Abstract: Code is associated to a target based on an inspection of the code. A target may be a device or a user. A number of code components may be inspected at one time and then transferred or otherwise associated to a target based on the target's profile. A code component may be a policy of an information management system.

Abstract: The disclosure discloses an authentication routing system and method for a cloud computing service and an authentication router.

Abstract: Described is a technology by which files that are hardware protected on a storage device, such as a USB flash drive, are managed on a host, including by integration with an existing file system. Each file maintained on a storage device is associated with a protection attribute that corresponds to that file's device hardware protection level. Requests directed towards accessing metadata or actual file data are processed based upon the protection attribute and a state of authentication, e.g., to allow or deny access, show file icons along with their level of protection, change levels, and so forth. Also described is splitting a file system file table into multiple file tables, one file table for each level of protection. Entries in the split file tables are maintained based on each file's current level; space allocation tracking entries are also maintained to track the space used by other split tables.

Abstract: An auditable cryptographic protected cloud computing communication system, wherein the system can include a plurality of industrial devices. Each industrial device can have an individualized messaging protocol enabling each industrial device to receive commands and transmit status and measurement data using the individualized messaging protocol for each industrial device. At least one industrial device is in communication with a computing cloud, wherein the computing cloud is configured to provide at least one service and shared hardware and software resources.

Abstract: A system and method for authentication of a communication device is disclosed. A system that incorporates teachings of the present disclosure may include, for example, a communication device having a controller element to compute a shared secret key based at least in part on a communication device private key and a cryptography algorithm, where the communication device private key is stored in an identity module of the communication device and is unknown to an authentication center, and wherein the communication device is authenticated by the authentication center based at least in part on the shared secret key. Additional embodiments are disclosed.

Abstract: A method of securely authenticating a user's response to a challenge request before completing a transaction is disclosed. When a user wishes to complete a transaction, an image is projected onto the user's face. The user reads the image in a mirror and responds accordingly. If the user identifies the correct image, the transaction is allowed to proceed.

Abstract: Embodiments of the present invention may enable a user of an electronic device to setup a game-based environment within the electronic device that can be used as an authentication platform to prevent access by illegitimate or unauthorized users. The communication device may include a display screen, a processor, and a memory coupled to the processor. The memory may include a database and an instruction set. The database may store pre-defined access patterns that can be used in the authentication process. Further, the instruction set may include instructions executable by the processor to monitor inputs made by a new user in the game based environment. Furthermore, the instructions executable by the processor may match the inputs of the new user with the pre-defined access patterns to check the authentication of a new user.

Abstract: A method and apparatus for enabling a user to access a service provider is described. The user sends a request from a browser to a proxy server. The proxy server modifies the request by adding data (such as a URL) relating to a location of an identity provider able to provide user credentials for the user and forwards the modified request to the service provider. The modification of the access request may occur before the request is sent to the service provider or in response to an authentication request from the service provider. The data relating to the location of the identity provider may be provided as a header (e.g. an http header).

Abstract: A Security Domain Access System (SDAS) provides highly available security domain data. The SDAS receives a request pertaining to a security domain. The request includes credentials for accessing a security domain manager server. The SDAS selects one of a plurality of security domain manager servers to process the request based on the credentials and the availability of each of the plurality of security domain manager servers. The SDAS forwards the request to the selected security domain manager server.

Abstract: Aspects of the invention relate to systems and methods for securely retaining profile data and the use of such data for the targeted delivery of content. In one embodiment, a unique profile that represents the user location and is keyed to profile attributes selected from both a first set of data collected from the user location and the second set of profile data collected from an external source, is generated. The key does not allow a third party to identify the end-user location or a user associated with the end-user location. Electronic content transmitted to end-user locations may be encoded such that it may only be accessed by an authorized user and/or on a specific electronic device at the user location. A graphical user interface may be utilized to allow a third-party to provide selection criteria for determining user locations to receive targeted content. Further aspects of the invention relate to an electronic device configured to present targeted content to a user at a user location.

Abstract: This disclosure relates capture of encrypted network traffic. As an example, a non-transitory computer readable medium can include a command interface programmed to receive control instructions that control capture of protocol data from a network. A capture module can be programmed to receive decoded protocol data from a device application responsive to the control instructions and to synthesize frames of output capture data in that includes at least the decoded protocol data.

