Abstract: According to one embodiment, a web application layer attack detector (AD) is coupled between an HTTP client and a web application server. Responsive to receipt of a set of packets from the HTTP client carrying a web application layer message that violates a condition of a security rule, the AD transmits an alert package to an automatic attribute value generation and rule feedback module (AVGRFM). The AVGRFM uses the alert package, and optionally other alert packages from the same AD or other ADs, to automatically generate a new set of attribute values for each of a set of attribute identifiers for use, by the AD or other ADs, in a different security rule than the violated security rule. The new set of attribute values may be used in an attack specific rule to detect a previously unknown web application layer attack.

Abstract: Systems for instant messaging private tags preferably comprise a parser for parsing an instant message for sensitive data and an encryption engine for encrypting the sensitive data. A modified uuencoder is also preferably included for converting the encrypted sensitive data into a data stream that complies with an XML format. Other systems and methods are also provided.

Abstract: Disclosed are various embodiments for replicating authentication data between computing devices. A computing device monitors a first certificate store located on a first client device for a change in a first state of the first certificate store. The computing device updates a record of the first state of the first certificate store with the change in the first state of the first certificate store, wherein the record is stored in a memory of the computing device. The computing device then determines that the first state of the first certificate store differs from a second state of a second certificate store located on a second client device. Finally, the computing device sends an update to the second client device, wherein the update comprises a change set representing a difference between the updated record and the second certificate store.

Abstract: Provided are a method and device for preventing the application in an operating system from being uninstalled. The method includes monitoring the operation executed for the application; determining whether the operation executed for the application is to uninstall the application; displaying at the client a prompt whether it is agreed to uninstall the application, if the operation executed for the application is to uninstall the application; the prompt whether it is agreed to uninstall the application may be displayed at the client after the operation executed for the application is determined to uninstall the application. Therefore, the method may prevent the malicious software from uninstalling maliciously, enhancing the security of the intelligent terminal.

Abstract: In some embodiments, a server can establish a session with a remote client. The server can generate a session key portion for the session and a client key portion for the remote client. The server can use a combined encryption key to encrypt client data received from the remote client during the session. The combined encryption key can be generated from a static key portion accessible by the server, the session key portion, and the client key portion. The server can associate the session key portion with the session. The session key portion is accessible by the server during the session. The server can delete the client key portion after providing the client key portion to the remote client. The server can obtain the client key portion from the remote client in response to determining that subsequent transactions during the session involve decrypting the encrypted client data.

Abstract: In one embodiment, a user device may store state data for an application at an internet-accessible data storage 124 for access by other devices of the user. The target user device 140 may use an untrusted platform 142 to generate an access request 300 for an application state data set for a source application 114. The target user device 140 may send the access request 300 to the internet-accessible data storage 124. The target user device 140 may send an access credential 330 to the internet-accessible data storage 124.

Abstract: Described herein are devices and techniques for remotely controlling user access to a restricted computer resource. The process includes obtaining an image from a communication device of a user. An individual and a landmark are identified within the image. Determinations are made that the individual is the user and that the landmark is a predetermined landmark. Access to a restricted computing resource is granted based on the determining that the individual is the user and that the landmark is the predetermined landmark. Other embodiments are disclosed.

Abstract: A method, apparatus, and system for accessing at least a portion of a device based upon an access input. An access input is received. The access input includes information for gaining access to one or more functions of the device. A user access mode of the device is changed from a first access mode to a second access mode based upon at least in part on the access input. An application is selected in the device in response to changing from the first access mode to the second access mode. At least a portion of the output of the selected application is provided.

Abstract: Methods and systems for securing remotely-operable devices are provided. A security device can receive a plurality of commands to control a remotely-operable device in a remote environment. At least one command in the plurality of commands can include command data that is related to the remotely-operable device. The security device can receive a plurality of responses to the plurality of commands. The security device can process the plurality of commands and the plurality of responses to determine a signature related to an operator that issued the plurality of commands for the remotely-operable device. The security device can determine an identity of the operator based on the signature. The security device can generate an identity report that includes the identity of the operator.

Abstract: A user of a client device establishes a secure connection to a server (or other) device without using public keys or third-party certification by entering only a subset of characters in a username associated with the user and a one-time-use password at the client device; an application on the client device collects information regarding the hardware, software, or network information related to the client device or biometric information related to the user. Data sent between the client and server is encrypted (and thereafter transmitted) using the subset of characters, one-time-use password, and collected information. Communications between the client and server may be monitored to detect a man-in-the-middle attacker, and a security strength may be varied accordingly.

