Abstract: An apparatus and method for controlling lock-screen output are provided. The electronic device includes a touch screen display, a processor electrically connected to the display, and a memory electrically connected to the processor. The memory stores instructions that, when executed, cause the processor to display a first screen comprising sets of objects to the display, configure, in response to a first touch input for selecting an object displayed on the first screen, at least one object included in a set of objects related to the selected object as at least one lock object for releasing a lock screen, and display a second screen configured with the at least one lock object. In addition, various embodiments identified in the specification are enabled.

Abstract: The disclosure provides a method, a checking device and a system for determining security of a processor. The method comprises: setting an initial running state of the checking device according to initial running state information of the processor during the target running process, and taking input information of the processor during the target running process as input information of the checking device; causing the checking device to execute a task of the target running process in a manner conforming to predefined behavior to obtain at least one of output information and final running state information of the checking device, wherein the predefined behavior is a standard of hardware behavior of the processor; and determining whether the processor is secure during the target running process according to at least one of the output information and the final running state information of the checking device when the checking device completes the task of the target running process.

Abstract: Access to transactional multimedia content may be based on network routing. Some multimedia content may be best delivered via a private network. Other multimedia content may be best delivered via a public network. A type of the multimedia content may thus determine network routing.

Abstract: A method for processing content stored on a component is disclosed. A first partition of a first memory is encrypted with a first encryption key and a second partition of the first memory is encrypted with a second encryption key. The second encryption key is different from the first encryption key. The first encryption key is stored in a storage register of the component and the second encryption key is stored in a first location of a non-volatile memory. A memory address of the first location is stored in the first partition of the first memory.

Abstract: In an approach for testing an application for a security vulnerability, a processor inserts an instrumentation hook in the application to be tested, wherein the instrumentation hook is executed prior to a sink operation. A processor transmits a probe input value to the application to be tested. A processor detects a modification to the probe input value at the instrumentation hook by comparing the probe input value at the instrumentation hook to a signature value and detecting that the probe input value matches the signature value. A processor removes the sink operation from testing for the security vulnerability.

Abstract: A hardware system and encryption method that generates encryption keys based on quantum mechanical phenomena that can be delivered directly, over public wired and wireless channels, to communicating devices. The encryption strength is derived from physical phenomena and not mathematical complexity and, therefore, is “future proof” against advances in computational power. The present invention allows pre-existing networked devices to communicate securely within a geographically defined “protection zone.

Abstract: In an embodiment, a communication device receives a request to establish a media session with a remote endpoint. In response to receiving the request, the communication device exchanges media-session control data with the remote endpoint on behalf of a local endpoint to establish the requested media session between the local endpoint and the remote endpoint. The communication device is communicatively connected to the local endpoint via a Personal Area Network (PAN) communication link. The communication device relays media-session payload data between the local and remote endpoints. The media-session payload data (i) is associated with the media session and (ii) is encrypted based on at least one payload-data cryptographic key that is not accessible to the communication device.

Abstract: The present embodiments provide methods and apparatuses for use in navigating through content. Some embodiments provide methods for use in navigating through content that receive an initial first directional control command, activate a seek mode upon receipt of the initial first directional control command comprising advancing over a first amount of content in a first direction from a first point in the content to a second point in the content, receive an initial second directional control command following the receipt of the initial first directional command, and activate a search mode upon receipt of the initial second directional control command, comprising advancing back over a second amount of the first amount of the content where the second amount is less than the first amount of the content.

Abstract: Described herein are systems, methods, and software to provide virtualized computing sessions with attachable volumes to requesting users. In one implementation, a virtual computing service identifies a service login for an end user to initiate a virtual computing session. In response to the service login, the virtual computing service identifies a virtual machine to allocate to the virtual computing service, and initiates a user login process to log the end user into the virtual machine. The virtual computing service further initiates, prior to completing the user login process, a volume attach process to attach at least one storage volume to the virtual machine based on credentials associated with the service login.

Abstract: Technologies are disclosed herein for near field communication (“NFC”) enhanced firmware security. Using an implementation of the technologies disclosed herein, an NFC card or an NFC-equipped mobile device can be utilized to access an NFC-equipped server computer. The server computer reads a login key from an NFC card or an NFC-equipped mobile device. Based upon the login key, a firmware executing on the server computer can determine whether a user is to have administrator access rights, non-administrator user access rights, or no access rights at all to a firmware setup menu provided by the server computer. Based upon the login key, the firmware executing in the NFC-equipped server computer can also identify an operating system to be booted by the server computer. In some configurations, an NFC-equipped mobile device contacts an authorization server to obtain the login key based upon a user's access credentials.

Abstract: The present invention discloses a method and a device for authorizing and using a virtual device, wherein the method comprises: after receiving a request for generating a virtual device, a mobile terminal configures authority information of a first virtual device, generates the first virtual device, and interacts with a servers to send the configured authority information of the first virtual device and related authentication information to the server for authenticating. After passing the authentication, the server generates a second virtual device with the above-mentioned authority information. When in use, the mobile terminal generates authentication information and sends a current use status of the first virtual device to the server for authenticating and is returned to with a authentication result. The present invention improves the security by adding the authentication with respect to the authority information during the authorization of generating the virtual device and use of the virtual device.

