Abstract: A method, apparatus and computer program product are provided to facilitate the identification of one or more media files stored on respective ones of a plurality of user devices. In the context of a method, a current context is determined. The method also automatically identifies one or more media files stored on respective ones of a plurality of user devices based upon a relationship between a context associated with the respective media file and the current context. The method also causes the one or more media files to be transferred to an output device for presentation. A corresponding apparatus and computer program product are also provided.

Abstract: A mobile device detects its location and other devices in proximity to the mobile device. When the device is in an untrusted location, or is in physical proximity to an untrusted device, the mobile device ensures existing security and authentication mechanisms are in place, and may additionally require enhanced security measures on the device. In addition, the device may modify its functionality based on the mobile device being in an untrusted location or in physical proximity to an untrusted device.

Abstract: A mobile device detects its location and other devices in proximity to the mobile device. When the device is in an untrusted location, or is in physical proximity to an untrusted device, the mobile device ensures existing security and authentication mechanisms are in place, and may additionally require enhanced security measures on the device. In addition, the device may modify its functionality based on the mobile device being in an untrusted location or in physical proximity to an untrusted device.

Abstract: A method operates a server that is coupled to a network controlling door actuators at physical geo-locations. The server receives through a wireless communication network a request to enable physical access at a portal using a secure channel and a geo-location estimate from a mobile device. A circuit of the mobile device receives radio signal magnitude, phase, and power from at least one transmitter and authentication input from a user interface. Dual secured communications paths protect the server on its separately provisioned request channel and actuator command channel. Each legacy electronically controlled access portal is enabled to support smartphones without installing a replacement multi-band radio frequency reader at the geo-location.

Abstract: A client device bootstraps against a trusted server by obtaining an activation code that includes an identifier and a one time password. The client device sends a message to a public server requesting an address of a trusted server associated with the identifier. The client device receives the address of the trusted server from the public server and initiates a communication session with the trusted server at the address provided by the public server. The one time password is used as a shared secret to secure the communication session. The client device downloads cryptographic information from the trusted server.

Abstract: Embodiments relate to methods and systems for managing media content distribution rights to a media client on a craft to ensure that the distribution of media content items is consistent with media content distribution rights.

Abstract: A method of sorting and displaying data on a portable electronic device includes: determining geographical coordinates of the portable electronic device, providing search criteria to the portable electronic device, performing a search in a database based on the search criteria resulting in a list of database records, determining a search area of the portable electronic device and displaying selected records from the list of database records on a display screen of the portable electronic device. Each of the selected records is located within a search radius, which originates at the geographical coordinates of the portable electronic device, and within the search area, which is determined based on a pointing direction of the portable electronic device.

Abstract: Systems and methods may be provided for constructing and deconstructing encoded messages. A method for constructing an encoded message comprising: providing an unencoded message having one or more unencoded characters; identifying one or more suitable human-readable phrases indexed from one or more codebooks wherein characters from extended character sets are mapped to standard characters having similar appearances to the characters from the extended character sets to create one or more human-readable phrases; selecting a suitable human-readable phrase from the one or more codebooks; and generating an encoded message by mapping the unique and repeating characters of the unencoded messages to the extended character set provided by the selected human-readable phrase. Corresponding systems, and computer system products may be provided.

Abstract: Disclosed herein is a method for detection of a cyber-threat to a computer system. The method is arranged to be performed by a processing apparatus. The method comprises receiving input data associated with a first entity associated with the computer system, deriving metrics from the input data, the metrics representative of characteristics of the received input data, analyzing the metrics using one or more models, and determining, in accordance with the analyzed metrics and a model of normal behavior of the first entity, a cyber-threat risk parameter indicative of a likelihood of a cyber-threat. A computer readable medium, a computer program and a threat detection system are also disclosed.

Abstract: Disclosed are various embodiments for determining whether a client device is authorized to receive media content based at least in part on the call signs of broadcast stations that the client device is able to receive. A computing device receives a broadcast station identifier and a program identifier from a client computing device. The computing device determines that the client computing device is authorized to access media content identified by the program identifier based at least in part on the broadcast station identifier. Finally, the computing device streams the media content to the client computing device in response to determining that the client computing device is authorized to access the media content.

