Abstract: Systems and methods include establishing a cryptographically secure communication between an application module and an audio module. The application module is configured to execute on an information-handling machine, and the audio module is coupled to the information-handling machine. The establishment of the cryptographically secure communication may be at least partially facilitated by a mutually trusted module.

Abstract: A method and system for modifying an authenticated and/or encrypted message by a modifying party exchanged between a sending party and a receiving party based on a secure communication protocol, the method includes the steps of a) dividing a clear message into non-modifiable parts and modifiable parts by the sending party; b) including modifiable part information into the message by the sending party; c) authenticating and/or encrypting the message by the sending party; d) providing en- and decryptability and/or authenticability of the message to the modifying party in such a way that the modifying party can only modify the modifiable parts of the message; e) modifying one or more modifiable parts by the modifying party; and f) providing an authenticated and/or encrypted modified message according to the secure communication protocol to the receiving party.

Abstract: An interactive streaming media and application service provider system can securely stream high resolution, multiple formats of video and data. Different data sets can be included in a single stream. A rights management system controls matrix manipulation and other aspects of user control of the data, including one or more of rendering in various different 2D, 3D, or other media formats, reconstruction and modeling, zooming, frame grab, print frame, parental controls, picture in picture, preventing unauthorized copying, adapting to different data transmission formats, adapting to different resolutions and screen sizes, and actively control functionality contained in embedded data, encryption/decryption. Control can be exerted by an external entity through a user-side virtual machine. Control codes can optionally be embedded in the media, embedded in the user's device, and/or sent separately to the device.

Abstract: Example embodiments disclosed herein relate to modifying execution of an application under test to act as if a user is a power user. The application under test is hosted in a real-time modifier. A security crawl is performed on the application under test logged in as the user. The user is treated as a power user.

Abstract: A system and method for protecting streams in a mixed infrastructure includes determining processing elements that are to access a data stream in a stream processing environment and determining a security level for each processing element. Keys are generated per stream per processing element in accordance with the security level. The keys are associated with processing elements in an access control list in a location accessible by producing and consuming processing elements. The stream is decrypted for processing using keys released upon authenticating processing elements in accordance with the access control list. At security boundaries, the stream is re-encrypted in accordance with a next processing element.

Abstract: Disclosed is an apparatus, system, and method to decrypt an encrypted account credential at a second device that is received from a first device. The second device may receive a first share of a master key and the encrypted account credential from the first device. The second device may reconstruct the master key with the first share of the master key and a second share of the master key stored at the second device. The second device may decrypt the encrypted account credential with the reconstructed master key. Based upon the decrypted account credential, the second device may be enabled to access an account based upon the decrypted account credential.

Abstract: In an approach, a first application executing on a first computer acquires, one or more resources of the first computer, wherein the one or more resources include one or more shared resources that are shared among applications of the first computer. The first application receives a media stream from a second computer and presents playback of the media stream. In response to detecting that priority within the first computer has shifted to a second application, the first application pauses playback of the media stream and releases the one or more shared resources while retaining one or more remaining resources that relate to a session context. In response to detecting that priority has shifted back to the first application, the first application re-acquires the one or more shared resources and resumes playback of the media stream based on the one or more remaining resources.

Abstract: Disclosed are devices, systems, apparatus, methods, products, media, and other implementations, including a method that includes computing for one or more inputs of a circuit associated metrics representative of degree of influence that values of each of the one or more inputs have on at least one output dependent on the one or more inputs, and determining based, at least in part, on the computed metrics associated with the one or more inputs of a more inputs whether the at least one output dependent on the one or more inputs is part of a potentially malicious implementation.

Abstract: An electronic device with data protection features in case of unauthorized disassembly includes top cover, bottom cover, a printed circuit board (PCB) fixed on the top cover, and a plate coupled to the bottom cover. The PCB includes a plurality of terminal couplers and a protruding portion. The plate includes a plurality of terminal grooves and a latching member. At least two signal terminals are correspondingly received in at least two of the plurality of terminal grooves. When the signal terminals are electrically connected to the terminal couplers, a first relation signal, which is dependent upon the electrical paths defined by the signal terminals in the terminal grooves, is generated to enable the electronic device. When the signal terminals are not connected to the original terminal couplers, a second and different relation signal is generated by the PCB to disable the electronic device.

Abstract: A system on chip having two or more responder units and two or more protection units is provided. Each of the responder units comprises a set of responder elements. Each of the protection units is associated with and protects one of the responder units and is arranged to provide a group mapping. The group mapping assigns one or more group identifiers to each of the responder elements of the respective responder unit.

Abstract: The invention provides a mobile station comprising a mobile end device, security resources, and a discovery module implemented in the mobile station, with which the security resources of the mobile station are discoverable, at least one security level of the mobile station that is achievable by means of the security resources is derivable, and derived security levels of the mobile station are outputable. Further, there are stated an application loading system having such a mobile station, and a risk assessment system for mobile stations.

