Abstract: A system is provided for inside-to-outside or outside-to-inside cryptographic coding that facilitates product authentication along a distribution channel. An association of authenticated, secured codes is generated between inner items (e.g., pharmaceutical doses such as pills, capsules, tablets) and outer items (e.g., packaging containing inner items). For instance, an inner code associated with a first item is used to generate (at least partially) an outer code associated with a second item that contains one or more first items. This process may be repeated multiple times with codes for outer items being a function of codes for inner items. The sequence of items may be authenticated by the dependent relationship between their codes.

Abstract: Disclosed is an apparatus and method to locate a mobile device in an emergency situation. The mobile device includes a display device, a user interface to receive an emergency mode request from a user, and a processor. The processor may be configured to execute instructions to implement an emergency mode process based upon the receipt of the emergency mode request from the user. The emergency mode process is implemented to: monitor received signals to locate a base station, wherein, once a base station is located, a short emergency message is transmitted to the base station including the location of the mobile device. The emergency mode process is further implemented to: monitor received signals to receive an acknowledgement signal from the base station; and reduce a plurality of first non-essential functions of the mobile device to reduce power consumption.

Abstract: Systems and methods for switching between communicating according to a first network protocol and a second network protocol are provided. The provided systems and methods multiplex received communications according to the first and second network protocols and select one of the network protocols based on a quality or throughput of the network protocol without terminating any existing sessions established according to either of the first or second network protocols.

Abstract: A system is provided for inside-to-outside or outside-to-inside cryptographic coding that facilitates product authentication along a distribution channel. An association of authenticated, secured codes is generated between inner items (e.g., pharmaceutical doses such as pills, capsules, tablets) and outer items (e.g., packaging containing inner items). For instance, an inner code associated with a first item is used to generate (at least partially) an outer code associated with a second item that contains one or more first items. This process may be repeated multiple times with codes for outer items being a function of codes for inner items. The sequence of items may be authenticated by the dependent relationship between their codes.

Abstract: Reciprocal wireless connections may be established between a pair of devices to support failover, load balancing, traffic distribution, or other peer-to-peer connectivity features. Each device of a pair of devices may implement both a local wireless access point and a local wireless station to communicate with the other device of the pair of devices. Establishment of a second wireless connection between the pair of devices may be coordinated using a protocol extension of a first wireless connection. A multiplexing (MUX) component may coordinate traffic among the reciprocal wireless connections.

Abstract: Embodiments disclosed allow authentication between two entities having agreed on the use of a common modulus N. The authentication includes generating a pseudorandom string value; generating a public key value based on the modulus N and the pseudorandom string value; generating a private key value corresponding to the public key value; receiving a verifier's public key value; generating a shared secret value based on the modulus N, the private key value and the verifier's public key value; calculating an authentication signature value using the shared secret value; and transmitting the authentication signature value for authentication. When the authentication signature is received, the public key value and the shared value are generated to calculate an authentication signature value. Thereafter, the authentication signature values are compared and authenticated.

Abstract: A system and method for providing a location based service to create a social network, comprising activating a feature from a wireless terminal, registering from the wireless terminal with a location based service associated with the feature, creating a profile of a user of the feature, and displaying candidates based on the profile and based on the geographic location of the candidates. A Global Positioning System (GPS) may be used to geographically locate active users of a feature. An activity map may be associated with a feature, the activity map displaying active users of the feature.

Abstract: A puzzle-based protocol is provided that allows a token and verifier to agree on a secure symmetric key for authentication between the token and verifier. A token stores a secret key and one or more puzzle-generating algorithms. The verifier independently obtains a plurality of puzzles associated with the token, pseudorandomly selects at least one of the puzzles, and solves it to obtain a puzzle secret and a puzzle identifier. The verifier generates a verifier key based on the puzzle secret. The verifier sends the puzzle identifier and an encoded version of the verifier key to the token. The token regenerates the puzzle secret using its puzzle-generating algorithms and the puzzle identifier. The token sends an encoded response to the verifier indicating that it knows the verifier key. The token and verifier may use the verifier key as a symmetric key for subsequent authentications.

Abstract: A constrained proxy key is used to secure communications between two devices via an intermediary device. A first proxy key is generated at a host device (key generator device) based on a shared secret key, one or more constraints on the first proxy key, and a key derivation function. At least the shared secret key and key derivation function are known to the host device an a client device (authentication device). The first proxy key is sent to a proxy device to use in authenticating communications with the client device. An authenticated message is generated by the proxy device using the first proxy key and sent to the client device. The client device locally generates a second proxy key using the key derivation function, one or more constraints, and the shared secret key for authenticating the proxy device. The proxy device is authenticated if the client device successfully accesses the authenticated message from the proxy device using the second proxy key.

Abstract: A method, apparatus, and/or system for execution prevention is provided. A state indicator for a first subset of a plurality of memory pages of executable code in a memory device is set to a non-executable state. A state indicator for a second subset of the plurality of memory pages is set to an executable state, where the second subset of the plurality of memory pages includes indirection stubs to functions in the first subset of the plurality of memory pages. Upon execution of an application, a function call is directed to a corresponding indirection stub in the second subset of the plurality of memory pages which modifies the state indicator for a corresponding function in the first subset of the plurality of memory pages prior to directing execution of the called function from the first subset of the plurality of memory pages.

