Abstract: A computer performs dynamic address isolation. The computer comprises an application associated with an application address, a network interface coupled to receive incoming data packets from and transmit outgoing data packets to an external network, a network address translation engine configured to translate between the application address and a public address, and a driver for automatically forwarding the outgoing data packets to the network address translation engine to translate the application address to the public address, and for automatically forwarding the incoming data packets to the network address translation engine to translate the public address to the application address. The computer may communicate with a firewall configured to handle both network-level security and application-level security.

Abstract: In particular embodiments, a data processing data inventory generation system is configured to: (1) generate a data model (e.g., a data inventory) for one or more data assets utilized by a particular organization; (2) generate a respective data inventory for each of the one or more data assets; and (3) map one or more relationships between one or more aspects of the data inventory, the one or more data assets, etc. within the data model. In particular embodiments, a data asset (e.g., data system, software application, etc.) may include, for example, any entity that collects, processes, contains, and/or transfers personal data (e.g., such as a software application, “internet of things” computerized device, database, website, data-center, server, etc.). For example, a first data asset may include any software or device (e.g., server or servers) utilized by a particular entity for such data collection, processing, transfer, storage, etc.

Abstract: A service providing method, the method comprises transmitting, by a first information processing device, a certification token including a first role information on a service provided by the first information processing device to a terminal device when a certification is successful in response to a certification demand from the terminal device, receiving, by the first information processing device, the certification token and a first address information, that identifies a service providing device and indicates the first information processing device, from the terminal device, and transmitting, by the first information processing device, a first token including the first role information indicated by the certification token which is received and a second address information, that identifies the service providing device and indicates a second information processing device, to the second information processing device which is either one of the service providing device or a way device to the service providing dev

Abstract: A computer-implemented method includes executing one or more tests on a computing device. The computing device has Instruction Execution Protection (IEP), and each test of the one or more tests includes selectively setting one or more IEP bits of one or more page tables, where each IEP bit prevents code in a respective storage block from being executed. During the one or more tests, an IEP exception is detected, by a computer processor, each time an attempt is made to execute code in a storage block for which a respective IEP bit is set. Test results of the one or more tests are determined based on the detecting. A remedial action is performed in response to the test results of the one or more tests.

Abstract: A method and system for providing information management of data from hosted services receives information management policies for a hosted account of a hosted service, requests data associated with the hosted account from the hosted service, receives data associated with the hosted account from the hosted service, and provides a preview version of the received data to a computing device. In some examples, the system indexes the received data to associate the received data with a user of an information management system, and/or provides index information related to the received data to the computing device.

Abstract: An information handling system includes a plurality of components, and a logo device configured to communicate with one of the components. The logo device includes a logo, a memory, a communication device, and a processor. The logo is on an external surface of the logo device, and is visible from outside of the information handling system. The memory stores real-time status and error logs of the first information handling system. The communication device receives authentication information from a second information handling system in response to the second information handling system being within a first distance of the logo device. The processor detects that a second information handling system is within the first distance of the communication device, verifies the authentication information, and provides the real-time status and the error logs for the first information handling system in response to verifying the authentication information.

Abstract: A biometric server receives, a transmission of a biometric sample and an encrypted enrollment template of the user from a client device, wherein the encrypted enrollment template comprises an encrypted mathematical representation of historical biometric data of the user, and wherein the biometric sample comprises a current snapshot of the biometric data. The biometric server decrypts the encrypted enrollment template to an enrollment template using an enrollment template key. The biometric server converts the biometric sample to a biometric template. The biometric server, based on determining that the biometric template is similar to the enrollment template associated with the user, sends an access token to the client device.

Abstract: An encryption method includes: converting a section of express information into a binary sequence, grouping the binary sequence into a plurality of group data, and aligning each group data into an information matrix; converting the information matrix into a corresponding a basic group information matrix; randomly choosing a reference DNA sequence from a gene library, and aligning the reference DNA sequence into a basic group transition matrix, using the basic group transition matrix to convert the basic group information matrix into an encrypted information matrix, and exploding the encrypted information matrix to obtain a basic group information sequence; generating a primer for the basic group information sequence, and adding the primer before and behind the primer generator to obtain a completed DNA sequence; and synthesizing a DNA matter based on the completed DNA sequence.

Abstract: Provided is a method of distributing an application including transmitting, by a distribution server, a signal for requesting metadata to a user terminal where an application is installed; receiving, by the distribution server, a reply including first metadata from the user terminal; determining, by the distribution server, whether the first metadata is valid based on second metadata corresponding to the application; setting a connection with the user terminal to re-install the application on the user terminal if the distribution server determines that the first metadata is not valid; encrypting, by the distribution server, one or more installation files that install the application with a private key; and transmitting the one or more encrypted installation files via the set connection to the user terminal.

Abstract: A computer performs dynamic address isolation. The computer comprises an application associated with an application address, a network interface coupled to receive incoming data packets from and transmit outgoing data packets to an external network, a network address translation engine configured to translate between the application address and a public address, and a driver for automatically forwarding the outgoing data packets to the network address translation engine to translate the application address to the public address, and for automatically forwarding the incoming data packets to the network address translation engine to translate the public address to the application address. The computer may communicate with a firewall configured to handle both network-level security and application-level security.

