Abstract: A method is provided in one example embodiment that includes receiving in an external handler an event notification associated with an event in a virtual partition. A thread in the process in the virtual partition that caused the event can be parked. Other threads and processes may be allowed to resume while a security handler evaluates the event for potential threats. A helper agent within the virtual partition may be instructed to execute a task, such as collecting and assembling event context within the virtual partition, and results based on the task can be returned to the external handler. A policy action can be taken based on the results returned by the helper agent, which may include, for example, instructing the helper agent to terminate the process that caused the event.

Abstract: Embodiments related to network video messaging are disclosed. One disclosed embodiment provides a method that comprises receiving a video message from a client application of a source client; associating a navigation link with the video message; transmitting a notification message to the recipient client including the navigation link; receiving a retrieval request from the recipient client to access the video content via the navigation link; and transmitting the video content to the recipient client responsive to receiving the retrieval request by providing a persistent download of the video content from the storage server if the download condition indicates that a persistent download of the video content is permissible; and providing a transient download of the video content to the recipient client while prohibiting a persistent download of the video content if the download condition indicates that a persistent download of the video content is not permissible.

Abstract: A method is provided in one example embodiment and includes receiving information for network traffic in a wireless network; correlating the information with a subscriber of a plurality of subscribers; and generating a behavior profile for the subscriber based on the information over a period of time.

Abstract: A method and system for renewal of expired certificates is described. In one embodiment, a method, implemented by a computing system programmed to perform operations, includes receiving, at a certificate manager of a computing system from a requester, a certificate renewal request for an original digital certificate that has already expired, and renewing the expired certificate as a renewed certificate by the certificate manager when the certificate renewal request is approved. The renewed certificate comprises the same key pair as the original certificate, but includes a new expiration date, and wherein the renewed certificate is functionally identical to the original certificate.

Abstract: In one example, a network device may store health status information specifying a current security status for each of a plurality of authenticated endpoint devices in accordance with an authorization data model. The network device may update the current security status of each of at least two of the plurality of authenticated endpoint devices connected to an enterprise network to indicate that each of the at least two of the plurality of authenticated endpoint devices has a compromised security status, and identify a characteristic common to both of the authenticated endpoint devices having the compromised security status. The network device may interface with one or more policy enforcement devices to quarantine a set of endpoint devices associated with the identified characteristic. The current security status of at least one of the quarantined endpoint devices may indicate that the quarantined endpoint device does not have a compromised security status.

Abstract: In one embodiment, a system and associated processes for transparent client-side cryptography are provided. In this system, some or all of a user's private data can be encrypted at a client device operated by the user. The client can transmit the encrypted user data to a content site that hosts a network application, such as a social networking application, financial application, or the like. The content site can store the private data in its encrypted form instead of the actual private data. When the content site receives a request for the private data from the user or optionally from other users (such as social networking friends), the server can send the encrypted user data to a client associated with the requesting user. This client, if operated by an authorized user, can decrypt the private data and present it to the authorized user.

Abstract: Security of sensitive information stored on a computing system is protected by monitoring a set of performance indicators of the computing system and executing remedial measures to protect the sensitive information when the set of performance indicators indicates a likelihood of malicious activity. A particular technique involves limiting the amount of sensitive information looted during a malicious attack on a computing system. The technique includes monitoring a set of performance indicators of the computing system. The set of performance indicators provides a measure of sensitive information being accessed on the computing system. The technique further includes testing whether the monitored set of performance indicators indicates a likelihood of looting, and temporarily reducing access to the sensitive information on the computing system in response to the act of testing indicating a likelihood of looting.

Abstract: A security server renders a plurality of web pages. The security server logs script operations of the plurality of web pages that are performed when the web pages are rendered. Sequences of script data values that result from the script operations are determined. The sequences of script data values are tagged as either malicious or non-malicious based on whether the script operations associated with the sequence of script data values resulted in abnormal behavior in the computer. A statistical analysis is performed on the malicious and non-malicious script data values to determine likelihoods that identified sequences of script data values represent malicious behavior. The security server generates security data based on the statistical analysis. The security data are provided to clients. The clients monitor script operations of web pages accessed by the clients, and use the security data to identify malicious script operations.

