Abstract: There is disclosed a method, system and a computer program product for use in authenticating an entity. An authentication request is received from the entity. Information in connection with the entity is acquired from an external source. Based on the information, a risk score is set such that the riskiness of the authentication request can be readily deduced therefrom.

Abstract: An attack defense method and device, which relate to the communications field and effectively defend against a Secure Socket Layer (SSL) denial of service (DoS) attack behavior. The method includes after a Transmission Control Protocol (TCP) connection to a client is established, the attack defense device receives a key negotiation request message sent by the client; when a session monitoring table of the client exists, the attack defense device determines whether a session identity exists in the session monitoring table of the client; when the session identity does not exist, the attack defense device records the session identity into the session monitoring table, and determines whether a quantity of session identities of the client is greater than a first preset value; and when the quantity of session identities of the client is greater than the first preset value, disconnects the TCP connection.

Abstract: The plug part (10) is connectable to a mating part (1), which is used as a connector of a device (50), to form a plug-in connection. The plug part (10) includes at least one non-volatile memory (13), a communication unit (15) and a microprocessor (14). A network having such plug parts (10) can be tested by means of a testing device, which is designed to generate test signals from information stored in the memory (13), which test signals can be laid on the cable wired leading out of the plug part (10) in order to generate measurement signals. The memory (13) preferably contains a list of permissible combinations of hardware and software versions, which can be compared with the current hardware and software combination of the device (50) in order to configure the device (50) and/or authorize the device (50) for normal operation.

Abstract: A method for processing media content is provided. The method includes sending a control command to a media renderer in a home area network, where the control command is used to instruct the media renderer to request authentication with an authentication server; determining a content list, where the content list includes media content items that can be played by media renderers authenticated; displaying the content list to a user; and sending, according to target media content that the user selects to play from the content list and a target media renderer that the user selects for playing the target media content, a uniform resource identifier of the target media content to the target media renderer, so that the target media renderer acquires and plays the target media content. As such, media content selected by a user can be played by an authenticated media renderer.

Abstract: An information processing device of the invention includes: an index reception unit which receives an index of anonymization of data; a group state measurement unit which measures a state of a group divided for anonymization of the data; a dividing point determination function selection unit which selects a dividing point determination function for determining a dividing point of the group based on the index and the state of the group; a division determination unit which calculates the dividing point of the data based on the selected dividing point determination function and divides the data into groups; and an abstraction unit which anonymizes the data based on the group.

Abstract: Various aspects of the disclosure relate to providing secure containers or data vaults for data of one or more managed applications. In some embodiments, each managed application may be assigned its own private data vault and/or may be assigned a shared data vault that is accessible to at least one other managed application. As the managed application executes, calls for access to the data may be intercepted and redirected to the secure containers. Data stored in a secure container may be encrypted according to a policy. Other aspects relate to deleting data from a secure container, such as via a selective wipe of data associated with a managed application. Further aspects relate to configuring and creating the secure containers, retrieving key information required to encrypt/decrypt the data stored in the secure containers, and publishing the managed applications, policy information and key information for download to a mobile device.

Abstract: An electronic authorization system comprising a data source system configured to transmit transaction data. A secure data system is coupled to the data source system over an open network, the secure data system is configured to receive the transaction data from the data source system, generate a unique encrypted identifier for the transaction data and to transmit the unique encrypted identifier to the data source system. The data source system is configured to receive the unique encrypted identifier and replace payment card data associated with the transaction data in a database with the unique encrypted identifier.

Abstract: Techniques for detecting an intranet spoofing attack are disclosed. In one embodiment, the techniques may be realized as a system and method for detecting an intranet spoofing attack. For example, the system may comprise one or more processors communicatively coupled to a network. The one or more processors may be configured to: identify an attempt to access an intranet website at a user device; determine that the intranet website is a spoofed intranet website; and perform an action in response to the determination of the spoofed intranet website to protect user.

Abstract: The described embodiments relate to methods, systems, and products for providing verification code recovery and remote authentication for a plurality of devices configured for electronic communication with a server. Specifically, in the methods, systems, and products, the user entrusts information about the user's verification code to the service provider, and only with cooperation between the user and the service provider can a lost verification code be recovered. The service provider can further authenticate the user before cooperating in the recovery process by way of a time-sensitive authentication sequence that involves the user device.

Abstract: Provided are a system and method for controlling virtual private network (VPN) access. The system includes a first VPN gateway, a second VPN gateway, a wireless local area network (WLAN) access control server configured to detect a corporate intranet connection of a wireless communication terminal connecting to a corporate intranet via the first VPN gateway, and a VPN setting change server configured to receive a request to change a VPN setting of the wireless communication terminal from the WLAN access control server and control the wireless communication terminal to change the VPN gateway currently in connection with the wireless communication terminal to the second VPN gateway in accordance with the VPN setting change request.

