Abstract: A secure communication method including: obtaining sensor information of at least one user, the sensor information including one or more of image information or depth information; recognizing at least one gesture in accordance with the sensor information of the at least one user; determining whether each of the recognized at least one gesture is a public gesture or a private gesture in accordance with a zone where the gesture was performed, the zone being selected from a plurality of zones; and authorizing access to a resource when it is determined that the at least one gesture is determined to be the public gesture or the private gesture.

Abstract: A method for monitoring and controlling, industrial or building automation to detect anomalies in a control network, wherein a technology of an intrusion detection system (IDS) is configured to analyze a time sequence and time intervals of correct messages in the network traffic and to use the messages to train an anomaly detection system. Detecting a time sequence and a rhythm of correct messages allows for the detection of malfunctions or manipulations of devices and attacks that are performed using regular monitoring or control stations that have been taken over by attackers or that are defect, and that cannot be detected using content-based methods or by a considerable increase of data traffic. An additional security barrier is thus provided that can continue monitoring and protecting a technical unit from possible acts of sabotage, even if the control network of the technical unit has already been corrupted.

Abstract: Techniques to block unwanted third party calls are disclosed. In various embodiments, an indication is received that third party code included on a web page is attempting to write to the web page content associated with an unauthorized third party call. The unauthorized third party call is blocked. In some embodiments, the unauthorized third party call is blocked by blocking the web page content associated with the unauthorized third party call from being written to the web page.

Abstract: Systems and methods of controlling access to a multimedia stream in a media streaming session from a multimedia server to a requesting device via a network. The systems and methods facilitate receiving a primary request for the multimedia stream from the requesting device; determining whether to allow access to the primary request from the requesting device in accordance with at least one media session policy; and if access is permitted, then generating a secondary request corresponding to the primary request; providing the secondary request to the multimedia server; receiving a first multimedia stream from the multimedia server in response to the secondary request; determining whether to transmit the first multimedia stream or a second multimedia stream based on the at least one media session policy; and transmitting either the first multimedia stream or the second multimedia stream to the requesting device as indicated by the at least one media session policy.

Abstract: The methods and systems described herein provide for preventing a non-trusted virtual machine from reading the graphical output of a trusted virtual machine. A graphics manager receives a request from a trusted virtual machine to render graphical data using a graphics processing unit. The graphics manager assigns, to the trusted virtual machine, a secure section of a memory of the graphics processing unit. The graphics manager renders graphics from the trusted virtual machine graphical data to the secure section of the graphics processing unit memory. The graphics manager receives a request from a non-trusted virtual machine to read graphics rendered from the trusted virtual machine graphical data and stored in the secure section of the graphics processing unit memory, and prevents the non-trusted virtual machine from reading the trusted virtual machine rendered graphics stored in the secure section of the graphics processing unit memory.

Abstract: Implementations of the present disclosure are directed to provide secure, multi-party computation and include actions of receiving a program, the program being human-readable and including one or more expressions to provide secure computation based on inputs provided by two or more parties, the program providing a secure computation protocol including at least one calculation that is performed on behalf of the two or more parties, processing the program and one or more rewriting rules in view of a cost-driven heuristic to automatically generate a rewritten program, the rewritten program including a structure that enables localization of one or more calculations and providing an optimized secure computation protocol that localizes the at least one calculation to be performed by at least one of the two or more parties, and compiling the rewritten program to generate a computer-executable program.

Abstract: A system and method of external link processing is disclosed. The system includes an interface configured to receive a user request to access an encoded external link in networked content. The encoded external link comprises a domain name of an external link server and an encoded portion which is an encoded result of an original external link encoded with an encoding function, wherein the original external link is an address to an external destination. One or more processors determine a safety level of the encoded external link using a criterion. In the event that the determined safety level of the encoded external link is determined unsafe, a warning message is generated indicating that the original external link is unsafe and the user is prevented from directly navigating to the original external link.

Abstract: Systems, methods, and computer readable media of providing applications style functionality to a user of a mobile radio terminal are disclosed. In certain embodiments, the systems, methods, and computer readable media include the steps of receiving a data stream transmission having a plurality of states, wherein each state is associated with output instructions and storage instructions, and wherein the plurality of states is configured such that moving through the states creates the appearance of executing an application on the mobile radio terminal; decoding the data stream transmission and caching each of the plurality of states with the associated output instructions according to the associated storage instructions; rendering a first state; responsive to an event on the mobile radio terminal, moving from the first state to a second state by applying the output instructions associated with the second state; and communicating a change of state to a server.

Abstract: Exemplary implementations may facilitate effectuating modifications within an instance of a virtual space presented via multiple disparate client computing platforms responsive to detection of a token associated with a single client computing platform. In some implementations, tokens may be detected based on signals received from token readers associated with individual ones of the multiple client computing platforms. A given token may be a standalone physical object. The given token may be detectable based on a signal conveying information associated with the given token. The information associated with the given token conveyed by the signal may be devoid of virtual space content.

