Abstract: Disclosed is a novel system, computer program product, and method for allowing access to an application on a handheld device. This is also known as logging on or password entry. The method begins with detecting a change in at least one of orientation and position of a handheld device relative to a given plane. At least one of a keyboard, a touch screen, a gesture, and voice recognition engine input is received. Based on a combination of the at least one of orientation and position of the handheld and the user input received matching a previously stored value, unlocking access to an application running on the handheld device. The detecting of the change in orientation or position or both can occur simultaneously with the user input or previous to the user input or after the user input.

Abstract: A request handler may receive an access request for access to application server resources of an application server and determine that the access request is unauthorized. A response manager may provide a false positive response including apparent access to the application server resources.

Abstract: A set of security claims for a communication channel are obtained, the set of security claims including one or more security claims each identifying a security characteristic of the communication channel. The security claims are stored, as is a digital signature generated over the set of security claims by an entity. The security claims and digital signature are subsequently accessed when a computing device is to transfer data to and/or from the communication channel. The set of security claims is compared to a security policy of the computing device, and the entity that digitally signed the set of security claims is identified. One or more security precautions that the computing device is to use in transferring data to and/or from the communication channel are determined based at least in part on the comparing and the entity that has digitally signed the set of security claims.

Abstract: A wireless communication apparatus may include a first module that stores a first key used to encrypt and decrypt communication contents, a second module that stores a second key used to encrypt and decrypt the first key, the first key being encrypted in accordance with a public key encryption scheme, and a connection bus that connects the first module and the second module to each other Each of the first module and the second module may include an encryption processing unit that encrypts and decrypts information, which is transmitted and received via the connection bus, by using a third key that is different from the first key and the second key.

Abstract: Systems and methods provide a storage media on a portable physical object associated with a set of credentials that enables access to a set of computing resources associated with a set of Web services. In some embodiments, information including a set of credentials is prepackaged onto the storage media of the portable physical object. A pre-activated subscription to the set of Web services in a distributed system is provisioned. Access to the set of Web services is enabled when the portable physical object is coupled with a computing device and the set of credentials is authenticated. In some embodiments, the portable physical object is purchased by a user on a prepaid basis without requiring the user to register an account with the set of Web services, allowing the user to remain anonymous with respect to interaction with the set of Web services.

Abstract: A method for establishing a security association between a client and a service node for the purpose of pushing information from the service node to the client, where the client and a key server share a base secret. The method comprises sending a request for generation and provision of a service key from the service node to a key server, the request identifying the client and the service node, generating a service key at the key server using the identities of the client and the service node, the base secret, and additional information, and sending the service key to the service node together with said additional information, forwarding said additional information from the service node to the client, and at the client, generating said service key using the received additional information and the base key. A similar approach may be used to provide p2p key management.

Abstract: In one embodiment, a method includes receiving, for a user, first user authentication information for a first authentication method and receiving, for the user, second user authentication information for a second authentication method. The second authentication method is different from the first authentication method. Upon authenticating the first user authentication information and the second user authentication information, the method moves a subset of data stored on a back-end storage device to a front-end storage device. The front-end storage device is directly connected to the user via a network and the back-end storage device not being directly connected to the network. The method then allows access to the subset of data for a period of time, wherein after the period of time expires, the subset of data is removed from the front-end storage device.

Abstract: A computer-implemented method may include maintaining a set of password-protection policies configured to prevent unauthorized access to a mobile device at different physical locations. The computer-implemented method may also include identifying a current physical location of the mobile device and searching a database that stores the set of password-protection policies for a particular password-protection policy that corresponds to the current physical location of the mobile device. The computer-implemented method may further include identifying, based on the search of the database, the particular password-protection policy that corresponds to the current physical location of the mobile device and then implementing the particular password-protection policy on the mobile device in response to the identification of the particular password-protection policy. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A method, system, and medium are provided for validating the identity or authority of a user of a wireless device to consent to providing geographic locations of their respective wireless device to a third-party application. Upon receiving a request to validate the authority of a user to consent to providing of geographic locations, the user is automatically redirected to a validation service portal. The validation service portal verifies the identity or authority of the user to consent by requiring the user to provide identification information. The identification information is compared to identification information in one or more databases to determine if the user has the authority to consent. An indication is provided by the validation service portal to the third-party application of whether the user has the authority to consent. The third-party application then initiates location-based services based on the indication.

