Abstract: In one example, a method of protecting customer data in a networked system comprises collecting sensor data available at sensor nodes within a sensor network in communication with a service data platform over a network. The method includes encrypting the sensor data using a certified public key associated with a customer key-pair, the sensor data representing the customer data associated with sensitive identification information. The sensor data is cryptographically signed with a device private key. The method includes transporting the encrypted sensor data to the service data platform for storage, and decrypting at the service data platform, the encrypted sensor data using a private key sharing scheme that reconstructs the private key associated with the customer key-pair using a first share and a password encrypted second share, the first share assigned to the service data platform and the password encrypted second share assigned to a customer of the customer key-pair.

Abstract: A number of transmissions of secure data communicated between a secure trusted device and an unsecure untrusted device in a DBMS is controlled. The data is communicated for database transaction processing in the secure trusted device. The number of transmissions may be controlled by receiving, from the untrusted device, an encrypted key value of a key and a representation of an index of a B-tree structure, decrypting, at the trusted device, the key and one or more encrypted index values, and initiating a transmission, a pointer value that identifies a lookup position in the index for the key. The index comprises secure, encrypted index values. Other optimizations for secure processing are also described, including controlling available computation resources on a secure trusted device in a DBMS and controlling transmissions of secure data that is communicated between a secure trusted device and an unsecure untrusted device in a DBMS.

Abstract: A method, system and computer-usable medium are disclosed for injecting functionality into a security intelligence platform, comprising: providing the security intelligence platform with a plurality of backend endpoints; generating a modification to the security intelligence platform according to an application framework, the modification comprising metadata associated with functionality, the metadata corresponding to a predefined format; and, merging the modification with the security intelligence platform via a secure container system container.

Abstract: Disclosed are various embodiments for a request monitoring application. Content identifiers are generated according to a known sequence or pattern. Requests for invalid content identifiers are logged. Response behavior to subsequent requests is modified when a number of requests from a source having invalid content identifiers meets a threshold.

Abstract: A method of encrypting information using a computational tag may include, by a mobile electronic device, detecting a computational tag within a near field communication range of the mobile electronic device, identifying a document to be encrypted by the mobile electronic device, transmitting the document to the computational tag by the mobile electronic device, receiving, from the computational tag, an encrypted document, wherein the encrypted document comprises an encrypted version of the document that was to be encrypted, and storing the encrypted document in a memory of the mobile electronic device.

Abstract: The computer-implemented method for managing a debugging process can include receiving a request for the debugging process from a first principal, the debugging process accesses a system process for an object of a computer program operating on a computer, the computer having a call stack that stores information about one or more active subroutines of the object. The method can also include determining that the first principal has at least an access permission to the object. The method can include granting, based on the access permission of the first principal, a debugging access permission to the first principal for a restricted code path of the call stack, the restricted code path allows a restricted view of the call stack to the first principal. The method can include providing one or more debugging details on the object to the first principal.

Abstract: Embodiments disclosed herein provide systems, methods, and computer-readable media for accessing a wearable computing system using randomized input origins for user login. In a particular embodiment, a method provides presenting a user with a first origin on which user login information is based, wherein the first origin is randomly selected from a plurality of possible origins. The method further provides, receiving first motion information from the user indicating a first position relative to the first origin that corresponds to a first element of the user login information. Upon receiving the user login information, the method provides determining whether the user login information authorizes the user to access the wearable computing system.

Abstract: Methods and systems for a networked storage environment are provided. For example, one method includes generating by a processor in response to a request, a storage service level class (SLC) defined by a storage attribute and a protection SLC defined by a protection attribute for a storage item managed by a storage server, where the storage attribute provides a performance level for the storage item and the protection attribute provides a protection level for the storage item; identifying by the processor, a first resource for complying with the storage attribute of the storage SLC for storing the storage item; configuring a second resource for complying with the protection attribute of the protection SLC for storing information associated with the storage item; and monitoring the first resource for compliance with the storage attribute for the storage SLC.

