Abstract: Embodiments of the present invention provide methods and systems for numeric keypad encryption using an augmented reality device. The method may include establishing a secure connection to an augmented reality device. A random keypad layout is generated and sent to the augmented reality device. The random keypad layout is displayed in the augmented reality view over a real-world numeric keypad.

Abstract: Very strong, complex, unforgettable passwords unique to each web site are created for a user's Web site authentication by altering all or part of the web site address using, in a preferred embodiment, a predetermined encoding dictionary with more a single code for each entry and unique to each user. The entries in this preferred embodiment are single characters including characters used for words, punctuation, symbols and numerals; each single entry character appears more than once in the dictionary. The codes are of various character lengths and can be comprised of the same characters used in the entries. In a Web site authentication embodiment as well as for embodiments not used for Web site authentication, including pass-protecting files, the string of characters altered by encoding can be a private word or group of words. In another embodiment the password created by encoding is pseudo-randomly scrambled by using a seed unique to the user in order to create the password actually used.

Abstract: In an embodiment, a control device that is configured to onboard a target device to a secure local network by discovering a set of devices over a bootstrapping interface, establishing a bootstrap connection to at least one device from the set of devices in response to the discovery without authorizing the at least one device to access the secure local network, instructing the at least one device via the bootstrap connection to activate an observable function that is configured to be observable to one or more observation entities that are separate from the control device and are in proximity to the at least one device, determining whether an operator of the control device verifies that the observable function has been successfully detected as performed by the target device and selectively authorizing the at least one device to access the secure local network based on the determination.

Abstract: Embodiments are directed to using a hash signature of a rendered DOM object of a website to find similar content and behavior on other websites. Embodiments break a DOM into a large number of data portions (i.e., “shingles”), apply a hashing algorithm to the shingles, select a predetermined number of hashes from the hashed shingles according to a selection criteria to create a hash signature, and compare the hash signature to that of a reference page to determine similarity of website DOM object content. Embodiments can be used to identify phishing websites, defaced websites, spam websites, significant changes in the content of a webpage, copyright infringement, and any other suitable purposes related to the similarity between website DOM object content.

Abstract: Systems, methods, and apparatus for identifying anomalous behavior are provided. For example, a method may include receiving raw data, generating a behavior profile for the entity based on the raw data, receiving comparison data, determining whether the comparison data deviates from a pattern of behavior defined in the behavior profile, and identifying the comparison data as anomalous behavior when the comparison data deviates from the pattern of behavior. In one embodiment, the raw data includes recorded activity for the entity. In one embodiment, the behavior profile defines a pattern of behavior for the entity. In one embodiment, a countermeasure is performed upon identifying anomalous behavior. The countermeasure may include at least one of revoking the entity's credentials, denying the entity access to a resource, shutting down access to a port, and denying access to the entity. The method may further include providing a report of the anomalous behavior.

Abstract: Disclosed herein are techniques related to predetermining a token for use in a cryptographic system. A method includes providing a memento, mapping the memento to a candidate token according to a rule that updates a parameter, predetermine the token to be the candidate token, if the candidate token meets a test condition according to the rule, identifying a parameter value of the parameter, and providing the memento and the parameter value for future use as an input to re-generate the token. Another method disclosed herein is to re-generate the predetermined token for use in a cryptographic system. The method includes providing a memento associated with the predetermined token, providing a parameter value associated with the predetermined token, and providing a precept for mapping the memento to a candidate token. Further disclosed is instruction code for performing the techniques disclosed herein.

Abstract: A digital certificate is created transparently on a mobile device. A VPN appliance receives user credentials from an app, the credentials familiar to the user and associated with an enterprise authentication service. The credentials are validated, comprising the first user authentication in a two-factor authentication method. The user is then presented with a display in the app asking for a PIN. The appliance generates a PIN and sends it to the user via the user enterprise email. The user enters the PIN in the app display. This is the second factor in the two-factor authentication. Once the user is authenticated, the appliance sends data for generating a Certificate Signing Request (CSR) to the app. The app generates a CSR and the appliance sends the CSR to an enterprise CA. A certificate is signed and enrolled. The signed digital certificate is then sent to the wrapped app.

Abstract: A method and system for anonymizing data to be transmitted to a destination computing device is disclosed. Anonymization strategy for data anonymization is provided. Data to be transmitted is received from a user computer. A context sensing word is appended to the anonymized data. The anonymized data and the context sensing word are transmitted to the destination computing device. In one embodiment, the data includes a plurality of normal words and a plurality of stop words. A compacted stop word representative of each of the stop word and their relative position in the data is created. Anonymized normal words and anonymized compacted stop word is transmitted to the destination computing device.

Abstract: An off-host authentication system includes an authentication information handling system (IHS) that is coupled to a network. The off-host authentication system also includes a host processing system. An off-host processing system in the off-host authentication system is coupled to the host processing system and is coupled to the authentication IHS through the network. The off-host processing system provides an encrypted primary authentication item to the authentication IHS through the network. The off-host processing system then receives an encrypted secondary authentication token from the authentication IHS through the network. The off-host processing system then decrypts the encrypted secondary authentication token to produce a decrypted secondary authentication token and uses the decrypted secondary authentication token to retrieve a tertiary authentication token.

