Abstract: An electronic entity includes contact communication elements (4) and remote communication elements (6). Members (2, K) are also provided to authorize an exchange of certain data at least via the remote communication elements based on the prior reception of an instruction via the contact communication elements. A terminal for communication with such an electronic entity as well as methods for controlling and for customizing the electronic entity are disclosed.

Abstract: A security framework for a host computer system which allows a host to control access to a compliant security token by ensuring enforcement of established security policies administered by a middleware application. Processing between the host computer system and the security token is performed using one or more modular security application agents. The modular security application agents are counterpart applications to security applications installed in the security token and may be retrieved and installed upon to ensure compatibility between counterpart token and host security applications. The security policies are a composite of host security policies and token security policies which are logically combined by the middleware application at the beginning of a session.

Abstract: A method and apparatus for selecting one of a plurality of delivery mechanisms for sending a message are disclosed. The illustrative embodiment enables the advantageous selection of the delivery mechanism for sending a message from a first telecommunications terminal to a second telecommunications terminal based on at least one of: (i) the location of the first terminal, (ii) the location of the second terminal, (iii) the time and date (i.e., the calendrical time) at the first terminal, (iv) the calendrical time at the second terminal, and (v) one or more properties of the message (e.g., the sending user, the receiving user, a message priority, the contents of the message, etc.). A delivery mechanism for sending a message comprises at least one of: a physical medium, a physical layer protocol, a medium access control, and a network for transport.

Abstract: A method and system for authorizing a user at a field device by a portable communications device. A first information is acquired by the portable communications device for identifying the field device. The portable communications device sends to a system the first information and a second information for identifying at least one of (i) the portable communications device, and (ii) the user thereof. The system determines a first piece of access information on the basis of the first information and the second information, and sends the first piece of access information to the portable communications device. The portable communications device transmits the second information and the first piece of access information to the field device. The field device determines a second piece of access information on the basis of the second information, and compares the first piece of access information with the second piece of access information.

Abstract: Embodiments of the present invention provide a method, network device, and system for sending and receiving a packet. The method includes fragmenting, by a first network device, a first Hello packet. Each Hello fragment packet has a fragment ID and a content identifier. The first network device sends fragment brief information of the first Hello packet to a second network device. The fragment brief information of the first Hello packet includes fragment information of each Hello fragment packet. The first network device sends the Hello fragment packet corresponding to the first Hello packet if the first network device receives a request packet sent by the second network device.

Abstract: A method establishes an IP-based communications connection between an electric vehicle and a charge control unit associated with a charging station assigned an IP address. The electric vehicle is connected to the charging station via a charging cable and/or an inductive charge coupling for charging and/or discharging. A first communication connection that can be used exclusively by the electric vehicle and the charging station is provided via the charging cable and/or the inductive charging coupling. The electric vehicle having the charging control unit and the charging infrastructure can communicate via a second communications connection that can be used in parallel by other electric vehicles and charge control units. An identification is provided to the electric vehicle and the charging control unit. An IP-based communication is established between the electric vehicle and the charging control unit, using the IP address.

Abstract: The invention concerns a medical device comprising a device for the measurement of a health parameter of a patient, a device for capturing a fingerprint identifying the patient, a device for communicating with a remote server and a control means, the control means being designed such that, when it is activated by a single action of the patient, it: activates the device for the measurement of a health parameter of the patient, and obtains a measured parameter in return, activates the fingerprint capture device and obtains a fingerprint in return, and then provides the measured parameter and the captured fingerprint to the communication device in order to transmit the measured parameter and the captured fingerprint to the remote server.

Abstract: The disclosure is related to a method of providing M2M data to an unregistered user terminal. The method may include receiving a request message from a first user terminal registered at the M2M service server to provide predetermined data collected from a M2M device to a second user terminal, determining whether the second user terminal is a subscriber of the M2M service server, temporary registering the second user terminal when the second user terminal is not a subscriber of the M2M service server, and providing the predetermined data to the second user terminal.

