Abstract: In some embodiments, the present invention provides for a computer-implemented method, including: electronically receiving, first terminal data where the first terminal data includes at least one first alphanumerical data sequence; electronically generating at least one first computer-generated barcode; electronically storing the first terminal data and the at least one first computer-generated barcode in at least one database residing in a non-transient computer memory; automatically and electronically transmitting the at least one first computer-generated barcode to the at least one first terminal machine; electronically receiving second terminal data; automatically validating, in real-time, the user input as being representative of the user output.

Abstract: A machine-assisted method for verifying a video presence that includes: receiving, at a computing device of an identity provider, an authentication request initially sent from a requester to access an account managed by a relying party, different from the identity provider; retrieving, from the authentication request, at least a portion of a video stream feed initially from the requester, to the computing device, the portion of video stream feed portraying a face of the requester; extracting the face of the requester from the portion of the video stream feed; providing a directive to the requester soliciting a corresponding gesture; and receiving a response gesture from the requester.

Abstract: Embodiments described herein provide enhanced computer- and network-based systems and methods for providing data security with respect to computing services, such as a digital transaction service (DTS). Example embodiments further provide a discovery service that enables nodes that are included in, or otherwise communicatively coupled to, the DTS to actively or passively “discover” roles and keys associated with the nodes. These node roles are associated with the various services provided by the DTS.

Abstract: A method for generating a dump comprising data generated by a virtual system in a computing environment is depicted. The method comprises: initiating a dump process for dumping data generated by the virtual system and stored in guest memory; sending a dump request for the data from the virtual machine monitor to the trusted component; in response to receiving the dump request, generating a symmetric dump generating key; reading the data from the guest memory; encrypting the data with the symmetric dump generating key; encrypting the symmetric dump generating key with the public cryptographic key of the client system; providing the encrypted dump data and the encrypted symmetric dump generating key to the virtual machine monitor; generating a dump comprising the encrypted dump data and the encrypted symmetric dump generating key; and providing the dump to the client system.

Abstract: A mechanism is provided for reparsing unsuccessfully parsed event data. Responsive to determining that one or more unsuccessfully parsed event data items exist for a log source, each unsuccessfully parsed event data item of the one or more unsuccessfully parsed event data items is reparsing using an updated device support module associated with the log source. Responsive to the device support module successfully reparsing the unsuccessfully parsed event data item thereby forming a successfully parsed event data item, the successfully parsed event data item is added to a historical record of events associated with the log source. Responsive to the device support module failing to successfully reparse the unsuccessfully parsed event data item, the unsuccessfully parsed event data item is retained in an unsuccessfully parsed event data item data structure.

Abstract: A system manages computer security risks associated with message file attachments. When a user of an electronic device with a messaging client attempts to open an attachment to a message that is in the client's inbox, the system will analyze the message to determine whether the message is a legitimate message or a potentially malicious message without the need to actually process or analyze the attachment itself. If the system determines that the received message is a legitimate message, the system will permit the attachment to actuate on the client computing device. If the system determines that the received message is not or may not be a legitimate message, the system will continue preventing the attachment from actuating on the client computing device.

Abstract: In some embodiments, a tracking system is provided for providing credit to advertisers for application installs and in-application events. The tracking system may be configured to use user account information from a content provider system to determine whether a user of a newly installed application is a new user of the content provider system or an existing user of the content provider system, and to update tracking information accordingly. The tracking system may also use the user account information from the content provider system to link actions on multiple computing devices for the purposes of attributing a given application install to one or more advertising providers.

Abstract: Embodiments are directed to providing an identity risk score as part of an authentication assertion, applying operating heuristics to determine an operating application's validity and to providing identity risk scores to requesting third parties. In one scenario, an authentication server receives from a cloud service portal various user credentials from a user. The user credentials identify a user to the authentication server. The authentication server verifies the user's identity using the received credentials and generates an identity risk score based on one or more identity factors. The identity factors indicate a likelihood that the user is a valid user. The authentication server encapsulates the generated identity risk score in an authentication assertion and sends the authentication assertion that includes the generated identity risk score to the cloud service portal.

Abstract: A system and method for exchanging identity information and for correlating protected data across independent data systems connected through a network is disclosed. The system contains connectors in communication with protected data systems which house the protected data. Data is correlated between the protected data systems through coincident authentication of both systems by a user. Messages are exchanged which allow the identity exchange system to correlate data based on a session identifier from an authenticated session on one of the protected data systems.

Abstract: A user of a mobile device is authenticated in a manner that enables the user access to a credential that has been issued by a credential-issuing organization. One or more keys are identified that are associated with the credential and that enable access to one or more physical resources associated with the credential-issuing organization. A physical orientation of the user's mobile device is determined. A display arrangement of one or more control icons that enable usage of the one or more keys is determined based on a physical orientation of the one or more physical resources relative to the determined physical orientation of the mobile device. The one or more control icons are displayed in accordance with the determined display arrangement.

Abstract: Techniques for integrating a honey network with a target network environment (e.g., an enterprise network) to counter IP and peer-checking evasion techniques are disclosed. In some embodiments, a system for integrating a honey network with a target network environment includes a device profile data store that includes a plurality of attributes of each of a plurality of devices in the target network environment; a virtual clone manager executed on a processor that instantiates a virtual clone of one or more devices in the target network environment based on one or more attributes for a target device in the device profile data store; and a honey network policy that is configured to route an external network communication from the virtual clone for the target device in the honey network to an external device through the target network environment.

