Abstract: A domain identifier of a first domain of a plurality of domains is identified, the domain identifier included in a domain certificate received from the first domain. A first permanent hardware identifier set as a fuse key value embedded in hardware of the device during fabrication is identified. A plurality of unique second private hardware identifiers stored in the secured memory are identified. A plurality of hardware-based root identifiers are derived from the plurality of unique second private hardware identifiers respectively. A plurality of secure identifiers for the respective plurality of unique second private hardware identifiers are derived for a pairing of the device and the first domain based on the plurality of root identifiers respectively and the domain identifier. A secure identifier of the plurality of secure identifiers is caused to be sent over a secured channel to a domain computing device associated with the first domain.

Abstract: A trust management system may be configured to compute a trust level for a compute resource based on a trust manifest corresponding to compute resource. Based on the construction of a trust manifest for each class of compute resources, a trust level may be computed for a wide range of compute resources, including bare-metal hosts, hypervisor hosts, virtual machines and containers. A trust manifest may specify one or more inputs for calculating the trust level, as well as how the inputs are to be processed to arrive at the trust level. The one or more inputs may include integrity measurements determined in accordance with one or more integrity measurement methods and security assessments determined in accordance with one or more security assessment methods. The inputs for the trust level calculation may be evaluated by one or more rule statements specified in the trust manifest, the evaluation of which returns the trust level for the compute resource.

Abstract: Security system for protecting a vehicle electronic system by selectively intervening in the communications path in order to prevent the arrival of malicious messages at ECUs, in particular at the safety critical ECUs. The security system includes a filter which prevents illegal messages sent by any system or device communicating over a vehicle communications bus from reaching their destination. The filter may, at its discretion according to preconfigured rules, send messages as is, block messages, change the content of the messages, request authentication or limit the rate such messages can be delivered, by buffering the messages and sending them only in preconfigured intervals.

Abstract: Securing access to a portable electronic device (PED), securing e-commerce transactions at an electronic device (ED) and dynamically adjusting system settings at a PED are disclosed. In an example, usage or mobility characteristics of the PED or ED (e.g., a location of the ED or PED, etc.) are compared with current parameters of the PED or ED. A determination as to whether to permit an operation (e.g., access, e-commerce transaction, etc.) at the ED or PED can be based at least in part upon a degree to which the current parameters conform with the usage or mobility characteristics. In another example, at least a current location of a PED can be used to determine which system settings to load at the PED.

Abstract: The protection of data on a client mobile computing device by a server computer system such as within an enterprise network or on a separate mobile computing device is described. Security tools are described that provide different security policies to be enforced based on a location associated with a network environment in which a mobile device is operating. Methods for detecting the location of the mobile device are described. Additionally, the security tools may also provide for enforcing different policies based on security features. Examples of security features include the type of connection, wired or wireless, over which data is being transferred, the operation of anti-virus software, or the type of network adapter card. The different security policies provide enforcement mechanisms that may be tailored based upon the detected location and/or active security features associated with the mobile device. Examples of enforcement mechanisms are adaptive port blocking, file hiding and file encryption.

Abstract: A method for provisioning a device such as a token. The device issues a certificate request to a Certification Authority. The request includes a public cryptographic key uniquely associated with the device. The Certification Authority generates a symmetric cryptographic key for the device, encrypts it using the public key, and creates a digital certificate that contains the encrypted symmetric key as an attribute. The Certification Authority sends the digital certificate to the device, which decrypts the symmetric key using the device's private key, and stores the decrypted symmetric key.

Abstract: Embodiments of the present invention comprise systems, methods and devices for eliminating multiple submission of user credential data in a system with multiple distinct restricted sub-systems wherein a unique credential is required for each sub-system.

Abstract: Embodiments of the present invention comprise systems, methods and devices for eliminating multiple submission of user credential data in a system with multiple distinct restricted sub-systems wherein a unique credential is required for each sub-system.

Abstract: Embodiments of the present invention comprise systems, methods and devices for eliminating multiple submission of user credential data in a system with multiple distinct restricted sub-systems wherein a unique credential is required for each sub-system.

Abstract: Embodiments of the present invention comprise systems, methods and devices for eliminating multiple submission of user credential data in a system with multiple distinct restricted sub-systems wherein a unique credential is required for each sub-system.

Abstract: Systems and methods for displaying messages to a user, the messages having different levels of security, are provided herein. One method of displaying to a user messages having different levels of security includes receiving a message over a network includes examining an attribute of the message to determine a security-related level associated with the message. A visual indication for display to a device user is generated by the device. Such visual indication is indicative of the determined security-related level, and is configured to be visible during scrolling through a majority of the message text.

