Abstract: A mobile terminal including a communication unit configured to communicate with at least one external terminal; a memory configure to store at least first and second operating systems including at least first and second modes, respectively; and a controller configured to execute the first operating system and to activate the first mode corresponding to the first operating system, to display a first information screen on a display unit corresponding to the activated first mode, to receive a switching signal indicating the first mode is to be switched to the second mode, to activate the second mode and deactivate the first mode, and to display a second information screen on the display unit corresponding to the second mode and that is different than the first information screen.

Abstract: A mobile terminal including a communication unit configured to communicate with at least one external terminal; a memory configured to store at least first and second operating systems including at least first and second modes, respectively; and a controller configured to execute the first operating system, to activate the first mode, to control a display unit of the mobile terminal to display a mode configuration screen including selectable options for designating a designated mode corresponding to at least one of the first and second modes to a particular information, and to selectively restrict assigning the particular information from the designated mode to a non-designated mode.

Abstract: A method may include receiving by a current computer a customization application, the customization application including a control panel to establish user preferences for a user account of the cloud-based service and/or system settings for the second computer; receiving by the current computer an input to the customization application to establish one or more user preferences for the user account and/or one or more system settings for the second computer; and transmitting from the current computer to a server associated with the cloud-based service the one or more user preferences and a username for the user account and/or the system settings for the second computer.

Abstract: A processing device comprises a processor coupled to a memory and implements a graph-based approach to protection of a system comprising information technology infrastructure from a persistent security threat. Attack-escalation states of the persistent security threat are assigned to respective nodes in a graph, and defensive costs for preventing transitions between pairs of the nodes are assigned to respective edges in the graph. A minimum cut of the graph is computed, and a defensive strategy is determined based on the minimum cut. The system comprising information technology infrastructure subject to the persistent security threat is configured in accordance with the defensive strategy in order to deter the persistent security threat.

Abstract: Embodiments of a multimode system for use in, for example, a fuel dispenser, are configured for receiving data in a retail environment. The multimode system can include: a secure input module for receiving high security input and low security input from a customer, the high security input to be communicated by the secure input module in cipher text, and the low security input to be communicated by the secure input module in plaintext. The multimode system is adapted to operate in a high security mode and a low security mode. The multimode system is adapted to enter the low security mode upon detection by the multimode system of a security breach condition. In the high security mode, the secure input module accepts low security input and high security input. In the low security mode, the secure input module accepts the low security input and does not accept the high security input.

Abstract: A network comprising an authentication network limited to a family dwelling; a content source; and a content receiver. Wherein the content source is configured to transmit encrypted content to the content receiver, and the content receiver can decode the encrypted content only when both the content source and the content receiver are physically connect to the authentication network.

Abstract: A system that incorporates teachings of the present disclosure may include, for example, a method for receiving a user input identifying a video signal, recording the video signal to the video data file and sending an instruction to a backup server. The instruction causes the backup server to concurrently record the video signal to a second video data file. The backup server can also record a second video signal to a second video data file based on a second instruction. Other embodiments are disclosed.

Abstract: Instructions allowing their recipient to access content via a computer network are intercepted at a destination device sending the instructions via a host-server. Content of an instruction is analyzed at the destination device for malicious components, and results of the analysis are associated with the content prior to being presented to viewers of the content.

Abstract: A method and associated apparatus for use in a data distribution process to allow an untrusted intermediary to re-encrypt data for transmission from an originator to a message receiver without revealing the data (message) or the cipher to the intermediary. This method uses a composition of two ciphers for re-encrypting the message at the intermediary, without revealing the plain text message or either cipher to the intermediary.

Abstract: A method for configuring Internet Protocol Security (IPsec) protocol. The method includes configuring IPsec phase 1 Security Associations (SA) lifetimes and soft phase 2 SA lifetimes in a manner enabling efficient Dead Peer Detection recovery of secure communication between client and server in the event of a communication disruption and thereby preventing undesirable sustained periods of non-communication between client and server.

Abstract: A method is disclosed that includes tracking untrusted inputs through an executing program into a sink, the tracking including maintaining context of the sink as strings based on the untrusted inputs flow into the sink. The method also includes, while tracking, in response to a string based on an untrusted input being about to flow into the sink and a determination the string could lead to an attack if the string flows into a current context of the sink, endorsing the string using an endorser selected based at least on the current context of the sink, and providing the endorsed string to the sink. Computer program products and apparatus are also disclosed.

