Abstract: An electronic medication system including a network server (112), a patient device (104), and a medication storage device (132) is disclosed. The network server includes a network identification module (164) and a network adherence module (166). The patient device includes a patient adherence module (110) and a pill identification module (152). The medication storage device includes a storage device adherence module (182), a sensor (136), and a storage device display (192). The storage device adherence module is configured to synchronize with the network adherence module and the patient adherence module.

Abstract: Technologies are generally provided for a pill dispensing device to track removal of a pill from a pill package. The device may include circuits printed/embedded on a composite sheet configured to be locally or completely flexible/stretchable with a multitude of slits corresponding to locations of pill containing cavities of the pill package. Composite sheet may include embedded rigid sections and be flexible near the slits. Additionally, top and/or bottom plates may further provide structural rigidity to achieve desired flexible behavior of the composite sheet. Electronic circuits printed/embedded on or in the composite sheet may detect removal of a pill from the pill package through the slits. Slits may include electrical contacts configured to switch a circuit corresponding to each slit between an active and an inactive state. Upon removal of the pill, the contacts may separate or touch each other, opening or closing the circuit corresponding to the expanded slit.

Abstract: A medication dispensing cart with remote integration includes a plurality of drawers operably attached to a mast, a drawer controller operably connected to the drawers and configured to locking and unlocking of the drawers, a battery operably connected to the drawer controller and configured to provide power to the drawer controller, and a computer operably connected to the drawer controller and configured to wirelessly connect to a network for a central server computer system to interact with the medication dispensing cart with remote integration for the central server computer system to lock or unlock the drawers.

Abstract: A system and related methods of enhanced distribution of pharmaceuticals in long-term care facilities are provided. An embodiment of a system includes one or more pharmaceutical storage and electronic dispensing machines each positioned in a long-term care facility remote from a long-term care facility pharmacy group management server and in communication therewith, and long-term care facility pharmacy management computer programs associated with the long-term care facility pharmacy group management server to enhance use of the one or more of pharmaceutical storage and electronic dispensing machines.

Abstract: A processor receives a first list comprising a plurality of events from a portion of digital data of an unknown work and one or more metrics between each pair of adjacent events from the plurality of events. The processor compares the first list to a second list comprising events and metrics between events for a known work to determine a first quantity of hits and a second quantity of misses. The processor determines whether the first list matches the second list based on the first quantity of hits and the second quantity of misses. The processor determines that the unknown work is a copy of the known work responsive to determining that the first list matches the second list.

Abstract: In accordance with embodiments, there are provided mechanisms and methods for facilitating management of data in an on-demand services environment. In one embodiment and by way of example, a method for facilitating management of data in an on-demand services environment is provided. The method of embodiment includes detecting an attempt by a user to manipulate data via a collaboration application at a computing system, wherein the attempt includes attempted deletion of the data posted for viewing using the collaboration application. The method may further include determining whether the user is authorized to manipulate the data, and blocking the attempt if the user is not authorized to manipulate the data.

Abstract: A method, computer program product and system for indicating the occurrence of a relicensing trigger event on a client electronic device includes generating a license request for the client electronic device. An expiration indicator is received for a subscription associated with the client electronic device. A device license is created for the client electronic device that includes the license request and the expiration indicator. A secure device license is created by digitally-securing the device license.

Abstract: A method and system for generating a protected version of the digital content is disclosed. The method includes obfuscating the digital content to yield a functionally equivalent obfuscated digital content, encrypting the obfuscated digital content using at least one device or non-device parameter, generating a decryption logic to be used for generating a decryption key based upon the at least one device or non-device parameter, and concatenating the encrypted digital content and the decryption logic to generate the protected version of the digital content.

Abstract: A management method for billing system, the management method includes setting, by a processor, billing address for usage fees of a virtual machine, deployed based on a deploy instruction from a first account, to a second account from which execution instruction for software, which runs on the virtual machine, is issued.

