Abstract: Provided are a scheduling system and method, comprising an input port that receives from a caregiver electronic device data generated from a medication code corresponding to a prescribed medicine for a patient and that further receives medication scheduling information associated with the medication code for an administering of the prescribed medicine to the patient; a schedule adjustment module executed by a hardware processor and configured to receive and process data from the input port regarding a modification to the medication scheduling information; a notification generator that outputs an alert related to the modified medication scheduling information; and a display for displaying a schedule generated from the medication scheduling information.

Abstract: A system and method includes: a pharmacy server receiving a customer ID code to allow a customer wireless access to his medical data file stored on the server; the server receiving compliance determination data to determine whether the customer is taking prescription medicine according to directions; activating a shell script on the wireless device from the server when the compliance determination data indicates that the customer is taking the medicine properly; and de-activating the shell script on the wireless device when the compliance determination data indicates that the customer is not taking the medicine properly, whereby the shell script provides wireless operation of a software application.

Abstract: A process for the management and tracking of medical marijuana and legalized marijuana comprising the steps of providing a system managing, tracking and identifying consumers, growers, distributors, healthcare providers and caregivers, the distribution from growers to distributors, transactions, illegal transactions, licensing, growth information, the system in communication with remote point-of-sale systems.

Abstract: A plurality of dosage details are acquired in which information specifying a drug administered to a subject patient, the amount of drug, and the dosing date of the drug are associated with each other. Based on the plurality of acquired dosage details, a dosing period equal to or longer than a predetermined period is identified among dosing periods of the drug for which it is regarded that both information specifying the drug and the amount of drug are the same. The identified dosing period is specified as a dosage details common period, and a period excluding a predetermined initial or final period from the specified dosage details common period is determined as a stable dosing period.

Abstract: A system and method for automatically calculating an accurate recommended dosage for hormone replacement therapy and automating the life cycle of a patient's treatment over time. The system and method can automatically acquire relevant patient parameters and apply a consistent formulaic approach to help reduce incorrect dosage determinations. A pellet insertion size may be determined and documented based on a calculated dosage, and an insertion side and lot numbers may be tracked and managed. In addition, corresponding revenues may be tracked and profitability may be reported for hormone replacement therapy practices.

Abstract: A medication delivery system is disclosed that includes a portable container and a controller. The portable container includes a body and a lid that forms a securable storage compartment, and a latch that is coupled to the body and configured to releasably secure the lid. The portable container also includes a processor and a power source coupled to the latch, the processor causing the latch to release when an access signal based on a unique identifier is received.

Abstract: Systems and methods are provided for determining the respiratory and overall health status of an animal. The systems and methods utilize location data of individual animals to generate variables describing the behavior of the individual animals. The systems and methods evaluate the variables to assess the health status of individual animals.

Abstract: A distributed clinical trial system that provides configurability, reusability and integration of randomization for different clinical trials with various electronic data capture (EDC) systems. The distributed clinical trial system includes a method of randomizing subjects in a multi-arm clinical trial. In accordance with a method, a subject identifier and a trial identifier are received from an EDC system. The trial identifier indicates the multi-arm clinical trial and the subject identifier indicates a subject enrolled in the multi-arm clinical trial. A randomization design algorithm for the multi-arm clinical trial is retrieved from a database using the received trial identifier. The randomization design algorithm is executed.

Abstract: A method for screening diseases by sampling on an individual, said method being applied by a module for applying screening (2) and being characterizing that it comprises the following steps: storing, in a data base (5) of said screening application module, of a set of data relating to an individual, said set of data comprising remote transmission coordinates relating to said individual, and additional data (AD) relating to said individual from among the age of the individual and/or data relating to the date and/or to the result of at least one previous screening relating to said individual and/or data relating to risk factors associated with said individual and/or data relating to a vaccination of said individual; remotely transmitting, with said screening application module, to said remote transmission coordinates relating to said individual, a message for convening a subsequent screening to be carried out by said individual, said screening application module further determining, depending on at least sai

Abstract: Methods, systems, computer-readable media, and apparatuses for enforcing licensing policies using an application wrapper are presented. In one or more embodiments, a computing device may monitor, using a first application wrapper of a first application on the computing device, usage of the first application. The first application wrapper of the first application may provide a policy enforcement layer between the first application and an operating system of the computing device, and the policy enforcement layer may control execution of the first application based on one or more mobile device management policies. Subsequently, the computing device may enforce, using the first application wrapper of the first application, one or more licensing policies on the first application at runtime based on the usage of the first application.

