Abstract: Managing inventory and providing robust analytics related to the use of such inventory. In one embodiment a system is provided that includes terminals for collecting information about one or more medical consumables in a medical setting, an inventory tracker for processing and storing the information about the one or more medical consumables and making inventory information about the medical consumables available, and an analytics engine for generating usage information about a medical consumable within the medical setting.

Abstract: A health care appointment management system is provided. The health care appointment management system includes an integration module communicatively coupled to one or more electronic practice management systems (EPMs) of one or more health care providers. The integration module is configured to receive appointment scheduling data and appointment scheduling rules corresponding to the one or more health care providers. The health care appointment management system also includes a database configured to store the appointment scheduling data and the appointment scheduling rules corresponding to the one or more health care providers. In addition, the health care appointment management system includes a processing module configured to process the appointment scheduling data and to manage appointment updates for each of the one or more health care providers in accordance with the appointment scheduling rules of the respective health care provider.

Abstract: A computerized Medical Information Navigation Engine (“MINE”) extracts clinical knowledge, by identifying coded elements with reimbursement potential contributing to payoff based on clinical history, and subtracting coded elements documented in an encounter from the coded elements, based on business logic. The MINE sorts the remaining coded elements in accordance with one optimization criteria to payoff based on clinical history.

Abstract: A medical information system (1) includes a user interface unit (2), a function predictor (6), a visualization unit (8), and a display device (12). The user interface unit (2) receives responses of a patient diagnosed with a disease to standardized questions pertaining to body functions of the diagnosed patient. The function predictor (6) computes predicted function values for the at least one body function based on the received responses, a disease profile, a treatment option, and a statistical model constructed from population based survey results. The visualization unit (8) constructs a visual display of the predicted values of the at least one body function for the diagnosed patient. The display device (12) displays the visual display.

Abstract: Systems and methods are provided for eye health and vision examinations. A customer diagnostic center is configured to generate customer examination data pertaining to an examination of a customer's eye. The customer diagnostic center provides a user interface for communicating with a customer and ophthalmic equipment for administering tests to the customer. A diagnostic center server is configured to receive the customer examination data from the customer diagnostic center over a network and allow the customer examination data to be accessed by an eye-care practitioner. A practitioner device associated with the eye-care practitioner is configured to receive the customer examination data from the diagnostic center server and display at least a portion of the customer examination data to the eye-care practitioner. Customer evaluation data is generated pertaining to the eye-care practitioner's evaluation of the customer examination data. An eye health report is provided to the customer via the network.

Abstract: Disclosed herein are a display apparatus which facilitates a simultaneous comparison of a plurality of images which respectively illustrate different features on one divided display screen such that the images are seamlessly displayed on the screen, and an image display method which is performable by using the apparatus. The display apparatus includes a memory configured to store a plurality of different types of images of an object, an input device configured to receive an input of a command relating to simultaneously displaying the different types of images, and a display device configured to display images. Upon receiving the command, the display device divides a screen upon which an image of the object is displayable into a first region within which a first image showing one portion of the object is displayed and a second region within which a second image showing the remaining portion of the object is displayed.

Abstract: The present application provides a method for determining and managing a subject's risk profile. The risk profile may include the presence or absence of nocturia. The present application further provides methods of using such a risk profile, such methods for underwriting or managing the cost of life insurances or health insurances, methods for calculating risk associated with the risk profile in an insurance candidate/insured subject, and methods for improving lifespan of the insured based on the risk profile.

Abstract: A method of assessing stenosis severity for a patient includes generating a three dimensional model of a lesion specific vessel tree of the patient. A plurality of inlet and outlet positions are identified in the lesion tree. A total flow rate from the vessel tree model is estimated. A processor and task specific software are utilized to perform computational fluid dynamic simulation on the vessel tree. A flow rate and apparent flow resistance for each of the outlets is then determined. At least one ideal model is generated. A computational fluid dynamic simulation is performed on the at least one ideal model. A level of stenosis severity is determined for each of the outlets.

Abstract: Technology is disclosed for generating patient-specific healthcare protocols and systems and methods for generating and providing patient-specific healthcare protocols for facilitating medical examinations.

