Abstract: A mobile terminal having security diagnosis functionality and a method of making a diagnosis on the security of the mobile terminal are provided. The mobile terminal includes a system check unit, an interface unit, a blacklist check unit, and a security diagnosis unit. The system check unit collects the basic information of the mobile terminal by performing a system check on the mobile terminal. The interface unit provides the basic information of the mobile terminal to a user and receives a control command from the user. The blacklist check unit checks whether at least one application installed in the mobile terminal is present in a blacklist registered on a server. The security diagnosis unit checks whether an abnormality has occurred in the corresponding application based on results of the comparison between the basic information of the mobile terminal with preset abnormality detection reference information and the control command.

Abstract: Delivering a Direct Proof private key to a device installed in a client computer system in the field may be accomplished in a secure manner without requiring significant non-volatile storage in the device. A unique pseudo-random value is generated and stored in the device at manufacturing time. The pseudo-random value is used to generate a symmetric key for encrypting a data structure holding a Direct Proof private key and a private key digest associated with the device. The resulting encrypted data structure is stored on a protected on-line server accessible by the client computer system.

Abstract: A method, an apparatus, and a system for configuring a key are provided. The method includes the following steps. A mobile node (MN) and an authentication authorization accounting home server (AAAH) generate a domain specific root key (DSRK) of a visited domain respectively. The AAAH sends the DSRK to an AAA visited server (AAAV). The MN and the AAAV generate a domain specific media independent handover service root key (DS-MIHS-RK) by using the DSRK respectively. The AAAV sends the DS-MIHS-RK to a visited domain media independent handover (MIH) authenticator. Thus, cumbersomeness and risks of errors in configuring and authenticating a password manually are avoided, so that large-scale and secure deployment of the MIH service becomes possible.

Abstract: Certain example embodiments described herein relate to security systems and/or methods for cloud computing environments. More particularly, certain example embodiments described herein relate to the negotiation and subsequent use of Trading Partner Agreements (TPAs) between partners in a Virtual Organization, the TPAs enabling resources to be shared between the partners in a secure manner. In certain example embodiments, TPAs are negotiated, an algorithm is executed to determine where an executable is to be run, the resource is transferred to the location where it is to be run, and it is executed—with the TPAs collectively defining a security policy that constrains how and where it can be executed, the resources it can use, etc. The executable may be transferred to a location in a multipart (e.g., SMIME) message, along with header information and rights associated with the executable.

Abstract: The instant disclosure describe various exemplary methods for enabling otherwise unprotected computing devices to assess the reputations of wireless access points. In one example, a computer-implemented method for performing such a task may include (1) identifying, at a computing device that is otherwise unable to assess the reputations of wireless access points, at least one wireless access point that is available to the computing device, (2) obtaining, from a reputation service, reputation information for the wireless access point that identifies the reputation of the wireless access point, wherein the reputation information is based at least in part on prior interactions with the wireless access point by at least one additional computing device, and then (3) presenting the reputation information to a user of the computing device to help the user determine whether to connect to the wireless access point. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A software license engine allows an enterprise to model software license contracts and evaluate deployment of software for compliance with the software license contracts. Deployment of software products in the enterprise is modeled in a configuration management database. The software license engine maintains a license database for connecting software license contracts with software deployment modeled by the configuration management database. Users of the software license engine may use license types that are predefined in the software license engine or may define custom license types. The software license engine may indicate compliance or non-compliance with the software license contracts.

Abstract: Methods and apparatus are provided for implementing a system such as a programmable chip system having hardware and software usage limitations and restrictions. Usage limitation circuitry is integrated onto a device. A usage limitation function is integrated into software, such as an operating system for the device. The usage limitation function can be configured to interact with the usage limitation circuitry. The usage limitation circuitry and the usage limitation function are operable to disable the device and the associated software.

Abstract: Following development of an application, the application is deployed in a pre-production environment. A user role plays against that application, typically by performing one or more operations as a particular user in a particular group. As the operator role plays, access logs are written, and these logs are then analyzed and consolidated into a set of commands that drive a policy generator. The policy generator creates an optimized security policy that it then deploys to one or more enforcement points. In this manner, the framework enables automated configuration and deployment of one or more security policies.

Abstract: A processing device is configured to maintain counters for respective stored data blocks, and to encrypt a given one of the data blocks utilizing a value of the data block in combination with a value of its associated counter. The encryption may comprise a homomorphic encryption operation performed on the given data block as a function of the value of that data block and the value of its associated counter, with the homomorphic encryption operation comprising an operation such as addition or multiplication performed over a designated field. A given one of the counters is incremented each time the corresponding data block is subject to an update operation. The data block can be encrypted, for example, by combining a value of that data block with an additional value determined using the associated counter value, such as a one-time pad value determined as a function of the counter value.

