Abstract: A computer-implemented method for identifying suspicious text-messaging applications on mobile devices may include (1) identifying at least one outgoing text message on a mobile device, (2) analyzing at least one attribute of the outgoing text message identified on the mobile device, (3) determining that the outgoing text message is illegitimate based at least in part on analyzing the attribute of the outgoing text message, (4) identifying, in response to the determination, a suspicious text-messaging application that created the illegitimate outgoing text message on the mobile device, and then (5) performing, in response to the determination, at least one security action on the suspicious text-messaging application to prevent the suspicious text-messaging application from creating additional illegitimate text messages on the mobile device. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Mechanisms are provided for facilitating recertification of a user access entitlement. These mechanisms collect, from a system resource of the data processing system, access information representative of accesses of the system resource by a user access entitlement. These mechanisms determine that recertification of the user access entitlement, with regard to the system resource, is to be performed and a pattern of access is determined based on the access information for the user access entitlement. A recertification request graphical user interface is output to a user based on the pattern of access. The graphical user interface includes the pattern of access and one or more graphical user interface elements for receiving a user input specifying acceptance or denial of the recertification of the user access entitlement.

Abstract: In an embodiment, the present invention includes a method for receiving a request for user authentication of a system, displaying an authentication image on a display of the system using a set of random coordinates, receiving a plurality of gesture input values from the user, and determining whether to authenticate the user based at least in part on the plurality of gesture input values. Other embodiments are described and claimed.

Abstract: According to some embodiments, a method and system provides receiving a first request for service from a client during a communication session by a server, providing a response to the first request to the client, the response to the first request including state information specific to the first request and a memory of the server; clearing the server memory of the state information specific to the first request; receiving, by the server, a second request for service from the client during the communication session, the second request including the state information specific to the first request; and restoring a state of the server memory based on the state information specific to the first request received in the second request.

Abstract: Systems and methods for inline security protocol inspection are provided. According to one embodiment, a security device receives an encrypted raw packet from a first network appliance and buffers the encrypted raw packet in a buffer. An inspection module accesses the encrypted raw packet from the buffer, decrypts the encrypted raw packet to produce a plain text and scans the plain text by the inspection module.

Abstract: A method and system for detecting network reconnaissance is disclosed wherein network traffic can be parsed into unidirectional flows that correspond to sessions. A learning module may categorize computing entities inside the network into assets and generate asset data to monitor the computing entities. If one or more computing entities address a flow to an address of a host that no longer exists, ghost asset data may be recorded and updated in the asset data. When a computing entity inside the network contacts an object in the dark-net, the computing entity may be recorded a potential mapper. When the computing entity tries to contact a number of objects in the dark-net, such that a computed threshold is exceeded, the computing entity is identified a malicious entity performing network reconnaissance.

Abstract: A method and system for establishing secure communications between endpoints includes transmitting a first message including a token having one or more entries each corresponding to a community of interest associated with a user of the first endpoint and including an encryption key and a validation key associated with the first endpoint. The method includes receiving a second message including a second authorization token including one or more entries, each entry corresponding to a community of interest associated with a second user and including an encryption key and a validation key associated with the second endpoint. The method includes, for each community of interest associated with both users, decrypting an associated entry in the second authorization token to obtain the encryption key and validation key associated with the second endpoint.

Abstract: A method in one example implementation includes synchronizing a first memory page set with a second memory page set of a virtual guest machine, inspecting the first memory page set off-line, and detecting a threat in the first memory page set. The method further includes taking an action based on the threat. In more specific embodiments, the method includes updating the first memory page set with a subset of the second memory page set at an expiration of a synchronization interval, where the subset of the second memory page set was modified during the synchronization interval. In other more specific embodiments, the second memory page set of the virtual guest machine represents non-persistent memory of the virtual guest machine. In yet other specific embodiments, the action includes at least one of shutting down the virtual guest machine and alerting an administrator.

Abstract: A software version control system manages versioned applications in a client-server computing system environment. Thereby this is a management system for computer application (software) distribution where a number of client devices coupled to a server may be executing different versions of a particular computing application. The system manages updates to the applications and enforces rules or policies to use the most recent version whenever possible.

Abstract: A method for integrating a medical device into a medical facility network by equipping the medical device with wireless communication device is disclosed. The medical device is provided into a medical treatment area within wireless range of the medical facility network. The medical facility network is configured to detect the medical device upon entry into the medical treatment area. The medical facility network is configured to thereafter transmit an initialization signal to the medical device. A system for integrating medical devices, a medical device capable of integration, and a medical facility network are also disclosed.

Abstract: A portable scanning device includes a first outer shell defining a receiving space therein, a second outer shell configured to couple with the first outer shell to cover the receiving space, a connecting band coupled to the first outer shell and configured to be secured to a body part of a user, and an electronic assembly including a number of electronic components. The number of electronic components includes a battery configured to provide power for the portable scanning device, a printed circuit board, a scanner configured to scan a plurality of codes, a speaker configured to broadcast an audio during a process of scanning the plurality of codes, a connection port configured to couple the battery to an external power source to charge the battery, a number of buttons for operating the portable scanning device, and a number of indication lights configured to indicate statuses of the portable scanning device.

