Abstract: A prevention device for operating a vehicle running record is provided. The device includes a cluster controller that is configured to convert a received and stored accumulated running distance of the vehicle from a cluster of the vehicle to generate a plurality of different distributed secret pieces. In addition, a plurality of other controllers are configured to receive and store each of the plurality of distributed secret pieces from the cluster controller.

Abstract: System devices include network interfaces to communicate with user devices associated with a user, memories for storing instructions to be executed by processors, and the processors. The processors are configured to execute the instructions to receive, from a first user device, among the user devices, a request for content; initiate an upload of the requested content to the first user device in response to the request; receive a request for a license key from the first user device in response to the initiation of the upload; determine whether a number of concurrent sessions with the user devices exceeds a maximum number; and send the license key to the first user device when the processors determine that the number of concurrent sessions does not exceed the maximum number.

Abstract: Disclosed is a system and method for managing web services. The described exemplary system and method provides an infrastructure for managing various aspects of publishing and using web services, such as logging, security, monitoring, SLA management, service level metrics and notification.

Abstract: Systems, methods, and apparatus for authenticating a device via an out of band personal area network are disclosed. In one aspect, a wireless charger includes a power transmitter configured to transmit power wirelessly to charge a charging device. The wireless charger further includes an out of band transmitter configured to transmit an authentication request to authenticate the charging device. The wireless charger further includes a receiver configured to receive an authentication response based on the transmitted authentication request. The wireless charger further includes a processor configured to adjust an amount of power wirelessly transmitted to the charging device based on whether the authentication succeeds or fails.

Abstract: A framework, which conforms to the OAuth standard, involves a generic OAuth authorization server that can be used by multiple resource servers in order to ensure that access to resources stored on those resource servers is limited to access to which the resource owner consents. Each resource server registers, with the OAuth authorization server, metadata for that resource server, indicating scopes that are recognized by the resource server. The OAuth authorization server refers to this metadata when requesting consent from a resource owner on behalf of a client application, so that the consent will be of an appropriate scope. The OAuth authorization server refers to this metadata when constructing an access token to provide to the client application for use in accessing the resources on the resource server. The OAuth authorization server uses this metadata to map issued access tokens to the scopes to which those access tokens grant access.

Abstract: Aspects of the present disclosure relate to a method, a system, and a computer program product for validating a location resource, e.g., a hyperlink, embedded in a message for one or more recipients. The method includes receiving, by a computing node in a distributed computing environment and from a messaging application on a remote client computer, an identifier of a user profile and a location resource. The location resource is embedded in a message and that indicates a path to a computing resource outside of the remote client computer. The method also includes querying a repository in the distributed computing environment to obtain access permission information about the location resource. The method also includes determining, based upon the access permission information about the location resource, whether the user profile has access permission for the location resource.

Abstract: A system and apparatus for enhancing the functionality and utility of an authentication process for web applications is disclosed.

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for wireless data protection utilizing cryptographic key management on a primary device and a backup device. A system encrypts a file with a file key and encrypts the file key twice, resulting in two encrypted file keys. The system encrypts each file key differently and stores a first file key on the primary device and transmits one of the encrypted file keys in addition to the encrypted file to a backup device for storage. On the backup device, the system associates the encrypted file key with a set of backup keys protected by a user password. In one embodiment, the system generates an initialization vector for use in cryptographic operations based on a file key. In another embodiment, the system manages cryptographic keys on a backup device during a user password change.

Abstract: Cryptographic methods are used at the application level, unlike known methods using point-to-point connections that can only be sufficiently secured at the transport level. Integrity protection and confidentiality protection of data are implemented at the application level for use in network technology.

Abstract: Disclosed is an apparatus for tamper protection of an application which includes: an input unit that receives codes to be used for an application; a code separator that separates the inputted codes into sensitive codes requiring application tamper protection and general codes including sensitive method calling routine for calling the sensitive codes by analyzing the input codes; an encoder that encrypts the sensitive codes and inserts the address of an sensitive code connector storing the address information of the sensitive codes; a controller that converts the sensitive method calling routine to be able to call dummy codes by inserting the dummy codes to the general codes, inserts vector table generator, to the sensitive codes, and insert a sensitive method calling routine converter, to the sensitive codes; and a code combiner that creates the application by combining the general codes and the sensitive codes.

