Abstract: A circuit design may have registers and combinational gates. Circuit design computing equipment may perform register retiming in the circuit design, whereby registers are moved across combinational gates. Information about the register moves may be recorded, and a modified circuit design is created. The circuit design computing equipment may implement the circuit design in an integrated circuit. A logic analyzer may be used to debug the circuit design implemented in the integrated circuit in real-time and at high-speed. To facilitate the debugging process, the circuit design computing equipment may augment the integrated circuit and/or compensate for register retiming based on the information recorded during register retiming.

Abstract: Methods of “reprogramming” epigenetic mark readers or erasers to recognize epigenetic marks other than their cognate (or natural) marks are provided. Reprogramming the reader or eraser can offset the effects of aberrant writer activity (for example, loss of function or overactivity) that can contribute to certain diseases states, such as cancer. The use of the reprogramming compounds identified by these methods in the treatment of such disease states is also provided. Exemplary mark readers that can be targeted by these methods include BPTF and CBX2.

Abstract: Systems and methods for analyzing genetic sequence data involve: (a) obtaining, by a computer system, genetic sequencing data pertaining to a subject; (b) splitting the genetic sequencing data into a plurality of segments; (c) processing the genetic sequencing data such that intra-segment reads, read pairs with both mates mapped to the same data set, are saved to a respective plurality of individual binary alignment map (BAM) files corresponding to that respective segment; (d) processing the genetic sequencing data such that inter-segment reads, read pairs with both mates mapped to different segments, are saved into at least a second BAM file; and (e) processing at least the first plurality of BAM files along parallel processing paths. The plurality of segments may correspond to any given number of genomic subregions and may be selected based upon the number of processing cores used in the parallel processing.

Abstract: A method, computing device and computer program product are provided in order to implement a test plan in an efficient manner. In the context of a method, a plurality of test messages from each of a plurality of different source systems are stored. The plurality of test messages may include test messages to be captured in an electronic health record. The method constructs a test plan. The test plan identifies an end point. The test plan also includes one or more test messages that have been previously stored and respective anticipated outcomes at the end point following transmission of the test messages. The method also includes transmitting the test messages of the test plan and receiving feedback regarding the outcome following transmission of the test messages of the test plan to the end point. The method also includes determining whether the test plan was successfully executed based upon the feedback.

Abstract: A system includes a person-support structure, a sensor configured to sense a characteristic of a person supported on the person-support structure, and a control configured to calculate a condition score as a function of the characteristic of the person. The control is operable to change a characteristic of the person-support structure as a function of the condition score.

Abstract: A system and method for preparing food, involving a nutritional information module for aggregating nutritional and portion information of an entire menu to adjust serving weight by preferred caloric value. The system involves a scheduler module which compiles task information for any individual recipe. The scheduler module has a passive task time and/or an active task time and stamps the preparation time for a recipe. The system compiles and stores a cook's information for analyzing an individual cooking: style time. Moreover, the system involves a feedback module for predicting preparation time of any particular menu choice. Additionally, the system involves recipe data, an organizer, a shopping assistant, and a recommendation module to facilitate menu pairings as well as sourcing and purchasing, required ingredients, required cookware, and utensils for a recipe.

Abstract: A method for predicting petroleum expulsion. A chemical structure of a kerogen is defined and a plurality of reaction products of the kerogen under geologic heating rates are identified. The plurality of reaction products are grouped into a plurality of product lumps based on their chemical composition and predicting petroleum expulsion for each of the plurality of product lumps based on secondary cracking reactions.

Abstract: A method, system and non-transitory computer-readable medium product are provided for functionality watermarking and management. In the context of a method, a method is provided that includes identifying a request to establish an association between a watermark template and a function of at least one user device and determining whether the request to establish the association between the watermark template and the function of the at least one user device is authorized. The method further includes authorizing the request to establish the association between the watermark template and the function of the at least one user device in response to a determination that the request to establish the association between the watermark template and the function of the at least one user device is authorized.

Abstract: A computer system includes a server device which provides one or more content packages each comprising a plurality of asset files. A client device stores the content packages, and generates a virtual environment based on the asset files to be displayed on a display unit. A tracker is arranged to record an asset list directly or indirectly representing a sequence of the asset files according to progress through the virtual environment at the client device, and to distinguish between legitimate and non-legitimate behavior of the client device according to the recorded asset list.