Abstract: Apparatus, systems, and methods may operate to receive an attack request comprising operating system privilege use instructions associated with a gateway and slave process exploit code instructions. The attack request may be contained by processing the request as a user associated with an assigned slave module processing on the gateway. The slave module is prevented from connecting to or scanning any internet protocol address and port that is not specified in a policy database having network interception policy rules and file system privilege rules associated by a key comprising a slave module operating system identifier associated with the slave module. Additional apparatus, systems, and methods are disclosed.

Abstract: Method of updating revocation list is disclosed. Time information of revocation list indicating registration time of most recently registered revocation entity included in revocation list of first device is extracted, and time information of revocation list indicating registration time of the most recently registered revocation entity included in the revocation list of a second device connected to the first device is also extracted. A revocation entity registered in the first device after the registration time of time information of the revocation list of the second device is copied in the revocation list of the second device, if the registration time of extracted time information of the revocation list of the first device is later than the registration time of the extracted time information of the revocation list of the second device. Thus, the revocation list can be updated by connecting the first and second devices even in an offline state.

Abstract: A method for using acquisitional contexts to prevent false-positive malware classifications. The method may include (1) receiving, from at least one client-side computing device within a community of users, contextual information associated with a file, (2) determining, based at least in part on the contextual information received from the client-side computing device, a reputation rating for the file, and (3) providing the reputation rating for the file to at least one additional client-side computing device within the community in order to prevent the additional client-side computing device from falsely classifying the file as untrustworthy due to acquiring an additional instance of the file via a context that is insufficient to determine that the additional instance of the file is trustworthy. Various other methods and systems are also disclosed.

Abstract: Apparatus, systems, and methods may operate to allocating encrypted memory locations to store encrypted information, the information to be encrypted and decrypted using a single hypervisor. Further activity may include permitting access to a designated number of the encrypted memory locations to a single application executed by an associated virtual machine (VM) subject to the hypervisor, and denying access to the designated number of the encrypted memory locations to any other application executed by the associated VM, or any other VM. In some embodiments, the operational state of the associated VM may be restored using the encrypted information. Additional apparatus, systems, and methods are disclosed.

Abstract: A method for facilitating authentication enables to automatically log the user to an application multiple times as long as the user has not left proximity of the terminal since the last successful login.

Abstract: A method of verifying integrity of a digital file includes receiving the digital file subsequent to exposure to a foreign environment and validating the digital file. The received digital file has an appended signature label that includes one or both of a first hash value and a digital signature. Validating the digital file includes hashing the digital file to obtain a second hash value, retrieving the first hash value from the signature label, and comparing the first hash value and second hash value.

Abstract: In a method of granting a user in a first organization access to private information stored within an authorization profile of a second organization, an access agreement between the two organizations is formed. Authorization is requested for the user, the authorization profile is retrieved, and authorization to private information is granted if authorized by the access agreement. In a method of authorizing access by users to private information stored by an organization as associated with a program, three types of caseloads are defined. The first authorizes access to information of a first individual of a first program, the second authorizes access to information of a second individual of all programs, and the third authorizes access to information of all individuals of a second program. Authorization is requested for the user to access one or more of the caseloads, and access to one or more caseloads is granted to the user.

Abstract: Described herein are methods, network devices and machine-readable storage media for conducting simulated phishing attacks on an individual so as to educate the individual about the various ways in which phishing attacks may be disguised. Specifically described is a simulated phishing attack involving a sequence of messages. At least one of the messages has an associated target action that would ordinary, if the attack were an actual phishing attack, result in the individual's personal information and/or computing device becoming compromised. In the simulated phishing attack, no malicious action is actually performed. At least one of the other messages is designed to draw attention to the message with the target action.

Abstract: The present disclosure provides a computer-readable medium, method, and system for determining security vulnerabilities for a plurality of application programs used to provide television services to a customer device over a communications network. The method includes running a first scanning program against a first application program relating to a control panel for the customer device; running a second scanning program against a second application program that provides Internet content to the customer device, running a third scanning program against a third application program that relates to a component management system of customer premises equipment; and correlating security vulnerabilities identified utilizing the first, second, and third scanning programs.

Abstract: The invention provides a method of generating arbitrary numbers given a seed, characterized by providing a challenge derived from the seed to a physical token, receiving an initial response from the physical token, combining the initial response with helper data associated with the challenge to produce a stable response, and generating the arbitrary numbers using a pseudo-random number generator using the stable response as a seed for the generator. Preferably one or more of these pseudo-random permutations are used as one or more round function(s) in a Feistel block cipher. The generated arbitrary numbers may also be used to create a cryptographic key.

Abstract: Remote assistance is provided to a mobile device across a network to enable malware detection. The mobile device transmits potentially infected memory pages to a remote server across a network. The remote server performs analysis, and provides feedback to the mobile device. Based on the received feedback, the mobile device halts a process, or retrieves and transmits additional memory pages to the remote server for more analysis. This process is repeated until a compromised region of memory is identified and/or isolated for further repair to be performed. The feedback from the remote server reduces the processing and storage burden on the mobile device, resulting in a more reliable detection that uses fewer resources. Embodiments including hypervisors and virtual machines are disclosed.