Abstract: A system is disclosed for assuring the integrity of file segments. A first server has an associated file repository storing a plurality of files and transfers a file segment on an output upon request. A second server also has an associated file repository and receives and stores the file segment in the associated file repository. The second server identifies if there are additional segments of the same file in the associated file repository and processes the received file segment together with the additional identified file segments to identify the presence of malware. Finally, the second server transfers the received file segment on an output as a scanned file segment only if no malware is identified. A third server has an associated file repository and is configured to receive and store the scanned file segments in the associated file repository and to transfer a received scanned file segment to a client.

Abstract: An application media package for accessing and displaying Internet content includes a definition for rendering a graphical user interface and a URL pointing to Internet content that may be downloaded and presented within said user interface. An application media viewer may be used in association with the application media package to manage the collection, organization, sharing, and rendering of a plurality of such Packages. Such Application Media Packages may be obtained via a web browser displaying links thereto. They may also be obtained through functionality provided by said Application Media Viewer. Links to Application Media Packages may be shared among user, for example by email. Groupings of Application Media Packages may be created by users or Package providers, and such groupings may be shared amongst users.

Abstract: A method and system are provided for granting access to a secured website of a content provider. The method includes: detection of a user's request for accessing secured website on a first communication device, the request indicating that at least one access code for accessing secured website is stored on an authentication server; transmission of a request for a validation to a second communication device identified with indication; and after verification of the validation received from the second communication device, forwarding the request for access to the secured website to the content provider using the stored website access code corresponding to the security code.

Abstract: Embodiments of the invention relates to tracking changes made to a document, and embedding the changes in the document while limiting access to the embedded changes. A log of the revisions is retained in a revision history, which is stored in an object library of alternative storage. Access to the document with acceptance of the changes is enabled. Markings associated with deletions and additions to the document, the revision history, or an alternative view showing the changes made is limited based upon a security protocol.

Abstract: A system and method for first changing the encryption key on a self-encrypting disk drive followed by a complete disk wipe. Either process can be separately performed, and they can be performed in any order. In fact, one embodiment of the invention, resets the symmetric key, wipes the disk a predetermined number of times with different predetermined data patterns, and then resets the key a second time. This assures that there is absolutely no way to recover the original key or to read the original plain text data, even if some of it's encrypted values remain on unallocated tracks after wiping. A user can be assured that in milliseconds after starting the wiping process, the entire disk is rendered unreadable and unrecoverable.

Abstract: Methods for use with computing devices implementing a plurality of nodes of a ring-shaped overlay network. A joining node implemented by a joining computing device requests a connection with a bootstrap one of the plurality of nodes. In response, the bootstrap node sends a handshake identifier to the joining node. The joining node loads one or more portions of selected software code as a byte stream, and performs an operation (e.g., a hash function) on the handshake identifier and the byte stream to determine a first value. The joining node transmits the first value to the bootstrap node. The bootstrap node compares the first value to a second value. When the first and second values are identical, the bootstrap node validates the joining node. When the first and second values are not identical, the bootstrap node rejects the joining node thereby preventing the joining node from joining the overlay network.

Abstract: A system and method for electronic stamping are disclosed. Personal fingerprint pre-stored is used to verify the fingerprint information collected, the document data and the fingerprint information is signed with a private key to get a first signature result, the user's public key and the pre-stored fingerprint information is then signed with a private key of a stamp producer to get a second signature result, the first signature result, the collected fingerprint information and the second signature result are combined to form electronic fingerprint stamp data.

Abstract: A vehicle may include at least one controller configured to maintain a communication channel over a network between a vehicle and a vehicle service server accessible through an access point node. The at least one controller may be further configured to receive, over the network out-of-band from the communication channel, an update message including updated communication channel connection information, and upon receiving the message, reconnect the communication channel according to the updated connection information. A secure server may be configured to generate the update message specifying at least one of updated access point node information and updated address information, encrypt the update message according to an encryption key shared with a vehicle destination, and provide the update message over a network to the vehicle out-of-band from the communication channel.

Abstract: Technologies are generally described to detect malware on field programmable gate arrays (FPGAs). In some examples, a power map of an FPGA executing coprocessors may be created by determining voltages associated with distinct areas within the FPGA. The power map may then be compared with expected activity information associated with the executing coprocessors to determine whether any mismatches occur, such as detected power usage where no power usage is expected. Mismatches may indicate the presence of malware executing on the FPGA.

Abstract: Portable electronic devices typically have reduced computing resources, including reduced available bandwidth to receive communications. A method, apparatus and system is provided to manage packet delivery to electronic devices to mitigate some of these problems.