Abstract: A computer implemented system and method for quantifying a risk associated with medical and health care, the steps of which have; calculating, via a processor, a first value; the first value equal to the medications prescribed to a plurality of individuals in a specified population; calculating, via a processor, a second value; the second value equal to the prescribers of the first value of the plurality of individuals in a specified population; calculating, via a processor, a third value; the third value equal to the associated therapeutic classifications of the first value of the plurality of individuals in a specified population; calculating, via a processor, an average value of each first, second and third value; comparing, via a processor, the average value of each first, second and third value against a fourth value; the fourth value equal to a single individual of the first, second and third value; transforming, via a processor, the first, second, third and fourth values into a fifth value, calculating

Abstract: Method, system, web-based, or stand-alone software application which enables a PMP user, through integration with an existing electronic health record (EHR) or other database, to easily, and quickly transfer patient demographic information for submission to a regional, state, provincial, multi-state, private, or national system PMP. This PMP accessing method and system may be web-based or stand-alone software application provide a user-interface that easily enables the direct transfer of individual demographic information required by the prescription monitoring program (PMP) to the PMP database to obtain a prescription report quickly and efficiently circumventing manual data entry.

Abstract: A cabinet system for securely storing items includes a cabinet housing, a controller, and at least one drawer unit. The cabinet housing has a locking mechanism, and the controller is in communication with the cabinet housing and configured to operate the locking mechanism. The drawer unit is designed to be releasably locked at least partially within the cabinet housing by the locking mechanism, and slidable within a portion of the cabinet housing when released by the locking mechanism. The drawer unit includes at least one storage compartment, a cover, memory, and a power source. The storage compartment is configured to store at least one item therein. The cover is movable to an open configuration and a closed configuration. When the cover is in the closed configuration, the cover limits access to the item of the storage compartment. The memory is powered by the power source and is configured to store data associated with a movement of the cover.

Abstract: Embodiments presented herein describe techniques for providing feedback for a care plan for a patient. Embodiments receive a care plan specifying a plurality of assigned tasks for the patient to perform, timing information specifying when each of the plurality of assigned tasks should be performed, and a plurality of observation metrics that each indicate a type of biometric data to monitor. Biometric data corresponding to the plurality of observation metrics is collected using at least one monitoring device. Embodiments receive symptom information specifying one or more reported symptoms experienced by the patient and monitor adherence of the patient to completing the plurality of assigned tasks according to the timing information specified in the care plan. Embodiments further include providing feedback to the patient, based on the collected biometric data, received symptom information and monitored adherence.

Abstract: Techniques presented herein disclose a method for generating a derived observation for a care plan assigned to a patient. According to one embodiment, an application executing on a care platform server receives an event log having a plurality of events. Each event includes one or more types of biometric data for the patient. The care plan includes one or more definitions for metrics that are derived from the one or more types of biometric data. A temporal slice of the event log is selected based on one or more of the definitions. The derived metrics are generated by evaluating events within the selected temporal slice of the event log against one or more of the definitions.

Abstract: Techniques for administering a care plan. Embodiments receive the care plan specifying observation metrics to monitor biometric data collected from a patient. At least one monitoring device available is identified and embodiments receive biometric data collected using the at least one monitoring device, where the biometric data is initially classified as a first type of event by the at least one monitoring device. Additionally, embodiments analyze the received biometric data to reclassify the first event as an occurrence of a second type of even, and, upon determining that the occurrence of the second type of event satisfies at least one threshold condition specified in the care plan, initiate at least one treatment plan specified in the care plan and corresponding to the satisfied at least one threshold value.

Abstract: Systems and methods are described that provide a dynamic reporting functionality that can identify important information and dynamically present a report about the important information that highlights important findings to the user. The described systems and methods are generally described in the field of diabetes management, but are applicable to other medical reports as well. In one implementation, the dynamic reports are based on available data and devices. For example, useless sections of the report, such as those with no populated data, may be removed, minimized in importance, assigned a lower priority, or the like.

Abstract: Systems and methods are described that provide a dynamic reporting functionality that can identify important information and dynamically present a report about the important information that highlights important findings to the user. The described systems and methods are generally described in the field of diabetes management, but are applicable to other medical reports as well. In one implementation, the dynamic reports are based on available data and devices. For example, useless sections of the report, such as those with no populated data, may be removed, minimized in importance, assigned a lower priority, or the like.

