Abstract: A communication apparatus includes: a secure module; a first storage device, provided outside the secure module, to store a program for encrypted communication with an apparatus external to the communication apparatus using a cryptographic key stored in the secure module; a detecting unit, provided in the secure module, to detect tampering of the program; and a setting unit, provided in the secure module, to disable the encrypted communication when the tampering of the program is detected.
Abstract: Protecting privacy when communicating with a web server via a communication network, includes receiving by a first privacy agent a request from an application program of a client system for a connection to a web server having a target web server address, sending the request together with a first identification from the first privacy agent to the second privacy agent, forwarding the request together with a second identification from the second privacy agent to the third privacy agent. Further processing is performed responsive to determining that the target web server address matches a defined web server address which is accessible by the third privacy agent.
Type:
Grant
Filed:
October 11, 2012
Date of Patent:
October 6, 2015
Assignee:
INTERNATIONAL BUSINESS MACIHNES CORPORATION
Abstract: Systems and methods, including computer software adapted to perform certain operations, can be implemented for remotely defining security data for authorizing access to data on a client device. Permission indicators are associated with a sequence of instructions, and a protected activity is associated with one or more of the permission indicators and with an instruction within the sequence of instructions. The one or more permission indicators and the sequence of instructions are provided to a remote device. The remote device determines whether execution of the instruction is permitted based, at least in part, on the one or more permission indicators, and the remote device performs the protected activity if execution of the instruction is permitted.
Abstract: A method, system, and computer program product for securing wireless network devices improves the security of wireless networks and devices, such as Bluetooth networks and devices, to prevent security attacks on and hacking of such networks and devices. A method for secure wireless communications, comprises the steps of requesting a connection with a wireless device, determining whether the wireless device is trusted, determining a security policy of the wireless device, and establishing a connection with the wireless device if the wireless device is trusted and if the security policy of the wireless device is as expected.
Abstract: Disclosed is a system for accessing data of a cloud database via transparent technology, and the system includes at least one channel server and at least one cloud database end. When a connection notice is outputted from an application end, the user channel unit detects a first server address and a first database address in a HTTP data format, and connects to a corresponding channel server via the HTTP tunnel to send a database request, so that the channel server can convert the first database address in the HTTP data format into a TCP/IP data format and then connect to a corresponding database end. Therefore, the application end can access data from the database behind the firewall via the Internet without modifying any program code.
Abstract: A communication device, which can simplify various setting processes, transmits, to a server via a network, external device information received from an external device by using proximity wireless communication.
Type:
Grant
Filed:
December 16, 2013
Date of Patent:
September 22, 2015
Assignee:
Panasonic Intellectual Property Corporation of America
Abstract: Detection of fake antivirus includes classifying text content of a user interface of an application program and scanning files associated with the application program for suspicious code. The user interface may be a graphical user interface (GUI) window of the application program. The text content may be obtained from a painted portion of the GUI window and by intercepting text changing operations performed on the GUI window. The text content may be input to a learning model to determine whether or not the application program belongs to the antivirus category. The application program is deemed to be fake antivirus when the application program is classified as belonging to the antivirus category and has a file with suspicious code.
Abstract: An HVAC control system that accommodates and/or facilitates control from a remote location. The HVAC control system may include a web-enabled building control appliance having a controller, a first port and a second port. The controller may implement a web server that is coupled to the first port for serving up one or more web pages on a first network and for receiving a number of responses. The controller may also be coupled to the second port so as to communicate with one or more communicating thermostats via a second network. The web server may be adapted to provide an overview or summary web-page via the first port that displays information regarding the one or more thermostats, where the information that is displayed may be customized for a particular user.
Type:
Grant
Filed:
May 8, 2012
Date of Patent:
September 15, 2015
Assignee:
Honeywell International Inc.
Inventors:
Levi H. Geadelmann, Kevin B. Moore, Daniel J. Sullivan, Geoffrey Ho
Abstract: According to one aspect, in response to a request from a mobile application running at a mobile device of a customer, a personalized page is transmitted to the mobile application, the personalized page including a list of products retrieved from a customer profile of the customer. Each of the products is associated with one or more communications channels preferred by an associated client, which are retrieved from the client database. A live support request is received from the mobile application initiated from a selected product of the personalized page, the live support request including a selection selecting one of the preferred communications channels listed on the personalized page. A live communication session is established between the customer and a support agent using a selected communications channel for live support services to the customer concerning the selected product.
Type:
Grant
Filed:
August 8, 2013
Date of Patent:
September 8, 2015
Assignee:
TeleTech Holdings, Inc.
Inventors:
Kenneth D. Tuchman, Bruce A. Sharpe, Henry D. Truong, Alan B. Rahn
Abstract: A method and apparatus is provided for switching from a regular desktop screen to a password input screen for a user to input a password. An apparatus may comprise a first screen display as the password input screen, a second screen display as the regular desktop screen, and a switching system. The switching system may be configured to switch a screen item position between the first screen display and the second screen display. The switching system may receive a user selection of a sequence of screen items as a password input and may switch operation of the apparatus between the first screen display to the second screen display.
