Abstract: Exemplary methods are provided for storing data in a flash storage device to facilitate subsequent detection of tampering, comprising receiving a plaintext; reading first metadata associated with a device sector; encrypting the plaintext based on the first metadata to generate a cipher text and first authentication data; storing the cipher text in the sector; and storing the first authentication data as second metadata associated with the sector. Exemplary methods are also provided for detecting tampering with data stored in a flash storage device, comprising determining a physical location in a device sector; reading cipher text from the physical location; reading first authentication data and maintenance metadata associated with the sector; decrypting the cipher text based on a user key and the maintenance metadata to generate second authentication data; and determining the occurrence of tampering based on the first and second authentication data. Memory devices embodying said methods are also provided.

Abstract: Disclosed is a key downloading management method, comprising: a device end authorizing the validity of an RKS server by checking a digital signature of a work certificate public key of the RKS server, and the RKS server generating an authentication token (AT); encrypting by using an identity authentication secondary key DK2 of the device end, and sending the ciphertext to the device end; the device end decrypting the ciphertext by using the identity authentication secondary key DK2 saved thereby, encrypting the ciphertext by using the work certificate public key and then returning same to the RKS server; the RKS server decrypting same by using a work certificate private key thereof and then comparing whether the authentication token (AT) is the same as the generated authentication token (AT) or not, and if so, it is indicated that the device end is valid, thereby achieving bidirectional identity authentication.

Abstract: There is described a challenge-response method for a client device. The method comprises steps of: (a) receiving challenge data, wherein the challenge data is content encrypted using an encryption key, the content including a nonce; (b) using a secured module of the client device to access the content by decrypting the challenge data using a decryption key of the secured module, the decryption key corresponding to the encryption key; (c) processing a version of the content output by the secured module so as to obtain the nonce; and (d) providing the nonce as a response. There is also described a client device for implementing the above challenge-response method. There is also described a computer program which, when executed by a processor, causes the processor to carry out the above challenge-response method. Finally, there is described a computer readable medium storing the above-mentioned computer program.

Abstract: Disclosed are devices, systems, and methods for securing data using attribute based data access. The data may correspond to a sensory environment, and the data is secured at the device. The device secures the data by segmenting the data into number of segments and defining an access policy, further submitting the access policy to a PKG of system for generating Access Tree having attributes at different level for accessing the data. These Access Trees are securely stored on the device using IBE mechanism. Further, the data after being secured, is uploaded to a system for analysis. At the system, an access request may be received for accessing the data. The access request further includes a request attribute, whereby the system verifies if the attribute satisfies the Access Policy. If the verification is positive, an access may be provided to the data accessor for accessing the data.

Abstract: A method of communicating in a secure communication system, comprises the steps of assembling as message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient.

Abstract: A system, method, and device includes a platform data storage that stores a wrap that secures an executable controller and executable sensors. The wrap is verified, optionally through a downloaded authentication driver. After verifying the wrap, the wrap is opened and a sister of the executable controller is installed into the platform memory to cooperate with the executable controller. Additionally or alternatively, the authentication driver may cooperate with the executable controller. The executable controller allows the platform processor to access data secured in a vault and/or verify the platform to create a connection to an application server.

Abstract: A method, product and computer program product for building a malware detector, the method including the steps of: receiving at least one characteristic for each of a plurality of malware variants; categorizing each of the characteristics as a malicious characteristic or a non-malicious characteristic; generating a detector; training the detector to distinguish between the malicious characteristic and the non-malicious characteristic; and rating the detector based on an accuracy of detection of an amount of malicious characteristics for each malware variant.

Abstract: A reader configured to perform dual-factor authentication is provided. The reader is configured to analyze credential data as well as event-based user inputs. The event-based user inputs are received in response to the reader presenting one or more events to a user and monitoring the user's reaction thereto. Utilization of an event-based user input enables the reader to perform dual-factor authentication without necessarily being provided with a keyboard or other advanced user input device.

Abstract: A technique for network authentication interoperability involves initiating an authentication procedure on a first network, authenticating on a second network, and allowing access at the first network. The technique can include filtering access to a network, thereby restricting access to users with acceptable credentials. Offering a service that incorporates these techniques can enable incorporation of the techniques into an existing system with minimal impact to network configuration.

Abstract: Threat detection is improved by monitoring variations in observable events and correlating these variations to malicious activity. The disclosed techniques can be usefully employed with any attribute or other metric that can be instrumented on an endpoint and tracked over time including observable events such as changes to files, data, software configurations, operating systems, and so forth. Correlations may be based on historical data for a particular machine, or a group of machines such as similarly configured endpoints. Similar inferences of malicious activity can be based on the nature of a variation, including specific patterns of variation known to be associated with malware and any other unexpected patterns that deviate from normal behavior. Embodiments described herein use variations in, e.g., server software updates or URL cache hits on an endpoint, but the techniques are more generally applicable to any endpoint attribute that varies in a manner correlated with malicious activity.

