Abstract: A system, method and program product for managing e-mails from a source suspected of sending spam. The e-mails are received at a firewall or router en route to a mail server. A determination is made whether a source has sent an e-mail which exhibits characteristics of spam. In response, subsequent e-mails from the source destined for the mail server are rate-limiting at the firewall or router such that the firewall or router limits a rate at which the subsequent e-mails are forwarded from the firewall or router to the mail server. The rate is predetermined and less than a maximum rate at which the firewall or router can physically forward e-mails to the mail server absent the rate limit. A determination is made whether another source has sent another e-mail which exhibits more characteristics of spam than the first said e-mail. In response, subsequent e-mails from this other source are blocked at the firewall or router.

Abstract: A method for managing permission information of an application in a mobile terminal includes detecting a reference event associated the application, determining a type of the reference event, determining permission information of the application, determining whether to execute an operation of the application based on the permission information, and storing operation performance information related to the operation of the application in a database. A terminal includes an application layer to detect an event associated with a change in permission information of a first application and a second application, and a framework layer to determine whether permission information of the first application is changed with respect to the second application, to determine an event type associated with the change in the permission information, to determine permission information of the first application and the second application, and to determine whether to execute a security program.

Abstract: An access rights management system is presented in which a mobile device may be allowed to access corporately held data in a flexible manner but in which the security and integrity of the data is maintained. The mobile device is provided with a rights adjustment module which modifies the access rights for locally stored corporate data in dependence on the connectivity of the mobile device with a corporate server.

Abstract: An image forming apparatus provided with an interface for a portable information recording medium, has an access control part carrying out access control, for respective ones of a plurality of resources which the image forming apparatus has, based on access control information defining whether or not usage thereof by a user is allowed, wherein the access control part carries out access control based on the access control information stored in the portable information recording medium.

Abstract: A device to authenticate a user includes a user interface unit to receive a password input; a surrounding information detecting unit to detect surrounding information of the device; and an authentication unit to authenticate the password input and to determine whether the surrounding information matches preset surrounding information. A method for performing authentication includes receiving an authentication input for authenticating a user; determining whether an authentication condition is satisfied, based on surrounding information of a device; and authenticating the authentication input.

Abstract: The invention relates to a chip for processing a content, comprising at least a microprocessor. Said chip includes an integrated non-volatile programmable memory for storing protection data and protected data, said protection data being intended to be used for authorizing/denying access to said protected data by said microprocessor under execution of a program. The invention allows to protect program and data dedicated to a chip-integrated conditional-access system and to protect features as external connections and downloaded data directly on the chip.

Abstract: Techniques for resource access authorization are described. In one or more implementations, an application identifier is used to control access to user resources by an application. A determination is made whether to allow the application to access the user resources by comparing an application identifier received from an authorization service with a system application identifier for the application obtained from a computing device on which the application is executing.

Abstract: Methods and system for implementing a clustered storage solution are provided. One embodiment is a storage controller that communicatively couples a host system with a storage device. The storage controller comprises an interface and a control unit. The interface is operable to communicate with the storage device. The control unit is operable to identify ownership information for a storage device, and to determine if the storage controller is authorized to access the storage device based on the ownership information. The storage controller is operable to indicate the existence of the storage device to the host system if the storage controller is authorized, and operable to hide the existence of the storage device from the host system if the storage controller is not authorized.

Abstract: Content inspection techniques are described. In one or more implementations, it is detected that an application executing on a computing device is calling a particular code element of a group of code elements to be used to process content. For example, the group of code elements can include a pre-specified group of code elements (e.g., functions and/or properties) that may enable access to particular functionalities of a computing device and thus are associated with a known security risk. It is then ascertained that the content is untrusted and, in response to ascertaining that the content is untrusted, the content is inspected to determine if the content is safe to be passed to the code element.

Abstract: A method and system for managing suspicious devices on a network. The method includes, setting based on a manager's input or selection a suspicious group corresponding to each of at least one suspicious management item for managing a plurality of devices on a network via a user interface; accessing the devices and reading information corresponding to the suspicious management item; determining whether each device is a suspicious device based on the information corresponding to the suspicious management item, and registering the device in the suspicious group if the device is determined as a suspicious device; checking whether an error of the device comprised in the suspicious group is resolved; and eliminating the device from the suspicious group if the error of the device is resolved.