Abstract: The invention provides a computer-implemented authentication method comprising the step of enabling a user to input an identifier (e.g. a PIN) into an electronic device having a screen and a keypad operable within a keypad zone of the screen; by operating at least one key of the keypad via an image of at least part of a scrambled keypad which is displayed at least partially within the keypad zone. The user's operation of the keypad key via the image generates an encoded version of the user's intended input. In one sense the invention can be perceived as superimposing a non-functional image of a scrambled keyboard over an underlying, functional keypad. The image may be any type of electronic image, and may include a video image. The invention is particularly suited for use with, but not limited to, mobile phones, tablet computer, PCs etc. It can be implemented in any system wherein a user's identity must be verified before access is granted to a controlled resource.

Abstract: The present invention is generally directed toward a mobile device that can be used in a secure access system. More specifically, the mobile device can have credential data loaded thereon remotely updated, enabled, disabled, revoked, or otherwise altered with a message sent from, for example, a control panel and/or controller in the system.

Abstract: An information processing device includes an image acquirer that acquires a shot image of a user, a registered user information holder that holds face identification data of a registered user, and a face authentication section that detects a face image of a registered user existing in the shot image by using face identification data held in the registered user information holder. The information processing device further includes an information processing section that executes information processing based on a detection result by the face authentication section, and a face identification data registration section that updates the face identification data based on a face image extracted from a shot image of a user at predetermined timings. The face identification data registration section determines whether or not to update the face identification data with a condition corresponding to a situation in which the timing is generated.

Abstract: An image processing apparatus is provided, including a user input interface to input biometric information of at least one user, a processor to process image data to be displayed as an image and to provide a preset service to authenticate a personal identification (ID) and the group ID of a user group including users corresponding to personal IDs, and a controller to specify a personal ID corresponding to biometric information of an input through the user input interface, and to select and authenticate the group ID corresponding to specified personal IDs from the storage when multiple personal IDs are specified. The controller derives interest of the multiple users corresponding to the respective specified personal IDs in the image and selects the group ID corresponding to a personal ID of a user determined to have a high interest.

Abstract: A human biological characteristic file corresponding to a particular identity is received and used as a base file. A characteristic code to be authenticated is obtained according to a human biological characteristic of a person who requests identity authentication when an identity authentication request corresponding to the particular identity is received. A base characteristic code is collected from a base file. A collecting algorithm applied for collecting the base characteristic code is the same as or matches an algorithm applied for obtaining the characteristic code. The present techniques determine whether the base characteristic code and the characteristic code correspond to a same human biological characteristic. If a result is positive, the identity authentication request is verified.

Abstract: Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a cyber-attacker. An end-user device (a desktop computer, a laptop computer, a smartphone, a tablet, or the like) interacts and communicates with a server of a computerized server (a banking website, an electronic commerce website, or the like). The interactions are monitored, tracked and logged. User Interface (UI) interferences are intentionally introduced to the communication session; and the server tracks the response or the reaction of the end-user to such communication interferences. The system determines whether the user is a legitimate human user; or a cyber-attacker posing as the legitimate human user. The system displays gauges indicating cyber fraud scores or cyber-attack threat-levels.

Abstract: A method for computer security. A gallery comprising a first identity of a first human person is maintained, the first identity associated with a plurality of tags, with first properties, useful for identifying the first human person. A first Internet search for facial images of the first human person is performed using the plurality of tags. A first facial image is selected from the results of this search. A second Internet search is performed for facial images of other human persons based on second properties that are generated by modifying the first properties of the plurality of tags. A plurality of additional facial images of the other human persons retrieved by the second Internet search is selected. A palette of randomized facial images including the first facial image together with the plurality of additional facial images is presented. Access is denied unless the correct facial image is selected.

Abstract: In some aspects, a first device detects information encoded in a wireless authenticator device based on a wireless interaction between the first device and the wireless authenticator device. The first device detects the information while securing resources on the first device according to a first security mode. Based on the detected information, the first device selects a second security mode associated with the wireless authenticator device. The first device then applies the selected second security mode. The selected second security mode is one of multiple distinct security modes. Each of the multiple distinct security modes is associated with a respective one of multiple wireless authenticator devices and defines accessibility attributes of the resources on the first device.

Abstract: A method of storing data from a whiteboard application executed on a computing system including an interactive display device is provided. The method comprises storing, in a memory of the computing system, whiteboard data input to the whiteboard application in response to user interaction with the interactive display device, displaying a login selector on the interactive display device, upon detecting actuation of the login selector, identifying the user based on credentials of the user; and in response to identifying the user, (i) retrieving previews of stored whiteboard files from a user account in a cloud-based storage system corresponding to the identity of the user, (ii) displaying the previews on the interactive display device, and (iii) uploading the whiteboard data as a whiteboard file from the memory of the computing system to the user account.