Abstract: Systems and methods are provided for checking many users in to a location using a Bluetooth® low energy (BLE) beacon. The provided systems and methods may allow a BLE beacon to facilitate a check in with a remote server that processes check ins and then disconnect from the device used to check in. The device may be assigned a unique identifier that may be broadcast from the device during the check in so that the BLE beacon can quickly scan for the identifier and connect with the device based on the identifier to provide content and other information to the device.

Abstract: A method and associated system. Before allowing a user to use a secured resource, a first security check may be performed with respect to the user and/or the secured resource to determine whether a first security condition is satisfied. In response to a first security condition being satisfied, allowing the user to use the secured resource. In response to failing to satisfy the at least one first security condition, performing a second security check on the user with a second security condition. In response to passing a second security condition, allowing the user to use the secured resource. The first security condition may include a dynamic evaluation of at least one available data point to calculate a projected security risk of the user using the secured resource and the level of complexity of the second security condition may be set based on the calculated projected security risk.

Abstract: A route learning system for a vehicle and a method of using the system is described. The method includes: in response to determining that a current location matches a historical location, retrieving from memory false alert geotag that includes historical path data; and based on determining that a currently-predicted path does not match the historical path, replacing the currently-predicted path with the historical path to mitigate a false warning to a driver of a host vehicle.

Abstract: A control device performs an admissions control process with a first device to determine whether the first device is authorized to communicate over the communication fabric that supports memory semantic operations.

Abstract: In accordance with an embodiment, described herein is a system and method for supporting interceptors in an application server environment. The method can provide, at one or more computers, including an application server environment executing thereon, a plurality of deployable resources which can be used within the application server environment, one or more partitions, wherein each partition provides an administrative and runtime subdivision of a domain, and an interceptor framework, the interceptor framework comprising a plurality of interceptors. The method can further select and trigger, on a call for a method invocation, an interceptor chosen from the plurality of interceptors. The method can interrupt, by the triggered interceptor, the call for the method invocation, wherein the interceptor is selected based at least upon the call for a method invocation.

Abstract: A transmission system includes a multiplexing apparatus and a message authentication code generating apparatus. The multiplexing apparatus multiplexes MMTP packets for video data and audio data to be transmitted to generate multiplexed data. The message authentication code generating apparatus generates a message authentication code in accordance with a message authentication scheme, using data except for at least either a time stamp or a packet counter in the MMTP packet included in the multiplexed data. The message authentication code generating apparatus adds the message authentication code to the MMTP packet.

Abstract: An apparatus and method are provided for implementing one or more security services to messages and data being communicated between a first network and a second network. In particular, a network bridge device is provided for applying communications security services to data passing by means of the device from a first network to a second network, the device having a first network interface for linking to the first network, a second network interface for linking to the second network, and a unidirectional link between the first and second network interfaces within the device incorporating a first hardware logic module, configured to apply one or more predetermined data security functions to message data received via the first network interface, and a second hardware logic module, arranged to apply a predetermined scheme for authentication of the source of messages passing through the device.

Abstract: A method, electronic device, and non-transitory computer-readable medium for establishing graphical authentication on an electronic device are disclosed. The method comprises: receiving a first user input corresponding to an image, the image comprising a plurality of points of interest; receiving a second user input corresponding to a selected point of interest in the plurality of points of interest in the image; receiving a third user input corresponding to a selected password element; and storing the selected image, the selected point of interest, and the selected password element in association with a user authentication profile in a memory of the electronic device.

Abstract: A system and method is provided to determine location information of a portable computing device and, in particular, to a secure and scalable system and method of decoupling and exposing handset originated location information to third parties. The system includes a location platform to determine location information of a remote user, and an encryption service configured to secure the location information of the remote user and send the secure location information to a content provider.

Abstract: An emergency alert system, method device are disclosed. The invention employs an emergency alert message, which directs end users to take some particular action like evacuating an identified geographic area. The invention further employs a geographic area message, which is based on a particular geographic area within which all persons should receive the emergency alert message. The invention utilizes an emergency alert enabled device that receives both the emergency alert message and the geographic area message. The emergency alert enabled device determines whether it is located within the geographic area of concern, and if so, presents the emergency alert message to the end user.