Abstract: A non-transitory machine-readable storage medium encoded with instructions for execution by a keyed encryption operation by a cryptographic system mapping an input message having an encoded portion and a padding portion to an output message, including: instructions for receiving a padding value k; instructions for receiving the input message, wherein the padding portion has a size indicated by the padding value k; instructions for computing a first portion of the encryption operation to produce a first portion output; instructions for computing a compensation factor corresponding to the padding portion of the input message; and instructions for compensating the first portion output based upon the compensation factor.

Abstract: Various embodiments regarding an electronic device and a content providing method in an electronic device are described. An electronic device according to an embodiment comprises: a communication unit configured to transmit content and receive additional information of the content; a control unit configured to acquire information related to the secondary of the content on the basis of the additional information; and a display unit configured to display the content and the information related to the secondary of the content. Other various embodiments are also possible.

Abstract: A method, an apparatus and storage medium are provided for setting a smart device management account. In the method, the apparatus receives a rights acquisition request at least carrying a login account and first location information of a first smart device. The apparatus acquires a first device group according to the first location information. When determining that the first smart device has management rights on smart devices in the first device group, the apparatus sets the login account of the first smart device as a management account of the first device group. The apparatus sends an authorization message to the first smart device and the smart devices in the first device group.

Abstract: A system of credential management and identity verification includes a portable input device and an application that, when executed on the input device, authenticates a user of the input device and provides associated credentials to a computing device. The application detects a request for credentials presented by a proximate computing device. Then, the application alerts a user of the computing device to confirm his identity by submitting one of a biometric or non-biometric authenticating input to the input device. The authenticating input is received by the input device and used to verify the identity of the user. If the identity is verified, the application transmits the associated encrypted credentials and mask data to the computing device. The input device may be a pointing device connected wirelessly or via wired connection to the computer. User authentication data is provided to the input device at an initial or predetermined time.

Abstract: A portable electronic device includes a biometric information obtaining unit and an authentication information generating unit. The biometric information obtaining unit obtains biometric information that represents a physical feature of a user of the portable electronic device. The authentication information generating unit generates authentication information that is numerical information for authentication of the user having a predetermined number of digits, based on the biometric information that has been obtained by the biometric information obtaining unit.

Abstract: An apparatus, comprising a biometric sensor, the biometric sensor configured to receive an input from a user, the input corresponding to a predetermined factor. A feedback device is configured to provide feedback to the user when a value associated with the input approaches a predetermined threshold within a margin. The biometric sensor may comprise a fingerprint recognition sensor, iris recognition sensor, or any other biometric sensor. The feedback device may be configured to provide vibrational, audible, or visual feedback to the user once an input value corresponding to a predetermined factor approaches a threshold within a margin.

Abstract: A smartcard-enabled BPID Security Device integrates a smartcard reader with a biometric authentication component to provide secured access to electronic systems. The device allows for an individual to insert a smartcard into an aperture in the physical enclosure of the BPID Security Device, allowing the smartcard and the BPID Security Device to electronically communicate with each other. The BPID Security Device is based on a custom application specific integrated circuit that incorporates smartcard terminals, such that the BPID Security Device can communicate directly with an inserted smartcard. In an alternative embodiment of the invention, the BPID Security Device is based on a commercial off-the-shelf microprocessor, and may communicate with a commercial off-the-shelf microprocessor smartcard receiver using a serial, USB, or other type of communication protocol.

Abstract: In one aspect, a device includes a processor and memory accessible to the processor. The memory bears instructions executable by the processor to receive input from at least one electromyograph, and based at least in part on the input, determine whether a user is authorized to manipulate the device to execute at least one function.

Abstract: An electronic circuit includes a clock generator that generates a plurality of clock signals whose frequencies are mutually different, a plurality of RS latch circuits whose output signals change in accordance with the frequencies of the plurality of clock signals that are individually input from the clock generator, and a control circuit that controls the frequencies of the plurality of clock signals which are input from the clock generator to each of the plurality of RS latch circuits.

Abstract: The present invention discloses a virus protection method and device. The virus protection method comprises: when an Android operating system needs to install an application, transmitting identification information of the application that needs to be installed from a framework layer to an application layer; at the application layer, activating a virus scanner application on the basis of the identification information of the application to allow the virus scanner application to run a virus scan on the application; acquiring a scan result of the virus scan, issuing a notification to the framework layer of whether or not to execute an installation operation for the application on the basis of the scan result; and at the framework layer, either executing the installation operation for the application or rejecting to execute the installation operation for the application on the basis of the notification.

