Abstract: An electronic device and an operating method thereof are provided. The electronic device includes a first processor, a second processor, a display, and a first sensor. The first processor receives an input through the first sensor while the display is in a deactivated state, and transmits the input to the second processor, when biometric data is detected in the input, and the second processor authenticates the biometric data included in the input, and activates the display if the authentication succeeds.

Abstract: In order to detect an attack to a web application accurately by accurately correlating different types of events having occurred in the same server, an event acquiring unit acquires a log of events containing a HTTP request to a server, an event correlator creates a set of the request and events relevant to the request as an event block by using process IDs of processes having processed events contained in the log, and an attack detector contrasts the event block that is created from the log of events in which an attack is to be detected with an event block that is created from normal events to calculate a degree of similarity and, when the degree of similarity is equal to or lower than a threshold, detects the event block as an event block containing an event that is abnormal due to an attack.

Abstract: Key material is protected using white-box cryptography and split key techniques.

Abstract: The present invention is related to systems and methods for identifying and reporting a crisis status. In at least one embodiment, the system comprises a central server; an administrative work station communicably coupled to the central server, wherein the administrative work station is accessible only by an authorized administrator; a database communicably coupled to the central server, the database including a floor plan of the area, wherein the database is accessible and modifiable by the authorized administrator at the administrative work station; and a remote device at a particular location in the area, the remote device communicably coupled to the central server, the remote device capable of communicating securely to the database the particular location of the remote device and the crisis status of the particular location.

Abstract: A system according to this invention is directed to a virtual network system that prevents unauthorized registration, alteration, or occurrence of erroneous registration even if an operator is to create a network system including a virtual network function produced by a third party.

Abstract: Facilitation of management and utilization of domain-specific anonymous customer references (ACRs) for protection of subscriber privacy across different domains is disclosed herein. In one aspect, on receiving user authorization, an ACR services (ACRS) component can generate an ACR that is to be inserted in a communication or message transmitted from a user equipment to an untrusted entity. The ACR can be generated based on address data associated with the untrusted entity and/or a unique subscriber identifier associated with the user equipment. As an example, the ACR creation component can generate the ACR based on a cryptographic hash, a static encryption key, and/or a dynamic encryption key. If the ACR is forwarded to a trusted entity, the trusted entity can calculate the unique subscriber identifier based on evaluating the ACR and/or exchange the ACR for the unique subscriber identifier via a secure communication with the ACRS component.

Abstract: Techniques for secure linking of attributes between a first node and a plurality of nodes are provided. In one aspect, the first node and the plurality of nodes maintain a distributed data set. The techniques may include encoding the attributes as integer values at the first node. The nodes of the plurality of nodes that include matching attributes may be determined using a secure list matching protocol.

Abstract: One or more users (42) are identified based on typing pattern and/or behavior in a computerized system. A typing input is generated by one or more authorized users (42) by touching a touch sensitive input interface (12) at a touch coordinate that is linked to a given interface element displayed by the input interface (12). Collected touch coordinates are processed to generate a typing pattern specific of the authorized users (42), and the user-specific typing pattern is stored in a database (20). Touch coordinates generated by an un-identified user are processed to generate a typing pattern specific of the un-identified user (42), and the typing pattern of the un-identified user (42) is compared with the user-specific typing pattern stored in the database (20). The un-identified user is identified as (42) as one of the authorized users or as a non-authorized user.

Abstract: According to an example, a network security device determines whether a number of rules with a same matching feature in a first policy database reaches a preset threshold, wherein the first policy database records one or more first policies, each of the first policies comprises a policy identity (ID) and a plurality of rules respectively associated with the policy ID, each of the rules comprises a matching feature and an action associated with the matching feature; and generates a second policy database recording one or more second policies, by reconstructing the first policies in the first policy database when the number of rules with the same matching feature reaches the preset threshold, wherein each of the second policies comprises a matching feature and a target two-tuple comprising a policy id and an action associated with the matching feature.

Abstract: A searchable encryption processing system includes a server including: a communication device to communicate with another device; a storage device configured to store as search target data, secret data obtained by concealing plaintext data, and a secret index obtained by concealing a plaintext index to classify the plaintext data; and an arithmetic device to execute a process including receiving, from a search client, a secret data query obtained by concealing a plaintext query, and a secret index query obtained by concealing a plaintext index, searching the storage device for a secret index matching the secret index query based on a predetermined searchable encryption technique, searching a secret data group classified by the matching secret index for secret data matching the secret data query, and returning the searched secret data to the search client.

