Abstract: Systems and methods for generating authentic digital memorabilia are described. A signor may be provided a digital photograph. The signor's signature, written message, or voice message may be received. Biometric authentication or verification may be performed on the signor's handwriting or voice sample through comparison with stored samples. If the verification signifies a high likelihood signor's handwriting or voice sample is authentic, creation of digital memorabilia is performed by embedding signor's signature or written message in a digital photograph and linking the signor's voice message with the photograph. The digital memorabilia is accompanied by a certificate of authenticity and distributed to a customer or displayed on a website.

Abstract: A method for accessing information during a teleconferencing event. The method includes identifying a reference to a document transmitted by a telecommunication device participating in a teleconferencing event and identifying a name of the referenced document. The method includes determining, by a computer, an identity of a user of the participating telecommunication device. The method further includes determining the user has permission to access the identified document and, in response, transmitting the identified document to the participating telecommunication device.

Abstract: A user interface is displayed to an administrator (or other user) and allows the administrator to walk through a workflow performed by a user in a given role. Data access steps performed in walking through the workflow are recorded and a set of permissions is identified, based upon the recorded workflow. The set of permissions corresponds to the role.

Abstract: Provided is a pattern matching engine. The pattern matching engine calculates an error detection sign of target data and compares the calculated error detection sign with an error detection sign of a malware pattern DB. When the error detection sign of the target data and the error detection sign of the malware pattern DB are identical to each other, the pattern matching engine compares the target data with the malware pattern.

Abstract: Devices, systems and methods for sending messages from a web service server to a computing device shared by a current user and another offline user while maintaining privacy for the other offline user's messages and decreasing bandwidth requirements for transmission of messages may include registering the user and the offline user of the computing device with the web service server, receiving at the web service server from the computing device a login by a first user, wherein the first user is determined to be the current user, checking a database for undelivered messages for the at least one offline user who is not currently accessing the web service server, wherein any user who is not a current user is determined to be an offline user, encrypting each offline user's undelivered messages, sending the undelivered messages to the computing device, and storing offline user encrypted undelivered messages in the computing device.

Abstract: A method for accessing information during a teleconferencing event. The method includes identifying a reference to a document transmitted by a telecommunication device participating in a teleconferencing event and identifying a name of the referenced document. The method includes determining, by a computer, an identity of a user of the participating telecommunication device. The method further includes determining the user has permission to access the identified document and, in response, transmitting the identified document to the participating telecommunication device.

Abstract: Methods and systems for encrypting and decrypting data are described. In one embodiment, a client computing system sends to a server computing system over a network a first network request to perform multiple operations such as a lease operation and a fetch operation. In response, the server computing system performs the operations. Subsequently, the client computing system can send subsequent network requests to write re-encrypted data and to relinquish the lease. The subsequent network requests may also be single network requests that perform lease operations, as well as other operations, such as operations for block alignment purposes. The client computing system can send an actual end of file when relinquishing the lease so that the server computing system can handle a remainder of data that is used for subsequently decrypting the re-encrypted data.

Abstract: A data encryption method, a data verification method and an electronic apparatus are provided. An encryption key is obtained from original data according to a random sequence so as to transform the original data into replace data by using the encryption key, and the replace data is encrypted to obtain a ciphertext. Accordingly, when verification data is received, if the verification data is not conform with the original data, the verification process will not be successful.

Abstract: A method and data processing system for managing security certificates in a data processing environment is disclosed. A computer identifies a security certificate associated with a management interface of a device in the data processing environment. The computer determines whether the security certificate was issued by a certificate authority that is trusted. In response to determining that the security certificate was not issued by the certificate authority, the computer identifies the security certificate as invalid. Subsequent to identifying the security certificate as invalid, the computer determines if a service exists in the data processing environment that includes a feature for sending information about critical events associated with the data processing environment.

Abstract: This disclosure provides techniques for processing an input signal while providing protection from differential power analysis. In one example, random delay units may receive the input signal, a random delay generator may generate random delay values, and the random delay units may add the random delay values to the input signal to generate delayed signals, such that each delayed signal is substantially desynchronized relative to one or more other delayed signals. Subsequently, processing units may process the delayed signals to generate delayed output signals, and random delay removal units may add additional delay values to the delayed output signals, such that each delayed output signal is substantially synchronized relative to other delayed output signals, to produce output signals. Finally, a combination unit may combine the output signals to generate a common output signal that corresponds to the input signal that is processed by any one of the processing units.