Abstract: A mobile terminal including a touch screen configured to display screen information; and a controller configured to in response to a preset touch applied to the touch screen, move the screen information on the touch screen along a touch direction of the preset touch so as to sequentially display additional screen information on the touch screen, and display guide information on the touch screen for performing an authentication process to view secured information corresponding to the screen information when a last portion of the screen information is displayed in response to the preset touch.

Abstract: Embodiments of the invention relate to systems and methods for providing an anonymization engine. One embodiment of the present invention relates to a method comprising receiving a message directed at a recipient computer located outside a secure area by a privacy computer located within a secure area. The privacy computer may identify private information using a plurality of privacy rules and anonymize the message according to the plurality of privacy rules. Another embodiment may be directed to a method comprising receiving a request for sensitive data from a requesting computer. An anonymization computer may determine a sensitive data record associated with the request and may anonymize the sensitive data record by performing at least two of: removing unnecessary sensitive data entries from the sensitive data record, masking the sensitive data entries to maintain format, separating the sensitive data entries into associated data groupings, and de-contexting the data.

Abstract: A biometric server receives, a transmission of a biometric sample and an encrypted enrollment template of the user from a client device, wherein the encrypted enrollment template comprises an encrypted mathematical representation of historical biometric data of the user, and wherein the biometric sample comprises a current snapshot of the biometric data. The biometric server decrypts the encrypted enrollment template to an enrollment template using an enrollment template key. The biometric server converts the biometric sample to a biometric template. The biometric server, based on determining that the biometric template is similar to the enrollment template associated with the user, sends an access token to the client device.

Abstract: Embodiments of the present invention use a limited-use public/private key pair to encrypt and decrypt messages sent through an intermediary. The messages may contain sensitive information and may be transmitted between entities over one or more networks. In some embodiments, the entities and/or the networks may be untrusted. Nevertheless, the content of the messages may remain protected by virtue of the limited-use key pair infrastructure.

Abstract: The present application discloses a privacy user interactive apparatus including a display panel configured to display a stereoscopic image of a user input interface in a three-dimensional display space; a three-dimensional positional sensor configured to detect a three-dimensional position of a user input object; and a processor coupled to the display panel and the three-dimensional positional sensor, configured to control the display panel to display the stereoscopic image of the user input interface in the three-dimensional display space, configured to receive an input control signal from the three-dimensional positional sensor, and configured to execute an operation in response to the input control signal. The display panel is configured to display a three-dimensional image of the user input interface in the three-dimensional display space and a two-dimensional image outside the three-dimensional display space.

Abstract: A data synchronization (DS) computing device is described herein, the DS computing device configured to retrieve an update request from a queue, the update request including a key value and a requesting party identifier. The key value identifies at least one data record. The DS computing device is also configured to identify key lookup data associated with the update request, the key lookup data including one or more updated data record elements, and determine whether a release is needed from at least one stakeholder associated with the key value. The DS computing device is configured to transmit a release request to the stakeholder, when the release is needed. The DS computing device is further configured to receive a release response from the stakeholder, the release response indicating that the release has been authorized, and transmit an update response to the requesting party, the update response including the key lookup data.

Abstract: This specification relates to a mobile terminal capable of executing a lock state of restricting a touch input and a control method thereof. The control method for the mobile terminal, which displays a lock screen in the lock state of restricting an input of a control command for an application, includes displaying an execution screen of an application on the lock screen, and controlling the lock screen based upon a touch input detected in the lock state.

Abstract: Systems, methods, and software described herein provide security actions based on the current state of a security threat. In one example, a method of operating an advisement system in a computing environment with a plurality of computing assets includes identifying a security threat within the computing environment. The method further includes, in response to identifying the security threat, obtaining state information for the security threat within the computing environment, and determining a current state for the security threat within the computing environment. The method also provides obtaining enrichment information for the security threat and determining one or more security actions for the security threat based on the enrichment information and the current state for the security threat.

Abstract: An information collection method includes determining whether or not a vehicle satisfies predetermined conditions when a target device receives a test mode start request from an collection device, and when it is determined that the vehicle satisfies the predetermined conditions, starting the test mode. In the test mode, update of a predetermined counter is stopped. The collection device generates a first MAC based on the count value received from the target device and transmits an attack information acquisition request with the first MAC to the target device. If the attack information acquisition request with the first MAC is received from the collection device, the target device generates a second MAC based on the stopped count value, determines that the host device is normal in a case where the first MAC and the second MAC coincide with each other, and transmits the attack information to the collection device.

Abstract: Particular embodiments described herein provide for an electronic device that can be configured to receive untrusted input data at an enclave in an electronic device, isolate the untrusted input data from at least a portion of the enclave, communicate at least a portion of the untrusted data to an integrity verification module using an attestation channel, and receive data integrity verification of the untrusted input data from the integrity verification module. The integrity verification module can perform data integrity attestation functions to verify the untrusted data and the data integrity attestation functions include a data attestation policy and a whitelist.