Abstract: The present disclosure relates to a method and a system for authenticating a user. In one embodiment, one or more input and target data samples extracted from a plurality of physiological and movement signals of the user are processed to train one or more regression models. In real time authentication, the input and target data samples are extracted from the plurality of physiological and activity signals and mapped with trained regression models to determine a regression error. Based on the regression error, an appropriate authentication signal is then generated and transmitted to the user. Using dynamically selected multiple input and target data samples for user authentication increases the accuracy of authentication, thereby reducing possibilities of invalid authentication. Further, the power consumed by the sensors and computation load is reduced by dynamically powering up and powering down of the one or more sensors based on their usage during the authentication process.

Abstract: The disclosed embodiments include computerized methods and systems that facilitate two-factor authentication of a user based on a user-defined image and information identifying portions of the image sequentially selected by the user. In one aspect, a communications device presents a first digital image of a first user on a touchscreen display. The communications device may receive, from the first user, information identifying portions of the first digital image selected in accordance with a candidate authentication sequence established by the first user. The selected first image portions may, for example, be associated with corresponding facial features of the first user. The communications device may determine whether the candidate authentication sequence matches a reference authentication sequence associated with the first digital image, and may authenticate an identity of the first user, when the first selection sequence is determined to match the second selection sequence.

Abstract: Methods, systems, and computer program products for authenticating an online user. Authentication involves sending a code from a server to a user device equipped with a source of illumination and a camera capable of capturing video imagery of the online user. The user device receives the code, modulates the source of illumination in accordance with the code, and captures video imagery of the user while the source of illumination is being modulated according to the code. The captured video imagery of the online user is sent to the server where it is analyzed to detect evidence of changes in illumination that correspond to the code. If good correspondence is found, the user may be authenticated. Similar methods may be applied to other biometric data. Applications of the authentication include identify validation, pseudonym verification, and distinguishing human from non human access attempts.

Abstract: A system is disclosed for providing secure access to a controlled item, the system comprising a database of biometric signatures, a transmitter subsystem comprising a biometric sensor for receiving a biometric signal, means for matching the biometric signal against members of the database of biometric signatures to thereby output an accessibility attribute, and means for emitting a secure access signal conveying information dependent upon said accessibility attribute, wherein the secure access signal comprises one of at least a rolling code, an encrypted Bluetooth™ protocol, and a WiFi™ protocol, and a receiver sub-system comprising means for receiving the transmitted secure access signal and means for providing conditional access to the controlled item dependent upon said information.

Abstract: Facilities are provided herein for authenticating a user to use a processing device. A user predefines authenticators of one or more types and associates these with graphical images. Upon on attempt to activate the processing device, a graphical image, of the graphical images, is selected for presentation to the user. The selected graphical image is presented to the user, who then provides input to authenticate with the device. A determination is made as to whether the user is authenticated to use the device. The determination is made based on input received from the user and based further on the authenticator associated with the selected graphical image. Varying the selection of image(s), each associated with a predefined authenticator and authentication type, enables variability in the authenticator that is suitable for unlocking a device at a given time, providing greater security to the authentication process.

Abstract: Methods of configuring a different authority for a plurality of users to use at least one application in an electronic device. User inputs are received to set passwords for respective user levels, where each user level is associated with a different authority to access applications. The passwords are registered for the respective user levels. At least one application is associated with one of the user levels.

Abstract: Systems and methods for selective authorization of code modules are provided. According to one embodiment, a kernel mode driver monitors events occurring within a file system or an operating system. Responsive to observation of a trigger event performed by or initiated by an active process, in which the active process corresponds to a first code module within the file system and the event relates to a second code module within the file system, performing or bypassing a real-time authentication process on the second code module with reference to a multi-level whitelist database architecture. The active process is allowed to load the second code module into memory when the real-time authentication process is bypassed or when it is performed and results in an affirmative determination.

Abstract: A method and system for securely storing passwords and recalling any of the stored passwords in the computer using a single, master password. The system provides password handling software that is configured to enable a user to store in and retrieve from the computer the passwords via user interface. Whenever the password handling software is utilized, a facility in the software turns off communication hardware through which the computer ordinarily communicates with other computers over public communication lines, in order to prevent snooping or eavesdropping on the user's communications during password storage and retrieval sessions.