Abstract: Described herein are method and system for providing secure access and data storage to mobile computing devices utilizing wireless connection. A personal data storage device stores and provides identity tag and owner's data. A physically separated mobile computing device reads and validates the identity tag from the personal data storage device; upon validation, grants access to operate the mobile computing device; upon validation, grants the mobile computing device access to read data from and write data to the personal data storage device. The establishment of the wireless connection requires concurrent physical presence of both devices within a predetermined proximity.

Abstract: A system for securing electronic devices includes a storage device including a storage device controller processor, at least one non-transitory machine readable storage medium in firmware of the storage device communicatively coupled to the storage device controller processor, and a monitor application comprising computer-executable instructions on the medium. The instructions are readable by the storage device controller processor. The monitor application is configured to provision one or more read-only areas of the storage device, provision a candidate copy area of the storage device, reduce a maximum capacity available for user data on the storage device by a size of the read-only areas and the candidate copy area, and secure access to the read-only areas of the storage device.

Abstract: Methods, systems, and computer program products for accessing a database element are described. A table link of a persistency interface is defined, the table link being a representation of a table of a persistency schema. A role for the persistency interface is defined, the role defining a type of access for a specified portion of the database element.

Abstract: Methods, systems, and computer-readable storage media for processing queries in analytical web applications over encrypted data. Implementations include actions of receiving, by a database driver executed on a server-side computing device and from a client-side proxy, a query and one or more encryption keys, the one or more encryption keys having been selected by the client-side proxy based on operations required to perform the query, performing at least one operation of the query to provide a query result including encrypted data, and transmitting, by the database driver, the encrypted data to the client-side proxy, the client-side proxy processing the encrypted data to provide plaintext data to an end user.

Abstract: Audit logs are a fundamental digital forensic mechanism for providing security in computer systems. In one embodiment, a system that enables the verification of log data integrity and that provides searchable encryption of the log data by an auditor includes a key generation center, logging machine, and an auditor computing device. The system enables Compromise-Resilient Searchable Encryption, Authentication and Integrity, Per-item QoF with E&A for Searchable Encrypted Audit Logs, and a Key Management and System Model.

Abstract: A prompt for input data in a user interface (UI) is detected. An input window to receive the input data is presented, and the input data is received via the input window. The input data is encrypted by the input window, and the encrypted data is stored to a memory. A copy of the stored encrypted data is forwarded to a server device. In one example, portions of the encrypted data may be forwarded to the server device in separate transmissions.

Abstract: According to some embodiments, methods disclosed herein include: creating a user account for a first user; receiving identification information and one or more documents associated with the first user; associating one or more authorized users with the user account and receiving identification information associate with each authorized user; storing the identification information associated the first user, the one or more document associated with the first user, and the identification information associated with each authorized user; and assigning the user account a first status, wherein the one or more authorized users are not granted access to the user account when the user account is assigned the first status.

Abstract: A system and method for distributed policy-based confidentiality management provides comprehensive management of information security and ethical walls. It streamlines processes for securing confidential information without creating productivity barriers, provides interfaces to support processes of each major audience in a professional service enterprise across multiple systems and allows creation of enterprise policy types for different scenarios and systems affected by the policies. It supports standard policy types and those for lateral hires, ITAR, data privacy, price sensitivity, trade secrets, and conflicts of interest and provides two-stage review to prevent incorrect policy application. A distributed access control system provides user interfaces for granting, denying, and requesting access in a distributed fashion. Reports sort information governance policies by user/group, client/engagement, or policy type.

Abstract: System and method to produce an anonymized cohort, members of the cohort having less than a predetermined risk of re-identification. The method includes receiving a data query of requested traits to request in an anonymized cohort, querying a data source to find records that possess at least some of the traits, forming a dataset from at least some of the records, and calculating an anonymity histogram of the dataset. For each patient record within the dataset, the method anonymizes the dataset by calculating using a threshold selector whether a predetermined patient profile within the dataset should be perturbed, calculating using a value selector whether a value within the indicated patient profile should be perturbed, and suppressing an indicated value within the indicated patient profile. The anonymized dataset then is returned.

