Abstract: A system and method for unified password processing is provided. According to an aspect, a device can receive a unified passcode. The unified passcode can be a passcode for unlocking access to the device, or can be the basis for generating additional passwords or both. The unified passcode can also be used for generating additional passcodes for unlocking additional features of the device. The generated passcodes can also be used for unlocking modules that are connected to a device such as a universal integrated circuit card (UICC). In cases where a generated passcode can be used to unlock a UICC, the generated passcode is converted to a personal identification number (PIN). The mobile interface to the UICC can be extended to include alphanumeric passwords, in addition to PINs.

Abstract: An information processing device manages the protection state of original data by long-term signature data in storage-target data obtained by combining the long-term signature data and the original data. Management information having a management-target value for each management item obtained from the storage-target data recorded therein is acquired. A management-target value of a predetermined management item is acquired from the acquired management information. The acquired management-target value is compared with a value acquired from the storage-target data or a value acquired from the outside to determine the state of management. A result corresponding to the determined state of management is outputted.

Abstract: There are provided a network security identification method, a client and system therefore. The method includes: prior to accessing network content corresponding to a uniform resource locator, judging, by a client, whether a cache stores a security state of the uniform resource locator; if the cache stores the security state of the uniform resource locator, acquiring, by the client, the security state of the uniform resource locator from the cache; if the cache does not store the security state of the uniform resource locator, sending, by the client, a request for accessing the network content corresponding to the uniform resource locator to a security detection server, and receiving the security state of the uniform resource locator returned by the security detection server; and determining, by the client according to the security state of the uniform resource locator, whether to access the network content corresponding to the uniform resource locator.

Abstract: An example includes intercepting one or more activities performed by an application on a computing device. The intercepting uses an instrumentation layer separating the application from an operating system on the computing device. The one or more activities are compared with one or more anomaly detection policies in a policy configuration file to detect or not detect presence of one or more anomalies. In response to the comparison detecting presence of one or more anomalies, indication(s) of the one or more anomalies are stored. Another example includes receiving indication(s) of anomaly(ies) experienced by an application on computing device(s) and analyzing the indication(s) of the anomaly(ies) to determine whether corrective action(s) should be issued. Responsive to a determination corrective action(s) should be issued based on the analyzing, the corrective action(s) are issued to the computing device(s). Methods, program products, and apparatus are disclosed.

Abstract: A long-term signature terminal acquires storage-target data and electronic signature data corresponding to the acquired storage-target data. The acquired electronic signature data is transmitted to a server, and electronic signature data having a time stamp applied thereto is received from the server. The received electronic signature data with the applied time stamp is combined with the acquired storage-target data to generate signed data. Verification information for verifying the validity of the electronic signature data having the time stamp is received from the server and applied to the signed data to generate first long-term signature data. Confirmation data for confirming unfalsification of the generated long-term signature data is generated and transmitted to the server, and the confirmation data having a time stamp applied thereto is received from the server.

Abstract: A single virtual machine is implemented upon a computer and an operating system executes within this virtual machine. A sample file suspected of being malware is received and any number of versions of the software application corresponding to the sample file are installed. Each version of the software application is executed within the operating system, each version opening the sample file. Behavior of each version and of the sample file is collected while each version is executing. A score indicating malicious behavior for each version with respect to the sample file is determined and reported. The versions may execute serially in the happening system, each version terminating before the next version begins executing. Or, all versions may execute concurrently within the operating system. Files and registries are hidden to facilitate installation. System information is changed to facilitate execution.

Abstract: An exemplary method includes an attack traffic mitigation system 1) identifying a range of ports left open by a firewall for a network element to receive network traffic provided by a computing device, 2) designating a subset of one or more ports included in the range of open ports as being included in a legitimate port range configured to receive legitimate network traffic provided by the computing device, and 3) directing the network element to drop network traffic provided by the computing device and received by each port included in the range of open ports that is not included in the legitimate port range. Corresponding methods and systems are also disclosed.

Abstract: Processing a query, includes, at a client, receiving a user-generated query having a plurality of recognizable terms, securing the user-generated query to generate an encrypted query, so that the plurality of recognizable terms generated by the user-generated query cannot be determined by a server, transmitting the encrypted query to the server, to perform the query on encrypted data comprising a mix of regular data and secure data previously provided by the client, wherein at least one of selection criteria of the query and identifies of selected records of the query result cannot be determined by the server, and interpreting a result of the query provided by the server, and providing an output of the query to the user having the plurality of recognizable terms.

Abstract: Example embodiments disclosed herein relate to determining a reputation of a network address. A long-term reputation of the network address is determined. A short-term reputation of the network address is determined based on the long-term reputation and trend information associated with the long-term reputation.

Abstract: A long-term signature system acquires electronic signature data for each of a series of pieces of original data, transmits the acquired electronic signature data to a predetermined server, and acquires a time stamp issued for the electronic signature data from the predetermined server. Verification information is acquired for verifying the electronic signature data and the time stamp from a predetermined server. Long-term signature target data for confirming unfalsification of the original data, the electronic signature data, the time stamp, and the verification information is acquired for each of the pieces of original data. The acquired long-term signature target data is transmitted to a predetermined server, and long-term signature data having an archive time stamp issued for the long-term signature target data applied thereto is acquired.

