Abstract: A method performed by at least one processor includes: accessing a layout of an integrated circuit (IC), the layout comprising a resistor-capacitor (RC) netlist comprising a plurality of circuit nodes; identifying an RC network in the RC netlist; determining a characterization matrix corresponding to the RC network; updating the RC netlist by replacing the RC network with the characterization matrix; and calculating voltages and currents of the plurality of circuit nodes based on the updated RC netlist.

Abstract: The present disclosure describes a method for detecting unacceptable connection patterns. The method includes, using a processor to perform at least one of: performing an automated place-and-route (APR) process on a circuit layout that includes a first standard cell without a marker layer to generate a circuit graphic database system (GDS) file from the circuit layout, generating a standard-cell GDS file that includes a second standard cell with at least one marker layer applied to the second standard cell, and merging the circuit GDS file with the standard-cell GDS file to generate a merged GDS file that includes the first standard cell with at least one marker layer based on the second standard cell. The method further includes determining whether a connection pattern of the first standard cell in the merged GDS file is an unacceptable connection pattern.

Abstract: A method for forming an integrated device is provided. The method includes the following operations. A first circuit layout having a first power path and a second power path is provided. The first power path and the second power path are aligned in a first direction. A first pitch between the first power path and the second power path is analyzed. It is determined whether the first pitch is less than a threshold pitch. If the first pitch is less than the threshold pitch, the second power path is modified in a second direction. The second direction is perpendicular to the first direction.

Abstract: A system and method utilizing deep clinical knowledge represented as a knowledge-graph to complement and enhance Natural Language Processing (NLP) for efficient and high-quality computer assisted coding of medical text. One embodiment utilizes the International Classification of Diseases version-10 Procedural Coding System (ICD-10-PCS). The system uses multiple knowledge bases combined with direct mapping provided by the ICD-10-PCS standard to enhance the coverage of assigned code. The system identifies ICD-10-PCS code considering hierarchical mapping and identifies the code by individual ICD-10-PCS character.

Abstract: A device for using rules in the processing of information includes a first interface that allows for secure communications, a first database, a second database, a second interface that allows for secure communications, and a detection component implemented at least partially in hardware, the first interface connecting to the first database, the first database connecting to the detection component, the second database connecting to the detection component, the second interface connecting to the detection component, the second database including a plurality of rule libraries, each rule library, of the plurality of rule libraries, storing a set of related rules, and a plurality of rule engines, each rule engine, of the plurality of rule engines, corresponding to a rule library, of the plurality of libraries, and the detection component including a rule selector, and a rule applicator to apply a selected rule to information.

Abstract: In one embodiment, an instruction is received at a blockchain server from a first digital rights management (DRM) client, the instruction including an instruction to transfer a DRM license to an encrypted content item to a second DRM client. A block to be recorded in a blockchain, is created, the block including a content item ID of said encrypted content item, one of a device ID of a device including the second DRM client or a user ID of a user of the second DRM client, DRM license information for said DRM license, and a DRM decryption key for decrypting said encrypted content item. The block is recorded in the blockchain. A confirmation message is sent to the second DRM client confirming that the block was written to the blockchain. Related systems, methods, and apparatuses are also described.

Abstract: A system and methods of computer security are provided wherein a first mobile computing device drives an acoustic transducer to emit an acoustic signal encoding a time-based, one time password (TOTP) code, and a second mobile computing device measures output of a MEMS gyroscope that senses the emitted acoustic signal. The second mobile computing device decodes the TOTP code from the gyroscope output, validates the TOTP code and responsively permits a user to access a secure application.

Abstract: Sending from a first user device to a server, through a first channel, a user identifier and a request to get a table. Generating, by the server, a first table including a first character set and being valid. Sending, from the server to the second user device, the first table and a first request to display this latter. Displaying, by or through the second user device, the first table. Selecting, by a user, through the first user device, a character. Sending, from the first user device to the server, through the first channel, the selected character, as submitted data. Determining, by the server, based upon a reference location within the first table, a corresponding reference character, as reference data. Verifying, by the server, for the user, whether the submitted data does match the reference data. And, if yes, succeeding, by the server, in authenticating the user.

