Abstract: A method of establishing a secure channel between a human user and a computer application is described. A secret unique identifier (“PIN”) is shared between a user and an application. When the user makes a request that involves utilizing the PIN for authentication purposes, the application renders a randomly selected identifier. The randomly selected identifier is in a format that is recognizable to a human but is not readily recognizable by an automated agent. The randomly selected identifier is then presented to the human user. The user identifies the relationship between the randomly selected identifier and the PIN. If the user's input reflects the fact that the user knows the PIN, then the user is authenticated.

Abstract: Systems and methods are provided for performing transactions and managing communications using a trusted third party. In one embodiment, a sender transfers an encrypted version of a file (such as a digitally encoded audio track, movie, document, or the like) to someone who wishes to receive it. The receiver computes a first hash of at least a portion of the encrypted data content, and sends the first hash to a third party configured to compare at least a portion of the first hash to at least a portion of a second hash. The receiver receives a file decryption key from the third party, and decrypts at least the portion of the received encrypted data content with the decryption key. In some cases, multiple hashes of the encrypted data content may be computed, each using a different portion of the encrypted data content.

Abstract: A method of establishing a secure channel between a human user and a computer application is described. A secret unique identifier (“PIN”) is shared between a user and an application. When the user makes a request that involves utilizing the PIN for authentication purposes, the application renders a randomly selected identifier. The randomly selected identifier is in a format that is recognizable to a human but is not readily recognizable by an automated agent. The randomly selected identifier is then presented to the human user. The user identifies the relationship between the randomly selected identifier and the PIN. If the user's input reflects the fact that the user knows the PIN, then the user is authenticated.

Abstract: Systems and methods are provided for authentication by combining a Reverse Turing Test (RTT) with password-based user authentication protocols to provide improved resistance to brute force attacks. In accordance with one embodiment of the invention, a method is provided for user authentication, the method including receiving a username/password pair associated with a user; requesting one or more responses to a first Reverse Turing Test (RTT); and granting access to the user if a valid response to the first RTT is received and the username/password pair is valid.

Abstract: Identifying participants for collaboration in a threat exchange community can include receiving security data from a plurality of participants at a threat exchange server within the threat exchange community; and in response to receiving from a first participant from the plurality of participants security data associated with a security occurrence, identifying at the threat exchange server the first participant and a second participant from the plurality of participants for collaboration based on characteristics of the first participant and the second participant.

Abstract: Sharing information can include identifying, utilizing a threat exchange server, a security occurrence associated with a participant within a threat exchange community. Sharing information can also include determining what participant-related information to share with the threat exchange server in response to the identified security occurrence, and receiving, at the threat exchange server, information associated with the determined participant-related information via communication links within the threat exchange community.

Abstract: Providing a targeted security alert can include collecting participant data from a plurality of participants within a threat exchange community, calculating, using a threat exchange server, a threat relevancy score of a participant among the plurality of participants within the threat exchange community using the collected participant data, and providing, from the threat exchange server to the participant, the targeted security alert based on the calculated threat relevancy score via a communication link within the threat exchange community.

Abstract: Threat exchange information protection can include receiving security information from a number of participants of a threat exchange community, wherein a portion of the received security information is encoded with pseudonyms by each of the number of participants, analyzing the security information collectively from the number of participants, wherein the portion of the received security information remains encoded, and sending analysis results to each of the number of participants, wherein the analysis results include information relating to the portion.

Abstract: Systems and methods are provided for performing transactions and managing communications using a trusted third party. In one embodiment, a sender transfers an encrypted version of a file (such as a digitally encoded audio track, movie, document, or the like) to someone who wishes to receive it. The receiver computes a first hash of at least a portion of the encrypted data content, and sends the first hash to a third party configured to compare at least a portion of the first hash to at least a portion of a second hash. The receiver receives a file decryption key from the third party, and decrypts at least the portion of the received encrypted data content with the decryption key. In some cases, multiple hashes of the encrypted data content may be computed, each using a different portion of the encrypted data content.

Abstract: A process includes analyzing events reported by computing devices on a network to recognize patterns of events that occurred on the network and sharing with a community, information concerning the patterns detected. The process may also use consolidated information on the patterns to select one or more of the patterns for analysis that identifies whether the selected patterns result from malicious activity. The consolidated information includes information on the patterns detected on the network and information concerning corresponding patterns of events that occurred elsewhere.