Abstract: A hardware Secure Processing Unit (SPU) is described that can perform both security functions and other information appliance functions using the same set of hardware resources. Because the additional hardware required to support security functions is a relatively small fraction of the overall device hardware, this type of SPU can be competitive with ordinary non-secure CPUs or microcontrollers that perform the same functions. A set of minimal initialization and management hardware and software is added to, e.g., a standard CPU/microcontroller. The additional hardware and/or software creates an SPU environment and performs the functions needed to virtualize the SPU's hardware resources so that they can be shared between security functions and other functions performed by the same CPU.

Abstract: A trusted computing device (TCD) includes an isolated environment, host interface, secure interface, and program instructions. The environment includes an isolated environment processor (IEP), memory (secure and non-secure partition), and an auxiliary processor (AP). Memory and AP are connected for data communication with the IEP, and communicate with a host only through the IEP. The host interface and each secure interface are connected for data communication with the IEP.

Abstract: An electronic apparatus includes an authentication unit that performs authentication for determining whether a battery is a genuine battery, a storage unit that stores an authentication result representing a result of the authentication, a charging unit that charges the battery with power received from a power transmission device, and a control unit that controls the charging unit so that charging of the battery is started when the power transmission device is determined to be a device that satisfies a predetermined condition and the battery is authenticated to be a genuine battery. When the authentication result is stored in the storage unit, the authentication unit does not perform new authentication. When the authentication result is stored in the storage unit, the control unit controls the charging unit so that charging of the battery is started based on the stored authentication result.

Abstract: Provided are methods, systems, devices of a security-driven design method. The present methods and systems can enable integration of security requirements in the early stages of design along with other design constrains so that potential attacks during IC development, usage, and retirement would render ineffectual. Example methods and systems can comprise circuits and circuit design using vanishable logic through a novel hybrid design method. An example method or system can comprise vanishable logic based on hardware re-configuration and transformation by employing non-volatile memory cells.

Abstract: An electronic device for near field communication (NFC) device comprises a front end unit adapted to communicate with an external reader/writer device, the front end unit including a first memory adapted to store a check identifier, said check identifier being adapted to match one or more first identifiers, and a processing unit including a second memory being adapted to store one or more applications and one or more first identifiers, wherein a first identifier is assigned to one or more applications.

Abstract: A tag writer, reader and method are disclosed. The tag writer is operable to generate a security identifier during writing of data to the tag, the security identifier being dependent on one or more of the data written, data already on the tag, metadata associated with the data, the tag and/or the writing of the data.

Abstract: Techniques to facilitate identification of industrial equipment using micro-location services in an industrial automation environment are disclosed herein. In at least one implementation, an identification signal is detected transmitted from a wireless transceiver associated with an asset of the industrial automation environment. The identification signal is processed to determine an identity of the asset. Information associated with the asset is retrieved based on the identity of the asset. The information associated with the asset is displayed on a display system of a computing system.

Abstract: A radio frequency identification (RFID) integrated circuit includes a transceiver and a processing device. The transceiver may to transmit a first continuous wave radio frequency (RF) signal to a bridge in a no-wire format via an antenna, where the transceiver is to start transmitting the modulated or continuous wave RF signal at a first amplitude value and increase an amplitude of the modulated or continuous wave RF signal to a second amplitude value at which an acknowledge (ACK) pulse is detected. The transceiver may receive a reflected wave RF signal in the no-wire format. The processing device may detect the ACK pulse in the reflected wave RF signal. The processing device may transmit a second modulated or continuous wave RF signal to the transceiver in the no-wire format.

