Abstract: An approach for facilitating collaborative support to a user in a networked computing environment (e.g., a cloud computing environment) is provided. In one aspect, specifications that describe a networked resource (e.g., a cloud resource) are retrieved. A set of preferences that specify a set of collaborators and a set of access limitations for the set of collaborators with respect to the networked resource are gathered in response to a request for help by a user. Also in response to the request, a clone of the networked resource is created. A collaborator from the set of collaborators is granted access to clone the networked resource having the set of access limitations. The collaborator can access the clone of the networked resource (e.g., to provide support to the user) until a terminating condition is met, at which time the collaborators' access to the clone is terminated.

Abstract: There is provided a content editing apparatus, content editing method and program capable of easily and rapidly extracting sections corresponding to a reproducing operation of content data. The content editing apparatus includes an operation input processing unit 104 into which a reproduction operating command of content data is input by a user and a record controlling unit 108 for recording operation data corresponding to the reproduction operating command input into the operation input processing unit along with a reproduction position of the content data in a recording medium.

Abstract: A storage controller includes a command pointer register. The command pointer register points to a chain of commands in memory, and also includes a security status field to indicate a security status of the first command in the command chain. Each command in the command chain may also include a security status field that indicates the security status of the following command in the chain.

Abstract: A computer-implemented method for protecting services may include (1) identifying a service control manager, the service control manager having access to modify a configuration of at least one service, (2) identifying a request from a process for permission to access the configuration of the service, and, in response to the request, (3) authenticating the process based on at least one attribute of the process, (4) providing an authentication token to the process, (5) intercepting an attempt by the process to access the configuration of the service via the service control manager, the attempt including the authentication token, and, in response to the attempt, (6) validating the authentication token, and, in response to validating the authentication token, (7) allowing the process to access the configuration of the service. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A non-transitory computer readable medium may include executable instructions which, when executed by a processor, cause the processor to authenticate a user, and to retrieve a user profile based on the user. The instructions further cause the processor to apply the user profile to restrict an operation of a non-destructive testing (NDT) device.

Abstract: Methods and systems for authenticating a user device employ a database of global network latencies categorized and searchable by location and calendar date-time of day usage, providing network latency by geography and by time. The database is constructed using voluminous daily data collected from a world-wide clientele of users who sign in to a particular website. Accuracy of the latency data and clock skew machine identification is made practical and useful for authentications using a service provider-proprietary, stable reference clock, such as an atomic clock, so that internal clock jitter of a service provider performing authentications does not affect the network latency time and clock skew identification of user devices. Increased authentication confidence results from using the database for correcting network latency times and user device signatures generated from the clock skew identifications and for cross checking the authentication using comparisons of initial registration to current sign in data.

Abstract: A method in data storage involves receiving at a metadata server from a client device a BEGIN_WRITE request identifying data to be written by hashes, consulting, by the metadata server a deduplication table to determine historical nature of the data determined to be written, determining that the data was never previously written, was previously written by another client, or was previously written but failed a verification, sending to the client device write locations with tokens for the data, starting an authentication timer, and authorizing the client device to write directly to the data server using the authentication tokens and the authenticated write locations, determining that the data was previously written by the same client, or that the data was previously written and passed the verification test, notifying the client of this circumstance, and receiving from the client device an END_WRITE request.

Abstract: The disclosure discloses a network access method, apparatus and system. The method includes: a network side determines that a first User Equipment (UE) requests to use the account of a second UE for access; the network side determines that the account of the second UE is successfully authenticated; the network determines that the user to which the second UE belongs allows the first UE to access the network side by the account of the second UE; and the first UE accesses the network side. The disclosure can ensure the security of the master user.

Abstract: An apparatus for analyzing a permission of an application for a mobile device, the apparatus comprising: an executable file acquisition unit; a file extraction module; and an execution permission analyzing module configured to detect a security risk which can be caused by the permission on the basis of the permission described in the extracted file, wherein the information related to the permission of the application includes information on permission that is declared in the application, permission that the application uses and a function that uses the permission of the application.

Abstract: A device supports the processing of multiple active applications in a processor through a mapping system that securely identifies and differentiates commands issued by clients. An entity selection signal is generated by the mapping system to signal the processor to process an algorithm and provide services for a specific client using the commands identified for that client and data permitted by a client tracking system for that client. Other data accesses and commands identified for other clients are restricted when processing the algorithm.

Abstract: A generation unit generates the wireless network connection setting information from the first information based on the conversion rule. The encoding unit encodes the first information to generate a code image. A display unit displays the code image. An imaging unit captures the code image. A decoding unit decodes the code image captured by the imaging unit and acquires the first information. A second storage unit stores a conversion rule that is the same as the conversion rule stored in the storage unit. A second generation unit generates the wireless network connection setting information from the first information acquired by the decoding unit based on the conversion rule stored in the second storage unit. A communication unit connects to a wireless network using the wireless network connection setting information generated by the second generation unit.

