Abstract: Processes for identifying and recovering a lost transient storage device are provided. In some processes, information regarding the owner of the device is obtained. The device ownership information may be stored on a remote service with which the device is registered and/or may be stored on the device itself. In one process, the remote service provides the device with customized device-executable code when the device is registered. The device may also contain information regarding trusted systems. The process includes obtaining status information indicating whether a device is lost when the device is connected to a host system. In some processes, the status is determined by a remote service. In other processes, the status is determined by the device. If the device is lost then a device recovery plan is executed. Portions of a device recovery plan may be executed on the remote service, the host system, and/or the device.

Abstract: An information processing device includes a display that displays an input screen including a plurality of images, an image selecting section that selects at least one image within the input screen in accordance with an input operation from a user, and a controller that controls the information processing device on a basis of the image selected by the image selecting section.

Abstract: According to a first aspect of the present invention there is provided a method of protecting a computer system from malware, which malware attempts to prevent detection or analysis when executed in an emulated computer system. The method comprises determining if an executable file should be identified as being legitimate and, if not, executing the executable file while providing indications to the executable file that it is being executed within an emulated computer system.

Abstract: A system, method, and apparatus for providing alerts based on unstructured information are disclosed. An example apparatus includes an interface configured to receive unstructured information and a processor configured to determine labels for Common Alerting Protocol fields of a Common Alerting Protocol file using at least some content within the unstructured information. The processor determines, for example, a first label for an urgency field, a second label for a severity field, a third label for a category field, and a fourth label for a certainty field of the Common Alerting Protocol file. The example processor is configured to create the Common Alerting Protocol file that includes the determined labels and transmit the Common Alerting Protocol file to a decision system to determine a security risk or a safety risk for one or more subscribing clients.

Abstract: Dynamic resolution of Fully Qualified Domain Name (FQDN) address objects in policy definitions is provided. In some embodiments, dynamic resolution of Fully Qualified Domain Name (FQDN) address objects in policy definitions includes receiving a network policy that includes a domain name (e.g., the network policy can include a network security rule that is based on the domain name); and periodically updating Internet Protocol (IP) address information associated with the domain name by performing a Domain Name Server (DNS) query.

Abstract: A system and method operable to manage and/or distribute sinkholes.

Abstract: One embodiment provides an electronic mobile device comprising one or more mobile applications. Each mobile application has at least one corresponding graphical user interface (GUI) screen for display on the mobile device. The mobile device includes a security system. For each mobile application, the security system maintains corresponding security data, wherein the corresponding security data represents one or more secure components of a corresponding GUI screen. The security system generates a GUI screen for a mobile application based on corresponding security data, wherein each secure component of the UI screen is locked. User access to a locked component of the GUI screen is permitted only after successful user verification.

Abstract: Embodiments of the present invention relate to generating challenge response sets utilizing semantic web technology. In response to detecting an authentication session for a user, a computing device generates a first challenge question that is semantically related to a second challenge question previously responded to by the user, wherein the authentication session seeks to validate an identification of the user. The computing device determines whether a response to the challenge question by the user is valid. In response to determining that the response to the challenge question by the user was valid, the computing device generates a third challenge question or a notification that the response to the challenge question validates the identification of the user.

Abstract: A computer-implemented method for content management across multiple server computers includes receiving a request to transfer a file between a central server computer and a client device. A list of two or more local server computers is received, wherein the two or more local server computers transfer the file between the central server computer and the client device. Operational information is received that is associated with each of the two or more local server computers and a duration of connectivity between each of the two or more local server computers and the client device. A strategy is determined for the file across the two or more local server computers based, at least in part, on the operational information associated with each of the two or more local server computers.

Abstract: Executing polymorphic binary code of a predetermined function includes acquiring polymorphic binary code of the function, the code having instruction blocks and control instructions. One block acquires a random number; the other defines a specific generator that generates target instructions to execute the function. The control instructions place the target instructions in memory. Each instruction has an opcode that codes a nature of an operation to be executed, and operands that define parameters of the operation. The generator incorporates coding variants of the function and selection instructions. Each variant generates instructions that perform the function. These instructions differ from each other and enable choosing a variant, based on the random number, to generate the target instructions. The choice is made only between different coding variants of the predetermined function.

