Abstract: One or more beaconing devices transmit synchronized changing beacons. The changing beacons trigger execution of an application that is installed but closed or not running on a mobile device, that is in wireless beaconing range of a beaconing device, and that has registered the changing beacons with the mobile device operating system (“OS”) to trigger execution of the application upon receipt of the changing beacons. The changing beacons also keep the executing application running by resetting OS policies for closing the application when it is running with the mobile device in a locked or standby state. The application may perform different procedures and different times with the beaconing device or other devices including authorizing access to a secured resource when the mobile device is far away from the beaconing device, and confirming intent to access the secured resource when the mobile device is close to the beaconing device.

Abstract: One or more beaconing devices transmit synchronized changing beacons. The changing beacons trigger execution of an application that is installed but closed or not running on a mobile device, that is in wireless beaconing range of a beaconing device, and that has registered the changing beacons with the mobile device operating system (“OS”) to trigger execution of the application upon receipt of the changing beacons. The changing beacons also keep the executing application running by resetting OS policies for closing the application when it is running with the mobile device in a locked or standby state. The application may perform different procedures and different times with the beaconing device or other devices including authorizing access to a secured resource when the mobile device is far away from the beaconing device, and confirming intent to access the secured resource when the mobile device is close to the beaconing device.

Abstract: Secure handsfree two-stage access control is provided via a first stage that is performed when a mobile device is within a first distance from an access control reader, and a second stage that is performed when the mobile device is within a second distance from the reader, wherein the second distance is less than the first distance. Performing the first stage includes establishing a secure connection between the mobile device and the reader, and authorizing access for the mobile device to a secured resource. Performing the second stage includes providing access to the secured resource when the mobile device has been authorized to access the secured resource during the first stage, and the mobile device enters within the second distance from the reader. The second stage may be triggered in response to the reader detecting a user gesture or action.

Abstract: One or more beaconing devices transmit synchronized changing beacons. The changing beacons trigger execution of an application that is installed but closed or not running on a mobile device, that is in wireless beaconing range of a beaconing device, and that has registered the changing beacons with the mobile device operating system (“OS”) to trigger execution of the application upon receipt of the changing beacons. The changing beacons also keep the executing application running by resetting OS policies for closing the application when it is running with the mobile device in a locked or standby state. The application may perform different procedures and different times with the beaconing device or other devices including authorizing access to a secured resource when the mobile device is far away from the beaconing device, and confirming intent to access the secured resource when the mobile device is close to the beaconing device.

Abstract: Secure handsfree two-stage access control is provided via a first stage that is performed when a mobile device is within a first distance from an access control reader, and a second stage that is performed when the mobile device is within a second distance from the reader, wherein the second distance is less than the first distance. Performing the first stage includes establishing a secure connection between the mobile device and the reader, and authorizing access for the mobile device to a secured resource. Performing the second stage includes providing access to the secured resource when the mobile device has been authorized to access the secured resource during the first stage, and the mobile device enters within the second distance from the reader. The second stage may be triggered in response to the reader detecting a user gesture or action.

Abstract: Some embodiments provide firewalls and methods for guarding against attacks by leveraging the Document Object Model (DOM). The firewall renders the DOM tree to produce a white-list rendering of the data which presents the non-executable elements of the data and, potentially, outputs of the executable elements of the data without the executable elements that could be used to carry a security threat. Some embodiments provide control over which nodes of the DOM tree are included in producing the white-list rendering. Specifically, a configuration file is specified to white-list various nodes from the DOM tree and the white-list rendering is produced by including the DOM tree nodes that are specified in the white-list of the configuration file while excluding those nodes that are not in the white-list. Some embodiments provide a hybrid firewall that executes a set of black-list rules over white-listed nodes of the DOM tree.

Abstract: Some embodiments provide firewalls and methods for guarding against attacks by leveraging the Document Object Model (DOM). The firewall renders the DOM tree to produce a white-list rendering of the data which presents the non-executable elements of the data and, potentially, outputs of the executable elements of the data without the executable elements that could be used to carry a security threat. Some embodiments provide control over which nodes of the DOM tree are included in producing the white-list rendering. Specifically, a configuration file is specified to white-list various nodes from the DOM tree and the white-list rendering is produced by including the DOM tree nodes that are specified in the white-list of the configuration file while excluding those nodes that are not in the white-list. Some embodiments provide a hybrid firewall that executes a set of black-list rules over white-listed nodes of the DOM tree.

Abstract: Some embodiments provide firewalls and methods for guarding against attacks by leveraging the Document Object Model (DOM). The firewall renders the DOM tree to produce a white-list rendering of the data which presents the non-executable elements of the data and, potentially, outputs of the executable elements of the data without the executable elements that could be used to carry a security threat. Some embodiments provide control over which nodes of the DOM tree are included in producing the white-list rendering. Specifically, a configuration file is specified to white-list various nodes from the DOM tree and the white-list rendering is produced by including the DOM tree nodes that are specified in the white-list of the configuration file while excluding those nodes that are not in the white-list. Some embodiments provide a hybrid firewall that executes a set of black-list rules over white-listed nodes of the DOM tree.