Abstract: The security event monitoring device includes: a storage module which stores in advance a correlation rule; a log collection unit which receives each log from each monitoring target device; a correlation analysis unit which generates scenario candidates by associating each of the logs; a scenario candidate evaluation unit which calculates the importance degrees of each scenario candidate; and a result display unit which displays/outputs the scenario candidate of a high importance degree. The scenario candidate evaluation unit includes: a user association degree evaluation function which calculates user association degrees; an operation association degree evaluation function which calculates the operation association degrees; and a scenario candidate importance reevaluation function which recalculates the importance degrees of each of the scenario candidates by each user according to the user association degrees and the operation association degrees.

Abstract: System, method and computer program product for verifying an avatar owner as a human user of an avatar in a virtual world environment in which humans interact through avatars via client devices in network communication with a server device. A request for challenging an avatar in the virtual world environment is received to determine whether that avatar is controlled by an application program user (bot). A user client device associated with a challenged avatar is identified and a Human Identification Proof (HIP) message for detecting a human user versus a bot controlling the challenged avatar is generated and communicated, for receipt at the identified user client device. It is determined from the response, whether the user is a bot or a human user. If a challenged avatar is determined to be a bot, then the server device prevents the challenged avatar from further interaction in the virtual world environment.

Abstract: A survivable network is described in which one or more network device includes enhanced functionality to fight through cyber attacks. A Fight-Through Node (FTN) is described, which may be a combined hardware/software system that enhances existing networks with survivability properties. A network node comprises a hardware-based processing system having a set of one or more processing units, and a hypervisor executing on each one of the processing units; and a plurality of virtual machines executing on each of the hypervisor. The network node includes an application-level dispatcher to receive a plurality of transaction requests from a plurality of network communication session with a plurality of clients and distribute a copy of each of the transaction requests to the plurality of virtual machines executing on the network node over a plurality of time steps to form a processing pipeline of the virtual machines.

Abstract: Computer program products and methods of inspecting a log of security records in a computer network are provided. The method includes retrieving a log record, processing the log record including deriving a key to a table, determining a data value from information in the log record and adding the data value to a list of data values associated with the key if the data value is unique. One or more entries of the table are evaluated based on predetermined criteria to detect attempted security breaches.

Abstract: In accordance with an example embodiment of the present invention, there is provided a method including: detecting a malware in a computer system and in response to the detection of the malware in the computer system initiating a deactivation of malware; detecting a file altered by the malware in response to a successful deactivation of the malware; and initiating a restoration of the altered file in response to the detection of the file altered by the malware.

Abstract: According to a first aspect of the present invention there is provided a method of scanning a computer device in order to detect potential malware when an operating system running on the computer device prevents applications installed on the device from accessing installed files of other applications installed on the device. The method includes the steps of detecting installation of an application on the device, identifying one or more installation files that are required to perform the installation of the application, and performing a malware scan of the identified installation files and/or information obtained from the installation files.

Abstract: A technique for improving the installation of anti-malware software performs an analysis of a computer on which anti-malware software is to be installed prior to complete installation of the anti-malware software. If the analysis determines that the computer may already contain malware, then an attempt may be made to scan and clean the computer prior to the installation of a portion of the anti-malware software. Otherwise, the pre-installation scan and clean may be bypassed, allowing the installation of that portion of the anti-malware software.

Abstract: In accordance with one embodiment of the present disclosure, a method for determining the similarity between a first data set and a second data set is provided. The method includes performing an entropy analysis on the first and second data sets to produce a first entropy result, wherein the first data set comprises data representative of a first one or more computer files of known content and the second data set comprises data representative of a one or more computer files of unknown content; analyzing the first entropy result; and if the first entropy result is within a predetermined threshold, identifying the second data set as substantially related to the first data set.

Abstract: A method includes receiving a status update from a client device, the status update reflects at least one change associated with the client device, updating a model of the client deice based on the status update, receiving data to be screened for a virus, the data is received after an updating of the model of the client device, and screening the model of the client device for the virus. Systems and articles of manufacture are also disclosed.

Abstract: Apparatuses, computer readable media, methods, and systems are described for identifying risk assessment queries for assessing risk of a process, providing the identified risk assessment queries to a client device for presentation, receiving response data from the client device comprising responses to the risk assessment queries, determining response values for at least some of the risk assessment queries based on the received response data, and calculating a process risk metric based on the determined response values.

