Abstract: A patient communication system includes at least one patient communication device including a speaker and a microphone, a device number database having at least one quasi-unique device number, at least one display device associated with at least one user code, a user code database including at least one user code, a barcode scanner and a computer processing component. The patient communication device is associated with at least one quasi-unique device number magnetically represented as a barcode. The quasi-unique device number is associated with a patient database. The computer processing component is configured to associate the user code and the quasi-unique patient communication device number, and invoke a pairing function to send a signal to activate a device communication connection session. The computer processing component is configured to allow display of patient information from the patient database on the display device.

Abstract: The present invention is directed to a system for controlling access for a telehealth network, wherein the controlled access is automatic and intermittent. A trigger enables access to the telehealth network. A second trigger disables access to the telehealth network.

Abstract: Utilizing graphical elements representing human bodies to estimate physical measurements of a user is described. In at least one example, a service provider can access a database storing a plurality of data items. The service provider can cause a set of data items of the plurality of data items to be presented to the user. Data items in the set of data items are associated with at least one graphical element representing a human body with individual magnitudes corresponding to individual dimensions of a plurality of dimensions. The service provider can receive data indicating a selection of a data item associated with a first magnitude associated with a first dimension and a second magnitude associated with a second dimension. The service provider can estimate physical measurements associated with the user based partly on a first magnitude and/or the second magnitude.

Abstract: Systems and methods are provided for evaluating an eye of a patient. A modeling component is configured to determine a representation of at least the cornea of the eye from a three-dimensional structural image of the eye and at least one biomechanical property of the eye. A feature extractor is configured to extract a plurality of features from the model of at least the cornea of the eye. An ectasia evaluation component is configured to calculate at least one parameter associated with the risk of ectasia in the eye from the extracted plurality of features. A system output is configured to provide the calculated at least one parameter to one of a treatment system and a user.

Abstract: Systems for diagnostic decision support utilizing machine learning techniques are provided. A library of physiological data from prior patients can be utilized to train a classification component. Physiological data, including time parameterized data, can be mapped into finite discrete hyperdimensional space for classification. Dimensionality and resolution may be dynamically optimized. Classification mechanisms may incorporate recognition of quantitative interpretation information and exogenous effects.

Abstract: Systems for diagnostic decision support utilizing machine learning techniques are provided. A library of physiological data from prior patients can be utilized to train a classification component. Physiological data, including time parameterized data, can be mapped into finite discrete hyperdimensional space for classification. Dimensionality and resolution may be dynamically optimized. Classification mechanisms may incorporate recognition of quantitative interpretation information and exogenous effects. A radial expansion or contraction around a time-parameterized patient descriptor may be utilized to select library data for use in an analysis.

Abstract: The present invention provides a system for merchandising at a sales facility. The system has a first wireless device of an owner, a second wireless device in the sales facility, a low-energy electronic beacon in the sales facility electronically having a transmission range not extending substantially beyond the sales facility, and a software application. When the software application is executed it causes the electronic beacon to transmit a polling beam in the sales facility, senses the presence of the first wireless device in the sales facility, determines the physical location of the first wireless device, searches the database for pertinent information of the owner; and displays on the display the identity of the owner, the physical location of the first wireless device, and the pertinent information.

Abstract: In a system and method for filling post-discharge medications of a hospital patient a first receive signal carries a consent indicator indicating consent by the hospital patient or a caregiver of the hospital patient to fill at least one post-discharge medication prescribed or to be prescribed to the hospital patient, a second received signal carries an identifier of one of a plurality of affiliated retail pharmacies at which to fill the at least one post-discharge medication, the consent indicator is transmitted to a Pharmacy Benefit Management (PBM) service used by a physician of the hospital patient to process the at least one post-discharge medical prescription prescribed thereby in order to gain access to the at least one medical prescription prescribed by the patient's physician, the at least one medical prescription from the PBM service is received based on the consent indicator, and the obtained at least one medical prescription is transmitted to the identified one of the plurality of retail pharmacie

Abstract: A personalized nutritional and metabolic modification system is described. The personalized nutritional and metabolic modification system includes a processor and a visual interface, which through a software program and in response to a user data set provides an avatar which transforms its appearance in response to changes in the user data set over time. A food selector component of the software program provides customized meal plans according to the characteristics and goals of the particular individual using the system by using evidence-based formulae to develop and adjusts a comprehensive nutritional plan in response to the individual's goals and changing activity. Changes in appearance of the avatar in response to changes in the user data over time provide feedback for tracking the user's progress through the visual interface.