Abstract: A method and system for determining unauthorized account access is provided. The method includes receiving a username of a user and a passcode for access to a secure account or device belonging to a user. The passcode is determined to be incorrect. Unauthorized access attempts with respect to the secure account or the device are determined based on based on the incorrect passcode and in response, a quality factor associated with the incorrect passcode with respect to the secure account or device is determined. The quality factor is compared to a threshold value. Security functions associated with the secure account or device with respect to the incorrect passcode and the results of the comparison are performed based on the quality factor and the unauthorized access attempts.

Abstract: The method includes identifying an instance of software installed. The method further includes determining a fingerprint corresponding to the instance of software installed. The method further includes determining a security risk associated with the instance of software installed. The method further includes identifying a software management policy for the instance of software based upon the fingerprint, security risk, and designated purpose of the computing device. In one embodiment, the method further includes in response to identifying the software management policy, enforcing, by one or more computer processors, the software management policy on the instance of software installed on the computing device.

Abstract: A system and method for detecting sensitive user input leakages in software applications, such as applications created for smartphone platforms. The system and method are configured to parse user interface layout files of the software application to identify input fields and obtain information concerning the input fields. Input fields that contain sensitive information are identified and a list of sensitive input fields, such as contextual IDs, is generated. The sensitive information fields are identified by reviewing the attributes, hints and/or text labels of the user interface layout file. A taint analysis is performed using the list of sensitive input fields and a sink dataset in order to detect information leaks in the sensitive input fields.

Abstract: A system, and computer program product for security auditing of database transactions are provided in the illustrative embodiments. For a specified period, an available capacity of a computing resource in a data processing system usable to analyze a database protocol packet. The database protocol packet is stored in a shared memory during a data communication. A number of database protocol packets expected in the shared memory during the specified period is determined Determining a second number of database protocol packets that can be analyzed using the available capacity of the computing resource is computed. During the specified period, the second number of database protocol packets is caused to be selected from every number of database protocol packets stored in the shared memory for analysis using the computing resource during the specified period.

Abstract: A method for performing a secure boot of a mobile device computing system that includes a tamper-resistant hardware that provides secure storage of at least a cryptographic private key includes performing a measurement on each system and/or application specific file before said file is being loaded or launched by a kernel module or an application loader of the computing system, directing the measurement results to the tamper-resistant hardware, maintaining an extend-only global counter at the tamper-resistant hardware, increasing the extend-only global counter upon receiving a measurement result, executing a signing process in which the tamper-resistant hardware signs the extend-only global counter together with the measurement result using the cryptographic private key, and keeping a measurement list at the computing system that includes signatures generated by the tamper-resistant hardware.

Abstract: Techniques for secure data management in a distributed environment are provided. A secure server includes a modified operating system that just allows a kernel application to access a secure hard drive of the secure server. The hard drive comes prepackaged with a service public and private key pair for encryption and decryption services with other secure servers of a network. The hard drive also comes prepackaged with trust certificates to authenticate the other secure servers for secure socket layer (SSL) communications with one another, and the hard drive comes with a data encryption key, which is used to encrypt storage of the secure server. The kernel application is used during data restores, data backups, and/or data versioning operations to ensure secure data management for a distributed network of users.

Abstract: Confidential content within a file is masked for display on a flexible display device. A legend relating the masking to the confidential content is displayed in a hidden area created by bending the flexible display device. The flexible display device monitors secondary users and their gaze towards the flexible display device and the hidden area to determine if unauthorized secondary users can see the display and hidden area of the flexible display device.

Abstract: As disclosed herein a computer system for secure database backup and recovery in a secure database network has N distributed data nodes. The computer system includes program instructions that include instructions to receive a database backup file, fragment the file using a fragment engine, and associate each fragment with one node, where the fragment is not stored on the associated node. The program instructions further include instructions to encrypt each fragment using a first encryption key, and store, randomly, encrypted fragments on the distributed data nodes. The program instructions further include instructions to retrieve the encrypted fragments, decrypt the encrypted fragments using the first encryption key, re-encrypt the decrypted fragments using a different encryption key, and store, randomly, the re-encrypted fragments on the distributed data nodes. A computer program product and method corresponding to the above computer system are also disclosed herein.

