Abstract: Systems and methods are provided to determine a maliciousness level of an element using a hypergraph of neighbors. The method can include receiving the element; generating a hypergraph of neighbor target elements found in a database, the hypergraph comprising a set of nodes and a set of edges, wherein the set of nodes represents the neighbor target elements, and the set of edges represents connections between the neighbor target elements; classifying nodes and edges in the hypergraph; generating a maliciousness level profile for the element based on aggregation of nodes and edges in the hypergraph; linking information related to the element with the maliciousness level profile for the element; and performing an action based on a type of the element.

Abstract: There is disclosed a method and system for use in authenticating an entity. An authentication request is received from the entity. An input signal is received from a communications device associated with the entity. The input signal comprises the current location of the communications device. The current location of the communications device is derived from the input signal. Based on the current location of the communications device, an event is detected at substantially the same location as the current location of the communications device. An analysis is performed between the current location of the communications device and the event. An authentication result is generated based on the analysis between the current location of the communications device and the event. The authentication result can be used for authenticating the entity.

Abstract: There is disclosed a method, system and a computer program product for use in authenticating an entity. An authentication request is received from the entity. Information in connection with the entity is acquired from an external source. Based on the information, a risk score is set such that the riskiness of the authentication request can be readily deduced therefrom.

Abstract: There is disclosed a method and system for use in authenticating an entity. An entity location history is stored comprising a historical record of locations visited by the entity. An authentication request is received from the entity. A pattern of recent locations visited by the entity indicative of irregular behavior is detected. An analysis is performed between the pattern of recent locations indicative of irregular behavior and the entity location history for establishing the riskiness of the authentication request. An authentication result is generated based on the analysis between the pattern of recent locations indicative of irregular behavior and the entity location history.

Abstract: There is disclosed a method and system for use in authenticating an entity in connection with a computerized resource. An authentication request is received from entity for access to computerized resource. An input signal is received from a communications device associated with entity. The input signal comprises current location of communications device. The current location of communications device is derived from input signal. A location history in connection with communications device is captured. The location history comprises a record of discrete locations visited by communications device over a period of time. An analysis is performed between current location of the communications device and location history in connection with communications device. An authentication result is generated based on analysis between current location of communications device and location history in connection with communications device. The authentication result can be used for authenticating entity.

Abstract: A technique controls a soft token running within an electronic apparatus. The technique involves providing an initial series of authentication codes based on a first set of machine states. The initial series of authentication codes is provided from the electronic apparatus to a server through a forward channel to authenticate a user. The technique further involves receiving a command from the server through a reverse channel between the electronic apparatus and the server. The reverse channel provides communications in a direction opposite to that of the forward channel. The technique further involves changing the first set of machine states to a second set of machine states in response to the command, and providing a new series of authentication codes based on the second set of machine states. The new series of authentication codes is provided from the electronic apparatus to the server through the forward channel for user authentication.

Abstract: An improved technique for managing access of a user of a computing machine to a remote network collects device posture information about the user's mobile device. The mobile device runs a soft token, and the collected posture information pertains to various aspects of the mobile device, such as the mobile device's hardware, software, environment, and/or users, for example. The server applies the collected device posture information along with token codes from the soft token in authenticating the user to the remote network.

Abstract: A technique for detecting unauthorized copies of a soft token that runs on a mobile device includes generating a set of random bits on the mobile device and providing samples of the set of random bits, as well as token codes from the soft token, for delivery to a server during authentication requests. The server acquires the set of random bits of the mobile device, or learns the set of random bits over the course of multiple login attempts. Thereafter, the server predicts values of the samples of the set of random bits and tests actual samples arriving in connection with subsequent authentication requests. Mismatches between predicted samples and received samples indicate discrepancies between the random bits of the device providing the samples and the random bits of the mobile device, and thus indicate unauthorized soft token copies.

Abstract: A technique provides authentication codes to authenticate a user to an authentication server. The technique involves generating, by an electronic apparatus (e.g., a smart phone, a tablet, a laptop, etc.), token codes from a cryptographic key. The technique further involves obtaining biometric measurements from a user, and outputting composite passcodes as the authentication codes. The composite passcodes include the token codes and biometric factors based on the biometric measurements. Additionally, the token codes and the biometric factors of the composite passcodes operate as authentication inputs to user authentication operations performed by the authentication server. In some arrangements, the biometric factors are results of facial recognition (e.g., via a camera), voice recognition (e.g., via a microphone), gate recognition (e.g., via an accelerometer), touch recognition and/or typing recognition (e.g., via a touchscreen or keyboard), combinations thereof, etc.

Abstract: An improved technique for managing multiple virtual machines includes a presentation layer that receives user input for multiple virtual machines and renders output from the virtual machines in a unified presentation, which can be displayed to a user. In certain examples, Red/Green security is implemented by designating one virtual machine as a Green virtual machine and another as a Red virtual machine. Although different virtual machines are used, the presentation layer unifies the user's interaction with the virtual machines and reduces the need for the user to keep track of different virtual machines or to switch manually between them.

Abstract: An improved technique for delegating computing actions among different machines includes a policy engine that receives inputs specifying computing actions to be performed and automatically selects a virtual machine to perform each action. Machine selection is based on a policy, which recognizes multiple categories of computing actions, classifies each input as belonging to one of the categories, and directs each computing action to a virtual machine designated for performing only that one category of computing actions.

Abstract: An improved technique for assessing the security status of a device on which a soft token is run collects device posture information from the device running the soft token and initiates transmission of the device posture information to a server to be used in assessing whether the device has been subjected to malicious activity. The device posture information may relate to the software status, hardware status, and/or environmental context of the device. In some examples, the device posture information is transmitted to the server directly. In other examples, the device posture information is transmitted to the server via auxiliary bits embedded in passcodes displayed to the user, which the user may read and transfer to the server as part of authentication requests. The server may apply the device posture information in a number of areas, including, for example, authentication management, risk assessment, and/or security analytics.

Abstract: An improved technique provides scheduled data transfer between a mobile device and a server. The mobile device combines token codes generated by a soft token with sequences of auxiliary bits and displays the combinations to users as passcodes. Users may then copy the passcodes to their computers for authenticating to a server on a remote network. As the passcodes include both token codes and sequences of auxiliary bits, a communication channel is established whereby the auxiliary bits as well as the soft token codes are transmitted from the mobile device to the server.

Abstract: Lancets and methods of use are provided. Embodiments include lancets including a sleeve mounted to an elongated body having a needle terminating in a sharp tip.

Abstract: Lancing devices and methods of use are provided. Also provided are lancets for use with lancing devices. Certain embodiments of the lancing devices include a front end cap with an annular skin-engaging surface surrounding a piercing aperture.

Abstract: A dispenser that is connectable to a launch vehicle in order to deploy a plurality of satellites in orbit. The dispenser includes a post having a longitudinal axis, an assembly for coupling the post to a launch vehicle, and a plurality of fittings coupled to the post and having attachment means for deployably coupling a satellite to the post. The attachment means is aligned substantially orthogonal to the longitudinal axis of the post and defines attachment bays extending annularly about the post.