Abstract: A motor drive according to an embodiment of the present invention, which is a motor drive for driving a motor, includes a detection circuit for detecting the state of the inside of the motor drive; a first memory and a second memory for storing information including a detection value indicating the state detected by the detection circuit; an RF tag having the first memory; an interface circuit for transmitting and receiving information to and from external equipment; and a controller for transmitting at least a part of the information stored in the second memory to the outside through the RF tag or the interface circuit.

Abstract: Scanners, methods, and computer storage media having computer-executable instructions embodied thereon that process variable sized objects with high package pitch on a moving conveyor belt are provided. The scanners are laser scanners that include at least two laser diodes, sensors, and field programmable gate arrays processors. The at least two laser diodes have different focuses. Each diode generates a laser beam when excited by an activation signal and an appropriate modulation. The sensors within the laser scanner device measure light reflected from a target on the objects. The processors toggle activation among the at least two laser diodes based on measurements sensed from the light reflected from the target.

Abstract: The present invention relates to a method and system for data tagging in the field of computer technologies. In this method, a user terminal acquires tag data, obtains information about services and functions associated with the tag data, then interacts with target servers to exchange service and function information, and fulfills appropriate services and functions to complete the business application. The disclosed data tagging method and system allow user terminal to interact with directly target servers that are associated with relevant services and functions, which allows functions to be realized in distributed target servers, which simplifies the implementations of tag data, reducing the cost to setting servers. The disclosed data tagging methods allow more extensive applications of data tagging, improved user experiences, simplified processes, and lower costs.

Abstract: An information collecting system and method based on two-dimensional code are provided. The information collecting system comprises an intelligent terminal and an information collecting end. The intelligent terminal comprises: a first communication module; a first storage module; a display module; a first processing module; an input module; a two-dimensional code output module I; and a two-dimensional code generation module I. The information collecting end comprises: a second communication module; a second storage module; a two-dimensional code recognition module II; and a second processing module.

Abstract: Embodiments of the present invention are directed to document processing, and more particularly to systems and methods that can utilize relative positions between the content of the document and a decodable indicia affixed to the document. In one embodiment, indicia reading terminals are provided that include an imaging module for capturing a frame of image data of a document. The document can include one or more decodable indicia such as a form barcode and various content fields, which delineate particular content of the document. The form barcode can include information respecting the form design and form design data. This information can be used to process the content of the document such as by providing coordinates or similar location and positioning metrics for use in processing the content of the document.

Abstract: In one aspect, a fingerprint sensor device includes a substrate and a sensor chip disposed over the substrate. The sensor chip includes an array of sensor pixels configured to generate fingerprint data by sensing ridges and valleys of a surface of a finger contacting the fingerprint sensor device. Each sensor pixel includes a single sensor electrode an amplifier having an inverting terminal electrically connected to the sensor electrode and a non-inverting terminal electrically connected to a drive signal. The drive signal generates electric fields between the sensor electrode and at least one of the ridges and valleys of the surface of the finger contacting the fingerprint sensor device to generate a variable capacitor having a variable capacitance based at least partly on a distance between the sensor electrode and the at least one of the ridges and valleys of the finger.

Abstract: According to one embodiment, a sensor includes a first control line, a first signal line, a first detection switch, a common electrode, a first detection electrode, a first circuit and a second circuit. The common electrode is located above the first control line, the first signal line and the first detection switch, opposed to the first control line, the first signal line and the first detection switch. The first detection electrode is located above the common electrode. The first circuit and the second circuit are located under the common electrode, and are opposed to the common electrode.

Abstract: An optical device includes a first substrate, a second substrate, a first transmitting portion, N light-emitting portions, and a light-receiving portion. The first transmitting portion is disposed in the first substrate. The N light-emitting portions are disposed in the first substrate, and the N is an integer of 2 or more. The light-receiving portion is configured to receive light passing through the first transmitting portion and is disposed in the second substrate.

