Abstract: Systems and methods are provided for improved security services. In one aspect, a method is provided for controlling an autonomous data machine situated near a monitored environment. The method comprises: obtaining security data from a plurality of data sources; analyzing the security data to generate an analysis result; determining, based on the analysis result, an action to be performed by the autonomous data machine; and transmitting a command to the autonomous data machine causing it to perform the action.

Abstract: The invention provides a method for securely inputting an access code to an input interface of a mobile end device. During an input time period covering the process of inputting the access code, at least one or some sensors of the end device that are uninvolved in the input of the access code, said sensors being respectively arranged for capturing sensor variables by sensor, are hindered from capturing and/or passing on the respective sensor variable. Possible sensors are acceleration sensors or a digital camera. The method prevents the access code from being spied out by means of the deactivated sensors.

Abstract: A apparatus and a method for attested sensor data reporting, wherein a challenge is received from an online service; sensor data is read; and a sensor data signature based on the sensor data is created and sent to the online service.

Abstract: A method for amending, by a rule engine, a network element in a telecommunications network containing network elements each described by at least one parameter. An authorization database contains information for who and what extent configuring operators have access to the network elements, and a rule repository containing parameter dependent rules describing which activity is carried out for the network elements, and parameter dependent security information describing whether and how configuring operators are supervised by a security administrator when amending and how the authorization database is amended for a network element. A request for amending the network element in the network is identified and its parameter is determined. A rule is determined in the rule repository for which the parameter corresponds to the parameter of the amended network element and the security information for the determined rule is determined. The authorization database is updated using the security information.

Abstract: Disclosed are methods, apparatus, systems, and computer readable storage media for managing applications on a computing device. A computing device may receive allowed application data indicating applications that are launchable by a base application. A user interface with one or more selections of the applications may be displayed at a display of the computing device. The computing device may receive input data indicating a selection of an application. Identifier data associated with the base application and selection data associated with the application may be provided to the application.

Abstract: A system, method, and computer program product are provided for allowing users to access information from a plurality of external systems utilizing a user interface. In use, a plurality of external systems with which to communicate are identified. Additionally, a connection type associated with each of the plurality of external systems is identified. Further, information associated with each of the plurality of external systems to access is identified. In addition, a plurality of logical modules are configured based on the identified information. Furthermore, user groups are identified for each of the plurality of logical modules. Moreover, access levels associated with each of the plurality of logical modules are defined for each of the identified user groups.

Abstract: The method for encoding a character string by a data processing device disclosed in the present specification comprises the steps of: acquiring input data; performing a one-way function to generate ciphertext based on the input data; and converting the ciphertext to output data. In the conversion step, the output characters constituting the output data are selected from the group of input characters constituting the input data, and the length of the output data becomes a specific length.

Abstract: A communication device includes a memory and a processor coupled to the memory and configured to, when a first vibration is detected in the communication device, set a certain state that protects information stored in the memory, and cancel the certain state based on receiving from another communication device a notification indicating that the other communication device detected a second vibration.

Abstract: Methods and devices for providing access to a wireless network through a network access point secured with a network password may include receiving a request to provide access to the wireless network for a device on the network access point. A virtual access point may be established to provide access to the wireless network for the device in response to receiving the request to provide access for the device on the network access point. A virtual access point password may be established for the device and associated with a unique identifier of the device. The virtual access point password may be different from the network password. The device may be provided with access to the network when an entered password matches the virtual access point password and the device identifier matches the unique identifier of the device associated with the virtual access point password.

Abstract: Method and apparatus for transferring protected data. In some embodiments, an encrypted transport solid state drive (SSD) has a non-volatile memory and a controller circuit. The controller circuit is configured to, responsive to receipt of a write command from a host device to store an encrypted data set to the non-volatile memory, decrypt the encrypted data set using a first encryption key to generate a decrypted data set, apply lossless compression to the decrypted data set to generate a decrypted compressed data set, encrypt the decrypted compressed data set using a second encryption key to generate an encrypted compressed data set, and to direct storage of the encrypted compressed data set in the non-volatile memory.