Abstract: A method of establishing the integrity of an audit record set is described. The method comprises receiving a set of audit records and generating a first set of random values wherein each audit record in the set corresponds to at least one value of the first set. The method further comprises generating a second set of values based on an audit record and a corresponding value of the first set for each audit record in the set and generating a summary value based on the second set of values. The method further comprises certifying the summary value to generate an integrity certificate enabling verification of the integrity of the audit record set and storing the audit record set and at least one of the first set of values and the generated digital signature.

Abstract: Threat exchange information protection can include receiving security information from a number of participants of a threat exchange community, wherein a portion of the received security information is encoded with pseudonyms by each of the number of participants, analyzing the security information collectively from the number of participants, wherein the portion of the received security information remains encoded, and sending analysis results to each of the number of participants, wherein the analysis results include information relating to the portion.

Abstract: Identifying participants for collaboration in a threat exchange community can include receiving security data from a plurality of participants at a threat exchange server within the threat exchange community; and in response to receiving from a first participant from the plurality of participants security data associated with a security occurrence, identifying at the threat exchange server the first participant and a second participant from the plurality of participants for collaboration based on characteristics of the first participant and the second participant.

Abstract: An example of security threat analysis can include generating a security threat hypothesis based on security data in a threat exchange server. A request for analysis based on the security data can be sent via communication links to at least one security monitored participant to analyze the security data. A response can be received from the at least one security monitored participant with information related to the completed security related task.

Abstract: Systems, methods, and machine-readable and executable instructions are provided for attack notification. Attack notification can include receiving security-related data from a number of computing devices that are associated with a number of entities through a communication link and analyzing a first portion of the security-related data that is associated with a first entity from the number of entities to determine whether the first entity has experienced an attack. Attack notification can include analyzing a second portion of the security-related data that is associated with a second entity from the number of entities and the first portion of the security-related data that is associated with the first entity to determine whether the second entity is experiencing the attack. Attack notification can include notifying, through the communication link, the second entity that the second entity is experiencing the attack if it is determined that the second entity is experiencing the attack.

Abstract: Systems and methods are provided for authentication by combining a Reverse Turing Test (RTT) with password-based user authentication protocols to provide improved resistance to brute force attacks. In accordance with one embodiment of the invention, a method is provided for user authentication, the method including receiving a username/password pair associated with a user; requesting one or more responses to a first Reverse Turing Test (RTT); and granting access to the user if a valid response to the first RTT is received and the username/password pair is valid.

Abstract: Systems and methods are provided for authentication by combining a Reverse Turing Test (RTT) with password-based user authentication protocols to provide improved resistance to brute force attacks. In accordance with one embodiment of the invention, a method is provided for user authentication, the method including receiving a username/password pair associated with a user; requesting one or more responses to a first Reverse Turing Test (RTT); and granting access to the user if a valid response to the first RTT is received and the username/password pair is valid.

Abstract: Systems and methods are provided for performing transactions and managing communications using a trusted third party. In one embodiment, a sender transfers an encrypted version of a file (such as a digitally encoded audio track, movie, document, or the like) to someone who wishes to receive it. The receiver computes a first hash of at least a portion of the encrypted data content, and sends the first hash to a third party configured to compare at least a portion of the first hash to at least a portion of a second hash. The receiver receives a file decryption key from the third party, and decrypts at least the portion of the received encrypted data content with the decryption key. In some cases, multiple hashes of the encrypted data content may be computed, each using a different portion of the encrypted data content.

Abstract: A questionnaire generation process presents a first subset from a set of questions of the questionnaire and receives first answers from a user. The first answers are used to determine whether the first answers are sufficient to give definite values to conditions of first rules, wherein the first rules have conditions for providing output. When the first answers are not sufficient, the conditions of the first rules can be used to identify a second subset of the questions, wherein the second subset of questions has second answers such that a combination of the first and second answers is sufficient to give definite values to the respective conditions of the first rules, and the second subset of questions can be presented to the user.

Abstract: Systems and methods are provided for performing transactions and managing communications using a trusted third party. In one embodiment, a sender transfers an encrypted version of a file (such as a digitally encoded audio track, movie, document, or the like) to someone who wishes to receive it. The receiver computes a first hash of at least a portion of the encrypted data content, and sends the first hash to a third party configured to compare at least a portion of the first hash to at least a portion of a second hash. The receiver receives a file decryption key from the third party, and decrypts at least the portion of the received encrypted data content with the decryption key. In some cases, multiple hashes of the encrypted data content may be computed, each using a different portion of the encrypted data content.