Abstract: A secure (e.g., HTTPS) connection is established between a client and a server. Communication over the connection may utilize an application (e.g., a Web browser) that is not part of the client's trusted computing base. A password is sent from the client to the server over the connection such that the clear text password is unavailable to the application. For example, the password can be encrypted and inserted directly into the HTTPS stream from the client's trusted computing base.

Abstract: In a rigid drive axle for a vehicle comprising an axle beam provided with a differential housing, at least two tubular axle sections extending in opposite directions from the differential housing and spring support brackets projecting laterally from the axle tube sections, the spring support brackets are integral parts of the axle tube sections facilitating adaptation to various automotive vehicles and forming a relatively low-weight structure which increases the ride comfort and driving safety and also provides for minimal tire wear.

Abstract: Systems and methods are described that control attempts made by an application to access data. In one embodiment, the application is associated with a security token that includes an application ID. In operation, the system receives a request, initiated by the application, for access to the data. The system is configured to evaluate the request for access based in part on comparison of the security token and a listing of approved application IDs associated with the data.

Abstract: Techniques are described herein for securely prompting a user to confirm sensitive operations, input sensitive information or the like. The techniques include receiving or intercepting calls from applications to prompting routines. When a call to a prompting routine is received or intercepted a hint may be provided to the user to switch to a secure desktop. When the user switches from the user desktop to the secure desktop the particular prompt is displayed. The input to the prompt is received on the secure desktop and verified to have been provided by the user. The user input or a representation of the input is then returned to the application running on the user desktop. Using these techniques, interception of prompting messages by malware does not result in sensitive information being revealed. Furthermore, spoofing of new messages by malware does not lead to the dismissal of critical prompting.

Abstract: An operating system for a computing device has a first session for a user that includes a first base process that has a first privileges token attached thereto. The first privileges token includes substantially a full set of privileges of the user on the operating system. The operating system also has a second session for the user that includes a second base process that has a second privileges token attached thereto. The second privileges token is derived from the first privileges token and includes only a minimum set of privileges of the user on the operating system. Thus, the second, limited token does not have all privileges associated with the first, full token but instead has a limited set of privileges and not extra privileges that could be employed to take actions that would be harmful, deceptive, or malicious.

Abstract: Systems and/or methods are described that enable a credential interface. These systems and/or methods may build a credential user interface enabling a user to choose between multiple credentials and submit an authenticator for a chosen credential. These systems and/or methods may also gather information about arbitrary credentials and build a user interface for submission of authenticators for these arbitrary credentials.

Abstract: Systems and methods are described that control attempts made by an application to access data. In one embodiment, the application is associated with a security token that includes an application ID. In operation, the system receives a request, initiated by the application, for access to the data. The system is configured to evaluate the request for access based in part on comparison of the security token and a listing of approved application IDs associated with the data.

Abstract: A centrifuge having a motor shaft, a rotor that engages the motor shaft and a cover for securing the rotor to the rotor shaft. The cover has a knob with a coupling disposed therein. The coupling functions to simultaneously secure the rotor cover to the rotor body and the rotor body to the motor shaft.

Abstract: Systems and methods are described for providing security through sessions. In an implementation, a method includes initiating a session, by an operating system, in which operating system services are executable and initiating another session, by the operating system, in which a user-interactive application is executable.

Abstract: Systems and methods are described for providing security through sessions. In an implementation, a method includes initiating a session, by an operating system, in which operating system services are executable and initiating another session, by the operating system, in which a user-interactive application is executable.

Abstract: A system and method facilitating secure credential management is provided. An aspect of the present invention provides for a credential management system including a credential user interface component, a trusted proxy component and a secure user interface component. The system can facilitate the secure acquisition, storage and/or application of credential(s) for a user (e.g., when accessing a particular resource) through a secure, isolated environment. For example, the system can be a core building block for operating system component(s) and/or application(s) that handle credential(s) in a secure manner.

Abstract: Methods and apparatuses are provided for use with smartcards or other like shared computing resources. One or more root certificates are stored on a smartcard. The root certificates can be selectively copied to a certificate store or other like mechanism of an operatively coupled computing or like device and available to support certificate and other trust related processes of the device. When the smartcard is no longer operatively available to the device, the root certificates are no longer available to support such certificate and other trust related processes of the device.

Abstract: Methods and apparatuses are provided for use with smartcards or other like shared computing resources. By selectively granting exclusive use to a requesting entity for a period of time, performance is improved by reducing unnecessary redundant overhead data, communication, storage and/or processing for an applicable series of transactions associated with a granted access request operation.

Abstract: Methods and apparatuses are provided for use with smartcards or other like shared computing resources. A global smartcard cache is maintained on one or more computers to reduce the burden on the smartcard. The global smartcard cache data is associated with a freshness indicator that is compared to the current freshness indicator from the smartcard to verify that the cached item data is current.

Abstract: A credential is translated with one of different credential provider modules each translating a corresponding different type of credential into a common protocol. The translated credential is communicated through an API to a logon UI module to an operating system (OS) of a local machine. An OS logon module is called by the logon UI module to authenticate the translated credential against a credential database. A user identified by the translated credential is logged on to access the local machine when the authentication is successful. The credential can also be used with a selection received from the logon UI module via a corresponding one of different pre-log access provider (PLAP) modules that each communicate with the API. The API establishes a network session with an access service specified by the selected PLAP module when the credential is authenticated with the credential database.

Abstract: An integrated circuit (IC) card is presented comprising an input/output (I/O) interface and a smart card development interface (SCDI), coupled to the I/O interface, to receive and identify debug frames interlaced within a normal communication flow between the IC card and a host system.

Abstract: A centrifuge having a motor shaft, a rotor that engages the motor shaft, the rotor having a bayonet screw disposed therein, and a cover with a knob. The knob has a pin disposed therein. The pin and the bayonet screw form a coupling that secures the cover to the rotor and the rotor to the motor shaft in a single step.

Abstract: A method and apparatus for securing a rotor to a drive cone in a centrifuge includes positioning a rotor upon a drive cone and providing a nut movable in an axial direction in the drive cone. A screw passing through a region of the rotor engages the nut, and a spring is located between a surface of the nut and a surface of the drive cone. By tightening the screw into the nut, the nut moves in an axial direction to compress the spring between the surface of the nut and the surface of the drive cone. The arrangement of the screw, nut, and spring prevents a loosening of the screw from the nut during operation of the centrifuge.

Abstract: There is provided an apparatus for securing a rotor to a drive cone in a centrifuge. The apparatus includes (a) a nut, movable in an axial direction in the drive cone, (b) a screw for passing through a region of the rotor and for engagement with the nut, and (c) a spring located between a surface of the nut and a surface of the drive cone. The screw, when tightened into the nut, moves the nut in the axial direction to compresses the spring between the surface of the nut and the surface of the drive cone.

Abstract: A laboratory centrifuge includes a continuous metal plate comprising an underbody base plate having a rotor drive motor mounted thereon, an angled front screen which contains operating devices and display instruments, and a bending region which extends between the base plate and the front screen. At least two reciprocally parallel rows of decoupling slots are arranged between the bending region of the metal plate and the base plate. The decoupling slots form a meandering bar connection between the front screen and the base plate, by which noise generated due to imbalance at the rotor or structural noise in the direction of the front plate is considerably reduced. A conventional table centrifuge housing having a hinged lid and rotor bowl is fitted on the underbody.