Abstract: An unstructured event is detected and an unstructured event record is generated for the detected event. Case identifier (ID) conflation is performed to estimate a case ID that corresponds to the detected event, and event type identification is performed to estimate a type of the unstructured event. A business process model is applied to the unstructured event record, to identify a process that the unstructured event is related to. A user experience is generated based upon the event type, the case ID, and the corresponding process identified for the detected event.

Abstract: Methods and systems may provide for identifying a thermal management setting in a computing system, and comparing the thermal management setting to valid configuration information. In addition, the thermal management setting may be modified if it does not comply with the valid configuration information, wherein the modification can cause the thermal management setting to comply with the valid configuration information. Additionally, a threat risk notification can be initiated in order to notify users of the non-compliance.

Abstract: Provided is a system for conducting the fast inspection of Android malwares, the system including a processor configured to compute the similarity between the signature for a given target application and one of signatures stored in a database, and a determiner configured to determine whether the target application is a malware based on the computed similarity, wherein the system relates to the technology for examining whether a certain Android application, which can be downloaded via a uniform resource locator (URL), is malicious by examining how similar the application is with the malwares and normal applications verified earlier.

Abstract: According to an aspect of an embodiment, a method may include determining a set of entity instances in a software program. Each entity instance may correspond to a program entity through which the software program performs an interaction with an external entity that is external to the software program. The method may also include determining an identity of each external entity. Additionally, the method may include determining a set of data-flow predicates and a set of control-flow predicates that are satisfied by the software program. Further, the method may include comparing the set of data-flow predicates and the set of control-flow predicates with a signature library that includes one or more malicious software signatures. The method may further include determining that the software program is malicious in response to the set of data-flow predicates and the set of control-flow predicates matching one or more malicious software signatures.

Abstract: Apparatus and method for transforming Web resources into safe versions such that malicious code on the resources cannot attack the client viewing the resources. The invention separates the processing of insecure code from the processing of benign code. For Web pages, the benign code is displayed immediately to the client while insecure code is processed on a separate machine. Once insecure code is processed, benign outputs of that code are passed to the client for display. The invention safeguards the client against known and zero day exploits without requiring a catalog of malware/virus signatures, heavyweight code checkers, complete page re-writing or highly restrictive access policies. The invention provides the client with complete malware blocking while retaining most of the original functionality of the Web resource.

Abstract: An object of the present invention is to allow software to be securely updated when a volatile memory that will become a working area is not sufficiently large. An embedded apparatus sequentially performs a verification process on each of a plurality of sections obtained by division of update data for updating the software. The embedded apparatus stores an intermediate value obtained during the verification process. When the verification process is completed for each of the sections, the embedded apparatus compares a value obtained in the verification processes with verification data to check that there is no tampering. When it can be confirmed that there is no tampering, the embedded apparatus sequentially performs the verification process on each section again.

Abstract: The present invention is notably directed to methods for allowing a computer (10) to boot from a user trusted device (20), wherein: the computer (10) comprises a long-term data storage device (11) storing operating system services (25), or OS services; and the user trusted device (20) is connectable to the computer (10) and stores: a boot loader (16a), detectable and executable by a firmware (122) of the computer, upon connection of the user trusted device (20) to said computer (10); an OS loader (24a) for an operating system (112), or OS, of the computer; and one or more crypto drivers (26a) for said OS, designed for allowing access to the OS and data, stored encrypted on said data storage device (11); wherein the user trusted device is designed to prevent unauthenticated access of each of: the boot loader; the one or more crypto drivers; and the OS loader, as stored thereon, the method comprising: upon connection (S21) of the user trusted device to the computer, letting (S22) the boot loader (16a) be detect

Abstract: System and computer program product for allowing a computer to boot from a user trusted device. The computer comprises a long-term data storage device storing operating system (OS) services; and the user trusted device is connectable to the computer and stores: a boot loader, detectable and executable by a firmware of the computer, upon connection of the user trusted device to said computer; an OS loader for the OS; and one or more crypto drivers designed for allowing access to the OS and data, stored encrypted on said data storage device. The user trusted device is designed to prevent unauthenticated access of each of: the boot loader; the one or more crypto drivers; and the OS loader, as stored thereon.

Abstract: Described herein is technology for restoring access to a user account. In particular, systems and methods for account recovery using a platform attestation credential are described. In some embodiments, the platform attestation credential is generated by an authentication device in a pre boot environment. A first copy of the platform attestation credential may be bound by an account management system to a user account. Access to the user account may subsequently be restored using a second copy of the platform attestation credential.

