Abstract: An emergency alert system, method device are disclosed. The invention employs an emergency alert message, which directs end users to take some particular action like evacuating an identified geographic area. The invention further employs a geographic area message, which is based on a particular geographic area within which all persons should receive the emergency alert message. The invention utilizes an emergency alert enabled device that receives both the emergency alert message and the geographic area message. The emergency alert enabled device determines whether it is located within the geographic area of concern, and if so, presents the emergency alert message to the end user.

Abstract: The present disclosure provides user-interface methods and systems for submitting search requests to search engines and presenting search results therefrom customized using content preferences learned about a user, comprising sending query information to at least two search engines, including a query identifying desired content, and user information, including context information describing the environment in which the query information is being sent, and a user signature representing content preferences learned about the user; receiving at least one set of a search result and auxiliary information from the at least one search engine in response to sending the query information, including information describing attributes of the search result that led to the search result being chosen by the at least one search engine; ordering the at least one search result based at least in part on the auxiliary information; and presenting the ordered search results to the user.

Abstract: A method of network connection control for mobile terminals, includes: classifying network access points accessible to a mobile terminal according to their security levels, and applications of the mobile terminal according to the security level of the networks that the applications are allowed to connect to; setting applications of different security level to connect to the network through access points at corresponding security levels; setting the security level of each network access point and application of the mobile terminal; and searching the security level of the application and the security levels of the network access points that the application is allowed to connect to.

Abstract: Various examples for controlling resources used by client devices are disclosed. A management application executing in at least one computing device can identify client devices executing an instance of a client application that are available for management, where the client application is configured to control at least one function of a respective one of the client devices. A mode of operation can be changed on the at least one computing device where at least one resource is shared with the client devices, such as on a display of the client devices. Through communication between the management application and the client application executing on individual ones of the client devices, access to the at least one function can be restricted while the at least one resource is shared with the plurality of client devices.

Abstract: An active data push system comprising a plurality of human-detection devices and a management system is presented. The human-detection devices respectively send a trigger signal when detecting a human entrance into one of a plurality of zones. The management system recognizes the zone detected with the human entrance when receiving the trigger signal, and retrieves a basic data of each electronic device installed in the recognized zone, and transmits the retrieved basic data to a mobile device held by the human.

Abstract: A method for preventing unauthorized access to and/or modification of a page of a device and/or system according to one embodiment includes presenting a question via a graphical user interface; receiving a response to the question; allowing access to and/or modification of the page when the response to the question includes the answer; and not allowing access to and/or modification of the page when the response to the question does not include the answer. An answer to the question includes a characteristic of the device and/or system.

Abstract: A method for authenticating a user device by an authentication computing device is provided. The method includes generating, using the authentication computing device, a locked data file for use in authenticating a user device enrolled in an authentication service, the locked data file is configured to process a challenge and generate a challenge response. The method further includes transmitting the locked data file from the authentication computing device to a first user device as part of the first device enrolling in the authentication service, receiving, at the authentication computing device, an authentication request, generating, using the authentication computing device, the challenge based on the authentication request, transmitting the challenge from the authentication computing device to the first user device, and receiving, at the authentication computing device, the challenge response from the first user device to authenticate the first user device.

Abstract: Systems and methods for providing accelerated passphrase verification are disclosed. In one embodiment, a method includes receiving a full security string, generating a full security string hash code, storing the full security string hash code in a memory, determining at least one substring based on an entropy value associated with one or more leading characters in the full security string, generating at least one substring hash code and at least one corresponding character count value, such that the corresponding character count value equals a number of characters in the at least one substring, and storing the at least one substring hash code and the at least one corresponding character count value in the memory.

Abstract: Unlocking an electronic device includes displaying a lock screen containing a simulated parallaxing three-dimensional scene on a touch screen of the electronic device; receiving user input gestures on the touch screen; parallaxing the displayed scene in accordance with the input gestures; and determining if the input gestures satisfy input requirements to unlock the electronic device and, if so, unlock the electronic device.

