Abstract: Provided are a method of updating firmware of a device, a device, and a mobile system including the device. The method includes: receiving, from a host, a first hash value and a signature, the first hash value corresponding to a firmware image at the host; performing a pre-verify operation for at least one of integrity verification and signature certification on the firmware image using the received first hash value and the received signature; receiving the firmware image from the host according to a result of the pre-verify operation; and obtaining a second hash value from the received firmware image to perform a post-verify operation for at least one of integrity verification and signature certification on the received firmware image.

Abstract: A method and apparatus for dynamically updating settings of an electronic mail client of a client device is disclosed. In one embodiment, as the client device moves to different network environments, the settings of the electronic mail client are automatically updated to account for each network's characteristics and operational requirements. In another embodiment, the settings of the electronic mail client are automatically updated to account for changes (e.g., upgrades) at a particular server. The settings can be updated based on network information or server information from received from another device.

Abstract: Systems, methods, and use-cases of multi-modal authentications and content distribution are presented. A content consumer can capture a multi-modal digital representation of multiple objects where a juxtaposition of features derived from the digital representation can be used to recognize that at least some of the objects are a valid authentication object. Upon authentication, an authentication agent determines a content access level for content associated with the corresponding to the juxtaposition. The content can then be presented on an electronic device, possibly within a secure virtual machine, according to the content access level.

Abstract: Aspects of the present disclosure involve systems and methods for detecting a potentially fraudulent access of a collaboration conferencing system on a telecommunications network and executing a corrective action in response to the detected access attempt. In some instances, the corrective action includes denying access to the collaboration system when the fraudulent access attempt occurs. In other instances, the corrective action includes providing a warning to the caller, rerouting the communication to another system within the network, or reporting and storing of the fraudulent attempt. To detect the possible fraudulent access attempt, a device may detect more than one fraudulent access attempt to the collaboration conferencing system and determine a pattern. With the pattern of attempts known, the system accesses a database to determine if a valid account is likely to be accessed by the fraudulent attempts and takes actions to prevent access to the valid account.

Abstract: [Problem] To provide a user authentication technology whereby hacking of a system by a third party is effectively prevented. [Solution] The present invention is a user authentication method and system, wherein: an information communication terminal allocates numerals, etc., which configure a token code which is generated by time synchronizing with an authentication system side to each cell which configures a user's password derivation pattern, and displays upon a user interface a personal identification table whereupon numerals, etc., are allocated which have been randomly generated with other cells; the user, with reference to the personal identification table, selects the numerals, etc., which are allocated to each cell which configures the user's password derivation pattern, and inputs same as a password; and the authentication system carries out an authentication determination upon the inputted password on the basis of the generated time synchronized token code.

Abstract: An approach is described of facilitating resolution of a human authentication test. The approach may facilitate user completion of a human authentication test having at least one image while preserving security against bots. A method pertaining to such approach may include facilitating scanning of at least one image of a human authentication test from an interface of a client application. The human authentication test may be received from an image server of an authentication server system for display via the interface of the client application. The at least one image may be scanned via an image capture device. The method further may include sending to an authentication server of the authentication server system the at least one image. The method further may include receiving from the authentication server authentication text corresponding to the at least one image and displaying the authentication text.

Abstract: Systems, methods and computer readable medium for training a risk rating system for assessing a risk of a mobile application are disclosed. One or more features representing operational characteristics of mobile applications and malware are extracted. A first learning classifier and a second learning classifier are trained using the extracted features. A machine learning risk rating model is generated, based on the combination of the first learning classifier and the second learning classifier to calculate a risk rating based on the features and a correlation of the features. Systems, methods, and computer readable medium for assessing a risk for a mobile application are also disclosed. One or more features of a mobile application are extracted. A learning classifier is applied to the extracted features. A risk rating is determined based on the result of the classifier.

Abstract: The present application discloses a method and a device for scanning virus. The method for scanning virus comprises: ascertaining first scanning items in a client based on a determination to perform an intelligent scan; scanning the first scanning items at a first scanning speed; and scanning second scanning items in the client at a second scanning speed based on the client satisfying a first switching condition, the second scanning items are all remaining items except the first scanning items in the client, wherein the first scanning speed is higher than the second scanning speed. According to the scheme of the present application, adverse effects of virus scanning on a user's normal operation on and use of the client can be reduced.

Abstract: A method for data processing comprises: S100. if a to-be-sent email needs to be saved cryptographically or sent cryptographically, automatically converting a main body of the mail into an html file, the html file including an attachment link for linking a mail attachment; S200. compressing a filename of the html file and a filename of the mail attachment into a new html filename and a new mail attachment name using a first open source algorithm based on a first password preset between a sender and a recipient, thereby obtaining a renamed html file and a renamed mail attachment; S300. compressing the renamed html and the renamed mail attachment using a second open source algorithm based on a second password preset between the sender and the recipient, thereby obtaining a compressed file; and S400.