Abstract: Data processing systems and methods, according to various embodiments are adapted for efficiently processing data to allow for the streamlined assessment of the risk level associated with particular privacy campaigns. The systems may provide a centralized repository of templates of privacy-related question/answer pairings for various vendors, products (e.g., software products), and services. Different entities may electronically access the templates (which may be periodically updated and centrally audited) and customize the templates for evaluating the risk associated with the entities' respective business endeavors that involve the relevant vendors, products, or services.

Abstract: A method comprising using at least one hardware processor for: providing a set of development supervectors representing features of biometric samples of multiple subjects, the biometric samples being of at least a first and a second different biometric modalities; providing at least a first and a second enrollment supervectors representing features of at least a first and a second enrollment biometric samples of a target subject correspondingly, wherein the at least first and second enrollment samples are of the at least first and the second different biometric modalities correspondingly; providing at least a first and a second verification supervectors representing features of at least a first and a second verification biometric samples of the target subject correspondingly, wherein the at least first and second verification samples are of the at least first and second different biometric modalities correspondingly; concatenating the development supervectors to a set of development generic supervector, the a

Abstract: An image forming apparatus including a communication circuit configured to establish proximity communication with a biometric authentication apparatus, a display, and a processor configured to perform authentication processing with biological information detected by the biometric authentication apparatus is provided. The processor is configured to carry out control for reducing a quantity of light output from the display and incident on the biometric authentication apparatus during detection of the biological information by the biometric authentication apparatus when the processor receives information representing optical detection of the biological information by the biometric authentication apparatus from the biometric authentication apparatus through the communication circuit.

Abstract: A wearable device includes a display; a sensor configured to obtain a biometric information of a user; a memory configured to store at least one instruction; and at least one processor configured to execute the at least one instruction to: based on an event related to executing an application, identify execution of biometric authentication associated with the application; based on the identification, display a message indicating information corresponding to the biometric authentication to be performed in the wearable device; obtain, by the sensor, the biometric information of the user wearing the wearable device; identify authority using the obtained biometric information and registered biometric information stored in the memory; and display, by the display, a screen associated with the executed application based on the identified authority.

Abstract: A transaction authorization apparatus includes a processor in communication with a communications interface. The processor is configured to receive a request for a transaction requested by a user with whom a plurality of user devices are associated, to obtain respective transaction measurements from at least some available devices from among the plurality of user devices, and to confirm approval of the request for the transaction in response to confirmation that the transaction measurements satisfy a multi-device authorization policy associated with the transaction.

Abstract: It is an object to provide an information device operating system, an information device operating method, and a program, which improve usability and security. An information device operating system 1 including an information terminal 100 provided with a biometric authentication or a camera authentication and an information device 200 connected to the information terminal 100 via a network, detects that the biometric authentication or camera authentication has been made, and operates the information device 200 by using an application installed in the information terminal 100 when detecting that the biometric authentication or camera authentication has been made.

Abstract: A user account/password manager is presented to protect any of: user accounts, passwords, and devices using security best practices. User account activity information is managed by a user and displayed in a meaningful way on an Account Management Graphical user interface. The user can easily find out who may be attempting to login to their account, when and how the login attempts were made, and where the login attempts originated.

Abstract: The invention is a method for managing a secure element that comprises an operating system and a software application including an executable part which is tied to the operating system through a plurality of links. The method comprises the following steps: on receipt of an un-map command, recording in a memory area of the secure element a description of said links using an intermediate language, replacing the operating system by a new operating system by keeping said memory area unchanged, on receipt of a re-map command by the secure element, restoring a new set of links between the executable part and the new operating system by using the description.

Abstract: Provided are an electronic device and a method of controlling same. The method of controlling the electronic device: displays a UI including a security index showing that the electronic device is in a state operating in a secure mode; compares the security index to a reference security index and determines whether the security index has been falsified; and when the security index is a falsified security index, shows that the security index is a security index that has been falsified.

Abstract: A computer system, an IoT device monitoring method, and a program in which a security is improved are provided. A computer system for monitoring a connected IoT device 100 monitors a login state of the IoT device 100, detects an unauthorized access based on a result of the monitoring, learns any one or both of an ID or a password of the detected unauthorized access, determines whether a password held in advance by the IoT device is easy to be released, and periodically changes a password of the IoT device to a new password which is different from the password previously held by the IoT device when the determining unit determines that it is easy to be released.