Abstract: The present disclosure provides methods and systems for secure logon. One or more method includes: determining, via authentication information provided by a user of an electronic device, that the user is authorized to access an online account provided by the online account provider; providing the user with a selectable option to enable an expedited logon process by which the user can access the online account by solely providing a particular authentication item of the user; receiving a verification credential in response to a next logon attempt using the expedited logon process; and verifying that the received verification credential matches an assigned verification credential provided to the user for use in conjunction with the next logon attempt using the expedited logon process.

Abstract: A device such as a smartphone may communicate with a server or other network entity using encrypted communications, making it difficult to examine such communications for purposes of identifying communication issues that may affect user QoE (quality of experience). In certain embodiments, an application may be modified to log communication data before encryption and after decryption. For example, the application program may be decompiled and logging instructions may be inserted before portion that result in data encryption and after portions where received data is decrypted. The modified application program may then be recompiled and executed on a device to produce an unencrypted log of data. In other embodiments, elements of the device operating system may be modified to log data before encryption and after decryption.

Abstract: A multi-party security protocol that incorporates biometric-based authentication and withstands attacks against any single party (e.g., mobile phone, cloud, or the user). The protocol involves the function split between mobile and cloud and the mechanisms to chain-hold the secrets. A key generation mechanisms binds secrets to a specific device or URL (uniform resource locator) by adding salt to a master credential. An inline CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) handling mechanism uses the same sensor modality as the authentication process, which not only improves the usability, but also facilitates the authentication process. This architecture further enhances existing overall system security (e.g., handling untrusted or compromised cloud service, phone being lost, impersonation, etc.) and also improves the usability by automatically handling the CAPTCHA.

Abstract: Techniques for improving security of transactions requesting user authentication data entry via mobile devices are described herein. The mobile device is configured to wirelessly communicate using a near field communications (NFC) standard used to communicate over very short distances. The mobile device includes a graphical user interface (GUI) configured to display a virtual keypad arranged in a randomly generated pattern, the pattern being configured to be changed in a random manner at each instance of displaying the virtual keypad. Security of transaction is improved by randomly changing positions of virtual keys of the virtual keypad configured to receive the user authentication data.

Abstract: A computer-implemented method and system for analyzing and maintaining data security in backup data, comprising of: accessing backup data of file systems on-site or remotely from a backup server; determining which data is present in a backup system; defining an abnormality data selection criteria to identify security components within the scope of said backup system; performing a data security analysis on backup data; if data abnormality in data are detected in backup data, determining compromised target files, identifying all other files created or modified associated with said compromised target files, including files having a parent-child relationship in both up and down directions of the parent-child tree, including files that are other children of the compromised files in the parent-child tree, including files created or modified by of the compromised files, and including data launched from those files.

Abstract: Methods and systems are provided for facilitating access to a cloud-based logging service. According to one embodiment, access to a cloud-based logging service is integrated within a network security appliance by automatically configuring access settings for the logging service and creating an account for the security appliance with the logging service. A log is created within the logging service by making use of the automatically configured access settings and the account. A request is received by the security appliance to access data associated with the log. Responsive thereto and without requiring separate registration of a network administrator with the cloud-based logging service, the data is retrieved by the security appliance from the logging service and is presented via a graphical user interface of the security appliance.

Abstract: Particular systems, methods, and program products for web-based security systems for user authentication and processing in a distributed computing environment are disclosed. A computing sub-system may receive an electronic processing request and a first signed data packet having a first payload that was hashed and encrypted using a first private key. The first payload may comprise first processing output and a first timestamp. The sub-system may verify the first signed data packet by decrypting it using a first public key. The sub-system may execute computing operations to satisfy the electronic processing request, producing second processing output. The sub-system may configure a data packet with a second payload comprising at least the second processing output and a second timestamp. The sub-system may encrypt the second payload using a second private key producing a second signed data packet. The sub-system may transmit to a second sub-system the second signed data packet.

Abstract: Example embodiments disclosed herein relate to unused parameters. A request to a web page of an application under test is made. It is determined whether the web page includes one or more unused parameter fields. Another request to the web page of the application under test is made using one or more parameters corresponding to the unused parameter fields.

Abstract: Provision of a wireless network service is described in relation to network security. Automatic authentication is performed on an object entering a first area, and when the object passing the authentication in the first area enters a second area, the object is authorized to obtain a network service. An area (e.g., a first area) where a Wireless Local Area Network (WLAN) is used securely is divided, so that after an object device completes automatic authentication in this area, to the object can be directly authorized in a larger area (a second area) to obtain the network service. In this case, both security and convenience of use of the WLAN are considered.