Abstract: Methods and apparatuses are presented for securely providing digital streaming data to subscriber devices using encrypted wavelet meshes. A recorded image may be subdivided into three sources of data: light sources, camera angles, and the objects themselves. Each of these sources of data may be considered unique from each other, and the totality of the three sources of data may comprise a complete image. Without one of the sources of data, the image may not be complete. Each of the three sources of data may therefore be characterized as key spaces, wherein encrypting part of or the entirety of even one of these key spaces prevents the complete image from being viewed. Methods and apparatuses are provided for utilizing the concept of encrypting at least a portion of at least one of the three key spaces in order to securely and/or privately transmit image data to subscribers.

Abstract: A secret distribution system may disclose a secret once to a client computing resource while maintaining the privacy of the message and allowing for recovery from dropped network messages. A claim code may be given to a client which may be sent to the secret distribution system, causing the secret distribution system to send a pending secret to the client. Until a client successfully confirms receipt of the pending secret or the claim code expires, the client may request new pending secrets to replace the prior unconfirmed secrets from the secret distribution system. Once a last-sent pending secret is confirmed by the client to the secret distribution system, the last-sent pending secret may be activated for use and the claim code invalidated.

Abstract: A registered provider device encrypts provider input related to a transaction between the provider device and one of many registered user devices to create an encrypted one-time-use provider code (the encryption is performed using an encryption key produced, in part, using a uniquely sequenced number generated by a sequencer maintained by the provider device). Similarly, the user device encrypts user input to create an encrypted one-time-use user code using an encryption key produced, in part, using a uniquely sequenced number generated by a user sequencer maintained by the user device. The provider and user devices independently transmit their different encrypted one-time-use codes to an intermediate entity, which decrypts the encrypted codes. This decryption is performed using one-time-use encryption keys produced using sequencers maintained by the intermediate entity, and this decryption generates an authorization request.

Abstract: A device, system, and method for providing processor-based data protection on a mobile computing device includes accessing data stored in memory with a central processing unit of the mobile computing device and determining that the accessed data is encrypted data based on a data included in one or more control registers of the central processing unit. If the data is determined to be encrypted data, the central processing unit is to decrypt the encrypted data using a cryptographic key stored in the central processing unit. The encrypted data may also be stored on a drive of the mobile computing device. The encryption state of the data stored on the drive is maintained in a drive encryption table, which is used to update a memory page tables and the one or more control registers.

Abstract: A method and apparatus for configuring an electronics device. The method includes receiving, by the electronics device, a request for a command to perform a predetermined operation by the electronics device and sending the command in response to receiving the request. The electronics device then receives a signature based upon the command, whereupon the electronics device verifies the signature by the electronics device and, following an affirmative verification, executes the command for performing the predetermined operation. In this way, the electronics device may be reconfigured remotely without knowledge of the particular command for performing the predetermined operation by the electronics device.

Abstract: A docking station for docking portable electronic devices is disclosed. The docking station is configured to mechanically accept and operatively interface with the portable electronic device for non-contact charging and data transfer. The docking station can provide security features for providing and/or restricting access to computational facilities such as printers, databases, installed programs, etc. Such security features can include installing applications on such portable devices that limit access.

Abstract: An image forming apparatus using a service of a server apparatus decrypts encrypted common authentication information of the image forming apparatus based on secret key information for decrypting the common authentication information, and then requests encrypted individual authentication information of the image forming apparatus from the server apparatus based on decrypted common authentication information and identification information for identifying the image forming apparatus. The image forming apparatus obtains the individual authentication information from the server apparatus, requests the server apparatus for use permission information of the service based on the decrypted individual authentication information and on service use information, and obtains the use permission information from the server apparatus.

Abstract: In some implementations, a method of managing access to resources in a single device including receiving, from a first resource assigned to a first perimeter, a request to access a second resource assigned to a second perimeter different from the first perimeter. The single device includes the first perimeter and the second perimeter. Whether access to the second resource is prohibited is determined based on a management policy for the first perimeter. The management policy defining one or more rules for accessing resources assigned to the second perimeter including the second resource.

Abstract: A registered provider device encrypts provider input related to a transaction between the provider device and one of many registered user devices to create an encrypted one-time-use provider code (the encryption is performed using an encryption key produced, in part, using a uniquely sequenced number generated by a sequencer maintained by the provider device). Similarly, the user device encrypts user input to create an encrypted one-time-use user code using an encryption key produced, in part, using a uniquely sequenced number generated by a user sequencer maintained by the user device. The provider and user devices independently transmit their different encrypted one-time-use codes to an intermediate entity, which decrypts the encrypted codes. This decryption is performed using one-time-use encryption keys produced using sequencers maintained by the intermediate entity, and this decryption generates an authorization request.