personal cloud apparatus, inside or outside the house.

Abstract: An authentication device includes: a memory; and a processor coupled to the memory and configured to: when a registration request including authentication information to be used during authentication is received from a terminal device, generate registration information using the authentication information and key information and store the registration information in the memory, and when an authentication request including input information to be handled as the target of the authentication is received from the terminal device, generate a result of the authentication based on the input information, the registration information, and the key information, and transmit the result of the authentication to the terminal device.

Abstract: A user device is configured for communication with a distributed verification system over a network. The user device generates first and second keys from a master key for a password vault or other credential store, provides the first key to the distributed verification system, encrypts the credential store based at least in part on the second key, and provides the encrypted credential store to the distributed verification system. The credential store is encrypted utilizing the second key and information that is stored in a distributed manner over a plurality of servers of the distributed verification system. For example, encrypting the credential store illustratively comprises generating a ciphertext by encrypting the credential store utilizing the second key, obtaining a third key stored in the distributed manner over the servers, and encrypting the ciphertext utilizing the third key to generate the encrypted credential store that is provided to the distributed verification system.