Abstract: A web system license based on multi-way tree search includes steps of: identifying a requiring URL of each function; using the requiring URL of the function as a mark, writing the mark in a license; encrypting the license for generating a cipher text, and storing the cipher text in a web system; during initializing of the web system, decrypting the cipher text and sending to a memory; establishing a multi-way tree according to a URL of an authorized function in the license; and receiving a requirement for a specific function by the web system, using the requiring URL as a searching value and matching in the multi-way tree; wherein if a corresponding URL is found, the function is authorized and further operation is required until response returning; if the corresponding URL is not found, the requirement is intercepted, and a response is returned.

Abstract: Handling of ELS REQ and RSP packets that contain addresses in the payload is shifted to the edge fabric switches connected to the node devices issuing and receiving the ELS REQ packet, the ingress and egress switches. This allows the ELS REQ and RSP packet payload address modification operations to be removed from the tasks handled by the router processor. As this removes a processing burden from the router processors, those router processors are free to handle other normal operations, thus allowing more processor bandwidth to be provided to those other operations, which allows further growth of the network as one limitation has been removed. The need to replicate or provide commands between switches or routers is avoided as there are no redundant paths at that point.

Abstract: A web service platform to improve end-user engagement in a captive audience environment. Mobile and web-based clients allow application users to authorize and approve usage of entitlements of other users, including their children, based upon preconfigured rules and the proximity between the user requesting and the user approving authorization to use the entitlement.

Abstract: The present invention provides a terminal which includes an an information collection unit configured to acquire subsidiary information added to a current image by a user and collect authentication information relating to the user according to an information hiding command received by the current image, an information processing unit configured to execute the following steps: eliminating the subsidiary information on the current image, and embedding the subsidiary information and the authentication information into a file of the current image from which the subsidiary information is eliminated in a related manner, or eliminating a display identifier of the subsidiary information on the current image, and embedding the subsidiary information, the display identifier, and the authentication information into the file of the current image from which the display identifier is eliminated from in a related manner. The present invention further provides a method for hiding and protecting data information.

Abstract: An image recording apparatus includes: a first communication interface configured to perform communication according to a first communication standard; a second communication interface configured to perform communication according to a second communication standard that is different from the first communication standard and that is a wireless communication standard; an image recorder; and a controller. The controller receives image data and first identification information from an image-data output device via the first communication interface. The controller broadcasts the received first identification information via the second communication interface.

Abstract: Embodiments of a method and apparatus for reducing or eliminating unauthorized access to secured files are generally described herein. In some embodiments, the method includes establishing a connection between a communication portion of the secured file and an authentication agent. The method may include requesting a decryption key from the authentication agent for accessing the secured file on a first computing device. The decryption key may be based on device information retrieved from devices in an authenticated environment of devices. The authenticated environment may be an environment in which the secured the was encrypted. The method may include destroying the secured file subsequent to receiving a message indicating that the requesting has failed.

Abstract: A traffic management device (TMD), system, and processor-readable storage medium are directed to determining that an end-to-end encrypted session has been established between a client and an authentication server, intercepting and decrypting subsequent task traffic from the client, and forwarding the intercepted traffic toward a server. In some embodiments, a second connection between the TMD and server may be employed to forward the intercepted traffic, and the second connection may be unencrypted or encrypted with a different mechanism than the encrypted connection to the authentication server. The encrypted connection to the authentication server may be maintained following authentication to enable termination of the second connection if the client becomes untrusted, and/or to enable logging of client requests, connection information, and the like. In some embodiments, the TMD may act as a proxy to provide client access to a number of servers and/or resources.

Abstract: A system for providing the general public with simplified access to aerial surveillance. The system software initially functions as a viewer, but also provides a path to increase a participant's control. The software architecture is structured to accommodate multiple users simultaneously and minimizes operational down-time by organizing participants into a standby queuing system. The system also provides a step-by-step operator-pilot progression, with built in training and certification modules, to train and qualify a participant for higher levels of control. This progression starts by allowing a participant to remotely track the flight path of a surveillance aircraft, then view its camera feed, operate the camera, and eventually pilot the aircraft. The system in applicable whether the aircraft is manned or unmanned, and incorporates an interrupt mechanism to mitigate undesirable mission parameters.

Abstract: In a general aspect, a computer-implemented method can include receiving, at a computing device, a beacon signal including a vending device identifier and sending, to a cloud-based vending service, the vending device identifier. The method can further include receiving, from the cloud-based vending service, an indication of at least one product available for purchase from the vending device and receiving, at the computing device, an indication of a selected product of the at least one product available for purchase. The method can also include sending, to the cloud based service, a request to purchase the selected product and receiving, from the cloud-based vending service, a purchase token for the selected product. The method can still further include sending, to the vending device, the purchase token and receiving, from the vending device, an acknowledgment that the purchase token has been used to purchase the selected product.

