Abstract: Provided are system, methods, and computer-readable media for systems, methods, and computer-readable media for secure digital communications and networks. The system provides for secure communication between nodes through the use of a subscription between two nodes based on unique identifiers that are unique to each node, and communication between nodes without a subscription may be blocked. Additionally, secure communications between a node and a remote node are dynamically encrypted using asymmetric and symmetric encryption. The encryption algorithms and key lengths may be changed at each subsequent negotiation between a node and a remote node.

Abstract: Various techniques for detection of malware using an instrumented virtual machine environment are disclosed. In some embodiments, detection of malware using an instrumented virtual machine environment includes instantiating a first virtual machine in the instrumented virtual machine environment, in which the first virtual machine is configured to support installation of two or more versions of a resource; installing a first version of the resource on the first virtual machine and monitoring the instrumented virtual machine environment while executing the first version of the resource with a malware sample opened using the first version of the resource; and installing a second version of the resource on the first virtual machine and monitoring the instrumented virtual machine environment while executing the second version of the resource with the malware sample opened using the second version of the resource.

Abstract: There is presented a system and method for associating a domain transcendent identification (ID) of a user and a domain specific ID of the user, the system comprising an ID association server accessible by a plurality of secure domains over a network. The system also includes an ID associator application that when executed by ID association server is configured to receive a domain specific ID that associates the user to the secure domain, enter the domain specific ID in a domain transcendent ID record created for the user, generate a unique data associated with the domain transcendent ID record and identify a network location for submission of the unique data, send the unique data and the network location to the user, and associate the domain transcendent ID and the domain specific ID.

Abstract: An approach is provided for determining a communication session established between at least one first device of at least one first user and at least one second device of at least one second user, wherein the at least one first device and the at least one second device are in a collaborative context detection relationship. The privacy platform causes, at least in part, a detection of a presence of at least one third user within a proximity threshold of the at least one first device, the at least one second device, the at least one first user, the at least one second user, or a combination thereof, wherein the detection is performed via the collaborative context detection relationship. The privacy platform also determines one or more modifications to one or more privacy profiles for information exchanged over the communication session based, at least in part, on the detection of the presence of the at least one third user.

Abstract: A method and apparatus of monitoring computer devices operating on a network is disclosed. Computer devices are all different and require monitoring settings that are tailored to their specific requirements. One example of the present invention may include a method of monitoring at least one computer device operating on a network. The method may include receiving audit information representing attributes of the computer device and storing the audit information in memory. The method may also include comparing the audit information to a predefined monitor set of objects to be monitored. The method may further include creating a new monitor set based on the comparison of the audit information and the predefined monitor set. The new monitor set is different from the predefined monitor set and is generally used to monitor objects which are included in the audited device. The method may also include monitoring the at least one computer device based on the new monitor set.

Abstract: A method and apparatus of monitoring computer devices operating on a network is disclosed. One example method may include discovering and monitoring a plurality of network devices operating on a network. The method may include scanning the network to discover various network devices and determining a device type of each of the network devices. The method may also include determining attributes corresponding to each of the network devices, monitoring the attributes corresponding to each of the network devices and compiling a list of attribute information based on the monitoring operation and storing the list of attribute information in a memory. The device discovery and monitoring may be performed autonomously without user intervention allowing computer devices to be discovered and monitored as they are added to the network.

Abstract: A central server configured with an Attribute Authority (“AA”) acting as a Trusted Third Party mediating service provider and using X.509-compatible PKI and PMI, VPN technology, device-side thin client applications, security hardware (HSM, Network), cloud hosting, authentication, Active Directory and other solutions. This ecosystem results in real time management of credentials, identity profiles, communication lines, and keys. It is not centrally managed, rather distributes rights to users. Using its Inviter-Invitee protocol suite, Inviters vouch for the identity of Invitees who successfully complete the protocol establishing communication lines. Users establish and respond to authorization requests and other real-time verifications pertaining to accessing each communication line (not end point) and sharing encrypted digital files.

Abstract: A method of identifying sections of code that can be disregarded when detecting features that are characteristic of malware, which features are subsequently used for detecting malware. The method includes, for each of a multiplicity of sample files, subdividing file code of the sample file into a plurality of code blocks and then removing duplicate code blocks to leave a sequence of unique code blocks. The sequence of unique code blocks is then compared with those obtained for other sample files in order to identify standard sections of code. The standard sections of code identified are then included within a database such that those sections of code can subsequently be disregarded when identifying features characteristic of malware.

Abstract: A system and method for establishing a virtual network connection between an initiating computing device operated by an initiator and a target computing device operated by a target so that one of said computing devices is able to control the other of said computing devices. The system comprises a third party proxy to which the computing devices are connected. The third party proxy receives a request for a virtual network connection to said target computing device from said initiating computing device and requests initiator credentials for said initiating computing device and target credentials for said target computing device. Said credentials are delivered to the respective computing device. The system also comprises a core node configured to receive the credentials from the respective computing device, authenticate the received credentials, and if said credentials are authentic, establish the virtual network connection between said initiating computing device and said target computing device.