Abstract: A method for securely configuring a customer premise equipment in a network. The network including a configuration server, a DHCP server, and the customer premise equipment. The method includes receiving a request from the customer premise equipment for leasing an Internet Protocol (IP) address to the customer premise equipment. The method further includes embedding at least a portion of a Media Access Control (MAC) address of the customer premise equipment into the IP address leased to the customer premise equipment. The method includes leasing the IP address to the customer premise equipment. Further, the method enables authentication of customer premise equipment, before providing configuration to the customer premise equipment. The method includes use of characteristic attributes of the customer premise equipment to generate cryptographic keys for secure connection.

Abstract: In one aspect, a method of mutual certificate authentication between a first device and a second device based on location is described. This embodiment of a method comprises receiving a request from a first device, wherein the request comprises a location of the first device; registering a first public key for the first device in response to the request, wherein the registration associates the first device with the first public key; determining at least one second device that can be accessed by the first device based upon a location of the second device relative to the location of the first device; registering a second public key for the second device, wherein the registration associates the second device with the second public key; sending the second public key to the first device; sending the first public key to the second device; and mutually authenticating the first device to the second device when the first device and the second device are connected.

Abstract: Systems, methods, and non-transitory computer-readable storage media for using mobile network authentication factors to authenticate a mobile device.

Abstract: A computer-implemented method is described for authenticating an identity of a user requesting execution of a computerized transaction via a first client computing device. The first device and a second client computing device in proximity each execute applications for communicating with a server. The first and second devices contemporaneously capture voice sequences including at least one audible sound vocalized by the user, and a timestamp indicating when the sound is captured. The identity of the user is validated based upon a determination that the user vocalized the pass phrase, and a difference between the first timestamp and the second timestamp is below a predetermined threshold. The first device executes a computerized transaction with the server computing device upon receiving validation of the identity of the user.

Abstract: Methods, systems, and devices for updating access permissions of users in an access control system are described. The access permissions are capable of being updated based on rules and thresholds that include as at least one variable presence or contextual information associated with a user. The presence or contextual information associated with a user may be analyzed to trigger a credential update process for that user or other users within the access control system.

Abstract: A method for analyzing side-channel leakage of an application running on a device including loading the application on a system comprising a device simulator, wherein the application is configured to accept public inputs and secret inputs and selecting a set of public inputs. The method includes, for each public input in the set of public inputs, executing the application on the system comprising the device simulator based on a respective public input and a first value for a secret input and extracting first intermediate values for the simulated device, and executing the application on the system based on the respective public input and a second value for the secret input and extracting second intermediate values for the simulated device. The method includes determining an amount of dependency of a location of the simulated device on the secret input based on a plurality of the first and second intermediate values.

Abstract: Various embodiments are directed to techniques for employing a camera to receive multiple light transmissions conveying at least identifying data from multiple body-carried devices to enable locations of those devices within a venue to be determined and transmissions to individual ones of those devices to be made. An apparatus to communicate via light transmissions includes an analysis component to analyze a set of consecutively captured frames of a portion of a venue to determine whether a light source present in at least a predetermined number of the consecutively captured frames is a light transmission from a body-carried device located within the portion of the venue, and to demodulate the light transmission to retrieve an identification (ID) data associated with the body-carried device from the light transmission; and a communications component to employ the ID data to wirelessly transmit a command to the body-carried device. Other embodiments are described and claimed.

Abstract: A storage device includes a memory including a first storage area configured to store area information that indicates a geographical area, and a second storage area configured to store data, and a processor coupled to the memory and configured to append data storage information, which indicates a location of the storage device, to the data to be stored in the second storage area, and allow a piece of the data stored in the second storage area to become available, the piece having the data storage information indicating that the location of the storage device falls within an area indicated by the area information, while the storage device is located within the area indicated by the area information.

