Abstract: A mounted token system is configured to be worn by a wearer as a part of the grieving process. The mounted token system may include a token with an tracking indicator, a token mount, and a server. The token mount includes an anterior segment which includes an anterior opening, and a posterior segment moveable relative to the anterior segment. The token mount is configured to secure the token therein. At least a portion of the token is visible from an anterior side through the anterior opening. The server performs the following steps: present, to a first user via a graphical user interface, an invitation to provide information indicative of the tracking indicator of the token; receive, from the first user, information indicative of the tracking indicator; and store information indicative of the tracking indicator. The token may then be passed to a subsequent wearer, utilizing a new token mount.

Abstract: A second data source may retrieve metadata for one or more versions of a set of versions of a file stored at the first data source. In some examples, the metadata for the one or more versions of the file may include at least an identifier of the file, a timestamp, and a cryptographic signature. In some examples, generation of the cryptographic signature may be based on the identifier of the file, the timestamp, and a cryptographic key. The second data source may identify a set of versions of the file that were uploaded from a trusted data source to the first data source based on a comparison of the cryptographic signature to a computed cryptographic signature. The second data source may then determine a targeted version of the file and retrieve the targeted version of the file from the first data source.

Abstract: Embodiments of the present disclosure provide a wireless communication method, a terminal device, and a network device. The network device can accurately obtain a service- permitted area and a service-prohibited area for the terminal device based on geo-fencing area information, so that the 3rd Generation Partnership Project (3GPP) network can better serve management and control of the terminal device. The wireless communication method includes: receiving, by a terminal mobility management function entity in a core network, indication first information indicating moving of a terminal device into or out of a first area; and determining, by the terminal management function entity, a service processing for the terminal device based on the indication information.

Abstract: Facilitating transfer of data from a first machine and/or computing system to at least a second machine and/or computing system in instances where traditional data transfer methods (such as using a communications network) are not immediately feasible is achieved by identifying a triggering event for physical transport of data, collecting the data to be transported, and transferring the data. Secure transfer of the collected data is achieved via encryption of the collected data.

Abstract: A computer-implemented method for managing operation of an application includes: authenticating a user of the application or a user device associated with a user of the application; and establishing a session with the application and enabling access to the application for the user if the user or the user device is authenticated. The method further includes determining, after the user or the user device is authenticated, whether the user or the user device is or remains present. The method further includes maintaining the session and the enabling of access to the application if it is determined that the user or the user device is or remains present; and terminating the session and disabling access to the application if it is determined that the user or the user device is absent for a predetermined duration.

Abstract: Enterprise and consumer billing allocation for wireless communication device service usage activities is provided. In some embodiments, enterprise and consumer billing allocation for wireless communication device service usage activities includes monitoring a service usage activity of a wireless communication device, and determining an enterprise and consumer billing allocation for the monitored service usage activity. In some embodiments, enterprise and consumer billing allocation for wireless communication device service usage activities includes monitoring a service usage activity of a wireless communication device, and reporting the monitored service usage activity to a network element, in which the network element determines an enterprise and consumer billing allocation for the monitored service usage activity.

Abstract: In one embodiment, a telephony device establishes a pairing connection with a user device. The telephony device disables, based on the pairing connection with the user device, a default screen locking policy of the telephony device. The telephony device polls a screen lock status of the user device to determine whether the user device is locked. The telephony device locks the telephony device when the screen lock status of the user device indicates that the user device is locked.

Abstract: A system comprising: a wireless kill switch and a computer; said wireless kill switch comprising: a housing, a radio transmitter, a microcontroller, an operable button, and a battery; said housing encasing the radio transmitter, the microcontroller, and the battery and allowing for operation of the operable button; the radio transmitter transmitting a continuous service signal to be received by a receiver on said computer and a heartbeat signal generated as a data packet on a first predetermined time basis; wherein said system maintains an operational state upon receipt of the continuous service signal and receipt of the heartbeat signal at a second predetermined time basis; and wherein the system modifies the computer to a different state than the operational state upon omission of the continuous service signal or the heartbeat signal.

