Abstract: Allowing a subscriber of media content services or products to receive filtered content based on the current viewer's profile (i.e., age, gender, maturity, etc.) as opposed to the viewer's physical location is provided. Media content for which filtering may apply may be in the form of movies, television shows, music for listening/downloading, video games, internet browsing, and the like. Upon logging in from the endpoint device interface (television/set-top-box, desktop computer, laptop computer, smart-phone, touch computer, etc.), log-in information may be compared with predefined profiles set up by the primary account holder and filtered media content may be delivered to match the profile of the current logged in end user.

Abstract: Online system users interact with one or more third party systems, with the online system maintaining an account for each of its users and each third party system maintaining a third party account for each of its users. The online system compares information in a user's account to accessible information in third party accounts and establishes connections between the user's account and o third party accounts based on the comparisons. A connection between the user's account and a third party account includes a confidence level indicating a likelihood of the third party account being associated with the user of the online system corresponding to the account. A third party system may request information from the online system about a user specifying a threshold confidence level, allowing the online system to return information from third party accounts having connections to the user's account with at least the threshold confidence level.

Abstract: A method is presented for analyzing an original software program as a potentially evasive malware. The method may comprise discovering at least one revealed instruction in the original software program, where the revealed instructions are not executed when the original software program is run without modification; modifying the original software program to create a modified program that will execute at least one revealed instruction when the modified program is run; and exploring the at least one revealed instruction by running the modified program.

Abstract: Communications in social networking environment are monitored and patterns of sharing a communication are identified. The patterns of sharing are compared to one or more criteria. A first probability of false information in the communication is determined. Responsive to determining the first probability of false information in the communication exceeding a first threshold, an additional validation of the communication is performed. A second probability that the communication contains false information is determined based on the additional validation. Responsive to determining that the second probability indicative of the communication containing false information exceeds a second threshold, an action to reduce dissemination of the communication may be performed.

Abstract: An application platform examines, at runtime, various specified aspects of an application environment in which an application interacts with a user. Such examinations are made to determine a state for each of the various specified aspects. Further, the platform automatically activates particular application environment roles for the user depending on the result of the examinations. For example, an application environment role may be activated representing a particular detected mode of communication (e.g., encrypted network communications) or a particular detected manner of authentication (e.g., password authentication). Such activations are based on the detected states and specified states for the various specified aspects of the application environment. Such activations may occur in the context of an application attempting to perform an operation on an access controlled object on behalf of a user.

Abstract: Scanning for computer viruses or E-mail and data content filtering is performed using a distributed programming approach. A master computer 4 serves to divide the scanning operation into a plurality of tasks that are allocated to further computers 8, 10, 12, 14, 20. These further computers then separately perform the tasks and return the results to the master computer 4. The master computer 4 can check the update status of the further computers prior to them starting operation in order to check that they have the latest data defining the scanning to be performed.

Abstract: Techniques to ensure that a content stream will be encrypted prior to it being served it to the stream receiver if either the stream receiver returned an initial status to the stream caster indicating that only encrypted streams will be accepted or if the user of the stream caster optioned that only encrypted streams will be cast. A stream casting device is capable of locally sourcing and encrypting streams. A content stream server is capable of sourcing encrypted streams and encrypting streams on the fly. A stream receiver device is also described. The system manages key exchanges, encryption, and decryption across the devices serving streams, and stream receiving devices. The casted streams, residing on either a content stream server or on the stream casting devices will be encrypted prior to being served.

Abstract: A Dynamic Adaptive Machine (DAM) classifies a received packet into a packet group and selects an initial level of processing for that group based on, at least in part, a measure of load of the system for processing the packet. The DAM continues to monitor the system load and re-computes the load measure, and increases or decreases the processing level according to the load measure. The DAM considers one or more processing states and, after an increase in the processing level, ignores for a certain grace period any errors generated at the higher level of processing, to minimize false positive errors.

Abstract: A method and apparatus for detecting a Return-Oriented Programming exploitation. At a computer device, a mechanism to detect a control transfer of a code location in a memory is established. This may be, for example, hooking the control transfer. The code location relates to an electronic file. In the event that a control transfer of the code location is detected, a comparison is made between a destination code location address with values in the freed stack. If the code location address matches any of the values in the freed stack, then it is determined that the control transfer of the code location relates to a Return-Oriented Programming exploitation.

Abstract: A first computing device is provided for transmitting one or more volumes via a secured connection. The first computing device includes a controller that is executable by one or more processors and is configured to instruct a cloud computing device to generate a worker virtual machine. The controller is also configured to provide authentication information to facilitate establishing of the secured connection between the controller and the worker virtual machine. The controller is further configured to instruct the cloud computing device to generate one or more target volumes associated with the cloud computing service and to associate the one or more target volumes with the worker virtual machine. The controller is further instructed to provide, irrespective of the content type of the volumes and the size of the volumes, the one or more volumes to the worker virtual machine via the secured connection.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for managing access to public content are disclosed. In one aspect, a method includes receiving, at a user device, first content transmitted by a first system; in response to receiving the first content, generating, by the user device, a request for second content; transmitting the request for the second content to a second system; determining, by the user device, whether the second content has successfully loaded; and in response to determining that the second content has not been successfully loaded by the user device, executing code included as part of the first content to cause a display of main display content. Other embodiments of this aspect include corresponding systems, apparatus, and computer programs, configured to perform the actions of the methods, encoded on computer storage devices.