Abstract: The present invention is a method to provide mechanisms and judgment to determine the ongoing veracity of “purported” devices (sometimes called spoofing) with such parameters as unique device ID, access history, paths taken and other environmental data (Device Authentication). This invention relies upon a previous invention “Reputation Database in the cloud and Internet”—the internet is comprised of collections of devices, data, applications and networks all dynamically exchanging information among users. We present a mechanism for real time observation, and putting or accessing those observations into a distributed virtual database for contextual evaluation and analysis of how the internet is being used or potentially subverted. This includes real time evaluation of DNS database changes, server logs, performance, path resolution, device logs, tip data and law enforcement data.

Abstract: A facility is described for analyzing access control configurations. In various embodiments, the facility comprises an operating system having resources and identifications of principals, the principals having access control privileges relating to the resources, the access control privileges described by access control metadata; an access control scanner component that receives the access control metadata, determines relationships between principals and resources, and emits access control relations information; and an access control inference engine that receives the emitted access control relations information and an access control policy model, analyzes the received information and model, and emits a vulnerability report.

Abstract: Methods and apparatus for network security content-checking, in particular simplifying the critical element of a content-checker so that it can be trusted and implemented in hardware logic. A method comprises determining whether a digitally encoded document contains any embedded documents; content-checking, by means of at least one hard-ware-implemented content-checker, at least one of the embedded documents separately from those parts of the digitally encoded document within which it was embedded; and releasing a version of the digitally encoded document responsive to the content-checking.

Abstract: Various embodiments provide an ability to isolate execution of trusted content and/or script from execution of untrusted content and/or script. Separate contexts and/or execution environments can be used for the trusted content and untrusted content, respectively. A trusted context and/or execution environment associated with execution of trusted content can be configured to enable access to sensitive resources associated with a computing device. An untrusted context and/or execution environment associated with execution of untrusted content can be configured with limited and/or no access to the sensitive resources. Alternately or additionally, data generated within the untrusted context can be transferred to the trusted context in a benign manner.

Abstract: A authentication system to avoid the consumption of counterfeit products comprising a method using the World Wide Web to verify each individual merchandise using a unique identification number and verifying the unique number against a database online. Further the authentication system comprises a loyalty program in order to encourage customers to use and to denounce counterfeit product sellers.

Abstract: An archive of an object set may include various security features that enable a detection of alterations of the contents of the objects. However, the security measures of an archive may fail to detect an inadvertent or intentional alteration of the structure of the object set, including the addition of new objects, changes to the metadata (e.g., the name, position within the object set, and location and size within the archive) of respective objects of the object set, and the deletion of directory entries for the objects. Therefore, an archive may be generated with verifiers (e.g., hashcodes) calculated not only for the contents of objects, but for the directory of the archive, and may be included in the signature of the archive. This verification may extend the detecting of alteration of the archive to include the structure of the archive as well as the contents of the objects contained therein.

Abstract: A method for enhancing the privacy of individuals who may be tracked while visiting different sites on the Internet using conventional browsers is disclosed. The method is based on randomizing the information collected in cookies that are used for tracking by different websites.

Abstract: Embodiments of the invention are directed to systems, methods, and computer program products configured to determine communities within an organization dynamically based on the distribution of entitlements within the organization.

Abstract: In one embodiment, an internet monitor service may use a final content rating to determine access to a webpage. A monitor client 102 may generate a client content rating of a webpage 104. The monitor client 102 may factor the client content rating with a server content rating of the webpage 104 to determine a final content rating for the webpage 104.

Abstract: A method for filtering web page content is disclosed in this invention. In the method, a web page request to obtain a web page from a web server is received from a client through a network equipment after the client builds a connection with the web server. The network equipment transmits the web page request to a cloud server for determining if the web page needs to be blocked according to the web page request. A first disconnection request and a second disconnection request is generated according to the web page request if it is determined that the web page needs to be blocked. The first disconnection request is transmitted to the client and the second disconnection request is transmitted to the web server through the network equipment. Subsequently, the connection between the client and the web server is disconnected.

Abstract: A system and method for program access control includes, for a typestate, providing typestate properties and assigning a role to the typestate in a program in accordance with the typestate properties. Access to operations is limited for the typestate in the program based on the role assigned to the typestate and an access permission level.