Abstract: An access management process orchestration method, an access management governance orchestrator, and a computer program product. One embodiment may comprise receiving a request for accessing a managed resource of an information system, querying an authorization for accessing the resource from an access manager, and in response to the querying of the authorization, requesting an access control policy update to grant the access to the managed resource. Receiving the request, querying the authorization, and requesting the access control policy update may comprise generating a transaction record, and adding the transaction record to a distributed ledger, wherein the distributed ledger simultaneously maintains the transaction record at multiple nodes throughout a network.

Abstract: Methods, apparatus, and computer program products for computing device digital certificates that include a geographic extension are disclosed herein. One method includes a processor managing a digital certificate for a first computing device, in which the digital certificate includes a geographic extension, and populating the geographic extension with a distance value that enables the digital certificate to be validated via the populated geographic extension. Apparatus and computer program products that include hardware and/or software that can perform the methods for computing device digital certificates that include a geographic extension are also disclosed herein.

Abstract: Token generation and management are disclosed, including: generating a token corresponding to a set of user data based at least in part on a token generation policy; storing a mapping between the token and the set of user data; and determining whether to grant a token resolution request associated with the token based at least in part on a token access policy associated with the token and a context parameter associated with the token resolution request.

Abstract: A map obtainable by an agricultural harvester contains regime zones with settings resolvers. A plurality of different target actuator settings corresponding to the geographic location of the agricultural work machine are identified. A regime zone is identified based on the geographic location of the agricultural harvester. One of the plurality of different target actuator settings is selected as a resolved target actuator setting based on the settings resolver corresponding to the identified regime zone and is used to control the agricultural harvester.

Abstract: Systems, methods, and non-transitory computer-readable storage media for using mobile network authentication factors to authenticate a mobile device.

Abstract: Systems and methods are provided for checking many users in to a location using a Bluetooth® low energy (BLE) beacon. The provided systems and methods may allow a BLE beacon to facilitate a check in with a remote server that processes check ins and then disconnect from the device used to check in. The device may be assigned a unique identifier that may be broadcast from the device during the check in so that the BLE beacon can quickly scan for the identifier and connect with the device based on the identifier to provide content and other information to the device.

Abstract: A determination system includes: a memory; and a processor coupled to the memory and programmed to execute a process comprising: acquiring location data representing a location of one or more user devices including a first sensor; searching for one or more public devices that is at a location corresponding to the location of the user device and that includes a second sensor having a same function as that of the first sensor included in the user device; requesting the user device to measure using the first sensor to acquire measurement data of the first sensor; acquiring measurement data of the second sensor included in the public device; and determining whether a user of the user device is legitimate based on a result of matching the measurement data of the first sensor with the measurement data of the second sensor.

Abstract: The present technology relates to an information processing apparatus, an information processing method, and a program that allow a sensing time of a sensor to be easily and accurately determined. An information processing apparatus includes a control circuit that outputs a control signal for controlling a sensing timing of a sensor, a counter that updates a counter value in a predetermined cycle, and an addition circuit that adds, to sensor data output from the sensor, sensing time information including a first counter value, a second counter value, and a GNSS (Global Navigation Satellite System) time in a GNSS. The first counter value is obtained when the control signal is output from the control circuit, and the second counter value is obtained when a pulse signal synchronous with the GNSS time is output from a GNSS receiver. The present technology can be applied to, for example, a vehicle-mounted camera.

Abstract: A personal digital key (e.g., which can be carried by a human) contains a memory having different service blocks. Each service block is accessible by a corresponding service block access key. As the personal digital key (PDK) moves around, it is detected by sensors. The sensors report position data, thus enabling location tracking of the PDK. The sensors also provide a data path to various applications. An application that has access to a service block access key can therefore access the corresponding service block on the PDK. The sensors themselves may also contain service block access keys.