Abstract: A secure user authentication system, operable over a client-server communications network to authenticate a system user. The system includes an application server which includes a site which is able to be enabled, and an authentication server, which is able to enable the application server site. The authentication server includes a core database, and receives and stores user authentication-enabling data in the core database. The system further includes a client, and a client program which is able to be actuated in the client. The client program includes the user authentication-enabling data. Upon actuation, the client program automatically directly connects to the authentication server, and sends the client authentication-enabling data to the authentication server, for secure user authentication by the authentication server.
Abstract: Anomaly detection is disclosed, including: determining a set of anomalous events associated with an enterprise network; and determining a path of interest based at least in part on at least a subset of the set of anomalous events.
Abstract: A method is provided for creating a secure dataset using a software application running on a data processing system, wherein the method comprises the following steps: receiving digital image data (1) that represents one or more images, receiving at least one item of additional information (2) relating to the image data (1), creating a data object (3) that comprises the image data (1) and the at least one item of additional information (2), receiving a qualified timestamp (4) that is assigned to the data object (3), and storing the data object (3) in a data-base together with the assigned timestamp (4).
Abstract: An online protection suite provides password management and a dashboard set of services combining single-click access to user accounts and a simple browser window automatically filled with offers for a variety of related products and services targeted especially for particular users. Each user is identified to a business partner server with a unique customer automatically sent from a simple browser embedded in the password management dashboard. The business partner server returns a webpage back to the simple browser that has been constructed especially for this user by leveraging sensitive and proprietary information collected by the business partner. Such customer information is not directly accessible to the password manager.
Type:
Grant
Filed:
October 12, 2012
Date of Patent:
August 18, 2015
Assignee:
White Sky, Inc.
Inventors:
Brent Lymer, Pankaj Srivastava, Juan Gamez
Abstract: An exemplary technique is provided for detecting a hijacking of computer resources, located in an internal network implementing security criteria and confidentiality criteria specific to the internal network, connected to an external network with no security criteria and confidentiality criteria, through a connection managed by a service provider.
Abstract: A method transmits data between network nodes of a network in a cryptographically protected manner. The network nodes are, for example, sensor nodes of a wireless sensor network. In the method, in order to transmit the data in a message, a NONCE value is created from a count value which is updated in the transmission of the message and from a constant value which is provided in a shared manner to the network nodes of the network. The data transmitted in the message is then encrypted and decrypted within the network nodes by a cryptographic key and the created NONCE value. The method offers in particular protection against replay attacks while at the same time minimizing the use of resources of the network nodes.
Abstract: A client is authenticated by a server receiving an initial request from the client at the beginning of a session. The server receiving the initial request generates an authentication token and returns the authentication token to the client in response to the client being authenticated. The user's credentials used to authenticate the client are stored in the authentication token along with other information. After receiving the authentication token from the server that generated the authentication token, the client passes the authentication token with each of the future requests to the pool of servers. Using the client to pass the transferrable authentication token, the servers share the user's identity/credentials in a decentralized manner. Any server from the shared pool of servers that receives a subsequent client request is able to decrypt the token and re-authenticate the user without having to prompt the client for authentication credentials again.
Type:
Grant
Filed:
October 4, 2011
Date of Patent:
July 28, 2015
Assignee:
MICROSOFT TECHNOLOGY LICENSING, LLC
Inventors:
Robin Michael Thomas, Christopher Michael Simison, Naresh Sundaram
Abstract: A method includes storing a credential object for a user to an encrypted silo on an information handling system. The credential object operates to authenticate the user to use an application. The method also includes copying the encrypted silo from the information handling system to a second information handling system, retrieving at the second information handling system the credential object from the copy of the encrypted silo, and authenticating the user to use the application on the second information handling system using the credential object.
Type:
Grant
Filed:
March 4, 2013
Date of Patent:
July 28, 2015
Assignee:
Dell Products, LP
Inventors:
Daniel L. Hamlin, Kenneth W. Stufflebeam, Amy C. Nelson
Abstract: In an environment wherein a front end system receives a service request, and a back end system responds to the request, a user of a target endpoint must be authenticated. A ticket ID is assigned to the service request, and responsive to an initiating action of the user, a virtual token is generated that has a specified relationship with the ticket ID. The virtual token is delivered to the user, and the user is prompted to present the token to a validating component associated with one of the front end or back end systems, wherein the validating component is configured to verify the token validity. If the token is found to be valid, the user is authenticated to access the specified target endpoint.
Type:
Grant
Filed:
October 8, 2013
Date of Patent:
July 21, 2015
Assignee:
International Business Machines Corporation
Inventors:
Paul Driscoll, Milton H. Hernandez, Paul Jennings, Chee Meng Low, Yaoping Ruan, Larisa Shwartz
Abstract: In an environment wherein a front end system receives a service request, and a back end system responds to the request, a user of a target endpoint must be authenticated. A ticket ID is assigned to the service request, and responsive to an initiating action of the user, a virtual token is generated that has a specified relationship with the ticket ID. The virtual token is delivered to the user, and the user is prompted to present the token to a validating component associated with one of the front end or back end systems, wherein the validating component is configured to verify the token validity. If the token is found to be valid, the user is authenticated to access the specified target endpoint.
Type:
Grant
Filed:
September 9, 2013
Date of Patent:
July 21, 2015
Assignee:
International Business Machines Corporation
Inventors:
Paul Driscoll, Milton H. Hernandez, Paul Jennings, Chee Meng Low, Yaoping Ruan, Larisa Shwartz