Abstract: Embodiments are provided for registering an electronic device of a subscriber for cellular-based communications. According to certain aspects, the cellular-based communications may be facilitated by a data center while the electronic device is not easily within range of a cellular network, such as when the electronic device is traveling on an aircraft. The registration includes associating a subscription identification of a cellular services plan with an identification of the electronic device, from which a registration server may create an account associated with the cellular-based communications. Further, the registration server may generate a digital certificate using the electronic device identification and issue the digital certificate to the electronic device.

Abstract: One feature pertains to an efficient procedure for storing data units in a storage device that allows for authentication of data units to prevent rollback attacks and other attacks such as cut-and-paste attacks. In one aspect, a message authentication code (MAC) is generated or otherwise obtained based on a primary key, a data unit to be stored, a corresponding index for the data unit (such as a page index) and a secondary key for the corresponding data unit, which is generated for each new write operation. The MAC and the corresponding data unit are stored in a bulk storage device such as a relatively insecure off-chip storage. Secondary keys are stored in a separate storage device such as a more secure on-chip storage. In some examples, new secondary keys are generated upon each data write based on a non-zero random or pseudorandom value.

Abstract: The invention discloses a method and system for detecting a behavior of remotely intruding into a computer, wherein the method comprises: monitoring a process creating event in a system; when a request for creating a process is monitored, intercepting the process creating request; by analyzing the process, an ancestor process of the process and a currently opened port, judging whether the process creating operation is normal; and if the process creating request is abnormal, determining the process creating request to be a behavior of remotely intruding into a computer. The invention can detect a remote intrusion behavior without the intervention of a user, and will not cause stored data to expand excessively.

Abstract: An electronic apparatus includes a chip, a memory and a switch unit. The chip works in a boot state. The memory coupled to the chip stores firmware and has a write-protection control end connected to the chip through a write-protection control path. In a standby state, when receiving an electric potential signal through the write-protection control end, the memory disables a write-protection function, so as to update the firmware. The switch unit is located on the write-protection control path and is controlled by a power-on signal related to the boot state. In the standby state, the switch unit is turned-off and the delivery of the electric potential signal to the chip through the write-protection control path is disabled. In the boot state, the switch unit is turned-on and the write-protection control way is conducted by the power-on signal so that the chip controls the write-protection function.

Abstract: Embodiments of the present invention provide a simplified authentication transaction for reconnecting a storage device to a host apparatus that has completed authentication in the past. According to one embodiment, an authentication log is recorded in the host. Plural units of this log information are recorded in the storage device. At the time of transferring a content decryption key and usage rules between the host and the storage device, the decryption key and usage rules are recorded into the host as a log for the transfer. The used authentication log is recorded into the storage device as RAPDI. If RAPDI indicates the authentication log in the simplified authentication transaction, recovery transaction is permitted. The host device deletes/invalidates or holds the log for the transfer in accordance with non-permission/permission. In the case of permission, the key and usage rules are recovered by using a log for the transfer prior to the simplified authentication transaction.

Abstract: A method and system for determining a device identifier assigned to a device within an installation of devices connected via a network is provided. A system determines the device identifier of a device that has been repaired and reinstalled so that the device can be placed in service. Upon receiving an indication that a repaired device has been reinstalled, the system requests and receives a possible device identifier of the repaired device from an interconnect device that connects the repaired device to the network. To verify that the possible device identifier is the actual device identifier, the system directs the repaired device to reboot so that it broadcasts its device identifier. When the repaired device reboots, it broadcasts its device identifier. Upon receiving the broadcast device identifier, the system verifies that the possible device identifier is the same as the broadcast device identifier.

Abstract: A computing device is described that includes one or more processors and at least one module operable by the one or more processors to determine whether the computing device is currently designated to display private information, receive an incoming communication, and determine that the incoming communication includes content that is private information. The at least one module is further operable by the one or more processors to, if the computing device is currently designated to display private information, output, for display, an indication of the incoming communication, and, if the computing device is not currently designated to display private information, refrain from outputting, for display, the indication of the incoming communication.