Abstract: A content management system can tag a client installer with an information tag linking the client installer to a user account. The client installer can be configured to install the client-side application on the client device and pass the identification tag to the installed client-side application. The client-side application can transmit the identification tag to the content management system, which can use the identification tag to identify the linked user account and log the client-side application into the user account. The content management system can implement several verification measures such as limiting the number of times and when an identification tag can be used, as well as IP addresses that can use the identification tag. The content management system can also use data cached by the web-browser application to determine if the web-browser application was used to access the user account in the past.

Abstract: Embodiments include methods and systems for detecting security risks in network pages, comprising providing at least one secure transaction page to a secure transaction provider, the secure transaction page enabling the secure transaction provider to request secure transactions, determining a request rate for the secure transaction page associated with the secure transaction provider, determining a predetermined threshold for a change in request rate for the secure transaction page by the secure transaction provider, determining that the predetermined threshold, for the change in request rate for the secure transaction page by the secure transaction provider, has been exceeded, and providing a notification to the secure transaction provider based on the determination that the predetermined threshold, for the change in request rate for the secure transaction page by the secure transaction provider, has been exceeded.

Abstract: Various aspects and embodiments of dwelling automation administration are described. Among other aspects or features of the embodiments, a dwelling automation system in a computing device authenticates a user. A management interface in the dwelling automation system generates a user interface for administering a plurality of automation devices at different dwellings based on access and control rights of the user. The user interface can grant the user access to at least one automation device associated with a hub associated with at least one dwelling.

Abstract: A system for collection and analysis of forensic and event data comprising a server and an endpoint agent operating on a remote system. The server is configured to receive event data including process creation data, persistent process data, thread injection data, network connection data, memory pattern data, or any combination thereof, and analyze the event data to detect compromises of a remote system. The endpoint agent is configured to acquire event data, and communicate the event data to the server.

Abstract: A method is provided for managing key rotation (use of series of keys) and secure key distribution in over-the-top content delivery. The method provided supports supplying a first content encryption key to a content packaging engine for encryption of a first portion of a video stream. Once the first content encryption key has expired, a second content encryption key is provided to the content packaging engine for encryption of a second portion of a video stream. The method further provides for notification of client devices of imminent key changes, as well as support for secure retrieval of new keys by client devices. A system is also specified for implementing a client and server infrastructure in accordance with the provisions of the method.

Abstract: An electronic storage system is provided. The system includes a housing, securable units within the housing, a kiosk to assign securable units to users and to provide the users with access credentials for accessing assigned securable units, and user portals within the housing and separate from the kiosk. Each user portal permits access to one or more of the securable units in accordance with access credentials entered into the portal. Each user portal is also operable to allow users to transfer rentals of assigned securable devices to other electronic storage systems. The system also permits access to assigned securable devices in accordance with access credentials received via text or SMS messages or via applications executing on a computer, NFC device, or smart device, such as a smart phone or tablet.

Abstract: Disclosed herein are system, method, and computer program product embodiments for intrusion detection and response. An embodiment operates by receiving one or more events corresponding to one or more user actions performed during a connectivity session to a computer system. The received one or more events are compared to one or more intrusion parameters associated with the computer system. It is determined that the received one or more events correspond to the intrusion event and that the user actions are performed on a first version of the computer system. The connectivity session is switched from the first version of the computer system to a second version of the computer system responsive to the determination of the intrusion event.

Abstract: Methods and systems for a device identification system may be provided. The device identification system may determine an identity of a user device associated with a transaction. The identity may be determined by network address information, hard link information, soft link information, and/or other such information. The network address information may include IPv4 information, IPv6 information, a device ID, and/or other such information. The identity of the user device may be determined and a transaction conducted from the user device may be assigned a fraudulent transaction risk score according to the information. Transactions that are determined to be at a high risk of fraud may be reviewed or otherwise flagged and/or canceled.

Abstract: A credentials database that includes a first credentials locker with a first path defining the location of the first locker, and a second credentials locker. An application program is executed and the application program is a computer program that has direct interaction with a user. A first service program and a second service program are executed, and the first service program and the second service program do not have direct interaction with the user. The first service program is called by the application program, and the second service program is called by the first service program. The first service program uses security credentials to request and obtain data from the second service program, and the second service program. The first service program always has access to and is able to obtain the current credentials.

Abstract: A method operates an arrangement having a substation and a terminal device connected to the substation. The terminal device is equipped with a terminal device certificate and a private key. The certificate enables a signed data transmission, indicates the substation as the certificate issuer, has a signature of the substation and contains a reference to a public key of the terminal device. Following a connection of a control station to the substation, the control station recertifies the public key of the substation by creating a signed certificate for the substation containing the public key of the substation, for the authentication of data which are or are intended to be transmitted from the terminal device to another terminal device. The terminal device certificate indicating the substation as the certificate issuer is transferred to the other terminal device and the certificate verification is carried out based on recertified public key.