Abstract: The convenience of a wireless network is tempered by the concern that a rogue device can listen in on the wireless communications. Determining the position of the home device and other devices within range allows the user of the home device to choose the specific wireless devices with which to communicate. The distance to the other devices within wireless communications range is helpful and allows the user to sort between safe and unsafe or rogue devices. Distance can be determined by a variety of methods including use of trusted references, signal strength, and error rate. Once the safe device is selected, the system will then establish a communications path with that device.

Abstract: Systems, apparatuses, and methods, and for seamlessly protecting memory regions to protect against hardware-based attacks are disclosed. In one embodiment, an apparatus includes a decoder, control logic, and cryptographic logic. The decoder is to decode a transaction between a processor and memory-mapped input/output space. The control logic is to redirect the transaction from the memory-mapped input/output space to a system memory. The cryptographic logic is to operate on data for the transaction.

Abstract: Unauthorized wireless access points are detected by configuring authorized access points and mobile units to listen to all wireless traffic in its cell and report all detected wireless devices to a monitor. The monitor checks the reported devices against a list of authorized network devices. If the reported wireless device is not an authorized device, the monitor determines if the reported device is connected to the network. If the reported device is connected to the network and is not an authorized device, the monitor alerts the network operator or network manager of a rogue device connected to the network and attempts to locate and isolate the rogue device.

Abstract: Techniques are provided herein for providing survivable browsing when a client endpoint device loses contact with its host server. A Hosted Virtual Desktop (HVD) draws and communicates an HVD display image comprising a HVD browser window to the client endpoint device for display, via a virtual desktop interface (VDI) protocol. A browser (or browser extension) on the HVD works together with a browser server on the client endpoint device to synchronize browser data, and in some examples to render data such as streaming media in a client-provided frameless browser window in place of a placeholder in the HVD browser window. In response to the detection of an inactive VDI session, the browser server on the client endpoint device launches an endpoint browser instance to seamlessly switch browsing from the HVD browser window to an endpoint browser window, using the browser synchronization data.

Abstract: A program segments display bar is described. In embodiment(s), a program segments display bar has still images that can include scene images and advertisement images. The scene images can each correspond to a different segment of television media content, such as a movie or television program, and are displayed in the program segments display bar to indicate a sequence of the television media content. The advertisement images can each correspond to a different advertisement and can be displayed in the program segments display bar to indicate where the different advertisements are included with the television media content. The program segments display bar can also include a focus that can be positioned proximate a still image to indicate that the still image is selectable.

Abstract: To circumvent being blacklisted by an ISP, some viruses use a domain name generator algorithm or a domain generator algorithm (DGA). In an example, the DGA may use the current date and time to generate a random domain name based on the date. So for a given date, the botnet registers a particular domain in order to control the Trojan horse virus. The domain name that the botnet uses typically changes every day, which helps circumvent blacklisting. To counteract that, the disclosed systems and methods of DNS greylisting place a domain name in a grey list for a time period, for example a day, that the domain is resolved by the ISP. The first time the ISP experiences a customer trying to contact a particular domain, the ISP prevents the domain from resolving. After the time period (for example, 24 hours) expires, the domain is allowed to resolve normally.

Abstract: Technologies are described herein for cloud monitoring federations that can include cloud monitoring services (CMS) that collect monitoring information from point of presence (POP) agents. The cloud monitoring POPs may be located in the cloud, on client machines, embedded within cloud applications, or wherever they can obtain visibility into managed entities associated with the cloud. Management systems, acting as cloud monitoring clients (CMC), may interface with the CMS to obtain a complete view of services and application used by their enterprise including those that operate outside of the enterprise premises as part of a cloud or outside network. The publishing by POPs and consumption by CMCs of management information across components within the enterprise and out in the cloud may be supported by managing roles, responsibilities, scopes, security boundaries, authenticity of information, service level agreements, and other aspects of cloud monitoring operations.

Abstract: Single-use authentication methods for accessing encrypted data stored on a protected volume of a computer are described, wherein access to the encrypted data involves decrypting a key protector stored on the computer that holds a volume-specific cryptographic key needed to decrypt the protected volume. Such single-use authentication methods rely on the provision of a key protector that can only be used once and/or that requires a new access credential for each use. In certain embodiments, a challenge-response process is also used as part of the authentication method to tie the issuance of a key protector and/or access credential to particular pieces of information that can uniquely identify a user.

Abstract: An event condition is checked, using a computer and data content of the computer is additionally protected in relation to a normal data protection according to the event condition. The event condition is detecting by the computer a remote command and/or detecting a state according to a policy.