Abstract: Example embodiments disclosed herein relate to a security test. A crawl of an application under test (AUT) is performed to determine an attack surface using crawl sessions. One or more parameters of the attack surface are probed during the respective crawl sessions. A trace is requested from an observer for the probe of the one or more parameters. Attack suggestions are received from the observer based on the trace of the one or more parameters.

Abstract: Disclosed are a method and apparatus for detecting a document object model (DOM) based cross-site scripting (XSS) vulnerability, an apparatus thereof, and a terminal are provided. The method includes: obtaining a set of parameter-value pairs from an original web address of a web page, where the set of parameter-value pairs comprises at least one parameter-value pair; replacing a parameter value in a parameter-value pair with feature code, to form a test web address for the web page, where the feature code comprises malicious code that comprises a malicious character and is uniquely identified in a DOM tree of the web page; obtaining page content corresponding to the test web address; converting the page content, into the DOM tree; and detecting whether a XSS vulnerability exists in the parameter-value pair, based on the DOM tree and the feature code.

Abstract: This disclosure relates generally to a computing system and method for data encryption and, more particularly, to methods and apparatus for enhanced protection of data transmitted to and from, as well as stored on file systems associated with an internet service application using integrated mechanisms and processes for data obscurity, secure sleep state encryption, and separation of concerns.

Abstract: Techniques for establishing mutual authentication of software layers of an application are described. During initialization of the application, the software layers execute a binding algorithm to exchange secrets to bind the software layers to one another. During subsequent runtime of the software application, the software layers execute a runtime key derivation algorithm to combine the secrets shared during initialization with dynamic time information to generate a data encryption key. The software layers can then securely transfer data with each other by encrypting and decrypting data exchanged between the software layers using the dynamically generated data encryption key.

Abstract: This disclosure relates to systems and methods for enabling the use of secret digital or electronic information without exposing the sensitive information to unsecured applications. In certain embodiments, the methods may include invoking, by a client application executing in an open processing domain, a secure abstraction layer configured to interface with secret data protected by a secure processing domain. Secure operations may be securely performed on the secret data by the secure abstraction layer in the secure processing domain based on an invocation from a client application running in the open processing domain.

Abstract: Due to different formats for documents, in particular different means of identifying users, it is a problem how to handle a document in a cloud storage system, in which a user is identified by first user credentials, for processing by an authenticated printing system for which the user is identified by second user credentials. This problem is solved by a method comprising the steps of: i. obtaining the document from the cloud storage system, the document comprising document metadata comprising the first user credentials, ii. obtaining the second user credentials based on the first user credentials, iii, obtaining a print job corresponding to the document, the print job comprising print job metadata comprising the second user credentials, and iv. forwarding at least the print job metadata comprising the second user credentials, to the authenticated printing system for the processing. A system and a computer program product for performing the method are also provided.

Abstract: A access right estimation apparatus includes an extraction unit that extracts at least one first component from a first object which forms a first document, an access right being set up for the first document; an association unit that associates the extracted first component with access right information which indicates a user who is capable of accessing the first component based on the access right which is set up for the first document; and an access right estimation unit that estimates an access right that should be set up for a second document, which includes at least one second component extracted from a second object that forms the second document, an access right being not set up for the second document, the access right estimation unit estimating the access right based on the second component and the access right information which is associated with the first component.

Abstract: Systems and methods for destroying sensitive enterprise data on portable devices are provided. Such systems and methods may include providing a portable device that includes a security agent for deleting sensitive enterprise data. The security agent on the portable device can be required to regularly be authenticated by a user through an authentication server. The authentication server provides a pre-determined timeframe for which the user would need to re-authenticate. Failure by the user to re-authenticate within the pre-determined timeframe can result in the security agent proceeding with deleting the sensitive enterprise data on the portable device.

Abstract: Systems, methods, and non-transitory computer-readable media can detect a set of images locally stored on a computing system. The computing system can be associated with a first user. One or more facial recognition processes can be applied to the set of images. It can be determined, based on the one or more facial recognition processes, that a subset of images, out of the set of images, is associated with a second user. One or more options for the first user to share the subset of images with the second user can be provided.

Abstract: Methods and arrangements for protecting enterprise data with respect to a hybrid application in a mobile device that accesses a global computer information network using enterprise infrastructure. A hybrid application is recognized in a mobile device, the hybrid application being configured to communicate with an enterprise network and a non-enterprise network. There are provided, in communication with the hybrid application, controls for segregating data flows from the enterprise network and non-enterprise network. A policy service is provided, which applies a policy for the segregating and governed routing of data flows from the enterprise network and the non-enterprise network. Other variants and embodiments are broadly contemplated herein.

