Abstract: To install a monitor apparatus module, a monitor apparatus transmits a registration request including a client ID and an initial authentication key included in an installer to a management apparatus. When an authentication key related to the client ID included in the registration request is yet to be issued, the management apparatus issues an authentication key and provides the same to the monitor apparatus. Meanwhile, when the authentication key is already issued, the monitor apparatus displays a screen for input of a ticket issued by the management apparatus and resends the initial registration request with the input ticket to the management apparatus. When the ticket included in the registration request is valid, the management apparatus issues the authentication key and provides the same to the monitor apparatus.

Abstract: Systems and methods are disclosed for identifying human users on a network.

Abstract: The method utilizes a passport identification number as an element of a homomorphic encryption used to stamp a passport with country entry/exit data to form a digital representation of a subset of information in the passport. As a result, exchange of the digital representation is permitted to allow a selective transfer of information without exposing a user-sensitive passport identification number. The homomorphic encryption comprises a support for exposing a trusted photo and a trusted group containing country travel entry and exit information. The digitally signed passport stamp may then be used to provide verification of the individual by ensuring linkage to that user's passport. The individual's identity and passport verification may occur unconnected, i.e., without having to connect to a central database.

Abstract: There is provided a surveillance management process comprising a management system maintaining a plurality of client accounts that regulate access to image data via a data network, each of the client accounts having an authorization parameter that defines an access level for a corresponding client system, the management system receiving image streams from a surveillance network comprising a plurality of imaging nodes and autonomously producing metadata descriptors from the image streams, the metadata descriptors identifying sub-frame features of an image stream, the management system using the metadata descriptors to classify image data derived from the corresponding sub-frame features in predefined access categories, and the management system using the authorization parameter of the client accounts to regulate access to classified image data, the access level for a client account defining the access categories that a corresponding client system can access.

Abstract: A method for determining the threat level of a sample, comprising: providing a multi-analyzer array running on a server comprising a static analyzer, a plurality of dynamic analyzers, an arbitrator, at least one post processing process, and a normalizer process; analyzing the sample by the static analyzer to produce a static analysis; review of the static analysis by the arbitrator to determine which of the plurality of dynamic analyzers to utilize for dynamic analysis of the sample; dynamic analysis of the sample by one of the plurality of dynamic analyzers as chosen by the arbitrator to produce a dynamic analysis of the sample, normalizing the dynamic analysis by the normalizer to a format for post processing by the at least one post processing process; analysis of the normalized dynamic analysis by the at least one post processing process to provide a post processing analysis and to determine a threat level of the sample; and analysis by the arbitrator of the post processing analysis and the threat level o

Abstract: Embodiments are disclosed for performing static and/or non-emulated dynamic analysis of mobile computing device software to improve app security testing. In the context of a method, an example embodiment includes processing, by a security analysis system, an app for analysis. This example embodiment of the method further includes analyzing the app by diagnostic circuitry of the security analysis system. In this regard, analyzing the app includes at least one of performing static analysis on the app or causing performance, by a lab rig, of non-emulated dynamic analysis on the app. In turn, this example embodiment further includes generating, by the security analysis system and based on analyzing the app, a set of risk issues presented by the app, and outputting, by the security analysis system, the set of risk issues. Corresponding apparatuses and computer program products are also provided.

Abstract: A system and method detect privacy leaks in applications of an operating system of a mobile device. An instrumentation module permits tracking of privacy-sensitive information without modification of a middleware of the operating system and a process virtual machine.

Abstract: An information processing apparatus for processing data using a main memory device and a nonvolatile secondary storage device includes a nonvolatile main memory unit, a volatile main memory unit, a determination unit that determines whether the data is designated as confidential data, and a control unit that stores the data in the volatile main memory unit if the determination unit determines that the data is designated as confidential data and stores the data in the nonvolatile main memory unit if the determination unit determines that the data is not designated as confidential data.

Abstract: A keyboard is disclosed. The keyboard may comprise a biometric sensor configured for authenticating a user; a docking station configured for receiving a security device; and a processor configured for facilitating communication between the biometric sensor and the security device docked in the docking station with a computing device coupled to the keyboard.

Abstract: Identifying malicious communications by generating data representative of network traffic based on adaptive sampling includes, at a computing device having connectivity to a network, obtaining a set of data flows representing network traffic between one or more nodes in the network and one or more domains outside of the network, wherein each data flow in the set of data flows includes a plurality of data packets. One or more features are extracted from the set of data flows based on statistical measurements of the set of data flows. The set of data flows are adaptively sampled based on at least the one or more features. Then, data representative of the network traffic is generated based on the adaptively sampling to identify malicious communication channels in the network traffic.

