Abstract: Methods and systems for performing security sanitization of Universal Serial Bus (USB) devices are provided. According to one embodiment, existence of a Universal Serial Bus (USB) device connected to a USB port of a network security device is detected by the network security device. Responsive thereto, read and write access to a memory of the USB device is facilitated, by mounting, by the network security device, the USB device within a file system of the network security device. Multiple security scans are caused to be performed by the network security device on the USB device, including: (i) an antivirus (AV) scan to identify existence of one or more known viruses using an AV engine of the network security device and (ii) a vulnerability scan for one or more known vulnerabilities or exploits using a detection engine of the network security device.

Abstract: Systems and methods for automated email encryption between email servers are provided. According to one embodiment, an email, originated by a sender using a client device coupled with a private network and directed to a recipient, is received by an email server associated with the private network. A key server is queried for public keys of the recipient and the sender. When the recipient's public key is returned by the key server, it is used to encrypt the email message; otherwise, no encryption is performed. When the sender's public key does not exist on the key server, the email server automatically generates a temporary key pair for the sender on the fly and without requiring intervention on the part of the sender. Finally, both the email message and the public key of the sender are transmitted by the email server to the recipient.

Abstract: Systems and methods for managing network security events with the assistance of augmented reality are provided. According to one embodiment, a reality image of a network object is captured by an augmented reality device. The network object is identified from the reality image by the augmented reality device. Dynamic network security information is received by the augmented reality device from a network security appliance associated with a network that is managing the network object. An augmented overlay image is generated by the augmented reality device based on the reality image and the dynamic network security information. The augmented overlay image is displayed by the augmented reality device.

Abstract: Systems and methods for automated email encryption between email servers are provided. According to one embodiment, an email, originated by a sender using a client device coupled with a private network and directed to a recipient, is received by an email server associated with the private network. A key server is queried for public keys of the recipient and the sender. When the recipient's public key is returned by the key server, it is used to encrypt the email message; otherwise, no encryption is performed. When the sender's public key does not exist on the key server, the email server automatically generates a temporary key pair for the sender on the fly and without requiring intervention on the part of the sender. Finally, both the email message and the public key of the sender are transmitted by the email server to the recipient.

Abstract: Methods and systems for performing security sanitization of Universal Serial Bus (USB) devices are provided. According to one embodiment, existence of a Universal Serial Bus (USB) device connected to a USB port of a network security device is detected by the network security device. Responsive thereto, read and write access to a memory of the USB device is facilitated, by mounting, by the network security device, the USB device within a file system of the network security device. Multiple security scans are caused to be performed by the network security device on the USB device, including: (i) an antivirus (AV) scan to identify existence of one or more known viruses using an AV engine of the network security device and (ii) a vulnerability scan for one or more known vulnerabilities or exploits using a detection engine of the network security device.

Abstract: Systems and methods for managing network security events with the assistance of augmented reality are provided. According to one embodiment, a reality image of a network object is captured by an augmented reality device. The network object is identified from the reality image by the augmented reality device. Dynamic network security information is received by the augmented reality device from a network security appliance associated with a network that is managing the network object. An augmented overlay image is generated by the augmented reality device based on the reality image and the dynamic network security information. The augmented overlay image is displayed by the augmented reality device.

Abstract: The invention relates to a system and method for making data secure. The inventive system is characterized in that it comprises:—a monotonic counter;—a computational entity;—a physical data medium comprising one or a plurality of data blocks, a first master block comprising the last value recovered from the monotonic counter, an identifier of the last data block written on said medium, a first authentication code guaranteeing the authenticity of the written data block or blocks, a second authentication code calculated from the last written data block, said data being fixed at a neutral value, and a third authentication code guaranteeing the authenticity of the first master block, and a second master block forming a replica of the first master block; and—an authentication key. The invention is used, in particular, to make data secure against playback and sudden interruptions in service in embedded systems.

Abstract: According to the inventive method, the chip card, a counting function (FC), a counter (Cpt) and a private key (Cf) stored in the write-only part of the memory region are stored in a persistent memory, the counter and the private key (Cf) being accessible only by the counting function (FC). When the chip card receives a counter request emitted by an requesting entity (ER), the counting function (FC) performs a modification of the counter (Cpt) and a calculation of a signature, and sends a response to the applicant entity (ER). When the on-board system receives the response to the counter request, the signature contained in the response is checked.

Abstract: The invention relates to a system and method for making data secure. The inventive system is characterized in that it comprises:—a monotonic counter;—a computational entity;—a physical data medium comprising one or a plurality of data blocks, a first master block comprising the last value recovered from the monotonic counter, an identifier of the last data block written on said medium, a first authentication code guaranteeing the authenticity of the written data block or blocks, a second authentication code calculated from the last written data block, said data being fixed at a neutral value, and a third authentication code guaranteeing the authenticity of the first master block, and a second master block forming a replica of the first master block; and—an authentication key. The invention is used, in particular, to make data secure against playback and sudden interruptions in service in embedded systems.