Abstract: The embodiments set forth systems and techniques to activate and provide other device services for user devices. An activation manager is configured to activate a user device by receiving an activation request for the device, accepting previously stored and encrypted trusted data for the device, getting current data for the device, determining whether the current data compares with the trusted data, and sending an authorization to activate the device when the current data compares favorably with the trusted data. Data can include a seed component divided into seed segments that are each combined with a unique device identifier using varying cryptographic primitives. Each encrypted seed segment and unique device identifier combination can be dedicated to a different device use or service, and can be used separately for device identification for that use or service.

Abstract: Systems and methods are provided for malware scanning and detection in a computing system. In one exemplary embodiment, the method includes launching, in a computing device of the computing system, a virtual machine, and launching, in the virtual machine of the computing device, an internet browser. The method also includes requesting, by the internet browser, data from a web page, and performing, using one or more analysis tools, analysis on the web page. In the method, performing analysis on the web page includes performing monitoring and recording of system application programming interface (API) calls, and creating software objects associated with the web page. The method also includes performing antivirus scanning of the software objects, de-obfuscating JavaScript associated with the software objects, and correlating data associated with the performed analysis to determine if the web page is a malicious web page.

Abstract: In one aspect, a computerized Encrypted Drive System (EDS) server useful for keyword extraction and indexing server of includes a computer store containing data, wherein the data. The data includes an unencrypted document file and a computer processor in the EDS server. The computer processor obtains the unencrypted document file from the computer store. The computer processor extracts a keyword information from the unencrypted document file. The keyword information comprises of a set of keywords appearing in the unencrypted document file. The computer processor includes one or more colors from the color-set of each keyword into a document color-index of the unencrypted document file. The computer processor generates a Bloom filter encoding a set of keywords stored in a metadata field and the unencrypted document file, and wherein the Bloom filter is used to represent the set of keywords in the unencrypted document file.

Abstract: Techniques of performing authentication involve comparing current user authentication factors with previous authentication factors selected from multiple users during a single authentication session. Along these lines, suppose that an authentication server receives current browser characteristics from a user computer during a current authentication session. Based on the current browser characteristics, the authentication server selects previous browser characteristics received from devices used by multiple users during previous authentication sessions. For example, the authentication server may select previous browser characteristics based on the whether any of the results of a modified, locally sensitive hashing (LSH) of the previous browser characteristics match any of the results of a modified LSH of the current browser characteristics.

Abstract: Apparatuses, computer readable media, and methods establishing and maintaining trust between security devices for distributing media content are provided. Two security devices bind to establish an initial trust so that security information can be exchanged. Subsequently, trust is refreshed to verify the source of a message is valid. In an embodiment, the security devices may comprise a security processor and a system on a chip (SoC) in a downloadable conditional access system. Trust may be refreshed by a security device inserting authentication information in a message to another security device, where authentication information may assume different forms, including a digital signature (asymmetric key) or a hash message authentication code (HMAC). Trust may also be refreshed by extracting header information from the message, determining state information from at least one parameter contained in the header information, and acting on message content only when the state information is valid.

Abstract: The apparatus disclosed herein, in various aspects, includes a digital asset, and an amulet that comprises an encrypted self-validating string. The amulet may be external to the digital asset. The apparatus may include a manager that cooperates securely with the digital asset and cooperates securely with the amulet to control access to the digital asset as specified by the amulet. In some aspects, the manager cooperates with the digital asset and with the amulet, at least in part, through shared memory in process space. In other aspects, the manager cooperates with the digital asset and with the amulet, at least in part, through a RAM drive in memory, the RAM drive at least partially hidden from an operating system of the computer. In yet other aspects, the manager cooperates with the digital asset and with the amulet, at least in part, through a virtual machine accessible only by said apparatus.

Abstract: A multi-engine malicious code scanning method for scanning data sets from a storage device is provided. The method includes, among other steps obtaining at least one data set from a storage device and generating a single forensic image of the data set and also applying a recover data application to the data set to generate a single recovered data set. A scanning is initiated of the single forensic image and the single recovered data set using the selected plurality of malware engines, where each of the malware engines, installed on the independent operating systems of the virtual operating system may be run concurrently on the single forensic image and the single recovered data set. A report is generated combining each of the malware engines reporting the results of the scans.

Abstract: A multi-engine malicious code scanning method for scanning data sets from a storage device is provided. The method includes, among other steps obtaining at least one data set from a storage device and generating a single forensic image of the data set and also applying a recover data application to the data set to generate a single recovered data set. A scanning is initiated of the single forensic image and the single recovered data set using the selected plurality of malware engines, where each of the malware engines, installed on the independent operating systems of the virtual operating system may be run concurrently on the single forensic image and the single recovered data set. A report is generated combining each of the malware engines reporting the results of the scans.

Abstract: Systems and methods for providing access to a remote network via an external endpoint are provided. A client establishes a secure connection between an external endpoint and a remote network. Transmissions from clients to the external endpoint are supplemented with additional information regarding handling within the remote network, and then transmitted to an internal endpoint within the remote network. The internal endpoint processes the transmission based on the supplemental information and returns a response to the external endpoint. A response is then returned to the client. Access policies may be created by authorized users to establish processing of client transmissions. These policies may be stored and enforced by the internal endpoint or the external endpoint.