Abstract: The invention discloses a method and a system for authentication based on a wireless identification, and a wireless identification. The method comprises steps of: obtaining, by a mobile device, wireless tag information and connection configuration information from the wireless identification; establishing, by the mobile device, a connection with the server according to the connection configuration information, and transmitting, by the mobile device, the wireless tag information to the server; authenticating, by the server, the validity of the wireless tag information, and determining, by the server, an access right of the mobile device after the authentication is successful; generating, by the wireless identification, device signature information and forwarding it, by the mobile device, to the server; and authenticating, by the server, the validity of the device signature information, and canceling, by the server, the access right of the mobile device.

Abstract: A system and method for secure instant messaging are described. For example, in one embodiment, a first user identifies a second user for an instant messaging session with the ID code of the second user. The first user is provided with network information for the second user and a public key associated with the second user. The first user encrypts an instant message using the public key of the second user and a private key. In one embodiment, the first user encrypts the content of the instant message (e.g., any text and/or attachments) using the public key of the second user and signs the content using the private key of the first user. The encrypted message is transmitted from the first user to the second user. The second user decrypts the instant message using the second user's private key and verifies the signature with the first user's public key.

Abstract: A technique for accessing features of a hardware adapter includes reading a first key from a hardware adapter and attempting to decrypt the first key with a second key. In response to the second key successfully decrypting the first key: encrypted code from the hardware adapter is read; the encrypted code is decrypted with the decrypted first key to generate unencrypted code; and a default code in an executable flash sector of the hardware adapter is over-written with the unencrypted code. In this case, the unencrypted code facilitates access to at least one feature of the hardware adapter that is customer specific. In response to the second key not successfully decrypting the first key, the default code in the executable flash sector of the hardware adapter is not over-written. In this case, the default code facilitates access to one or more features that are not customer specific.

Abstract: The present invention provides an information processing device, an information processing system, and a program capable of improving security and convenience. An information processing system (1) includes an IC card (30) which stores an encryption key and a registered password and allows the encryption key to be read when the IC card (30) has authenticated the user as an authorized user based on the registered password, and an information processing device (10) which stores folder information in which the folder name, path, and hash value of the encryption key are associated, when a request to save data in the folder has been issued from the user, decides whether or not an encryption key corresponding to the folder is included in the encryption key read from the IC card (30) based on the folder information, encrypts the request target data using the corresponding encryption key when the information processing device (10) has decided “YES”, and stores the encrypted data.

Abstract: A method for data security, comprising providing an electronic circuit, which has a first, stable operating mode under a first operating condition and a second, unstable operating mode under a second operating condition, different from the first operating condition, and which is configured to output a secret value in the first operating mode; maintaining the electronic circuit initially in the second operating condition; transferring the electronic circuit to the first operating condition and, while in the first operating condition, reading out the secret value; and returning the electronic circuit to the second operating condition after reading out the secret value.

Abstract: A computer-implemented method of authenticating a user with a computing device is disclosed. The method involves displaying a grid of selectable visually-distinguishable graphical elements on a device display, receiving from a user of the device a drawn pattern across the selectable graphical elements, comparing the received drawn pattern to information representing a stored authentication pattern for the user, and unlocking access to functions on the device if the received drawn pattern substantially matches the stored authentication pattern.

Abstract: A method, computer-readable medium, and semiconductor device for securing integrated engineering analysis are provided. A die ID is generated from a lot ID, wafer ID, die coordinates, or other product information. The die ID is encrypted with a key and written to the die. The encryption key and encrypted die ID may be stored in a secure storage. A die is fabricated with an encryption module and an unencrypted die ID. The encryption module is provided with an unencrypted die ID, encrypts the unencrypted die ID, and writes the encrypted die ID to a die fuse.

Abstract: A method to protect content within protected data areas on a target optical record carrier against unauthorized reading and/or copying with a computer, comprises the steps of—determining whether a target optical record carrier or a non-target optical record carrier is inserted into a drive of the computer, and—in case a target optical record carrier is inserted into the drive of the computer—modifying read requests to the protected data areas so that no data is read or the read data is useless, and/or—modifying write commands in respect to the data within the protected data areas to a recordable record carrier or other storage so that the written data is useless.

Abstract: A computer-implemented method to scan memory for a threat is described. At least one application programming interface (API) is monitored. A back-trace operation is performed from the at least one API to identify a process that called the at least one API. An address in memory is retrieved for the identified process. At least a portion of the memory associated with the address of the identified process is scanned. A signature based on the scanned portion of the memory is generated.

Abstract: There is disclosed a method, and a communication system, and a communication node for implementing the claimed method, for attempting to enhance legitimacy assessment and thwart a man-in-the middle or similar false-location attack by evaluating the topology of a communication-session requesting node relative to the proposed communication path through a network between the requesting node and the requested node. Upon receiving the request, a PRD (Prefix Reachability Detection) protocol is initiated, either after or during a secure key exchange, if any, which if performed preferably includes an ART (address reachability text). The PRD is executed by sending a message to the communication node challenging the location-authenticity of the requesting device. The communication node, which may be for example an access router through which the requesting node accesses the network, determines if the requesting node is positioned behind the communication node topologically, and reports the result to the requested node.

