Abstract: Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or data isolation. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a rootkit defense mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it), inter alia, for detection and/or prevention of malicious code, for example, in a manner/context that is isolated and not able to be corrupted, detected, prevented, bypassed, and/or otherwise affected by the malicious code.

Abstract: A kernel-level security agent is described herein. The kernel-level security agent is configured to observe events, filter the observed events using configurable filters, route the filtered events to one or more event consumers, and utilize the one or more event consumers to take action based at least on one of the filtered events. In some implementations, the kernel-level security agent detects a first action associated with malicious code, gathers data about the malicious code, and in response to detecting subsequent action(s) of the malicious code, performs a preventative action. The kernel-level security agent may also deceive an adversary associated with malicious code. Further, the kernel-level security agent may utilize a model representing chains of execution activities and may take action based on those chains of execution activities.

Abstract: A method and an apparatus of providing an access page are disclosed. The apparatus firstly obtains an access page that is sent by a network device and is to be provided to a user device, determines an XSS processing module corresponding to the access page, and forwards the XSS processing module and the access page to the user device, wherein the XSS processing module is executed to process XSS information on the access page when the access page is loaded by the user device. The disclosed apparatus can configure a processing module for detecting XSS information that is tailored to each access page, thus avoiding false negatives in detection of an access page in the existing technologies, and ensuring to prompt and stop anomalies on the access page in time when the access page is insecure.

Abstract: An approach is provided for controlling a task to perform a change ticket. The task is correlated with command(s) to perform the task, and first and second computer system(s). Authorized user(s) utilize the first computer system(s) to remotely log into respective second computer system(s). A requestor utilizes a first computer system to make a request to execute one of the command(s). A second computer system is determined to be remotely logged into by the first computer system to receive the request. It is determined whether (a) the first computer system is one of the first computer system(s) correlated with the task and (b) the second computer system is one of the second computer system(s) correlated with the task. Based in part on (a) and (b) being true, the requested command is executed. If (a) or (b) is false, then execution of the requested command is prevented.

Abstract: A hardware platform includes a nonvolatile storage device that can store system firmware as well as code for the primary operating system for the hardware platform. The hardware platform includes a controller that determines the hardware platform lacks functional firmware to boot the primary operating system from the storage device. The controller accesses a firmware image from an external interface that interfaces a device external to the hardware platform, where the external device is a firmware image source. The controller provisions the firmware from the external device to the storage device and initiates a boot sequence from the provisioned firmware.

Abstract: A method, system, and computer program product for protecting a computer system provides bootstrap operating system detection and recovery and provides the capability to detect malware, such as rootkits, before the operating system has been loaded and provides the capability to patch malfunctions that block the ability of the computer system to access the Internet. A method for protecting a computer system includes reading stored status information indicating whether network connectivity was available the last time an operating system of the computer system was operational, when the stored status information indicates that network connectivity was not available, obtaining a software patch, and executing and applying the software patch.

Abstract: A storage device is provided with memory configured to store user authentication data for accessing an operating system executing on a host computer. A processor is provided to receive a command indicating readiness to accept input from the operating system, and to retrieve the user authentication data from the memory in response to the command.

Abstract: In one implementation, a system for risk scoring a software application includes a component score engine to calculate an impact component score and a likelihood component score for a security vulnerability during development of the software application based on a plurality of scored descriptions of security risk elements for the software application. In addition, the system includes a total risk score engine to calculate a total security risk score for the software product application on the impact component score and the likelihood component score for the security vulnerability of the software application. In addition, the system includes a risk characterization engine to assign a risk characterization to the software product based on where the total risk score falls within a predetermined scale.

Abstract: The present invention relates to a method and a framework that automatically and dynamically derives a misuseability score for every IT component (e.g., PC, laptop, server, router, smartphone, and user or any other element that can be connected to organization network or to the internet). The dynamic framework of the present invention supports the risk analysis process. The misuseability score encapsulates the potential damage that can be caused to the organization in case that an asset is compromised and misused, for example, as part of a cyber-attack.