Abstract: Smart M2M devices may be utilized to discover, generate, develop, and use customer behavior information. Security, marketing, and sales may be made through the use of short-range communication mechanisms, and customer behavior information may be gathered while providing devices with product information and other content. In an example configuration, smart M2M devices may determine the location of a device in a venue and compare it to historical location information associated with the device to determine whether authentication should be requested.

Abstract: An information processing apparatus operable in a first power state and a second power state includes a noncontact communication unit configured to be driven by power of a radio wave from a mobile terminal and to communicate with the terminal, a storage unit configured to store data necessary for authentication, which the noncontact communication unit has received from the terminal in the second power state, a control unit configured to recover, when the noncontact communication unit receives data from the terminal in the second power state, the information processing apparatus from the second power state to the first power state, and a transmission unit configured to transmit, after the information processing apparatus has been recovered to the first power state by the control of the control unit, the data necessary for authentication stored in the storage unit to an authentication unit.

Abstract: In some embodiments, an electronic device organizes and selectively grants access to its authorization with a primary content provider to applications downloaded on the electronic device for viewing content from secondary content providers. In some embodiments, an electronic device prompts a user to download applications associated with a primary content provider in response to the user authorizing the electronic device with the primary content provider.

Abstract: Techniques are described for controlling data and resource access. For example, methods and systems can facilitate controlled token distribution across systems and token processing in a manner so as to limit access to and to protect data that includes access codes.

Abstract: Various methods and systems for authenticating and identifying stylus devices are described herein. In one example, a method includes receiving a value generated by the stylus device during an initialization stage. The method includes receiving a code generated from the stylus device during an authentication stage. The method also includes cryptographically authenticating an author of digital ink corresponding to the stylus device on a computer device based in part on the value and the received code.

Abstract: Systems, apparatuses, and methods for secure beacon authentication via mobile devices are disclosed. In some example embodiments, a verification element comprises: a memory storing a plurality of non-repeated verification codes; a wireless broadcast element; and a processing circuit electronically coupled to the memory and the wireless broadcast element, the processing circuit being configured to retrieve one of the non-repeated verification codes from the memory and to transfer the non-repeated verification code to the wireless broadcast element, the wireless broadcast element being configured to wirelessly broadcast the non-repeated verification code to a plurality of mobile devices for individual verification of the plurality of mobile devices, the non-repeated verification code being different than any other non-repeated verification code previously retrieved from the memory and used for individual verification of the plurality of mobile devices.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for exploring information by topic. One of the methods includes determining, from a user input, a topic; selecting a first node from a plurality of nodes, wherein the first node is a collection of data about the topic; providing, for display in a user interface, a first threadlet, wherein the first threadlet includes an instance of the first node and a projection menu that includes a respective link to each of one or more projections, and wherein each of the one or more projections includes one or more threadlets that are instances of nodes that share a relationship to the topic; receiving a user input selecting a particular projection from the one or more projections; and providing, for display in the user interface, a set of threadlets from the particular projection.

Abstract: Disclosed is an approach to incorporate geographical access control features for a cloud-based storage platform. This allows, for example, enterprise administrators to define geographical areas (geofences) with arbitrary precision within which content access can be applied to items of data.

Abstract: Provided is a method of playing content stored in a storage device including requesting a conversion of the content to a content service server, receiving content key information and additional information for the conversion of the content from the content service server, and performing the conversion of the content based on the content key information and the additional information.

Abstract: Systems, apparatuses, and methods for secure beacon authentication via mobile devices are disclosed. In some example embodiments, a verification element comprises: a memory storing a plurality of non-repeated verification codes; a wireless broadcast element; and a processing circuit electronically coupled to the memory and the wireless broadcast element, the processing circuit being configured to retrieve one of the non-repeated verification codes from the memory and to transfer the non-repeated verification code to the wireless broadcast element, the wireless broadcast element being configured to wirelessly broadcast the non-repeated verification code to a plurality of mobile devices for individual verification of the plurality of mobile devices, the non-repeated verification code being different than any other non-repeated verification code previously retrieved from the memory and used for individual verification of the plurality of mobile devices.

