Abstract: An information processor is disclosed that includes an authentication part configured to authenticate a user based on predetermined information; an information obtaining part configured to obtain first information to be used to authenticate the user from an external device; and an authentication control part configured to cause the authentication part to authenticate the user by inputting information based on the first information to the authentication part as the predetermined information. The information obtaining part is configured to obtain the first information using a program module whose correlation with the information obtaining part is recorded in a recording medium.

Abstract: Methods and systems for authentication of a device are disclosed. An exemplary method includes transmitting an energy towards the device including a material, monitoring a response of the device to the transmitted energy, generating a signature of the device based on the response of the device to the transmitted energy, comparing the device signature to an enrolled signature for the device, and indicating that authentication of the device is successful when the generated signature matches the enrolled signature. An exemplary system includes a transmitter configured to transmit an energy towards the device, a receiver configured to monitor a response of the device, and a processor configured to generate a signature of the device based on the response of the device, compare the device signature to an enrolled signature for the device, and indicate that authentication of the device is successful when the generated signature matches the enrolled signature.

Abstract: A method for providing an administration policy to a user device comprising a plurality of applications, the method comprising centrally generating the administration policy to be implemented in the user device, the administration policy comprising at least one of an application administration policy to be used by at least one of the plurality of applications and a client administration policy for the user device; and providing the generated policy to the user device.

Abstract: A system and methods for location-based authentication using medium earth orbit (MEO) and low earth orbit (LEO) satellites are presented. Location of a client device is authenticated based on at least one client received MEO satellite signal received from at least one MEO satellite at the client device and at least one client received LEO satellite signal received from at least one LEO satellite at the client device.

Abstract: Embodiments are directed to the providing a cloud keying and signing service and to securing software package distribution on the cloud. In an embodiment, a computer system instantiates a signing service configured to sign software packages. The computer system receives a signing request from a computer user requesting that a selected software package be signed. The signing request includes a computed hash of the selected software package. The computer system generates a private and public key pair on behalf of the computer user and stores the private key of the generated key pair in a secure data store.

Abstract: Various embodiments are directed towards employing a container and communication protocol proxy component within a client device to receive securely real-time streamed, progressively downloaded, or adaptively streamed container over a network using one container and communication protocol, and to securely decrypt the container and provide it to a media player using a different container and communications protocol. In one embodiment, the container is in Flash Video (FLV) file format. A browser or the media player on the client device may be used to request the container. The requested container is sent over one communication protocol and intercepted by the container and communication protocol proxy component. The container may be received as selectively encrypted container. The container and communication protocol proxy component then may enable decryption of the container and providing of it to the media player using another container and communication protocol combination.

Abstract: A method and controller for implementing dynamic banding of a storage device, such as a Self Encrypting Device (SED) in a data storage array, and a design structure on which the subject controller circuit resides are provided. The controller dynamically identifies band boundaries for the storage device at the time a data storage array is created, when one or more devices are added into an existing data storage array, and when a replacement device is rebuilt into an exposed array, or an array with a failed device. A storage device band definition is provided based upon the dynamically identified band boundaries for the storage device.

Abstract: A computer-implemented method to protect against the release of information is described. The processor monitors for a communication with an unverified number. Upon detection of the communication with an unverified number, the processor monitors the communication for a protected string. Upon detection of a protected string, the processor performs an intervention action.

Abstract: By way of example only, in various embodiments, the present system and system is designed to reduce the size of data on a computer through compression, to improve hash, message digest, and checksum technology and their application to information and data storage, to improve uniqueness by using mutual exclusion in hash and checksum tests, to improve checksum tests providing better computer security, to create an XML compression format and to move binary compression formats to XML or other markup language, to utilize variable length hashes and message digests, and to create an XML based checksum that can be used to verify the integrity of files.

Abstract: According to one embodiment, a device includes a memory area being used to store a first key (NKey), unique secret identification information (SecretID), and encrypted secret identification information (E-SecretID), the encrypted secret identification information (E-SecretID) being generated by encrypting the secret identification information (SecretID), the first key (NKey) and the secret identification information (SecretID) being prohibited from being read from outside, the encrypted secret identification information (E-SecretID) being readable from outside; a data generator configured to generate a session key (SKey) by using a second key (HKey), the second key (HKey) being generated based on the first key (NKey); and a one-way function processor configured to generate an authentication information by processing the secret identification information (SecretID) with the session key (SKey) in one-way function operation.