Abstract: The embodiments discussed herein relate to updating and encrypting passwords for one or more computing devices. The computing devices can be associated with a common user account. According to the embodiments discussed herein, the user the can update a password of the user account at one computing device, and log into another computing device using the updated password without having to provide the current password for the other computing device. The embodiments incorporate a variety of encryption and key generation methods in order to safely transmit password updates between local computing devices. Specifically, the embodiments set forth methods and apparatus for generating and storing breadcrumbs that allow for decrypting a current password of a computing device using a new password.

Abstract: Probabilistic surfacing of potentially sensitive identifiers is provided. In one embodiment of the present invention, a method of and computer program product for surfacing of potentially sensitive identifiers are provided. An input string is read. The input string has a length. The input string is divided into a plurality of tokens. Each of the tokens has a predetermined length. A score is determined for each of the plurality of tokens. A composite score is determined based on the scores of each of the plurality of tokens. Whether the input string comprises an identifier is determined by comparing the composite score to a predetermined threshold.

Abstract: Techniques for classifying non-process threats are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for classifying non-process threats comprising generating trace data of at least one observable event associated with execution of a process, representing a first feature of the at least one observable event of the trace data, calculating, using a computer processor, a similarity between the first feature and at least one sample feature, and classifying the process based on the similarity.

Abstract: A system and method for communicating with a client application that can include at a communication platform, receiving an authorization token of a first client application; verifying at least one permission associated with the authorization token; at a first server of the communication platform, accepting an incoming communication request; retrieving communication instructions from a server according to the incoming communication request; identifying an instruction to communicate with a communication destination of the first client application; and establishing communication with the first client application.

Abstract: The embodiments herein relate to a method performed by an AAA server (113) for enabling a non-SIM device (101b) to access a first network (100a) via a second network (100b). Based on a request for authorization to the first network (100a) from the non-SIM device (101b), the AAA server (113) obtains an identity associated with the non-SIM device (101b). The AAA server (113) transmits a request for a user profile associated with a user of the non-SIM device (101b) to the subscriber database (110). The request comprises the obtained identity for the non-SIM device (101b). The AAA server (113) receives, from the subscriber database (110), the requested user profile for the non-SIM device (101b). Based on the received user profile, the AAA server (113) authorizes the non-SIM device (101b) to access the first network (100a) via the second network (100b).

Abstract: The following embodiments generally relate to the use of a “swap area” in a non-volatile memory as an extension to volatile memory in a computing device. These embodiments include techniques to use both volatile memory and non-volatile swap memory to pre-load a plurality of applications, to control the bandwidth of swap operations, to encrypt data stored in the swap area, and to perform a fast clean-up of the swap area.

Abstract: A method of and an apparatus for managing authentication in an electronic apparatus are provided. The method includes obtaining authentication information using an authentication module; pairing the authentication information with an object to which access is controlled; and displaying an image related to the object together with the authentication information. The electronic apparatus includes an authentication module configured to obtain authentication information; a control module configured to pair the authentication information with an object to which access is controlled; and a display module configured to display an image related to the object together with the authentication information.

Abstract: One embodiment provides a method, including: receiving, from an end user device, authentication data of a user of a web service; storing, in a single sign-on service, data for authenticating the user to the web service; receiving, at the single sign-on service, one or more initiations for the web service from the user; generating, using a processor, anticipatory sign-on data for the user based on the one or more initiations for the web service; and storing, at the single sign-on service, the anticipatory sign-on data. Other aspects are described and claimed.

Abstract: Various features pertain to digital signatures for use in signing messages. In one aspect, a digital signature is generated based on a nonce derived using a per-message salt value, particularly a salt selected to provide a semi-deterministic nonce (i.e. a nonce that is neither fully deterministic nor completely random.) In one example, the nonce is generated by concatenating the salt value with a long-term private key and then applying the result to a key derivation function along with a hash of the message to be signed. The salt value may be, e.g., a counter, a context-specific message or may be randomly generated within a restricted range of values (relative to a full range of values associated with the particular digital signature generation protocol used to generate a digital signature from the nonce.

Abstract: A behavior change detection system collects behavior from a service, such as an online service, and detects behavior changes, either permanent or transient, in the service. Machine learning hierarchical (agglomerative) clustering techniques are utilized to compute deviations between clustered data sets representing an “answer” that the service presents to a series of requests.

Abstract: The disclosed principles describe systems and methods for assessing the security posture of a target device, wherein the assessment is performed by a scanning computer in communication with the target device via a communication network. By employing a system or method in accordance with the disclosed principles, distinct advantages are achieved. Specifically, conducting such a remote scan allows for the scanner computer to perform a remote scan of the remote device without installing client software to the remote device. Thus, the disclosed principles reduce the need for internal IT resources to manage the deployment and updates of client software on the target device. Also, conducting a remote scan according to the disclosed principles allows for the remote scan to be performed even if the scanner computer and remote device run different operating systems.