Abstract: System and method to determine a reduced cohort criteria, the method including: defining N selection criteria to select a cohort from among a universe of patient data; querying a patient database, by use of a processor, and by use of the N selection criteria, in order to define a full patient population; selecting a subset of size M of the N selection criteria, to produce a subset criteria; selecting a permutation of the subset criteria, to produce a permuted subset criteria in a predetermined order; for each member of the permuted subset criteria: querying the patient database by use of the member of the permuted subset criteria to produce a respective interim patient population; combining all respective interim patient populations to produce a partial patient population; and calculating, by a processor, a coverage figure of merit that compares the partial patient population to the full patient population.

Abstract: Embodiments of the inventive concept provide an automated medical computer logic apparatus, which can provide automated medical diagnosis and treatment support to HCPs and patients. A patient can indicate a chief complaint such as chest pain, ear discomfort, a rash, or the like. A rules engine can include clinical modules and a module selector. The module selector can receive the chief complaint and select a particular clinical module. An evaluator logic section can receive and process the selected clinical module. Based on the selected clinical module, the evaluator logic section can cause a dynamic interview to be conducted with the patient, and can map individual question responses to various possible diagnoses, indicating how much each diagnosis should be weighted. The evaluator logic section can suggest treatment options.

Abstract: The method according to the invention allows the formation of oil and the retention phenomenon in the source rock to be modelled. Organic matter characterization experiments are used to establish the molecular model (MM) of the initial sample (E). The thermal cracking reaction of this molecular model is reproduced by dynamic molecular simulation computations with a reactive force field (RMD) and validated by comparison with experimental data. The reaction mechanism obtained (SR) allows to carry out a kinetic study (C) by variation of the temperature parameter. The phase equilibria (PES) of the reaction medium are determined at any time from dynamic simulation. The successive phase equilibrium assessments at various progress stages of the cracking reaction allow following the physicochemical evolution (PC) of the thermal maturation of the organic sample studied.

Abstract: An image processing apparatus includes: a signal receiver configured to receive an encrypted image signal; a storage configured to temporarily store the encrypted image signal received in the signal receiver; a signal decryptor configured to convert the encrypted image signal into a decrypted image signal by decrypting the encrypted image signal output from the storage with a preset first secret key; and a decoder configured to decode the decrypted image signal output from the signal decryptor to be displayed an image.

Abstract: The present invention is in the technical field of content windowing. Specifically, the present invention provides a content creator the ability to make content available at one or more particular locations and for one or more defined periods of time. A marketplace is further provided for content creators to make available content to be licensed by content licensors for providing content at one or more particular locations and for one or more defined periods of time.

Abstract: A system and methods for digital content creation and upload through a managed website for providing network-based access to authorized users who pay for predetermined rights that allow for use of the content by the authorized user on a multiplicity of devices, without having to repurchase access to the same content.

Abstract: A system and method for giving access to streaming media that is associated with purchased physical media item is disclosed herein. Upon the purchase of a physical media item, a unique identifier is received. The unique identifier is analyzed to determine if the unique identifier is associated with a streaming service account. If so, the streaming service account is modified to grant access to streaming media that is associated with the physical media. The user is notified of the availability of the streaming media. The user can then initiate playback of the streaming media. Other embodiments are also disclosed herein.

Abstract: Systems, methods, and other embodiments associated with setting an authorization level at enrollment. According to one embodiment, a method includes a accessing an interface on a device. Initiation information for a user of the device is provided to an authorizer. The authorizer is associated with a class. Verification data is received from the authorizer. An enrollment token is then generated based on the verification data. The enrollment token includes an authorization level that defines security parameters for the device.

Abstract: The present invention is directed to an apparatus, a method, and a computer program product for authenticating a user based on a sequence of rhythmic inputs. The user via a mobile device provides one or more inputs (e.g., pushing a button, tapping a touchscreen, a biometric, or the like) to one or more sensors associated with the mobile device as an attempt of authorization. The one or more inputs may be provided in a rhythmic manner (e.g., provided in time with music). The present invention then compares the provided one or more inputs to one or more predetermined sequences of inputs that are associated with positive authentication of the user (e.g., a known password). The phone determines that the one or more provided inputs match one or more predetermined rhythmic sequences associated with positive authentication of the user and authenticates the user.