Abstract: A device generates a content key that depends upon device security state information. For example, the device may retrieve a first content key and a security state, and then derive a content key using the first content key and the security state. Accordingly, if the security state is incorrect, then the generated content key is incorrect, and the device cannot decrypt content provided to the device.

Abstract: Technologies for wireless device authentication are disclosed.

Abstract: A system and method for generating a notification of privacy settings difference is disclosed. A request is received. A first set of privacy settings is received from a first social network, and a second set of privacy settings is received from at least one other social network. The first set of is compared to the second set. A difference between the first set and the second is detected, and a notification is generated. The notification includes an indication that a difference was detected. The notification is sent for display to the user. In one embodiment, the notification allows the user to request to view, or edit, the first set of privacy settings. In one embodiment, the notification sends the user to a webpage on the first social network where the first set is typically displayed and/or edited. In another embodiment, the notification displays the first set and/or receives the edits.

Abstract: Disclosed is a novel system, computer program product, and method for allowing access to an application on a handheld device. This is also known as logging on or password entry. The method begins with detecting a change in at least one of orientation and position of a handheld device relative to a given plane. At least one of a keyboard, a touch screen, a gesture, and voice recognition engine input is received. Based on a combination of the at least one of orientation and position of the handheld and the user input received matching a previously stored value, unlocking access to an application running on the handheld device. The detecting of the change in orientation or position or both can occur simultaneously with the user input or previous to the user input or after the user input.

Abstract: Configurations providing a non-zero threshold for verifying a root file system of an operating system stored on blocks of a boot storage are disclosed. In particular, the root file system is verified during a boot sequence for the operating system. For each block of the root file system of the boot storage, the subject technology verifies a respective block of the boot storage. A counter tracking a number of verification failures is incremented if the block fails verification. In some configurations, the subject technology determines whether the counter meets a predetermined non-zero threshold. If the counter meets the predetermined non-zero threshold, the root file system is marked as corrupted. A recovery mode for the operating system is then initiated. If the counter does not meet the predetermined non-zero threshold, the operating system is reset in order to verify the root file system during a subsequent boot sequence.

Abstract: A system and method for adjusting privacy protection for a user in a plurality of applications is disclosed. A privacy protection request is sent to a user device. In one embodiment, the request is displayed on user device in the form of a pop-up window. In another embodiment, the request is displayed in a privacy settings area. The privacy protection request includes a plurality of protection levels. Once a protection level is selected the protection level is sent back and received by the system. Privacy settings are adjusted according to the selected privacy protection level based on information stored in a master template. In some embodiments, the privacy protection level is translated to associated privacy settings. Once the privacy settings have been adjusted, the privacy settings are applied to a plurality of online applications associated with the user based on the privacy protection level selected.

Abstract: A private browsing function of a web browser application program may be triggered for a browser by a browser or by a URL provider. Upon receipt of the URI by a web browser, the URI is inspected for the presence of a private browsing indicator. When the URI is found to contain a private browsing indicator, operation of the private browsing function for the web browser application program is triggered.

Abstract: A method of booting an electronic device includes verifying communicable connection of a sender input/output terminal of the electronic device to a receiver input/output terminal of the electronic device, using a first boot loader executing on a computing processor of the electronic device. The method further includes reading a signature of a unique identifier of the electronic device from a removable storage device received by the electronic device, verifying the signature of the unique identifier of the electronic device, and allowing installation of a second boot loader on the electronic device when the signature is valid.

Abstract: A private browsing function of a web browser application program may be triggered for a browser by a browser or by a URL provider. Upon receipt of the URI by a web browser, the URI is inspected for the presence of a private browsing indicator. When the URI is found to contain a private browsing indicator, operation of the private browsing function for the web browser application program is triggered.

Abstract: A mobile computing device comprising a first application adapted to provide information to a server. The information is adapted to be shared by the server with at least one additional mobile computing device when the at least one additional mobile computing device is located within a specified range of the mobile computing device. Additionally, a password entered through a second application located on the additional mobile computing device may be required to correspond to a password received from the mobile computing device in order to share the information. Furthermore, the additional mobile computing device may be required to access the information within a specified time period.

Abstract: Content retrieval techniques are described. In an implementation, a determination is made as to whether a client is permitted to receive content requested by the client. When the client is permitted to receive the content, a communication is formed to be communicated via a wide area network that includes a hash list having a hash of each of a plurality of blocks of the content, each hash being configured to enable the client to locate a corresponding one of the blocks of the content via a local area network.