Abstract: A pattern password trajectory configuration system used in an electronic device with a graphics input interface and a method using the same are provided. The disclosed pattern password trajectory configuration system includes a central processing module, a pattern defining module electronically connected the central processing module for defining the graphics input interface into a central block and multiple blocks neighboring the central block and assigning different data codes to the different blocks neighboring the central block, a sliding direction defining module electronically connected to the central processing module for assigning different prime numbers to define different sliding directions moving along the blocks neighboring the central block, and a touch sequence defining module electronically connected to the central processing module for counting and recording touch sequences of sliding among the blocks neighboring the central block.

Abstract: A system for establishing a connection between a first device and a wireless network includes a first control module, located on the first device, that receives encoded digital data. The encoded digital data corresponds to a plurality of images displayed sequentially on a display of a second device. Each of the plurality of images corresponds to a different portion of the encoded digital data. A decoder module, located on the first device, converts the encoded digital data into configuration data. The configuration data includes at least one of an identifier of the wireless network, an encryption key associated with the wireless network, and a password associated with the wireless network. The first control module uses the configuration data to establish the connection with the wireless network.

Abstract: A mobile platform security apparatus and method is provided. The apparatus may perform a security setting by generating a first authentication key, a second authentication key, and a third authentication key for each function called by an application program. The apparatus may store the first authentication key and an identifier for identifying the application program in a first storage unit, the second authentication key and the identifier in a secret domain of a second storage unit, and register the third authentication key and the identifier as a function parameter in the application program. Subsequently, if the function is called by the application program, the apparatus may determine values for the first authentication key, the second authentication key, and the third authentication key corresponding to the called function, and may perform authentication processing using the three authentication key values.

Abstract: A system and method remotely enrolls, authenticates and provides unified authentication services in an ASP setting to a user to access requested information via a communication medium. A filter is coupled to client side components via the communication medium and a user management component coupled to the client side components via the communication medium. The user management component allows end-users to register their credentials only once. In addition, the user management component allows end-users to define the level of protection of access to their web application accounts. This includes accounts that have been configured specifically for use with the present invention and particular user credentials and accounts that have been subsequently set up but configured to use the same user credentials. The present invention can then reuse those credentials to authenticate the user to one or more potentially unrelated web applications.

Abstract: A system and method are provided for identifying inappropriate content in websites on a network. Unrecognized uniform resource locators (URLs) or other web content are accessed by workstations and are identified as possibly having malicious content. The URLs or web content may be preprocessed within a gateway server module or some other software module to collect additional information related to the URLs. The URLs may be scanned for known attack signatures, and if any are found, they may be tagged as candidate URLs in need of further analysis by a classification module.

Abstract: Methods and systems are disclosed for providing indirect and temporary access to a company's IT infrastructure and business applications. The methods/systems involve establishing an access control center (ACC) to control the access that technical support personnel may have to the company's IT infrastructure and business applications. Thin client terminals with limited functionality may then be set up in the ACC for use by the technical support personnel. The thin client terminals connect the technical support personnel to workstations outside the ACC that operate as virtual desktops. The virtual desktops in turn connect the technical support personnel to the IT infrastructure and business applications. An ACC application may be used to control the connection between the thin client terminals and the virtual desktops and the virtual desktops and the IT infrastructure and business applications.

Abstract: To provide a configuration in which a unit classification number corresponding to a content playback path is set based on various units. A unit classification number defining a playback path of content including encrypted data having different variations generated by encrypting a segment portion which forms the content by using a plurality of segment keys and encrypted content generated by encrypting a non-segment portion by a unit key is set based on various units, such as a content management unit and an index. In a CPS unit key file storing key generating information concerning CPS units as content management units, settings of unit classification numbers are indicated. Based on the CPS unit key file, a unit classification number to which content to be played back belongs can be obtained.

Abstract: A security system for a computer network that has a plurality of devices connected thereto comprises a security subsystem, a master system and a secure link. The security subsystem is implemented on a first computer and is connected to at least some of the devices in the network. The security subsystem is configured to monitor activities of the at least some devices on the network and detect attacks on the at least some devices. The master system is implemented on a second computer which is different from the first computer. The master system monitors the integrity of the security subsystem and registers information pertaining to attacks detected by the security subsystem. The secure link is connected between the security subsystem and the master system. The master system monitors the integrity of the security subsystem and receives the information pertaining to the attacks through the secure link.

Abstract: A secure optical communication system and method are disclosed. Short optical pulses are first modulated with data, then dispersed in time so that they spread out over multiple bit periods, then the desired code is applied to the dispersed pulses. The encoding may include frequency shifts or phase shifts or other. The dispersed optical symbols overlap in time so an applied code chip thus acts on multiple symbols simultaneously. There are generally multiple code chips per dispersed symbol. The coding device does not need to be synchronized to the data rate. Multiple wavelength division multiplexed channels may be encoded simultaneously. The signal propagates to a decoder that is synchronized with encoder to apply a complementary code thereby canceling out the effect of the encoder. The encoder and decoder can be realized by varying the wavelength of an optical pump to a parametric amplifier, allowing for a wide-band frequency shift.

