Abstract: A security system comprises a log-in device including at least one biometric device for receiving current biometric data from a user. The log-in device compares the current biometric data of the user with pre-stored biometric data for all authorized users. At least one regulated device is in communication with the log-in device, wherein the log-in device regulates access to the at least one regulated device.

Abstract: An external module loads into an entity's memory and is transformed by two functions. These are namely, the STOMP function and the UNSTOMP function. One or both of these functions is based on the actual code that is found in a legitimate version of the external module. The STOMP-UNSTOMP pair produces an external module that works differently if even a single byte of code in the external module has been changed by an attacker. The STOMP transforms the external module and makes it temporarily unusable whilst conversely, the UNSTOMP repairs the damage and makes it workable again. Thus, if the module is not authentic, the pairing between the STOMP and UNSTOMP is broken. Therefore, a patched module from a hacker remains unusable since the STOMP and UNSTOMP transformations do not produce a working external module. Because of the STOMP and UNSTOMP technique, an application is secure because if an external module is free from tampering then the application executes normally.

Abstract: The present invention relates to a method of, and a system for, enhancing data security, which data is to be executed in an electronic device (101) comprising a secure execution environment (104) to which access is restricted. A basic idea of the present invention is that, at device boot, data in the form of e.g. program code is copied from permanent memory (112) to temporary memory (110). The integrity of this program code must be verified to ensure that the program code has not been altered during the transmission between the memories. Further, a new secret key is generated in the secure execution environment. This new secret key is used by a device processor (103) to encrypt the program code to be stored in the temporary memory in order to ensure that the program code is kept secret during transmission. The device processor thereafter writes the encrypted program code into the temporary memory.

Abstract: A method of, and system for, virus detection has a database of known patterns of start-up code for executable images created using a collection of known compilers and uses examination of the start-up code of the image by reference to this database to determine whether or not the executable image is likely to have been subject to infection by viral code. In particular, the system seeks to determine whether the expected flow and execution of the image during start up has had viral code interjected into it. Various heuristics to assist in assessing the likely presence of viral code are disclosed.

Abstract: According to the invention, an authorization system for authorizing access to a data cartridge is disclosed. The authorization system includes a code, a data cartridge interface, a fingerprint processor, a password generator, and an authorization engine. The code is obtained from outside the data cartridge. The data cartridge interface is used to read data from the data cartridge, where the data includes first information and a fingerprint. The fingerprint generator generates second information using at least the code. The password generator unlocks the data cartridge using the code and the data. The authorizing engine is coupled to at least one of the password generator or the fingerprint processor. At least some of the data or the second information is compared to authorize the data cartridge.

Abstract: An anti malware scanner for files is provided with means for processing script and macro files and flagging them as suspect or not based upon an automated analysis of source code in the file. This analysis involves separating the program source into groups of parts such as comment, variable names and routine names, eliminating duplicates and performing a character frequency distribution analysis of the resulting strings. The system may include an exception list to omit flagging a file as suspect if it is on the exception list.

Abstract: A secure distribution system utilizes a content viewer that consists of an applet that is downloaded to a user's conventional browser when the user logs into a publisher's server. The content viewer requests a selected document from the server by referring to the document name or URL. The server retrieves the document and forwards it to the viewer in encrypted form. The viewer then computes a document identifier from the encrypted document and uses the identifier to request a key in order to decrypt the document. The key is forwarded from the server to the viewer that then decrypts the document and displays it in the viewer. Since the document is processed by the viewer and displayed only in a window associated with the viewer, none of the conventional browser functions has to be disabled. Further, since the document is downloaded in encrypted form, it cannot be stored or forwarded using the conventional browser.

Abstract: A mobile communications device is adapted to use applications resident on a remote network server. The display of the mobile device is divided into static and dynamic display zones. Inquiries originating externally from the mobile device are identified and restrictively routed only to the dynamic display. Internally generated inquiries trigger a indicator symbol within the static display. In this manner bogus requests for confidential identifiers may be avoided.

Abstract: The invention is a declarative language system and comprises a language as a tool for expressing network security policy in a formalized way. It allows the specification of security policy across a wide variety of networking layers and protocols. Using the language, a security administrator assigns a disposition to each and every network event that can occur in a data communications network. The event's disposition determines whether the event is allowed (i.e. conforms to the specified policy) or disallowed and what action, if any, should be taken by a system monitor in response to that event. Possible actions include, for example, logging the information into a database, notifying a human operator, and disrupting the offending network traffic.