Abstract: A system and method for protecting a universal serial bus device from being used in an attack during communication between a communication device and an accessory device is disclosed. A protection device inserted between them through a USB link performs steps of receiving a message from the accessory device, including fields of characteristics of the accessory device; generating a random identifier; sending it to the communication device that creates a registration rule based on the generated random identifier; modifying an intercepted response from the accessory device to a request from the communication device, the request being dedicated to get a value associated with a serial number of the accessory device, by including the generated random identifier; and sending the modified response to the communication device, the modified response triggering a query for registration of the accessory device by means of the modified response and the created registration rule.

Abstract: Endpoints in a network environment include remote file systems mounted thereto that reference a file system generator that responds to file system commands with deception data. Requests to list the contents of a directory are intercepted, such as while a response is passed up through an IO stack. The response is modified to include references to deception files and directories that do not actually exist on the system hosting the file system generator. The number of the deception files and directories may be randomly selected. Requests to read deception files are answered by generating a file having a file type corresponding to the deception file. Deception files may be written back to the system by an attacker and then deleted.

Abstract: In an example embodiment, a system determines a set of instructions from the available instructions for a computer application. The determined set of instructions provides specific functionality of the computer application. The system may determine the set of instructions by performing functional testing and negative testing on the specific functionality. The system may reorganize and randomize the set of instructions in memory and write the reorganized set of instructions to a smaller memory space. For each available instruction not in the set of instructions, the system changes the respective instruction to inoperative to prevent execution of the respective instruction. The system may change the respective instruction to inoperative by overwriting the instruction with a NOP instruction. The system then captures a memory address of the computer application being accessed at runtime.

Abstract: The embodiments herein provide a secure computing resource set identification, evaluation, and management arrangement, employing in various embodiments some or all of the following highly reliable identity related means to establish, register, publish and securely employ user computing arrangement resources in satisfaction of user set target contextual purposes.

Abstract: An electronic device, such as a dynamic transaction card having an EMV chip, that acts as a TPM having a memory, an applet, and a cryptographic coprocessor performs secure firmware and/or software updates, and performs firmware and/or software validation for firmware and/or software that is stored on the electronic device. Validation may compare a calculated checksum with a checksum stored in EMV chip memory. If a checksum calculated for firmware and/or a software application matches a checksum stored in EMV chip memory of the transaction card, the transaction card may operate normally. If a checksum calculated for firmware and/or a software application does not match a checksum stored in EMV chip memory of the transaction card, the transaction card may freeze all capabilities, erase the memory of the transaction card, display data indicative of a fraudulent or inactive transaction card, and/or the like.

Abstract: DDoS testing service features testing and verifying the integrity of a DDoS mitigation strategy of an organization while maintaining operation of the targeted organization's IT infrastructure. This facilitates ongoing and recurring operation and integrity of the DDoS mitigation strategy, at regular intervals and without causing service disruption to the IT infrastructure. Testing can include an array of DDoS attack vectors allowing the risk assessment of the organization to be fully visible for the production environment concerning successful DDoS attack being launched against the organization.

Abstract: A software component, upon receiving a request for access to a provider having a plurality of service levels, determines the current security state of the requesting device. The security state of the requesting device varies according to severity levels of device security events. The software component compares that security state to a policy associated with the provider. The software component then allows the requesting device access to the provider services where the device's current security state meets or exceeds the security state required for the service.

Abstract: Methods and systems are provided for conditionally granting access to service levels based on a determined security state of the device requesting access. A software component, upon receiving a request for access to a provider having a plurality of service levels, determines the current security state of the requesting device. The software component compares that security state to a policy associated with the provider. The software component then allows the requesting device access to the provider services where the device's current security state meets or exceeds the security state required for the service.

Abstract: Techniques and apparatus for preventing unauthorized use of an image capture device are described. In one embodiment, for example, an apparatus may include an image capture unit operative to capture images from incident light incident on at least a portion of the image capture unit, a privacy assembly operative to prevent the image capture unit from generating a clear image responsive to a privacy active signal, and logic coupled to the privacy assembly, the logic to generate the privacy active signal responsive to the image capture unit being inactive. Other embodiments are described and claimed.