Abstract: A glass sensor substrate including metallizable through vias and related process is provided. The glass substrate has a first major surface, a second major surface and an average thickness of greater than 0.3 mm. A plurality of etch paths are created through the glass substrate by directing a laser at the substrate in a predetermined pattern. A plurality of through vias through the glass substrate are etched along the etch paths using a hydroxide based etching material. The hydroxide based etching material highly preferentially etches the substrate along the etch path. Each of the plurality of through vias is long compared to their diameter for example such that a ratio of the thickness of the glass substrate to a maximum diameter of each of the through vias is greater than 8 to 1.

Abstract: The present disclosure is applicable to the technical field of fingerprint identification, and provides a fingerprint decryption method and device. The method includes the following steps: receiving N input fingerprints, N being an integer greater than or equal to 2; and decrypting a to-be-decrypted object according to the N input fingerprints, the to-be-decrypted object being encrypted by using N preset fingerprints. According to the present disclosure, the to-be-decrypted object is decrypted by using an input fingerprint combination of two or more fingerprints, which improves data security of the mobile terminal.

Abstract: The present invention provides a fingerprint recognition device, a display screen and a display device, which belong to the field of display technology and can solve the problem of high cost for conventional fingerprint recognition devices The fingerprint recognition device of the present invention arranged at a light emitting side of a display panel includes a protection substrate, a glass base positioned under the protection substrate, a plurality of detecting electrodes formed on the glass base, capacitance being formed between the plurality of detecting electrodes and ridges or valleys of a fingerprint when touching occurs, and a control unit used to recognize the fingerprint based on the capacitance. The fingerprint recognition device of the present invention has a simple structure and a low cost.

Abstract: This disclosure relates to a method, apparatus, and non-transitory computer-readable storage medium for fingerprint recognition. Aspects of the disclosure provide a method for fingerprint recognition. The method includes receiving a fingerprint recognition command from a user, determining a region including positions of respective light sensors covered by at least one finger, selecting a set of fingerprint recognition sensors from a plurality of fingerprint recognition sensors based on the region, and acquiring, via the set of fingerprint recognition sensors, fingerprint data from the at least one finger.

Abstract: A fingerprint information processing method and apparatus in which the method includes: obtaining a fingerprint image; calculating an average value of shading values of pixels in a specific region based on a pixel with respect to each pixel of the fingerprint image, performing a first processing of calculating a sum of average values of shading values of pixels included in an expanded region while gradually expanding the specific region, and generating a first processing image for the fingerprint image using a first processing-performed value for each pixel; and forming a window including a predetermined region in the first processing image, and selecting feature points among pixels in a window region while moving the window.

Abstract: A fingerprint identification system, a fingerprint processing method, and a fingerprint processing apparatus are provided in embodiments of the present disclosure, which pertains to the filed of the fingerprint identification technologies. The method includes: acquiring, in a registration mode, multiple pictures obtained via fingerprint scanning by a designated zone in a scanning area of a sensor when a finger of a user swipes through the designated zone; stitching the multiple pictures to form a fingerprint image according to feature values which are same in multiple pictures; and storing the fingerprint image or feature values of the fingerprint image into a registration template. According to the present disclosure, scanning time may be reduced and operations are simple, and accordingly efficiency of the fingerprint registration is improved.

Abstract: The present invention provides a method for providing feedback to a user during a 3D scanning session and guides the user to finish scanning completely.

Abstract: A system for detecting, identifying and tracking objects of interest over time is configured to derive object identification data from images captured from one or more image capture devices. In some embodiments of the system, the one or more image capture devices perform a first object detection and identification analysis on images captured by the one or more image capture devices. The system may then transmit the captured images to a server that performs a second object detection and identification analysis on the captures images. In various embodiments, the second analysis is more detailed than the first analysis. The system may also be configured to compile data from the one or more image capture devices and server into a timeline of object of interest detection and identification data over time.

Abstract: A non-invasive biometrical identification method and system (100) of animals, comprising: receiving characteristic data of an individual from at least one biometric sensor (102); processing the characteristic data to form biometric data identifying minutiae based skin markings of the individual and biometric data identifying physical characteristics of the individual; evaluating the biometric data identifying minutiae based skin markings of the individual and biometric data identifying physical characteristics of the individual to form biometric characteristic data of the individual; comparing the biometric characteristic findings of the individual to characteristic data of predetermined registered individuals; determining whether the individual is registered; giving the individual a unique identification if the individual is not registered; and registering the unique identification in a data storage (112).

