Abstract: Disclosed are various embodiments for performing security verifications for dynamic applications. An instance of an application is executed. During runtime, it is determined whether the application is accessing dynamically loaded code from a network site. In one embodiment, the access may be detected via the use of a particular application programming interface (API). In another embodiment, the access may be detected via the loading of downloaded data into an executable portion of memory. A security evaluation is performed on the dynamically loaded code, and an action is initiated responsive to the security evaluation.

Abstract: According to one embodiment, a method in a computing device for responding to a determination that a verification with a user is desired responsive to detection of activity indicative of a possible insider threat is described. The method includes selecting a target role and a target user for the verification based on an activity context and an enterprise context repository, the selecting including selecting the target role from a plurality of target roles based on the activity context and optionally the enterprise context repository and selecting a target user in the selected target role based on the enterprise context repository. The method further includes causing a verification request to be sent to the selected target user; and generating an alert when a verification result indicates that the activity is indicative of the possible insider threat.

Abstract: Technologies for improving platform initialization on a computing device include beginning initialization of a platform of the computing device using a basic input/output system (BIOS) of the computing device. A security co-processor driver module adds a security co-processor command to a command list when a security processor command is received from the BIOS module. The computing device establishes a periodic interrupt of the initialization of the platform to query the security co-processor regarding the availability of a response to a previously submitted security co-processor command, forward any responses received by the security co-processor driver module to the BIOS module, and submit the next security co-processor command in the command list to the security co-processor.

Abstract: There is provided a computer implemented method for detecting anomalous behavior in a network, comprising: receiving data representing at least one network activity, each network activity representing a certain data access event involving certain network entities; extracting from the data the certain network entities involved in the respective network activity; retrieving at least one relevant diversity value from a network behavior model based on the extracted certain network entities, wherein the network behavior model includes at least one diversity value, wherein each respective diversity value represents a certain relationship between at least one network entity and at least one network entity type; calculating an abnormality score for the received network activity based on the retrieved relevant diversity values; and classifying the network activity as anomalous or normal based on the calculated abnormality score.

Abstract: This disclosure describes cryptographic secure implementation of a Pseudo Random Number Generator (PRNG) architecture based on existing Fortuna algorithm, but providing improvements thereupon for gathering and measuring entropy. The improvement includes a unique step of initial seeding that is not covered by Fortuna. The solution should be adapted to a variety of computing and communicating devices, including mobile devices.

Abstract: Embodiments may include sharing application management data between sandboxed applications on a device. A method includes sending application management data from a first sandboxed application in a first sandbox on the device to a sharing service external to the first sandbox. The method further includes receiving at a second sandboxed application in a second sandbox on the device, a representation of the application management data. Based on the representation of the application management data, the method includes performing an application management function.

Abstract: Recording, analyzing and categorizing of user interface input via touchpad, touch screens or any device that can synthesize gestures from touch and pressure into input events. Such as, but not limited to, smart phones, touch pads and tablets. Humans may generate the input. The analysis of data may include statistical profiling of individual users as well as groups of users, the profiles can be stored in, but not limited to data containers such as files, secure storage, smart cards, databases, off device, in the cloud etc. A profile may be built from user/users behavior categorized into quantified types of behavior and/or gestures. The profile might be stored anonymized. The analysis may take place in real time or as post processing. Profiles can be compared against each other by all the types of quantified behaviors or by a select few.

Abstract: An encryption service system comprises an API for receiving requests from one or more calling applications. Each request comprises information identifying the operations to be performed on data to be processed and information identifying the origin and target of the data. The encryption service system further comprises a cryptographic server for processing the requests and determining, for each request, an encryption policy to be applied.

Abstract: Systems and methods are provided for securing data in virtual machine computing environments. A request is received for a security operation from a first virtual machine operating in a host operating system of a first device. In response to receiving the request, a first security module executes the security operation, the first security module implemented in a kernel of the host operating system. The result of the security operation is provided to the first virtual machine.

Abstract: A processing device may include a first processor executing an operating system including a configurable setting and an isolated execution environment including a second processor communicatively coupled to the first processor, and a secure store coupled to the second processor to store a setting profile containing a copy of the configurable setting, in which the second processor is to, subsequent to establishing a trust relationship between the isolated execution environment and the operating system, synchronize the configurable setting with the setting profile.

Abstract: A system, method, and computer program product are provided for reacting in response to a detection of an attempt to store a configuration file and an executable file on a removable device. In use, a first device removably coupled to a second device is identified. Additionally, an attempt to store on the first device a configuration file for the first device and an executable file is detected. Further, a reaction is performed in response to the detection of the attempt.