Abstract: API calls made by a code sample executing in an emulator are analyzed. Specific ones of the analyzed API calls are classified as meeting a threshold level of suspicion of being made by malware. In response to a specific API call being classified as meeting the threshold, a range of memory before and after the return address of the classified API call is copied to a buffer that is not accessible to the code sample. The copied range of memory in the buffer that is not accessible to the code sample is scanned, and a signature corresponding to the code sample is generated. The generated signature can be used for signature based malware detection, in order to detect one or more instances of malware. In response to detecting malware, one or more security actions can be performed.

Abstract: Example techniques facilitate for applying a share restriction to a curated playlist within a shared playback queue. In example implementations, a first media playback system may share its playback queue with a second media playback system. The playback queue of the first media playback system may include a curated playlist associated with a share restriction. When sharing its playback queue of the first media playback system, the first media playback system may enforce the share restriction on the curated playlist as queued in a second playback queue of the second media playback system.

Abstract: Methods and systems for selective encryption and secured extent quota management for storage servers in cloud computing are provided. A method includes associating at least one secure storage disk and at least one non-secure storage disk to a virtual disk, and associating the virtual disk to an application to allow access of the at least one secure storage disk and the at least one non-secure storage disk. The method further includes accessing the at least one secure storage disk and the at least one non-secure storage disk based on the associating of the virtual disk to the application, to write or read confidential and non-confidential data associated with the application into a respective one of the at least one secure storage disk and the at least one non-secure storage disk.

Abstract: Methods and systems are provided for populating user related information, such as in forms at web sites. For example, a method can include providing a web site with information about a user during the front end of accessing the web site by the user. The information can be used to facilitate use of the web site by the user. A system for facilitating access of a web site by a user can comprise an ID provider that is configured to receive a request from a web site for information regarding a user, request information regarding the user from an information provider, and forward the information to the web site. By providing such information to the web site, log on, sign in, and/or registration with a web site can be done quickly, conveniently, and in a manner that is substantially less prone to errors.

Abstract: A technique for secure network storage includes generating, by a trusted execution environment in a first device, an encryption key and a certificate for a document, wherein the certificate comprises expiry information for the document and the encryption key, encrypting, by a general execution environment in the first device, the document with the encryption key, transmitting the encryption key to a remote key manager, and transmitting the document to a remote network storage device, wherein a second device is allowed to decrypt the document based on the expiry information.

Abstract: A system for secure commingling of tenant isolated data includes a commingling storage unit, an interface, and a processor. The interface is configured to receive an indication of tenant data to be commingled. The processor is configured to determine one or more instances of sensitive data included in the tenant data, and indicate to transfer the tenant data to be stored in the commingling storage unit without transferring the one or more instances of sensitive data.

Abstract: A method for mitigating intrusions to a mobile operating system (OS) that begins with the instantiation of secure services and corresponding data in secure service partitions by a secure multivisor running on a mobile device running a secure real-time operating system (RTOS). One of the secure services can be a biometric security service having corresponding biometric data defining a user's identity. The secure multivisor can instantiate a user space partition running a virtual machine with a guest OS having installed client software applications. When the virtual machine, a client software application, or a user requests interaction with the secure RTOS that meets a predefined privilege threshold, the biometric security service can determine the biometric identity of the user. When the determined biometric identity of the user matches a required biometric identity of the interaction, the biometric security service can allow the interaction with the secure RTOS.

Abstract: A user authentication apparatus includes an electrocardiogram (ECG) waveform acquirer configured to acquire an authentication ECG waveform of a user to authenticate the user; a filter configured to filter the authentication ECG waveform using a Kalman filter by applying a reference model parameter extracted from a reference ECG waveform to the Kalman filter; and an authenticator configured to compare the filtered ECG waveform and the reference ECG waveform, and determine whether the filtered authentication ECG waveform corresponds to the reference ECG waveform based on a result of the comparing.

Abstract: Various technologies described herein pertain to delivering shared WiFi credentials. According to various embodiments, at least one server computing device is configured to transmit shared WiFi credentials to a mobile device. The at least one server computing device receives a request, where the request includes data that identifies the mobile device. Moreover, the request indicates that the mobile device desirably receives credentials for a shared WiFi network. Responsive to receiving the request, the at least one server computing device determines that the mobile device is authorized to receive the credentials for the shared WiFi network based at least in part upon the data that identifies the mobile device. Moreover, the at least one server computing device transmits the credentials for the shared WiFi network to the mobile device responsive to determining that the mobile device is authorized to receive the credentials for the shared WiFi network.

Abstract: The present application provides a method and system for detecting malicious web addresses. The method includes: receiving a uniform resource locator (URL) reported by a user; acquiring a HyperText Transfer Protocol (HTTP) request chain associated with the URL, wherein the HTTP request chain is a sequential linked list including information about multiple HTTP request-response interactions during an access to the URL; and analyzing the HTTP request chain to determine whether the URL is a malicious web address. The technical solution of the present application can provide an accurate result of malicious web address detection, can detect various newly emerging malicious web addresses, and are user-friendly. The user only needs to upload the URL and does not need to provide any other information.

Abstract: A secure channel is generated using a third party to the channel. A first secure channel between two computer systems is established. The first secure channel is used to relay information about a third party. The third party provides security parameters for a second secure channel to enable the two computer systems to communicate over a second secure channel.