Abstract: System, computer program product, and method embodiments for communication between a kernel operational on a storage subsystem and a key manager (KM) through a hardware management console (HMC) to provide encryption support are provided. In one embodiment, an event request is initiated by the kernel to the KM to execute an event flow. Pursuant to a communication request by the kernel to the HMC, a socket of the HMC is opened along a communication path between the KM and the kernel according to an event flow type selected by the KM for the event flow. Data including a data payload is sent by the KM to the kernel, the data payload corresponding to the selected event flow type.

Abstract: In some example implementations, there is provided a method including determining, from a received request, one or more attributes; sending, by a permission controller, a query to a use case database, the query including the determined attributes to enable an identification by the use case database of a matching use case stored in the use case database; approving, by the permission controller, the requested access to the data, when a response to the query indicates the matching use case was found in the use case database; rejecting, by the permission controller, the requested access to the data, when the response to the query indicates the matching use case was not found in the use case database.

Abstract: The present subject matter relates to securing data on a computing system. In an example, a request to execute an application instance of the application is received. After receiving the request a role to be associated with the application instance may be identified based on one of user inputs, an object-role mapping, and a set of rules. Further, the application is executable in a plurality of application instances and the role of the application instance is indicative of a nature of activity to be performed in the application instance. The identified role is then associated with the application instance. Based on the role, data pertaining to the application instance may be stored in a memory location allocated to the role of the application instance. Further, each role has a dedicated memory location.

Abstract: When the mobile device is awakened, a task oriented password system takes control of the device in order to present a screen in which the user must participate in a particular task prior to being granted access to the device contents or a particular application on the device. While not limited, in some embodiments, this particular task may be educational in nature. In this way, the user is exposed to educational content every time he attempts to access his device. Although each task is relatively short, the aggregate time during the course of a day may be substantial. The task oriented password system may include the mobile device, as well as one or more content providers, who generate the content that becomes part of the tasks described herein.

Abstract: A communication control device configured to access an information processing apparatus in which data is stored. The device and method acquires an operational condition of an information processing apparatus, and notifies the information processing apparatus of a security command for causing the information processing apparatus to execute a security process on the data in an event that an operational condition is activated and, in an event that the operational condition is a standby mode, a hibernate mode, or a shutdown mode, notifies the information processing apparatus of an activation command for activating the information processing apparatus, and notifies of a security command for causing the information processing apparatus to execute a security process on the data.

Abstract: Systems and apparatuses for revoking access to one or more applications for one or more individuals or users are provided. In some examples, revocation settings may be received from different business divisions or enterprises or business groups within an entity and may be compiled to form a standardized set of revocation settings that may be applied across the entity. Accordingly, upon receiving an item that may be associated with access and may include one or more applications to which access may be revoked and/or one or more users from which access may be revoked, the system may apply the standardized revocation settings to determine whether access should be revoked. If it is determined that access should be revoked, the system may revoke access to the one or more applications for the one or more users.

Abstract: A system and method for logging a non-reader into a corresponding user account is disclosed. A system can include a processor, a user interface, a display, and a camera. The processor can be programmed to display a first plurality of pictures and configure the user interface to allow the user to select a first picture corresponding to the user from the first plurality of pictures to provide a first authentication step and allow the user to select a second picture from a second plurality of pictures providing a second authentication step. The system can log the user into the corresponding user account if the second picture selected from the second authentication step corresponds to the first picture selected from the first authentication step. A system and method for logging multiple users into corresponding user accounts is also disclosed.

Abstract: Methods, systems, and computer-readable storage media for selecting columns for selecting encryption to perform an operator during execution of a database query. Implementations include actions of determining a current encryption type of a column that is to be acted on during execution of the database query, the column storing encrypted data, determining a minimum encryption type for performance of the operator on the column, selecting a selected encryption type based on the current encryption type, the minimum encryption type, and a budget associated with the column, and performing the operator based on the selected encryption type.