Abstract: A system and methods for authenticating a user for access to a system input terminal comprising an infrared imager, a user input terminal, and a processing section including a plurality of processing instructions operable to perform image capture for wrist areas of a user in proximity to an input terminal or other structures requiring authentication and comparison to determine access or deny access. An aspect of an embodiment of the invention permits initial and frequent authentication that reduces or eliminates user action to perform such authentication. Also provided are user interfaces, and additional authentication sections operable with the infrared section. Alternative embodiments of the invention include a mobile embodiment as well as an embodiment including a sensor positioned with respect to a user in an operational position where the user is performing a task in relation to an input terminal or structure requiring authentication (e.g. a keyboard).

Abstract: An operation at a mobile device is authenticated by using a random visual presentation displayed at the device for the authentication. The mobile device generates and displays the random visual presentation which is optically captured (e.g., by a camera) at a capturing device. The capturing device uses the captured random visual presentation to generate an authentication value (e.g., a hash) based on a defined security protocol. The authentication value is compared to an expected value and if the values match the mobile device executes the operation.

Abstract: Systems and methods for authenticating a user include a wearable user device receiving a first request to access a secure system. A plurality of authentication elements are then displayed on a display device to a user eye in a first authentication orientation about a perimeter of an authentication element input area. A user hand located opposite the display device from the user eye is then detected selecting a sequence of the plurality of authentication elements. For each selected authentication element in the sequence, the wearable user device moves the selected authentication element based on a detected movement of the user hand and records the selected authentication element as a portion of an authentication input in response to the user hand moving the selected authentication element to the authentication element input area. The user is authenticated for the secure system if the authentication input matches stored user authentication information.

Abstract: A method includes a computer device receiving a set of images for at least one user; the computer device receiving unique visual clue inputs from the at least one user for each image of the set of images; the computer device receiving drawing gesture inputs from the at least one user for each image of the set of images; and the computer device using the visual clue and drawing gesture inputs to create passwords to provide a locked access point for at least one device.

Abstract: This document describes techniques (300, 400) and apparatuses (100, 500, 600, 700) for in-band peripheral authentication. These techniques (300, 400) and apparatuses (100, 500, 600, 700) may communicate via a non-media channel allowing host device (102) to authenticate peripheral (106), enable an enhanced operational mode of the host device (102), and/or provide content configured for the peripheral (106) without the use of out-of-band signaling.

Abstract: Program code attestation circuitry and a method of operating such circuitry are provided. The program code attestation circuitry includes first storage, and measurement value generation circuitry that is arranged to store within that first storage a measurement value that is determined by applying a first hash algorithm to input data determined from a code block of the program code. Within a second storage a private key is stored. Further, signature generator circuitry is responsive to an attestation request from a request source external to the program code attestation circuitry to apply, to a derived value derived from the measurement value, a signature algorithm using the private key, in order to generate a signature for output to the request source. From this signature, the request source can then derive information about the stored measurement value sufficient to enable it to ascertain whether that stored measurement value agrees with an expected measurement value for the code block in question.

Abstract: Improved buffer overflow protection for a computer function call stack is provided by placing a predetermined ShadowKEY value on a function's call stack frame and copying the ShadowKEY, a caller EBP, and a return pointer are pushed onto a duplicate stack. The prologue of the function may be modified for this purpose. The function epilogue is modified to compare the current values of the ShadowKEY, caller EBP, and the return pointer on the function stack to the copies stored on the duplicate stack. If they are not identical, an overflow is detected. The preserved copies of these values may be copied back to the function stack frame thereby enabling execution of the process to continue. A function prologue and epilogue may be modified during compilation of the program.

Abstract: A method for managing application data of a portable terminal according to the present invention comprises the steps of: allocating a plurality of data areas required for a data management policy for an application program; when the application program is executed, permitting connection to a specific data area of the plurality of data areas allocated for the application program on the basis of the data management policy; and executing the application program while performing the permitted connection to the specific data area.

