Abstract: A method, system and program product for maximizing virus check coverage, while minimizing redundancy in virus checking. The method includes evaluating, using an audit checking tool, whether or not a file in a working directory to be virus checked is a compressed file and, if the file is evaluated as being a compressed file, decompressing the compressed file evaluated using a decompression tool. Further, the method includes iterating the evaluating and decompressing steps to decompress any other files contained therein using the decompression tool and deleting a respective compressed file that is fully decompressed by the decompression tool without any errors from the working directory, while saving a respective compressed file that is not fully decompressed by the decompression tool. Furthermore, the method includes virus checking the working directory, such that, the virus checking does not virus check the respective compressed file that is deleted from the working directory.

Abstract: An operator recognition device is provided that eliminates the registration of data such as HMM data having a characteristic amount for which error in recognition occurs easily when recognizing an operator, and thus reduces the possibility of errors in recognition, and has stable recognition performance. When registering HMM data that is used when performing recognition processing, a speaker recognition device 100 eliminates the registration of HMM data of a password having a characteristic amount of the spoken voice component that is similar to a characteristic amount that is indicated by HMM data that is already registered, and does not allow the registration of HMM data for which it is estimated that error in recognition will occur easily during the recognition process.

Abstract: A method of manufacturing a device containing a key is disclosed. The method generally includes the steps of (A) fabricating a chip comprising a random number generator, a nonvolatile memory and a circuit, (B) applying electrical power to the chip to cause the random number generator to generate a signal conveying a sequence of random numbers, (C) commanding the chip to program a first arbitrary value among the random numbers into the nonvolatile memory, wherein the device is configured such that the first arbitrary value as stored in the nonvolatile memory is unreadable from external to the device and (D) packaging the chip.

Abstract: Various embodiments include an apparatus and a method to secure protected digital document content from tampering by their user, such as unauthenticated use or use violating a policy of the digital document. The digital document file can be transferred from a network node such as a web site server to a digital appliance, such as a computer, in encrypted form. The digital document file can be resident already on a device, and/or be transferred into a device that is connected to the digital appliance. The device (hereafter a DRM device) can internally store the digital document or part of the document. The DRM device may decrypt the digital document when requested to do so. The device may further format the content for usage, for example, convert text into its graphic bitmap representation. Device formatting can include sending plain text data to the digital appliance. The device may further process degradation to the resulted file, for example, reduce the resolution of the graphic representation.

Abstract: The client requests authentication by transmitting the authentication information entered by the user, the MAC address of the network adapter, and the address change information as to whether or not the MAC address has been changed. When the authentication information and the MAC address are in agreement with the details of registration, and if a change in the MAC address is recognized from the address change information, the server regards the authentication as being a failure and issues an access refusal, thus completing the processing. If a change in the MAC address is recognized, the fact may be notified to the manager to issue an access permit or an access refusal in accordance with the manager's instruction.

Abstract: A hash key is generated based on an information object and a lookup operation is performed in a hash table based on the hash key. A determination is made whether an entry in the hash table at an index corresponding to the hash key identifies a labelset for the information object. A labelset, identifying a sensitivity of the information object, is stored in the entry at the index corresponding to the hash key for the information object if a labelset for the information object is not identified in the entry in the hash table. Information flows involving the information object are authorized based on a lookup of the labelset associated with the information object in the hash table. The hash table may be a multidimensional hash table.

Abstract: A security system may detect a rootkit by detecting a filesystem configuration of the first system and comparing the filesystem configuration to a known valid filesystem configuration of a second system. The known valid filesystem configuration may be the filesystem configuration of a protected second system, or may be stored in a protected area of the second system. The first and second system may be part of a single device. The filesystem configuration of the first system and the known valid filesystem configuration are compared and differences are analyzed to determine if they are indicative of a rootkit. If a rootkit is detected, some embodiments may provide tools to clean, delete, or quarantine the rootkit. The second system may be provided by a security provider.

Abstract: A system and method for providing data content analysis is disclosed. The system includes an intelligent switch in a local area network, where the intelligent switch has content analysis applications stored therein and is configured to apply one or more content analysis applications on a port-by-port basis. The method includes remotely updating one or more content analysis applications at intelligent switches of subscriber networks.

Abstract: Plaintext/cyphertext pairs are generated for use in authenticating a device. The device performs a secure authentication algorithm on a secure authentication image file and a received plaintext challenge, and outputs a cyphertext response. If the cyphertext response matches a pre-stored cyphertext string associated with the plaintext challenge, then the device is authenticated. A master processor manages the generation of the plaintext/cyphertext pairs. Plaintext challenges are generated in the master processor using a binary counter and an n-bit key. Each plaintext challenge is transmitted to a first processor and a second processor. The first processor executes the secure authentication algorithm on each plaintext challenge and outputs a cyphertext response associated with each plaintext challenge. The second processor executes the secure authentication algorithm on each plaintext challenge and outputs a second cyphertext response associated with each plaintext challenge.

