Abstract: Provided is an air interface security method. In the process of protocol transmission, the method executes: 1) a short-range coupling device sending a security parameter request message to a short-range card; 2) after receiving the security parameter request message, the short-range card conduct security parameter feedback on the short-range coupling device; and 3) the short-range coupling device and the short-range card establish a security link according to a security parameter. Provided are a short-range coupling device, a short-range card, etc. for achieving the method. By introducing a security mechanism, the present invention provides a security protection capability for an air interface, can provide identity authentication for a short-range coupling device and a short-range card to ensure the validity and authenticity of the identities of both sides in the communications, and at the same time, will not bring additional hardware overhead to the short-range coupling device and the short-range card.

Abstract: A transmission network system includes a network terminating device connected to a user terminal and an authentication information device connected to the network terminating device through a transmission network. The transmission network is connected to a reference clock that holds a reference time. The network terminating device includes a terminating internal clock that synchronizes with the reference clock, when receiving a first frame from the user terminal, generates a second frame including a time outputted from the terminating internal clock as a request time on the basis of the first frame, and transmits the second frame to the authentication information device. The authentication information device generates time authentication information based on the request time included in the received second frame, generates a third frame including the generated time authentication information, and transmits the third frame to the transmission network.

Abstract: A method begins with a processing module receiving a data retrieval request and obtaining a real-time indicator corresponding to when the data retrieval request was received. The method continues with the processing module determining a time-based data access policy based on the data retrieval request and the real-time indicator and accessing a plurality of dispersed storage (DS) units in accordance with the time-based data access policy to retrieve encoded data slices. The method continues with the processing module decoding the threshold number of encoded data slices in accordance with an error coding dispersal storage function when a threshold number of the encoded data slices have been retrieved.

Abstract: Methods and systems for preventing revocation denial of service attacks are disclosed and may include receiving and decrypting a command for revoking a secure key utilizing a hidden key, and revoking the secure key upon successful verification of a signature. The command may comprise a key ID that is unique to a specific set-top box. A key corresponding to the command for revoking the secure key may be stored in a one-time programmable memory, compared to a reference, and the security key may be revoked based on the comparison. The command for revoking the secure key may be parsed from a transport stream utilizing a hardware parser. The method and system may also comprise generating a command for revoking a secure key. The command may be encrypted and signed utilizing a hidden key and may comprise a key ID that is unique to a specific set-top box.

Abstract: Described herein are techniques related to shielding data, thereby enabling the shielded data to be distributively placed in untrusted computing environments for cost effective storage. A method and system may include a trusted agent operable in a trusted computing environment. The trusted agent includes a transformation knowledge key generator and a data transformer. The transformation knowledge key generator is operable to generate a transformation knowledge key, the transformation knowledge key being generated with at least two shielding algorithms to shield the data. The data transformer is operable to transform the data into N segments of shielded data using the transformation knowledge key. A communications agent securely coupled to the trusted agent is operable to securely transfer one or more of the N segments of shielded data to one or more storage devices in untrusted computing environments.

Abstract: An encryption processing device includes a memory configured to store a common key, and a processor configured to generate a random number which is an integer, to perform a bit transposition on the common key, the bit transposition being determined at least by the random number, to transmit the random number to another encryption processing device and to receive a response from the other encryption processing device, the response obtained by encryption using a common key stored in the other encryption processing device and a second randomized key generated by performing the bit transposition determined by the random number; and to authenticate the other encryption processing device either by comparing the response with the random number by decrypting the response with the common key, or by comparing the random number with the response by encrypting the random number with the common key.

Abstract: A processing device comprises a processor coupled to a memory and is configured to obtain at least one rule set utilized to detect malicious activity in a computer network, to determine one or more trigger conditions for each of a plurality of rules of the at least one rule set, to identify alerts generated responsive to the determined trigger conditions, to compute correlations between respective pairs of the plurality of rules based on the identified alerts, and to aggregate groups of two or more of the plurality of rules into respective aggregated rules based at least in part on the computed correlations. The aggregated rules are illustratively applied in conjunction with remaining unaggregated ones of the plurality of rules of the one or more rule sets to detect malicious activity in the computer network. The processing device may be implemented in a computer network or network security system.

Abstract: Various examples of the present disclosure provide a method and a system for protecting a driver. The method includes encrypting a program file, and sending an Input/Output Request Package (IRP) and the encrypted program file; receiving the IRP and the encrypted program file, decrypting the encrypted program file, verifying the decrypted program file; and, if verification is passed, returning a handle, otherwise, not returning the handle. In the examples of the present disclosure, the program file of the application layer is encrypted, and the encrypted program file is sent when the IRP is sent; the driver layer decrypts and verifies the encrypted program file, and returns the handle to the application layer when the verification is passed, so that the application layer can access the driver layer through the handle; if the verification is not passed, the driver layer rejects the access of the application layer.

Abstract: Methods, systems, and media for masquerade attack detection by monitoring computer user behavior are provided.