Abstract: Methods, systems, and computer readable media for preventing code reuse attacks are disclosed. According to one method, the method includes executing, on a processor, code in a memory page related to an application, wherein the memory page is protected. The method also includes detecting a read request associated with the code. The method further includes after detecting the read request, modifying, without using a hypervisor, at least one memory permission associated with the memory page such that the code is no longer executable after the code is read.

Abstract: The disclosed principles describe systems and methods for assessing the security posture of a target device, wherein the assessment is performed by a scanning computer in communication with the target device via a communication network. By employing a system or method in accordance with the disclosed principles, distinct advantages are achieved. Specifically, conducting such a remote scan allows for the scanner computer to perform a remote scan of the remote device without installing client software to the remote device. Thus, the disclosed principles reduce the need for internal IT resources to manage the deployment and updates of client software on the target device. Also, conducting a remote scan according to the disclosed principles allows for the remote scan to be performed even if the scanner computer and remote device run different operating systems.

Abstract: Systems and methods for privacy-preserving data loss detection include performing a sweep of online information for a candidate data leakage to generate an online data set; performing an analysis of the online data set to determine that the online information is a candidate data leakage; the host encrypting the data communication and providing the host-encrypted data communication to a software agent at the enterprise; in response to receiving the host-encrypted data communication, the software agent encrypting a database of enterprise information and re-encrypting the host-encrypted data communication, and providing the same to the host; the host decrypting a host-encrypted aspect of the re-encrypted data communication to generate a software agent-encrypted data communication; determining whether a match exists between the encrypted database of information and the software agent-encrypted data communication; and based on whether the match exists, the software agent taking a first action or the host taking a

Abstract: The present invention provides a data encryption method, and the method includes: writing collected data into a memory; encrypting the collected data in the memory; and writing the encrypted data into an external storage. The present invention further provides a corresponding encryption apparatus. By using the encryption method and the encryption apparatus that are provided in the present invention, in a process of writing data into a file, the written data may be encrypted, and when the file is stored to an external storage, encryption of the file is implemented, thereby effectively ensuring timeliness of data encryption.

Abstract: This application discloses a controller area network node including a controller and a transceiver. The transceiver includes security circuitry to perform various security checks on messages the controller area network node intends to have transmitted over a shared bus in a controller area network. The security circuitry can determine whether the messages conform to the rules associated with a design and a traffic scheduling of the controller area network. Some of those rules include that the controller area network node transmit messages with identifiers that were assigned to the controller area network node, or transmit messages with a specified timing. When the security circuitry identifies one of the messages fails to conform to the rules for the controller area network, the security circuitry can initiate a security action, such as refusing or delaying transmission of the messages or reporting the rules violation to the controller.

Abstract: Apparatuses, methods and storage medium associated with electronic production of documents for a discovery request are disclosed herein. In embodiments, an apparatus for producing document for a discovery request may comprise a privilege log generator to generate a privilege log for a plurality of electronic documents to be produced for a discovery request, wherein at least a subset of the plurality of electronic documents are at least partially privilege protected. Further, the privilege log generator may include a name-email normalization function to provide assistance in normalization of names or email addresses contained in the electronic documents for the privilege log. Other embodiments may be disclosed or claimed.

Abstract: In a system for providing access control management to electronic data, techniques to secure the electronic data and keep the electronic data secured at all times are disclosed. According to one embodiment, a secured file or secured document includes two parts: an attachment, referred to as a header, and an encrypted document or data portion. The header includes security information that points to or includes the access rules and a file key. The access rules facilitate restrictive access to the secured document and essentially determine who/when/how/where the secured document can be accessed. The file key is used to encrypt/decrypt the encrypted data portion. Only those who have the proper access privileges are permitted to retrieve the file key to encrypt/decrypt the encrypted data portion.

Abstract: An information handling system includes a first database and a second database. A server submits a request received by the first database instead to the second database by 1) establishing a service to the second database, the service having write privileges, 2) establishing a service user account that includes the write privilege, and 3) editing the request to include a link to the second database.