Abstract: In the fields of data security and system reliability and qualification, this disclosure is of a method, system and apparatus for verifying or authenticating a device to a host using a zero-knowledge based authentication technique which includes a keyed message authentication code such as an HMAC or keyed cipher function and which operates on secret information shared between the host and the device. This is useful both for security purposes and also to make sure that a device such as a computer peripheral or accessory or component is qualified to be interoperable with the host.

Abstract: A method may include receiving by a current computer a customization application, the customization application including a control panel to establish user preferences for a user account of the cloud-based service and/or system settings for the second computer; receiving by the current computer an input to the customization application to establish one or more user preferences for the user account and/or one or more system settings for the second computer; and transmitting from the current computer to a server associated with the cloud-based service the one or more user preferences and a username for the user account and/or the system settings for the second computer.

Abstract: A mechanism is provided for providing temporary generated codes by a server. Responsive to triplet authentication of a device to service provider network, a server receives an initial code from the device to request a temporary generated code. The server verifies the triplet authentication of device. The server determines whether there is a user account match to the initial code. The server determines a corresponding application server based on the initial code and the user account match. The server generates a temporary generated code to access the application server. The temporary generated code is transmitted to both the application server and the communication device, is set to expire at a preset time, is generated to allow the user access to a single session on the application server, and is generated to expire after the temporary generated code is input to access the single session on application server.

Abstract: Various techniques and procedures related to user authentication, identity providers, and single sign-on (SSO) are presented here. One approach creates an SSO link between two organizations in a streamlined manner using an internal cross-user systemwide digital certificate, and without processing any user-created, user-uploaded, or user-assigned digital certificates. Another approach presented here configures an identity provider service for an entity or organization by processing a single user command. The identity provider service is automatically configured in the background without processing any additional user commands, user instructions, or user-entered data.

Abstract: A clipboard in an electronic system protects sensitive data by copying data into a clipboard of an electronic system as an entry and selectively blocking access to the sensitive data. For example, the clipboard can be arranged to protect clipped data that is based on a received web page or similar communication. An entry protect status is associated with a clipboard entry that is arranged to store copied data that is sensitive. The entry protect status is changed to indicate the entry protect status is set to block access to the copied data. Access to the copied data for which the entry protect status has been changed is selectively blocked.

Abstract: In the fields of data security and system reliability and qualification, this disclosure is of a method, system and apparatus for verifying or authenticating a device to a host using a zero-knowledge based authentication technique which includes a keyed message authentication code such as an HMAC or keyed cipher function and which operates on secret information shared between the host and the device. This is useful both for security purposes and also to make sure that a device such as a computer peripheral or accessory or component is qualified to be interoperable with the host.

Abstract: A method of modifying a set of secrets in a cryptographic module, to ensure that the modifying is either successful or invalid. The module includes readable version numbers for each secret and for the set of secrets. If the version number of the set of secrets is equal to a version number requiring the loading of a set of new secrets, the version number of the set of secrets of the cryptographic module is set to a distinctive number indicating that the cryptographic module is being reloaded. Next, for each secret, if the version number of the secret is different from the version number of the corresponding new secret to be loaded, the new secret and its version number are loaded. Next the version number of the set of secrets of the cryptographic module is set to the version number of the set of new secrets.

Abstract: Systems, methods, and program products are provided for selectively restricting the transmission of copy protected digital media content from a computer system, over a network, and to a remote display. In one embodiment, a method includes the steps of capturing digital media content rendered on the local display by a media player application executed by the computer system; determining whether the media player application is accessing copy protected digital media content; and, if the media player application is not accessing copy protected digital media content, converting the captured digital media content to a media stream and transmitting the media stream over a network for presentation on a remote display.

Abstract: A method for protecting a CAP file including one or more applets to be installed in an IC Card, includes the applets encoding into the CAP file by a CAP file provider. The method also includes the CAP file downloading into the IC Card by a CAP file issuer, and storing an installation program inside the IC Card. The installation program extracts the applets from the CAP file and installs them in the IC Card, after the downloading. The CAP file provider encrypts the CAP file into a protected CAP file to avoid the applets being extracted before the downloading. The IC Card includes a decryption circuit for decrypting the protected CAP file downloaded into the IC Card. The installation of the applet is enabled by the decryption circuit.