Abstract: An estimate of a portion of network traffic that is nonconforming to a communication transmission control protocol is used to signal that a distributed denial of service attack may be occurring. Traffic flows are aggregated and packets are intentionally dropped from the flow aggregate in accordance with an assigned perturbation signature. The flow aggregates are observed to determine if the rate of arrival of packets that have a one-to-one transmission correspondence with the dropped packets are similarly responsive to the perturbation signature. By assigning orthogonal perturbation signatures to different routers, multiple routers may perform the test on the aggregate and the results of the test will be correctly ascertained at each router. Nonconforming aggregates may be redefined to finer granularity to determine the node on the network that is under attack, which may then take mitigating action.

Abstract: A copy-protected compact disc includes, within a single session, a table of contents (TOC) and a Video CD index (VI). Each track (T) is prefaced by unrecoverable data (UD) at a track start position (ATOC) indicated by the table of contents (TOC). However, the Video CD index (VI) indicates the actual position (AP) of the tracks. DVD players use the Video CD index (VI) to locate the tracks, while CD-ROM drives use the table of contents (TOC) and read the unrecoverable data (UD), which prevents them from reading the subsequent track (T). The unrecoverable data (UD) may be prefaced by data pointers (DP) which cause the CD-ROM drive to load a player program in response to the error condition. The player program can be used to play the tracks (T), but restricts copying. Subchannel data (P; DX) causes audio CD players to ignore the Video CD index (VI) and the unrecoverable data (UD), and to play the tracks (T) at their actual start positions (AP).

Abstract: In one embodiment, the present invention includes a method for executing an application to perform voice over Internet protocol (VoIP) telephony, requesting a hardware key from a line interface device, comparing the hardware key to a software key associated with the application, and enabling the VoIP telephony if the keys match.

Abstract: A system for binding a subscription-based computer to an internet service provider (ISP) may include a binding module and a security module residing on the computer. The binding module may identify and authenticate configuration data from peripheral devices that attempt to connect to the computer, encrypt any requests for data from the computer to the ISP, and decrypt responses from the ISP. If the binding module is able to authenticate the configuration data and the response to the request for data from the ISP, then the security module may allow the communication between the computer and the ISP. However, if either the configuration cycle or the response cannot be properly verified, then the security module may degrade operation of the computer.

Abstract: A transmitting node produces synchronization data to be inserted into plain text and encrypts the thus generated data into multi-valued data so as to transmit the data. The synchronization data indicates the position of a running key used for encryption. A receiving node decrypts a signal including the synchronization data using the running key and detects the synchronization data from the signal to confirm synchronization of the running key between transmitting and receiving nodes. Then, the receiving node transmits a synchronization confirmation signal to the transmitting node. If the transmitting node does not receive the synchronization confirmation signal, it determines that synchronization of the running key is shifted, and re-synchronization is performed. To perform re-synchronization, a running key ahead of the position of the running key associated with synchronization data that has been stored is generated.

Abstract: Exchanging information in a multi-site authentication system. A network server receives, from an authentication server, a request by a client computing device for a service provided by the network server along with an authentication ticket. The authentication ticket includes: a session key encrypted by a public key associated with the network server, message content encrypted by the session key, and a signature for the encrypted session key and the encrypted message content. The signature includes address information of the network server. The network server identifies its own address information in the signature to validate the signature included in the authentication ticket and verifies the authentication ticket content based on the signature included in the authentication ticket. The network server decrypts the encrypted session key via a private key associated with the second network server and decrypts the encrypted message content via the decrypted session key.

Abstract: A device control apparatus, comprising a processor for storing first key information, a memory section for storing encrypted second key information which is obtained by encrypting second key information such that the second key information is able to be restored through decryption using the first key information, and an interface section for carrying out authentication using the second key information when an access instruction requiring access to a device is given by the processor, and for controlling the access to the device based on the access instruction when the authentication is established.

Abstract: A proxy (e.g., a switch) resides in a respective network environment between one or more clients and multiple servers. One purpose of the proxy is to provide the clients a unified view of a distributed file system having respective data stored amongst multiple remote and disparate storage locations over a network. Another purpose of the proxy is to enable the clients retrieve data stored at the multiple servers. To establish a first connection between the proxy and a respective client, the proxy communicates with an authentication agent (residing at a location other than at the client) to verify a challenge response received from the client. When establishing a set of second connections with the multiple servers, the proxy communicates with the authentication agent to generate challenge responses on behalf of the client. The proxy facilitates a flow of data on the first connection and the set of second connections.

Abstract: A system for granting access to resources includes a client machine, a collection agent, a policy engine, and a broker server. The client machine requests access to a resource. The collection agent gathers information about the client machine. The policy engine receives the gathered information and assigns one of a plurality of levels of access responsive to application of a policy to the received information. The broker server establishes, responsive to the assigned level of access, a connection between the client machine and a computing environment providing the requested resource, the computing environment provided by a virtual machine.