Abstract: The present disclosure provides user-interface methods and systems for submitting search requests to search engines and presenting search results therefrom customized using content preferences learned about a user, comprising sending query information to at least two search engines, including a query identifying desired content, and user information, including context information describing the environment in which the query information is being sent, and a user signature representing content preferences learned about the user; receiving at least one set of a search result and auxiliary information from the at least one search engine in response to sending the query information, including information describing attributes of the search result that led to the search result being chosen by the at least one search engine; ordering the at least one search result based at least in part on the auxiliary information; and presenting the ordered search results to the user.

Abstract: A method of network connection control for mobile terminals, includes: classifying network access points accessible to a mobile terminal according to their security levels, and applications of the mobile terminal according to the security level of the networks that the applications are allowed to connect to; setting applications of different security level to connect to the network through access points at corresponding security levels; setting the security level of each network access point and application of the mobile terminal; and searching the security level of the application and the security levels of the network access points that the application is allowed to connect to.

Abstract: An active data push system comprising a plurality of human-detection devices and a management system is presented. The human-detection devices respectively send a trigger signal when detecting a human entrance into one of a plurality of zones. The management system recognizes the zone detected with the human entrance when receiving the trigger signal, and retrieves a basic data of each electronic device installed in the recognized zone, and transmits the retrieved basic data to a mobile device held by the human.

Abstract: Various examples for controlling resources used by client devices are disclosed. A management application executing in at least one computing device can identify client devices executing an instance of a client application that are available for management, where the client application is configured to control at least one function of a respective one of the client devices. A mode of operation can be changed on the at least one computing device where at least one resource is shared with the client devices, such as on a display of the client devices. Through communication between the management application and the client application executing on individual ones of the client devices, access to the at least one function can be restricted while the at least one resource is shared with the plurality of client devices.

Abstract: A method for preventing unauthorized access to and/or modification of a page of a device and/or system according to one embodiment includes presenting a question via a graphical user interface; receiving a response to the question; allowing access to and/or modification of the page when the response to the question includes the answer; and not allowing access to and/or modification of the page when the response to the question does not include the answer. An answer to the question includes a characteristic of the device and/or system.

Abstract: Systems and methods for providing accelerated passphrase verification are disclosed. In one embodiment, a method includes receiving a full security string, generating a full security string hash code, storing the full security string hash code in a memory, determining at least one substring based on an entropy value associated with one or more leading characters in the full security string, generating at least one substring hash code and at least one corresponding character count value, such that the corresponding character count value equals a number of characters in the at least one substring, and storing the at least one substring hash code and the at least one corresponding character count value in the memory.

Abstract: A method for authenticating a user device by an authentication computing device is provided. The method includes generating, using the authentication computing device, a locked data file for use in authenticating a user device enrolled in an authentication service, the locked data file is configured to process a challenge and generate a challenge response. The method further includes transmitting the locked data file from the authentication computing device to a first user device as part of the first device enrolling in the authentication service, receiving, at the authentication computing device, an authentication request, generating, using the authentication computing device, the challenge based on the authentication request, transmitting the challenge from the authentication computing device to the first user device, and receiving, at the authentication computing device, the challenge response from the first user device to authenticate the first user device.

Abstract: Unlocking an electronic device includes displaying a lock screen containing a simulated parallaxing three-dimensional scene on a touch screen of the electronic device; receiving user input gestures on the touch screen; parallaxing the displayed scene in accordance with the input gestures; and determining if the input gestures satisfy input requirements to unlock the electronic device and, if so, unlock the electronic device.

Abstract: In one aspect, a method of mutual certificate authentication between a first device and a second device based on location is described. This embodiment of a method comprises receiving a request from a first device, wherein the request comprises a location of the first device; registering a first public key for the first device in response to the request, wherein the registration associates the first device with the first public key; determining at least one second device that can be accessed by the first device based upon a location of the second device relative to the location of the first device; registering a second public key for the second device, wherein the registration associates the second device with the second public key; sending the second public key to the first device; sending the first public key to the second device; and mutually authenticating the first device to the second device when the first device and the second device are connected.

Abstract: A method for securely configuring a customer premise equipment in a network. The network including a configuration server, a DHCP server, and the customer premise equipment. The method includes receiving a request from the customer premise equipment for leasing an Internet Protocol (IP) address to the customer premise equipment. The method further includes embedding at least a portion of a Media Access Control (MAC) address of the customer premise equipment into the IP address leased to the customer premise equipment. The method includes leasing the IP address to the customer premise equipment. Further, the method enables authentication of customer premise equipment, before providing configuration to the customer premise equipment. The method includes use of characteristic attributes of the customer premise equipment to generate cryptographic keys for secure connection.

