Abstract: A system and method for digitally signing an object. An object signing agent sends a signing request for an object to remote signing server, which, in response to receiving the request, generates a virtual machine executing code for signing the object. The object is signed within the virtual machine and returned to the object signing agent.

Abstract: Disclosed are various examples for providing secure access to email resources. Email resources associated with client devices may be identified, and resource rules associated with the email resources may be identified. A determination of whether the email resources satisfy the resource rules may be made.

Abstract: The disclosed computer-implemented method for detecting suspicious applications based on how entry-point functions are triggered may include (1) identifying an application that is capable of accessing a data-access Application Programming Interface (API) programmed to provide access to sensitive information located on a computing system and/or a data-transfer API programmed to send information outside of the computing system, (2) identifying an entry-point function of the application whose execution results in a call to the data-access API and/or the data-transfer API, (3) determining how the entry-point function is triggered, (4) determining whether the application is suspicious based on how the entry-point function is triggered, and (5) performing a security action based on whether the application is suspicious. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A human-machine chatting system facilitates real-time two-way communications between a user and a machine. During operation, the system monitors performance of a machine, runs a chat application on behalf of the monitored machine, and determines whether a user is authorized to access performance information associated with the monitored machine. In response to the user being authorized to access the performance information, the system allows the user to obtain the performance information via the chat application.

Abstract: Methods and apparatus for a secure time service are disclosed. A time server including a time source, a cryptographic key and a cryptographic engine is instantiated within a provider network. A time service endpoint receives a timestamp request from a client. The endpoint transmits a representation of the request to the time server, and receives, from the time server, an encryption of at least a timestamp generated using the time source. A response comprising the encryption of at least the timestamp is transmitted to the requesting client.

Abstract: A Distributed Security Information and Event Management System (DSIEMS) is a scalable, intelligent, security and fraud management platform that proactively collects information from a network's computer systems, applications, users, and external intelligence data feeds, and aggregates the information into a centralized repository where the information can then be analyzed and quickly acted upon when necessary. Further, according to one aspect, a DSIEMS analyzes aggregated information to discern patterns of potential attack, inappropriate data movement, and fraud from normal and legitimate network activity, account activity, user activity, and data access. According to one embodiment, aspects of the present disclosure are implemented in a distributed architecture. In particular, aspects of the present DSIEMS utilize an agent-based architecture in which intelligent software agents are deployed on each node (e.g., endpoint computing device) within the system.

Abstract: Systems, methods, and computer readable media of providing applications style functionality to a user of a mobile radio terminal are disclosed. In certain embodiments, the systems, methods, and computer readable media include the steps of receiving a data stream transmission having a plurality of states, wherein each state is associated with output instructions and storage instructions, and wherein the plurality of states is configured such that moving through the states creates the appearance of executing an application on the mobile radio terminal; decoding the data stream transmission and caching each of the plurality of states with the associated output instructions according to the associated storage instructions; rendering a first state; responsive to an event on the mobile radio terminal, moving from the first state to a second state by applying the output instructions associated with the second state; and communicating a change of state to a server.

Abstract: Apparatus for communication includes a single one-way link, which is physically capable of carrying the communication signals in one direction and incapable of carrying the communication signals in the opposite direction. Ancillary circuitry is coupled so as to cause the single one-way link to convey both first communication signals from a first station to a second station and second communication signals from the second station to the first station.

Abstract: The methods and systems described herein provide for allocating a universal serial bus (USB) device to one of a trusted virtual machine and a non-trusted virtual machine. A control program receives data indicating a USB port on the computing machine received a USB device and identifies at least one attribute of the USB device. The control program selects, based on application of a policy to the identified at least one device attribute, one of a trusted virtual machine and a non-trusted virtual machine executing. The control program grants, to the virtual machine selected by the control program, access to the USB device.

Abstract: A computer-implemented subject monitoring method is provided. The method includes providing an online-monitoring agent configured for monitoring a personal computing device, receiving identifying information associated with at least one of an account, email address, site, and service from the personal computing device via the online-monitoring agent, and monitoring via a network the at least one of the account, email address, site, and service based on the identifying information received via the online-monitoring agent.

Abstract: Access control systems and methods are described, including receiving a request from a user to access a first object, where first access-control information is associated with the first object; determining that the first object is referenced by a second object; determining second access-control information associated with the second object, where the second access-control information identifies the user as having access to the second object; and providing to the user access to the first object based on to the second access-control information.