Abstract: Techniques for securely instantiating control plane components of provider services, at least a portion of which are instantiated within secure execution environments, are described herein. A request to instantiate the control plane of a service provided by a computing resource service provider is fulfilled by selecting a target computer system. The target computer system is selected based at least in part on the hardware capabilities of the target computer system. The control plane is then instantiated within a secure execution environment operating on the target computer system.

Abstract: Techniques related to data stream traffic control are disclosed herein. A bit equivalent entropy of an anonymized data stream is computed. Traffic of the data stream is controlled based on the value of the bit equivalent entropy.

Abstract: A computing system includes a first security central processing unit (SCPU) of a system-on-a-chip (SOC), the first SCPU configured to execute functions of a first security level. The computing system also includes a second SCPU of the SOC coupled with the first SCPU and coupled with a host processor, the second SCPU configured to execute functions of a second security level less secure than the first security level, and the second SCPU executing functions not executed by the first SCPU.

Abstract: Often, for reasons of wireless bandwidth conservation, incomplete messages are provided to wireless messaging devices. Employing cryptography, for secrecy or authentication purposes, when including a received message that has been incompletely received can lead to lack of context on the receiver's end. By automatically obtaining the entirety of the message to be included, an outgoing message that includes the received message can be processed in a manner that securely and accurately represents the intended outgoing message. Alternatively, a server can assemble a composite message from a new message and an original message and, in cooperation with a wireless messaging device, encrypt and sign the composite message. Conveniently, security considerations are maintained even in view of bandwidth optimization measures.

Abstract: Provided are a method and an apparatus for registering a terminal. The method includes: after a gateway receives a registration request of a peripheral of a terminal, the gateway authenticating and verifying the peripheral of the terminal; after the authentication and verification are passed, the gateway initiating a remote registration request to a machine-to-machine (M2M) service platform or an M2M application, the remote registration request being used for requesting the M2M service platform or the M2M application to register the peripheral of the terminal to the M2M service platform or the M2M application. Based on the technical solutions, technical problems such as low security and privacy in M2M network communications in the related art are solved, and registration of a terminal is locally verified, thereby further improving the security and privacy in M2M network communications.

Abstract: Certificate detectors scan a network for certificate resource information and send the information to a certificate database. A correlation engine extracts and correlates this information. A ranker uses the information about the certificates and certificate authorities to generate and provide a security score and/or ranking. A requester may view the certificate ranking and/or and certificate authority ranking after passing a domain validation authorization. An Internet browser may obtain a security score and/or ranking for a certificate authority and, based on this information, may determine to trust or not trust some or all certificates issued by that certificate authority, or to require corroborating evidence before trusting a certificate.

Abstract: Some embodiments provide a program that synchronizes a keychain stored on a device with a set of other devices. The keychain includes a set of keychain items. The program receives (1) a list of keychain items for updating the keychain stored on the device and (2) data representing the keychain items specified in the list of keychain items. For each keychain item in the list of keychain items, the program updates the keychain stored on the device with the data that represents the keychain item.

Abstract: Techniques and mechanism to selectively provide resource access to a functional domain of a platform. In an embodiment, the platform includes both a report domain to monitor the functional domain and a policy domain to identify, based on such monitoring, a transition of the functional domain from a first integrity level to a second integrity level. In response to a change in integrity level, the policy domain may configure the enforcement domain to enforce against the functional domain one or more resource accessibility rules corresponding to the second integrity level. In another embodiment, the policy domain automatically initiates operations in aid of transitioning the platform from the second integrity level to a higher integrity level.

Abstract: A method of authorizing use of a computer program only able to be used when an authorized message is received from an authorizing system includes providing an authorization system, making a request to use a computer program, signalling the request to the authorization system, the authorization system recording the use of the computer program and providing the authorization message to the computer program upon receipt of the authorization message the computer program may be used.

Abstract: Provided are apparatuses and methods of generating and verifying signature information for data authentication. A method of verifying signature information may involves receiving signature information with respect to a predetermined number of data segments from a transmitter, constructing a hash tree based on the signature information, and verifying a validity of the signature information, by verifying trapdoor hash values using a root hash value of the constructed hash tree.