Abstract: Systems and methods for accessing digital content using electronic tickets and ticket tokens are disclosed. In one system, a user device includes a processor, a network interface, and memory configured to store an electronic ticket, and a ticket token, and the processor is configured by an application to send a request for digital content, receive a ticket token from a merchant server, wherein the ticket token is generated by a DRM server and associated with an electronic ticket that enables playback of the requested digital content, send the ticket token to a DRM server, receive an electronic ticket that enables playback of requested digital content, request the digital content associated with the electronic ticket, and play back the requested digital content using the electronic ticket.

Abstract: Distribution of verification of passwords for electronic account. Password verification is distributed (divided) across multiple entities to reduce potential exposure in the event of a server exposure.

Abstract: A technique for informing an Internet site operator of potential pharming attacks includes generating pharming alerts based on mismatches between a set of expected IP addresses and IP addresses obtained from DNS servers on the Internet and filtering the generated alerts based on circumstances surrounding the generated pharming alerts. Filtering the alerts blocks less suspect pharming alerts while allowing more suspect ones to pass to the site operator, reducing the rate of false positives and better enabling the operator to focus on alerts that may present actual threats.

Abstract: An apparatus and method for searching for similar malicious code based on malicious code feature information. The apparatus includes a malicious code registration unit for registering input new malicious code as a new malicious code sample, and extracting and registering detailed information of the new malicious code sample, a malicious code analysis unit for analyzing the detailed information of the new malicious code sample, a malicious code DNA extraction unit for extracting malicious code DNA information including malicious code feature information, a malicious code DNA comparison unit for comparing the extracted malicious code DNA information with malicious code DNA information of prestored malicious code samples, and calculating similarities therebetween, and a similar malicious code search unit for calculating, based on the calculated similarities, all similarities between the new malicious code sample and prestored malicious code samples, and extracting a specific number of malicious code samples.

Abstract: In an aspect of the disclosure, a method and system for launching a mobile device application is disclosed including launching an application on a mobile device and transmitting a request to a remote computing device for receiving data to create a user interface for the application. The method and system further includes receiving the requested data at the mobile device and creating the user interface on the mobile device using the requested data. Also disclosed is a method of data synchronization in which data is synchronized from an application on a mobile device to an identical application on a remote computing device. The method includes establishing a communicative link between the mobile device and the remote computing device, synchronizing an application through the communicative link allowing the application to be used on the mobile device when the communicative link is discontinued and synchronizing the application upon reestablishing the communicative link.

Abstract: A method and apparatus for secure access to a computer network and for safeguarding the confidentiality and privacy of data stored and distributed by the network is disclosed. The method and apparatus addresses both limiting access to the computer network to those who are authorized to have access as well as the privacy of the information stored in the network.

Abstract: Systems and methods are provided for configuring and monitoring computing resources of an entity for compliance with one or more standards. In one implementation, a server receives one or more identifiers of one or more standards and determines a plurality of configuration settings for the computing resources of the entity, based on the received one or more identifiers. The plurality of configuration settings comply with the one or more standards. The computing resources of the entity are configured according to the plurality of configuration settings. The server detects an event related to the computing resources. The detected event and the plurality of configuration settings are evaluated for compliance with the one or more standards. A determination is made whether the entity is compliant with the one or more standards, based on the evaluation, and an action is taken, based on the determination.

Abstract: Methods and systems for dynamic threat protection are disclosed. An example method for dynamic threat protection may commence with receiving real-time contextual data from at least one data source associated with a client. The method may further include analyzing the real-time contextual data to determine a security threat score associated with the client. The method may continue with assigning, based on the analysis, the security threat score to the client. The method may further include automatically applying a security policy to the client. The security policy may be applied based on the security threat score assigned to the client.

Abstract: The current document discloses an ear-biometrics-based authentication and identification system that includes an ear-image-capture subsystem that generates an image of a user's ear, a template-generation subsystem that extracts features from the generated image to generate a template that is stored in an electronic memory, and a template-comparison subsystem that compares the generated template to previously generated and stored templates in order to identifier the user.

Abstract: Systems for providing scanning within distributed services are provided herein. In some embodiments, a system includes a plurality of segmented environments that each includes an enforcement point that has an active probe device, and a plurality of workloads that each implements at least one service. The system also has a data center server coupled with the plurality of segmented environments over a network. The data center server has a security controller configured to provide a security policy to each of the plurality of segmented environments and an active probe controller configured to cause the active probe device of the plurality of segmented environments to execute a scan.

