Abstract: Methods and systems are provided for sending messages in a security system. In particular, a new message syntax can include one or more positive assertions that may be verified. The receiver of the message or credential may verify all the positive assertions. In other configurations, one or more nodes that relay the message from the sender to the receiver can verify the positive assertions or may create one or more of the positive assertions. In this way, the network or entities used to relay the message can also be checked.

Abstract: Methods and systems are provided for sending messages in a security system. In particular, a new message syntax can include one or more positive assertions that may be verified. The receiver of the message or credential may verify all the positive assertions. In other configurations, one or more nodes that relay the message from the sender to the receiver can verify the positive assertions or may create one or more of the positive assertions. In this way, the network or entities used to relay the message can also be checked.

Abstract: A method for voice-based programming of a voice-controlled device includes executing, by a voice-controlled device, an application for recognizing spoken programming commands, the application including a plurality of keyword phrases each associated with an action. The method includes receiving, by a voice-controlled device, an audio signal representing a user utterance. The method includes identifying, by the voice-controlled device, within the received audio signal, one of the plurality of keyword phrases and data for use in taking the action associated with the one of the plurality of keyword phrases. The method includes modifying, by the voice-controlled device, at least one data structure stored by the voice-controlled device responsive to the identified one of the plurality of keyword phrases and data.

Abstract: A method for voice-based programming of a voice-controlled device includes executing, by a voice-controlled device, an application for recognizing spoken programming commands, the application including a plurality of keyword phrases each associated with an action. The method includes receiving, by a voice-controlled device, an audio signal representing a user utterance. The method includes identifying, by the voice-controlled device, within the received audio signal, one of the plurality of keyword phrases and data for use in taking the action associated with the one of the plurality of keyword phrases. The method includes modifying, by the voice-controlled device, at least one data structure stored by the voice-controlled device responsive to the identified one of the plurality of keyword phrases and data.

Abstract: Methods and systems are provided for sending messages in a security system. In particular, a new message syntax can include one or more positive assertions that may be verified. The receiver of the message or credential may verify all the positive assertions. In other configurations, one or more nodes that relay the message from the sender to the receiver can verify the positive assertions or may create one or more of the positive assertions. In this way, the network or entities used to relay the message can also be checked.

Abstract: An integrated circuit card is used with a terminal. The integrated circuit card includes a memory that stores an interpreter and an application that has a high level programming language format. A processor of the card is configured to use the interpreter to interpret the application for execution and to use a communicator of the card to communicate with the terminal.

Abstract: Methods and systems are provided for sending messages in a security system. In particular, a new message syntax can include one or more positive assertions that may be verified. The receiver of the message or credential may verify all the positive assertions. In other configurations, one or more nodes that relay the message from the sender to the receiver can verify the positive assertions or may create one or more of the positive assertions. In this way, the network or entities used to relay the message can also be checked.

Abstract: Methods, devices, and systems are provided for managing and controlling small footprint devices with a lightweight control protocol, such as SNMP. Relatively small control messages are employed that have a compact command portion included in an object identifier portion, thereby circumventing the need for a separate command portion as well as a data body. Also, methods, devices, and systems for improving the security and privacy of processing SNMP messages on SNMP-managed devices by moving this processing together with the sensitive data that the process employ such a cryptographic keys inside the tamper-resistant and tamper-evident boundary of an integrated circuit card.

Abstract: The present invention is directed toward secure access systems. Specifically, a method and system is provided that enhances the security of unidirectional communication protocols used in access control systems, such as the Wiegand protocol. The enhancements may include obfuscation of data, a two-way packet-mode communications, and blind synchronization of pseudo-random number generators.

Abstract: The present invention is directed toward secure access systems. Specifically, a method, system, and device are described that employ a synchronized pseudo-random number generator to secure communications between endpoints involved in a communication. If synchronization is lost between two devices, the two devices can regain synchronization by switching to use of a different pseudo-random number generator that is used for resynchronization instead of communications.

Abstract: An integrated circuit card is used with a terminal. The integrated circuit card includes a memory that stores an interpreter and an application that has a high level programming language format. A processor of the card is configured to use the interpreter to interpret the application for execution and to use a communicator of the card to communicate with the terminal.

Abstract: An integrated circuit card is used with a terminal. The integrated circuit card includes a memory that stores an interpreter and an application that has a high level programming language format. A processor of the card is configured to use the interpreter to interpret the application for execution and to use a communicator of the card to communicate with the terminal.

Abstract: An integrated circuit card is used with a terminal. The integrated circuit card includes a memory that stores an interpreter and an application that has a high level programming language format. A processor of the card is configured to use the interpreter to interpret the application for execution and to use a communicator of the card to communicate with the terminal.

Abstract: An integrated circuit card is used with a terminal. The integrated circuit card includes a memory that stores an interpreter and an application that has a high level programming language format. A processor of the card is configured to use the interpreter to interpret the application for execution and to use a communicator of the card to communicate with the terminal.

Abstract: Methods and systems are disclosed to enable a smart card having relatively low data rate and low computational power to control a high data rate communications channel without degradation of performance. The smart card and an associated monitor/interface, which can be implemented in a network access device, are interposed between transmitting and receiving nodes in a network, and configured to intervene when conditions of rules stored in the smart card are met. For example, the smart card can intervene when a packet header indicates sufficient change in information, such as the exceeding of a predefined threshold or a requirement for user authorization/authentication. In one mode of regulating packet flow, the smart card selectively enables or disables packet transmission, reception, or both, according to the rules stored therein.

Abstract: A method, reader, and system are provided for performing group authentication processes. In particular, a group access decision can be made upon the analysis of a group rule. The group rule may contain a Boolean expression including one or more Boolean conditions. If an appropriate group of credentials are presented to a reader such that the Boolean expression is satisfied, then the group of credentials and the holders thereof are allowed access to a protected asset.

Abstract: Mechanisms are provided for transferring sensitive information, such as cryptographic keys, between entities. Particularly, a device is provided with a user input connected directly to a secure element. The device enables a user to enter sensitive information in the user input which is then passed directly to the secure element without traversing any other element such that the secure element can encode and/or encrypt the sensitive information. Once the sensitive information has been encoded and/or encrypted by the secure element, the now secure sensitive information can be shared with other entities using familiar and popular, yet relatively unsecure, transfer methods.

Abstract: The present invention is directed toward secure access systems. Specifically, a method and system is provided that enhances the security of unidirectional communication protocols used in access control systems, such as the Wiegand protocol. The enhancements may include obfuscation of data, a two-way packet-mode communications, and blind synchronization of pseudo-random number generators.

Abstract: Methods, devices, and systems are provided for utilizing asynchronous messaging protocols, such as the Simple Network Management Protocol (SNMP), to implement relay messaging through a network, gather data from and/or set parameters on a plurality of managed devices in a network through the issuance and transmission of a single SNMP message, and/or cause multiple managed devices to perform cooperative and coordinated computations through the issuance of a single SNMP message.

Abstract: Mechanisms are provided for executing security-sensitive applications with a general-purpose computing device. In particular, the general-purpose computing device includes an unsecure computing environment and a secure computing environment. The secure computing environment is established with a secure access module that includes data and functions for executing the security-sensitive application on behalf of the unsecure computing environment.