Abstract: Disclosed is a system for restricting access to a network, the system comprising a monitoring module configured to be coupled to a plurality of network access points and to monitor transmissions to the network via a plurality of network security appliances, and a blocking module, where the monitoring module is further configured to identify a potential bad actor based on a transmission from the potential bad actor to the network via a first one of the plurality of network access points and a first one of the plurality of network security appliances and provide information related to the potential bad actor to the blocking module, and where the blocking module is configured to confirm that the potential bad actor should be blocked and in response, to automatically configure each network security appliance to block the potential bad actor from accessing the network.

Abstract: An apparatus for communicating content is disclosed. A system and method also perform the functions of the apparatus. The apparatus includes a capturing module that captures a live video of an image and an environment surrounding the image. The image has an embedded cryptographic representation of a code and the code corresponds to a unit of content. The apparatus includes a decoding module that decodes the embedded cryptographic representation of the code, a content retrieval module that retrieves the unit of content corresponding to the code from a storage location, and a display module that displays the unit of content on the live video of the image or the image environment.

Abstract: A system and method of external link processing is disclosed. The system includes an interface configured to receive a user request to access an encoded external link in networked content. The encoded external link comprises a domain name of an external link server and an encoded portion which is an encoded result of an original external link encoded with an encoding function, wherein the original external link is an address to an external destination. One or more processors determine a safety level of the encoded external link using a criterion. In the event that the determined safety level of the encoded external link is determined unsafe, a warning message is generated indicating that the original external link is unsafe and the user is prevented from directly navigating to the original external link.

Abstract: Apparatus for communication includes a single one-way link, which is physically capable of carrying the communication signals in one direction and incapable of carrying the communication signals in the opposite direction. Ancillary circuitry is coupled so as to cause the single one-way link to convey both first communication signals from a first station to a second station and second communication signals from the second station to the first station.

Abstract: The present disclosure is directed to methods and systems for malware detection based on environment-dependent behavior. Generally, an analysis environment is used to determine how input collected from an execution environment is used by suspicious software. The methods and systems described identify use of environmental information to decide between execution paths leading to malicious behavior or benign activity. In one aspect, one embodiment of the invention relates to a method comprising monitoring execution of suspect computer instructions; recognizing access by the instructions of an item of environmental information; identifying a plurality of execution paths in the instructions dependant on a branch in the instructions based on a value of the accessed item of environmental information; and determining that a first execution path results in benign behavior and that a second execution path results in malicious behavior.

Abstract: Systems, methods, and computer readable media of providing applications style functionality to a user of a mobile radio terminal are disclosed. In certain embodiments, the systems, methods, and computer readable media include the steps of receiving a data stream transmission having a plurality of states, wherein each state is associated with output instructions and storage instructions, and wherein the plurality of states is configured such that moving through the states creates the appearance of executing an application on the mobile radio terminal; decoding the data stream transmission and caching each of the plurality of states with the associated output instructions according to the associated storage instructions; rendering a first state; responsive to an event on the mobile radio terminal, moving from the first state to a second state by applying the output instructions associated with the second state; and communicating a change of state to a server.

Abstract: A method and apparatus for processing encrypted content distributed for end users in multiple services includes receiving entitlement information for a subset of at least two of the services separately from the encrypted content for the services and either calculating decryption key information for the subset of services from the entitlement information and storing the decryption key information in memory so that decryption key information for a selected service can subsequently be read from memory, or storing the entitlement information for the subset of services in memory so that the entitlement information for a selected service can subsequently be read from memory and decryption key information for the selected service can be calculated.

Abstract: Systems and methods described herein may store and analyze patient data sets. A processor in communication with a database may generate a plurality of patient data sets, each of the patient data sets being associated with one of a plurality of patients and comprising an attribute. The processor may de-identify each of the patient data sets so that they are not associated with the patients. The processor may encrypt each of the de-identified data sets to generate a plurality of encrypted data sets and store the encrypted data sets in the database. The processor may analyze one of the patient data sets to determine a relationship between the one of the patient data sets and the other of the patient data sets based on the attribute of the one of the patient data sets and the attributes of the other of the patient data sets.

Abstract: Apparatus is disclosed for verifying the validity of documents and biometrics submitted by individuals at a document verification terminal, or the use of an e-token with appropriate information thereon in an encrypted manner, so they may perform some action such as purchase an alcoholic beverage or enter a highly secure governmental facility. A Validation Privacy Server and its associated Validation Privacy Database store the results of previous document and biometric validity checks using governmental databases, to be used for subsequent submissions of the same document for the same purpose. In this manner governmental databases are not overloaded with mundane document and personal validity checks every time a document is used for the same purpose.