Abstract: Systems and methods provide for clickjacking prevention code provided in an embedded webpage to prevent clickjacking when the embedded webpage is called by an embedding webpage determined to be illegitimate. When the embedded webpage is loaded on a user device, the clickjacking prevention code is executed and initially prevents content of the embedded webpage from being rendered. Additionally, the clickjacking prevention code sends a message containing a secret to a known domain that provides legitimate embedding webpages. When the embedding webpage sends a message to the embedded webpage, the message is checked to see if it contains the secret. If the message contains the secret, the embedding webpage is legitimate since it originated from the known domain, and the content of the embedded webpage is rendered. Alternatively, if the message does not contain the secret, the content of the webpage is not rendered.

Abstract: A cybersecurity engine can guide a forensic investigation of a security incident by estimating the utility of investigating events associated with the security incident, selecting a subset of such events based on the estimated utilities, and presenting data associated with the selected events to the investigator. A method for guiding a response to a security incident may include estimating, for each of a plurality of security events associated with the security incident, a utility of investigating the security event. The method may further include selecting a subset of the security events based, at least in part, on the estimated utilities of investigating the security events. The method may further include guiding the response to the security incident by presenting, to a user, data corresponding to the selected security events.

Abstract: A method and proxy device for cross-tenant data leakage isolation in a multi-tenant database are provided. The method includes monitoring, by a proxy device, traffic flows between a server executing at least one cloud-based application and the multi-tenant database, wherein the proxy device is communicatively connected between the server and the multi-tenant database; capturing, by the proxy device, at least a request to access the multi-tenant database, wherein the request is communicated using a database-specific protocol; analyzing the request to determine if the request is legitimate; upon determining that the request is not legitimate, modifying the request to point to a global-tenant table and to designate a unique tenant identifier, wherein the unique tenant identifier corresponds to a tenant-specific table name designated in the global-tenant table; and sending the modified request to the multi-tenant database using the database-specific protocol.

Abstract: A method and device for communication and control of access including an access point containing a screen and camera whereby a visitor who is not preauthorized desires to communicate with a remote entity and uses a smartphone, holding it in line of sight of the camera, which smartphone contains indicia that is transmitted by the camera to the remote entity to obtain access.

Abstract: A system for generating symmetric cryptographic keys for communications between hosts. Hosts use associated devices to generate secret keys. Each key is generated based on a static seed and a dynamic seed. The dynamic seed is created from sensor data or auxiliary data. The secret key allows host machines to encrypt, or decrypt, plaintext messages sent to, or received from, other host machines.

Abstract: When storing encrypted data within a database, a key identifier may be appended to the encrypted data as a prefix. Then, when decrypting the encrypted data, the key identifier may then be used to identify an encryption key used to encrypt the data, even when multiple encryption keys have been used in encrypting and storing the encrypted data as a whole.

Abstract: A method for user identity authentication is provided. The method includes receiving an authentication image selected by a user, and acquiring, based on the authentication image, a password to be verified. The method may further include acquiring a preset verification password, and comparing the verification password with the password to be verified to obtain a user identity authentication result.

Abstract: Methods, computer program products, and systems are set forth herein and can include examining a video file using content of an authorship attribution database, the authorship attribution database including one or more authorship attribution video file record; and determining authorship attribution of the video file based on the examining. The authorship attribution database can include one or more authorship attribution video file record.

Abstract: A system for generating symmetric cryptographic keys for communications between hosts. Hosts use associated devices to generate secret keys. Each key is generated based on a static seed and a dynamic seed. The dynamic seed is created from sensor data or auxiliary data. The secret key allows host machines to encrypt, or decrypt, plaintext messages sent to, or received from, other host machines.

Abstract: A device controller interfaced between an electronic processing device and a sector-based data storage device, includes a processor connected to a clock, and a computer memory having a control list stored therein. A control list includes a security feature entry having a target sector range, time data associated with the target sector range, and at least one security response associated with the target sector range. The processor determines, based at least in part on interrogation of the control list and a clock time, the time data of the entry conflicts with the clock time, and executes the at least one security response.

Abstract: An embodiment may create a memory image including a representation of a thread environment block (TEB) and representation of a process environment block (PEB) according to specifications of an operating system. A memory image may be loaded into a memory and a shellcode may be caused to use the memory image when executed. An access to the memory image, made by the shellcode, may be monitored and controlled.

Abstract: Methods, computer program products, and systems are set forth herein and can include examining a video file using content of an authorship attribution database, the authorship attribution database including one or more authorship attribution video file record; and determining authorship attribution of the video file based on the examining. The authorship attribution database can include one or more authorship attribution video file record.