Abstract: A method, apparatus, and system are provided for implementing resource and/or location-based matching services between a wireless terminal (e.g., mobile phone) user and one or more resources. A novel infrastructure supports resource and/or location based matching services over a wireless network. A back-end system includes a database, server, and match engine that are configured match a user with one or more resources based on the user's characteristics, preferences, and/or location. Such resources include (1) other users, (2) targeted advertising, (3) businesses/networking opportunities, and/or (4) locate a nearby service or store. A flexible database architecture supports application-specific resources which facilitate the deployment of various matching services. Application developers are thus able to implement different resource-matching applications for wireless devices through a common back-end infrastructure.

Abstract: Disclosed is an apparatus and method to detect vehicle theft. In one embodiment, a processor may be configured to execute instructions to: receive a vehicle detection signal from a vehicle detector; determine whether a vehicle is present or absent based upon the vehicle detection signal; establish an authentication credential after the vehicle is determined to present; and validate the authentication credential to indicate validated parking. If the vehicle is determined to be absent and an authentication credential to un-park the vehicle has not been validated, a notification action may be transmitted to appropriate personnel to indicate that the vehicle has been moved or un-parked without proper authentication.

Abstract: A processor is provided that binds itself to a circuit such that the processor cannot be subsequently reused in other circuits. On a first startup of the processor, a memory segment of an external volatile memory device is read to obtain information prior to initialization of the memory segment. An original/initial identifier may be generated from the information read from the memory segment. The original/initial identifier may then be stored in a non-volatile storage of the processor. On subsequent startups of the processor, it verifies that the processor is still coupled to the same external volatile memory device by using the stored identifier. For instance, on a subsequent startup, the processor again reads the same memory segment of the external memory device and generates a new identifier. If the identifier matches the previously stored identifier, then the processor may continue its operations; otherwise the processor is disabled/halted.

Abstract: A system and method for providing a location based service to create a social network, comprising activating a feature from a wireless terminal, registering from the wireless terminal with a location based service associated with the feature, creating a profile of a user of the feature, and displaying candidates based on the profile and based on the geographic location of the candidates. A Global Positioning System (GPS) may be used to geographically locate active users of a feature. An activity map may be associated with a feature, the activity map displaying active users of the feature.

Abstract: A method, apparatus, and system are provided for implementing resource and/or location-based matching services between a wireless terminal (e.g., mobile phone) user and one or more resources. A novel infrastructure supports resource and/or location based matching services over a wireless network. A back-end system includes a database, server, and match engine that are configured match a user with one or more resources based on the user's characteristics, preferences, and/or location. Such resources include (1) other users, (2) targeted advertising, (3) businesses/networking opportunities, and/or (4) locate a nearby service or store. A flexible database architecture supports application-specific resources which facilitate the deployment of various matching services. Application developers are thus able to implement different resource-matching applications for wireless devices through a common back-end infrastructure.

Abstract: Systems and methods for protecting digital assets associated with a computing device are described herein. An example of a method according to the disclosure includes assigning at least one asset worth value to respective digital assets associated with a device, computing at least one device worth value using the at least one asset worth value assigned to the digital assets associated with the device, identifying at least one device worth value threshold, performing a comparison of the at least one device worth value to the at least one worth value threshold, and initiating at least one action with respect to the digital assets associated with the device based on the comparison.

Abstract: A small form-factor security device is provided that may be inserted in series with a telephone line to encrypt dual tone multi-frequency (DTMF) tones from a telephone to prevent unauthorized disclosure of sensitive information. A receiving device decrypts the encrypted DTMF tones to receive the original information sent by the telephone. The security device acts as a second factor in a two-factor authentication scheme with a tele-services security server that authenticates the security device.

Abstract: A network helper is provided that assists verifiers in executing a puzzle-based protocol for authentication of a token. A token stores a secret key and one or more puzzle-generating algorithms. The helper stores a plurality of puzzles associated with a particular token. When requested to do so by a verifier, the helper provides a plurality of pseudorandomly selected puzzles for the token to a verifier. The puzzles are encoded with information that is used between the verifier and token to establish a secured symmetric key. The verifier selects one or a few of the encoded puzzles and breaks them by a brute force attack. Because the helper does not know which puzzles have been selected, it has to break all puzzles to attempt to figure out the symmetric key. However, if a large number of puzzles are utilized, say millions, then breaking all of them becomes a computationally prohibitive task.

Abstract: Systems and methods for protecting digital assets associated with a computing device are described herein. An example of a method according to the disclosure includes assigning at least one asset worth value to respective digital assets associated with a device, computing at least one device worth value using the at least one asset worth value assigned to the digital assets associated with the device, identifying at least one device worth value threshold, performing a comparison of the at least one device worth value to the at least one worth value threshold, and initiating at least one action with respect to the digital assets associated with the device based on the comparison.

Abstract: A small form-factor security device is provided that may be inserted in series with a telephone line to encrypt dual tone multi-frequency (DTMF) tones from a telephone to prevent unauthorized disclosure of sensitive information. A receiving device decrypts the encrypted DTMF tones to receive the original information sent by the telephone. The security device acts as a second factor in a two-factor authentication scheme with a tele-services security server that authenticates the security device.