Abstract: A mobile communications device includes a plurality of first input devices capable of passively collecting input data, a second input device(s) capable of collecting response data based upon a challenge, and a processor capable of determining a level of assurance (LOA) that possession of the mobile communications device has not changed based upon a statistical behavioral model and the passively received input data, and comparing the LOA with a security threshold. When the LOA is above the security threshold, the processor may be capable of performing a given mobile device operation without requiring response data from the second input device(s). When the LOA falls below the security threshold, the processor may be capable of generating the challenge, performing the given mobile device operation responsive to valid response data, and adding recent input data to the statistical behavioral model responsive to receipt of the valid response data.

Abstract: A system of replicating data stored on a source node. Replication can be configured between two controllers, the source node on the one hand, and a target node on the other. A synchronization relationship between the source node and the target node is established and maintained. The synchronization relationship can be quickly and easily created for disaster recovery, real-time backup and failover, thereby ensuring that data on the source node is fully-protected at an off-site location or on another server or VM, for example, at another data center, a different building or elsewhere in the cloud. Processes described herein streamline the entire replication setup process, thereby significantly reducing error rates in conventional systems and making the replication process more user friendly than in conventional systems.

Abstract: An attack detection apparatus (6) collects packets a transmission source or a transmission destination of which is a protection target apparatus (5), and generates packet information by setting an entry for each collected packet and describing attribute data of the packet together with occurrence time of the packet for each entry. Further, the attack detection apparatus (6) stores definition information which defines an extraction time width and an extraction condition for each category of attack.

Abstract: Embodiments described herein may be directed to systems, methods, apparatuses, devices, computer program products, computer-executable instructions, and/or applications for securely and anonymously accessing web resources and customizable attribution of identity. In accordance with the present disclosure, a user may inspect and analyze a webpage as well as the underlying source code from an “arm's length” using a secure analysis application to prevent exposure on the user's local machine. The secure analysis application may provide increased flexibility in masking and/or modifying the user's digital persona to external websites. Additionally, the secure analysis application may be integrated with a translation service to translate textual web content without the web content provider being alerted that a translation is taking place.

Abstract: A method for managing unlinkable database user identifiers includes distributing to a first database a first encrypted user identifier, a first database identifier, and a first database user identifier; distributing to a second database a second encrypted user identifier, a second database identifier, and a second database user identifier; receiving from the first database a third encryption and a fourth encryption, the third encryption being formed from the first encrypted user identifier, the second database identifier, and a message comprised in the fourth encryption; decrypting the third encryption thereby obtaining a decrypted value; deriving a blinded user identifier from the decrypted value; and sending the encrypted blinded user identifier and the fourth encrypted value to the second server thereby enabling the second server to compute the second database user identifier from the encrypted blinded database user identifier and the decrypted fourth encrypted value.

Abstract: Data storage devices (“DSDs”) can be cryptographically locked, and may be unlocked with encryption keys. One or more encryption keys may be stored remotely in a key server, and may be retrieved by a removable circuit that can be coupled to a server, such as a data server, email server, file system server, other server, or other system. The removable circuit can determine which of the DSDs are locked, and may transmit a request to the key server for encryption keys corresponding to the locked DSDs. The removable circuit can unlock the locked DSDs with the encryption keys provided by the key server.

Abstract: The disclosed embodiments provide a system that processes data. During operation, the system uses a first key to protect a write operation on the data. Next, the system uses a second key to protect a read operation on the data.

Abstract: A firewall security platform is provided for enhancing security of a network. The firewall security platform includes at least one interface to communicate the identity and current status of one or more traffic requesters and at least one device for receiving instructions from a user. Communication data packets associated with the one or more traffic requesters are allowed for communication via the network or denied and blocked by the firewall security platform based on the current status of each of the one or more traffic requesters. The user's instructions include making a selection, with the selection including members that are at least one of the one or more traffic requesters. The current status of each member of the selection is altered in response to the making of the selection.

Abstract: Techniques for automatic repair of corrupt files (e.g., malware sample files) for a detonation engine are disclosed. In some embodiments, a system, process, and/or computer program for automatic repair of corrupt files for a detonation engine includes receiving a malware sample from a network device; determining whether the malware sample includes a corrupt file; and in an event that the malware sample is determined to include the corrupt file, repairing the corrupt file for the detonation engine.

Abstract: Mechanisms are provided for performing an operation on a received data packet. A data packet is received and a hash operation on a header field value of a header of the data packet is performed to generate a hash value. A lookup operation is performed in a hash table associated with a type of the header field value to identify a hash table entry. A bit string associated with the hash table entry is retrieved, where each bit in the bit string corresponds to a class of rules of a rule set of a firewall. A matching operation of the header field value to rules in classes of rules corresponding to bits set in the bit string is performed to select one or more search trees. Operations are performed based on rules in the classes of rules being matched by header field value of the data packet.