Abstract: Representative embodiments of secure authentication include receiving, by a server, information from a mobile device identifying (i) the mobile device and (ii) an identifying tag read by the mobile device; accessing, by the server, a database to identify (i) a user associated with the mobile device, (ii) a secure device associated with the identifying tag, and (iii) a security policy associated with the secure device; and if the policy permits access by the identified user to the identified secure device, causing access to the secure device to be accorded to the user.

Abstract: Systems and methods for user identification and authentication are disclosed. In one embodiment, a method of authenticating a first party to a second party may include the following: (1) receiving, from one of an electronic device of a first party and an electronic device of a second party, a request to generate authenticating indicia; (2) using at least one of a plurality of computer processors, generating the authenticating indicia; (3) transmitting, over a network, the authenticating indicia to the electronic device of a first party and to the electronic device of the second party; (4) receiving, from an electronic device of the second party, an indication that the second party has confirmed that the first party is authentic; and (5) storing an identity of the first party, the second party, and the authenticating indicia in a database.

Abstract: According to one embodiment, a authentication method comprising: generating a second key by the first key, the first key being stored in a memory and being prohibited from being read from outside; generating a session key by the second key; generating first authentication information, the secret identification information stored in a memory and being prohibited from being read from outside; transmitting encrypted secret identification information to an external device and receiving second authentication information from the external device, the encrypted secret identification information stored in a memory and readable, the second authentication information generated based on the encrypted secret identification information; and determining whether the first authentication information and the second authentication information match.

Abstract: Booting a computing device includes executing one or more firmware components followed by a boot loader component. A protection component for the computing device, such as an anti-malware program, is identified and executed as an initial component after executing the boot loader component. One or more boot components are also executed, these one or more boot components including only boot components that have been approved by the protection component. A list of boot components that have been previously approved by the protection component can also be maintained in a tamper-proof manner.

Abstract: In accordance with embodiments, there are provided mechanisms and methods for performing one or more actions based on determined access permissions for a plurality of users. These mechanisms and methods for performing one or more actions based on determined access permissions for a plurality of users can enable improved data collection and analysis, enhanced client knowledge of system access, etc.

Abstract: A method for associating service policies based on application of message content filters to messages sent by a consumer may include receiving a message in which the message relates to a service accessible via a network and access to the service is restricted by a policy enforcement runtime. The method may further include applying at least one message content filter to the message content received to extract information indicative of a message flow associated with a configured policy attachment and correlating the message flow to a selected policy regarding consumer access to the service. The method may further include enforcing the selected policy relative to access to the service by the consumer.

Abstract: A method for associating service policies based on application of message content filters to messages sent by a consumer may include receiving a message in which the message relates to a service accessible via a network and access to the service is restricted by a policy enforcement runtime. The method may further include applying at least one message content filter to the message content received to extract information indicative of a message flow associated with a configured policy attachment and correlating the message flow to a selected policy regarding consumer access to the service. The method may further include enforcing the selected policy relative to access to the service by the consumer.

Abstract: Systems and methods to enable a new host device to wirelessly connect to a peripheral device without having to execute a secure pairing process. The method includes storing encryption and connection information for the peripheral device along with information identifying the peripheral device at a server. The new host device is then provided with the information identifying the peripheral device. The new host then uses the information identifying the peripheral device to obtain the encryption and connection information from the server. The new host can then use the encryption and connection information to connect and communicate with the peripheral device. The methods and systems described herein may be used, for example, to loan a peripheral device to the new host device, or to transfer the peripheral device to the new host device.

Abstract: Various embodiments enable so-called extended data to be added to a signed digital certificate without having a private key of a Certification Authority available. In at least some embodiments, a request to add extended data to a digital certificate generated by a certificate authority is received from a client device. The digital certificate includes a signed first portion, and an unsigned second portion that includes reserved empty spaces that are reserved for the extended data. The extended data is added to the unsigned second portion. the extended data includes a client ID associated with the client device. The unsigned portion of the digital certificate is signed after the extended data is added.

Abstract: This specification relates to a mobile terminal capable of executing a lock state of restricting a touch input and a control method thereof. The control method for the mobile terminal, which displays a lock screen in the lock state of restricting an input of a control command for an application, includes displaying an execution screen of an application on the lock screen, and controlling the lock screen based upon a touch input detected in the lock state.