Abstract: A system for a dynamic adjustment of expiration date of an authorization key, the system comprising: a security product that will be installed on a predetermined number of computers. The administration key allows a use of the software product on the predetermined number of computers during a predetermined period of time. The plurality of authorization units purchased from a vendor that are the smallest increments of time that a duration period of the authorization key is measured in. The expiration date for all the computers can be updated at any time, depending on the number of computers on which the software is installed at any given time. The administration server determines a beginning and an ending date of a functionality of the authorization key for the security product. The data base receives and stores the beginning and the ending date of the functionality of the authorization key for the security product.

Abstract: A method of activating a function such as unlocking a mobile telephone keypad by an instruction sequence {xi, . . . , xn} of a length n given to a user, who validates the sequence to activate the function. The instruction sequence is determined randomly, and for each instruction xi, the method includes: sending an instruction xi to the user; receiving a response yi from the user; analysis for validation of instruction xi; instruction xi is said to be validated when yi is a valid response for xi and the time elapsed between the sending of xi and the receipt of yi is shorter than a set period ?i; if instruction xi is not validated then the function is not activated; sending the next instruction, if any, after validation of xi; activating the function when at least the last instruction sent is validated.

Abstract: Methods, systems, and computer readable media for providing BIOS data and non-BIOS data on the same non-volatile memory. According to one aspect, a system for providing BIOS data and non-BIOS data on the same non-volatile memory includes a controller for controlling access by a host to a non-volatile memory for storing data, the data including BIOS data and non-BIOS data. The controller includes a first bus interface for communicating data to and from the host via a first bus of a first bus protocol, a second bus interface for communicating data to and from the host via a second bus of a second bus protocol, and a third interface for communicating data to and from the non-volatile memory. The first bus comprises a bus that is operable after power-on reset and before BIOS is accessed.

Abstract: Provided are an apparatus and method for enhancing security and safety of an embedded system by monitoring and blocking unauthorized execution of a shell command in the embedded system. The apparatus for guaranteeing safe execution of the shell command in the embedded system includes a shell command detection part configured to detect an execution request of the shell command, and a shell command execution control part configured to control execution of the shell command according to whether a password based on safety is provided for the detected shell command.

Abstract: Various embodiments are directed to a motion sensor in communication with a processing component capable of controlling a television display and a video recording device. The motion sensor may provide motion detection information to the processing component. The processing component may issue control directives capable of manipulating the television. For instance, based on the absence of motion in a viewing area, the processing component may re-direct content to be recorded while also inactivating the television display to conserve energy. Upon receiving information that motion has been detected in the viewing area, the processing component may issue control directives to activate the television display and resume playing the content that was previously being watched. This may all be done without requiring an action on the part of a user.

Abstract: Embodiments of the present invention provide a user equipment pairing processing method, a network side device, and a user equipment. The method includes: acquiring, by a network side device, pairing request information of a beneficial user equipment and a candidate support user equipment that are to be paired; and implementing, by the network side device, pairing of the beneficial user equipment and the candidate support user equipment according to the pairing request information, and sending a pairing success message to the beneficial user equipment and the candidate support user equipment. In the technical solutions provided by the embodiments of the present invention, user pairing in cooperative communication is implemented.

Abstract: An encryption method includes encrypting a first portion and second portion each of which is included in data to be encrypted, encrypting first information used for decryption of the first data portion, and associating second information used for decryption of the second portion with a predetermined part of the first data portion.

Abstract: It is disclosed a method including providing a relation of network access technology-specific identification information (NATSII) of a user equipment or user and network identity-related information (NIRI) of the user equipment, receiving an inquiry comprising network identity-related inquiry information (NIRII), resolving the received NIRII based on the provided relation, and sending a response including the NATSII according to a result of the resolved NIRII; a method including receiving a registration request comprising NIRII from a user equipment or user, obtaining NATSII based on the received NIRII, appending the received NIRII with the obtained NATSII, and sending the appended NIRII; and a method including receiving a registration request comprising first NATSII and NIRI, obtaining second NATSII based on the received NIRI, matching the received first NATSII against the obtained second NATSII, and authorizing access for a user equipment based on a result of matching.