Abstract: Systems and methods for strong user authentication for accessing protected networks. An example method may include: transmitting, by a processing device, an authentication request to an authentication server; receiving an access granting token from the authentication server; transmitting, to a nonce server, a nonce request using the access granting token; receiving a cryptographic nonce from the nonce server; and transmitting, to a virtual private network (VPN) server, a VPN connection request using the cryptographic nonce.

Abstract: Embodiments relate to deduplication and compression on data performed downstream from where the data is encrypted. Confidentiality of data is maintained, and the ability of storage systems to perform data reduction functions is supported. Encrypted data to be written to a storage system is separated into one or more data chunks. For a data chunk, a master encryption key for an owning entity associated with the data chunk is retrieved. The data chunk is decrypted into plaintext, and the plaintext is transformed by performing one or more advanced data functions. A private key is created and used to encrypt the transformed plaintext, which is stored as a first encryption unit. A wrapped key is created by encrypting the private key with the master key, and is stored as metadata for the encryption unit to limit data access to the owning entity.

Abstract: An insider attack resistant system for providing cloud services integrity checking is disclosed. In particular, the system utilizes an automated integrity checking script and virtual machines to check the integrity of a service. The system may utilize the integrity checking script and virtual machines to execute a set of operations associated with the service so as to check the integrity of the service. When executing the set of operations, the system may only have access to the minimum level of access to peripherals that is required for each operation in the set of operations to be executed. After each operation is executed, the system may log each result for each operation, and analyze each result to determine if a failure exists for any of the operations. If a failure exists, the system may determine that a change in an expected system behavior associated with the service has occurred.

Abstract: A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.

Abstract: A method, non-transitory computer readable medium and global traffic manager computing device for preventing distributed denial of service attack comprising machine executable code which when executed by at least one processor, causes the processor to perform steps including obtaining network information relating to a request in response to receiving the request. A rating is determined for the obtained network information based on one or more network parameters. An action to be taken for the received request is determined based on a comparison of the determined rating and a threshold rating. The determined action is executed for the received request.

Abstract: A system may receive a request to access user sponsored media content (“media content”), the request including a digital token (“token”), the media content being associated with a user sponsored account (“account”), and the account being associated with unused data from a mobile communications service plan, where the account and the mobile communications service plan are associated with a user. The system may identify token information included in the token. The system may compare the token information with stored token information. The system may determine that the token is valid based on the token information matching the stored token information. The system may provide access to the media content based on the token being valid. The system may provide information to cause data charges, for traffic flow associated with access to the media content, to be charged against the unused data associated with the account.

Abstract: A device implemented, carrier independent packet delivery universal addressing networking protocol for communication over a network between network nodes utilizing a packet. The protocol has an IP stack having layers. At least some of the layers have privacy preserving source node attribution and network admission control. The packet is admitted to the network only if a source node of the network nodes admits the packet.

Abstract: An approach is provided in which a cognitive digital security assistant intercepts a personal data request from a client that is requesting personal data from a user. The cognitive digital security assistant analyzes the personal data request against the user's security statements to determine whether to provide the user's personal data to the client. During the analysis, the cognitive digital security assistant determines whether the personal data request includes benefits that meet the user's benefit thresholds included in the user's security statements. When the benefits meet the user's benefit thresholds, the cognitive digital security assistant provides the requested personal data to the client in exchange for the benefit from the client.

Abstract: Functionality is disclosed herein for monitoring an execution environment to determine if the execution environment is in an approved configuration. Memory used by the execution environment may be scanned from outside of the execution environment to determine whether the execution environment is in an unapproved configuration. The scanning may include examining the memory for abnormalities or other irregular or unapproved data. When the execution environment is in the unapproved configuration, actions may be performed that change how the execution environment accesses resources or performing other types of functionality.

Abstract: Processor(s) for detecting malicious software. A hardware virtual machine monitor (HVMM) operates under a host OS. Container(s) initialized with network application template(s) operate under a guest OS VM. A detection module operates under the guest OS VM includes a trigger detection module, a logging module and a container command module. The trigger detection module monitors activity on container(s) for a trigger event. The logging module writes activity report(s) in response to trigger event(s). The container command module issues command(s) in response to trigger event(s). The command(s) include a container start, stop and revert commands. A virtual machine control console operates under the host OS and starts/stops the HVMM. A container control module operates under the guest OSVM and controls container(s) in response to the command(s). The server communication module sends activity report(s) to a central collection network appliance that maintains a repository of activities for infected devices.