Abstract: The present embodiments provide methods, apparatuses, and systems to distribute content over a network. Some embodiments provide methods to distribute content within a local media network. These methods receive a request for a first content to be transferred to a sink device, request from the source an access criteria for a first content that is protected according to a first digital rights management (DRM), forward the access criteria to the sink device, receive an evaluation of the access criteria from the sink device regarding at least whether the sink device can interpret the first DRM, determine according to the evaluation received from the sink device whether the sink device can utilize the first content that is protected according to the first DRM, and initiate a transfer of the first content from the source device to the sink device when the sink device can utilize the first content.

Abstract: Techniques for sharing of items from online storage (e.g., cloud storage) are described herein. In at least some embodiments, sharing links can be configured as one-time sharing links that provide recipients with limited, one-time access to a shared item for the purpose of selecting or registering an account to use for subsequent access to the item. Recipients are able to select accounts they find most convenient for accessing a shared item without the owner/sharer of the item necessarily having contact information for those accounts or sending a link to the accounts. Selection of a one-time link initiates an authentication sequence that selectively provides an option to select a particular account. Once the one-time sharing link is redeemed, the one-time sharing link is invalidated for subsequent access to the item.

Abstract: A Data Isolation Service for data, information, and knowledge sharing giving organizations using any type of software solution the ability to provide the public with certain public declassified information using a public facing instance of the same software solution. The Data Isolation Service allows for sensitive data to remain secure using a hybrid data storage model. This hybrid model allows for all data to remain secure without the risk that the private data becomes compromised when sharing public data. The Data Isolation Service can be used with any software technology and application system. The Data Isolation Service is a technology service that keeps private and public data partitioned allowing for the transport of public declassified data from within the organization or private database to a public database for public use, then allowing the public declassified data to re-enter the private database for internal organization use.

Abstract: A detection filter installed in an application server including a secure application is disclosed. In one embodiment, the filter includes a rules engine for receiving request data representing an access request for the secure application from a user. The engine applies at least one risk condition rule to the request data to generate a risk probability level, and detects at least one fraud condition when the risk probability level exceeds a threshold level, before passing the access request to the secure application.

Abstract: A system for controlling access to user resources and a method thereof are provided. The system includes a client device and a server. The client device receives an input of access regulations, which define an access level and access agent for first-user resources, from a first user, and transmits the received access regulations to the server. When a second user has access to the user resources, the server controls the access in compliance with the access regulations.

Abstract: Techniques are disclosed for presenting and collecting end user license agreement acceptance for software applications or firmware components executed on a computing appliance. A sentry component allows only certain commands to be executed before the relevant end user license agreements are accepted, e.g., commands to configure a network interface and web server on the appliance executed on a shell over a serial interface. Once configured the web server is used to provide a rich interface for presenting end user license agreements and obtaining acceptance thereof. Once the user accepts the terms of the relevant license agreements, then the appliance is made active and all configuration commands become operational, including commands needed to configure the device and start services which would otherwise be prohibited by the sentry component prior to license acceptance.

Abstract: Software update distribution techniques are disclosed. Authentication information is received, from a content source authenticator, by an update agent included in a client device. The authentication information comprises a list of a plurality of content sources, wherein the plurality of content sources have been verified by the content source authenticator as being authentic content sources for legitimate software applications. The update agent selects a first content source of the plurality of content sources, where the first content source is configured to provide updates for a first software application. The update agent checks the first content source for updates for the first software application.

Abstract: Methods, systems, and computer program products are provided for enabling selective file system access by applications. An application is installed in a computing device. An application manifest associated with the application is received. The application manifest indicates one or more file types that the application is allowed to access. The indicated file type(s) are registered in a location accessible by a broker service. The application is launched as an application process. The application process is isolated in an application container. The application container prevents direct access by the application process to file system data. An access request related to first data of the file system data is received at the broker service from the application process. Access by the application process to the first data is enabled when the broker service determines that a file type of the first data is included in the registered file type(s).

Abstract: One or more techniques and/or systems are disclosed for generating a developer license that allows a developer application to run on developer machine. A user identification (userID) used to register a user can be used by the user to register as a developer. The userID can be authenticated for the registered developer. Further, a machine used by the developer for the developer application can be registered, and a resulting hardware identification (hardwareID) can be authenticated for the registered developer machine. Additionally, a developer certificate can be generated for the registered developer. The developer certificate can be authenticated and used to sign the developer application. The developer license can be generated for the developer, allowing the developer machine to execute the developer application, based at least upon the authenticated userID, the authenticated hardwareID, and the authenticated developer certificate.

