Abstract: The gathering of content (such as a file) from a variety of different sources. Rather than provide the whole content, a given one of the sources instead provides only a portion of the information represented by the content. The source also provides a share of, but not the entirety of, the shared secret that will be used to decode. For instance, in one embodiment, the source might encode only a portion of the content using the shared key, and then transmit the encoded portion. As an alternative, the source might encode the entire content, and then transmit a portion of that encoded content. Thus, the transmitter has security with their private content, while still allowing widely available content to be transferred for the benefit of the greater whole.

Abstract: A portion of text associated with a message intended for a group of recipients is encrypted at a computing device. The portion of text may include less than an entirety of the message. Access to the portion of text may be restricted for a first subset of the group of recipients and allowed for a second subset of the group of recipients.

Abstract: Techniques are disclosed for identifying an unauthorized device in a network environment that comprises a plurality of heterogeneous devices. In some embodiments, tests may be performed about a device, using information provided by the device, information about the device obtained from a neighboring device, or information about a placement of the device within a network topology. These tests may be used to determine whether a device is unauthorized for the network.

Abstract: Methods and systems for performing electronic transactions using dynamic password authentication involve, for example, sending, using a backend processor, a unique random or pseudorandom character string to the user's mobile device processor. Thereafter, also using the backend processor, a user identifier and a challenge string consisting at least in part of the user identifier and the random or pseudorandom character string encrypted with a unique encryption key may be received from the user's mobile device processor. Using the backend processor, a cipher input consisting at least in part of the user identifier and the random or pseudorandom character string is encrypted with the unique encryption key. The received encrypted challenge string is authenticated if the received encrypted challenge string matches the encrypted cipher input.

Abstract: Systems and methods for evaluation of events are provided. A user-specific reference baseline comprising a set of temporally-ordered sequences of events. An event of a sequence of events in a current session is received. A determination is made as to whether the event at least partially matches the reference baseline using an attribute of the event and a temporal position of the event within the sequence of events in the current session.

Abstract: A server system for implementing a distributed cryptographic protocol includes a machine management server which comprises a current virtual machine configured to implement the protocol using a set of communication keys and state information for the protocol. The system further includes a memory and a refresh server. The system is configured, for each of successive new time periods in operation of the protocol, to perform a refresh operation wherein: the refresh server retrieves the state information from the memory, generates a new set of communication keys, and sends the state information and new set of keys to the machine management server; the machine management server configures a new virtual machine for implementing the protocol, whereby the new virtual machine receives the new set of keys and state information sent by the refresh server; and the new virtual machine assumes operation as the current virtual machine for the new time period and stores state information for that time period in the memory.

Abstract: An electric system including a first wireless apparatus, a display apparatus and a second wireless apparatus is provided. A first information is encrypted to be a first encrypted information and sent wirelessly by the first wireless apparatus. The display apparatus includes a display unit and a wireless communication unit electrically connected to the display unit. The wireless communication unit receives the first encrypted information and cause the display unit to display a first representative information corresponding to the first encrypted information. The first representative information and the first encrypted information are different. The second wireless apparatus reads the first encrypted information by the wireless communication unit, and the first encrypted information is decrypted to be the first encrypted information by the second wireless apparatus.

Abstract: A computing system includes: a control unit configured to: determine a protocol profile including a first protocol and a second protocol for communicating between a first device and a second device, generate a unified-protocol privacy mechanism for a privacy protection scenario, the unified-protocol privacy mechanism based on combining the first protocol and the second protocol; and a communication unit, coupled to the control unit, configured to communicate content information according to the unified-protocol privacy mechanism between the first device and the second device.

Abstract: Avoiding encryption in a deduplication vault. In one example embodiment, a method may include analyzing an allocated plain text block stored in the source storage to determine if the block is already stored in the deduplication storage, in response to the block not being stored, encrypting the allocated plain text block and analyzing the encrypted block to determine if the encrypted block is already stored in the deduplication storage, analyzing a second allocated plain text block stored in the source storage to determine if the block is already stored in the deduplication storage, in response to the block already being stored, avoiding encryption of the second allocated plain text block by not encrypting the second allocated plain text block and instead associating the location of the second allocated plain text block in the source storage with the location of the duplicate block already stored.

Abstract: A system that incorporates the subject disclosure may perform, for example, receiving an over-the-air programming message that is utilizing a hypertext transfer protocol where the over-the-air programming message including programming data for use by the mobile communication device, converting the over-the-air programming message to a short message service transport protocol to generate an adjusted message that includes the programming data, and providing the adjusted message to a universal integrated circuit card of the mobile communication device via a baseband proxy operating in a device processor of the mobile communication device. Other embodiments are disclosed.

Abstract: Techniques for efficient and effective malicious content detection in plural versions of a software application are described herein. According to one embodiment, multiple versions of a software application are concurrently within a virtual machine (VM) executed within a data processing system. For each of the versions of the software application, a corresponding one of the versions is invoked to access a malicious content suspect within the VM without switching to another VM. The behaviors of each of the versions of the software application in response to the malicious content suspect is monitored to detect anomalous behavior indicative of malicious content in the malicious content suspect during execution of any of the versions of the software application. The detected anomalous behaviors, and, associated therewith, a version number corresponding to each of the versions of the software application whose execution resulted in the anomalous behavior are stored.