Abstract: An information handling system (IHS) performs security policy enforcement using security policy data maintained in an embedded controller, which operates within a privileged environment. The security policy data identifies security policies established for the IHS. The EC is directly connected to a number of sensors from which the EC receives sensor data and to at least one integrated functional device. The EC determines whether the received sensor data fulfills any trigger condition of a security policy. If the received sensor data does not fulfill any trigger condition of a security policy described by the security policy data, the EC continues to monitor sensors for updated sensor data. However, if the received sensor data fulfills any trigger condition of the security policy, the EC performs a security measure that involves enabling, disabling, or resetting one or more of the at least one integrated functional devices that can be disabled.

Abstract: A apparatus and a method for attested sensor data reporting, wherein a challenge is received from an online service; sensor data is read; and a sensor data signature based on the sensor data is created and sent to the online service.

Abstract: Systems and methods of providing spatial security of data stored on a hard disk drive. A method includes associating a user with at least one track and/or sector of the hard disk drive. The method also includes locking the at least one track and/or sector as a default setting. The method additionally includes determining the user has moved into a predefined area. The method further includes unlocking the at least one track and/or sector based on the determining the user has moved into the predefined area.

Abstract: A method for providing a promotion to a user to do commerce at a physical location includes offering a right to a particular piece of digital content to the user as an incentive to a commercial transaction that occurs at least partly at the physical location, discerning that the user is located at the physical location, and in response to the discerning, interacting with the user to provide the digital content to the user on a mobile device associated with the user.

Abstract: A web system license based on multi-way tree search includes steps of: identifying a requiring URL of each function; using the requiring URL of the function as a mark, writing the mark in a license; encrypting the license for generating a cipher text, and storing the cipher text in a web system; during initializing of the web system, decrypting the cipher text and sending to a memory; establishing a multi-way tree according to a URL of an authorized function in the license; and receiving a requirement for a specific function by the web system, using the requiring URL as a searching value and matching in the multi-way tree; wherein if a corresponding URL is found, the function is authorized and further operation is required until response returning; if the corresponding URL is not found, the requirement is intercepted, and a response is returned.

Abstract: Handling of ELS REQ and RSP packets that contain addresses in the payload is shifted to the edge fabric switches connected to the node devices issuing and receiving the ELS REQ packet, the ingress and egress switches. This allows the ELS REQ and RSP packet payload address modification operations to be removed from the tasks handled by the router processor. As this removes a processing burden from the router processors, those router processors are free to handle other normal operations, thus allowing more processor bandwidth to be provided to those other operations, which allows further growth of the network as one limitation has been removed. The need to replicate or provide commands between switches or routers is avoided as there are no redundant paths at that point.

Abstract: A web service platform to improve end-user engagement in a captive audience environment. Mobile and web-based clients allow application users to authorize and approve usage of entitlements of other users, including their children, based upon preconfigured rules and the proximity between the user requesting and the user approving authorization to use the entitlement.

Abstract: The present invention provides a terminal which includes an an information collection unit configured to acquire subsidiary information added to a current image by a user and collect authentication information relating to the user according to an information hiding command received by the current image, an information processing unit configured to execute the following steps: eliminating the subsidiary information on the current image, and embedding the subsidiary information and the authentication information into a file of the current image from which the subsidiary information is eliminated in a related manner, or eliminating a display identifier of the subsidiary information on the current image, and embedding the subsidiary information, the display identifier, and the authentication information into the file of the current image from which the display identifier is eliminated from in a related manner. The present invention further provides a method for hiding and protecting data information.

Abstract: An image recording apparatus includes: a first communication interface configured to perform communication according to a first communication standard; a second communication interface configured to perform communication according to a second communication standard that is different from the first communication standard and that is a wireless communication standard; an image recorder; and a controller. The controller receives image data and first identification information from an image-data output device via the first communication interface. The controller broadcasts the received first identification information via the second communication interface.