Abstract: Disclosed are low-complexity schemes to store information in a distributed manner across multiple nodes of a computer system. The schemes are resilient to node failures and resistant to node eavesdropping. The disclosed schemes may be used in conjunction with RAID systems, and when used in such systems may be referred to as“secure RAID”.

Abstract: A display is presented on a screen of a mobile device having an electromagnetic radiation source. The electromagnetic radiation source is activated while confidential data is being input in an input field of the display. The electromagnetic radiation source is deactivated after completion of the confidential data in the input field of the display.

Abstract: A computer implemented method of dynamically analyzing a data flow of a dynamic language program to determine access rights to data items, comprising: 1) Executing a dynamic language program. 2) During the execution, each of a plurality of data items is stored in a data wrapper that further contains a metadata record indicative of one or more characteristics of a respective data item. 3) Receiving a request from a process of the dynamic language program to access one or more requested data items of the plurality of data items. 4) Determining whether the process is allowed to access the one or more requested data item according to an analysis of a classification of the process compared to the one or more characteristics indicated by the metadata record associated with each of the one or more requested data items. 5) Generating a response to the process according to the determination.

Abstract: Embodiments of the invention are directed to a system, method, or computer program product for a transaction apparatus for secure data storage and consolidation of medication adherence, health and wellness data for easy implementation and utilization during a transaction. The transaction apparatus may be configured, in various embodiments, for receiving, storing, encrypting, decrypting, encoding, decoding, accessing, transferring, writing, and/or presenting transaction data including, but not limited to, health care data, medication adherence data, wellness data, location data, authentication data, identification data, access data, personal data, and/or other data associated with a user. As such, the transaction apparatus may receive data from a user and store the data. The user may then provide authorization to access the data. The user may then select the data to be copied to an output device associated with the apparatus.

Abstract: System, methods, and computer program products are provided for interfacing between one of a plurality of service provider (SP) trusted service managers (TSM) and one of a plurality of secure elements (SE). A first request including a mobile subscription identifier (MSI) is received from an SP TSM over a communications network. At least one memory is queried for SE data including an SE identifier corresponding to the MSI. The SE data is transmitted to the SP TSM over the communications network. A second request based on the SE data is received from the SP TSM over the communications network. A third request, based on the second request, is transmitted, over a mobile network, to an SE corresponding to the SE data. The mobile network is selected from multiple mobile networks, and is determined based on the SE data queried from the memory.

Abstract: Approaches for determining a potential merchant breach are described. A system can acquire card transaction data from one or more sources such as merchants or financial institutions, in some instances at a predetermined time interval. Cards associated with the card transaction data can be analyzed to determine the health of a particular card, including the likelihood that the particular card has been compromised. A set of cards are accumulated, and their associated health data is stored. Based on the information obtained from a source, and the health associated with a set of cards, a potential date where a merchant was breached can be determined and fraudulent purchases can be prevented.

Abstract: This disclosure provides for implementing a firmware security interface within a field-programmable gate array (FPGA) for communicating between secure and non-secure environments executable within the FPGA. A security monitor is implemented within the programmable logic of the FPGA as a soft core processor and the firmware security interface modifies one or more functions of the security monitor. The modifications to the security monitor include establishing a timer “heartbeat” within the FPGA to ensure that the FPGA invokes a secure environment and raising an alarm should the FPGA fail to invoke such environment.

Abstract: In an example, transactions are secured between electronic circuits in a memory fabric. An electronic circuit may receive a transaction integrity key. The electronic circuit may compute a truncated message authentication code (MAC) using the received transaction integrity key and attach the truncated MAC to a security message header (SMH) of the transaction.

Abstract: A card reader includes a card reader housing with a card insertion opening, a contact unit, which is arranged in the card reader housing, and a hood which covers the contact unit, apart from the card insertion opening. The hood is back-moulded on the inner side with an at least two-layered conductor track foil. The first layer, which faces the hood, has an extensive drill-protection conductor track structure with at least one continuous drill-protection conductor track. The second layer, which faces away from the hood, has a lift-off protection conductor track structure with at least one lift-off-protection conductor track. The at least one drill-protection conductor track is routed onto the second layer by means of through connections of the conductor track foil and ends in electrical connection contacts of the second layer. The at least one lift-off-protection conductor track ends in electrical connection contacts of the second layer.

