Abstract: Described herein is a system and method for detecting vulnerability state deltas, the method comprising the steps of: receiving data related to a network connected device; determining a vulnerability state of the network connected device based upon the data; storing the vulnerability state in a vulnerability state database; receiving additional data related to the network connected device; determining an updated vulnerability state of the network connected device based upon the additional data; determining one or more deltas based upon differences between the vulnerability stare and the updated vulnerability state; and updating the stored vulnerability state with the updated vulnerability state.

Abstract: A medical information system includes a portable device and remote authentication computing device. The portable device stores a person's personal medical information, which it does not allow to be accessed without authentication, and has an activation mechanism and a computing device communication mechanism. The remote authenticating computing device is connected to a computing device network and stores authentication information and has an authentication software module and a diagnostic software module. The activation mechanism communicates the device with the remote authenticating computing device. The authentication software module requests authentication information from a user, receives input authentication information, verifies received authentication data against the stored authentication information, and after successful verification allows the medical information to be accessed by a computing device.

Abstract: A computerized method of reverting system data affected by a malware. The method comprises monitoring, in run time, a plurality of events of a plurality of processes executed by an operating system (OS) running on a computing device, logging in an event log, in run time, the plurality of events, classifying, in run time, a first process of the plurality of processes as a malware, identifying a set of events of the first process from the plurality of events using the event log, and reverting, in response to the classification, at least one system object hosted in the computing device to remove an effect of the set of events on the OS.

Abstract: Disclosed are a data concealment apparatus and a data concealment method using an Error Correction Code. According to exemplary embodiments of the present invention, it is possible to prevent important information from being easily exposed to a third person by generating encoding data through convolution encoding of input data and thereafter, concealing the encoding data on an image through adjustment of a pixel value on the image and minimize an error which can occur at the time of recovering the input data by extracting the encoding data from the image in a soft decision scheme and performing Viterbi-decoding on the extracted encoding data in order to recover the input data concealed in the image.

Abstract: Detecting a denial-of-service attack on a graph database is provided. In response to receiving a request to process a graph query on the graph database from a client device via a network, a graph query pattern of the graph query is determined. In response to determining that the graph query pattern of the graph query matches a stored graph query pattern that lead to a previous denial-of-service attack on the graph database, the graph query is identified as the denial-of-service attack on the graph database. Then, the request to process the graph query is denied by dropping the graph query.

Abstract: The disclosed computer-implemented method for customizing privacy control systems may include (1) identifying a data entry, from within a set of data entries stored on a computing device, that has been selected to be inaccessible by an application installed on the computing device, (2) marking the data with an indication that the data entry has been selected to be inaccessible by the application, (3) intercepting an attempt made by the application to access the data entry, (4) determining that the application is not permitted to access the data entry by identifying the indication that the data entry was selected to be inaccessible by the application, and (5) blocking the application from accessing the data entry in response to determining that the data entry has been marked as inaccessible while allowing at least one additional application to access the data entry. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Assessing compromises of data security is achieved by establishing access control policies for data files in storage devices across an enterprise. A list is compiled of the data files that were accessed by processes executing on processors of the enterprise. A suspicion score is assigned to each of the processes based on deviations of in-memory behaviors of the processes from established criteria. In response to the suspicion score meeting a suspicious process criterion, the file system operations performed by the suspicious process are analyzed against the access control policies and the suspicion score is modified based on a degree to which the file system operations performed by the suspicious process violate the access control policies.

Abstract: The present invention provides a method and an apparatus for tracing an attack source in the case of an abnormal network traffic, where said method comprises: from the network node(s) of an attack link, any or multiple said network nodes are selected as a tracing start point(s) and there into, said attack link is a communication link between an attacked target and an attack source. According to said tracing start point(s), a higher-level network node of said attack link is identified stepwise until a final attack source is confirmed. By adopting said technical solution provided by the present invention, the problems that the network security mechanisms in related technologies can only alleviate a network attack rather than position an attack source are solved, thus an effect can be achieved to trace and position the attack source in a reverse direction.

Abstract: An example network device includes a processor configured to execute an Open Mobile Alliance (OMA) Device Management (DM) server, the OMA DM server to perform operations of: participating in mutual authentication with a second OMA DM server; sending a notification to the second OMA DM server for notifying the second OMA DM server to proceed with a delegation process; and sending, to a DM client, information for modifying an access control list (ACL).

Abstract: A computing device includes an input bridge, an output bridge, a processing core, and authentication logic. The input bridge is coupled to receive a sequence of data items for use by the device in execution of a program. The processing core is coupled to receive the data items from the input bridge and execute the program so as to cause the output bridge to output a signal in response to a given data item in the sequence, and the authentication logic is coupled to receive and authenticate the data items while the processing core executes the program, and to inhibit output of the signal by the output bridge until the given data item has been authenticated.