Abstract: System and method for monitoring a patient's health condition is disclosed. The system assesses the patient's health condition based on a data collected by observing the physical activity of the patient and the physical state of the patient. The physical state is measured by vital sign measuring sensors. The patient's health condition is assessed by the system by collectively analyzing the physical activity, the physical state, and a correlation among the acquired data. Further, an authorized personnel issues an intervention to interact with the patient and to validate the assessment of the patient's health condition.

Abstract: A method implemented in a system including a copier or scanner connected to a digital rights management (DRM) server, which can prevent unauthorized copy or scan while allowing authorized users to obtain high quality hardcopies or scans. After the copier or scanner scans an input hardcopy document, the server determines whether the scanned document image matches any protected document in the DRM system. If a match is found, and the server determines that the user is permitted to copy or distribute the document, the server transmits an electronic version of the matched document from the DRM system to the copier or user-selected email recipients, so that the user or the email recipients can receive a high quality document. If a matched document is found but the user is not permitted to copy or distribute it, the copier or scanner deletes the scanned document image without printing or saving it.

Abstract: A method, receiver, and server enable content protection over broadcast channels. A method for receiving a media license includes receiving broadcast media data including at least a portion that is protected and requesting a message from a content decryption module (CDM) of the receiver. The method includes receiving a license signaling message including encrypted license data and identifying one or more hash codes in the license signaling message. Additionally, the method includes identifying the encrypted license data for the receiver based on a mapping between the one or more hash codes and a hash of the message from the CDM. A server for providing a media license sends, to a receiver or a group of receivers, a license signaling message including encrypted license data and a license message hash indicating a hash code used to identify the receiver or the group of receivers for the encrypted license data.

Abstract: Managing and accessing media items, including: a plurality of domains configured to provide access to media items; a plurality of clients associated with the plurality domains, and providing a pathway for accessing the media items; and a spanning application configured to track and aggregate accessible media items from the plurality of domains based on authentication and registration information and associated rights of the plurality of clients and the plurality of domains, wherein the spanning application enables accessing of the media items across the plurality of domains.

Abstract: In one embodiment, a system comprises: a content provider interface logic to receive a content license from a content provider, the content license to indicate that the system may distribute digital content associated with the content license to one or more devices; an attestation logic to attest a state of a first device; and a key management logic to generate a content key for the first device responsive to a request by the first device for the digital content and attestation of the first device state, and provide the content key to the first device. Other embodiments are described and claimed.

Abstract: As disclosed herein a method, executed by a computer, includes receiving a deployed computer application to be staged, where the deployed computer application includes monitored items corresponding to a downloaded code package, verifying the integrity of the downloaded code package included in the deployed computer application, and staging the deployed computer application to provide a staged computer application. The method further includes monitoring the staged computer application for usage of monitored items corresponding to the downloaded code package and billing a customer according to usage of the monitored items. A computer system, and a computer program product corresponding to the method are also disclosed herein.

Abstract: An administrative system generates a sequence of passwords by iterative evaluation of a hash function, initiated from a private key value and continuing to a final, public key value. A current token is created that includes a current one of the passwords. A protected device tests the validity of the current password by inputting it to a hash function sub-chain. The current password is considered valid if, after hashing the current password n+1 times, where n corresponds to the number of tokens previously received, the result is a revealed value, such as a previously verified password of the public key value. At least one unit of a one-time programmable hardware device, such as processor fuses or anti-fuses, is then physically and permanently altered, thereby incrementing a count entry indicating the number of tokens received. The protected device performs a desired action only if the current password is verified.