Abstract: A content router for managing content for virtual private groups in a content oriented network, the content router comprising storage configured to cache a content from a customer in a content oriented network (CON), and a transmitter coupled to the storage and configured to forward the content upon request, wherein the content is signed by the user, wherein the CON provides different security levels for different users in a plurality of users, and wherein the plurality of users correspond to a plurality of user classes.

Abstract: A method, system and program product are provided that include verifying a credential of the user of a first avatar in the virtual universe; and establishing a zone that causes an indication of the credential of the user of the first avatar to appear in response to an action being taken relative to the zone.

Abstract: Access to a digital asset by a user may be controlled by encrypting the digital asset, embedding the encrypted digital asset in a file, providing a file viewer to the user, responding to a request by the user to access the digital asset by sending a request from the file viewer to a server, the request including identification information related to the user and the file, processing the request from the file viewer, with information in a database related to authorization of the user to access the digital asset, to produce and send to the viewer an encrypted authorization key and responding to receipt of the encrypted authorization key by the viewer by decrypting the authorization key to permit the requested access to the digital asset via the file viewer.

Abstract: Various embodiments for software application verification are disclosed. Software application verification applies digital rights management to applications that run protected content on a playback device. In this way, protected content may be provided to approved applications and withheld from applications that have not been approved to run the protected content.

Abstract: A memory subsystem and method for loading and storing data at memory addresses of the subsystem. The memory subsystem is functionally connected to a processor and has a first mode of address encryption to convert logical memory addresses generated by the processor into physical memory addresses at which the data are stored in the memory subsystem. The memory subsystem is adapted to pull low a write enable signal to store data in the memory subsystem and to pull high the write enable signal to load data in the memory subsystem, wherein if pulled high the write enable signal alters the address encryption from the first mode to a second mode. The memory subsystem is adapted to be coupled to a local hardware device which supplies a key that acts upon the address encryption of the memory subsystem.

Abstract: Imposter account reports received by a social networking system are put into a report management process that routes the reports into other handling processes based upon the comparison of the probability of fraud in an alleged imposter account versus the probability of fraud in an alleged authentic account. The account determined to be most probably fraudulent is enrolled in an account verification process. In the account verification process, the account-holder is asked to verify their identity automatically. If the automatic verification fails to verify the identity of the account-holder, a manual process for verification is initiated.

Abstract: In a method and arrangement for the secure transmission of at least one electronic message from a first terminal of a first user to at least one second terminal of a second user, the electronic message is generated by the first terminal. The electronic message is received by the second terminal. The electronic message is transmitted by an infrastructure for legally binding transmission of electronic messages from the first terminal to the second terminal. A first security module connected to the first terminal encrypts and/or signs the electronic message before the electronic message is transmitted by the infrastructure from the first terminal to the second terminal. A second security module, connected to the second terminal, decrypts the transmitted electronic message and/or verifies the signed electronic message.

Abstract: Authority permission grants/denials associated with each of a plurality of roles (R1, R2, . . . , Rm) assigned to one subject are derived by inheritance based on a subject assignment associating a role and a subject, an authority permission assignment associating a role, an authority permission, and a grant/denial, and a role hierarchy indicating an inheritance relation between roles. Among the derived authority permission grants/denials, grants/denials of authority permissions (A1, A2, . . . , An) which are each derived from two or more different roles (R1, R2, . . . , Rm) and which are each granted to one of the plurality of roles R1, R2 . . . Rm but denied to another one of the plurality of roles R1, R2 . . . Rm are determined in accordance with an input. As exceptional authority permission assignment for a virtual exceptional role constituted of a combination of roles (R1, R2, . . . , Rm), authority permission grants/denials associated with each role (R1, R2, . . .

Abstract: A Mandatory Access Control (MAC) aware firewall includes an extended rule set for MAC attributes, such as a security label or path. Application labels may be used to identify processes and perform firewall rule-checking. The firewall rule set may including conventional firewall rules, such as address checking, in addition to an extension for MAC attributes.

Abstract: A method and security system is provided for the secure and unequivocal encoding of a security module, for example, a chip card. A security module may be personalized during the manufacturing process in a secure environment, the manufacturer storing a unique identifier (IDSM1) in a memory of the security module. The secure encoding to ensure the uniqueness of the security module is achieved because the item of information to be kept secret and intended for the security module is encrypted not only by a communication key, but by the unique identifier (IDSM1) of the security module. This ensures that the item of information to be kept secret is able to be decrypted only by the security module with which the unique identifier (IDSM1) is associated, and used for safety-relevant applications.