Abstract: A method for initializing a memory area associated with a smart meter, establishing a first communication channel between a first computer system and a security module, the security module being associated with a memory area, and the first computer system being associated with a set of computer systems interconnected via a network; authenticating the first computer system with respect to the security module; once the first computer system has been successfully authenticated, the security module receiving data from the first computer system by secure transmission and storage of the data in the memory area in order to initialize the memory area, communication between a second computer system of a utility company and/or operator of the measuring system and the security module being only possible while bypassing the first computer system, owing to the stored data, the second computer system being a computer system of the set of computer systems.

Abstract: A system and method for detecting malware in compressed data. The system and method identifies a set of search strings extracted from compressed executables, each of which is infected with malware from a family of malware. The search strings detect the presence of the family of malware in other compressed executables, fragments of compressed executables, or data streams.

Abstract: A medical imaging system includes a data store having stored medical imaging data and a computer. The system may be in a medical treatment room and is adapted to receive and display imaging data from a medical procedure. The computer has a graphical user interface that receives authentication credentials. An authenticator alternately prevents or allows a user access by logging the user into the system using the authentication credentials. A file accessor receives received medical imaging data and stores it in the data store, and retrieves the stored medical imaging data and provides it to the graphical user interface for display. Documentation data is received through the graphical user interface and is stored in the data store without requiring the user to provide the authentication credentials or be logged into the system. The user cannot access the stored medical imaging data before providing the authentication credentials and being logged into the system.

Abstract: Provided is an apparatus for encrypting data including a key determiner configured to determine a cipher key for white-box cryptography (WBC)-based encryption and a symmetric key different from the cipher key and an encrypter configured to generate a ciphertext of the data using the WBC-based encryption and symmetric-key-based encryption with the symmetric key.

Abstract: Various systems and methods are provided that retrieve raw data from issuers, reorganize the raw data, analyze the reorganized data to determine whether the risky or malicious activity is occurring, and generate alerts to notify users of possible malicious activity. For example, the raw data is included in a plurality of tables. The system joins one or more tables to reorganize the data using several filtering techniques to reduce the processor load required to perform the join operation. Once the data is reorganized, the system executes one or more rules to analyze the reorganized data. Each rule is associated with a malicious activity. If any of the rules indicate that malicious activity is occurring, the system generates an alert for display to a user in an interactive user interface.

Abstract: A computing platform may receive a plurality of messages comprising data indicating physical presence of customers at a physical location from an indoor positioning system located at the physical location. Responsive to receiving the plurality of messages comprising the data indicating the physical presence of the customers at the physical location, the computing platform may determine that one or more customers of the customers at the physical location are authorized to utilize one or more functions of one or more computing devices physically located at the physical location.

Abstract: An apparatus, system, and method are disclosed for context-sensitive password generation. The inspection module may accept entry of at least a new portion of a password by a user into a security mechanism and determine a dynamic parameter candidate within the password. The analysis module may recommend to the user a context-sensitive interpretation of the dynamic parameter candidate. The confirmation module may receive a selection by the user of the context-sensitive interpretation.

Abstract: A portable media device (PMD) can produce an isochronous audio/video experience when the PMD provides a digital audio signal to the accessory while displaying analog video on an accessory-independent display. The accessory can communicate audio latency information to the PMD. The PMD can delay a video portion of a presentation, relative to providing the digital audio signal to the accessory, based on the audio latency information communicated by the accessory. As a result, the user may perceive an isochronous presentation of the audio and video portions of the presentation.

Abstract: A method includes inspecting a packet stream sent from a set-top box device via a network. The packet stream includes video content that is divided into a plurality of subsections. The method includes generating a plurality of signatures by applying a wavelet transform to each of the plurality of subsections, and determining a match between the video content and protected video content based at least in part on a comparison of the plurality of signatures to one or more stored signatures generated based on the protected video content.

Abstract: The present invention relates to a non-intrusive method and apparatus for automatically dispatching security rules in a cloud environment. The method comprises: forming a composition application model of an application in the cloud environment, said composition application model including at least types of various servers for deploying said application; generating a topology model of said various servers in the cloud environment; automatically generating security rules to be adopted by the server-side firewalls of respective servers based on the application context of said application, said composition application model and said topology model; and dispatching said security rules to each server-side firewall based on said composition application model and topology model.

Abstract: A biometric authentication system is disclosed that provides authentication capability using biometric data in connection with a challenge for parties engaging in digital communications such as digital text-oriented, interactive digital communications. End-user systems may be coupled to devices that include biometric data capture devices such as retina scanners, fingerprint recorders, cameras, microphones, ear scanners, DNA profilers, etc., so that biometric data of a communicating party may be captured and used for authentication purposes.