Abstract: A computer system and method for user authentication and theft prevention. The computer system includes a speaker, a display, a processor, a non-transitory computer readable medium operatively connected to the processor, and a logic stored in the non-transitory computer readable medium that, when executed by the processor, causes the computer system to perform a method. The method includes the step of accepting a first password input from a user. If a predetermined number of incorrect inputs occur, the computer system emits an alarm through the speaker and displays contact information of the owner on the display. The user must then input a second password distinct from the first password in order to stop the alarm. After the alarm stops, the user must input a third password, which may be different than the first password, in order to access the computer system.

Abstract: A method and system for authenticating a user is provided. The method includes receiving keyboard entries from a user while a cursor of a computer screen is positioned in a password field of the user. The keyboard entries include a series of alphanumeric characters forming part of a password of the user and one or more function keys that either delete one or more of the alphanumeric characters or do not affect the alphanumeric characters as entered into the password field. The key board entries are logged. The logged keyboard entries checked to determine whether they match a stored valid password for the user such that the one or more function keys that either delete one or more of the alphanumeric characters or do not affect the alphanumeric characters are considered part of the submitted password which is compared to the stored valid password for authentication of the user.

Abstract: A system, method, and computer-readable storage device for receiving data representative of an input sample comprising a user's motion while entering information into a data input device, calculating a statistical summary of the input sample representative data, and comparing, using geometric and geospatial constructs, the calculated statistical summary of the input sample representative data to statistical summaries of representative data of previous input samples in a stored profile of a selected user to generate an indication whether the user is the selected user.

Abstract: A system includes one or more biometric sensors, a sensor hub and a trusted application execution environment. The sensor hub has exclusive access to the sensors and also isolates untrusted/unauthenticated portions of the operating system from direct access to unencrypted biometric data acquired by the sensors. During a biometric scan/collection process, only the sensor hub and a security engine can access the sensors and a storage component. The sensor hub reads the sensors to obtain the biometric data associated with the scan/collection process and stores the biometric data in the storage component. The security engine encrypts the biometric data before the sensor hub removes the access restrictions. Various components transfer the encrypted biometric data from the storage component to the trusted environment, which hosts algorithms for processing the biometric data.

Abstract: An electronic device and an information processing method are disclosed in the disclosure. The electronic device comprises: a wearable apparatus capable of forming a ring or an approximate ring, which is able to surround a first cylinder; a first sensor arranged at least partly in the wearable apparatus and towards an interior of the ring or the approximate ring, and configured to detect first biometric information of at least part of a wearer's body surrounded by the wearable apparatus if the wearable apparatus is worn on the part of the wearer's body; a first processor arranged in the wearable apparatus, and configured to determine whether the first biometric information matches first preset biometric information to obtain a determination result and to perform security processing corresponding to the determination result based on the determination result.

Abstract: The present invention relates to a mobile terminal and a method for controlling the same, the mobile terminal comprising: a camera; a display unit for displaying an image inputted through the camera; and a control unit which performs a user authentication on the basis of a received first facial image when the first facial image including facial features necessary for the user authentication is received through the camera, and which performs a user authentication by using at least one facial feature included in a received second facial image when the second facial image which lacks a part of the facial features is received.

Abstract: A method for storage array self-configuration is disclosed. The method includes accessing an authenticated token that comprises encrypted configuration data for a storage array, decrypting the configuration data, and based on the configuration data, executing with configuration executing components of the storage array a configuration of the storage array. The configuration is executed responsive to an authentication of the token.

Abstract: A method, system or computer usable program product for managing access to an electronic system through a touchscreen device including presenting a display of a first and a second scrolling stream of icons; responsive to user input, detecting contemporaneous selection of a first icon from the first scrolling stream and a second icon from the second scrolling stream; and responsive to the selection of the first and second icon matching an established unlock pattern, unlocking the electronic system.

Abstract: An apparatus and method for controlling lock-screen output are provided. The electronic device includes a touch screen display, a processor electrically connected to the display, and a memory electrically connected to the processor. The memory stores instructions that, when executed, cause the processor to display a first screen comprising sets of objects to the display, configure, in response to a first touch input for selecting an object displayed on the first screen, at least one object included in a set of objects related to the selected object as at least one lock object for releasing a lock screen, and display a second screen configured with the at least one lock object. In addition, various embodiments identified in the specification are enabled.