Abstract: A method and an apparatus for distinguishing humans from computers and for controlling access to network services. One intended application of the method is a CAPTCHA technique, deployed using a shared Trusted Computing technology over a trusted network of a user terminal, a network server, and a Trusted Party, any of which may be at a Decision Point. The method distinguishes a human user making a legitimate request for network access from a programmed computer making undesired requests, by detecting unusually high network access request frequencies made by an identifiable user and/or a trusted module from the user terminal. The CAPTCHA function is further used to improve the method for controlling access to network services. The information transmitted between the members of the trusted network may be encrypted.

Abstract: The present disclosure describes systems and methods of an authentication framework to implement varying authentication schemes in a configurable and extendable manner. This authentication framework provides a level of abstraction in which requirements for credential gathering and authentication workflow are independent from the agents or authentication implementation that does the credential gathering and authentication workflow. A higher level of abstraction and a more comprehensive authentication framework allows handling the associated authentication transactions of complex authentication schemes without requiring any specific understanding of their internals. For example, the requirements to gather certain credentials for a particular authentication scheme may be configured and maintained separately from the client-side authentication agent that gathers the credentials.

Abstract: A method of renewing a plurality of digital certificates includes receiving, at a first time, a request from a user to renew a first digital certificate and determining an expiration date for the first digital certificate. The method also includes receiving, at a second time, a request from the user to renew a second digital certificate and determining an expiration date for the second digital certificate. The expiration date for the second certificate is later than the expiration date for the first certificate. The method further includes determining a new expiration date occurring after the first time and the second time and renewing the first digital certificate. An expiration date for the renewed first digital certificate is equal to the new expiration date. Moreover, the method includes renewing the second digital certificate. An expiration date for the renewed second digital certificate is equal to the new expiration date.

Abstract: The present disclosure relates to methods for correlating security vulnerability assessment data from a network vulnerability assessment, a static application security test (SAST) assessment and/or a zero day vulnerability metadata source.

Abstract: The tool to provide anonymous data in response to a request for information is configured to receiving a request for information relating to a population of interest from a user; determining criteria associated with the population of interest, wherein the criteria define an individual representative of the population of interest; determining a characteristic of the individual within one or more categories; classifying the characteristic of the individual into a cluster, the cluster comprising a subset of all possible outcomes for the category; classifying a plurality of individuals from a database into clusters based on the one or more categories; determining a subset of the plurality of individuals that are similar to the individual representative of the population of interest based on the clusters; transforming the characteristics of the individuals in the subset to generate anonymous data responsive to the request for information; and providing the anonymous data to the user.

Abstract: A method, medium, and system encoding and/or decoding a moving picture. The moving picture encoding method may include selecting a prediction mode that is optimal for the macro blocks, which correspond to each other, of the color components of a current image based on the characteristics of a predetermined image, generating a predicted image for the current image according to the selected prediction mode, and encoding a moving picture using the predicted image. An optimal prediction mode can be adaptively applied to the macro blocks, which correspond to each other, of the color components, thereby increasing the moving picture's encoding and decoding efficiencies.

Abstract: The present invention provides a method and system for securing sensitive data from unauthorized access or use. The method and system of the present invention is useful in a wide variety of settings, including commercial settings generally available to the public which may be extremely large or small with respect to the number of users. The method and system of the present invention is also useful in a more private setting, such as with a corporation or governmental agency, as well as between corporation, governmental agencies or any other entity.

Abstract: Security devices and methods of securely coupling electronic devices and peripherals are provided. In one embodiment, a peripheral has a first coded magnet on a first surface of a first device. The first coded magnet has at least two different polarity regions on the first surface. A second coded magnet on a second surface of a second device is also provided. The first coded magnet is configured to securely provide data to a device associated with the second coded magnet, if the first and second coded magnets' patterns are keyed to one another.

Abstract: The hash value for an entire system file partition for storing firmware of an information processing apparatus is calculated. Alteration of the firmware is detected based on the hash value.

Abstract: A method and system for receiving from an authenticated user, at an authorization server, via a service provider, an authorization request to perform a sensitive operation on a first device. The method also includes generating, by the authorization server and in response to receiving the authorization request, an authorization token that includes a device constraint and a binding code constraint, which includes a binding code. Additionally, the method includes transmitting the authorization token to an isolated execution environment of the first device, where the sensitive operation is not permitted on the first device unless the first device successfully performs a verification in the isolated execution environment using the authorization token. Furthermore, the method includes permitting the sensitive operation based on the verification.