Abstract: An electronic whiteboard system includes a server device 10 including a storage device 11 that stores electronic whiteboard data of an electronic whiteboard and area data of a plurality of areas obtained by dividing the electronic whiteboard, and object data of an object in the area, and an SV communication unit 13 that performs data communication with client terminals 20a, . . . , and an access right determination unit 14 that gives an access right for each user for each of the divided areas and determines permission/prohibition of access based on the given access right, and the client terminals 20a, . . . that include a CL communication unit 23 that performs data communication with the server device 10, and an output device 24 that acquires the electronic whiteboard data, and the like from the server device 10, converts the acquired data into drawing data, and displays the drawing data.

Abstract: A content distribution method including: receiving, from a terminal, first information indicating an attribute of a user of the terminal, transmitting, to the terminal, second information relating to the attribute of the user of the terminal based on the first information, receiving, from the terminal, the second information and third information indicating a location of the terminal, and transmitting a content that is selected from among a plurality of contents based on the received second information and the received third information.

Abstract: Embodiments for preventing data loss in a business environment are provided. In some embodiments, a secure endpoint file export application assigns users to different classes having different permissions for accessing and writing data. In an embodiment, the system and method are configured to identify a plurality of users in a business environment; classify the plurality of users according to business needs; assign the users to one of at least two classes based on the classification; determine that the first user is permitted to access the data; transmit the secure file to a second user who is permitted to write the data in the secure file to removable media; write the data in the secure file to the removable media; and track a location of the removable media.

Abstract: An information viewing method, relative device, system, and storage medium are provided. The method includes: sending, by a first server, an interactive message comprising a searching instruction to a second server when receiving the searching instruction sent by a client; searching for, by the second server, corresponding target information according to a configured searching permission corresponding to the user information in the searching instruction, generating a searching link address associated with a storage address of the target information and sending the generated searching link address to the first server; returning, by the first server, the searching link address to the client; and presenting, by the second server, the corresponding target information when receiving a viewing request.

Abstract: Embodiments relate to deduplication and compression on data performed downstream from where the data is encrypted. Confidentiality of data is maintained, and the ability of storage systems to perform data reduction functions is supported. Encrypted data to be written to a storage system is separated into one or more data chunks. For a data chunk, a master encryption key for an owning entity associated with the data chunk is retrieved. The data chunk is decrypted into plaintext, and the plaintext is transformed by performing one or more advanced data functions. A private key is created and used to encrypt the transformed plaintext, which is stored as a first encryption unit. A wrapped key is created by encrypting the private key with the master key, and is stored as metadata for the encryption unit to limit data access to the owning entity.

Abstract: In one embodiment, system to manage and delivery electronic documents is disclosed.

Abstract: Validating a query execution includes determining whether a condition of a query has changed and recompiling the query if the condition has changed.

Abstract: In embodiments, methods and systems for controlling access to custom objects are provided. These techniques for controlling access to custom objects can enable embodiments to utilize a key for the protection of the security of data that is to remain private while not compromising efficiency of a query. The key for a requested custom object is identified and then used so that only an appropriate portion of a custom entity share table is searched to locate access information. It is then determined whether the user can access at least a portion of the custom object, and the appropriate and allowed data is sent to the user.

Abstract: A reader unit (31) is configured to be operationally coupled with an assay unit (11) that is capable of performing one or more diagnostic tests (13) on one or more physiological samples (15), and is configured (32, 36) to obtain test raw data (73) of diagnostic tests performed on an assay unit operationally coupled with the reader unit. The reader unit comprises an encryption module (33) that is configured to encrypt input data with locking key data (75), the input data comprising the test raw data, or data derived from said test raw data. The reader unit is configured to provide access to the encrypted data (77), but not to the input data.

Abstract: Techniques described herein can be implemented as one or a combination of methods, systems or processor executed code to form embodiments capable of improved protection of data or other computing resources based at least in part upon limiting access to a select number of delegates. Limited access to cloud data based on customer selected or other criterion, reducing the possibility of security exposures and/or improving privacy is provided for.

Abstract: A method classifies data to determine hidden states of a machine by first acquiring data from the machine in a client, which is permuting randomly, and then chaff is inserted before transmitting to server as private data. The server classifies the private data according to a hidden Markov model to obtain permuted noisy estimates of states of the machine and the chaff, which are transmitted to a third party. The third party removes the chaff and inverts noisy estimates using a permutation ordering to obtain unpermuted noisy estimates of the states of the machine.