Abstract: A credential caching system includes receiving a set of authentication credentials, storing the set of authentication credentials in a credential cache memory, wherein the credential cache memory is coupled with a management controller, and supplying the set of authentication credentials for automatic authentication during a reset or reboot. In the event of a security breach, the credential caching system clears the set of authentication credentials from the credential cache memory so that the set of authentication credentials may no longer be used for a reset or reboot.

Abstract: A method, including receiving at a network element, from a first telecommunications enabled device, a control connection request directed to a second telecommunications enabled device, connecting a control connection to the second telecommunications enabled device wherein the control connection is connected without requiring user input at the second telecommunications enabled device to answer the control connection request, and providing access to one or more functionalities of the second telecommunications enabled device to the first telecommunications enabled device through the control connection.

Abstract: A security system includes an integrated circuit and a transceiver/transponder circuit. The integrated circuit includes an antenna for communicating with the transceiver/transponder circuit. An inhibiting element is associated with the integrated circuit for inhibiting communications with the transceiver/transponder circuit and for securing the data contained in the integrated circuit. The inhibiting element is an electromagnetic inhibiting element. The security system further includes a coupling element associated with the antenna of the integrated circuit for temporarily deactivating the electromagnetic inhibiting element to allow communications between the integrated circuit and the transceiver/transponder circuit.

Abstract: Computer-implemented methods, systems, and computer program products for document authentication and identification using a large-scale distributed system are provided. A method includes receiving a digitized document at a trusted system managed by a trusted third-party that is separate from a creator of content in the digitized document. The digitized document is compared to a set of markers to determine whether the digitized document includes one or more of the markers, and in response thereto, information associated with the one or more markers is extracted using a decoder on the trusted system according to encoding strategies. The method further includes generating a comparison registration identifier on the trusted system as a summary of the extracted information and the one or more markers, and comparing the comparison registration identifier with a stored registration identifier in an encoding history via the trusted system to authenticate and identify the received digitized document.

Abstract: A method for teaching a switching circuit is provided. The method includes presenting a target within a sensing range of a sensor of the switching circuit for a pre-determined duration and acquiring an identification code of the target via the sensor. The method also includes storing the acquired identification code for operating the switching circuit and locking the switching circuit against learning identification codes of any other target prior to reaching an allowed number of reteaching attempts.

Abstract: A cleaning appliance is provided including at least one authorization carrier with an access authorization which is provided thereon and is required for accessing the cleaning appliance, just one receptacle in which the at least one authorization carrier is positionable, and a detection unit, situated at the receptacle, for contact-based detection of the access authorization of an authorization carrier positioned in the receptacle, the detection unit having at least one detection contact element which contacts the access authorization. To provide a cleaning appliance of this type which is usable with greater versatility, it is proposed that the cleaning appliance include two or more authorization carriers with access authorizations provided thereon which are linked to different authorization profiles, wherein a range of functions dependent on the authorization profile linked to an access authorization can be provided to an operator by the cleaning appliance.

Abstract: A method of operating a radio frequency identification (RFID) system is provided. The method interrogates RFID tags with an RFID reader and provides at least some of the collected tag data to a mobile device that is unable to communicate with RFID tags using the over-the-air interface. In some situations, the RFID system obtains the current location of the mobile device and determines the location of a target tag relative to the current location of the mobile device. Locating the target tag in this manner involves the interrogation of a reference tag located at the mobile device, along with the target tag, using one RFID reader. The position of the target tag relative to the reference tag is calculated in response to the tag response signals obtained from the target and reference tags. Moreover, location of the target tag can be independently determined relative to the location of a mobile reader, by using a reference tag attached to a fixed reader or to the mobile reader.

Abstract: A moveable barrier operator actuates an actuator thereby causing a message to be formed. The message indicates that the user at the moveable barrier operator requires assistance. A communication channel is established between the moveable barrier operator and an assistance center. The message is transmitted to the assistance center over the communication channel. An assistance action is performed to provide assistance to the user at the moveable barrier operator.