Abstract: When multiple readers for RF transponders have to be placed in close proximity, such as in adjacent lanes of a highway toll barrier, they can be set to operate at different frequencies. When signals from two adjacent ones of the readers interfere, the resulting signal includes interference terms whose frequencies equal the sum of the reader frequencies and the difference between the reader frequencies. To remove such interference terms while passing the desired terms, a tag includes a low-pass or other frequency-selective filter.

Abstract: A method of establishing a location beacon includes establishing a bi-directional wireless radiofrequency connection between a directed light beacon device and a networked device in communication with a central server; assigning a beacon identification code to the directed light beacon device at the central server; transmitting the beacon identification code to the directed light beacon device through the bi-directional wireless radiofrequency connection; and transmitting the beacon identification code in a directed light beacon signal from the directed light beacon device.

Abstract: Embodiments of the invention for the track, categorize, or authenticate the provenance of historical artifacts. The invention couples an artifact to at least one unique identifier. Unique identifiers may be attached to or be contained within an artifact. Unique identifiers are coupled to a data storage archive where historical information relating to the artifact are stored. In certain embodiments the data storage archive is a database or relational database. Artifacts incorporated into the invention, may be objects used in sports, be objects used in politics, or may be personal objects. The invention tracks the use of artifacts and records historical information corresponding to the artifact in the data storage archive. Historical information recorded may include the time, or place where an artifact was used.

Abstract: Tags are used to recover lost objects. Each tag transmits identification information to passing communications devices, such as a cellular phone. The cellular phone then uploads the tag's identification information, along with a location, to a central network database. The central network database thus stores a central repository identifying locations associated with tags discovered by passing communications devices.

Abstract: Systems and methods provide an illumination assembly for a mark reader. A light transmitter is arranged in a surrounding relationship to an interior area, with the light transmitter having a proximal end and a distal end. An illumination source provides a light for transmission into the light transmitter. The light transmitter distal end allows the light from within the light transmitter to pass through and out of the distal end to provide bright field illumination and dark field illumination. The light transmitter distal end may include a first portion and a second portion, where light from within the light transmitter passes through and out of the first portion to provide bright field illumination, and light from within the light transmitter passes through and out of the second portion to provide dark field illumination.

Abstract: A printing device includes: a casing, a display member, a printed circuit board, and a key sheet. The display member is configured to display information thereon. The display member has an edge face. The key sheet is fixed to the casing and faces the printed circuit board. The key sheet includes: a base sheet, a plurality of key tops, and a protruding part. The base sheet provides elasticity and is positioned beside the display member. The base sheet has a peripheral edge facing the edge face of the display member. The plurality of key tops is provided at the base sheet. The protruding part is provided at the base sheet. The protruding part includes a first protruding part protruding from the peripheral edge of the base sheet toward the display member and contacting the edge face of the display member to urge the display member.

Abstract: At least one image captured by an image capture device of a delivery drone can be processed to identify at least one optical marker contained in the image. The optical marker can display at least one machine readable optical label, or alphanumeric characters, indicating a cargo recipient. Responsive to identifying the optical marker, image processing on the image can be performed to generate data corresponding to the machine readable optical label or alphanumeric characters. Whether the data corresponds to an intended cargo recipient of a cargo being carried by the delivery drone can be determined. Responsive to determining that the data corresponding to the machine readable optical label or alphanumeric characters corresponds to the intended cargo recipient of the cargo being carried by the delivery drone, the delivery drone can be initiated to deliver the cargo at a specific location indicated by the optical marker.

Abstract: Systems and methods for extracting information from a scanned item having a plurality of regularly spaced row marks along at least part of a length of the scanned item are disclosed herein. The system can include a line scan camera that can generate a line of pixels of a portion of the scanned item in an imaging area; a feed device coupled to the line scan camera; and a timing circuit. The feed device can move at least a portion of the scanned item through the imaging area, and the timing circuit can provide a plurality of capture signals to the line scan camera. The timing circuit can vary a time interval between capture signals based on a number of pixels between adjacent row marks along at least a portion of the length of the scanned item.