Abstract: An approach is provided for applying privacy policies to structured data. A privacy policy management infrastructure receives a request for an exchange of structured data among a plurality of devices. The privacy policy management infrastructure determines one or more elements of the structured data. The privacy policy management infrastructure also determines one or more privacy policies corresponding to the structured data, respective ones of the one or more elements, or a combination thereof. The privacy policy management infrastructure further determines to apply the one or more privacy policies to the structured data, respective ones of the one or more elements, or a combination thereof when initiating the exchange.

Abstract: Described herein is a computing platform incorporating a trusted entity, which is controllable to perform cryptographic operations using selected ones of a plurality of cryptographic algorithms and associated parameters, the entity being programmed to record mode of operation information, which is characterized by the algorithms and associated parameters that are selected to perform an operation.

Abstract: The described embodiments relate to encryption methods and computer program products. An encryption application is used to determine a keystore seed with a seed bit set having seed bits in an ordered sequence. A plurality of key derivation sets are determined and a selected key derivation set is selected randomly. A key bit sequence is generated from the seed bit set using the selected key derivation set. An encryption key is generated using the key bit sequence, and corresponding keying information is determined from the selected key derivation set such that the latter is also derivable from the former. The keying information discloses zero information about the encryption key absent knowledge of the keystore seed. Plaintext data is encrypted using the encryption key to generate ciphertext data, and the keying information is stored with the ciphertext data. The encryption key may then be deleted.

Abstract: Methods (500) of a network node (111) for creating and joining secure sessions for members (111-114) of a group of network nodes are provided. The methods comprise receiving an identity certificate and an assertion for the network node as well as a secret group key for the group. The method for creating a session further comprises creating (501) a session identifier and a secret session key for the session, and sending (502) an encrypted and authenticated broadcast message comprising the session identifier. The method for joining a session further comprises sending an encrypted and authenticated discovery message comprising the identity certificate and the assertion, and receiving an encrypted and authenticated discovery response message from another network node which is a member of the group. The disclosed combined symmetric key and public key scheme is based on the availability of three credentials at each node, i.e.

Abstract: Provided is a network equipment and an authentication and key management method for the same. The network equipment generates a Network Key (NK); the network equipment performs authentication protocol interaction with opposite communication equipment, and calculates a Basic Session Key (BSK) according to parameters for the authentication protocol interaction and the NK; and the network equipment calculates link Encryption Keys (EKs) used respectively for Media Access Control (MAC) and Physical (PHY) layers using various access technologies according to the BSK, and provides the EKs for respective MAC and PHY layer function modules. With the disclosure, the legality of the equipment is verified by performing an authentication process on the heterogeneous network equipments in one pass, and keys in various MAC layer technologies are managed in a unified way.

Abstract: A system and computer based method are provided for identifying active content in websites on a network. In one aspects, a method for classifying web content includes determining a first property associated with static content of a web page, determining a second property associated with the content of the web page based at least in part on active content associated with the web page, evaluating a logical expression relating the first property and the second property, at least in part by evaluating whether a constant value matches at least a portion of the content of the web page, associating the web page with a category based on a result of the evaluation, and determining whether to allow network access to the web page based on the category.

Abstract: A method, product and computer program product for evolving malware variants, the method including the steps of: receiving a malware specimen; generating a first generation of variants corresponding to the malware specimen, wherein the malware specimen is altered by one or more mutations to generate each variant of the first generation of variants; selecting variants from the first generation of variants; and mutating the selected variants to generate successive generations of variants, wherein the successive generations are generated until one or more criteria are met.

Abstract: This disclosure relates to a system and related operating methods. A computer-implemented server device receives a request from a device that includes an identifier proposed for a potential account holder. The computer-implemented server device determines whether the identifier is available for use with a new account, and communicates a response to the device that indicates whether the identifier is available for use with the new account. The response is presented at the device and includes an image that contains a visually obfuscated representation of an alphanumeric message that indicates either a success or a failure.

Abstract: Systems and methods for reducing problems and disadvantages associated with traditional approaches to encryption and decryption of data are provided. An information handling system may include a processor, a memory communicatively coupled to the processor, and an encryption accelerator communicatively coupled to the processor. The encryption accelerator may be configured to encrypt and decrypt information in accordance with a plurality of cryptographic functions, receive a command from the processor to perform an encryption or decryption task upon data associated with an input/output operation, and in response to receiving the command, encrypt or decrypt the data associated with the input/output operation based on a particular one of the plurality of cryptographic functions.

Abstract: A method, product and computer program product for providing evolutionary selection of malware variants, the method including the steps of: receiving a malware specimen; generating a first generation of variants corresponding to the malware specimen; evaluating each variant of the first generation of variants for one or more evasiveness characteristics and one or more maliciousness characteristics; based on the evaluating, selecting variants of the first generation of variants for further mutation; and generating a second generation of variants from each of the selected variants.