Abstract: A multilayer security approach may be used by a server computer system which sequentially sends one or more security codes back to a client computer system which is identified at the beginning of an authentication process. The server computer system may be an email server and the client computer system may be wireless mobile communication device. Each subsequent request for service from the client computer system to the server computer system may be required to include one of these security codes for the request to be authenticated.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for correcting client-assigned timestamps. In one aspect, a method includes receiving, by one or more servers, a data packet that includes (i) data referencing one or more client-side events, (ii) data referencing a respective time that a client has assigned to each event, and (iii) data referencing a transmission time that the client has assigned to the data packet. The method also includes assigning, by the one or more servers, a receipt time to the data packet, and comparing, by the one or more servers, the transmission time that the client has assigned to the data packet to the receipt time that the one or more servers have assigned to the data packet, to determine a time correction factor.

Abstract: Disclosed is a virtual universal decryption (VUD) service that provides a mechanism for allowing users of camera enabled mobile devices to use their camera to decrypt messages. The VUD service can provide a mechanism for a user of a VUD enabled device to authorize one or more other users of VUD enabled and camera enabled devices to use their cameras to decrypt messages sent by the authorizing user. The VUD service may then provide mechanisms for the authorized users to decrypt messages, which have been encrypted by the authorizing users, by simply capturing an image/video of the encrypted text with a camera of their VUD enabled devices.

Abstract: A system for and method of automatically enforcing a configuration change process for change requests of one or more configurable element within one or more configurable computation systems. The system comprises means for managing a configuration change process for one or more configurable elements within a corresponding configurable computation system, means for generation a configuration request, means for applying a set of authorization rules to the configuration change requests to generate selective authorization of the CEs, and means for selectively locking and unlocking changes to configurable elements within the configurable computational systems.

Abstract: The present invention relates to an information processing apparatus, an information processing method, and a program which are capable of rapidly and appropriately setting a format of an audio signal to be output to a display apparatus. When a monitor apparatus 12 is connected to an image processing apparatus 11 via an HDMI cable 13, the image processing apparatus 11 displays an audio format setup screen on the basis of EDID acquired from the monitor apparatus 12. Only the setup items of the audio signal, which the monitor apparatus 12 can receive, are enabled in the audio format setup screen. A user selects a format of the audio signal to be supplied from the image processing apparatus 11 to the monitor apparatus 12 on the audio format setup screen. The present invention is applicable to, for example, an information processing apparatus outputting an audio signal to a monitor.

Abstract: Referenced content is shared through collaborative business applications by detecting referenced content in an electronic communication. The referenced content references content stored in an external repository. The referenced content identifies a registered external repository connector. A determination is made whether an Access Control List (“ACL”) for the referenced content lacks an entry for a recipient of the electronic communication. Also an ACL entry is generated for the recipient in response to the recipient lacking an entry in the ACL for the referenced content. The ACL entry controls access to the referenced content for the recipient.

Abstract: The present invention discloses a network security HTTP negotiation method and related devices.

Abstract: A system for and method of automatically enforcing a configuration change process for change requests of one or more configurable element within one or more configurable computation systems. The system comprises means for managing a configuration change process for one or more configurable elements within a corresponding configurable computation system, means for generation a configuration request, means for applying a set of authorization rules to the configuration change requests to generate selective authorization of the CEs, and means for selectively locking and unlocking changes to configurable elements within the configurable computational systems.

Abstract: A method and device for securing a removable Attached Computer Module (“ACM”) 10. ACM 10 inserts into a Computer Module Bay (“CMB”) 40 within a peripheral console to form a functional computer such as a desktop computer or portable computer. The present ACM 10 includes a locking system, which includes hardware and software 600, 700, to prevent accidental removal or theft of the ACM from the peripheral console. While ACM is in transit, further security is necessary against illegal or unauthorized use. If ACM contains confidential data, a high security method is needed to safeguard against theft.

Abstract: Invention embodiments are concerned with the problem of controlling access to a media storage device in response to, e.g., employees leaving or changing jobs. More specifically, embodiments provide a method of controlling access to a media storage device storing a plurality of media objects. Thus embodiments of the invention solve the afore-mentioned problem by providing a mechanism for updating the list of recipients based on data received from a user identification system after the media storage device has been dispatched.

Abstract: Invention embodiments are concerned with the problem of controlling access to a media storage device in response to, e.g., employees leaving or changing jobs. More specifically, embodiments provide a method of controlling access to a media storage device storing a plurality of media objects. Thus embodiments of the invention solve the afore-mentioned problem by providing a mechanism for updating the list of recipients based on data received from a user identification system after the media storage device has been dispatched.