Abstract: Systems and methods, including computer software adapted to perform certain operations, can be implemented for preventing content received from non-trusted sources from accessing protected data. A sequence of instructions and multiple permission indicators associated with the sequence of instructions are received. One or more of permission indicators are associated with a protected activity. An instruction within the sequence of instructions associated with the protected activity is identified. A determination is made whether execution of the identified instruction is permitted based, at least in part, on the one or more permission indicators, and the protected activity is performed if execution of the identified instruction is permitted.

Abstract: An electronic device and a method for unlocking a screen of the electronic device are provided. The electronic device includes a screen and a storage unit. The method includes detecting, in a screen-locked state, intent of a user to unlock the screen; if it is detected that the user intends to unlock the screen, extracting contact information from the storage unit of the electronic device, where the extracted contact information includes a first attribute value and a second attribute value; displaying the first attribute value of the extracted contact information on the screen and prompting the user to input a second attribute value; and detecting an input of the user, and comparing the input of the user with the second attribute value; if the input of the user is the same as the second attribute value, unlocking the screen; and otherwise, maintaining the screen-locked state.

Abstract: A method to verify a geographic location of a virtual disk image executing at a data center server within a data center. One embodiment includes a cryptoprocessor proximate the data center server, a hypervisor configured to send a disk image hash value of the virtual disk image, a digital certificate issued to the cryptoprocessor, an endorsement key to a data center tenant and a location provider. The method includes sending a disk image hash value of the virtual disk image, an endorsement key unique to a cryptoprocessor proximate the data center server to a data center tenant, and a digital certificate to a data center tenant. Next, the location provider sends the geographic location of the cryptoprocessor matching the endorsement key to the data center tenant.

Abstract: A method for generating a virtual recursive secure container and for generating a virtual secure container of relationship of rights along with a system that distributes copyrighted digital content, respecting the legal framework for intellectual property when distributed electronically, either on the Internet or any other digital medium, and offering consumers their rights as buyers of digital content. The logical components, ‘Master Avatar’ and ‘User Avatar’, which reside in the users' digital devices, create the virtual framework for relating rights of author and consumer. By providing each avatar with a key to decrypt the data of digital content distributed through the system, the virtual link for relating the rights of author and consumer is created. Digital content is only distributed in a virtual secure container if the author or a licensed medium previously published that content in the system and authorized its distribution in scenarios allowed by the system.

Abstract: Malware beaconing activity detection is disclosed, including: monitoring a plurality of conversations between an internal device and one or more external destinations; extracting feature sets based at least in part on the plurality of conversations; and determining that a conversation of the plurality of conversations is anomalous based at least in part on the extracted feature sets.

Abstract: Methods for blind detection of computational vulnerabilities include the submission by a detecting system of potentially interpretable information to a target system; measurement of the timing characteristics of the output from the target system by the detecting system; and diagnosis of the vulnerabilities of the target system by the detecting system as based on the timing characteristics, optionally in conjunction with auxiliary data. Invented systems provide reference implementations of these methods.

Abstract: Analytics data validation techniques are described. In one or more implementations, an analytics service collects analytics data from a client device that describes web content and consumption of the web content by the client device. The collected analytics data includes encrypted analytics data that is not accessible by the client device and dynamic analytics data that describes the consumption of the web content by the client device. The encrypted analytics data is decrypted and a determination is made as to whether the collected analytics data is valid using the decrypted analytics data based on whether the decrypted analytics data includes expected parameters or that the dynamic analytics data is consistent with the decrypted analytics data. Responsive to a determination that the collected analytics data is valid, use of the collected analytics data is permitted are part of a web content analysis.

Abstract: The illustrative embodiments provide a computer implemented method, apparatus, and computer program product for receiving a request from a client to instantiate an electronic document. After successful completion of mutual authentication between a web application server and the client, the web application server provides the electronic document to the client. The web application server may then receive a set of changes associated with the electronic document to form a modified document. After receiving a request from the client for a digital signature to be generated for the modified document, the web application server generates a digital signature using a private key of the web application server and an identity of an end-user associated with the client. The web application server then signs the modified document with the digital signature.

Abstract: Behavioral analysis of a mobile webpage is performed to determine whether the webpage is malicious. During analysis, the webpage is visited by an emulated mobile device to cause behaviors to occur which may be malicious. The behaviors occurring after accessing the webpage are stored. The behaviors are classified as hard or soft signals. A probability of the webpage being malicious is determined through combining soft signals, and the webpage is classified as malicious or non-malicious. Users of the webpage, the developer of the webpage, or a distributor of the webpage are notified of the webpage classification to enable responsive action.

Abstract: A method and system for distributed security for a plurality of devices in a communication network, each of the devices being responsible for generating, distributing and controlling its own keys for access to the communication network and using the keys to establish a trusted network, each device's membership to the communication network being checked periodically by other devices by using a challenge response protocol to establish which devices arc allowed access to the communication network and the trusted network.