Abstract: A computer is configured for either full operation with metering or limited mode operation. When in limited mode operation, the system memory may be partitioned into active and restricted memory. The active memory may be limited to an amount needed to execute a limited mode operation application. The remaining restricted memory may be made inaccessible to the computer's processor. To verify the restricted memory remains unused, it may be filled with a pattern and the pattern periodically verified to determine that unauthorized programs are not using the restricted memory.

Abstract: A method and a system for preventing a network attack, the attack being caused by the presence of worms in the network, is provided. The method includes determining the number of packets being transmitted from each source in the network to a plurality of destinations, the packets being transmitted from a source with a set of characteristics. If the number of packets with the set of characteristics, being transmitted from a source, exceeds a predefined first threshold, then the signature of the packets is stored. Subsequently, if at least one of the pluralities of destinations of the packets identified with the source becomes a source of new packets, the new packets being transmitted to more than one destination; then the new packets are compared with the signature. If at least one new packet matches with the signature, then the worm is to be detected.

Abstract: An information handling system includes a processor, system memory, and a remote access resource that includes a virtual card reader enabled to establish a communication channel between the remote access resource and a remote card reader to communicate smart card reader access requests and response between them. The system may include an authentication module requiring two factor authentication including userid/password authentication and a physical card authentication. The communication channel enables remote physical card authentication. The resource further supports redirection of system console traffic enabling remote userid/password authentication. The virtual card reader is preferably operable to download a virtual card reader client to a remote management station to which the smart card reader is attached. The remote access resource may be operable to direct console traffic of the system to the remote management station to display a system login screen on the remote management station.

Abstract: A system is disclosed for centralized management of access permissions to specific devices on client terminals using a group policy framework. The system identifies a unique device identifier for a specific device, and allows policy to be set for the specific device based on identifying the specific device by its unique device identifier.

Abstract: Systems, devices, and methods for establishing a secure session for the transmission of data from an input device to a remote server device is disclosed. The input device may be an electronic check scanner attached to a banking customer's home personal computer. The customer may visit a bank's Internet website using the web browser or other application on their personal computer, and then submit scanned images of check to the bank. The bank, however, to ensure security and prevent fraud, may wish to establish a secure session between the devices and components in the system before the image data may be scanned and transmitted.

Abstract: Under the present invention, contract information corresponding to a first contract between a first contract partner and a customer, and contract information corresponding to a second contract between a second contract partner and the customer is received within a secure computer infrastructure. Based on the contract information, the first and second contracts are created. To provide desired isolation and security, the second contract is secured to prevent access thereof by the first contract partner. Then, approval and execution for both contracts is requested from the appropriate parties.

Abstract: A method and system for authenticating an item by using a security marking. The security marking is provided on the item with an OVD ink capable of absorbing light in a visible wavelength range to appear visibly black and producing a red fluorescent emission under ultraviolet excitation. Under visible light illumination and ultraviolet excitation, a visible image and a fluorescent image are obtained from the security marking using image scanners. The images are compared to find a substantial match with each other. The security marking can be a postage indicium, a barcode, a symbol, a message or an image. The item to be authenticated can be a mailpiece, a banknote, a tag, a ticket, a document, an identification card, or the like.

Abstract: A central server in a network of a hybrid peer to peer type, receives a request from a client for obtaining a digital document, where the request contains a reference of the digital document. The server selects a peer system of the network likely to contain the digital document, and generates an access key for controlling access to the digital document by the client, where the access key is generated by an encrypting method using a private key of the central server, a current time when the encrypting method is executed and an address of the client on the network. The server then sends a message to the client, where the message has the reference of the digital document, an address of the selected peer system on the network and the generated access key.

Abstract: A method for analyzing a network element may include assigning values to each of a plurality of vulnerabilities. The method may also include identifying a vulnerability associated with the network element and generating a risk indicator for the network element based on the assigned value associated with the identified vulnerability.

Abstract: A method, program and system (10) for processing data are disclosed. The method, program and system comprising the steps of: (a) receiving data representing a location of an item (e.g., people, personal property, real property, organizations, chemical compounds, organic compounds, proteins, biological structures, biometric values or atomic structures), (c) determining a plurality of fixed coordinates that represent the location (e.g., by “rounding” and/or comparing to a reference grid), (d) utilizing an algorithm (e.g., encryption, encoding and/or one-way function) to process the plurality of fixed coordinates (each separately or together), and (e) comparing the processed data to at least a portion of secondary data (perhaps comprising data previously stored in a database).

Abstract: A computer for a service provider receives from each member of two groups who is a user of a service via a mediating computer, a priority list in which member IDs of the other group is permuted in the priority order of a user and processing information that are encrypted so as not to be decrypted by the mediating computer. The ID of the priority list is encrypted with an encrypting key that is common to all members. The computer for a service provider performs matching, with ID in the priority list being left encrypted when the list is decrypted. The computer for a service provider decrypts the processing information, makes it in a state in which the matching result can be decrypted based on the processing information by only a person concerned, and sends it to each member via the mediating computer.