Abstract: A computer-implemented method is described for authenticating an identity of a user requesting execution of a computerized transaction via a first client computing device. The first device and a second client computing device in proximity each execute applications for communicating with a server. The first and second devices contemporaneously capture voice sequences including at least one audible sound vocalized by the user, and a timestamp indicating when the sound is captured. The identity of the user is validated based upon a determination that the user vocalized the pass phrase, and a difference between the first timestamp and the second timestamp is below a predetermined threshold. The first device executes a computerized transaction with the server computing device upon receiving validation of the identity of the user.

Abstract: Systems, methods, and non-transitory computer-readable storage media for using mobile network authentication factors to authenticate a mobile device.

Abstract: Methods, systems, and devices for updating access permissions of users in an access control system are described. The access permissions are capable of being updated based on rules and thresholds that include as at least one variable presence or contextual information associated with a user. The presence or contextual information associated with a user may be analyzed to trigger a credential update process for that user or other users within the access control system.

Abstract: A method for analyzing side-channel leakage of an application running on a device including loading the application on a system comprising a device simulator, wherein the application is configured to accept public inputs and secret inputs and selecting a set of public inputs. The method includes, for each public input in the set of public inputs, executing the application on the system comprising the device simulator based on a respective public input and a first value for a secret input and extracting first intermediate values for the simulated device, and executing the application on the system based on the respective public input and a second value for the secret input and extracting second intermediate values for the simulated device. The method includes determining an amount of dependency of a location of the simulated device on the secret input based on a plurality of the first and second intermediate values.

Abstract: Various embodiments are directed to techniques for employing a camera to receive multiple light transmissions conveying at least identifying data from multiple body-carried devices to enable locations of those devices within a venue to be determined and transmissions to individual ones of those devices to be made. An apparatus to communicate via light transmissions includes an analysis component to analyze a set of consecutively captured frames of a portion of a venue to determine whether a light source present in at least a predetermined number of the consecutively captured frames is a light transmission from a body-carried device located within the portion of the venue, and to demodulate the light transmission to retrieve an identification (ID) data associated with the body-carried device from the light transmission; and a communications component to employ the ID data to wirelessly transmit a command to the body-carried device. Other embodiments are described and claimed.

Abstract: A storage device includes a memory including a first storage area configured to store area information that indicates a geographical area, and a second storage area configured to store data, and a processor coupled to the memory and configured to append data storage information, which indicates a location of the storage device, to the data to be stored in the second storage area, and allow a piece of the data stored in the second storage area to become available, the piece having the data storage information indicating that the location of the storage device falls within an area indicated by the area information, while the storage device is located within the area indicated by the area information.

Abstract: Smart M2M devices may be utilized to discover, generate, develop, and use customer behavior information. Security, marketing, and sales may be made through the use of short-range communication mechanisms, and customer behavior information may be gathered while providing devices with product information and other content. In an example configuration, smart M2M devices may determine the location of a device in a venue and compare it to historical location information associated with the device to determine whether authentication should be requested.

Abstract: An information processing apparatus operable in a first power state and a second power state includes a noncontact communication unit configured to be driven by power of a radio wave from a mobile terminal and to communicate with the terminal, a storage unit configured to store data necessary for authentication, which the noncontact communication unit has received from the terminal in the second power state, a control unit configured to recover, when the noncontact communication unit receives data from the terminal in the second power state, the information processing apparatus from the second power state to the first power state, and a transmission unit configured to transmit, after the information processing apparatus has been recovered to the first power state by the control of the control unit, the data necessary for authentication stored in the storage unit to an authentication unit.

Abstract: In some embodiments, an electronic device organizes and selectively grants access to its authorization with a primary content provider to applications downloaded on the electronic device for viewing content from secondary content providers. In some embodiments, an electronic device prompts a user to download applications associated with a primary content provider in response to the user authorizing the electronic device with the primary content provider.

Abstract: Techniques are described for controlling data and resource access. For example, methods and systems can facilitate controlled token distribution across systems and token processing in a manner so as to limit access to and to protect data that includes access codes.