Abstract: A customer of a computing resource service provider may utilize a set of credentials to request creation of an identity pool within a managed directory service. Accordingly, the managed directory service may create the identity pool. Instead of having the customer create a separate account within this identity pool, the managed directory service may create a shadow administrator account within the identity pool, which may be used to manage other users and resources in the identity pool within the managed directory service. The managed directory service further exposes an application programming interface command that may be used to obtain a set of credentials for accessing the shadow administrator account. The customer may use this command to receive the set of credentials and access the shadow administrator account. Accordingly, the customer can manage users and resources in the identity pool within the managed directory service.

Abstract: In one exemplary embodiment, a computer-implemented method of a secure-access gateway to a destination device in a protected computer network include the step of receiving a request from a remote user to access the destination device in the protected computer network. A session for the remote user is registered. The session includes an access to the destination device by the remote user according to a set of specified parameters controlled by the secure access gateway. The session is created. When the remote user connects and authenticates, the secure access gateway establishes the connection to the destination device on behalf of the remote user. The session is monitored according to the set of specified parameters. The session is monitored to determine if at least one specified parameters is achieved. The session between the remote user and the destination device is when terminated when the at least one specified parameters is achieved.

Abstract: Preventing re-patching by malware on a computer by detecting a request to modify a write-protection attribute of a memory location within a memory of a computer to allow the memory location to be written to, where the detecting is performed subsequent to the detection of activity identified as malware-related activity involving the memory location, and preventing modification of the write-protection attribute of the memory location.

Abstract: An embodiment of the present invention is provided with an access control device, an access control method, and a program that are capable of easily managing access control and easily confirming whether appropriate access control is exercised. An access control device has a screen generation unit for generating selection screen information allowing for an access rule used by a user having logged in to a working terminal to be selected from one or a plurality of access rules created by an administrator of a client environment, and an access control unit for executing access control on a user according to an access rule selected from access rules displayed on the basis of the selection screen information.

Abstract: A device and a method operative therein for sharing content with at least one second device. A messaging application is executed in which a contact list is displayed. A selection is detected, from among contacts displayed on the contact list, of only a portion of the contacts to receive shared content. Presence information is published to all of the contacts on the contact list. An indication of contents available for sharing is included in the presence information published to only the selected portion of the contacts. The device may be a control device in a local area network, and the shared content may be retrievable from a peripheral device controlled by the control device, where information on the peripheral device is included in the presence information.

Abstract: A customer of a computing resource service provider may utilize a set of credentials to request creation of an identity pool within a managed directory service. Accordingly, the managed directory service may create the identity pool. Instead of having the customer create a separate account within this identity pool, the managed directory service may create a shadow administrator account within the identity pool, which may be used to manage other users and resources in the identity pool within the managed directory service. The managed directory service further exposes an application programming interface command that may be used to obtain a set of credentials for accessing the shadow administrator account. The customer may use this command to receive the set of credentials and access the shadow administrator account. Accordingly, the customer can manage users and resources in the identity pool within the managed directory service.

Abstract: Embodiments of the present invention disclose a method, system, and computer program product for bluesalt security. A computer receives a confidential data configuration wherein specific sensor are assigned to specific confidential information. The assigned sensors are measured for values as a system administrator enters a password corresponding to the confidential information. The measured values are converted into a salt and concatenated with the password to generate a primary key. The primary key is used to encrypt the confidential information, then the primary key is encrypted using a secondary key comprised of a second password with a second set of sensor information as the salt. The encrypted key is saved securely while the secondary key is destroyed. In order to decrypt the confidential information, a user must replicate the password and sensor values to generate the primary or secondary key.

Abstract: A method comprising using at least one hardware processor for: receiving input from a user with respect to masking of a data element in one or more documents of a java script object notation (JSON) type, wherein the input comprises: an identifier of the data element, and one or more constraints for masking the data element based on the hierarchy of the one or more documents of the JSON-type; and generating a masking rule for the one or more documents of the JSON-type based on the input.

Abstract: Methods and systems for a scalable solution to behavioral Distributed Denial of Service (DDoS) attacks targeting a network are provided. According to one embodiment, a method to determine the scaling treatment is provided for various granular layer parameters of the Open System Interconnection (OSI) model for communication systems. A hardware-based apparatus helps identify packet rates and determine packet rate thresholds through continuous and adaptive learning with multiple DDoS attack mitigation components. The system can be scaled up by stacking multiple DDoS attack mitigation components to provide protection against large scale DDoS attacks by distributing load across these stacked components.

Abstract: A method for managing the installation of an application on an electronic device is disclosed. In one aspect, the method includes seeking the authenticity of a second signature using the public authentication key of a certificate, the certificate being authenticated if at least one of the second sub-signatures is considered authentic during implementation of the search.