Abstract: Embodiments of a method and apparatus for reducing or eliminating unauthorized access to secured files are generally described herein. In some embodiments, the method includes establishing a connection between a communication portion of the secured file and an authentication agent. The method may include requesting a decryption key from the authentication agent for accessing the secured file on a first computing device. The decryption key may be based on device information retrieved from devices in an authenticated environment of devices. The authenticated environment may be an environment in which the secured the was encrypted. The method may include destroying the secured file subsequent to receiving a message indicating that the requesting has failed.

Abstract: A traffic management device (TMD), system, and processor-readable storage medium are directed to determining that an end-to-end encrypted session has been established between a client and an authentication server, intercepting and decrypting subsequent task traffic from the client, and forwarding the intercepted traffic toward a server. In some embodiments, a second connection between the TMD and server may be employed to forward the intercepted traffic, and the second connection may be unencrypted or encrypted with a different mechanism than the encrypted connection to the authentication server. The encrypted connection to the authentication server may be maintained following authentication to enable termination of the second connection if the client becomes untrusted, and/or to enable logging of client requests, connection information, and the like. In some embodiments, the TMD may act as a proxy to provide client access to a number of servers and/or resources.

Abstract: A system for providing the general public with simplified access to aerial surveillance. The system software initially functions as a viewer, but also provides a path to increase a participant's control. The software architecture is structured to accommodate multiple users simultaneously and minimizes operational down-time by organizing participants into a standby queuing system. The system also provides a step-by-step operator-pilot progression, with built in training and certification modules, to train and qualify a participant for higher levels of control. This progression starts by allowing a participant to remotely track the flight path of a surveillance aircraft, then view its camera feed, operate the camera, and eventually pilot the aircraft. The system in applicable whether the aircraft is manned or unmanned, and incorporates an interrupt mechanism to mitigate undesirable mission parameters.

Abstract: In a general aspect, a computer-implemented method can include receiving, at a computing device, a beacon signal including a vending device identifier and sending, to a cloud-based vending service, the vending device identifier. The method can further include receiving, from the cloud-based vending service, an indication of at least one product available for purchase from the vending device and receiving, at the computing device, an indication of a selected product of the at least one product available for purchase. The method can also include sending, to the cloud based service, a request to purchase the selected product and receiving, from the cloud-based vending service, a purchase token for the selected product. The method can still further include sending, to the vending device, the purchase token and receiving, from the vending device, an acknowledgment that the purchase token has been used to purchase the selected product.

Abstract: In representative embodiments, a geo-fence cryptographic key material comprising a geo-fence description defining a geographic area and associated cryptographic key material is assigned to an entity for use in authenticated communications. The validity of the cryptographic material changes state based on whether the entity is inside or outside the geographic area. This is accomplished in a representative embodiment by suspending the validity of the cryptographic key material when the entity is outside the geographic area and reinstating the validity of the cryptographic key material when the entity is inside the geographic area. A geographic update service determines the validity of the cryptographic material in part using location updates sent by the entity. Entities that are not geo-aware can delegate the location update to a geo-aware device. Encryption can be used to preserve privacy.

Abstract: A system and method is provided to determine location information of a portable computing device and, in particular, to a secure and scalable system and method of decoupling and exposing handset originated location information to third parties. The system includes a location platform to determine location information of a remote user, and an encryption service configured to secure the location information of the remote user and send the secure location information to a content provider.

Abstract: An electronic device having a judging system to facilitate an operation of the electronic device. The judging system includes a searching module for searching MAC addresses of WiFi devices in a presently working environment. A storing module stores the MAC addresses in a data base. A comparing module judges whether the present working environment is a previously encountered environment by comparing the MAC addresses for the present working environment with MAC addresses for the previously encountered environment which have been stored in the data base. A processing module has the electronic device to perform a predetermined function if the present working environment is judged as the previously encountered environment.