Abstract: An authentication method and system oriented to a heterogeneous network are disclosed. After receiving a service request sent by a virtual terminal, a unified authentication platform generates a service token according to the service request, and sends the service token to the virtual terminal and a target network; the virtual terminal submits the service token to the target network, and requests the target network to provide service data; and the target network compares the service token submitted by the virtual terminal with the service token sent to the target network by the unified authentication platform, and provides the service data to the virtual terminal when the service token submitted by the virtual terminal is consistent with the service token sent to the target network by the unified authentication platform.

Abstract: In response to a tamper-attempt indication, a memory device selectively disables one or more memory operations. Disabling can be accomplished by different techniques, including altering bias voltages associated with performing the memory operation, gating off a current needed for performing the memory operation, and limiting the needed current to a magnitude below the threshold magnitude required for the operation. After disabling the memory operation, a mock current can be generated. The mock current is intended to mimic the current normally expended during the memory operation when not disabled, thereby leading a user to believe that the device is continuing to operate normally even though the memory operation that is being attempted is not actually being performed.

Abstract: A memory device including at least one memory location for storing information representing data written using a first encryption/decryption method, and a read channel using a second encryption/decryption method for reading and decrypting information as written. The memory device also includes an apparatus that prevents the reading of the at least one memory location using the second encryption/decryption method, in response to an indication that the at least one memory location was written using the first encryption/decryption method. In another embodiment, a reading of all zeroes is returned in response to an indication of another encryption/decryption method.

Abstract: A method of updating firmware of a near field communication (NFC) device includes copying metadata, which is included in a firmware image file, from an application processor to the NFC device. One of a certification success signal and a certification fail signal is provided from the NFC device to the application processor after the NFC device verifies an integrity of the metadata. Firmware data, which is included in the firmware image file, is copied from the application processor to the NFC device when the application processor receives the certification success signal from the NFC device.

Abstract: The present invention provides a system and method for providing a social context to software applications. According to one embodiment of the invention, a user of a social network authorizes access by an external software application to information available in the social network. At some time later, the user of the social network uses an application designed by a third-party software developer. The application contacts the social network provider for permission to access the information available in the social network. If access has been authorized, the application incorporates the information from the social network into its interaction with the user, providing a social context to the user's interaction with the application.

Abstract: Systems and methods for service activation using algorithmically defined keys are disclosed. A consumer who has a relationship with a first party may wish to enroll in a service provided by a third party. The first party can maintain control of such enrollments through the use of algorithmically defined keys. The algorithmically defined keys also allow the third party service provider to verify data provided by the consumer as matching data stored by the first party. The verification provides for data synchronization without requiring the third party to have access to the first parties data systems.

Abstract: Systems and methods for filtering unsafe content at a network security appliance are provided. According to one embodiment, a network security appliance captures network traffic and extracts a media file from the network traffic. The network security appliance then determines the presence of a hidden data item embedded in the media file in a machine-readable form. When such a hidden data item is identified, the network security appliance performs one or more actions on the media file based on a predefined security policy.

Abstract: An image of a second user is captured by a camera of a computing device currently providing access to a first set of resources to a first user. In response to identifying an account of the first user, a prompt is provided at the computing device to confirm authorization of the second user. On receiving a valid response to the prompt, the second user is provided access to a second set of resources provided by the computing device.

Abstract: A method includes generating a first virtual keypad for entry of a first portion of a password, wherein the first portion includes a first value and a second value. The method receives the first portion, wherein the first portion includes a first number of keys selected equal to the first value and the second value present in the first number of keys selected. The method generates a second virtual keypad for entry of a second portion, wherein the second portion includes a third and a fourth value. The method receives the second portion, wherein the second portion includes a second number of keys selected equal to the third value and the fourth value present in the second number of keys selected. Responsive to determining the first and the second portion matches an account password, the method determines to grant a user access to an account associated with the account password.

Abstract: The method includes identifying an instance of software installed. The method further includes determining a fingerprint corresponding to the instance of software installed. The method further includes determining a security risk associated with the instance of software installed. The method further includes identifying a software management policy for the instance of software based upon the fingerprint, security risk, and designated purpose of the computing device. In one embodiment, the method further includes in response to identifying the software management policy, enforcing, by one or more computer processors, the software management policy on the instance of software installed on the computing device.

Abstract: A system for controlling access includes a computing device, configured to: determine a first identifier associated with a first access point being used by the computing device to access a network; determine first access control data associated with the first identifier and a first application executing on the computing device; and control access to data over the network by the first application based on the first access control data.