Abstract: Systems and methods authenticate with application extensions. An application extension requests a token from a local application. The local application generates a token and either inserts the token into a protected storage accessible only by the application extension being run by the current user or returns the token back to the application extension after being confirmed by the legitimate user. The application extension uses the token to authenticate itself with the local application.

Abstract: Technologies for client-level web application runtime control and multi-factor security analysis by a computing device include receiving application code associated with a browser-based application from a web server. The computing device collects real-time data generated by at least one sensor of the computing device and performs a multi-factor security assessment of the browser-based application as a function of the collected real-time data and the application code. Further, the computing device establishes a client-level web application runtime security policy associated with the browser-based application in response to performing the multi-factor security assessment and enforces the client-level web application runtime security policy.

Abstract: A monitoring device inspects a redirect code inserted into content of a compromised web site, and, in accordance with a result thereof, when information of a new malicious website is described in the redirect code, the monitoring device acquires information of the malicious website and registers the information on a blacklist. In addition, the monitoring device unregisters information of the malicious website that is no longer described in the redirect code in the content from the blacklist.

Abstract: Methods, media, and systems for detecting an anomalous sequence of function calls are provided. The methods can include compressing a sequence of function calls made by the execution of a program using a compression model; and determining the presence of an anomalous sequence of function calls in the sequence of function calls based on the extent to which the sequence of function calls is compressed. The methods can further include executing at least one known program; observing at least one sequence of function calls made by the execution of the at least one known program; assigning each type of function call in the at least one sequence of function calls made by the at least one known program a unique identifier; and creating at least part of the compression model by recording at least one sequence of unique identifiers.

Abstract: Protecting a module intended to be executed by an executing device that has an operating system and that is either genuine or jailbroken is described.

Abstract: An apparatus includes a first interface configured to be coupled to a storage device via a first bus. The apparatus includes a second interface configured to be coupled to a system processor (e.g., a central processing unit (CPU), a graphics processing unit (GPU), a digital signal processor (DSP), etc.) via a second bus. The apparatus further includes a processor configured to, during a boot process of the system processor, receive boot code from the storage device via the first interface. The processor is configured to generate a first value based on the boot code. The processor is further configured to provide the boot code to the system processor via the second interface.

Abstract: A method to augment a plurality of IPS or SIEM evidence information is provided. The method may include monitoring a plurality of processes associated with a computer system. The method may also include identifying a plurality of processes that have network activity. The method may further include capturing the identified plurality of processes that have network activity. The method may also include storing the identified captured plurality of processes that have network activity. The method may include monitoring a plurality of selected programs associated with an operating system of the computer system. The method may also include identifying a plurality of selected programs that have network activity. The method may further include capturing a plurality of screen capture images associated with the identified plurality of selected programs. The method may include storing, by the second component the captured plurality of system process activity.

Abstract: Exemplary embodiments of the present invention provide an input device including a keyboard having at least two keys. A heating or cooling element is connected to each key. A sensor is configured to detect key temperature. A controller is connected to the sensor for controlling the key temperature.

Abstract: Techniques for mitigating the transitive data problem using a secure asset manager are provided. These techniques include generating a secure asset manager compliant application by tagging source code for the application with a data tag to indicate that a data element associated with the source code is a sensitive data element, accessing a policy file comprising transitive rules associated with the sensitive data element, and generating one or more object files for the application from the source code. These techniques also include storing a sensitive data element in a secure memory region managed by a secure asset manager, and managing the sensitive data element according to a policy associated with the sensitive data element by an application from which the sensitive data element originates, the policy defining transitive rules associated with the sensitive data element.

Abstract: Embodiments are directed to displaying content projected from a source computing device on a display of a locked target computing device. Embodiments are also directed to projecting control information onto a locked target computing device's display and allowing control of a second computing device using the control information displayed on the target computing device. In one scenario, a target computing device receives a request to display content projected from another computing system. The target computing device determines whether receiving projected content from the other computing system is permissible on the target computing device when the target computing device is in a locked state. Then, upon verifying permissibility, the target computing device provisions computing resources to display the received content while in the locked state. The target computing device may also control functions on the other computing system using control information.

