Abstract: Methods and devices for improving the reliability of communication between an aircraft and a remote system. The aircraft transmits a request for verification of security to a remote system. Upon reception of the response to this request, which includes at least one indication pertaining to the security of the remote system, the aircraft analyzes this indication and decides to establish or not to establish data communication between the aircraft and the remote system. When a verification request is received, the remote system is verified and a response to the request is transmitted to the aircraft.

Abstract: An information processing system comprises one or more processing devices of at least one processing platform. In one embodiment, the system comprises cloud infrastructure that is configured to validate an externally-generated security token issued to a user, to extract one or more claims from the validated externally-generated security token, and to create a session object to hold the extracted claim or claims. The cloud infrastructure issues an internally-generated security token based on the session object that allows the user to be identified to a protected resource. The internally-generated security token is validated in conjunction with a request from the user for access to the protected resource, and information associated with at least one extracted claim is selectively released responsive to validation of the internally-generated security token. Access of the user to the protected resource is granted or denied based on the selectively-released information.

Abstract: In one embodiment, a method includes accessing event information and payment information associated with an event listing on an event management system, and calculating a spam risk score for the event listing.

Abstract: A method of requesting and issuing a certificate from certification authority for use by an initiating correspondent with a registration authority is provided. The initiating correspondent makes a request for a certificate to the registration authority, and the registration authority sends the request to a certificate authority, which issues the certificate to the registration authority. The certificate is stored at a location in a directory and this location is associated with a pointer such as uniform resource locator (URL) that is derived from information contained in the certificate request. The initiating correspondent computes the location using the same information and forwards it to other corespondents. The other correspondents can then locate the certificate to authenticate the public key of the initiating correspondent.

Abstract: A management platform that allows security and compliance users to view risks and vulnerabilities in their environment with the added context of what other mitigating security countermeasures are associated with that vulnerability and that are applicable and/or available within the overall security architecture. Additionally, the platform allows users to take one or more actions from controlling the operation of a security countermeasure for mitigation purposes to documenting the awareness of a security countermeasure that is in place.

Abstract: For an antivirus scan during a data scrub operation, an antivirus scan is concurrently performed as an overlap with the data scrub operation, wherein the data scrub operation periodically inspects and corrects memory errors.

Abstract: System(s) and method(s) that employ deep packet inspection (DPI) of data flow relating to a requested service associated with a communication device to facilitate customizing the service or results provided by the service are presented. A service request can be received by a gateway identification of the service is attempted. If the service is identified, a privacy rule(s), which is contained in a user privacy profile of a user associated with the communication device, is analyzed to determine whether the privacy rule(s) applies to the service. If the privacy rule(s) is applicable, a DPI engine performs DPI on the data flow, in accordance with the privacy rule(s), to obtain information that can be used to customize the service or results provided by the service. The user can specify the level of DPI to be applied. A default rule can specify that no DPI is performed on the data flow.

Abstract: In one embodiment, the present invention is directed to the use of separate communication pathways over different types of networks to handle bearer and control signaling in connection with a license transaction.

Abstract: A secured process sourcing and work management system for processing secure information in a non-secure environment is disclosed. The system permits a user, referred to herein as a customer or requester, to submit a project, involving a human intelligence task (“HIT”), referred to as a task or task specification, to be performed with respect to secure, confidential or sensitive information, referred to herein as secure information, and have that project completed in a non-secure environment without compromising the security, confidentiality or sensitivity of the secure information. The system may be incorporated into the requestor's workflow, receiving projects therefrom and providing the results thereto.

Abstract: Embodiments of a multimode system for use in, for example, a fuel dispenser, are configured for receiving data in a retail environment. The multimode system can include: a secure input module for receiving high security input and low security input from a customer, the high security input to be communicated by the secure input module in cipher text, and the low security input to be communicated by the secure input module in plaintext. The multimode system is adapted to operate in a high security mode and a low security mode. The multimode system is adapted to enter the low security mode upon detection by the multimode system of a security breach condition. In the high security mode, the secure input module accepts low security input and high security input. In the low security mode, the secure input module accepts the low security input and does not accept the high security input.

Abstract: A system that incorporates teachings of the present disclosure may include, for example, a method for receiving a user input identifying a video signal, recording the video signal to the video data file and sending an instruction to a backup server. The instruction causes the backup server to concurrently record the video signal to a second video data file. The backup server can also record a second video signal to a second video data file based on a second instruction. Other embodiments are disclosed.