Abstract: A system and method for error correction for machine-readable symbols having data codewords, and having error correction (EC) codewords derived from the data codewords and redundantly indicating the location and data contents of the data codewords. The symbols use Reed-Solomon (RS) error correction to retrieve damaged codewords. RS error correction normally requires two EC codewords to identify both the location and data contents of a data codeword. The present system and method performs optical contrast analysis on the codewords, identifying those codewords with the lowest contrast levels (that is, the least difference between the reflectance of the black or white cells and the black/white threshold). Codewords with the lowest contrast levels are flagged as optically ambiguous, thereby marking, in the EC equations, the locations of the codewords most like to be in error. As a result, only a single EC codeword is required to retrieve the data for a flagged data codeword.

Abstract: A fingerprint detection device includes: a substrate having a first surface and a second surface on an opposite side of the first surface, the first surface serving as a detection surface configured to detect unevenness of an object in contact or in proximity; a detection electrode provided on the second surface side of the substrate and configured to detect unevenness of a finger in contact or in proximity on the basis of an electrostatic capacitance change; and a drive circuit provided on the second surface side of the substrate and configured to supply a drive signal to the detection electrode.

Abstract: A fingerprint sensing device includes a plurality of sensing units. Each sensing unit includes: a readout element, a photosensitive element, a light emitting element and a diode. The photosensitive element is electrically connected to the readout element. The light emitting element is disposed corresponding to the photosensitive element, and includes a first anode, a first cathode, and a light emitting layer located between the first anode and the first cathode. The diode includes a second anode and a second cathode, and a semiconductor layer located between the second anode and the second cathode. The second anode is electrically connected to the first cathode of the light emitting element, and the second cathode is electrically connected to the first anode of the light emitting element.

Abstract: The disclosed subject matter relates to an automated determination of cell-by-cell segmentation quality of a tissue specimen sample. A training set of cells is examined by an expert to determine which cells that include “good” segmentation and which cells include “poor” segmentation. A training model is build based on the image data of the cells in the training set. Image data from cells in a test specimen is obtained and that image data is compared to the training model to determine on a cell-by-cell basis which cells in the test specimen include “good” segmentation and which cells include “poor” segmentation. The accumulated data on the cells analyzed in the test specimen can be utilized to determine an overall segmentation quality score for the area of the test specimen in which the individual cells are located in the test specimen.

Abstract: An electronic device according to the present disclosure includes: a housing including a first plate directed in a first direction, a second plate facing a second direction opposite the first direction, and a side member that encloses at least a portion of a space between the first plate and the second plate; a display disposed to be exposed through a first region of the first plate; a first opening formed in a second region of the first plate that is located adjacent to the display; a button structure disposed through the first opening, in which the button structure includes a cover layer exposed to an outside of the housing, an annular structure that encloses at least a portion of the cover layer when viewed from above the cover layer, and a fingerprint recognizing member enclosed by the annular structure and including a fingerprint recognizing pad including a plurality of conductive lines formed to recognize a fingerprint when a user's finger comes in contact with the cover layer, and a circuit region incl

Abstract: Analysis of questionable signatures, with prevention of imitating signatures according to the modern celerity to accept or deny as valid a signature affixed on any kind of document with alphanumeric reference or without alphanumeric reference, by authenticating it with the naked eye and evaluating for such purpose a signature affixed on one or more obstacle(s) of any geometric shape and of any kind of material and any color, which are placed and stuck on the document to be signed or on another external support to the document to be authenticated, and such obstacle(s) impede the normal stroke of the ink instrument with which the signature is written, and the structure resulting from the signature over the obstacles is collated with the structure of the questionable signature and/or with the structure of the signature considered as indubitable.

Abstract: A method for guiding a robot equipped with a camera to facilitate three-dimensional (3D) reconstruction through sampling based planning includes recognizing and localizing an object in a two-dimensional (2D) image. The method also includes computing 3D depth maps for the localized object. A 3D object map is constructed from the depth maps. A sampling based structure is grown around the 3D object map and a cost is assigned to each edge of the sampling based structure. The sampling based structure may be searched to determine a lowest cost sequence of edges that may, in turn be used to guide the robot.