Abstract: Systems and processes for operating an intelligent automated assistant are provided. In one example process, a spoken user input, including at least a spoken message and an identity of an intended recipient, is received. After storing the spoken message and the recipient identity, if a user becomes proximate to a first electronic device and the identity of the user is determined to match the recipient identity, the spoken message is provided to the user at the first electronic device.

Abstract: A transaction authentication system authenticates a transaction by determining whether a mobile device and POS device involved in the transaction are at the same location. A POS registry stores location data for POS devices. A PAN registry stores mobile device IDs corresponding to account numbers. A mobile device ID can be provided from the PAN registry in response to receiving an account number from a POS device. The mobile device ID can then be used to retrieve location information from a home location register maintained by a mobile service provider. The retrieved location data for a POS device and the retrieved location data for a mobile device are compared.

Abstract: The number of operational errors where a user unintentionally logs in as another user in quick login is reduced.

Abstract: The present disclosure relates to a router, a method for a router, a computer readable medium and an apparatus. A router is provided, comprising: a memory having instructions stored thereon; and a processor configured to execute the instructions stored on the memory to cause the router to: receive a request from a first client device to access a graphical user interface (GUI) of the router; determine whether the first client device is a trusted device according to a physical address of the first client device; and based at least on the determination that the first client device is a trusted device, allow the first client device to access the GUI of the router without entering a password.

Abstract: A use right information processing apparatus securely manages a use right without using an authentication server and appropriately allowing a valid user to use a device. The apparatus performs processing related to authentication and authorization for a user to use a device to be controlled using a smart contract. The apparatus stores authentication data shared with a user terminal used by the user and having a different value for each process, receives signature data generated in the user terminal by signing the authentication data using a secret key corresponding to the user, derives a public key corresponding to the secret key from the signature data and the authentication data using an elliptic curve digital signature algorithm, and obtains, using the public key or corresponding identification information, information regarding a use right of the device of the user recorded in advance in association with the public key or the identification information.

Abstract: Described herein are systems, methods, and software to manage private networks for computing elements. In one example, a computing element may obtain credential information associated with a user and generate a public-private key pair for the computing element. The computing element may further communicate the public key from the pair with metadata to a coordination service to register the computing element at the coordination service. Once registered, the computing element may receive communication information associated with one or more other computing elements that permit the computing element to communicate with the other computing elements.

Abstract: A second data source may retrieve metadata for one or more versions of a set of versions of a file stored at the first data source. In some examples, the metadata for the one or more versions of the file may include at least an identifier of the file, a timestamp, and a cryptographic signature. In some examples, generation of the cryptographic signature may be based on the identifier of the file, the timestamp, and a cryptographic key. The second data source may identify a set of versions of the file that were uploaded from a trusted data source to the first data source based on a comparison of the cryptographic signature to a computed cryptographic signature. The second data source may then determine a targeted version of the file and retrieve the targeted version of the file from the first data source.

Abstract: A pay television satellite broadcast includes validation data that can be used to validate authenticity of live global positioning system (GPS) data. The validation data may be included within entitlement messages and encrypted for security and selective reception by authorized receivers. A navigation system may compute checksums of received live GPS data and compare with the validation data for a match. A decision about whether or not to use the live GPS data may be taken based on whether or not the computed checksums match the validation data received via the pay television satellite broadcast signals.

Abstract: An object security system comprising a data store storing a document, a processor, and a memory coupled to the processor. The object security system comprises a set of computer instructions executable to provide a user interface to a user, the user interface having controls to allow the user to provide a geo-lock definition for the document, receive the geo-lock definition and assert a geo-lock on the document in the data store based on the geo-lock definition. The geo-lock is enforceable to allow access to the document based on a determination that a target geographic location associated with the document is an allowed location specified by the geo-lock and enforceable to take an action based on a determination that the target geographic location associated with the document is not the allowed location specified by the geo-lock.