Abstract: An electronic signature comprises an authenticated audio and/or visual recording of a spoken assent that conforms to a pre-established phrase. Alternatively, an electronic signature comprises an authenticated visual recording of a series of physical gestures that conforms to a pre-established sequence. Rules are established with respect to how the assent is to be recorded and authenticated. These rules, as well as the document itself, are provided to a document recipient. If the document recipient assents to the document, an audio and/or visual recording of the assent is generated. Location information that defines or approximates the geographical location where the document recipient recorded the assent is also optionally recorded as well. Once recorded, the assent can be authenticated using any of a variety of suitable authentication processes. An authenticated assent can be considered a legally binding electronic signature that forms a part of, or is otherwise associated with, the document.

Abstract: Methods, systems, and computer program products for preventing sharing of sensitive information through code repositories are provided herein. A method includes detecting one or more items of sensitive information in a check-in associated with a given user in a shared version management system; automatically refactoring the one or more items of sensitive information in the check-in by externalizing the one or more items of sensitive information as an encrypted file; and upon acceptance by the user of one or more changes to the check-in, automatically (i) decrypting the encrypted file using one or more code repository credentials associated with the given user, and (ii) incorporating the one or more items of sensitive information into the check-in.

Abstract: A system may include a database, a processor coupled to the database, and a user module executed by the processor. The user module may be configured to receive a value for an attribute of a user and determine whether the value is derived from an assessment sponsored by an organization associated with the user. When the value is derived from the assessment sponsored by the organization associated with the user, the user module may store the received value in the database in a record associated with the user only and in a record associated with the organization and the user. When the value is derived from the assessment not sponsored by an organization associated with the user, the user module may store the received value in the database in the record associated with the user only.

Abstract: A system and a method for managing privacy of data are provided. The method includes causing generation of a trigger notification notifying an access to one or more fields of a user-profile in a first application. The trigger notification generated is by a second application integrated with the first application. The first application includes a plurality of fields comprising sensitive data associated with the user-profile. The method further includes enforcing one or more access preferences corresponding to the one or more fields by the second application on the generation of the trigger notification. The one or more access preferences are based at least on one of a plurality of preconfigured rules and contextual information associated with the trigger notification. Enforcing the one or more access preferences facilitates in managing data privacy.

Abstract: Examples disclosed herein relate to a multi-tier storage based on data anonymization. A processor may store data in a first data tier. The processor may anonymize the data according to a first anonymization level and store the anonymized data in a second data tier. The processor may associate a first user with the first data tier and associate a second user with the second data tier.

Abstract: A semiconductor device module according to embodiments includes a specific information storage unit configured to store individual identification information and class information, a control unit configured to perform authentication processing of maintenance information with signature signed using the class information, generate license information with signature signed using the individual identification information, the license information being based on the maintenance information, and store the license information with signature in a non-volatile memory, and a register to which a setting value based on the license information is set by the control unit.

Abstract: Apparatus and method for data security in a multi-device data storage enclosure. In some embodiments, the storage enclosure has a housing with opposing first and second ends. A plurality of active elements are disposed within the housing including an array of data storage devices, a control board, and an interconnection arrangement which mechanically and electrically interconnects the plurality of storage devices with the control board. A control circuit encrypts user data stored on a selected data storage device using a cryptographic encryption function and an associated cryptographic key. The key is partitioned into a plurality of portions, with each portion stored in a different one of the active elements.

Abstract: The problem of the present invention is to provide a tablet-type portable electronic device that can perform payment by way of a card, as well as having a compact size. A tablet-type portable electronic device of the present invention includes a plate-shaped housing having a front surface, a touch panel and display unit provided to the front surface of the housing, and reading units that perform reading processing of a card related to payment. The reading units are configured integrally with the housing.

Abstract: A credit card reader shields a credit card, stores data from one or more credit cards simultaneously and then selectively broadcasts data associated with one of the cards. A slim, electromagnetically shielding housing has a cavity and a card reader for reading data from a credit card received in the cavity. A processor connects the card reader to a memory component, and connects both to an RFID device, where the credit card data can be broadcast to an RFID reader. A control interface allows a user to initiate reading credit card data, to select a card data set to store in memory, or to broadcast a dataset. A display shows transaction information and stored card data. A retractable input/output plug can engage a socket on another device to transmit and receive data. A memory card device can selectively store credit card data and transaction data.