Abstract: An image forming system includes a concealment word registration unit, an ID information acquisition unit, a concealment word managing unit, and an image forming unit. The concealment word registration unit registers a concealment word associating with a user. The ID information acquisition unit obtains creator ID information and execution person ID information from a print job, the creator ID information identifies a user as a creator of a document file, the execution person ID information identifies a user as an execution person of the image formation process. The concealment word managing unit uses the concealment words to determine a concealment region. The concealment words include the concealment word associated with the user identified by the creator ID information and the concealment word associated with the user identified by the execution person ID information. The image forming unit executes a masking process that makes the concealment region illegible.

Abstract: A technique implements data policy deployed in a tag-based policy architecture of a virtualized computing environment. Implementation of the data policy may include applying volume tags to data stored on virtualized storage resources, such as disks organized as volumes, based on instances that generate the data, contents of the data, and/or sensitivity of the data. The volume tags may be applied in a cryptographically strong manner to prevent tampering of the tagged data. To that end, the volume tags are cryptographically associated with the data, wherein such association is effected by binding the tags to a data encryption key stored on the volumes (disks) and used to encrypt/decrypt the data stored on the volumes.

Abstract: A system for identifying an electronic counterpart for a rendered document is described. The system receives an indication of a text capture operation performed from a rendered document. The indication identifies a text sequence captured as part of the text capture operation, the identified text sequence comprising fewer than nine words. In response to receiving the indication, the system uniquely identifies an electronic document from which the rendered document was rendered.

Abstract: A naming service for a hierarchical namespace. The naming service includes a database system with a first table having first records. Each of the first records is for a hierarchical node and includes a node identifier and an ACL identifier to a set of access control rules applicable to the node. The database system includes a second table including second records, each record in the second records has one of the ACL identifiers from the first table correlated with a definition access control rules in the set of access control rules. The naming service includes an access control rule identifier generator configured to detect a set of access control rules for each node in the namespace and generate an a ACL identifier for each set of access control rules that can be stored in records in the first table and stored in records in the second table.

Abstract: A data security system, including a security manager computer making network API calls to a service that performs data-exchange transactions for end users, the API calls remotely controlling the service so that the security manager computer accesses an outgoing transaction that has already entered the cloud-based service, by generating one or more security platform rules that are applied by the service and cause the service to automatically transmit the outgoing transaction to an inspection location prior to transmission of the outgoing transaction to a destination, and a data inspector operative to inspect data of the outgoing transaction in the inspection location for data leakage, wherein the security manager computer further controls the service so as to transmit the outgoing transaction to the destinations when the data inspector clears the data, and to perform a remedial action regarding the outgoing transaction when the data inspector does not clear the data.

Abstract: Described is a system for protecting sensitive information that is hardcoded in polynomial-size ordered binary decision diagram (POBDD) form. A software executable represented as a POBDD having sensitive information embedded therein is obfuscated into an obfuscated POBDD. An input query on the obfuscated POBDD is evaluated, and the sensitive information is revealed only if the input query is a correct input. Thus, an adversary is prevented from extracting the sensitive information embedded in the POBDD.

Abstract: A target transaction initiated by a member node device in a blockchain is received, where the target transaction include a reference time parameter, and where the reference time parameter is used to determine whether the target transaction is a valid transaction within a transaction validity period. Based on the reference time parameter, a determination is performed as to whether the target transaction is a valid transaction within a transaction validity period. In response to determining that the target transaction is a valid transaction within the transaction validity period, the target transaction is recorded to a generated candidate block.

Abstract: In particular embodiments, a data subject request processing system may be configured to utilize one or more local storage nodes in order to process a data subject access request on behalf of a data subject. In particular embodiments, the one or more local storage nodes may be local to the data subject making the request (e.g., in the same country as the data subject, in the same jurisdiction, in the same geographic area, etc.). The system may, for example, be configured to: (1) receive a data subject access request from a data subject (e.g., via a web form); (2) identify a suitable local storage node based at least in part on the request and/or the data subject; (3) route the data subject access request to the identified local storage node; and (4) process the data subject access request at the identified local storage node.