Abstract: The disclosed embodiments generate a plurality of anomaly detector configurations and compare results generated by these anomaly detectors to a reference result set. The reference result set is generated by a trained model. A correlation between each result generated by the anomaly detectors and the result set is compared to select an anomaly detector configuration that provides results most similar to those of the trained model. In some embodiments, data defining the selected configuration is then communicated to a product installation. The product installation instantiates the defined anomaly detector and analyzes local events using the instantiated detector. In some other embodiments, the defined anomaly detector is instantiated by the same system that selects the anomaly detector, and thus in these embodiments, the anomaly detector configuration is not transmitted from one system to another.

Abstract: The present disclosure is directed to systems and methods for first hop security in a multi-site and multi-vendor cloud. The method may include receiving, at a first hop security (FHS) device located within a defined security perimeter, a message from a first host; validating a security of the message; signing the message with a signature to prove validation of the message, the signature comprising at least a Crypto-ID Parameters Option (CIPO) and a Neighbor Discovery Protocol Signature Option (NDPSO); and transmitting the signed message to one or more network FHS devices within the security perimeter.

Abstract: In an approach for enabling multiple users to make e-commerce purchases from interactive advertisements using wearable device gestures, a processor identifies a wearable device attempting to pair with a smart display. A processor verifies a user wearing the wearable device is an authenticated user. A processor detects a gesture made by the user based on a sensor of the wearable device. A processor identifies an action the gesture is mapped to. A processor determines whether the user is authorized to complete the action mapped to the gesture detected. Responsive to determining that the user is authorized to complete the action mapped to the gesture, a processor completes the action the gesture is mapped to.

Abstract: In certain embodiments, a distance threshold may be adjusted, and authentication may be performed based on the adjusted distance threshold. In some embodiments, an authentication request from a first user device associated with a user may be received. First location information of the first user device and second location information of a second user device may be obtained. A distance between the first and second user devices may be determined based on the first and second location information. A distance threshold may be adjusted based on whether such location information is obtained over the same wireless network, whether such information is obtained over a public wireless network, whether an IP address from which such location information is obtained matches a stored IP address, or other criteria. The user may be authenticated based on a comparison of the distance to the adjusted distance threshold.

Abstract: Briefly, example methods, apparatuses, and/or articles of manufacture are disclosed that may be implemented, in whole or in part, using one or more processing devices to facilitate and/or support participation in computing activities by multiple parties having limited mutual trust. In one embodiment, computation may occur in a secure processing environment (SPE) while one or more untrusted parties reside outside of the SPE.

Abstract: Systems and methods are provided for checking many users in to a location using a Bluetooth® low energy (BLE) beacon. The provided systems and methods may allow a BLE beacon to facilitate a check in with a remote server that processes check ins and then disconnect from the device used to check in. The device may be assigned a unique identifier that may be broadcast from the device during the check in so that the BLE beacon can quickly scan for the identifier and connect with the device based on the identifier to provide content and other information to the device.

Abstract: In an aspect of the present disclosure, there is provided a method of transmitting a vehicle-to-pedestrian (V2P) message. The method may comprise checking whether a timer is running, generating and storing an identifier when the timer is not running, encoding a personal safety message (PSM) according to a predetermined method and storing the encoded PSM as a lead V2P message and transmitting the generated identifier and the lead V2P message.

Abstract: In a motor vehicle accident data memory and method of operating it, a reference time is determined by a satellite navigation system, and a system time is synchronized with the reference time. When an accident is detected, accident data and the system time are recorded in a non-volatile memory.

Abstract: The present disclosure discloses a remote login processing method, apparatus, device and storage medium for an unmanned vehicle, and relates to the technical field of remote control. The implementation method of the specific method includes: sending a login request to an unmanned vehicle terminal through a first communication channel in response to a the login request received from an operator, and waiting to receive a reply instruction returned by the unmanned vehicle terminal; returning the reply instruction to the operator through the second communication channel in response to the reply instruction received from the unmanned vehicle terminal, so that the operator logs in the unmanned vehicle terminal according to the reply instruction, where there is a persistent connection state that unidirectionally authenticated between the second communication channel and the unmanned vehicle terminal.