Abstract: An object detection method and an object detection apparatus are provided. The object detection method comprises: mapping at least one image frame in an image sequence into a three dimensional physical space to obtain three dimensional coordinates of each pixel in the at least one image frame; extracting a foreground region in the at least one image frame; segmenting the foreground region into a set of blobs; and detecting, for each blob in the set of blobs, an object in the blob through a neural network based on the three dimensional coordinates of at least one predetermined reference point in the blob, to obtain an object detection result.

Abstract: A method, apparatus and computer program product are provided for object identification and location correlation based on received images. A method is provided including receiving identity data associated with an object derived from one or more of a plurality of images determining an identity of an object in one or more of the plurality of images, receiving location information associated with a camera which captured the plurality of images, and correlating the identified object with a location for each of the respective images of the plurality of images.

Abstract: Some implementations provide a machine-assisted method for screening a person, the method including: receiving, at a scanning device, an identification document presented by the person, the identification document showing a machine-readable code that encodes personally identifiable information of the person, a biometric of the person, and printed information; scanning the machine-readable code on the identification document to extract personally identifiable information of the person; comparing the extracted personally identifiable information against records stored at a database; determining that the extracted personal identifiable information matches a record stored at the database; receiving data encoding the biometric of the person on the identification document for comparison with the person presenting the identification document; receiving a determination that the biometric from the identification document identifies the person presenting the identification document; and determining whether the identifi

Abstract: A method may comprise obtaining image data of a plurality of digital image frames captured of an assumed eye having an iris and a pupil while illuminating the assumed eye from different directions; and automatically detecting a characteristic feature of the iris on the basis of image data of the at least two of the plurality of digital image frames.

Abstract: An asymmetric aperture device for a camera is provided that improves light gathering properties by increasing both the light gathering opening of the aperture and the number of light producing light sources placed on the aperture. An asymmetric aperture design is provided that utilizes a significantly larger portion of the camera lens. The tradeoff between the competing objectives of maximizing camera depth of field and maximizing the production of useful focus-condition information within the camera image is optimized. More illumination is provided without significantly increasing the lateral size of the illuminator pattern.

Abstract: Methods and systems are presented for obtaining photographic data recently taken via one or more airborne vehicles (drones, e.g.) and for prioritizing forestry-related review and decision-making as an automatic response to the content of the photographic data even where remote decision-makers are only available via limited-bandwidth connections.

Abstract: A system and method are provided for analyzing a video. The method comprises: sampling the video to generate a plurality of spatio-temporal video volumes; clustering similar ones of the plurality of spatio-temporal video volumes to generate a low-level codebook of video volumes; analyzing the low-level codebook of video volumes to generate a plurality of ensembles of volumes surrounding pixels in the video; and clustering the plurality of ensembles of volumes by determining similarities between the ensembles of volumes, to generate at least one high-level codebook. Multiple high-level codebooks can be generated by repeating steps of the method. The method can further include performing visual event retrieval by using the at least one high-level codebook to make an inference from the video, for example comparing the video to a dataset and retrieving at least one similar video, activity and event labeling, and performing abnormal and normal event detection.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for controlling access to physical areas. One of the methods includes receiving, from at least one of one or more sensors, data identifying a vehicle at a border crossing station, determining current weather conditions for the border crossing station, evaluating whether the current weather conditions are favorable to inspection of the vehicle by a mobile camera, determining that the current weather conditions are favorable to inspection of the vehicle by a mobile camera, and in response to the determination that the current weather conditions are favorable to inspection of the vehicle by a mobile camera, providing at least one of one or more mobile cameras with instructions to cause each of the at least one of the mobile cameras to inspect the vehicle.