Abstract: Techniques for in-line filtering of insecure or unwanted mobile components or communications (e.g., insecure or unwanted behaviors associated with applications for mobile devices (“apps”), updates for apps, communications to/from apps, operating system components/updates for mobile devices, etc.) for mobile devices are disclosed. In some embodiments, in-line filtering of apps for mobile devices includes intercepting a request for downloading an application to a mobile device; and modifying a response to the request for downloading the application to the mobile device. In some embodiments, the response includes a notification that the application cannot be downloaded due to an application risk policy violation.

Abstract: In one embodiment, the invention provides a portable wireless personal communication system for cooperating with a remote certification authority to employ time variable secure key information pursuant to a predetermined encryption algorithm to facilitate convenient, secure encrypted communication. The disclosed system includes a wireless handset, such as PDA, smartphone, cellular telephone or the like, characterized by a relatively robust data processing capability and a body mounted key generating component which is adapted to be mounted on an individual's body, in a permanent or semi-permanent manner, for wirelessly broadcasting, within the immediate proximity of the individual, a secret or private key identifying signal corresponding to a time variable secure key information under the control of the certification authority.

Abstract: An authentication challenge system for performing secondary authentication for an account associated with an online store is described. In one embodiment, the authentication challenge system includes a question generation engine, which can derive a series of questions based upon activity associated with a user account of an online store; a network interface, which can transport the series of one or more questions derived by the question generation engine to authenticate the user to the online store; a confidence engine, which can determine a required confidence level for a successful authentication, and can compute a confidence score of the user identity; and a quality engine, which can adjust the question generation engine and the confidence engine based upon an analysis of question and answer metrics across multiple accounts of the online store. The online store can include digital media, such as music, movies, books or applications for electronic computing devices.

Abstract: A digital rights management system and a service method thereof, and an enterprise digital rights management (E-DRM) system for document security installed in a cloud system are provided. The present systems can be implemented to be used in a variety of environments without being affected by the type or environment of a user terminal using a method which allows the client to use a contents data through a virtual machine system, and the E-DRM system is configured to include a cloud system, a security system and a virtual machine system.

Abstract: Aspects of the present disclosure are directed to methods and systems for securing mobile computing applications with distributed keys. In one aspect, a computer implemented method or computer readable media include steps electronically receiving, at a computer processor of a computing device, a first security key fragment based on a user input to the computing device; electronically receiving, at the computer processor, a second security key fragment from a network connected storage entity; and electronically concatenating, at the computer processor, the first security key fragment and the second security key fragment to generate a third security key.

Abstract: A method and a corresponding device for authenticating a user for access to protected information, including at a registration stage, generating a biometric user profile and a behavioral user profile associated with a user to be authenticated, and an authenticating stage, obtaining from the user a biometric user sample and a behavioral user sample, comparing the biometric user sample and the behavioral user sample to the biometric user profile and to the biometric behavioral profile associated with the user, and if the biometric user sample and the behavioral user sample match the biometric user profile and the biometric behavioral profile, respectively, enabling the user to access the protected information.

Abstract: A wireless server access control system comprising a wireless server generating a local wireless communications network, the wireless server having a processor and a plurality of redundant data memory devices. A first wireless device coupled to the wireless server through the local wireless communications network. An access control system operating on the wireless server, the access control system configured to generate a user control on a user interface of the first wireless device to allow a user to permit or deny access to the processor and the data memory devices of the wireless server by a second wireless device through the local wireless communications network.

Abstract: An access control system includes a plurality of containers. Each container comprises a container identification feature, an interior space, a locking device which can be selectively released to access the interior space, and a security module. The security module comprises an authorization module, and a security key generator which generates a security key. An authorization key supply device comprises a storage device and a communication module which directly or indirectly supplies an authorization key to the authorization module. A remote computer system comprises an authorization key generator. The remote computer system communicates with the authorization key supply device to transmit the authorization key thereto. The authorization module compares the security key with the authorization key and generates a signal to release the locking device if the security key matches the authorization key.

Abstract: Rendering second screen information on a second screen device. A user device receives information characterizing the source of a content data stream and the content data stream; generates a watermark payload using a plurality of parameters comprising the information and a time of the user device; and inserts a watermark comprising the watermark payload into the content data stream that is rendered. The second screen device captures the watermark and extracts the watermark payload and then at least one of the plurality of parameters; generates, using the at least one extracted parameter, a request that is sent the request to a server; receives information from the server in response to the request; and displays the received information on a screen of the second screen.