Abstract: Disclosed are various examples for an interface reflecting the states of files. A client application determines the states of files accessible through a file management system. An interface is generated with user interface elements corresponding to the files. The user interface elements are modified to reflect the states of the corresponding files.

Abstract: Large scale system operation may be provided. Upon receiving an action request from a user, a determination may be made as to whether the user requires elevated permissions to perform the action request. In response to determining that the user requires elevated permissions to perform the action request, the action request may be forwarded to a lockbox for evaluation and a permission response may be received from the lockbox.

Abstract: A cloud data encryption and security system includes a central computing authority and a network of computing devices. At least some of the computing devices are pod computing devices physically hosted by an operator. The pod computing devices include a central processing unit and a computer readable storage media in data communication with the central processing unit. Data is encrypted in the computer readable storage media so that the owner can access the data but the operator cannot access the data.

Abstract: A method and system for performing an operation on protected sensitive data. A processor of a data processing system receives, from a computing system: (i) the protected sensitive data, (ii) an identification of an operation that accesses and utilizes the protected sensitive data during performance of the operation, and (iii) a request to perform the operation, wherein the computing system is external to the data processing system. The processor de-protects the received protected sensitive data, which generates unprotected sensitive data from the protected sensitive data. The processor performs the operation, which includes accessing and utilizing the unprotected sensitive data and generating a result. After the operation is performed, the processor re-protects the unprotected sensitive data, which restores the protected sensitive data. The processor sends the result to the computing system.

Abstract: A method is provided in accordance with an aspect of the present disclosure. The method includes receiving and processing information from a first electronic device. The information includes at least location data, privacy zone data, and privacy distance data of the first electronic device. The method further includes calculating a current distance between the first electronic device and at least one sensor of a second electronic device, comparing the current distance with a predetermined privacy distance retrieved from the privacy distance data for the first electronic device, and determining an orientation of the at least one sensor of the second electronic device when the current distance is less than or equal to the privacy distance. The orientation is determined in relation to a privacy zone of the first electronic device.

Abstract: Methods, systems and computer readable media described herein may facilitate the automatic identification of a need for additional authentication based on a received private message or PID, the urgency of a received private message, thus determining whether an immediate alert is output to a user, and/or a determination whether a protected message is to be archived for later retrieval via authentication. A device may be configured (e.g., by user input) to control selective decoding and display of messages (e.g., private messages), registration and configuration of blacklists, and/or defining criteria for determining urgency of a received message. Device configurations may be dynamically changed or updated according to user preferences and user treatment of received messages.

Abstract: An multi-level privacy evaluation technology is described for increasing the performance of applications or services that experience high volumes of queries for data with privacy attributes. The multi-level privacy evaluation technology evaluates data using a subset of privacy policy rules and privacy information determined for the data at a backend server and thereby reduces the volume of data that need to be filtered at a frontend server. The multi-level privacy evaluation technology first applies an initial privacy check on a large data set at the backend to authoritatively filter out any data that a viewing user is not permitted to view or access and return as results a smaller data set that the viewing user may be permitted to view or access. A full privacy check is then performed at the frontend on the smaller data set, resulting in reduction in the overall cost of performing privacy checks and reducing latency in displaying data to the viewing user.

Abstract: Techniques for protecting data in a processor are provided. An example method according to these techniques includes performing one or more operations on encrypted data using one or more functional units of a data path of the processor to generate an encrypted result. Performing the one or more operations includes: receiving at least one encrypted parameter pair at a functional unit, each encrypted parameter pair comprising an encrypted parameter value and a challenge value associated with the encrypted parameter value, the encrypted parameter being encrypted using a homomorphic encryption technique, the challenge value being used to recover a key used to encrypt the encrypted parameter value, and performing a mathematical computation on the at least one encrypted parameter. The method also includes outputting the encrypted result.