Abstract: A system may include transaction storage devices. Each transaction storage device may include a data store configured to receive, from a first entity, a request to push a detailed transaction corresponding to a secure identifier. The secure identifier may be generated, using an encoding function, from a user identifier of a user. The data store may be further configured to store the detailed transaction based on a first determination to trust the first entity. The system may further include an access controller configured to perform the first determination by applying a first security rule corresponding to a type of the secure identifier to the request to push the detailed transaction, and a registry configured to store at least the first security rule.

Abstract: A system described herein may allow for the masking of user input and/or sensor data, which could otherwise be used to uniquely identify and track a user. For example, user inputs (e.g., keyboard or mouse inputs) and/or sensor data (e.g., data from a touchscreen, pressure sensor, gyroscope, etc.) may be normalized and randomized. The normalization and/or randomization may include modifying metadata associated with user inputs or sensor data (e.g., modification of timestamps and/or modification of raw data) prior to outputting the user inputs or sensor data to an application, and/or to a service that attempts to uniquely identify users based on such metadata.

Abstract: A touch screen security protection structure including a touch screen, a display screen, and a circuit board, a first signal ribbon cable, and a second signal ribbon cable. The first signal ribbon cable and the second signal ribbon cable are respectively connected with the circuit board via zebra stripes, the first signal ribbon cable and the second signal ribbon cable are provided with protection winding wires, and the protection winding wires are electrically connected with the zebra stripes via contacts. When an attacker lifts the touch screen and the display screen by cutting, the first signal ribbon cable and the second signal ribbon cable are dislocated from the zebra stripes, the protection winding wires are disconnected from the zebra stripes, anti-tampering detection signals then trigger the security response mechanism to erase the sensitive data information from the electronic components of the circuit board.

Abstract: The present invention is directed to systems and methods of activating an electronic device at a point-of-sale (POS). The device may be identified by an indicia and activation may occur following purchase of the device. The method may include the steps of receiving at a central processor from the POS the indicia identifying the device purchased at the POS; enabling by the central processor a feature or functionality of the device or use of the device; and conveying to the device information material to the feature, functionality, or use. The system may include a central processor that activates the device. The central processor may include various interfaces with the POS, provider, and device, as well as a database with records related to the device and an activation processor for determining if activation is appropriate, activating the device, and sending information material to the feature, functionality, or use to the device.

Abstract: A data card enclosure method and system comprising data card connectors and host interface connectors on a data card housed in the data card enclosure. The data card enclosure method and system provided for connecting the data card connectors and host interface connectors to external communications ports.

Abstract: A contactless payment device and method streams a sequence of magnetic-field pulses directly to two or three magnetic-stripe read heads of a point-of-sale terminal. Gaps between magnetic-field pulses are included in the signal to promote differentiation between different portions of the signal by different receiver channels in the point-of-sale terminal, and to encode additional information.

Abstract: Apparatus and methods are provided for automatically interrogating a tagged object using radio frequency identification (RFID) when the object is moved. In one embodiment, a worker is outfitted with a wearable RFID system including an RF antenna, an RFID reader, and a holder to hold the antenna and reader during operation. The system is worn by the worker while the worker moves objects from one place to another. When the worker moves an object with an attached RFID tag, the antenna automatically begins scanning for signals from the object's RFID tag. When a RF signal is received by the antenna, the RFID reader collects the signal and transmits it to a host system which processes the signal to obtain information related to the object to which the RFID tag is attached.

Abstract: An information collection system includes a plurality of radio tags and a reading device. Each of the radio tags stores identification information and includes a sensor, an antenna that receives a carrier wave from the reading device, and a data transmission unit that sends measurement data including the identification information and information obtained by the sensor to the reading device after the carrier wave is received by the antenna. The plurality of radio tags send the identification information and the information obtained by the sensor with different natural periods from the data transmission units. The reading device transmits the carrier wave to each of the radio tags, receives data from each of the radio tags, and obtains the data.

