Abstract: A method for providing different message information to users based on authorization level is disclosed. In one embodiment, such a method includes detecting an event, such as an error or abnormal termination, in a hardware or software product. The method generates a message in association with the event and determines an authorization level of a user intended to receive the message. In the event the user is associated with a first authorization level, the method includes first content in the message. In the event the user is associated with a second authorization level, the method includes second content in the message. The second content may be more comprehensive than the first content. A corresponding system and computer program product are also disclosed.

Abstract: A method for anonymizing data sets for use with risk management applications comprises receiving a data set from a source, the data set containing a plurality of correlated attributes. This embodiment further comprises analyzing the plurality of correlated attributes to create an attribute classification. Applying a differential privacy algorithm to the plurality of correlated attributes if the attribute classification requires data randomization is likewise a part of this embodiment. The randomized data set is provided to a risk management application. The randomized data set is used to create a risk management report, wherein the risk management report is an output of the risk management application.

Abstract: The present application concerns a method and a system of storing one or more service data items. To store and share in particular confidential data, the one or more service data items are partitioned into one or more data stores. The one or more data stores are stored. Metadata of the one or more data stores is generated and the metadata is stored in a metadata database.

Abstract: Cybersecurity peer identification (CPI) technology obtains security group definitions from an identity directory, computes peerSimilarityScores that represent user similarity in terms of security permissions, and submits contextual cybersecurity peer data to cybersecurity peer-based functionality (CPBF). CPBF code may then perform behavior analytics, resource management, permissions management, or location management. Cyberattacks may then be disrupted or mitigated, and inefficiencies may be avoided or decreased. Having smaller security groups in common gives users higher peerSimilarityScores than having larger groups in common, as a result of logarithmic, reciprocal, or other score functions. Security group definitions are refreshed and peer scores are updated at regular intervals or on demand by CPI code, to avoid staleness.

Abstract: Biometric authentication techniques are provided using selected manipulations of biometric samples. An exemplary method comprises obtaining enrollment information from a user, wherein the enrollment information comprises first manipulations to a first biometric sample of the user; initiating a challenge to the user in connection with an authentication request by the user to access a protected resource; processing second manipulations by the user of a second biometric sample of the user submitted in response to the challenge, and wherein the processing comprises determining a likelihood that the second manipulations of the second biometric sample of the user submitted in response to the challenge matches the first manipulations to the first biometric sample of the user submitted by the user with the enrollment information; and resolving the authentication request based on the likelihood.

Abstract: The present teaching relates to method, system, medium, and implementations for authenticating a user. A first request is received to set up authentication information with respect to a user, wherein the first request specifies a type of information to be used for future authentication of the user. It is determined whether the type of information related to the user poses risks based on a reverse information search result. The type of information for being used for future authentication of the user is rejected when the type of information is determined to pose risks.

Abstract: An electronic device includes a user interface device and a wireless transceiver that scans for a wearable device within a threshold distance of the electronic device. The wearable device has an access key. A memory of the electronic device contains: (i) an access data structure; (ii) protected content; and (iii) an access application. A controller of the electronic device is communicatively coupled to the user interface device, the wireless receiver, and the memory. The controller executes the access application to enable the electronic device to determine whether the access key of a detected wearable device maps to a record in the access data structure identifying privileges associated with the protected content of the electronic device. Privileged interaction is enabled, via the user interface device, with the protected content in response to determining that the access key maps to the record having the privileges.

Abstract: Embodiments of the disclosure relate to methods, apparatus and systems for biometric processes. The invention relates to initiating generation of an acoustic stimulus for application to a user's ear and extracting features for use in a biometric process from a measured response signal. The measured response signal may be used to derive one or more quality metrics and the quality metrics may be used to validate features extracted from the measured response. The quality metrics may be used to provide feedback to the user seeking to carry out the biometric process.

Abstract: A technique provides mobile device security to a mobile device. The technique involves, in response to operation of a camera of the mobile device, receiving image data from the camera, the image data representing a visual image captured by the camera. The technique further involves performing an image evaluation operation which electronically analyzes the image data received from the camera to determine whether the image data contains sensitive information. The technique further involves, based on a result of the image evaluation operation, performing a security operation that provides security to the mobile device.

Abstract: The present invention is related to systems and methods for identifying and reporting a crisis status. In at least one embodiment, the system comprises a central server; an administrative work station communicably coupled to the central server, wherein the administrative work station is accessible only by an authorized administrator; a database communicably coupled to the central server, the database including a floor plan of the area, wherein the database is accessible and modifiable by the authorized administrator at the administrative work station; and a remote device at a particular location in the area, the remote device communicably coupled to the central server, the remote device capable of communicating securely to the database the particular location of the remote device and the crisis status of the particular location.