Abstract: A method and system for preserving privacy related to networked media consumption activity including: Source privacy zones are defined and associated with privacy standards. Privacy standards include frequency criteria governing the storage of datasets including information associated with networked media consumption activity collected from the source privacy zone. Transaction requests including a networking protocol address are received over a network from a client device at a target location by a networked privacy system. The source privacy zone associated with the client device is identified. Using the networking protocol address to access characteristics having characteristic value(s), a dataset can be created including associating the networked media consumption activity with the characteristic and characteristic value(s). The dataset is pre-processed to comply with the privacy standards. The networking protocol address is discarded.

Abstract: A system may include an integrated circuit and a coating at least partially encapsulating the integrated circuit. The coating may include an electrically insulating material at least partially encapsulating an analog circuit. The integrated circuit may be electrically connected to the analog circuit. Additionally, the integrated circuit may be configured to generate an analog electrical signal, transmit the analog electrical signal through the analog circuit to generate a modified analog electrical signal, receive the modified analog electrical signal, and in response to determining that the modified analog electrical signal is sufficiently similar to an expected analog electrical signal, use the modified analog electrical signal as an input to an algorithm performed by the integrated circuit.

Abstract: A method provides cross enterprise communication in which intermediary communication components carry out cross enterprise communication. The method at a first sending enterprise includes: receiving a signed encrypted message from a sender within a first enterprise; validating the sender; decrypting the message; encrypting the message for receipt by a second enterprise; signing the encrypted message by the first enterprise; and sending the re-signed re-encrypted message to a second enterprise. The method at the second receiving enterprise includes: receiving a signed encrypted message from a first enterprise; validating that the first enterprise is the sender; decrypting the message; encrypting the message for receipt by one or more recipients at the second enterprise; signing the encrypted message by the second enterprise indicating that the message is from the first enterprise; and sending the re-signed re-encrypted message to the one or more recipients of the second enterprise.

Abstract: A system that incorporates the subject disclosure may perform, for example, operations including receiving an encrypted secure token from a secure token application function that is remote from the communication device, storing the encrypted secure token in a secure element memory of the secure element, accessing user input requesting the encrypted secure token where the secure device processor is separate from the secure element and is in communication with the secure element, generating a modified secure token by adding identification information to the encrypted secure token and by performing a second encryption of the encrypted secure token with the identification information, receiving the modified secure token from the secure element, and providing the modified secure token to a receiving device. Other embodiments are disclosed.

Abstract: In embodiments, a method of securing access to a computer memory and other computer resources includes authoring a 3D projection of data by a registering user customizing elements in the 3D projection, resulting in a registered 3D projection. The method further includes presenting to a requesting user a representation of the elements of the 3D projection in a randomized fashion. The method additionally includes receiving, from the requesting user, manipulations of the presented elements of the 3D projection toward undoing or solving the randomization. The method includes determining whether the manipulated elements of the 3D projection match the customized elements of the registered 3D projection. Then, the method includes granting, to the registered user, access to the computer memory if the manipulated elements of the 3D projection match the customized elements of the registered 3D projection.

Abstract: A method and an apparatus protect location-related messages which are transmitted from a provider to a plurality of temporally changing recipients and receiver devices in a plurality of localities in each case. The method and apparatus are distinguished by the fact that key certificates for signed messages are issued only in a location-related manner and are thus valid only in a particular defined local environment.

Abstract: A method on an electronic device for a wireless network is described. A plurality of component confidence indicators is determined for a corresponding plurality of authentication components of the electronic device. The plurality of component confidence indicators is grouped into at least first and second sets. A first set confidence indicator is determined based on the component confidence indicators of the first set. A second set confidence indicator is determined based on the component confidence indicators of the second set. An authentication value is determined based on the first set confidence indicator, weighted by a first authentication factor for the first set, and the second set confidence indicator, weighted by the first authentication factor. The electronic device is unlocked based on the authentication value.

Abstract: First data relating to a selected file is obtained. Based upon the first data it is determined if malware detection processing can be selected. Malware detection processing of the file is selected based upon said first data if it is determined that malware detection processing can be selected based upon the first data. If it is determined that, based upon the first data, malware detection processing cannot be selected based upon the first data, second data relating to the selected file is obtained and malware detection processing of the file is selected based upon said first and second obtained data. The selected malware detection processing is applied to said selected file. In an exemplary embodiment the first data is metadata and represents a faster scan of the file, and the second data is content of the file's header and represents a more in-depth scan of the file.

Abstract: Authenticating a user to a first service to allow the user to access a resource provided by the first service. The resource is a protected resource requiring a general purpose credential (e.g. a user name and/or password) to access the resource. The method includes receiving at a second service, from the device, an ad-hoc credential. The ad-hoc credential is a credential that is particular to the device. The ad-hoc credential can be used to authenticate both the user and the device, but cannot be directly used to as authentication at the first service for the user to access the resource. The method further includes, at the second service, substituting the general purpose credential for the ad-hoc credential and forwarding the general purpose credential to the first service. As such the first service can provide the resource to the user at the device.