Abstract: A computer-implemented method of obfuscating communication traffic patterns may include detecting, at a first communications device, data communication sessions with a second communications device via the computer server using a network protocol. At the first device, a first traffic pattern is accessed based on the data communication sessions over a first predefined time period. At the first communications device, a second traffic pattern is accessed based on the data communication sessions over a second predefined time period that occurs after the first predefined time period. At the first communications device, based on a randomization process, a dummy data communication pattern is generated for transmission to the second communication devices, whereby the dummy data communication pattern is appended to the second traffic pattern for obfuscating a traffic pattern change between the first and the second traffic pattern at the computer server used to establish the communication sessions.

Abstract: An end user identity protection suite (IPS) is discussed. In one embodiment, the IPS includes a identity validation system to evaluate a security level of at least one identity tool, the identity tool not related to computer security but rather to the user's identity. In one embodiment, the IPS further includes a security signal logic to generate a security status signal indicating an overall security state of the user, the security status signal comprising a combination of the security levels of each of the plurality of identity tools.

Abstract: A computer-implemented method of obfuscating communication traffic patterns may include detecting, at a first communications device, data communication sessions with a second communications device via the computer server using a network protocol. At the first device, a first traffic pattern is accessed based on the data communication sessions over a first predefined time period. At the first communications device, a second traffic pattern is accessed based on the data communication sessions over a second predefined time period that occurs after the first predefined time period. At the first communications device, based on a randomization process, a dummy data communication pattern is generated for transmission to the second communication devices, whereby the dummy data communication pattern is appended to the second traffic pattern for obfuscating a traffic pattern change between the first and the second traffic pattern at the computer server used to establish the communication sessions.

Abstract: Embodiments authenticate a user and an associate of an entity and enable real-time approval notifications by requesting one or more authentication credentials from the associate; authenticating the associate based on successful validation of the one or more authentication credentials received from the associate; populating an application for the user at least in part by receiving input from the associate; establishing a secure wireless communication channel with a user device; and wirelessly transmitting, from the system to the user device and over the secure wireless communication channel the populated application; instructions to cause the user device to authenticate the user based on successful validation of one or more user authentication credentials; and instructions to cause the user device, in response to authenticating the user, present the populated application to the user for verification of its accuracy.

Abstract: A computer-implemented method of obfuscating communication traffic patterns may include detecting, at a first communications device, data communication sessions with a second communications device via the computer server using a network protocol. At the first device, a first traffic pattern is accessed based on the data communication sessions over a first predefined time period. At the first communications device, a second traffic pattern is accessed based on the data communication sessions over a second predefined time period that occurs after the first predefined time period. At the first communications device, based on a randomization process, a dummy data communication pattern is generated for transmission to the second communication devices, whereby the dummy data communication pattern is appended to the second traffic pattern for obfuscating a traffic pattern change between the first and the second traffic pattern at the computer server used to establish the communication sessions.

Abstract: A method and system for deterring attacks at potential breach points between servers and an account and login server for creating and subsequent verification of accounts. Various cryptographic primitives are used to manipulate passwords to generate verifiers. The verifiers are used with external hardware security modules (HSMs) to eliminate HSMs and intermediate steps between the HSM and login servers as potential breach points.

Abstract: A computer-implemented method of obfuscating communication traffic patterns may include detecting, at a first communications device, data communication sessions with a second communications device via the computer server using a network protocol. At the first device, a first traffic pattern is accessed based on the data communication sessions over a first predefined time period. At the first communications device, a second traffic pattern is accessed based on the data communication sessions over a second predefined time period that occurs after the first predefined time period. At the first communications device, based on a randomization process, a dummy data communication pattern is generated for transmission to the second communication devices, whereby the dummy data communication pattern is appended to the second traffic pattern for obfuscating a traffic pattern change between the first and the second traffic pattern at the computer server used to establish the communication sessions.

Abstract: A computer-implemented method of obfuscating communication traffic patterns may include detecting, at a first communications device, data communication sessions with a second communications device via the computer server using a network protocol. At the first device, a first traffic pattern is accessed based on the data communication sessions over a first predefined time period. At the first communications device, a second traffic pattern is accessed based on the data communication sessions over a second predefined time period that occurs after the first predefined time period. At the first communications device, based on a randomization process, a dummy data communication pattern is generated for transmission to the second communication devices, whereby the dummy data communication pattern is appended to the second traffic pattern for obfuscating a traffic pattern change between the first and the second traffic pattern at the computer server used to establish the communication sessions.

Abstract: Detecting malicious PDF documents is disclosed. A PDF document is received. The PDF is classified using a classifier. The classifier is trained at least in part by using one of the following: (1) a feature associated with embedded script code; (2) a feature associated with a PDF action; and (3) a feature associated with a PDF structure.