Abstract: Disclosed is a face detection method and apparatus, the method including detecting a candidate area from a target image using a first sliding window moving at an interval of a first step length and detecting a face area in the candidate area using a second sliding window moving at an interval of a second step length less than the first step length.

Abstract: A system and method for providing an interactive shopping experience via webcam is disclosed. A particular embodiment includes enabling a user to select from a plurality of items of virtual apparel; obtaining an image of a user via a web-enabled camera (webcam); using a data processor to perform facial detection on the image to isolate an image of a face of the user; estimating the user's position according to a position and a size of the image of the user's face; modifying an image corresponding to the selected item of virtual apparel based on the size of the image of the user's face; and auto-fitting the modified image corresponding to the selected item of virtual apparel to the image of the user's face.

Abstract: An electronic apparatus is provided. The electronic apparatus includes an input comprising input circuitry configured to receive an image and a processor configured to detect a skin area from the image to acquire information on a pixel value of a pixel included in the skin area, to acquire information on characteristics of the skin area based on a face area in the skin area, and to process image quality of the skin area based on the information on the pixel value and the information on the characteristics of the skin area. As a result, it is possible to reduce the image distortion of the skin area occurring when only the analysis of the quantitative elements is performed and to improve the image quality preference of the skin area based on the analysis of the qualitative elements in addition to the quantitative elements.

Abstract: Techniques are provided for facial recognition using decoy-based matching of facial image features. An example method may include comparing extracted facial features of an input image, provided for recognition, to facial features of each of one or more images in a gallery of known faces, to select a closest gallery image. The method may also include calculating a first distance between the input image and the selected gallery image. The method may further include comparing the facial features of the input image to facial features of each of one or more images in a set of decoy faces, to select a closest decoy image and calculating a second distance between the input image and the selected decoy image. The method may further include recognizing a match between the input image and the selected gallery image based on a comparison of the first distance and the second distance.

Abstract: A system facilitates automatic recognition of facial expressions or other facial attributes. The system includes a data access module and an expression engine. The expression engine further includes a set of specialized expression engines, a pose detection module, and a combiner module. The data access module accesses a facial image of a head. The set of specialized expression engines generates a set of specialized expression metrics, where each specialized expression metric is an indication of a facial expression of the facial image assuming a specific orientation of the head. The pose detection module determines the orientation of the head from the facial image. Based on the determined orientation of the head and the assumed orientations of each of the specialized expression metrics, the combiner module combines the set of specialized expression metrics to determine a facial expression metric for the facial image that is substantially invariant to the head orientation.

Abstract: A method for evaluating a facial performance using facial capture of two users includes obtaining a reference set of facial performance data representing a first user's facial capture; obtaining a facial capture of a second user; extracting a second set of facial performance data based on the second user's facial capture; calculating at least one matching metric based on a comparison of the reference set of facial performance data to the second set of facial performance data; and displaying an indication of the at least one matching metric on a display.

Abstract: An event signal processing method and apparatus are provided. The event signal processing method includes receiving, from an event-based sensor, event signals including timestamps, generating a first timestamp map based on the timestamps, and interpolating a new timestamp into the first timestamp map based on at least two timestamps of the first timestamp map, to generate a second timestamp map.

Abstract: A target detection method for detecting targets on the ground and in motion, in a video stream that is acquired by an airborne digital camera, which includes the steps of: processing a plurality of successive frames in the video frame in a manner so as to stabilize the frames as if they had been acquired by a fixed camera; and comparing two processed frames, temporally separated from the other, so as to identify the zones of pixels in motion from one processed frame to the other, one zone of pixels in motion constituting a detected target.

Abstract: A system and method tracks touches in a healthcare environment in order to analyze paths of transmission and contamination for the purpose of eliminating and containing transmission of colonizing, drug-resistant pathogens. Touches are identified and tracked with the use of recording devices. Each touch is logged and a touch graph is generated to identify transmission paths.