Abstract: Providing multi-dimensional password/challenge authentication for a computer device includes, in response to a login request, sending a login webpage, the webpage at least comprising a set of randomly generated icons with graphical attributes for sequentially selecting; and, determining whether each icon choice entered by a user complies with at least a dimensional option preset for each digit of a preset password according to at least a dimensional option of the digit.

Abstract: Systems and methods provide a security function for a device or applications running on a device. A lock tap sequence is entered by a user when the device is to be locked. When the user desires to unlock the device, the user enters a unlock tap sequence. If the lock tap sequence matches the unlock tap sequence, the device is unlocked.

Abstract: A processor system is arranged to execute user selected applications. A manager module is configured to detect a user selection of an application and configured to initiate a launch process. A supervisor module is configured to intercept the launch process initiated by the manager module and detect whether the application is a trusted application or an untrusted application. Trusted applications have a privilege to access resources without authorization, and untrusted applications do not have the privilege. The supervisor module has the privilege to access the resources. When the application is untrusted, the application is launched in a container, and at least one of the resources is delivered to the untrusted application in the container.

Abstract: A portable information device (PID) having a security module that conducts security-related functionality. At least some of the security-related functionality for the benefit of the PID is provided by a security team of at least one other PID. In one type of arrangement, when configured in a team processing mode, certain ones of the security functions or components operating for the benefit of the PID can be processed on one or more of the security team member devices. In another type of arrangement, the team of devices exchanges security-related information determined as a result of a single team member device's processing of one or more security-related tasks.

Abstract: A method is disclosed, where some embodiments of the method include installing at least one benign malware indicator on one or more computing devices, monitoring the one or more computing devices for the presence of the at least one benign malware indicator, and responsive to determining the benign malware indicator is no longer present, sending a notification indicating the benign malware indicator is no longer detected as present on the one or more computing devices. Other embodiments include performing an antivirus scan or identifying unauthorized software programs. An apparatus and one or more non-transitory computer-readable media storing computer-readable instructions capable of performing similar actions, the latter in conjunction with a computer executing instructions stored on the media, are also disclosed.

Abstract: The method includes identifying an instance of software installed. The method further includes determining a fingerprint corresponding to the instance of software installed. The method further includes determining a security risk associated with the instance of software installed. The method further includes identifying a software management policy for the instance of software based upon the fingerprint, security risk, and designated purpose of the computing device. In one embodiment, the method further includes in response to identifying the software management policy, enforcing, by one or more computer processors, the software management policy on the instance of software installed on the computing device.

Abstract: A computer-implemented method for monitoring programs may include (1) placing a program within an enclave that includes a protected address space that code outside of the protected address space is restricted from accessing, (2) hooking an application programming interface call within the program in the enclave to monitor the behavior of the program, (3) inserting an enclave entry instruction into code outside of the protected address space that the program accesses through the hooking of the application programming interface call, and (4) monitoring the behavior of the program by executing the program within the enclave in an attempt to force the program to use the hooked application programming interface call in order to access data outside the enclave. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: By comparing a chip unique password, certification for activating a debug function can be established on the chip unique password. Thus, even when the chip unique password is lost due to negligence, not only certification for activating debugging on other motherboards of the same model number can remain unaffected, but also risks caused by replacing a chip or by a private key leakage from a system manufacturer are eliminated.

Abstract: A captured digital image is stored in memory together with metadata derived from a location signal only if the location metadata is determined not to be within one or more predefined exclusion zones. A GPS receiver module can be implemented to obtain the location signal.

Abstract: A method and apparatus for renewing cryptographic material are disclosed. In the method and apparatus a cryptographic material renewal entity of a computing resource service provider detects that cryptographic material stored by a secure module is to be renewed. Renewing the cryptographic material may include rekeying a private key associated with a certificate. Further, a digital certificate may be renewed, and the renewed certificate may be provided for use by the computing resource. The cryptographic material is used to fulfill requests made by a computing resource provisioned by the computing resource service provider for a customer. The renewed cryptographic material is provided to the secure module, whereby the renewed cryptographic material is used by the secure module to fulfill further requests made by the computing resource.

Abstract: Systems and methods for content-protecting video codecs are described. At least one embodiment of the invention comprises a system for protecting video content comprising computer memory comprising a stored set of instructions for processing video data; and at least one microprocessor configured to process the video data according to the stored set of instructions, the stored set of instructions requiring identification of data to be removed, at least a portion of which is essential to obtaining a visually acceptable reproduction of video, the stored set of instructions being further configured to replace removed data with data-hiding values, wherein the visually acceptable reproduction of video cannot be generated without a key that enables recovery of enough of the removed data from the data-hiding values that replaced the removed data.