Abstract: A system includes a processor configured to determine if a vehicle computing system (VCS) has been placed in a monitoring mode. The processor is also configured to detect and log the connection or disconnection of any remote devices. The processor is further configured to flag logs if the VCS is in a monitoring mode. Also, the processor is configured to detect the presence of a known vehicle driver or the termination of the monitoring mode and report any flagged logs upon known driver detection or monitoring mode termination.

Abstract: A mobile wireless communications device may include a near field communication (NFC) transceiver and a controller coupled with the NFC transceiver. The controller may be configured to receive tag data from at least one NFC tag when in close proximity thereto via the NFC transceiver, verify the tag data, and when the tag data is successfully verified, perform at least one device unlock operation. The controller may be further configured to determine whether the tag data should be changed based on a predetermined schedule, and if it is determined that the tag data should be changed, communicate with the at least one NFC tag to change the tag data.

Abstract: A method of operating a communication device to interface with a machine system comprises projecting a human-machine interface (HMI) system for the machine system on a surface, wherein the HMI system comprises a plurality of commands associated with the machine system, detecting an input from a user, wherein the input comprises a fluid motion in air performed by the user corresponding to a selection of a command of the plurality of commands associated with the machine system, and transferring the selected command for delivery to the machine system.

Abstract: A controller includes an authentication unit, an operator information database, an operation unit, a plant control logic processor and an operation history database. The authentication unit performs authentication when the operator in touch with the touch electrode inputs an operation to the operation unit. The operation unit obtains operator information of an operator authenticated by the authentication unit, and records an operation history of an operation input to an operation unit by the operator in the operation history database in relation to the operator information.

Abstract: In one embodiment, the method of these teachings includes the steps of utilizing a remote server to manage security alerts, utilizing the remote server to administer security system updates and utilizing the remote server to configure the security system.

Abstract: An identity of a person proximate to a display device is determined by an identity profile controller. The identity profile controller determines whether a configured viewing profile exists for the person. Upon determining that the configured viewing profile exists for the person, the identity profile controller instructs a bezel display controller to display a profile identifier associated with the configured viewing profile via a two-dimensional light-emitting diode (LED) array located within a bezel of the display device outside of the display area of the display. The identity profile controller automatically adjusts display device settings for the display device based upon the configured viewing profile. This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract.

Abstract: A system and method of associating a plurality of objects is disclosed. A physical space is defined and a real-time locating system (RTLS) is used to determine objects that are within the physical space. The objects determined by the RTLS to be within the physical space are associated. The objects include at least one of a caregiver, a patient, a medical device, a medication, and a medical substance.

Abstract: An information processing apparatus includes a display control section that performs display control of a first operation screen for performing first operation and a second operation screen for performing second operation. The information processing apparatus also includes a control section that performs control of terminating the first operation screen or making the first operation screen invisible based on information as to whether or not the user needs to authenticate display of the first operation screen or display of the second operation screen when the second operation screen is displayed in a state in which the first operation screen is displayed.

Abstract: Apparatus and methodology for providing electronic access control are disclosed. In an exemplary configuration, a retrofittable electronic lock can be used to provide secure storage to an enclosure. A user interface and LCD visual display can be provided to permit convenient adjustment of system operational parameters. In certain embodiments, the electronic access control system includes master-slave control capabilities. In other embodiments, the electronic access control system includes inventory management capability. In still other embodiments, apparatus and methodologies provide the secure storage of the enclosure when the enclosure is being moved or otherwise transported from one location to another location. Various alternative arrangements may provide various alert features, as well as battery features which facilitate rapid replacement and/or reconfiguration.

Abstract: An improved system and method for defining an event based upon an object location and a user-defined zone and managing the conveyance of object location event information among computing devices where object location events are defined in terms of a condition based upon a relationship between user-defined zone information and object location information. One or more location information sources are associated with an object to provide the object location information. One or more user-defined zones are defined on a map and one or more object location events are defined. The occurrence of an object location event produces object location event information that is conveyed to users based on user identification codes. Accessibility to object location information, zone information, and object location event information is based upon an object location information access code, a zone information access code, and an object location event information access code, respectively.