Abstract: A signal processing method for a display device is provided. The display device is capable of connecting a portable consumer electronic device via a high-definition link (MHL) port. Via the communication bus (CBUS) in the MHL port, a set of encryption codes is provided to the portable consumer electronic device. Based on an encrypted identification fed back from the portable consumer electronic device, it is determined whether the portable consumer electronic device passes authentication. If the portable consumer electronic device passes the authentication, when a human interface device provides a user command to the display device, the user command is encrypted according to the set of encryption codes to generate an encrypted user command compliant to the CBUS specification. Via the CBUS of the MHL port, the encrypted user command is provided to the portable consumer electronic device.

Abstract: Systems and methods for configuring security policies based on security parameters stored in a public or private cloud infrastructure are provided. According to one embodiment, a first network appliance logs into a cloud account. One or more security parameters of the first network appliance are synchronized, by the first network appliance, with corresponding security parameters shared by a second network appliance to the cloud account. A security policy that controls a connection between the first network appliance and the second network appliance is automatically created, by the first network appliance, based at least in part on the one or more security parameters.

Abstract: The present invention aims to allow for addition of an attribute category without reissuing a public parameter. A cryptographic system 10 uses an indexing technique in dual system encryption in dual pairing vector spaces. Specifically, for a transmission-side vector tj for index j, the cryptographic system 10 sets information J assigned to the index j in advance as a coefficient of a predetermined basis vector. For a reception-side vector for index j? corresponding to the index j, the cryptographic system 10 sets information J? having an inner-product of 0 with the information J as a coefficient of a basis vector corresponding to the predetermined basis vector.

Abstract: A network storage server receives multiple write requests from a set of clients via a network and internally buffers multiple data blocks written by the write requests. At a consistency point, the storage server commits the data blocks to a nonvolatile mass storage facility. The consistency point process includes using a storage operating system in the network storage server to compress the data blocks, encrypt selected data blocks, and store the compressed and (possibly) encrypted data blocks in the nonvolatile mass storage facility. Data blocks can also be fingerprinted in parallel with compression and/or encryption, to facilitate subsequent deduplication. Data blocks can be indexed and classified according to content or attributes of the data. Encryption can be applied at different levels of logical container granularity, where a separate, unique cryptographic key is used for each encrypted data container.

Abstract: A data detecting method and apparatus for a firewall device connected with a network to identify security threat in the data, where the method is implemented by a fast forwarder in the firewall device and includes: the fast forwarder receives application data; obtains application information in the received application data; determines an application protocol type corresponding to the application data according to the application information and an application identifying table; queries a configuration item for threat detection according to the application protocol type to determine whether the application data requires threat detection; and if the application data does not require threat detection, forwarding the application data. The data detecting method avoids a problem that performance of a firewall is degraded because all application data is sent to a detecting processor in the firewall device for detection, thereby improving an performance of the firewall device.

Abstract: Methods and systems receive an electronic scanned image generated by activity of an application running on a portable computerized device, and calculate a cryptographic digest from data of the electronic scanned image using a second computerized device. Also, such methods and systems encrypt the cryptographic digest using an encryption key stored on the portable computerized device to create a content signature of the cryptographic digest, and send the content signature to the second computerized device. The authenticity of a copy of the electronic scanned image provided by the second computerized device is verified by recalculating the content signature (based on the copy of the electronic scanned image) using the encryption key from the portable device.

Abstract: A vulnerability countermeasure device stores configuration information associating multiple computers connected via a network and software possessed by each computer, vulnerability information associating the software with information related to the vulnerability of the software, and countermeasure policy information associating the software with a countermeasure policy to be executed if there is a vulnerability in the software; calculates the computer that data will reach based on information related to a route of the data included in the data received from a used terminal; acquires software existing in the computer based on the calculated computer and configuration information; assesses whether or not there is a vulnerability in the acquired software based on the acquired software and the vulnerability information; and is provided with countermeasure unit for executing a countermeasure to a vulnerability in accordance with a countermeasure policy with respect to the software assessed to have the vulnerabili

Abstract: Methods and systems for monitoring, analyzing and acting upon voice calls in communication networks. An identification system receives monitored voice calls that are conducted in a communication network. Some of the monitored voice calls may be conducted by target individuals who are predefined as suspects. In order to maintain user privacy, the system selects and retains only voice calls that are suspected of being conducted by predefined targets. The techniques disclosed herein are particularly advantageous in scenarios where the network identifiers of the terminal used by the target are not known, or where the target uses public communication devices. In accordance with the disclosure, content-based identifiers such as speaker recognition or keyword matching are used.

Abstract: Program behaviors concerning load points are monitored, and a specific program attempting to actively maintain a previously set value of a specific load point is detected. In response, the specific program is adjudicated to be malware, and one or more actions are performed to protect the computer. The monitored behavior can be write operations targeting load points. In this scenario, the behavior indicating that a program is malware can comprise performing a requisite number of write operations to a load point within a requisite time period. The monitored behavior can also be altering load point values, and monitoring the results. The altering of load points can comprise removing values specifying programs to run, and/or changing names of programs. Detecting that a specific altered load point value has been automatically reset within a requisite time period to run the specific program upon start-up indicates that the program is malware.