Abstract: A method for securing communications for a given network is provided. The method comprises by at least one node(i) of the network configured to utilize pairwise keys: generating a set of encryption keys; and transmitting the set of encryption keys to a controller for the network; by the controller, executing a key selection process wherein for each node(j) in the network an encryption key J is selected from the set of encryption keys; assigning the encryption key J to the node(j); and transmitting the selected encryption key J to the node(j); by each node(j), generating an encryption key I for the node(i); and sending the encryption key I to the node(i) via the controller.

Abstract: Systems and methods are disclosed for securely passing context information from a server to a client device. In particular, in one or more embodiments, the disclosed systems and methods embed an identifier in a digital file provided to a client device. In one or more embodiments, the disclosed systems and methods utilize the embedded identifier to securely pass context information between a client device and server, such that the client device can utilize the context information with regard to the digital file. In particular, one or more embodiments include systems and methods that securely pass login credentials from a remote server to a client device such that the client device can utilize a digital file to access one or more features of a native software application.

Abstract: A method for authenticating a meter reading. The method includes obtaining a measurement representing a measured attribute of a user, analyzing the measurement to generate an authentication code, generating the meter reading based on the measurement and the authentication code, presenting, by the metering device, the meter reading to the user who alters and reports the meter reading as a reported meter reading, analyzing, by a meter reading analysis device, the reported meter reading to detect that the meter reading was altered by the user, and generating, by the meter reading analysis device and in response to the detecting, a dispatch request to dispatch a human inspector for validating the measurement.

Abstract: According to an aspect, a computing device may include a media content handler to obtain media content, a group license manager to determine whether or not the media content is part of a license group, and when the media content is determined as part of the license group, the group license manager may determine whether a master key for the license group was previously received. The group license manager may send, over a network, a license request to a license manager when the master key was not previously received. The group license manager may receive, over the network, a license to permit access to the media content, where the license includes the master key. The computing device may include a key generator to derive a content key based on the master key, and a decryption unit to decrypt the media content using the derived content key.

Abstract: The disclosure describes approaches for generating a physically unclonable function (PUF) value. Power is applied to a power control circuit, an SRAM, and a PUF control circuit. After initially powering-up the SRAM, the PUF control circuit signals the power control circuit to disable power to the SRAM. The power control circuit disables power to the SRAM, and then re-enables power to the SRAM after having power to the SRAM disabled for a waiting period. The PUF control circuit reads a PUF value from the SRAM by the PUF control circuit after the enabling of power.

Abstract: Some implementations may include a computer-assisted method for digitizing an identification document, the method including: receiving a digital biometric of a subject; applying the received digital biometric to a digital identification document; applying a digital watermark to the digital identification document, the digital watermark encoding personally identifiable information of the subject identified by the digital biometric; and generating the digital identification document with the applied digital watermark, the digital identification document comprising both the digital watermark and the digital biometric.

Abstract: A uniform protocol can facilitate secure, authenticated communication between a controller device and an accessory device that is controlled by the controller. An accessory and a controller can establish a pairing, the existence of which can be verified at a later time and used to create a secure communication session. The accessory can provide an accessory definition record that defines the accessory as a collection of services, each service having one or more characteristics. Within a secure communication session, the controller can interrogate the characteristics to determine accessory state and/or modify the characteristics to instruct the accessory to change its state.

Abstract: Disclosed herein is a system and method for identifying potential sources of malicious activity as well as identifying potentially malicious files that originated from suspected malicious sources. Using an anchor event and telemetry data from devices known to have been infected by malicious activity similar events in the telemetry data between two devices can be identified. These satellite events are then used to identify other files that may have been deposited by the satellite event such that those files can be highlighted to a malware researcher. Additionally, the malware protection may be updated based on this analysis to label an associated site with the satellite event as a malicious site such that the site may be blocked or quarantined.

Abstract: When requesting network services, clients often supply authentication information such as digital signatures. A network provider may from time to time change its authentication scheme. Clients are notified of the change and are provided with an updated authentication specification. Upon receiving the updated authentication specification, a client updates its authentication logic accordingly, and subsequently prepares and provides authentication information in accordance with the new authentication scheme.

Abstract: A computer-implemented method for scalable network monitoring in virtual data centers may include (1) identifying a plurality of network monitoring agents executing on a plurality of virtual machine host systems within a virtual data center, (2) intercepting, at a receiving virtual machine host system, a traffic flow within a virtual network within the virtual data center, (3) determining a processor load on each of the plurality of virtual machine host systems, (4) selecting, based on the processor load on the receiving virtual machine host system exceeding an established threshold, an alternate virtual machine host system that executes a second network monitoring agent for inspecting the traffic flow, and (5) limiting the processor load on the receiving virtual machine host system by designating the second network monitoring agent executing on the alternate virtual machine host system to inspect the traffic flow. Various other methods, systems, and computer-readable media are also disclosed.