Abstract: A user may access a subscription-based service via a system comprising one or more devices with one or more separate domains where each domain may be owned or controlled by one or more different local or remote owners. Each domain may have a different owner, and a remote owner offering a subscription-based service may have taken ownership of a domain, which may be referred to as a remote owner domain. Further, the user may have taken ownership of a domain, which may be referred to as a user domain. In order for the user to access the subscription-based service, registration and credential roll-out may be needed. An exemplary registration and credential roll-out process may comprise registration of the user, obtaining credentials from the remote owner and storing the credentials.

Abstract: In some embodiments, techniques for computer security comprise preventing and/or mitigating identity theft such as phishing.

Abstract: A system for automatically collecting and analyzing crash dumps to determine if a security exploit was unsuccessful and generating a report.

Abstract: Described herein is technology for restoring access to a user account. In particular, systems and methods for account recovery using a platform attestation credential are described. In some embodiments, the platform attestation credential is generated by an authentication device in a pre boot environment. A first copy of the platform attestation credential may be bound by an account management system to a user account. Access to the user account may subsequently be restored using a second copy of the platform attestation credential.

Abstract: A method and apparatus for reducing unauthorized access of an information stream. The information stream is received at a node along a path to a destination node. The information stream comprises information bits and quantum bits that are interspersed with each other. A portion of the quantum bits are examined at the node along the path. An occurrence of unauthorized access to the information stream is indicated when an original entangled state of the portion of the quantum bits is absent.

Abstract: The present invention relates to a technique which provides a function of compressed encryption large pieces of plaintext information in a single ciphertext in order to improve a space efficiency of the encryption data which occupies most of a storage space to design an efficient SHE technique which is a base of the FHE technique design. More specifically, the present invention relates to a technique which is designed to improve a structure in which only one bit is encrypted/decrypted in the technique of the prior art to encrypt/decrypt multiple bit information to improve the space efficiency for storing a ciphertext.

Abstract: Disclosed herein are methods, systems, and software for handling secure transport of data between end users and content serving devices. In one example, a method of operating a content server includes identifying a content request from an end user device. The method further includes, responsive to the user request, determining a transmission control protocol window size and a secure layer protocol block size. The method also provides scaling the secure layer protocol block size to match the transmission control protocol window size, and transferring secure layer protocol packets to the end user device using the scaled secure layer protocol block size.

Abstract: This disclosure facilitates managing lost devices. In some embodiments, a system receives a first device type from a first agent on a first device, and a different second device type from a second agent on a second device. The system receives a first group associated with the first device and a different second group associated with the second device. The system determines that the first device and the second device are lost and accesses a database storing first and second configuration classes associated with the first and second devices, respectively. The system creates first and second device-dependent classes based on the first and second device types and the first and second configuration classes, respectively. The system melds the first device-dependent class into a first melded profile and the second device-dependent class into a second melded profile, using the respective groups, and applies the melded profiles to the corresponding device.

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for implementing real-time transport control protocol to obtain an end-to-end encryption and security status of a communication session. The system collects real-time transport control protocol messages associated with a communication session, wherein the real-time transport control protocol messages are generated by devices in the communication session, and wherein the real-time transport control protocol messages include security information associated with the communication session. Then, based on the real-time transport control protocol messages, the system determines a security status associated with the communication session. The system can also generate an indication of the security status associated with the communication session. Further, the system can generate an indication of the security status of a communication session on a per participant basis.

Abstract: Systems and methods are provided for password reset. For example, a first server receives a request operation instruction from a user terminal, wherein the request operation instruction includes account information and identity information; the first server determines whether to permit password reset for a first account indicated by the account information; in response to the password reset for the first account being permitted, the first server authenticates the account information and the identity information; if the authentication of the account information and the identity information is successful, the first server processes the request operation instruction and sends a password reset prompt to the user terminal; the user terminal receives the password reset prompt and sends to the first server password information set by a user in response to the password reset prompt; and the first server sends to a second server a password reset request that carries the password information.