Abstract: According to one embodiment, a method of authenticating a user includes receiving login credentials identifying a user. A plurality of pressure readings are received from a plurality of pressure sensors coupled to a biometric grip device. The plurality of pressure readings comprise a first biometric pressure reading from a first pressure sensor coupled to the biometric grip device and a second biometric pressure reading from a second pressure sensor coupled the biometric grip device. The first and second biometric pressure readings measure a first pressure exerted at the first pressure sensor and a second pressure exerted at the second pressure sensor. A neurological number is generated from the plurality of pressure readings. The user is authenticated by comparing the neurological number with a registered neurological number. If the neurological number matches the registered neurological number, the user is authorized to access a computer system coupled to the biometric grip device.

Abstract: This disclosure describes a secure and computationally-efficient method to establish a single authentication context for multiple identities. The method is implemented in an authentication system using a key exchange protocol, namely, the Diffie-Hellman key exchange. One or more entities that desire to authenticate (either individually or jointly) register with the authentication system and receive private Diffie-Hellman keys (the PINs). Later, during an authentication operation, each entity provides the PIN to the authentication system, preferably over a secure transport. The authentication system, using Diffie-Hellman key exchange artifacts, generates a Diffie-Hellman cryptographic value for each PIN, although the value need not be maintained private. The authentication system orders the Diffie-Hellman values as a “partially ordered set” to form a lattice. An authentication context is derived from the Diffie-Hellman values in the lattice.

Abstract: The present invention relates to an electronic apparatus, an information processing method, and a program that allow a provision server of an application to be capable of easily causing an electronic apparatus having an IC chip to manage data. When a service-issuing command transmitted from a service-issuing terminal 11 is received, in a service-issuing function 21 of an IC card 2, information indicating a service data structure and a program describing a processing sequence that correspond to an identifier transmitted as a command parameter are acquired from a service definition database 23. In the service-issuing function 21, IC-card internal processing is performed, and a service data structure for managing data to be used for receiving the provision of a specific application is prepared in a file system 22. The present invention can be applied to an apparatus having an IC chip.

Abstract: Monitoring integrity of a running computer system is based on creating a Test Model which includes predicates descriptive of invariant properties of security relevant objects and their attributes in the monitored structure known-to-be “healthy”, acquiring memory image of a portion of the running monitored structure, decomposing the acquired memory image to retrieve representation of the security relevant objects of interest, by implementing the attributes of the Test Model, and verifying, by implementing the predicates, whether the invariant properties defined in the Test Model remain unchanged for the running host system. If a discrepancy is detected, a signal indicative of a detected discrepancy is transmitted to a management entity for analysis and formulating a course of action.

Abstract: In extended Feistel type common key block cipher processing, a configuration is realized in which an encryption function and a decryption function are commonly used. In a cryptographic processing configuration to which an extended Feistel structure in which the number of data lines d is set to an integer satisfying d?3 is applied, involution properties, that is, the application of a common function to encryption processing and decryption processing, can be achieved. With a configuration in which round keys are permuted or F-functions are permuted in the decryption processing, processing using a common function can be performed by setting swap functions for the encryption processing and the decryption processing to have the same processing style.

Abstract: Methods, systems and devices examine data flows in a communication system control network for known malware threats and suspicious properties typically associated with malware threats. A policy management system inside the control network accesses a user repository and a charging network, and performs pattern matching and/or observed behavior detection methods to determine if the data flows carry content (e.g., malware) that poses a security risk to network or wireless devices. The policy management system generates policy rules based on user preferences and risk-level. The policy management system sends the generated policy rules to a gateway/PCEF, which blocks the data flows, allows the data flows, or restricts the data flow based on the policy rules.

Abstract: A dynamic URLs construction system includes a publisher server and one content accessor server. The publisher server has a content URL access module, a content access module and a content database for storing media content and providing content URL accessing instructions and media content to a content accessor server. Media content provided by a publisher is accessed using dynamic URLs. A content accessor server includes at least one dynamic URL generation module and one content retrieval module. The content accessor server receives a content ID and a template URL containing instruction for constructing the corresponding dynamic URL from the publisher server. The dynamic URL generation module parses the template URL instructions, obtains an access key associated with the dynamic URL and constructs the dynamic URL using the access key and the content ID. The content retrieval module retrieves the content referenced by the dynamic URL.

Abstract: Described herein are systems and methods for access control management, these generally being directed towards location aware access control management. Embodiments of the invention have been particularly developed for providing additional functionalities in access control systems having disconnected devices, and the present disclosure is primarily focused accordingly. For example, embodiments include access control devices configured to operate in conjunction with a GPS receiver or other source of geographical positional information, and methods associated with the use of such devices.

Abstract: An improved file security system that manages secured files (documents) is disclosed. The file security system provides centralized management and storage of security information that can be referenced by secured files. In other words, a secured file need not itself contain security information that is needed to determine whether access to the secured file is to be permitted. That is, at least a portion of the security information can be remotely stored and accessed by way of an identifier that is provided within the secured file. By centralizing storage of security information, the file security system is able to subsequently modify access criteria for secured files (documents) without having to physically make modifications to the secured files.