Abstract: A method, system and computer program product for autonomic security configuration may include controlling a security configuration of at least one resource forming a solution based on a plurality of security requirements. The method may further include applying the plurality of security requirements across a plurality of resources independent of a resource type.

Abstract: A medical device customization system and method comprising medical device that receives signals from a biological probe having an operational parameter and that stores data based on the signals in a memory. The medical device receives a custom application and establishes a virtual machine to run the custom application.

Abstract: A method or system of receiving an electronic file containing content data in a predetermined data format, the method comprising the steps of: receiving the electronic file, determining the data format, parsing the content data, to determine whether it conforms to the predetermined data format, and if the content data does conform to the predetermined data format, regenerating the parsed data to create a regenerated electronic file in the data format.

Abstract: The present invention disclose a system for securing managing usage rights of plurality of software applications in plurality of client computers devices to be authorized by a server application.

Abstract: A digital content protection apparatus and method for digital rights management (DRM) are provided in which a content file including a plurality of content parts is imported such that a header is included which stores location information required for decoding each of the content parts. Therefore, the number of content parts constituting the content file can be recognized, and a license that is required for the use of each of the content parts can be acquired by analyzing header information without necessitating the parsing of the transport packets of the content file. Accordingly, preparation time for using content can be reduced.

Abstract: A two-stage anonymization process is applied to monitored network traffic in which unique user identifiers, such as the MSISDN (Mobile Station International Subscriber Directory Number), are extracted from the traffic and anonymized to generate an ASI (anonymized subscriber identifier). A strictly random RSI (random subscriber identifier) is generated and used to replace the ASI. The RSI is generated upon a first occurrence of an ASI and stored in a lookup table for utilization upon subsequent ASI occurrences. Use of the strictly random RSI enables various studies and analysis of user behavior to be performed at a heightened level of privacy protection as compared with conventional anonymization schemes that do not utilize strictly random identifiers.

Abstract: A system and method are provided for supporting storage and analysis by law enforcement agency premises equipment of intercepted network traffic. The system and method provide integrity of the intercepted network traffic stored in an archive in accordance with lawful intercept requirements by storing all of the intercepted traffic, both benign and malicious, in the archive in its original form. The system and method furthermore provide for security from any malicious data packets of the archive by separating the malicious packets from the benign packets and forwarding only the benign packets to analysis applications of the law enforcement agency premises equipment.

Abstract: In general, in one aspect, the disclosure describes a process that includes a cryptographic engine and first and second registers. The cryptographic engine is to encrypt data to be written to memory, to decrypt data read from memory, to generate read integrity check values (ICVs) and write ICVs for memory accesses. The cryptographic engine is also to create a cumulative read ICV and a cumulative write ICV by XORing the generated read ICV and the generated write ICV with a current read MAC and a current write ICV respectively and to validate data integrity by comparing the cumulative read ICV and the cumulative write ICV. The first and second registers are to store the cumulative read and write ICVs respectively at the processor. Other embodiments are described and claimed.

Abstract: A system and method for protecting information on a mobile device. The method and apparatus obtain a predetermined portion of asymmetric information upon an input of the asymmetric information in the mobile device; generate an identifier by using a first generating algorithm that uses the predetermined portion of the asymmetric information as an algorithm input; generate an encryption key by using a second generating algorithm that uses the predetermined portion of the asymmetric information as an algorithm input; generate ciphered information by using an encryption algorithm that uses the encryption key and the information as algorithm inputs; associate the identifier with the ciphered information; and store the ciphered information as associated with the identifier.

Abstract: A method includes receiving data related to an individual, the data comprising a plurality of elements of personally-identifying information (PII). The method further includes building, via the plurality of elements of the PII, a compositional key for the individual. In addition, the method includes storing the compositional key and a biometric print for the individual as a biometric record in a biometric repository. The method also includes, via the compositional key, providing a plurality of federated entity (FE) computer systems with access to the biometric repository.

Abstract: A method and system for generating contexts of targets to estimate a high-order context. The system includes: a detection device including: a sensor for detecting a target; module for extracting the target and a primary context of the target based on data detected by the sensor; and module for encrypting the primary context with a key corresponding to the target; a storage device for recording encrypted primary context from the detection device; and a processing device including: module for receiving the encrypted primary context from the storage device; module for receiving the key corresponding to the target involved in the encrypted primary context; module for decrypting the encrypted primary context using received key; and module for estimating a high-order context using the decrypted primary context; where the processing device further includes a module for requesting the detection device to delete information on a key corresponding to a specific target.