Abstract: Signal interference is automatically avoided between product proximity subsystems that emit signals through mutually facing presentation windows of different workstations. A magnetometer in each workstation determines a direction faced by a respective presentation window. A controller in each workstation controls a respective product proximity subsystem to emit and receive a signal with a first signal characteristic when the respective magnetometer determines that the respective presentation window faces a first direction, and controls a respective product proximity subsystem to emit and receive a signal with a different second signal characteristic when the respective magnetometer determines that the respective presentation window faces a different second direction.

Abstract: The subject technology relates to methods for processing a payment using a mobile card reader. Implementations of the subject technology provide include steps for determining, using a first communication module, a first available bandwidth for data transacted between the card reader and a payment processing service, and determining, using the second communication module, a second available bandwidth for data transacted between a local device and the payment processing service. In some implementations, the method can further include steps for selecting a communication path for communicating with the payment processing service based on the first available bandwidth and the second available bandwidth. Systems and computer-readable media are also provided.

Abstract: A method for creating an authentication tag includes receiving, at an authentication server, tagging device data and item data from a tagging device, authenticating, by the authentication server, the tagging device using the tagging device data, generating an authentication tag, and sending, by the authentication server, the authentication tag to the electronic device. The tagging device is affixed to an item, and the authentication tag comprises a digital signature provided by the authentication server.

Abstract: A method and system for facilitating cost effective, reliable, system redundant, self-driving vehicles involves the employment of specialized lane marking components that permit unprecedented sensor feedback, and in particular, a system and method that enables accurate lane marking recognition despite adverse weather conditions, which presently pose problems experienced by self-driving systems that rely upon vision based camera systems.

Abstract: The present invention discloses a method and apparatus for a mobile terminal to process a visual graphics code. The method mainly comprises: obtaining a digital image recorded by the mobile terminal; analyzing the digital image to obtain a visual graphics code in the digital image; decoding the visual graphics code and classifying decoded information obtained after decoding; and processing the decoded information according to the classification of the decoded information. The present invention can achieve an effect that the mobile terminal can adaptively recognize and process various types of visual graphics codes, and greatly enhance the ability for the mobile terminal to intelligently process a visual graphics code, thereby improving the function of the mobile terminal, and causing the mobile terminal to meet the need of a user better.

Abstract: The described mobile device for optically reading a machine-interpretable code, used for example in an order picking system for consumer and/or consumable goods, includes a head-mountable scanner with a code reader and a control unit controlling the head-mounted scanner to switch the code reader between a detection mode and a reading mode. In the detection mode, the code reader operates in a low power mode sufficient to detect the presence of a machine-interpretable code. The control unit switches the code reader into the higher-powered reading mode when the code is detected to optically read the code. A wireless communication device may also be provided to wirelessly transmit information corresponding to the scanned code to a remote receiving unit for storage and/or data processing.

Abstract: A displaying method for a dynamic recognizable two-dimensional code is disclosed, including: providing at least a two-dimensional code; providing at least a recognizable image; and sequentially displaying the at least a two-dimensional code and the at least a recognizable image on a display unit of an electronic device according to a displaying pattern, which defining a displaying sequence of displayed images with associated displaying duration and time interval to the next in the sequence, defined as the time lapse between a displayed image ending and a next displayed image appearing. A decoding method for a dynamic recognizable two-dimensional code is further disclosed. The present invention can display various types of the dynamic recognizable two-dimensional code by setting a two-dimensional code, a recognizable image, and a displaying pattern aiming to improve users' convenience and facilitate further interaction between electronic devices.

Abstract: A system and method by which mail sorting equipment can correct postal addresses utilizing cloud technology. The real-time address correction system for correcting addresses of mail articles in real-time, comprises sorters, vision systems, controllers, processors, printers, local and remote computers, databases, bins, and a cloud system to tie together the local and remote computers in addition to the sorters and controllers. Corrected postal addresses are stored remotely and locally to the sorter and provided to the sorter as needed by a cloud based system. The system and method accommodates delays in providing the corrected postal addresses to the sorter.