Abstract: A data recording apparatus which enables an individual like an author to record in a recording medium any data, such as a publication desired to be restricted on its copying, in the way that the copying can be restricted in an actually desired condition. A CPU, with respect to the data to be recorded input via an interface unit, compares copy control information input via an interface unit along with data and copy control information separately instructed by an operation panel, and uses the one having a higher restriction level as the copy control information of the data. Then, the CPU converts the input data into a format suitable to recording, generates recording data by adding additional information, such as determined copy control information, and records the same to a desired portion in a recording medium via a recording/reproducing unit.

Abstract: A system and method for providing secure exchange of sensitive information with an implantable medical device is presented. A crypto key uniquely associated with an implantable medical device is defined to encrypt sensitive information during a data exchange session. The crypto key is securely obtained over a secure connection from a secure key repository securely maintaining the crypto key. The sensitive information is encrypted using the crypto key and the sensitive information is stored as encrypted data onto the implantable medical device.

Abstract: A system and method for strong authentication achieved in a single round trip is disclosed, which reduces the amount of time needed for a mobile node to be authenticated by the network. In an embodiment of the present invention, the, authentication time is approximately three times faster than for 3GPP.

Abstract: A system for anti-virus processing an email having an executable attachment extracts structural elements of the email and examines the executable attachments for code, data or encoded data that could have created these elements. This is effective to detect at least some mass mailing viruses where the executable attachment creates later generations of the attachment and structural elements such as strings which appear in the later emails are present in the attachment.

Abstract: A security system for controlling access to encrypted information, comprising: a memory for storing at least one decryption key for use in decrypting an encrypted item of information, the decryption key being associated with a security code which can be used to determine whether the security system is authorized to send encrypted copies of the decryption key to others. If the security system is authorized to send an encrypted copy of the decryption key, it encrypts the decryption key and propagates the encrypted copy of the decryption key. Each time the security system propagates a decryption key, it includes as part of the decryption key an identifier indicating the identity of a sender's key. A user can append a control word against their identity in the decryption key to instruct the security system to initiate a message to them or an agent informing them of the propagation of the key and giving information concerning that propagation.

Abstract: A document store delivers a document requested therefrom from a folder having rights information associated therewith. In response to a request for a copy of the document, rights data for the copy of the document is defined based on the rights information of the folder, and the copy of the document and the defined rights data thereof are published to result in a package with the rights data and the copy of the document encrypted according to a content key (KD) to result in (KD(copy)). The formed package is then delivered to the requester. The rights data can be discovered upon the requester attempting to render the package and such discovery triggers a request for a corresponding license based on such rights data. The license includes (KD) therein in a form available to the requester to decrypt (KD(copy)) if the requester satisfies the rights data.

Abstract: The present invention is to provide a secure connection mechanism capable of automatically negotiating password between a wireless client terminal and a wireless access terminal, wherein the wireless client terminal is provided with an application software, a control button and an output device. When the wireless client terminal is actuated and the control button is triggered, the secure connection mechanism is enabled by performing the steps of showing a prompt on the output device to instruct user to turn a switch button on the wireless access terminal to a secure connection mode and connecting the wireless client terminal with the wireless access terminal to establish an encryption/decryption mechanism for automatically negotiating a password required for the connection within a predetermined period through the encryption/decryption mechanism in a wireless communication way after being in the secure connection mode.

Abstract: A method for distributing software licenses for authorizing the installation of gaming software, by a user, onto a gaming machine is provided. The software installation process is initiated and an electronic key containing an encrypted license count interfaces with the gaming machine. The encrypted license count represents the number of licenses available for authorizing the installation of a particular gaming software. The encrypted license count is accessed and it is determined whether installation is permitted. Additionally a processing means for accessing a remote server, via a network connection, and increasing the licensing count stored in the electronic key is provided.

Abstract: A system and method for preventing misuse conditions on a data network are described. Embodiments of the system and method evaluate potential network misuse signatures by analyzing variables such as the state of the network and/or target, the context in which the potential misuse signatures are detected, the response/reaction of the target and/or the fingerprint of the target. These and other variables may be factored in to the misuse determination, either alone, or in combination.

Abstract: A method and system for detecting an unauthorized client system attempting to connect to a network of computer systems is disclosed. The network includes a certification authority server that includes a database of unique identification codes of authorized network client systems. A client system attempting to connect to the network transmits an authorization code over the network. If the client's authorization code matches an authorization code stored in the database of the certification authority server, then the client is authorized and is sent a network address which the client can use to communicate with other clients. However, if there is no match, the client is unauthorized and is scanned for viruses by an anti-virus server also on the network. Alternatively, the unauthorized client is blocked from the network without performing a virus scan.

Abstract: In half-duplex communications over a wireless network, a user from a private organization sends the request for half-duplex communications through a private server controlled by the private organization. The private server sets up a private account with the wireless carrier and the user communicates via the private account.