Abstract: The invention relates to a method for authenticating applications of a computer system including: a microprocessor, a plurality of applications, a general operating system (OS2) which can execute and manage the applications and which can associate each application identifier (3) with the identification information required for the execution thereof, and a trusted environment (EC) which offers services to said applications. According to the invention, before the services of the trusted environment (EC) can be accessed by an application, a hashing operation is performed on the identification information of said application and the trusted environment (EC) checks the authenticity of the result of the hashing operation.

Abstract: According to the inventive method, the chip card, a counting function (FC), a counter (Cpt) and a private key (Cf) stored in the write-only part of the memory region are stored in a persistent memory, the counter and the private key (Cf) being accessible only by the counting function (FC). When the chip card receives a counter request emitted by an requesting entity (ER), the counting function (FC) performs a modification of the counter (Cpt) and a calculation of a signature, and sends a response to the applicant entity (ER). When the on-board system receives the response to the counter request, the signature contained in the response is checked.

Abstract: A method, computer program product, and data processing system for generating and validating an upgradeable digital timestamp of a document is disclosed. The digital timestamp includes a hash value, a current time, and a digital signature. Over time, as computer and cryptanalytic technology progresses, upgrade timestamps are applied to the document that take advantage of more advanced, more difficult to break hash functions or digital signature schemes. These upgrade timestamps are applied preventatively at a point in time just prior to the timestamp's being able to be compromised.

Abstract: In a storage area network (SAN) including a storage device accessible by a remote client, a method is provided. The SAN is configured to allow input/output (I/O) data transport over the SAN between the remote client and the storage device. The method includes establishing a write once read many (WORM) server in the SAN between the storage device and the remote client. Data is received at the WORM server from the remote client. The method further includes appending a digitally signed timestamp to the data, specifying a plurality of locations, and sending the data and the timestamp to the storage device. The data is sent as a series of data over the SAN such that the series of data is written to the storage device at the specified plurality of locations. Future writing of data to the specified plurality of locations is prevented.

Abstract: A method and computer operated software application for digitally signing a portion of an electronic file, and for verifying such a digital signature. A portion of the file to be signed is extracted based on a computation of one or more functions, and the file portion is used for being either directly digitally signed, or for calculating a Message Digest value (MD1) and for digitally signing the MD1 value with a private key of the signer. The so-formed digital signature is appended to the file. During verification, the digital signature is removed from the file, decrypted using the signer's public key, which is known to the verifier, and the portion of the file, or respectively MD1 is obtained. The portion of the file used for the signature is again obtained and used for a similar a computation based on the one or more functions, which are also known to the verifier, for calculating a corresponding portion of the file, or another Message Digest value (MD2).

Abstract: A server includes a dedicated hardware card that is responsible for digesting an incoming email, appending a date and time to the digest to create a time stamp, and signing the result with a private digital signature. This provides a secure time stamp for an email that is resistant to falsification and tampering by the sender of an email, and which can be verified by a recipient of the email.

Abstract: Data integrity checking methods utilize a cumulative hash function. A sequence of data blocks and a corresponding sequence of hashes are stored on a medium. Each hash in the sequence of hashes corresponds to a data block in the sequence of data blocks. A particular hash corresponding to a particular data block is determined as a function of the particular data block and at least one previous hash corresponding to a previous data block in the sequence of data blocks.

Abstract: A system and method of storing data using write once read many (WORM) protection including using a hardware storage device to write data to a medium are provided. The method further includes establishing a write once read many (WORM) module external to the hardware storage device. Data blocks are received at the module, block numbers are specified with the module, and data is output from the module to write to the storage medium at specified block numbers. The last specified block number or all specified block numbers depending on the type of media access are stored so that the external WORM module prevents future writing of data to these specified or already used block numbers.

Abstract: Data integrity checking methods utilize a cumulative hash function. A sequence of data blocks and a corresponding sequence of hashes are stored on a medium. Each hash in the sequence of hashes corresponds to a data block in the sequence of data blocks. A particular hash corresponding to a particular data block is determined as a function of the particular data block and at least one previous hash corresponding to a previous data block in the sequence of data blocks.

Abstract: A method and system for providing a secure time reference when storing data to a storage medium using write once read many (WORM) protection are provided. The method includes receiving a message, determining a message digest, appending a published time from a digital time stamping service to the message digest to create a timestamp, and digitally signing the timestamp with a private key of the digital time stamping service. The message, the timestamp, and the digital signature are stored to the medium using write once read many (WORM) protection.

Abstract: A system and method of storing data using write once read many (WORM) protection including using a hardware storage device to write data to a medium are provided. The method further includes establishing a write once read many (WORM) module external to the hardware storage device. Data blocks are received at the module, block numbers are specified with the module, and data is output from the module to write to the storage medium at specified block numbers. The last specified block number or all specified block numbers depending on the type of media access are stored so that the external WORM module prevents future writing of data to these specified or already used block numbers.