Abstract: According to certain embodiments, an electronic device comprises a housing comprising a front surface and a rear surface oriented in a direction opposite to the front surface, a touchscreen display exposed through at least a portion of the front surface, a fingerprint sensor arranged between the touchscreen display and the rear surface underlapping a region of the touchscreen display when viewed from above the front surface, at least one processor operatively connected to the touchscreen display and the fingerprint sensor, and a memory operatively connected to the at least one processor, wherein the memory stores instructions for causing the at least one processor, when executed, to perform operations comprising displaying a user interface comprising an object on the touchscreen display, receiving a gesture input for dragging the object toward the region, the gesture input inputted through the touchscreen display, identifying whether a finger providing the gesture input is a predetermined finger registered fo

Abstract: Embodiments of the disclosure relate to methods, apparatus and systems for biometric processes. The invention relates to initiating generation of an acoustic stimulus for application to a user's ear and extracting features for use in a biometric process from a measured response signal. The measured response signal may be used to derive one or more quality metrics and the quality metrics may be used to validate features extracted from the measured response. The quality metrics may be used to provide feedback to the user seeking to carry out the biometric process.

Abstract: The present invention relates to methods, apparatus and systems for authentication of a user based on ear biometric data, and voice biometric data or other authentication data. The ear biometric data may be combined with voice biometric data or with a security question and response.

Abstract: Methods and systems for authenticating a user account based on a password are disclosed. In one aspect, a method includes receiving input defining a sequence of characters included in an entered password, ignoring characters between a first position in the sequence of characters and a second position in the sequence of characters, and validating the password based on non-ignored characters in the sequence of characters.

Abstract: Methods for authenticating a genuine presence of a human involve directing one or more modulated probes towards a body part of the human, receiving a response to the probes from the body part, and analyzing the response to determine whether it contains spectral characteristics that match a class of responses to such probes for the human body part in a human population. Replay attacks are countered by varying the modulation of the probe temporally, spatially, and spectrally each time authentication is performed. The probes may include electromagnetic radiation, acoustic beams, or particle beams that generate a detected reflection, absorption pattern, scintillation, or fluorescence response of the body part. The analysis of the response may be directed to one or more of temporal, spatial, and spectral variations in accordance with the nature of the probes and the modulation.

Abstract: User authentication techniques are provided using a scene composed of selected objects. An exemplary method comprises obtaining enrollment information from a user, wherein the enrollment information comprises a first scene comprised of a first selection of objects; initiating a challenge to the user in connection with an authentication request by the user to access a protected resource; processing a second scene comprised of a second selection of objects submitted by the user in response to the challenge, and wherein the processing comprises determining a likelihood that the submitted second scene comprised of the second selection of objects matches the first scene comprised of the first selection of objects submitted by the user with the enrollment information; and resolving the authentication request based on the likelihood. Objects in the first selection of objects are optionally selected from a catalog and arranged into the first scene.

Abstract: Provided is a password authenticating apparatus that can provide a hint for selecting a password without displaying a part of the password. The input-receiving unit receives input of a password as an input password. A password-header-comparing unit compares a header portion of the input password up to a number of header comparison characters with authentication information, and determines whether or not the header portion of the input password up to the number of header comparison characters matches a portion from the start of a registered password up to the number of header comparison characters. A screen-generating unit, when it is determined there is no match, generates a header-error screen providing guidance that the input password already does not match in the header portion as a display screen. A display-control unit causes a display unit to display the display screen generated by the screen-generating unit.

Abstract: A technique for over-the-top end-to-end (OTT E2E) information security in a data center providing IT infrastructure for an enterprise network. The technique provides a hardware-to-hardware and/or hardware-to-software PKI over-the-top encryption method that can be applied to both hardware devices and virtual devices. The hardware side may be implemented in a customer premises-based physical enclosure (e.g., a concentrator) having multiple ports. Each port has associated therewith an integrated circuit-based NID. This device provides OSI Layer 2 encryption offloaded to a PKI processor on this chip. Preferably, this process of handling encryption is transparent, with all handling of keys occurring automatically during a device discovery operation. Each key is configured for use for the single port for which the associated device is responsible. This approach allows separate keys on each port to curtail brute force decryption; in the event of key exposure, only one port at a time can become compromised.

Abstract: There is presented a method, a computing device and a biometric matching service, for the biometric authentication of a user. The method comprises capturing a biometric sample from a user and obtaining information to identify data sources relevant to the user. The method further comprises using the data sources relevant to the user to obtain a plurality of biometric samples potentially captured from the user. The method further comprises matching the captured biometric sample against the plurality of potentially captured biometric samples to determine whether the captured biometric sample represents the user.

Abstract: Credentials and other sensitive strings can undergo automatic rotation before each transmission or storage of those credentials. String modification, which can utilize a key stretching algorithm, can be used to modify the credential before transmission. This can be for an initial sign up, a subsequent login, or another such action. A random number can be generated to determine the number of iterations for the key stretching algorithm to be applied. For subsequent actions, a new random number can be added to the prior iteration number in order to create a new string that can be generated using the previously utilized iteration number and the new random number, with only the new random number being transmitted with the modified credential string. This increases security, as the transmission itself cannot be used to recover the original plaintext credential if recovered.