Abstract: An exemplary system, method and computer-accessible medium for detecting the presence of a Trojan(s) in a circuit(s), can include, for example, receiving information related to a property(s) configured to determine the presence of the Trojan(s), and determining the presence of the Trojan(s) based on the property(s) and a design(s) of the circuit(s) using a bounded model checking tool.

Abstract: Circuits and methods for detecting, identifying and/or removing undesired content are provided. According to one embodiment, a virus processing system includes a virus co-processor, a first memory, a general purpose processor (GPP) and a second memory. The first memory is communicably coupled to the co-processor via a first memory interface. The first memory includes a first signature compiled for execution on the co-processor. The GPP is communicably coupled to the co-processor. The second memory is communicably coupled to the co-processor via a second memory interface and to the GPP. The second memory includes a second signature compiled for execution on the GPP. The co-processor is operable to retrieve the first signature stored within the first memory through an instruction cache. The co-processor is operable to retrieve a data segment to be scanned from second memory through a data cache that is separate from the instruction cache.

Abstract: Techniques are provided for the detection of malicious software (malware) on a general purpose computing device. A challenge in detecting malicious software is that files are typically scanned for the presence of malicious intent only once (and subsequent rescanning is typically performed in a simplistic manner). Existing methods in the art do not address how to most effectively rescan collections of files in a way that tries to optimize performance and efficacy. These methods may also be useful if additional information is now available regarding a file that might be useful to an end-user or an administrator, even though the file's core disposition might not have changed. More specifically, we describe methods, components, and systems that perform data analytics to intelligently rescan file collections for the purpose of retroactively identifying malware and retroactively identifying clean files.

Abstract: An apparatus for testing, inspecting or screening an electrically powered device for modified or unmodified hardware, firmware or software modifications including Malware, Trojans, adware, improper versioning, worms, or virus and the like, includes an antenna positioned at a distance from the electrically powered device and a signal receiver or sensor for examining a signal from the electrically powered device. The receiver or sensor collects unintended RF energy components emitted by the electrically powered device and includes one or more processors and executable instructions that perform analysis in a response to the acquired signal input while the electrically powered device is active or powered. The characteristics of the collected RF energy may be compared with RF energy characteristics of an unmodified device. The comparison determines one of a modified, unmodified or score of certainty of modified condition of the electrically powered device.

Abstract: Software code of a software system (e.g., a software stack) may be verified as conforming to a specification. A high-level language implementation of the software system may be compiled using a compiler to create an assembly language implementation. A high-level specification corresponding to the software system may be translated to a low-level specification. A verifier may verify that the assembly language implementation functionally conforms to properties described in the low-level specification. In this way, the software system (e.g., a complete software system that includes an operating system, device driver(s), a software library, and one or more applications) may be verified at a low level (e.g., assembly language level).

Abstract: A facility for analyzing a pair of code files is described. From each of the code files, the facility extracts a hierarchy of textual names. The facility then determines the score reflecting a level of similarity between the extracted hierarchies of textual names for attribution to the pair of code files.

Abstract: Security analysis and vulnerability testing results are “packaged” or “bound to” the actual software it describes. By linking the results to the software itself, downstream users of the software can access information about the software, make informed decisions about implementation of the software, and analyze the security risk across an entire system by accessing all (or most) of the reports associated with the executables running on the system and summarizing the risks identified in the reports.

Abstract: An exemplary system, method and computer-accessible medium for detecting the presence of a Trojan(s) in a circuit(s), can include, for example, receiving information related to a property(s) configured to determine the presence of the Trojan(s), and determining the presence of the Trojan(s) based on the property(s) and a design(s) of the circuit(s) using a bounded model checking tool.

Abstract: A system includes a data processing device, a memory, identifications of applications, and a privacy indication module. Each identification of the application has associated therewith a privacy indicator that indicating a degree of expected privacy of each of the corresponding applications. The privacy indication module is configured to control the data processing device to set each of the privacy indicators of each of the identifications of the applications and to provide at least one of the privacy indicators to control publication of information corresponding to at least one of the applications.