Abstract: A gaze tracking password input method and a device utilizing the same wherein the method includes the following steps: picking up photo images of a person's eyes by a photographing unit which continually takes photo shots at a particular area as the person approaches to the photographing unit and his eye enters the particular area; transmitting the photo images taken at the particular area to an operation unit; setting a script associated with a particular point as a password; and then determining the person's gaze tracking direction which indicates the script to be input by the operation unit. The operation unit comparing the multiple input scripts with predetermined passwords, if the input scripts are matched with the predetermined passwords, then the person is officially authorized.

Abstract: The disclosure provides a system and method for associating an electronic device with a remote electronic device. In the method at the remote device, an authentication process is initiated to authenticate the remote device to the electronic device. The authentication process includes: generating a pass key according to an authentication protocol followed by the remote device; and providing the pass key to a user through an output device on the remote device. The method also includes: waiting for the user to provide the pass key to the electronic device; and if the remote device receives a timely message from the electronic device indicating that the remote device has been authenticated, activating additional applications on the remote device to allow it to communicate with the electronic device.

Abstract: In an access control device including a lock (2) with a locking element, an actuating element (3) for the locking element, an electronic key (5), an electrical circuit including a receiver unit for receiving key identification data and an evaluation circuit for determining access authorization based on the received identification data, the evaluation circuit cooperates with the actuating element (3) and/or the locking element for selectively locking or unlocking the lock (2). The electronic key (5) comprises means for generating a capacitive near field via which the identification data is emitted.

Abstract: A wireless deadman system for controlling operation of equipment from a portable device includes a base station with an equipment control system, the base station wirelessly transmitting operational parameters for the equipment. A portable display unit has a housing, an electronic display, an electronic circuit, and a data receiver. A portable authorization device includes a liveness sensor and transmits an authorization signal when the sensor detects a liveness input. The display unit receives an authorization status for operation of the equipment from the portable authorization device and receives the operational parameters from the base station, the display displaying the authorization status and the operational parameters of the equipment on the electronic display. The equipment control system allows the equipment to operate when the authorization signal is provided and prevents the equipment from operating after the authorization signal is no longer provided.

Abstract: A function for authenticating an operator to control whether to permit them to operate a vehicle (20) can be added to the vehicle by simple modification. An operation permission control device (22) is installed on the vehicle (20). The operation permission control device (22) incorporates a relay inserted in the middle of a start signal line (47) connecting a key switch (46) and vehicle start circuit (48) (starter relay of an engine-powered vehicle or main controller of a battery-powered vehicle) and can open and close the start signal line (47). The operation permission control device (22) reads data of a authentication card (34) carried by the operator, collates the read data with preprogrammed data in a removable set memory a (32). If the data match, the device connects the start signal line (47) to enable start of the vehicle.

Abstract: An authentication apparatus includes a registration unit that registers authentication information representing a check target, a first authentication unit that authenticates the check target at the entrance of the check target to a first area, a second authentication unit that authenticates the check target at the entrance of the check target to a second area after being authenticated by the first authentication unit, and a detector that detects a check target present in a detection area and expected to be authenticated by the second authentication unit. The second authentication unit retrieves, from the registration unit, registration information of the check target detected by the detector, and authenticates the check target authenticated by the first authentication unit using the registration information.

Abstract: The present invention provides a method and system for verifying and tracking transactional information. In an embodiment of the invention, a system for delivering security solutions is provided that includes at least one of the following: a radio frequency (RF) identification device, an identification mechanism (e.g., a card, sticker), and an RF reader.

Abstract: In one embodiment, providing an endpoint access to a locked target includes receiving a virtual key at a grantee endpoint through a wireless link. The virtual key results from a permission from a grantor endpoint, and is operable to unlock a physical lock of the target. The virtual key is wirelessly transmitted to a management system of the target to unlock the lock.

Abstract: To provide reliable and customized authentication, a parameter to be used in authentication is defined for the operator. A secret which may be stored e.g. in a subscriber identity module is calculated from the operator parameter and a subscriber key. An authentication response is calculated from the secret and the challenge to be used in authentication with a one-way function.