Abstract: A low-power encryption apparatus and method are provided. The low-power encryption apparatus includes a mask value generation unit, a mask value application unit, a round key application unit, a mask operation unit, a shift operation unit, and a shift operation correction unit. The mask value generation unit generates a mask value M having the same bit length as input round function values. The mask value application unit generates first masking round function values by applying the mask value M. The round key application unit generates second masking round function values by applying round key values. The mask operation unit generates third masking round function values by performing a mask addition operation. The shill operation unit generates fourth masking round function values by performing a circular shift operation. The shift operation correction unit generates output round function values by performing an operation using the mask value M.

Abstract: A recipient computer system may receive one or more electronic messages. The recipient computer system may send one, two, or more challenge messages to the sender of the electronic messages in determining whether to deliver the electronic message. The recipient computer system may accept or reject an electronic message based on the response, or lack of response, to the challenge messages. The recipient computer system may send two or more challenge messages at intervals. A sender computer system may record activity of the sender computer system for a recipient computer system to use in determining whether to deliver an electronic message. A sender computer system may provide a summary of that activity with an electronic message. A sender computer system may provide an authorization key for a recipient computer system to use in determining whether to deliver an electronic message. The authorization key may be generated by a third party.

Abstract: A mobile device includes an application processor, an RF modem for connection to cellular networks, wireless device for connection to wireless networks, a display coupled to the application processor, audio devices coupled to the application processor, power management for providing power through a main battery; and charging the battery, a hybrid memory including a magnetic memory, the magnetic memory further including a parameter area configured to store parameters used to authenticate access to certain areas of the main memory, and a parameter memory that maintains a first area, used to store protected zone parameters, and a second area used to store authentication parameters, the protection zone parameters and the authentication parameters being associated with access to the certain areas in the main memory that requires authentication. Upon modification of any of the parameters stored in the parameter memory by a user, a corresponding location of the parameter area of the main memory is also modified.

Abstract: An information processing apparatus including: a storage unit configured to store a plurality of applications and a plurality of certificates, an application execution unit configured to execute one of the plurality of applications by using one of the plurality of certificates which is designated by a user, and a storage control unit configured to control the storage unit to store correspondence information indicating that the executed application corresponds to the designated certificate, when the application execution unit executes one of the plurality of applications and one of the plurality of certificates is designated by the user.

Abstract: A digital media sharing system (“DMSS”) for creating, transmitting and receiving digital media data (“DMD”) with message media (MM) files attached thereto. Said message Media may reside locally or on a server prior to being connected to said digital media data.

Abstract: Embodiments of the disclosure relate to identifying email resources associated with client devices, identifying resource rules, determining whether the email resources satisfy the resource rules, and modifying the email resources as well as the ability to access the email resources based on the resource rules if the resource rules are not satisfied by the email resources.

Abstract: A method of securely storing data in a memory on a computer including a processor is provided. The method includes receiving unencrypted data; randomly selecting a key, wherein the key is a character of an alphabet of a data type of the unencrypted data; creating partially encrypted data by encrypting the unencrypted data by randomly mapping each character of the alphabet of the data type of the unencrypted data to a character of an alphabet of a data type of encrypted data, except each character of the unencrypted data matching the key is not encrypted; and storing the partially encrypted data in the memory.

Abstract: A digital telecommunications system communicates with an unstructured supplementary service data protocol by a digital application located on a mobile terminal. The digital application includes a navigation module, a presentation module, an interpreter module and an encryption module. The digital application interprets data received from an unstructured supplementary service data protocol that communicates with a telecommunications network and displays interpreted data on a screen of said mobile terminal from data received from the unstructured supplementary service data protocol. The digital application interprets a request of a user entered into the mobile terminal in response to the interpreted data displayed on the screen of the mobile terminal, and sends from the mobile terminal data interpreted from the request of the user to the telecommunications network by the unstructured supplementary service data protocol.

Abstract: Systems and methods for use in a Computer Network (“CN”). The methods involve performing operations by a first sub-network in accordance with a first Mission Plan (“MP”) specifying a first process for pseudo-randomly modifying at least one first identity parameter associated with at least one first computing device of CN to specify false information. Operations are also performed by a second sub-network in accordance with a second MP specifying a second process for pseudo-randomly modifying at least one second identity parameter associated with at least one second computing device of CN to specify false information. A functional topology of the first and/or second sub-networks is selectively determined based at least one MP. The functional topology specifies the manner in which nodes of the sub-networks are to be communicatively isolated from each other so as to create an appearance of two disparate and separate networks.

Abstract: Incoming files are examined to detect abnormal files. The incoming files may be examined for a weak file structure, such as a weak file format structure or a weak file data structure, to detect abnormal files. A weak file structure includes file structures that do not conform to the file format of the file yet still loadable by a file loader of the file format. The incoming files may also be examined for suspicious loading in memory to detect abnormal files.

Abstract: A device and method for performing sessionless reporting are provided. The device includes a memory for storing code of a Device Management (DM) Client and a Sessionless Report Configuration Management Object (MO), the Sessionless Report Configuration MO including one or more nodes, a processor for executing the code of the DM Client stored in the memory, a communications unit for sending and receiving information for the DM Client, and the DM Client for sending one or more sessionless reports to a DM server, and, while awaiting acknowledgement of the one or more sessionless reports from the DM Server in a subsequent DM Session, for controlling sessionless reporting based on criteria specified in at least one node included in the Sessionless Report Configuration MO.