Abstract: There is provided a technology for retrieving tourist information based on a user location which makes it easy for the user to retrieve accurate tourist information which she/she truly requires. A user's location on the map is measured and the plurality of reference areas are retrieved from memory storing a plurality of reference areas RA, RB, RC and RD allocated to a plurality of target objects A, B, C and D on the map which are correlated with a plurality of tourist information items, using the measured current location as a search key. A reference area including the measured current location is extracted from plurality of reference areas and tourist information, from plurality of tourist information items corresponds to the extracted reference area is provided to the user. Each reference area is defined by location, shape and size of area reflecting the attributes of corresponding target objects on the map.

Abstract: A device receives a request for a flight path for a UAV from a first location to a second location, credentials for the UAV, and component information for the UAV. The device determines, based on the credentials, whether the UAV is authenticated for utilizing the device and a network, and determines whether the UAV is capable of flight based on the component information and maintenance information. The device calculates, the flight path based on capability information for the UAV and/or other information, and determines whether the UAV is capable of traversing the flight path based on the capability information and/or the other information. The device generates flight path instructions for the flight path, and provides the flight path instructions to the UAV to permit the UAV to travel from the first location to the second location via the flight path.

Abstract: This disclosure is directed to methods and systems for managing difficulty of use and security for a transaction. A transaction manager operating on a computing device may determining a range of possible steps for a transaction comprising security measures available for the transaction. The transaction manager may identify a threshold for a security metric to be exceeded for authorizing the transaction, the security metric to be determined based on performance of steps selected for the transaction. The transaction manager may select for the transaction at least one step from the range of possible steps, based on optimizing between (i) a difficulty of use quotient of the transaction from subjecting a user to the at least one step, and (ii) the security metric relative to the determined threshold.

Abstract: Systems are provided including: a player's device constructed to: communicate device information; receive an authorization message; communicate an authorization to commence a SWig session; communicate updated device information; and receive an authorization revocation; a geographical location server constructed to: receive the device information; determine a geographical location of the player's device; and communicate the geographical location; and the SWig server connected to the player's device and the geographical location server by a network, and constructed to: receive the device information; receive the geographical location of the player's device; when the geographical location of the player's device is within a real credit wagering jurisdiction, communicate the authorization message; receive the authorization to commence the SWig session; initiate the SWig session; receive the updated device information; determine if the player's device has changed location; and when the player's device has changed l

Abstract: There is disclosed some techniques for processing an authentication request. In one example, a method comprises the step of determining the velocity between authentication requests of a user associated with the requests. Additionally, the method determines the likelihood that a location associated with one of the requests is associated with the user location. Furthermore, the method generates an authentication result based on the likelihood that a location associated with one of the requests is associated with the user location.

Abstract: A management apparatus manages a plurality of devices. The management apparatus includes a management part that manages, for each one of the devices, one of communication systems used for carrying out communication between the management apparatus and the one of the devices and a communication data amount between the management apparatus and the one of the devices; a setting part that sets a permissible communication amount for each one of the communication systems; and a determination part that determines whether to be able to provide a service to one of the devices based on a communication data amount required for providing the service to the one of the devices, the permissible communication amount of one of the communication systems used by the one of the devices and a total of the communication data amounts of respective ones of the devices each using the one of the communication systems.

Abstract: A method of completing a transaction that requires authorization by an authority agent includes registering an authority device as associated with the authority agent, receiving a transaction request from a service provider; pushing an authentication notification to the authenticating application of the authority device; displaying the authentication notification, including a prompt to supply agent verification data, on the authority device; collecting and verifying the agent verification data; in response to verification of the agent verification data, transmitting an authority agent response from the authority device to the authentication platform, and, at the authentication platform, authenticating the authority agent response; and in response to authenticating the authority agent response, transmitting a transaction confirmation from the authentication platform to the service provider.