Abstract: Various methods and systems for authenticating and identifying stylus devices are described herein. In one example, a method includes receiving a value generated by the stylus device during an initialization stage. The method includes receiving a code generated from the stylus device during an authentication stage. The method also includes cryptographically authenticating an author of digital ink corresponding to the stylus device on a computer device based in part on the value and the received code.

Abstract: Systems, apparatuses, and methods for secure beacon authentication via mobile devices are disclosed. In some example embodiments, a verification element comprises: a memory storing a plurality of non-repeated verification codes; a wireless broadcast element; and a processing circuit electronically coupled to the memory and the wireless broadcast element, the processing circuit being configured to retrieve one of the non-repeated verification codes from the memory and to transfer the non-repeated verification code to the wireless broadcast element, the wireless broadcast element being configured to wirelessly broadcast the non-repeated verification code to a plurality of mobile devices for individual verification of the plurality of mobile devices, the non-repeated verification code being different than any other non-repeated verification code previously retrieved from the memory and used for individual verification of the plurality of mobile devices.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for exploring information by topic. One of the methods includes determining, from a user input, a topic; selecting a first node from a plurality of nodes, wherein the first node is a collection of data about the topic; providing, for display in a user interface, a first threadlet, wherein the first threadlet includes an instance of the first node and a projection menu that includes a respective link to each of one or more projections, and wherein each of the one or more projections includes one or more threadlets that are instances of nodes that share a relationship to the topic; receiving a user input selecting a particular projection from the one or more projections; and providing, for display in the user interface, a set of threadlets from the particular projection.

Abstract: Provided is a method of playing content stored in a storage device including requesting a conversion of the content to a content service server, receiving content key information and additional information for the conversion of the content from the content service server, and performing the conversion of the content based on the content key information and the additional information.

Abstract: Disclosed is an approach to incorporate geographical access control features for a cloud-based storage platform. This allows, for example, enterprise administrators to define geographical areas (geofences) with arbitrary precision within which content access can be applied to items of data.

Abstract: Systems, apparatuses, and methods for secure beacon authentication via mobile devices are disclosed. In some example embodiments, a verification element comprises: a memory storing a plurality of non-repeated verification codes; a wireless broadcast element; and a processing circuit electronically coupled to the memory and the wireless broadcast element, the processing circuit being configured to retrieve one of the non-repeated verification codes from the memory and to transfer the non-repeated verification code to the wireless broadcast element, the wireless broadcast element being configured to wirelessly broadcast the non-repeated verification code to a plurality of mobile devices for individual verification of the plurality of mobile devices, the non-repeated verification code being different than any other non-repeated verification code previously retrieved from the memory and used for individual verification of the plurality of mobile devices.

Abstract: An information handling system (IHS) performs security policy enforcement using security policy data maintained in an embedded controller, which operates within a privileged environment. The security policy data identifies security policies established for the IHS. The EC is directly connected to a number of sensors from which the EC receives sensor data and to at least one integrated functional device. The EC determines whether the received sensor data fulfills any trigger condition of a security policy. If the received sensor data does not fulfill any trigger condition of a security policy described by the security policy data, the EC continues to monitor sensors for updated sensor data. However, if the received sensor data fulfills any trigger condition of the security policy, the EC performs a security measure that involves enabling, disabling, or resetting one or more of the at least one integrated functional devices that can be disabled.

Abstract: A apparatus and a method for attested sensor data reporting, wherein a challenge is received from an online service; sensor data is read; and a sensor data signature based on the sensor data is created and sent to the online service.

Abstract: Systems and methods of providing spatial security of data stored on a hard disk drive. A method includes associating a user with at least one track and/or sector of the hard disk drive. The method also includes locking the at least one track and/or sector as a default setting. The method additionally includes determining the user has moved into a predefined area. The method further includes unlocking the at least one track and/or sector based on the determining the user has moved into the predefined area.

Abstract: A method for providing a promotion to a user to do commerce at a physical location includes offering a right to a particular piece of digital content to the user as an incentive to a commercial transaction that occurs at least partly at the physical location, discerning that the user is located at the physical location, and in response to the discerning, interacting with the user to provide the digital content to the user on a mobile device associated with the user.