Abstract: A manageability engine (ME) receives an authentication response from a user during pre-boot authentication and registers the user with a key distribution center (KDC), indicating that the user has successfully authenticated to the PC. The KDC supplies the ME with single-sign-on credentials in the form of a Key Encryption Key (KEK). The KEK may later be used by the PC to obtain a credential used to establish secure access to Enterprise servers.

Abstract: Systems and methods for securing or encrypting data or other information arising from a user's interaction with software and/or hardware, resulting in transformation of original data into ciphertext. Generally, the ciphertext is generated using context-based keys that depend on the environment in which the original data originated and/or accessed. The ciphertext can be stored in a user's storage device or in an enterprise database (e.g., at-rest encryption), or shared with other users (e.g., cryptographic communication). Use of context-based encryption keys enables key association with individual data elements, as opposed to public-private key pairs, or use of conventional user-based or system-based keys. In scenarios wherein data is shared by a sender with other users, the system manages the rights of users who are able to send and/or access the sender's data according to pre-defined policies/roles.

Abstract: Systems and methods for securing or encrypting data or other information arising from a user's interaction with software and/or hardware, resulting in transformation of original data into ciphertext. Generally, the ciphertext is generated using context-based keys that depend on the environment in which the original data originated and/or accessed. The ciphertext can be stored in a user's storage device or in an enterprise database (e.g., at-rest encryption), or shared with other users (e.g., cryptographic communication). Use of context-based encryption keys enables key association with individual data elements, as opposed to public-private key pairs, or use of conventional user-based or system-based keys. In scenarios wherein data is shared by a sender with other users, the system manages the rights of users who are able to send and/or access the sender's data according to pre-defined policies/roles.

Abstract: A first circuit representation of a given function is obtained at a first processing device. The given function comprises at least two computer programming switch statement clauses. A second circuit representation is generated at the first processing device from the first circuit representation wherein the at least two computer programming switch statement clauses are respectively represented by at least two tree circuits that are embedded in the second circuit representation such that the second circuit representation is characterized by a given cost (e.g., a minimum cost). The second circuit representation is encrypted at the first processing device, and sent to a second processing device for secure evaluation of the given function by the second processing device.

Abstract: An improved technique involves analyzing a system configuration upon a system boot and sending the configuration to a system configuration database that provides configuration details for enabling features of a software package. Such configuration details take the form of configuration parameters having values that may include, for example, an amount of RAM installed in the system, or the operating system used. The configuration database stores values of these parameters in a persistent store and makes these values available to the system when a software package is launched. At this point, the system accesses the database and obtains the values of the configuration parameters. The system uses these values to determine whether to activate particular features of the software package.

Abstract: Methods, computer program products, and systems are presented and can include for instance: crowdsourcing data from a plurality of users via a computer network, the data including feedback data regarding digital rights click through documents, wherein each of the users is a party to at least one of the digital rights click through documents; storing the data obtained by the crowdsourcing into a digital rights history repository; examining a digital rights click through document of a certain user, wherein the digital rights click through document controls access to a digital asset, wherein the examining includes using at least a portion of the feedback data of the digital rights history repository; and augmenting content of the digital rights click through document based on a result of the examining.

Abstract: An information processing apparatus determines, in response to acceptance of an edit of a file including a plurality of setting items, whether or not the information processing apparatus supports a version corresponding to the plurality of setting items included in the file. In the case of determining that the information processing apparatus supports the version, the information processing apparatus displays an edit screen of the file on a display unit of the information processing apparatus. In the case of determining that the information processing apparatus does not support the version, the information processing apparatus displays the edit screen of the file on the display unit of the information processing apparatus, using edit screen data for a display process by a network device that supports the version.

Abstract: Methods, systems, and computer program products for preventing sharing of sensitive information through code repositories are provided herein. A method includes detecting one or more items of sensitive information in a check-in associated with a given user in a shared version management system; automatically refactoring the one or more items of sensitive information in the check-in by externalizing the one or more items of sensitive information as an encrypted file; and upon acceptance by the user of one or more changes to the check-in, automatically (i) decrypting the encrypted file using one or more code repository credentials associated with the given user, and (ii) incorporating the one or more items of sensitive information into the check-in.

Abstract: Methods, systems and devices for multi-factor authentication (MFA) are described. An MFA device includes a plurality of tiles, a frame to hold the tiles and a stylus movable over the frame and the tiles. Each of the tiles includes at least one of visible indicia and tactile indicia, for representing a notation, and at least one track of acoustic code generation indicia. The acoustic code generation indicia of each tile, on being swiped, generate a complex sound waveform that encodes a composite binary pattern. The composite binary pattern comprises information blocks including a device identifier block for a device identifier associating the MFA device with a user, a biometric block for at least a part of a biometric pattern of the user, and a data block for the notation of the corresponding tile.