Abstract: A method for implementing an external trusted platform module includes establishing a connection with a remote host device via a remote interface. The method also includes receiving and processing a request for a trusted platform module (TPM) function from the remote host device via the remote interface. The method additionally includes generating a response to the request for the TPM function based on the processing of the request for the TPM function received from the remote host device. The method further includes sending the response to the request for the TPM function to the remote host device via the remote interface.

Abstract: External signature device for a PC, with capacity for wireless communication with the computer, which can be used immediately in electronic banking and electronic commerce or in any other system based on electronic signature requiring a high level of security with a relatively small amount of data for signature, said device including a communication interface with wireless connection to the PC, an alphanumeric display (2) for displaying the data for signature, a keyboard (1) for user interaction with the device, a signature system responsible for processing the operations relating to signature of the data received, and an internal battery (4).

Abstract: A method for authenticating access to an electronic document. The method includes receiving an authentication request from a user, receiving an aggregate risk score, selecting an authentication mechanism based at least on the aggregate risk score, and applying the authentication mechanism to decide the authentication request from the user. The aggregate risk score may be based at least on a comparison of the user's past behavior with a plurality of context data associated with the user.

Abstract: Methods and systems for providing services and/or computing resources are provided. A method may include receiving an application from an application provider. The method may further include receiving data from a data provider. The method may also include receiving a first request from the data provider to execute the application and apply the data as input to the application. Additionally, the method may include executing the application in response to receiving the first request. The method may also include storing output data resulting from execution of the application. The method may further include receiving a second request from the data provider to transmit the output data to the data provider. The method may additionally include communicating the output data to the data provider in response to the second request.

Abstract: An event condition is checked, using a computer and data content of the computer is additionally protected in relation to a normal data protection according to the event condition. The event condition is detecting by the computer a remote command and/or detecting a state according to a policy.

Abstract: A method for securely sharing electronic documents on a document storage system. The method includes receiving an electronic document from a creating user, generating an encryption key unique to the electronic document, encrypting the electronic document using the encryption key to create an encrypted electronic document, and communicating the encrypted electronic document to a document repository for storage/ The method also includes identifying a resource locator for uniquely identifying the storage location of the encrypted electronic document and communicating the encryption key and the resource locator to the creating user. The method also includes receiving the encryption key and the resource locator from a requesting user, retrieving the encrypted electronic document from the document repository using the resource locator, decrypting the encrypted electronic document using the encryption key, and communicating the decrypted electronic document to the requesting user.

Abstract: A target computing environment is secured by a hardware trust anchor that provides a trust state of the target computing environment based upon a security audit of the target computing environment. And diagnosing the target computing environment can be diagnosed by the hardware trust anchor according to the security diagnostic information.

Abstract: A computer-based system securely transmitting and authenticating a transaction input by a user while retaining the anonymity of the user with respect to content of the transaction, including a device encoding the content of the transaction input by the user with a key known only to another device, encoding other portions of the transaction with another key known only to a secure transaction server, and sending the encoded content of the transaction and the encoded other portions of the transaction to the secure transaction server to authenticate an identity of the user of the device, wherein the secure transaction server decodes the other portions of the transaction and sends the encoded content of the transaction to the another device to be finally decoded.

Abstract: External signature device for a PC, with capacity for wireless communication with the computer, which can be used immediately in electronic banking and electronic commerce or in any other system based on electronic signature requiring a high level of security with a relatively small amount of data for signature, said device including a communication interface with wireless connection to the PC, an alphanumeric display (2) for displaying the data for signature, a keyboard (1) for user interaction with the device, a signature system responsible for processing the operations relating to signature of the data received, and an internal battery (4).

Abstract: A mobile phone system and method of initializing, at a secure transaction server (STS), a mobile payment software with a software authentication parameter, as an authentic mobile payment software; providing an STS correlation between a personal identification entry (PIE) and the authentic mobile payment software; installing, in a mobile phone, the authentic mobile payment software; and inputting, by a user, the PIE to the installed authentic mobile payment software to generate according to the PIE and the software authentication parameter a transformed secure authenticable mobile phone cashless monetary transaction over the mobile phone network, as a mobile phone wireless wallet of the user of the mobile phone. The mobile phone authenticable cashless monetary transaction is performed according to an agreement view(s) protocol.

Abstract: The embodiments read, by a computer, target data and divide the target data into chunks. Initial digest values for each chunk of the target data are maintained. Digest values for a subset of the chunks, based upon the target data, is obtained. And a computer compares the obtained subset of digest values of the target data with corresponding subset of maintained initial digest values and verifies integrity of the target data according to the comparison.

Abstract: A system and method are disclosed for providing and maintaining a high level of security during migration of data from one platform to another. The disclosed system combines user and equipment authentication with equipment environment authorization guaranteed by a security module such as supported by a trusted platform module (TPM) in parallel, for secure information transfer to support migration between platforms.

Abstract: A method for identity verification includes receiving a request for proof of identity from a service provider and receiving biometric information associated with a user of a communication device. The method also includes determining that the received biometric information matches a biometric profile that contains biometric information associated with a registered user of the communication device. The method also includes unlocking a private key associated with the registered user in response to determining that the received biometric information matches a biometric profile and sending a request for a digital certificate that is signed with the private key associated with the registered user. The method further includes receiving the digital certificate that includes a public key associated with the registered user and satisfies the request for proof of identity. The method also includes with forwarding the digital certificate to the service provider.

Abstract: A method for implementing an external trusted platform module includes establishing a connection with a remote host device via a remote interface. The method also includes receiving and processing a request for a trusted platform module (TPM) function from the remote host device via the remote interface. The method additionally includes generating a response to the request for the TPM function based on the processing of the request for the TPM function received from the remote host device. The method further includes sending the response to the request for the TPM function to the remote host device via the remote interface.

Abstract: A method for implementing a mobile trusted platform module includes establishing a connection with a first remote host device via a remote interface. The method also includes authenticating the connection. The method further includes, upon authenticating the connection, allowing the first remote host device to access a securely stored first application within a mobile trusted platform module.

Abstract: A security management approach that combines network security management with application layer or software service security to address the threat of internal network security attacks. The invention is directed to a method for enhancing network security on a computer network. Data access privileges relating to users and services are interpreted, network access rules are determined based on the interpreted privileges, and network message traffic is monitored and filtered based on the determined network access rules. The interpreting, determining, monitoring, and filtering are performed at a network layer responsible for controlling how a network device gains access to the network, such as the Media Access Control (MAC) layer.

Abstract: Hydrogels presented in the form of pellets which are capable of regulating, without dissolving, any pH of an aqueous solution so as to convert it to a pH of 7. These pellets can be removed from the solution at any time without this modifying the pH, and once washed, can be used again. The velocity of buffering depends on the initial pH and can be controlled by modifying the mass and the composition of the pellets. They are obtained by copolymerization of a vinyl-heterocyclic comonomer and a divinyl comonomer in an aqueous solution at a temperature of close to 60.degree. C., in an inert atmosphere. By adjusting the proportion of crosslinking agent and the concentrations of comonomers, the crosslinking of the hydrogel is regulated in accordance with the intended use of the product.