Abstract: Computer security vulnerability assessment is performed with product binary data and product vulnerability data that correspond with product identification data. A correspondence between the product binary data and the product vulnerability data is determined, and a binaries-to-vulnerabilities database is generated. The binaries-to-vulnerabilities database is used to scan binary data from a target device to find matches with the product binary data. A known security vulnerability of the target device is determined based on the scanning and the correspondence between the product binary data and the vulnerability data. In some embodiments, the target device is powered off and used as an external storage device to receive the binary data therefrom.

Abstract: Technologies for secure personalization of a security monitoring virtual network function (VNF) in a network functions virtualization (NFV) architecture include various security monitoring components, including a NFV security services controller, a VNF manager, and a security monitoring VNF. The security monitoring VNF is configured to receive provisioning data from the NFV security services controller and perform a mutually authenticated key exchange procedure using at least a portion of the provisioning data to establish a secure communication path between the security monitoring VNF and a VNF manager. The security monitoring VNF is further configured to receive personalization data from the VNF manager via the secure communication path and perform a personalization operation to configure one or more functions of the security monitoring VNF based on the personalization data. Other embodiments are described and claimed.

Abstract: The present invention relates to managing a UNITY file in a mobile platform in order to forestall a UNITY library executable in a mobile platform from being analyzed by reverse engineering and decompiling and provides an apparatus for managing a UNITY file in a mobile platform comprising a file extracting section that extracts a UNITY library file from a UNITY application; an encrypting section that encrypts a programming library file in the UNITY library file thus extracted and creates an encrypted programming library file; a file creating section that creates a decrypting library to decrypt the encrypted programming library file and creates a secured UNITY application using the decrypting library and the encrypted programming library file; and a file executing section that, upon request to execute the secured UNITY application, executes the secured application by decrypting the encrypted programming library file using the decrypting library.

Abstract: A method and system for automating threat model generation and pattern identification for an application includes identifying components of an application, and receiving security information that identifies whether security measures were implemented within the application to secure the application against security threats. The method further receives an identification of external events, and receiving first patterns from one or more first virtual assets. A database is populated with the first patterns and the external events and then second patterns are received and compared to the first patterns. The method and system include distributing the identification of the one of the external events to the one or more second virtual assets, if the second patterns are similar to the first patterns, according to one embodiment.

Abstract: Forged emails are detected by extracting email address parts of a sender email address. The email address parts include an account name, a subdomain, and a base domain of the sender email address. The mutation ratio of the email address parts relative to reference strings are calculated to determine similarity of the email address parts to the reference strings. The mutation ratios are compared to ratio thresholds to identify suspicious email addresses, and the results of identifying suspicious email addresses are correlated with other computer security information to identify forged emails.

Abstract: Systems and methods for creating and managing per-application profiles are disclosed. A method may include receiving input designating at least a first profile policy and a second profile policy. At least a first application profile and a second application profile may be created based on the received first profile policy and the second profile policy. An application of the plurality of applications may be associated with both the first application profile and the second application profile. A first storage partition and a second storage partition may be created within a storage space of the computing device. The storage space may be associated with the application. The first storage partition may store application data while the application is running under the first application profile. The second storage partition may store application data while the application is running under the second application profile.

Abstract: A method for implementing a third party application in a micro-blogging service is provided, in which upon reception of a first request for presenting a media message provided by a third party media source, a micro-blog server obtains login information of a user and configuration information corresponding to the third party media source, converts the login information to authorization information, generates a second request for presenting the media message provided by the third party media source, and transmits the second request to a third party application server; the third party application server extracts the media message corresponding to the second request from the third party media source through a micro-blog open platform, by using the authorization information of the user and the configuration information corresponding to the third party media source, and presents it for the user.

Abstract: Described is a process for securely authorizing access to media content from a first device to a second device. Access to content may be authorized by performing authentication from the first device. Information used for authentication (e.g. login information) is not shared with the second device. Instead, a token may be used to authenticate the second device. The authorization process may be done in a secure manner by sharing only the generated token with the second device. Authentication information may not be derived from the token, and accordingly, even if the second device is not secure or the token is exposed, authentication information remains secure.

Abstract: Techniques are provided for decrypting an encrypted file within an enterprise network. The techniques include identifying by a password collecting module a password entered during a file encryption procedure performed at a terminal and storing the password; receiving an encrypted file by a data leakage protection (DLP) module; and attempting to decrypt the encrypted file with the password by the DLP module.

Abstract: Systems and methods are used to provide distributed processing on a service provider network that includes a plurality of remotely located consumer devices. Each of the remotely located consumer devices includes a processing device. A service is provided from the service provider network to the remotely located consumer devices. Distributed processing of a task on the processing devices of the remotely located consumer devices occurs, the distributed processing being unrelated to the service provided to the consumers. The distributed processing occurs even when the processing devices are in use by corresponding remotely located consumer devices.