Abstract: A system and method for providing DTN services to legacy applications is provided. According to one example, a method for providing delay tolerant networking (DTN) services to legacy applications includes acts of intercepting a packet addressed to a software application, the packet including a payload, the software application being resident on a first computer, determining suitability of the packet for DTN processing and encoding the payload into a DTN bundle. According to another example, a system for providing delay tolerant networking (DTN) services to legacy applications includes a network interface, a memory and a controller coupled to the network interface and the memory. In this example, the controller is configured to intercept a packet addressed to a software application, the packet including a payload, the software application being resident on a computer, determine suitability of the packet for DTN processing and encode the payload into a DTN bundle.

Abstract: A system includes an interface module, an addressing module, and a multiplier module. The interface module is configured to (i) receive operands and configuration data for a Rivest-Shamir-Adleman (RSA) operation or an Elliptic Curve Cryptography (ECC) operation, and (ii) control access to a random access memory (RAM). The addressing module is configured to allocate memory space within the RAM for storage of the operands. The multiplier module includes a Montgomery multiplier configured to perform Montgomery multiplication operation for both the RSA operation and the ECC operation.

Abstract: A method, system, and medium are provided for sharing content among network devices. The system includes at least one base station and network devices that are part of a wireless network. The base station is configured to receive a request for content from a network device. The content may be available on a second network device proximate to the first network device. The base station may generate a temporary key that allows the first network device to access the content available on the second network device while proximity between the first network device and the second network device is maintained. The base station, in turn, transmits the temporary key to the first network device.

Abstract: A computing system includes a processor; and a memory communicatively coupled to the processor. The processor is configured to: generate a challenge response test image comprising a plurality of well-formed construct elements forming a well-formed construct and a plurality of random construct elements; and provide a plurality of masks to be placed over the image, one of the number of masks configured to reveal the well-formed construct elements when placed over the image.

Abstract: A method for providing a challenge response test associated with a computer resource performed by a physical computing system includes, with the physical computing system, generating a challenge response test image comprising a plurality of well-formed construct elements forming a well-formed construct and a plurality of random construct elements, and providing a number of masks to be placed over the image, one of the number of masks configured to reveal the well-formed construct elements when placed over the image.

Abstract: An apparatus includes a storage device, a position comparison processor coupled to the at least one storage device, and a display coupled to the position comparison processor. A plurality of files is stored on the storage device, wherein each file contains at least one item of confidential information and wherein a geographic location of use is associated with the file. The position comparison processor compares a current geographic location with each of the geographic locations of use associated with the plurality of files and the display displays contents of a selected file, wherein the geographic location of use associated with the selected file matches the current geographic location.

Abstract: An approach is provided for providing separation of authentication protocols and/or authentication contexts for client-server and server-server communication in network communication. A proxy server receives a request to initiate a service session. The request includes a first authentication context. The proxy server request verification of the first authentication context from an authentication server and validates the first authentication context based, at least in part, on the verification. The proxy server implements a second authentication context based, at least in part, on the verification of the first authentication context to initiate the service session.

Abstract: A handheld communications device and method for transmitting an encryption key are provided. The method comprises: generating an encryption key via the data processor, the encryption key comprising a bit sequence; and varying an output of the display device over a period of time to transmit the encryption key from the handheld communications device by varying at least one of a sequence at least one of colour rendered on the display device or a sequence of brightness levels output by the display device.

Abstract: A management platform that allows security and compliance users to view risks and vulnerabilities in their environment with the added context of what other mitigating security countermeasures are associated with that vulnerability and that are applicable and/or available within the overall security architecture. Additionally, the platform allows users to take one or more actions from controlling the operation of a security countermeasure for mitigation purposes to documenting the awareness of a security countermeasure that is in place.

Abstract: A handheld communications device for transmitting an encryption key is provided. The device comprises a display device, and a data processor. The data processor of the handheld communications device is in communication with the display device. The data processor is configured to generate an encryption key, and to vary a visual output of the display device over time in accordance with a bit sequence of the encryption key. The varying visual output comprises a sequence of colors and/or brightness levels output by the display device.

Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or data isolation. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a rootkit defense mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it), inter alia, for detection and/or prevention of malicious code, for example, in a manner/context that is isolated and not able to be corrupted, detected, prevented, bypassed, and/or otherwise affected by the malicious code.

Abstract: A method and apparatus are provided for protecting confidential information. The method includes the steps of providing a plurality of files where each file contains at least one item of secret information, such as a password for a private account. Access to the plurality of files is password protected with a master password. To access the plurality of files, the master password must be entered into a master password entry field. The files are deleted upon successive entry of incorrect passwords into the master password entry field a predetermined number of times.