Abstract: The invention discloses a scan head's aiming beam exposure solution system, comprising the control circuit of aiming lamp. The control circuit is composed of 5 pin terminals, wherein pin 1 and 2 are the input terminal of gate circuit, and pin 4 is the output terminal of NOT gate circuit; the high level Vcc is connected with pin 5 of the control circuit, and pin 3 of the control circuit is grounded; the pin 1 and 2 are connected with the scanning signal and the field sync signal respectively, and resistor R1 is connected with the field sync signal and is grounded. The solution system, compared with the existing scan heads on the market, can completely solve the local overexposure problem of the aiming beam, hugely improve the decoding accuracy, stability, identification rate, decoding speed and power consumption of the scan head hugely, and realize cost-effectiveness easily.

Abstract: Disclosed are a lighting control system including and mater and slave devices. The master device includes a lighting control unit that broadcasts a group light-emitting pattern to each corresponding group of the plurality of slave devices to control the plurality of slave devices to emit the light per group basis. Each of the plurality of slave devices includes a lighting unit configured to include at least one light source device, a storing unit configured to store the light-emitting position information corresponding, and a lighting control unit configured to extract a lighting control signal of the group identification number corresponding to the light-emitting position information stored in the storing unit among lighting control signals broadcasted by the master device, and control the lighting unit on the basis of the group light-emitting pattern corresponding to the extracted lighting control signal.

Abstract: Various embodiments described herein relate to a scanning system for scanning and decoding direct part markings (DPM) type indicia. The scanning system includes an arrangement of an illumination module, a beam splitter module, and a telecentric lens assembly. The telecentric lens assembly is adapted to direct an in-line illumination received from the illumination module as collimated light to illuminate the DPM indicia. Upon illumination, a first portion of light reflected from embossments of the DPM indicia that are incident on the telecentric lens assembly at a defined angle is decoupled from an optical path between the telecentric lens assembly and the target. An imager is exposed to a second portion of reflected light, excluding the decoupled reflected light that is reflected from a substrate on the DPM indicia, in order to capture an image of the DPM indicia for decoding.

Abstract: A method of confirming receipt, including iteratively capturing by a receiving device visual codes in a series of visual codes displayed on a sending device. A corresponding captured visual code being from a display block that resulted from a partition of an original data file into display blocks, and wherein each display block is converted to a corresponding string and header including an ordered identifying display block number and a total count of the display blocks. Each corresponding string is converted to a corresponding visual code. Each of the captured visual codes is converted into a corresponding string and a header is read for the corresponding string. Captured display blocks are determined. A confirmation message is generated including information indicating which display blocks have been received. The confirmation message is sent over a wireless communication link to the sending device to reduce the number of visual codes being displayed.

Abstract: In a method, whether there is a first bar having a width and located at at least one of both ends of a first black and white pattern is determined. The width of the bar is greater than a maximum width of a second bar. The maximum width of the second bar appears in a second black and white pattern assuming that the black and white pattern is part of the first barcode. The first black and white pattern is determined as readout data of the second barcode when it is determined that there is the first bar having the width greater than the maximum width of the second bar and located at at least one of both ends of the first black and white pattern.

Abstract: Various features relate to processing a scanned image to facilitate accurate locator pattern identification and/or detection of the corner locations of the locator pattern. In some embodiments to facilitate the identification of corner points the scanned image is processed to reduce the effect of noise and/or other damage on the subsequent location identification process. Individual white pixels which have black pixels on four sides are converted to black as part of the processing while multiple white pixels adjacent each other are left unaltered. In some embodiments processing does not alter the color of black pixels. Corner points of the locator pattern are identified through additional processing and identification of line segments satisfying an expected black, white, black, white, black segment portion ratio.

Abstract: Methods and systems for auto-tuning a handheld scanning device that can account for changes in the orientation between the handheld scanning device and a presented symbol can include capturing a first image containing a presented symbol, recording an orientation parameter and parameters associated with capturing the first image containing the presented symbol, capturing a subsequent image containing the presented symbol, recording an orientation parameter of the presented symbol contained in the subsequent image, comparing the orientation parameter of the symbol contained in the subsequent images to the orientation parameter of the presented symbol contained in the subsequent image, determining if the orientation parameter of the presented symbol contained in the subsequent images is substantially similar to the orientation parameter of the symbol contained in the first image, and recording parameters associated with capturing the subsequent images containing the presented symbol.