Abstract: Security systems and methods are disclosed that associate several human entities each with a corresponding cryptographic utility token inventory and trustworthiness indication. The trustworthiness indications each shift each at a rate substantially correlating with its corresponding cryptographic utility token inventory so as to allow different entities to become trusted and untrusted over time. This triggers automatic privilege modifications that enhance security within a networked community invested in cryptographic utility tokens.

Abstract: Provided is a portfolio creation system capable of accumulating activity records, summarizing the accumulated activity records as a portfolio, and preventing pretension of a third party. The portfolio creation system includes an approval storage table (group user table 211) that stores an approval determined by an adviser who determines approval or disapproval of registration of a user, for each user, an authentication unit that prohibits use of the user who is not given the approval and allows use of an approved user who is given the approval, a user table (205) that stores information relating to the approved user, an activity table (206) that stores the activity record which is a record of an activity of the approved user, an activity record display unit that displays the activity record in a selectable form, and a portfolio creation unit that creates the portfolio based on the information relating to the approved user and the selected activity record.

Abstract: Embodiments are directed to monitoring network traffic using network computers. Monitoring triggers associated with one or more conditions and one or more actions may be provided. A monitoring engine may monitor information that is associated with network traffic associated with networks based on an inspection detail level. The monitoring engine may compare the monitored information to the conditions associated with the monitoring triggers. The monitoring engine may activate one or more monitoring triggers based on a result of the comparison. The monitoring engine may modify the inspection detail level based on the actions associated with the activated monitoring triggers to increase the amount of the information monitored by the monitoring engine. An analysis engine may provide analysis of the network traffic based on the monitored information.

Abstract: A capability is provided for securely transferring a file within network-based storage. A capability is provided for securely transferring a user file of a user from a first server to a second server. The first server may be associated with a first service provider and the second server may be associated with a second service provider. The secure transfer of a user file from the first server to the second server may be performed based on a One-Click File Transfer capability in which only a single click by the user is needed in order for the user file to be transferred. The secure transfer of a user file from the first server to the second server may be performed based on a Zero-Click File Transfer capability in which the user file may be transferred without any interaction by the user.

Abstract: Various systems and methods for using power challenges to authenticate network devices are disclosed herein. For example, one method involves initiating a power challenge to authenticate an endpoint device, which involves, at least in part, requesting the endpoint device to perform a specific power signature; receiving data indicating whether the endpoint device performed the requested power signature within a given time interval, wherein the data can be received from, e.g., a power interface or other device capable of observing the endpoint device; processing the received data to determine if the endpoint device correctly performed the requested power signature; and if the endpoint correctly performed the power signature, authenticating the endpoint.

Abstract: Method and system for authenticating a session on a communication device. One method includes determining a use context of the communication device and an authentication status of the communication device. The method further includes determining a predetermined period of time based on at least one of the use context and the authentication status. The method further includes generating biometric templates based on at least one of the use context and the authentication status. The method further includes selecting a matching threshold for the biometric templates based on at least one of the use context and the authentication status. The method further includes comparing a match score of each of the biometric templates to the matching threshold to determine a passing amount of biometric templates with match scores that meet or exceed the matching threshold. The method further includes authenticating the session on the communication device.

Abstract: Techniques to secure computation data in a computing environment from untrusted code. These techniques involve an isolated environment within the computing environment and an application programming interface (API) component to execute a key exchange protocol that ensures data integrity and data confidentiality for data communicated out of the isolated environment. The isolated environment includes an isolated memory region to store a code package. The key exchange protocol further involves a verification process for the code package stored in the isolated environment to determine whether the one or more exchanged encryption keys have been compromised. If the signature successfully authenticates the one or more keys, a secure communication channel is established to the isolated environment and access to the code package's functionality is enabled. Other embodiments are described and claimed.

Abstract: A display apparatus which determines a screen to be displayed when a power-on command is input, and method thereof, is provided. The display apparatus includes a display configured to display a content; an input unit configured to receive a command; and a controller configured to: in response to a power-off command being input while a content is displayed, determine whether or not the displayed content is appropriate to be subsequently displayed when a power-on command is input; in response to determining that the displayed content is not appropriate to be subsequently displayed when the power-on command is input, store a predetermined initial screen; in response to determining that the displayed content is appropriate to be subsequently displayed when a power-on command is input, store the displayed content; and in response to a power-on command being input, control the display to display the predetermined initial screen or the displayed content.