Abstract: In some aspects, control circuitry receives, at a content provider server that is associated with a first subscription service, a first authentication key from a content aggregator server that is associated with a second subscription service, prior to the user subscribing to the first subscription service. The control circuitry generates and stores, at the content provider server, the first user account after comparing the first authentication key to acceptable authentication. In response to storing the first user account, the control circuitry receives a request from the content aggregator server to subscribe the user to the first subscription service, wherein the request includes a second authentication key.

Abstract: An interaction method, device, client and server are provided. The method includes that: a client scans a target two-dimensional code (for example, a Quick Response code) to acquire a URL of the target two-dimensional code; the client sends the URL to an associated third-party server; the client receives multifunction information returned from the third-party server according to the URL, wherein each piece of the multifunction interaction information includes interaction type information; the client interacts with the third-party server according to the multifunction information. The present disclosure makes it possible that: during scanning a two-dimensional code, a client can directly interact with a third-party server, the interaction applications can simply be acquired via scanning, instead of pre-scanning and manually initiating an interaction with the scanned contents, such that the operations are simple and convenient.

Abstract: Embodiments disclosed herein provide systems, methods, and computer readable media for determining user reputation regarding data object exposure in a cloud computing environment. In a particular embodiment, a method provides receiving, from the cloud computing environment, information regarding behavior of a user in the cloud computing environment. The method further provides analyzing the information to determine a plurality of exposure characteristics for the user. The method provides determining a reputation of the user for exposing data objects in the cloud computing environment based on the plurality of exposure characteristics.

Abstract: The disclosed computer-implemented method for defeating relay attacks may include (1) buffering, in a memory buffer, an encoded signal that has been sent to a remote device, (2) detecting, within a time interval of the encoded signal being sent, a second signal that corresponds to the encoded signal, (3) determining that a strength of the second signal is above a predetermined threshold, (4) determining, based on the strength of the second signal being above the predetermined threshold, that the second signal represents a relay attack, and (5) initiating a security action to defeat the relay attack. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Embodiments of the present invention provide a method and a device for processing a data security channel of a tunnel, where the method includes: receiving an authentication and authorization request of an access side, and determining a trust relationship of access of a user equipment; and when an S6b interface session of the user equipment exists, sending a message including information about the trust relationship of the access of the user equipment to a packet data gateway, so that the packet data gateway establishes or updates a data security channel of an S2c tunnel according to the information about the trust relationship.

Abstract: Aspects described herein provide systems and methods for computer system security monitoring. Multiple event monitoring agents may be deployed across an enterprise-wide computing system such that each event monitoring agent monitors at least one event generator of the enterprise-wide computing system. The event monitoring agents may be connected to an event processing server. The event processing server may receive event information generated by the event monitoring agents that describe events occurring at the event generators. The event processing server may perform a security analysis on at least a portion of the event information received that includes applying a security policy to the event information. The event processing server may execute a security response based on the security analysis performed such as, for example, a response specified in the security policy applied.

Abstract: A system for authorization level verification includes a host computer having a processor and a memory. The processor and memory are configured to operate a multi-user CAx environment. The host computer further includes an authorization level module and an authorization level adjustment module. The host computer is configured to communicate with a plurality of local computers. Each of the local computers are configured to operate a local CAx environment of the multi-user CAx environment. A data storage element is in communication with the host computer and is configured to store a part file compatible with the multi-user CAx environment. The authorization level module is configured to facilitate a user login from one or more of the plurality of local computers.

Abstract: A trust module suitable for providing and managing network administration across multiple networks with different security levels. The trust module comprises an administration module to provide secure communication rules between and among the networks that define the manner in which the networks exchange secure communication over a data channel. The administration module includes a user interface to enable an administrator to define the secure communication rules and an encryption module to encrypt the secure communication rules. Advantageously, the trust module of the present invention allows for secure communication and attestation across an unsecure network and a secure network.

Abstract: Technology is provided for transferring a right to a digital content item based on one or more physical actions detected in data captured by a see-through, augmented reality display device system. A digital content item may be represented by a three-dimensional (3D) virtual object displayed by the device system. A user can hold the virtual object in some examples, and transfer a right to the content item the object represents by handing the object to another user within a defined distance, who indicates acceptance of the right based upon one or more physical actions including taking hold of the transferred object. Other examples of physical actions performed by a body part of a user may also indicate offer and acceptance in the right transfer. Content may be transferred from display device to display device while rights data is communicated via a network with a service application executing remotely.