Abstract: An apparatus, comprising an enhanced function block and a stateless function block; main routing means for routing, based on a header of a data packet and an incoming port, the data packet to one of the enhanced function block and the stateless function block; wherein the enhanced function blocks comprises providing means for providing an information comprised in the data packet to a control device; an enhanced function means for executing an enhanced function on the data packet to obtain a first processed data packet addressed to a destination address, wherein the enhanced function is based on an instruction for the data packet received in response to the provided information; and a first routing means for routing the first processed data packet to the destination address; and the stateless function blocks comprises a stateless function means for executing a stateless function on the data packet, wherein the stateless function is not based on an instruction for the data packet received in response to providi

Abstract: An authentication method based on a time stamp is executed by at least one processor of a server. At least two force renew messages are generated in turn when a configuration of Dynamic Host Configuration Protocol (DHCP) of the server is changed. The at least two force renew messages are encrypted asymmetrically with a private key of the server. The encrypted force renew messages are sent to a client according to a generating order of the force renew messages. A reply message is sent to the client when receiving a renew message from the client.

Abstract: Embodiments of the invention are directed at an enhanced data interface (EDI) for contactless communications between a mobile application operating on a mobile device and an access device (e.g., contactless reader) that allows for enhanced verification between the mobile device and access device. One embodiment of the invention is directed to a method. The method comprises a mobile device receiving a request for available applets from an access device and providing a list of available applets including trusted applet identifiers and untrusted applet identifiers to the access device. The method further comprises receiving a selection of an untrusted applet identifier from the list and an entity identifier associated with the access device, validating that the access device is authorized to access credentials associated with the selected untrusted applet identifier using the entity identifier, and providing the credentials associated with the selected untrusted applet identifier to the access device.

Abstract: A mechanism is provided for performing an action on a second computer device. An information receiving unit in a first computer device receives a first message from a security management device, wherein the security management device performs a security analysis. A management program module in the first computer device determines a first action and a first trigger condition according to the security analysis. The management program module sends the first action through a second message to the second computer device via a network instructing the second computer device to perform the first action in response to the first trigger condition being met.

Abstract: An apparatus for content handling is provided. The apparatus comprises a content server arranged to provide a content analysis environment to a client terminal, and to provide content to the client terminal for analysis within the content analysis environment once the content analysis environment has been established at the client terminal, wherein the client terminal is arranged: to download the content from the content server into the content analysis environment; to encrypt the downloaded content and store the encrypted content therein in a persistent form; to decrypt the encrypted content into working memory therein for analysis within content analysis environment; to encrypt analyzed content and store the encrypted analyzed content therein in a persistent form; and to decrypt the encrypted analyzed content and to upload this decrypted content to the content server.

Abstract: In some embodiments, an electronic signature service automatically updates electronic documents to prevent execution by an unauthorized signatory. The electronic signature service can receive an electronic document to be electronically signed on behalf of an organization. The electronic signature service can retrieve organization data indicative of signatories that are authorized to electronically sign the electronic document. The organization data may be inaccessible to a first signatory that is associated with the document. The electronic signature service can determine from the organization data that the first signatory is not authorized to electronically sign the document. The electronic signature service can update the electronic document with a second signatory that is determined from the organization data as being authorized to execute the document.

Abstract: A method, apparatus and/or computer program provides secure user authentication in a network having a dynamic set of services. The method comprises a client authenticating with an edge service and generating a query key. The edge service issues a request to the dynamic set of services. The request comprises (i) an encrypted identifier associated with the client, (ii) a private portion of the request being encrypted with the query key, and (iii) a public portion of the request. In response to ascertaining from the public portion of the request that it is able to respond to the request, one or more of the dynamic set of services respond to the edge service with (i) an identifier associated with the dynamic set of services, and (ii) the identifier associated with the client. The edge service then authenticates that it is able to respond to the request, including generating a session key.

Abstract: A transmitter is configured to change its unique radio signature enough to defeat radio fingerprinting identification without destroying the content of the transmissions. The transmitter may be configured for defeating both transient-signal fingerprinting and steady-state fingerprinting. The transmitter may be configured to obfuscate transient detection. The transmitter may continuously vary spectral, amplitude, and/or phase characteristics of its transmissions to defeat radio fingerprinting. The transmitter may pair radio fingerprints with subscriber terminal identification codes (e.g., MAC addresses or SMSIs) for generating different radio identities. The transmitter may measure another transmitter's radio fingerprint, and, compensating for its own radio fingerprint, spoof the measured radio fingerprint.

Abstract: Systems and methods using drawings as security information are disclosed. According to an aspect, a computing device may include a touchscreen display configured to receive information for drawing a security picture. Further, the computing device may include a security manager configured to determine one or more characteristics associated with input of the gesture information. The security manager may also be configured to authenticate a user based on the drawn security picture and the one or more characteristics associated with input of the gesture information.

Abstract: A method and system for bringing together online and offline advertising uses anonymous links that are associated with consumer data. The anonymous links allow processing without personally identifiable information (PII) in a secure environment. Data is matched using the anonymous links, and further using identifiers that are encrypted for use in connection with individual match distribution partners. The method and system allows a marketer to utilize offline data to precisely target advertisements without the use of PII, and to perform analytics concerning the use of the online advertisements to more precisely determine the effectiveness of multichannel marketing efforts.