Abstract: The document access authorization violation detection apparatus detects, for each of documents, whether or not there is any violation in access authorization to access the document, by using statistical values calculated from duty position levels, which represents height levels of corresponding official positions of users who are authorized to access the document, or inter-organization distances, which are obtained by digitizing inter-organization positional removes from respective groups, to which the users belong, to a group whose member number is larger than any other one of the groups. As a result, the document access authorization violation detection apparatus makes it possible to efficiently detect whether or not there is any violation in access authorization with respect to each of documents.

Abstract: A history management unit within a discard determination unit manages transmission and reception packets related to a resource to be protected for each of users, and records communication history information for users high in use frequency through stateful measurement. A priority determination unit determines the priority of a communication on a per received packet basis on the basis of communication history information. A load determination unit determines a load level of the resource to be protected, and combines the load level with the priority of the communication determined on the per received packet basis. A discard rate determination unit and a packet discard unit implement forwarding processing, determine the priority of the communication on the per user basis, and discard communications low in the priority at a high ratio.

Abstract: A media processing device, such as a set top box, having a plurality of selectable hardware and software components for supporting multiple media pathways providing differing levels of security. In general, each security level corresponds to a particular certification service boundary definition(s) or key/authentication and security management scheme for managing resources such as hardware acceleration blocks and software interfaces. Different sets of components may be adaptively employed to ensure composited compliance with one or more security constraints and to address component unavailability. Security constraints may be applied, for example, on a source or media specific basis, and different versions of a media item may be provided over multiple pathways providing corresponding levels of security. In one embodiment, a service operator or content provider may provide requisite certification or security requirements, or otherwise assist in selection of pathway components.

Abstract: A method and an apparatus for authenticating location-based services without compromising location privacy, which comprises a comprehensive solution that preserves unconditional location privacy when authenticating either range queries using three authentication schemes for R-tree and grid-file index, together with two optimization techniques, or k-nearest neighbor queries using two authentication schemes for R-tree and Voronoi Diagram index.

Abstract: A system for security self-assessment for a computer platform. The system comprises a memory, a processor, and an application stored in the memory. When executed by the processor, the application in association with a call to action transmits security self-assessment logic and at least one security self-assessment policy to a computer platform, wherein the security self-assessment policy defines at least one scan tool to be used by the security self-assessment logic when executed on the computer platform to perform a security self-assessment of the computer platform. The system further comprises a plurality of scan tools stored in the memory and accessible for downloading by the computer platform. The security self-assessment logic is configured to cause a processor of the computer platform to download at least one scan tool defined by the security self-assessment policy and to perform a security self-assessment.

Abstract: Phishing is detected by creating a message transfer agent (MTA) map, with each point on the MTA map referencing an MTA. Points on the MTA map are connected based on a number of emails with same signature sent by MTAs represented on the MTA map. Reference MTA groups are identified from the map. Phishing is detected when an MTA sent an email with the same signature as that of emails sent by MTAs belonging to a reference MTA group but the MTA is not a member of the reference MTA group.

Abstract: Methods, software and devices for scoring privacy protection processes implemented by an organization are disclosed. Implementation metrics and evidence indicators are received from units of the organization. Implementation metrics represent extent of implementation of one of the privacy protection processes. Evidence indicators each identify an electronic document providing evidence of extent of implementation of one of the privacy protection processes. Each electronic document is associated with at least one of the implementation metrics for which it provides supporting evidence. For each particular privacy protection process, unit, applicable privacy protection rules are identified and a user interface is provided to facilitate assessing compliance of that organizational unit with applicable privacy protection rules. The user interface presents applicable privacy protection rules, implementation metrics, and the electronic documents associated with those implementation metrics.

Abstract: The object is to provide a secure functional encryption scheme having many cryptographic functions. An access structure is constituted by applying the inner-product of attribute vectors to a span program. The access structure has a degree of freedom in design of the span program and design of the attribute vectors, thus having a large degree of freedom in design of access control. A functional encryption process is implemented by imparting the access structure to each of a ciphertext and a decryption key.

Abstract: An example includes intercepting one or more activities performed by an application on a computing device. The intercepting uses an instrumentation layer separating the application from an operating system on the computing device. The one or more activities are compared with one or more anomaly detection policies in a policy configuration file to detect or not detect presence of one or more anomalies. In response to the comparison detecting presence of one or more anomalies, indication(s) of the one or more anomalies are stored. Another example includes receiving indication(s) of anomaly(ies) experienced by an application on computing device(s) and analyzing the indication(s) of the anomaly(ies) to determine whether corrective action(s) should be issued. Responsive to a determination corrective action(s) should be issued based on the analyzing, the corrective action(s) are issued to the computing device(s). Methods, program products, and apparatus are disclosed.

Abstract: A graphics processing unit (GPU) is configured to access a first memory unit according to one of an unsecure mode and a secure mode. The GPU may include a memory access controller configured to allow the GPU to read data from only an unsecure portion of the first memory unit when the GPU is in the unsecure mode, and configured to allow the GPU to write data only to a secure portion of the first memory unit when the GPU is in the secure mode.