Abstract: A method is provided for user authentication, comprising: provision of a client device provided with an encryption function of variables K, t, x, in which: K is a secret shared by the server and the client device; t is a time-dependent variable; and x is a variable having at least two values, a step of calculation (S30) by the client device of a first value of the function obtained for a first value of x, for authentication of the user by the server; and a step of calculation (S80, S110) by the client device of a second value of the function, obtained for a second value of x, for verification of the user authentication by the server. Also provided is a user authentication device with means of calculation of values of said function.

Abstract: In a node (110) communicating with other nodes in a network (150), a system and method for performing cryptographic-related functions is provided. The node (110) receives and transmits inputs and outputs requiring cryptographic-related processing. When cryptographic processing is required, the node (110) transmits a predefined message to a cryptographic processing component in the node (110) that then performs the desired cryptographic-related processing.

Abstract: A method, system, and computer program product for deploying data to a web server for streaming video to a mobile device. The method can include receiving a request for streaming video from a mobile device upon the resolving of the request by a DNS. The method can further include simultaneously sending both a request to a database for the video requested and a playlist for the video to the mobile device. The method can then include receiving the video from the database. The video received is sent as a sequence of blocks, where each block can further be comprised of a sequence of chunks. The method can even further include decompressing each block and storing each chunk on a web server. The method can further include an exchange of a security credential.

Abstract: A method, system, and computer program product for deploying data to a web server for streaming video to a mobile device. The method can include receiving a request for streaming video from a mobile device upon the resolving of the request by a DNS. The method can further include simultaneously sending both a request to a database for the video requested and a playlist for the video to the mobile device. The method can then include receiving the video from the database. The video received is sent as a sequence of blocks, where each block can further be comprised of a sequence of chunks. The method can even further include decompressing each block and storing each chunk on a web server. The method can further include an exchange of a security credential.

Abstract: This invention discloses a method and system for processing logic modules, each having a separate functionality, into a unique functionality that is to be executed in an interlocked mode as a unique functionality. The method is based on taking logic modules (programs and data) with known functionality and transforming them into a hidden program by integrating modules to execute together into a logic which is partially obfuscated and/or encrypted and/or physically hidden. The hidden program is being updated dynamically to strengthen it against reverse engineering efforts. The program includes the functionality for generating security signals, which are unpredictable by observers, such as a pseudo random sequence of security signals. Only elements that share the means for producing the security signals can check their validity. The modules include operational tasks and performance parameters for this operation.

Abstract: Systems, methods and apparatus for a distributed security that detects embedded resource request identifiers. The system can identify requests, such as HTTP requests, and can identify encoded prefix data corresponding to URI prefixes, such as Base64 or Base16 encoded URI prefixes “www.” and “http:”.

Abstract: An information processing apparatus is disclosed that includes an expiration detection unit that detects expiration of a certificate used for verifying the validity of software; a software verification unit that verifies the validity of the software using the certificate; and a storage unit in which the certificate is stored. In the apparatus, the software verification unit previously stores a value uniquely calculated from the software in the storage unit when the certificate has not expired and the software is valid, and verifies the validity of the software using the value uniquely calculated from the software where the certificate has expired or the software is invalid.

Abstract: A method and system are provided for encoding a picture. The method includes encoding the picture into a first encoded picture using a first universal quantizer. If a size of the first encoded picture is greater than a maximum picture size, the method includes encoding the picture into a second encoded picture using small quantizers for smooth regions of the picture and large quantizers for complex regions. If a size of the second encoded picture is still greater than a maximum picture size, the method includes encoding the picture into a third encoded picture with revised quantizers for complex regions and dropping high frequency coefficients if necessary to ensure the encoded picture size never exceeds the maximum size.

Abstract: A system and method for determining in a global network the user network authentication status as the user goes from site to site within the network is provided. Additionally, the system and method provides for transparent or implicit multi-site logon functionality, including automatic introduction from one site to the other using a baseline authentication agency (102). The system and method provides an architecture for a core global network (100) (referred to herein as NET) that incorporates some or all of the following features and components: a set of baseline authentication agencies responsible for the core global network (NET) services, such as login and user-selected service-provider lookup; a shared NET domain and associated DNS records (106) used for cookie (110) sharing, login routing, and the like; and a collection of partner sites (108) accessible via the NET.

Abstract: To comply with a policy for a computing device indicating that data written by the computing device to the storage volume after activation of the policy be encrypted, an encrypted chunks map is accessed. The encrypted chunks map identifies whether, for each chunk of sectors of a storage volume, the sectors in the chunk are unencrypted. In response to a request to write content to a sector, the encrypted chunks map is checked to determine whether a chunk that includes the sector is unencrypted. If the chunk that includes the sector is unencrypted, then the sectors in the chunk are encrypted, and the content is encrypted and written to the sector. If the chunk that includes the sector is encrypted or not in use, then the content is encrypted and written to the sector.