Abstract: A price-mining prevention system, in various embodiments, is configured for: (A) detecting an access request for a particular web page; (B) at least partially in response to detecting the access request, determining, based at least in part on the access request, a source of the request; (C) determining, based at least in part on the source, whether the source is an unwanted source; and (D) at least partially in response to determining that the source is an unwanted source, taking one or more defensive actions against the source. The one or more defensive actions may include, for example: (1) requiring the source of the access to complete one or more CAPTCHAs; (2) blocking access to the particular web page from the source; and/or (3) providing access to a modified version of the particular webpage to the source.

Abstract: An image forming apparatus is provided that receives data for an authentication print job from an external terminal connected thereto via a network, receives a user authentication request from a user, and executes the job when the user authentication is successfully performed. The image forming apparatus comprises: a display unit; and a display control unit displaying information related to an amount of time expected to be required for the execution of the job on the display unit when the user authentication is successfully performed prior to completion of the reception of the data for the job.

Abstract: Disclosed are various embodiments for a request monitoring application. Content identifiers are generated according to a known sequence or pattern. Requests for invalid content identifiers are logged. Response behavior to subsequent requests is modified when a number of requests from a source having invalid content identifiers meets a threshold.

Abstract: Systems and method for the management of resource dependent workflows are provided. One or more resource control devices monitor usage of a computing resource by server computing devices. Each resource control device may direct a server computing device to proceed with a workflow or to pause processing a workflow. A resource control device may further direct a server computing device to take resource conserving actions. When a computing resource is determined to be available, a resource control device may direct a paused server computing device to resume a workflow.

Abstract: Systems and methods for securing data are disclosed. An administrative system may create a secure configuration. The secure configuration may disable functionality of a managed node that compromises sensitive data. However, the secure configuration may not prevent all user access to the managed node. The administrative system may deploy the secure configuration to at least one managed node. The administrative system may cause the secure configuration to be applied to the at least one managed node.

Abstract: A proxy server creates an index of keywords, receives an encrypted record, decrypts the received encrypted record as decrypted data and, when a keyword in the index is encountered in the decrypted data, associates in the index an encrypted record location identifier with the encountered keyword. The proxy server receives a search query and uses the keyword index to retrieve encrypted records from the server. The encrypted records are decrypted and sent as search results in response to the search query.

Abstract: One embodiment provides an access-control framework for publishing and obtaining a collection of encrypted data in encrypted form. During operation, a content consumer can obtain a Manifest object for a data collection, such that the Manifest includes references to a set of encrypted Content Objects of the data collection, and includes one or more Access Control Specifications (ACS) that each specifies a decryption protocol for decrypting one or more Content Objects of the data collection. The consumer can disseminate Interest messages to receive encrypted Content Objects listed in the Manifest over an Information Centric Network (ICN). The client can also obtain, from the Manifest, an ACS associated with a respective encrypted Content Object, and decrypts the respective encrypted Content Object using the decryption protocol specified in the ACS.

Abstract: A protected querying technique involves creating shingles from a query and then fingerprinting the shingles. The documents to be queried are also shingled and then fingerprinted. The overlap between adjacent shingles for the query and the documents to be queried is different, there being less, or no overlap for the document shingles. The query fingerprint is compared to the fingerprints of the documents to be queried to determine whether there are any matches.

Abstract: A checkpointing method for creating a file representing a restorable state of a virtual machine in a computing system, comprising identifying processes executing within the virtual machine that may store confidential data, and marking memory pages and files that potentially contain data stored by the identified processes; or providing an application programming interface for marking memory regions and files within the virtual machine that contain confidential data stored by processes; and creating a checkpoint file, by capturing memory pages and files representing a current state of the computing system, which excludes information from all of the marked memory pages and files.

Abstract: A virtual storage system in data communication with a user computing device via a communication network and methods of selectively or automatically copying electronic documents to a virtual storage system where the virtual storage system includes at least one processor configured to process, encrypt and copy electronic documents retrieved from an external system, and a plurality of redundant physical storage devices in data communication with the at least one processor and each configured to store the electronic documents retrieved from the external system.

Abstract: A method in one example implementation includes selecting at least one criterion for controlling data transmission from within a virtual machine. At least one application is included within the virtual machine, which includes a policy module. The selected criterion corresponds to at least one policy associated with the policy module. The method also includes evaluating the selected criterion of the policy to permit an attempt to transmit the data from within the virtual machine. In more specific embodiments, the policy may include a plurality of criteria with a first selected criterion permitting transmission of the data to a first application and a second selected criterion prohibiting transmission of the data to a second application. In another specific embodiment, the method may include updating the policy module through an administration module to modify the selected criterion.