Abstract: Embodiments manage user authorization to access multiple grouped software applications, via a catalog mechanism. Functionality of related software is divided into semantically meaningful catalogs, representing tasks or sub-processes within a business scenario. These catalogs represent a unit of functionality utilized to structure work and authorization. Functionality and authorizations are associated to system entry points, and assigned to catalogs bundling applications and services. Responsibilities may be defined statically or dynamically in terms of rule-based access restrictions to data structure (e.g., business object) instances. Catalogs may be assigned to business roles, and business roles assigned to users. Based on such assignments, corresponding authorizations are generated and linked to users at compile or deployment time. At run time, access decision and enforcement is granted based on these authorizations and restrictions.

Abstract: In a processor of a security appliance, an input of a sequence of characters is walked through a finite automata graph generated for at least one given pattern. At a marked node of the finite automata graph, if a specific type of the at least one given pattern is matched at the marked node, the input sequence of characters is processed through a reverse non-deterministic finite automata (rNFA) graph generated for the specific type of the at least one given pattern by walking the input sequence of characters backwards through the rNFA beginning from an offset of the input sequence of characters associated with the marked node. Generating the rNFA for a given pattern includes inserting processing nodes for processing an input sequence of patterns to determine a match for the given pattern. In addition, the rNFA is generated from the given type of pattern.

Abstract: Embodiments of the present disclosure disclose a method for dynamically adjusting a program login interface. The method includes: displaying a preset flash on a program login interface; detecting a user operation within a preset area in the login interface; and updating the displayed flash according to the user operation within the preset area. The embodiments of the present disclosure further disclose a computing terminal. During implementation of the embodiments of the present disclosure, dynamic interaction may be achieved in the program login interface, and more abundant content may be provided.

Abstract: Disclosed are a multi-connection system (MCS) and method for a service using an Internet protocol.

Abstract: Methods and systems for protecting a virtual machine network are disclosed. In an embodiment, a method involves storing an application whitelist including application-to-user associations in memory such that the application whitelist is immutable by a guest virtual machine, receiving a request to execute an application including an application identifier and a user identifier, comparing the application identifier and the user identifier of the request with the application whitelist, and generating an execution decision indicating whether the requested application can execute on the guest virtual machine.

Abstract: An electronic device includes multiple applications that can access a smart card or other security apparatus. A first application that is to use the security apparatus prompts a user for a security string such as a PIN or password. Upon receipt of the PIN or password, the first application unlocks the security apparatus for use. Additionally, the first application receives a token from a security service that interfaces with the security apparatus. The token can be shared by the first application with other applications. For example, the first application can share the token with other trusted applications. The other applications that receive the token can refrain from issuing a prompt for a security string and receiving a response from the user. The token can be used instead of the security string to obtain access to the security apparatus.

Abstract: The present invention addresses apparatuses, methods and computer program product for providing improved authentication of a network by a network node.

Abstract: The subject matter described herein includes methods, systems, and computer readable media for combating mobile device theft with user notarization. One method includes providing a supplicant video notarization system application executable on a supplicant device for initiating an interactive video call between a supplicant and a notary as a condition to the supplicant accessing a protected electronic resource. The method further includes providing a notary video notarization system application executable on a notary device through which the notary receives the interactive video call and interacts with the supplicant via the interactive video call to confirm the identity of the supplicant and that video of the supplicant provided in the call is live.

Abstract: The disclosure relates to an electric tool, particularly a hand-held power tool, comprising a control unit which has control software with control parameters, and is provided for the purpose of controlling a drive unit. According to the disclosure, said electric tool comprises an interface unit that is provided to fundamentally update and/or modify the control software and/or the control parameters.

Abstract: The present invention provides an access point device and system for a wireless local area network, and related methods thereof. On the access point device, a same ESS is divided into a plurality of VLANs, wherein the access point device comprises a broadcast key management module which is used for managing broadcast keys encrypting broadcast information and a broadcast key storage device which is used for storing the broadcast keys. The broadcast keys are stored in the broadcast key storage device in a way of corresponding to VLAN IDs of the VLANs, and the broadcast key management module can obtain the corresponding broadcast keys through the VLAN IDs.