Abstract: Techniques for encrypting the data in the memory of a computing device are provided. An example method for protecting data in a memory according to the disclosure includes encrypting data associated with a store request using a memory encryption device of the processor to produce encrypted data. Encrypting the data includes: obtaining a challenge value, providing the challenge value to a physically unclonable function module to obtain a response value, and encrypting the data associated with the store request using the response value as an encryption key to generate the encrypted data. The method also includes storing the encrypted data and the challenge value associated with the encrypted data in the memory.

Abstract: A computer system includes program instructions to generate a first virtual keypad for entry of a first portion of a password, wherein the first portion includes a first value and a second value. The program instructions receive the first portion, wherein the first portion includes a first number of keys selected equal to the first value and the second value present in the first number of keys selected. The program instructions generate a second virtual keypad for entry of a second portion, wherein the second portion includes a third and a fourth value. The program instructions receive the second portion, wherein the second portion includes a second number of keys selected equal to the third value and the fourth value present in the second number of keys selected. The program instructions determine to grant a user access to an account associated with the account password.

Abstract: An inverting amplifier creates a voltage C using a reference voltage (voltage B) as a reference point. An adder composed of two input inverting amplifier circuits ultimately creates a voltage D by carrying out weighted addition of the voltage A and the voltage C. By using the voltage D created by an input front-end circuit, the internal functions of the control IC can prevent the operating points and control amounts for each function from being different relative to the input voltage and make it possible to distinguish voltage within the control IC from zero voltage when the lowest input voltage is received.

Abstract: Indicia-reading systems that interface with a user's nervous system include a device with electrodes capable of detecting electromagnetic signals produced in the brain or skeletal muscles of a user. The systems also include a computer with a processor and memory. The computer is configured to monitor the electromagnetic signals that are detected by the electrodes. The computer is also configured to perform operations in response to certain monitored electromagnetic signals. The computer may be an indicia-reading device configured to acquire indicia information in response to certain detected electromagnetic signals. The computer may also be a vehicle-mounted computer configured to sound an alarm in response to certain detected electromagnetic signals.

Abstract: The present invention relates to an intelligent energy management system and an energy management method for a passive radio frequency tag. Digital conversion is performed on the amplitude of a DC signal absorbed and rectified by an inductance coil antenna of the tag, by providing an intelligent energy management module. The input terminal of the intelligent energy management module is respectively connected to a power supply voltage detection and judgment circuit and a demodulator circuit, and configured to judge the level of charge and enabling state of the tag; and the output terminal thereof is respectively connected to a discharge path, a bias current source and an analog circuit module, and configured to bring the analog circuit module into the optimal operating state according to the enabling state of the tag, or to turn-off/get dormant each analog circuit module thus to reduce power consumption of the tag and improve the sensitivity of the tag.

Abstract: Systems and methods are disclosed for tracking and utilizing data tag carriers involving a plurality of terminals, and associated data tags and data tag carriers. A first terminal obtains an initial data tag from an initial data tag carrier. The initial data tag includes initial service processing information and information about the initial data tag carrier. A first data tag carrier group is coupled to the first terminal and comprising at least one first data tag carrier. The first data tag carrier group obtains the initial data tag from the first terminal and to release the first data tag through the first data tag carrier. The first data tag includes a first service processing information, information about the first terminal and the first data tag carrier. The disclosed systems and methods are simple, easy to implement, and of low cost.

Abstract: A read chamber device is disclosed for use within a radio frequency identification (RFID) scanning enclosure which provides a means of reading a plurality of cartons moving through the enclosure via a conveyor belt. The enclosure is positioned over a section of the conveyor belt, such that the plurality of cartons on the conveyor belt pass directly through the enclosure. The read chamber device is positioned centrally to the enclosure and projects a read zone via an antenna positioned in-line with the flow of the conveyor which allows the read chamber to read a large variety of inlays without changing the configuration settings of the device. The RFID scanning enclosure also utilizes dynamic power indexing (DPI) to combine parameter inputs to create a smarter reader that can anticipate changes. The reader is then manipulated in real-time to adapt to the needs of each carton and the tunnel scanning environment.