Abstract: Embodiments of an invention for securing transmissions between processor packages are disclosed. In one embodiment, an apparatus includes an encryption unit to encrypt first content to be transmitted from the apparatus to a processor package directly through a point-to-point link.

Abstract: Methods and systems for determining consecutive matches are provided. According to one embodiment, a class definition and a data stream are received by a network security device. The data stream is partitioned into multiple data blocks each containing N data segments. Each data block is processed in parallel to compute: (i) a value (F) indicating whether every data segment value meets the class definition; (ii) a value (L) indicating a number of consecutive data segment values meeting the class definition starting from the left; (iii) a value (M) indicating a maximum number of consecutive data segment values meeting the class definition; and (iv) a value (R) indicating a number of consecutive data segment values meeting the class definition starting from the right. Corresponding values for each data block are then aggregated to determine a maximum number of consecutive data segment values meeting the class definition for the entire data stream.

Abstract: In a data structure of a multimedia file format, a movie box and a media data box are provided. In each box, a non-encrypted size field, a non-encrypted type field and box data field are provided. In box data of the movie box, information data regarding multimedia data is stored. The multimedia data is encrypted and stored in box data of the media data box. The information data is obtained by referring to the container in the movie box. This information data is held as encryption and encoding information data. By referring to the information data, a data unit of the encrypted multimedia data in the media data box is obtained, and the unit data is decrypted.

Abstract: Disclosed herein are techniques for use in user authentication. In one embodiment, the technique comprises collecting information in connection with a plurality of authentication methods. The technique also comprises determining a score for each authentication method based on the collected information. The technique further comprises selecting an authentication method from the plurality of authentication methods based on the determined score.

Abstract: The subject matter of this specification can be embodied in, among other things, a method that includes receiving, by one or more servers associated with an application marketplace, a policy that includes data that identifies one or more users, and a restricted permission. A request is received, by the servers associated with the application marketplace, to access one or more applications that are distributed through the application marketplace, wherein the request includes data that identifies a particular one of the users. One or more of the applications that are associated with the restricted permission are identified by the servers associated with the application marketplace, and access by the particular user to the applications that are associated with the restricted permission is restricted by the servers associated with the application marketplace.

Abstract: Systems and methods are provided for providing a computer-based test to be taken at a computer. A determination is made as to whether a geolocation of the computer is within an approved geolocation range. A determination is made as to whether a time at which the computer-based test is to be provided to the computer is within an approved time range. A hardware profile of the testing center is compared to an expected hardware profile of the testing center. Biometric data of a test center administrator is compared to expected biometric data of the test center administrator, and a confidence score is modified based on results of the comparison. If the confidence score meets or exceeds a threshold, the computer-based test is provided to the computer over a network. If the confidence score is less than the threshold, the computer-based test is prevented from being provided to the computer.

Abstract: Current CAPTCHA tests are designed to be difficult for a bot and simple for a human-user to answer; however, as artificial intelligence improves, bots are more capable of using techniques such as optical character recognition to resolve current CAPTCHAs in similar manners as human-users. By maintaining a library of security tests and/or questions based on products purchased by the human-user, and using those questions as a CAPTCHA challenge in order to determine if the user is a human-user on how the user responds, CAPTCHA challenges may be directed toward determining a human-user based on responses exhibiting humanity.

Abstract: A method for establishing a secure communication channel between an off-card entity and an embedded Universal Integrated Circuit Card (eUICC) is provided. The method involves establishing symmetric keys that are ephemeral in scope. Specifically, an off-card entity, and each eUICC in a set of eUICCs managed by the off-card entity, possess long-term Public Key Infrastructure (PKI) information. When a secure communication channel is to be established between the off-card entity and an eUICC, the eUICC and the off-card entity can authenticate one another in accordance with the respectively-possessed PKI information (e.g., verifying public keys). After authentication, the off-card entity and the eUICC establish a shared session-based symmetric key for implementing the secure communication channel. Specifically, the shared session-based symmetric key is generated according to whether perfect or half forward security is desired.

Abstract: Disclosed are various embodiments for passive compliance violation notifications. In one embodiment, it is detected that that a policy violation with respect to use of a client device has occurred. It is then determined that the policy violation may be passive. A user notification of the policy violation is generated by the client device in response to determining that the policy violation may be passive. The frequency and/or intensity of this notification may depend upon an extent of the policy violation. If the policy violation is later determined to be active, additional actions may be performed, such as disabling access to or removing managed resources on the client device.

Abstract: Methods, systems, and devices secure content in memory. The content includes a lock that prohibits reading the content from memory. Prior to expiration of the lock the content cannot be read from memory. However, a preview option allows at least a portion of the content to be accessed. The preview option provides a preview of the content. At expiration, the content is readable.