Abstract: The present disclosure relates to a system and method for controlling data interception in a communication network. One or more requests from a user for accessing one or more microservices are received through an Application Programming Interface (API). Information associated with one or more requests is the detected and requests are classified as secured microservice request and non-secured microservice request. The information is detected through predefined rules. Authentication token is then issued for secured microservice based on the detecting. The authentication token stores information detected by the detector in a geo storage system. The one or more requests are then routed according to the authentication token towards one or more corresponding microservices of the one or more microservices.

Abstract: A method for monitoring an unmanned aerial vehicle (UAV) includes a processor generating a datagram based on monitoring data for a UAV-detector communication between the UAV and one or more detectors. The monitoring data indicates at least one of a location of the UAV or a location of a control station in communication with the UAV. The method further includes the processor encrypting working data for a UAV-control station communication between the UAV and the control station using an encryption key known to the control station but now known to the one or more detectors, and a transmitter transmitting the datagram along with encrypted working data. The datagram is to be received by the one or more detectors and the encrypted working data is to be received and deciphered by the control station using the encryption key.

Abstract: To effectively and efficiently provide control information, a broadcast pointer channel (BPCH) may be used to identify the type and perhaps relative location of control information that is being provided in a given frame structure, such as a sub-frame, frame, or superframe. A sub-frame (or like framing entity, such a frame or superframe) may have a BPCH and a corresponding system control information segment in which control information may reside. The system control information segment may have any number of control information blocks, wherein each control information block that is present may correspond to a particular type of control information. The BPCH is used to identify the type of control information that is present in a corresponding system control information segment, and if needed or desired, the relative locations of the various control information.

Abstract: Disclosed are a terminal verification method, an AP device, a terminal and a system, wherein the AP device is an encrypted AP device. The method comprises: receiving a connection request sent by a first terminal, wherein the connection request comprises identification information of the first terminal; querying an authorization list according to the identification information of the first terminal, wherein the authorization list includes identification information of terminals located within a preset password-free range; and returning an authorization response to the first terminal when the authorization list includes the identification information of the first terminal, wherein the authorization response is used for instructing the first terminal to establish a network connection with the AP device.

Abstract: A pay television satellite broadcast includes validation data that can be used to validate authenticity of live global positioning system (GPS) data. The validation data may be included within entitlement messages and encrypted for security and selective reception by authorized receivers. A navigation system may compute checksums of received live GPS data and compare with the validation data for a match. A decision about whether or not to use the live GPS data may be taken based on whether or not the computed checksums match the validation data received via the pay television satellite broadcast signals.

Abstract: A storage device for providing an improved security function may include a nonvolatile memory device, a position information generator generating first position information indicating a first geographical position of the nonvolatile memory device when an authentication request is input, a user information storage storing user information for accessing the nonvolatile memory device, the user information including second position information, and an access controller obtaining, in response to an authentication request provided from an external host, the first position information from the position information generator, and disposing of data stored in the nonvolatile memory device depending on whether the second position information included in the user information matches the first position information.

Abstract: According to one embodiment, a method, computer system, and computer program product for managing access to one or more protected web resources based on the location of an approver is provided. The present invention may include granting the requestor access to the protected web resource based on one or more access requirements being met, wherein at least one access requirement comprises a location of one or more authorization devices corresponding with one or more approvers being within a threshold distance of a computing device of a requestor requesting a protected web resource.