Abstract: In accordance with an embodiment, a method, apparatus or tangible computer medium (which stores computer executable code or program code) performs or facilitates: determining one or more aspects of an unauthorized copy of electronic content accessible to or through a user device; and conducting a transaction between the user device and a legitimizing party to legitimize the electronic content in view of the determined aspect(s). The electronic content may be unsecured copyrighted content.

Abstract: Nucleic acid and protein sequences relating to a cation channel which is sperm-specific (CatSper4) are disclosed. The CatSper4 protein is shown to be specifically expressed in sperm. Nucleic acids, vectors, transformed cells, transgenic animals, polypeptides, and antibodies relating to the CatSper4 gene and protein are disclosed. Also provided are methods of in vitro fertilization and contraception, methods of identifying modulators of CatSper4 activity, methods of genotyping subjects with respect to CatSper4, and methods of diagnosing and treating CatSper4-mediated disorders, including infertility. Related business methods are also disclosed.

Abstract: The present application relates to use of a Midkine family protein for growing hair on a mammal, or in the manufacture of a medicament for growing hair on a mammal, especially for treatment or prevention of different forms of alopecia.

Abstract: A nucleic acid construct comprising a genetic engineered heterogeneous nuclear ribonucleoprotein (hnRNP) A1 gene is provided. A transgenic mouse in which the expression of hnRNP A1 gene has been disrupted is also provided. The mouse is useful for studying the role of hnRNP A1 gene in normal and disease states of a neurodegenerative disease or a cancer for developing therapies to treat any of these diseases. Therefore, a method of screening a compound for potential use in prevention and/or treatment of neurodegenerative disease or cancer is further provided.

Abstract: The present invention relates to methods of modulating traits, particularly production traits, in avians such as chickens. In particular, the invention relates to the in ovo delivery of a dsRNA molecule, especially siRNAs, to modify production traits in commercially important birds.

Abstract: An I-CreI variant, wherein one of the I-CreI monomers has at least two substitutions, one in each of the two functional subdomains of the LAGLIDADG core domain situated respectively from positions 26 to 40 and 44 to 77 of I-CreI, said variant being able to cleave a DNA target sequence from a RAG gene. Use of said variant and derived products for the prevention and the treatment of a SCID syndrome associated with a mutation in a RAG gene.

Abstract: The present invention provides a method for diagnosing and detecting diseases associated with colon. The present invention provides one or more proteins or fragments thereof, peptides or nucleic acid molecules differentially expressed in colon diseases (CCAT) and antibodies binds to CCAT. The present invention provides that CCAT is used as targets for screening agents that modulates the CCAT activities. Further the present invention provides methods for treating diseases associated with colon.

Abstract: The present invention relates to nucleic acid sequences and cellular proteins encoded by these sequences that are involved in infection or are otherwise associated with the life cycle of one or more pathogens.

Abstract: The invention provides seed and plants of broccoli hybrid RS05151611 and the parent lines thereof. The invention thus relates to the plants, seeds and tissue cultures of broccoli hybrid RS05151611 and the parent lines thereof, and to methods for producing a broccoli plant produced by crossing such plants with themselves or with another broccoli plant, such as a plant of another genotype. The invention further relates to seeds and plants produced by such crossing. The invention further relates to parts of such plants.

Abstract: A soybean cultivar designated S100319 is disclosed. The invention relates to the seeds of soybean cultivar S100319, to the plants of soybean cultivar S100319, to the plant parts of soybean cultivar S100319, and to methods for producing progeny of soybean cultivar S100319. The invention also relates to methods for producing a soybean plant containing in its genetic material one or more transgenes and to the transgenic soybean plants and plant parts produced by those methods. The invention also relates to soybean cultivars or breeding cultivars, and plant parts derived from soybean cultivar S100319. The invention also relates to methods for producing other soybean cultivars, lines, or plant parts derived from soybean cultivar S100319, and to the soybean plants, varieties, and their parts derived from use of those methods. The invention further relates to hybrid soybean seeds, plants, and plant parts produced by crossing cultivar S100319 with another soybean cultivar.