Abstract: According to an embodiment, a communication apparatus includes a sharing processing unit, an extension unit, and a communication unit. The sharing processing unit shares a first cryptographic key with an external apparatus connected via a link, and further generates a second cryptographic key and shares the second cryptographic key with the external apparatus through secret communication using the first cryptographic key. The extension unit generates an extended key by extending a length of the second cryptographic key. The communication unit transmits the extended key to a first application which communicates with a second application to which the external apparatus provides the second cryptographic key.

Abstract: A mechanism for performing a network boot sequence and provisioning a device may generate a command by a server and have the command executed by the device. The command may be used to verify the authenticity of the device, and may be used to establish ownership of the device. After authenticity and, in some cases ownership is established, bootable software may be downloaded and executed. The device may be provisioned with software applications.

Abstract: A method, computer program product, and system for the anonymization of sensitive data from a plurality of selected business objects or tables stored in a plurality of data fields in at least one primary database included in an enterprise database system when copying portions of the at least one primary database to a secondary database or updating an existing database with anonymized values for the sensitive fields therein. A plurality of data fields is specified for copying from the at least one primary database. At least one integrity map is generated and populated for each data field in the primary database requiring anonymization before copying to the secondary database. The at least one integrity map is stored in a table associated with the primary database. An anonymized value is generated for each data field in the primary database requiring anonymization. Each data field in the primary database requiring anonymization is substituted with the anonymized value.

Abstract: A method for securing user data includes the steps of: a) setting the user data as input data; b) randomly fragmenting the input data into a plurality of Atoms and randomly distributing the Atoms into an AtomPool and an AtomKey; and c) recording information about the fragmentation and the distribution of step b) into an AtomMap.

Abstract: It is described a method for encrypting and a method for decrypting at least a portion (155) of a dataset being stored in a memory (150), wherein the dataset has at least two dimensions. The described multi-dimensional cryptographic methods comprise forming a first keystream (165) being assigned to a first dimension of the dataset and forming a second keystream (175) being assigned to a second dimension of the dataset. The encrypting method further comprises encrypting each data packet of the portion (155) of the dataset by using a combination of the first keystream (165) and the second keystream (175). The decrypting method further comprises decrypting each data packet of the portion (155) of the dataset by using a combination of the first keystream (165) and the second keystream (175).

Abstract: A computing device can obtain a session key for encrypting data that is communicated between a client device and the computing device. The computing device can receive, from the client device, an encrypted request for data. The encrypted request can be encrypted by the client device using the session key. The data requested can be stored on a second computing device. The computing device can send, to the second computing device, a copy of the session key and the encrypted request for data. The second computing device can decrypt the data using the session key and can also encrypt data responsive to the request using the session key.

Abstract: A method for performing a cryptographic function on text to generate converted text comprises producing a random key stream having a first block size in a first frequency domain; converting the random key stream having a first block size in the first frequency domain to a random key stream in a second frequency domain; converting the random key stream having the first block size in the second frequency domain into smaller block sizes, thereby producing smaller block-sized random key stream of the second frequency domain; and converting the text using the smaller block-sized random key stream of the second frequency domain to produce the converted text. The frequency in the first frequency domain is preferably lower than the frequency in the second frequency domain.

Abstract: A system and method for securely storing, retrieving and sharing data using PCs and mobile devices and for controlling and tracking the movement of data to and from a variety of computing and storage devices.

Abstract: System and method for automatically developing phishing detection rules. Based on detected phishing indicia, a quantitative score is computed for each of a plurality of predefined parameters, with each of the parameters relating to at least one of the phishing indicia. A requirement for evolving a phishing detection rule is assessed, and a new phishing detection rule is generated based on selected parameter scores meeting the rule evolution criteria and on corresponding content of the phishing indicia relating to those selected parameter scores. New phishing detection rules are applied recursively to detect phishing indicia, and more new rules can be further evolved in recursive fashion.

Abstract: A method for link setup includes sending a first authentication message including a user identifier to an access point (AP). A second authentication message sent by the AP according to the user identifier is received and includes an EAP method request message and a ANonce of the AP. A first PTK is generated according to the ANonce, an SNonce, and a first MSK. A third authentication message is sent to the AP. The third authentication message includes an EAP method response message, the SNonce, and a first MIC that is generated according to the first PTK. A fourth authentication message is sent by the AP when it authenticates, according to a second PTK, that the first MIC is correct. The fourth authentication message includes an EAP-Success message, configuration information configured by the AP for the terminal, and a second MIC. The second MIC is authenticated according to the first PTK.

Abstract: The present disclosure discloses a method of identifying malicious websites. The method includes: filtering a target website using a local website-filtering list; if the target website is not on the local website-filtering list, filtering the target website using a server website-filtering list. The present disclosure also discloses, based on the above-described method, a system for identifying malicious websites. By using the disclosed malicious website identifying method and system, the number of times needed to access a network to identify malicious websites can be reduced effectively. That is, the number of times that the identification calculation is performed by a network server can be reduced and, thus, increasing the speed of the identification process and reducing network traffic. As a result, the efficiency of the malicious website identifying process can be improved.