Abstract: A method, an electronic device, and a non-transitory computer readable recording medium for identifying confidential data are provided. The electronic device determines whether a data has special formats by a format feature representing the special format. Then the electronic device further determines whether the special format of the data is the confidential data by confidential factors representing the special format to be the confidential data. Therefore, the method, the electronic device, and the non-transitory computer readable recording medium for identifying confidential data can correctly provide the confidential degree for the data having many confidential descriptions but few numbers and can identify the confidential data having the special format, thereby preventing the data leakage.

Abstract: Client-side encryption in a deduplication backup system. In one example embodiment, a method includes a backup phase in which various steps are performed for each allocated plain text block stored in a source storage. One step includes hashing, using a first cryptographic hash function, the plain text block to generate a first hash. Another step includes hashing, using a second cryptographic hash function, the first hash to generate a second hash. Another step includes searching a key-value table of a deduplication storage to determine whether the second hash matches any key in the key-value table. Another step includes, upon determining that the second hash does not match any key in the key-value table, encrypting, using an encrypt/decrypt function, the plain text block using the first hash as an encryption password and inserting a key-value pair into the key-value table with the key being the second hash and the value being the encrypted block.

Abstract: Avoiding encryption in a deduplication vault. In one example embodiment, a method may include analyzing an allocated plain text block stored in the source storage to determine if the block is already stored in the deduplication storage, in response to the block not being stored, encrypting the allocated plain text block and analyzing the encrypted block to determine if the encrypted block is already stored in the deduplication storage, analyzing a second allocated plain text block stored in the source storage to determine if the block is already stored in the deduplication storage, in response to the block already being stored, avoiding encryption of the second allocated plain text block by not encrypting the second allocated plain text block and instead associating the location of the second allocated plain text block in the source storage with the location of the duplicate block already stored.

Abstract: A method for determining a permission of an application program is presented. The method for determining a permission of an application program in the present disclosure includes receiving an installation request of a first application, where the installation request carries a first permission list that the first application applies for and a first shared user identifier requested by the first application; searching, according to the first shared user identifier, for at least one second application that uses the first shared user identifier and is already installed in a system; and if the first application is a plug-in of the second application already installed in the system, determining a permission of the first application according to the first permission list that the first application applies for and a permission in a second permission list corresponding to the first shared user identifier.

Abstract: A trusted user circle server for encryption key distribution and authentication support, as well as a client-side application which resides on user's devices are disclosed. In particular, the trusted user circle server manages a repository for static public keys (SPUK) which are used for authentication and secure distribution of a dynamic private context key (DPCK) used for the end-to-many encryption. Accordingly, posting users encrypt posted document using the DPCK and viewing users retrieve the DPCK to decrypt the posted document. These keys are associated to the trusted user circle and are generated dynamically for a given circle policy context (CPC). The CPC is an identifier that represents a group of members of a trusted user circle. It changes whenever any member of the trusted user circle leave it, when a new trusted user circle is created or when the DPCK expires after a pre-determined period of time.

Abstract: An example method includes, identifying a request from a user associated with a user role. The request corresponds to: an application request to access a first module in an enterprise application; and a data request to access a first portion of a database through the first module. The method also includes: responsive to a first determination that, based on the user role, the application request by the user is permissible: granting the application request; and responsive to a second determination that, based on the user role, the data request by the user is permissible: granting the data request to access the first portion of the database through the first module. The user role is associated with a plurality of access permissions, each specifies: an exhaustive set of application requests permitted to the user role; and an exhaustive set of data requests permitted to the user role.

Abstract: System and methods for a secured distributed file system (DFS) achieved by providing access control to the data stored in the DFS based on mapping of access privileges from a data warehouse to the DFS. A preferred embodiment of the invention uses a Hive data warehouse in concert with a Hadoop Distributed File System (HDFS). The invention provides an enhanced access control framework in HDFS. Since direct data access requests to files in HDFS corresponding to Hive tables, objects or other constructs can be unrestricted, present invention overcomes this problem by mapping the access privileges on Hive tables, objects and other constructs as defined in Hive metastore to file permissions on the corresponding files in HDFS. It then uses this mapping to provide access control for file(s) stored in HDFS.