Abstract: Methods and systems are disclosed herein for encouraging particular behavior or performing particular actions based on biometric data of a user. Specifically, by granting and restricting access to media and other user devices based on whether or not a user is conforming to a biometric state, a media guidance application may encourage a user to maintain or achieve the desired biometric state.

Abstract: An access-level control apparatus includes an NC machine tool, an RFID that is held by an operator and stores an ID given to the operator, a reader unit that reads out the ID in the RFID, an authenticating unit that determines operator processing limitation information including an operable range by the operator associated with the ID or display information provided to the operator, and an operation/display limiting unit that limits processing by the operator for the NC machine tool on the basis of the operator processing limitation information. The reader unit includes a transmission antenna that calls the RFID. The transmission antenna is disposed in parallel to a rotation axis of a motor unit of the NC machine tool.

Abstract: The secure mobile communication relay of the present invention may comprise: a baseband processing unit for the baseband modulation/demodulation of the mobile communication signal transmitted between a terminal and a mobile communication network base station so as to extract baseband data; a control unit for analyzing the baseband data and permitting or rejecting the relay of the baseband data based on the result of a determination of whether or not a set security policy has been violated; a storage unit for storing information for setting the security policy; and a firewall function unit for determining, based on the instructions of the control unit, whether or not the packet data included in the baseband data violates the security policy.

Abstract: An application service system receives, from a merchant service system, an application program code comprising identifying information. The identifying information is extracted and the application is distributed for operation on a user device. A user interacts with the application, creating an access request that is transmitted to the application service system along with the extracted identifying information. The application service system transmits an access token to the user device comprising the received identifying information. The user device transmits the access token with a service request to the application service system. The application service system compares the identifying information from the access token to the identifying information extracted from the application program code received from the merchant services system. If the identifying information matches, the service request is processed.

Abstract: Techniques for controlling authentication are provided. An enterprise injects a control and/or audit manager into the enterprise environment to control and in some instances audit third-party authentication services. A user attempts to access a resource that uses a third-party authentication service. The attempt is intercepted and third-party authentication handled by the manager. After authentication, a session between the user and the resource is established during which auditing services may be enacted. The user authenticates to the enterprise environment and the manager provides authentication for the user to the resource via the third-party authentication service.

Abstract: A first information processing device holds data and a key for encryption. A second information processing device does not have rights to share data not encrypted with the first information processing device and a client. The first information processing device transmits data and key to the client when receiving a request to use the data. The first information processing device generates first encrypted data encrypted with the key, and transmits it to the second information processing device. The client transmits information obtained by encrypting the result of processing on the data with the key to the second information processing device until the use of the data ends. The first information processing device acquires second encrypted data received by the second information processing device from the second information processing device, and decrypts and stores it when notified that the use of the data has ended.

Abstract: The description pertains in particular to a method of protecting an electronic device (SCARD), when the electronic device implements a cryptographic algorithm (AES), against side channel attacks. The cryptographic algorithm (AES) operating on an array of states which forms the subject of a secure processing. The description relates also to an electronic device (SCARD), a computer program and a storage medium for the implementation of such a method.

Abstract: A secure network enabled device has a distinct security module and lacks a human user input interface. The security module is formed in an integrated circuit. The security module is initialized. Data is electronically communicated to and from the secure network enabled device via at least one transceiver. The security module is configured to test the integrity of a subset of the data communicated to the secure network enabled device, and the security module is configured to test the integrity of a transaction protocol, which governs the stream of data bits of the data communicated to the secure network enabled device.

Abstract: A method for providing seamless access to a first account using authentication information associated with a second account includes receiving a first account identifier corresponding to the first account, the first account being a shared account on a computer system. The method also includes receiving submitted authentication information associated with the second account. The method also includes comparing the submitted authentication information with stored authentication information that is associated with a plurality of authorized accounts. The plurality of authorized accounts is associated with clients authorized to access the first account. The method also includes determining whether the second account is an authorized account based on comparing the submitted authentication information with the stored authentication information. The method also includes providing seamless access to the first account in response to determining that the second account is an authorized account.

Abstract: A method comprises sending a set of values from a first party to a second party, the set of values being usable to compute a solution to a first problem involving inversion of a first one-way function. The method further comprises receiving a given value from the second party and utilizing the given value as an input for computing a solution to a second problem involving inversion of a second one-way function, wherein a valid solution to the second problem uses as input a valid solution to the first problem.