Abstract: A system and method for encrypting data provides for retrievial of an encryption key; identification of the address in memory of a first portion of the data to be encrypted; derivation of a first unique key from the encryption key and the address of the first portion of data; encryption of the first portion of data using the first unique key; identification of the address in memory of a second portion of data to be encrypted; derivation of a second unique key from the encryption key and the address of the second portion of data; and encryption of the second portion of data using the second unique key.

Abstract: In various embodiments, a circuit arrangement is provided. The circuit arrangement may include a detection circuit, which is designed to detect light attacks on the circuit arrangement; a processing circuit, which is designed to initiate a current flow through a line for each light attack detected by the detection circuit; and a control circuit, which is designed to enable functioning of a component of the circuit arrangement depending on the conducting state of the line.

Abstract: A platform including an always-available theft protection system is described. In one embodiment, the system comprises an arming logic to arm the platform, when an arming command is received, a risk behavior logic to detect a potential problem when the platform is armed, and a core logic component to provide logic to analyze the potential problem, and to move the platform to a suspecting mode, when the potential problem indicates a theft suspicion. The system, in one embodiment, further comprises configuration logic to configure settings for the system when the platform is in an unarmed mode, the configuration logic including a user logic enabling an authorized user to alter settings and an administrator logic enabling an administrator to alter the settings using an authenticated set request.

Abstract: The present invention is to provide a card reader that can prevent the illegal acquisition of magnetic information recorded on a magnetic stripe, based on an output signal from a pre-head. More specifically described, in a card reader having a card insertion slot for guiding a magnetic card having a magnetic stripe to a transport passage and a pre-head arranged in the vicinity of the card insertion slot for detecting the presence of the magnetic stripe, the pre-head is equipped with a head portion having at least one pair of magnetic cores arranged to be opposite from each other having a magnetic gap between them and coils wound around a pair of the magnetic cores; and a signal different from that of the magnetic information recorded on the magnetic stripe is output from the pre-head.

Abstract: A calibration circuit includes a single-wire memory and a transmission line. The single-wire memory includes a power/interrogation terminal and a ground terminal. The single-wire memory is configured to store calibration data for a sensor. The transmission line is configured to be coupled between the sensor and a sensor reader. The transmission line includes first and second conductors. The first conductor is coupled to the power/interrogation terminal and is configured to provide the calibration data and a sensor output signal to the sensor reader. The second conductor is coupled to the ground terminal and is configured to provide a ground reference for the first conductor, the single-wire memory, and the sensor.

Abstract: A system and its associated methodology for distributed positioning and collaborative behavioral determination among a group of objects, interactive tags associated with each of a plurality of objects provide to each object relative positional data and state information regarding the other nearby objects. Using this information, each object develops a spatial awareness of its environment, including the position and action of nearby objects so as to, when necessary, modify its behavior to more effectively achieve an objective.

Abstract: A register for counting and tracking items in a bag includes a manifest and an RFID reader. The RFID reader is used to query a plurality of RFID tags attached to items contained in the bag. The register creates reports counting and/or identifying changes to items contained in the bag while the bag is routed and/or items in the bag are processed for a customer.

Abstract: A barcode reader and a barcode reading system having an age verification capability are disclosed. The barcode reader may capture a barcode pattern on an identification (ID) card of an individual presented within a field of view of the barcode reader, extract date of birth information from the barcode, and verify an age of the individual. The barcode reader may provide an approve signal if it is verified that the age of the individual is greater than a high threshold or a deny signal if it is verified that the age is less than a low threshold. The low threshold is distinct from the high threshold. The age may be verified by a host computer. The barcode reader may extract a product ID and send the product ID to the host computer. The host computer may then prompt age verification operation if the product is an age-restricted product.

Abstract: The invention provides methods and apparatus for analysis of images of direct part mark identification codes to measure and assess a print quality. Methods to assess the quality of a direct part mark identification code are presented that provide diagnostic information of a code that cannot be assessed using verification methods that require the results of a valid decoding step.

Abstract: An automated checkout system and method of operation for reading encoded data on a bottom surface of an item using a data reader. The automated checkout system includes a leading conveyor section and a trailing conveyor section separated by a gap therebetween, where the item is transported across the gap as it moves between the conveyors. A first and second reading device are each positioned beneath the conveyor sections, where each reading device has a field of view projecting through the gap. The first reading device is configured to acquire a first set of scan data and the second reading device is configured to acquire a second set of scan data different from the first. In some embodiments, the first set of scan data may include two-dimensional area views of the encoded data, and the second set of scan data may include linescans of the encoded data.