Abstract: An information processing system includes an authentication server, a proxy authentication terminal, and an information processing device. The authentication server is connected to a wide-area line located outside a prescribed area, has an authentication privilege, and issues an authentication code. The proxy authentication terminal is connected to the authentication server through the wide-area line, has a proxy authentication privilege which serves as a proxy for the authentication privilege, and issues a proxy authentication code. The information processing device is connected to the proxy authentication terminal through a local-area line located within the prescribed area, receives the proxy authentication code from the proxy authentication terminal, and instructs processing of a job.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for proximity-based access. In some implementations, a computing device detects an attempt to access the computing device while the computing device is in a secured state. In response to detecting the attempt to access the computing device, the computing device sends a first message to a server system over a network. After sending the message, the computing device receives a second message from the server system over the network, the second message comprising authentication data for the computing device. The computing device determines that a mobile device that was previously designated as an authentication factor for accessing the computing device is located within a predetermined level of proximity of the computing device, and the computing device grants access to the computing device.

Abstract: An antenna direction adjustment apparatus (10) according to the present invention includes: auxiliary unit (14) for an adjustment of a direction of an antenna; acquisition unit (11) configured to acquire first information related to a first radio communication apparatus, and second information related to a second radio communication apparatus configured to perform opposite radio communication with the first radio communication apparatus; determination unit (12) configured to determine whether a use license of the auxiliary unit (14) is valid based on a combination of the first information and the second information; and instruction unit (13) configured to provide an instruction to operate the auxiliary unit (14) when it is determined that the use license is valid. This configuration makes it possible to provide an antenna direction adjustment apparatus capable of appropriately limiting an adjustment of a direction of an antenna by a license.

Abstract: Systems, methods, and computer-readable media for performing a cloud-based authentication of a mesh point are described. A mesh point can send out a probe request that includes information indicating that the mesh point has entered a cloud-based porting mode. Upon receiving the probe request, the mesh portal sends an authentication request to a cloud system. The cloud system returns an authentication response indicating whether the mesh point has been authenticated. If successfully authenticated, the cloud system or a device forming part of the mesh deployment such as a virtual controller pushes the mesh configuration to the mesh point. In this manner, a mesh point can be configured with the correct mesh configuration without having to first push the mesh configuration to the mesh point at a common staging location and then physically move the mesh point to its serving location, as is the case in conventional mesh deployments.

Abstract: Techniques are provided for automated key management for accessing remote devices using single sign-on techniques. One method comprises maintaining a data record identifying target user devices that a given source user device is authorized to access; and initiating storage of a public key of the given source user device in a file of at least one target user device, wherein the given source user device accesses the at least one target user device using a secure remote connection protocol based on the public key of the given source user device stored in the file of the at least one target user device. The data record may further comprise a fingerprint of a key of the at least one target user device, and the method may further comprise comparing a fingerprint of the key returned by the at least one target user device to the fingerprint of the key obtained from the data record.

Abstract: Disclosed embodiments provide for detection of fraudulent electronic security tokens. A compromised private key allows forgery of electronic security tokens, which then allow access to computer resources. Some embodiments track sequence numbers issued by a token issuing authority and are then able to predict sequence numbers issued by the token issuing authority going forward. Some embodiments also determine validity of a token based, at least in part, on a service or client attempting to access resources using the token. For example, some of the disclosed embodiments maintain reputation data for clients or services utilizing electronic tokens, and make determinations on whether a token is likely valid based on the client or services reputation.

Abstract: The technology disclosed herein provides an enhanced cryptographic access control mechanism that uses a cryptographic keys that are based on proximity data. An example method may include: determining proximity data of a computing device; transforming the proximity data in view of conversion data associated with the computing device, wherein the conversion data causes a set of alternate proximity data values to transform to a specific cryptographic value; creating, by a processing device, a cryptographic key in view of the transformed proximity data; and using the cryptographic key to enable access to a protected resource.

Abstract: The proposed technology generally relates to interworking and integration of different radio access networks, and more specifically to carrier aggregation between different radio access networks such as a cellular radio access network, e.g. a 3GPP network, on one hand and a WLAN network such as Wi-Fi, on the other hand. Such tight interworking/aggregation of radio access networks puts new requirements on efficient handling of authentication and security aspects. The proposed technology provides methods, and corresponding network nodes, computer programs, carriers comprising such computer programs, and computer program products as well as arrangements to support carrier aggregation between different radio access networks.