Abstract: A test comment is transmitted by a test unit in the form of a data transmission via a mains supply to one or more electric components of a network. Each electric component that receives a transmitted test command transmits a test response that characterizes each electric component, in the form of a data transmission via the mains supply back to the test unit, the transmitted response being then evaluated in the test unit.

Abstract: A printing apparatus management system includes: a printing apparatus which includes an IC tag performing wireless communication with the outside and a memory being connected to the IC tag; and a first information terminal which has at least a function of writing information in the memory through wireless communication with the IC tag. The first information terminal maintains authentication data used by the printing apparatus, writes the authentication data in the memory, and transmits the authentication data to another information terminal. In addition, the printing apparatus interrupts a predetermined function, when the authentication data is written by the first information terminal, and in a state where authentication data is written in the memory, the printing apparatus makes the predetermined function effective, when the authentication data written by the first information terminal before the interruption state and the authentication data written after the interruption state accord with each other.

Abstract: Embodiments of the disclosure describe systems and methods for authenticating services running on a partition. In this regard, one embodiment of a system for authenticating a service includes a partition including a list of authorized services, and a service running on the partition; and a management processor in communication with the partition, wherein the management processor is configured to generate credentials for the service running on the partition if the service is listed in the list of authorized services.

Abstract: Performing identity verification for online education is disclosed. In response to receiving a notification of a submission event, a user is prompted to provide authentication information including at least one of a plurality of types of information. Authentication information received is compared to at least a portion of stored enrollment information associated with the user with which the received authentication information is associated. The stored enrollment information includes at least two different types of information collected during an enrollment phase, including the at least one type of information solicited during the user prompting. In the event that matching criteria are met based at least in part on the comparison, a first action is performed. In the event that matching criteria are not met based at least in part on the comparison, a second action that is different from the first action is performed.

Abstract: A plurality of security events is detected in a computing system, each security event based on at least one policy in a plurality of security policies. Respective interactive graphical representations are presented in a graphical user interface (GUI) of either or both of the security events or security policies. The representations include interactive graphical elements representing the respective security events or security policies. User selection of a particular event element via the interactive GUI causes a subset of the security policies to be identified, each security policy in the subset serving as a basis for at least one particular security event represented by the particular event element. User selection of a particular policy element via the interactive GUI causes a subset of the security policies to be identified, each security event in the subset based at least in part on a particular security policy represented by the particular policy element.

Abstract: Methods, devices, and computer program products facilitate the application of a content use policy based on watermarks that are embedded in a content. Watermark extraction and content screening operations, which can include the application of content usage enforcement actions, may be organized such that some or all of the operations can be conducted at different times by different devices. These operations can be conducted by one or more trusted devices that reside in a networked environment. Real-time access to a content can also be facilitated by utilizing existing watermark extraction records. To facilitate real-time access to the content, the extraction records may contain segmented authentication information that correspond to particular segments of the content that is being accessed. Additionally, or alternatively, new watermark extraction operations can be conducted in real-time to produce new watermark extraction records.

Abstract: In accordance with one or more embodiments of the present disclosure, systems and methods disclosed herein enable synergy among a group of users by providing a real-time, secure collaboration environment that allows for cooperative interaction and decision making and provide the ability for users to simultaneously view, revise, and review a document or multimedia file that resides in a shared data storage location. Real-time, low latency, rich collaboration between producers and consumers provides organization efficiency, and this collaboration provides real-time, low latency transmission of data.

Abstract: A method for data integrity protection includes receiving items of data for storage in a storage medium. The items are grouped into multiple groups, such that at least some of the groups include respective pluralities of the items. A respective group signature is computed over each of the groups, thereby generating multiple group signatures. An upper-level signature is computed over the group signatures. Groups of the items, the group signatures, and the upper-level signature are stored in respective locations in the storage medium.

Abstract: An intrusion detection arrangement for communication networks comprising a network activity observer configured to monitor network traffic by the related traffic elements, such as data packets, thereof and to establish traffic profiles relative to the monitored traffic elements, such as one profile per each monitored traffic element, a misuse detector configured to determine a first indication of a probability of the profiled traffic representing malicious activity through co-operation with a model repository comprising at least one model characterizing a known intrusion attack, an anomaly detector configured to determine, at least logically in parallel with the misuse detector, a second indication of a probability of the profiled traffic representing anomalous activity through cooperation with a model repository comprising at least one model characterizing legitimate network activity, and a classifier configured to operate on said first and second indications to generate a classification decision on the natu