Abstract: In representative embodiments, a geo-fence cryptographic key material comprising a geo-fence description defining a geographic area and associated cryptographic key material is assigned to an entity for use in authenticated communications. The validity of the cryptographic material changes state based on whether the entity is inside or outside the geographic area. This is accomplished in a representative embodiment by suspending the validity of the cryptographic key material when the entity is outside the geographic area and reinstating the validity of the cryptographic key material when the entity is inside the geographic area. A geographic update service determines the validity of the cryptographic material in part using location updates sent by the entity. Entities that are not geo-aware can delegate the location update to a geo-aware device. Encryption can be used to preserve privacy.

Abstract: An electronic device having a judging system to facilitate an operation of the electronic device. The judging system includes a searching module for searching MAC addresses of WiFi devices in a presently working environment. A storing module stores the MAC addresses in a data base. A comparing module judges whether the present working environment is a previously encountered environment by comparing the MAC addresses for the present working environment with MAC addresses for the previously encountered environment which have been stored in the data base. A processing module has the electronic device to perform a predetermined function if the present working environment is judged as the previously encountered environment.

Abstract: A system and method is provided to determine location information of a portable computing device and, in particular, to a secure and scalable system and method of decoupling and exposing handset originated location information to third parties. The system includes a location platform to determine location information of a remote user, and an encryption service configured to secure the location information of the remote user and send the secure location information to a content provider.

Abstract: There is provided a technology for retrieving tourist information based on a user location which makes it easy for the user to retrieve accurate tourist information which she/she truly requires. A user's location on the map is measured and the plurality of reference areas are retrieved from memory storing a plurality of reference areas RA, RB, RC and RD allocated to a plurality of target objects A, B, C and D on the map which are correlated with a plurality of tourist information items, using the measured current location as a search key. A reference area including the measured current location is extracted from plurality of reference areas and tourist information, from plurality of tourist information items corresponds to the extracted reference area is provided to the user. Each reference area is defined by location, shape and size of area reflecting the attributes of corresponding target objects on the map.

Abstract: This disclosure is directed to methods and systems for managing difficulty of use and security for a transaction. A transaction manager operating on a computing device may determining a range of possible steps for a transaction comprising security measures available for the transaction. The transaction manager may identify a threshold for a security metric to be exceeded for authorizing the transaction, the security metric to be determined based on performance of steps selected for the transaction. The transaction manager may select for the transaction at least one step from the range of possible steps, based on optimizing between (i) a difficulty of use quotient of the transaction from subjecting a user to the at least one step, and (ii) the security metric relative to the determined threshold.

Abstract: A device receives a request for a flight path for a UAV from a first location to a second location, credentials for the UAV, and component information for the UAV. The device determines, based on the credentials, whether the UAV is authenticated for utilizing the device and a network, and determines whether the UAV is capable of flight based on the component information and maintenance information. The device calculates, the flight path based on capability information for the UAV and/or other information, and determines whether the UAV is capable of traversing the flight path based on the capability information and/or the other information. The device generates flight path instructions for the flight path, and provides the flight path instructions to the UAV to permit the UAV to travel from the first location to the second location via the flight path.

Abstract: Systems are provided including: a player's device constructed to: communicate device information; receive an authorization message; communicate an authorization to commence a SWig session; communicate updated device information; and receive an authorization revocation; a geographical location server constructed to: receive the device information; determine a geographical location of the player's device; and communicate the geographical location; and the SWig server connected to the player's device and the geographical location server by a network, and constructed to: receive the device information; receive the geographical location of the player's device; when the geographical location of the player's device is within a real credit wagering jurisdiction, communicate the authorization message; receive the authorization to commence the SWig session; initiate the SWig session; receive the updated device information; determine if the player's device has changed location; and when the player's device has changed l

Abstract: There is disclosed some techniques for processing an authentication request. In one example, a method comprises the step of determining the velocity between authentication requests of a user associated with the requests. Additionally, the method determines the likelihood that a location associated with one of the requests is associated with the user location. Furthermore, the method generates an authentication result based on the likelihood that a location associated with one of the requests is associated with the user location.

Abstract: A management apparatus manages a plurality of devices. The management apparatus includes a management part that manages, for each one of the devices, one of communication systems used for carrying out communication between the management apparatus and the one of the devices and a communication data amount between the management apparatus and the one of the devices; a setting part that sets a permissible communication amount for each one of the communication systems; and a determination part that determines whether to be able to provide a service to one of the devices based on a communication data amount required for providing the service to the one of the devices, the permissible communication amount of one of the communication systems used by the one of the devices and a total of the communication data amounts of respective ones of the devices each using the one of the communication systems.

Abstract: A method of completing a transaction that requires authorization by an authority agent includes registering an authority device as associated with the authority agent, receiving a transaction request from a service provider; pushing an authentication notification to the authenticating application of the authority device; displaying the authentication notification, including a prompt to supply agent verification data, on the authority device; collecting and verifying the agent verification data; in response to verification of the agent verification data, transmitting an authority agent response from the authority device to the authentication platform, and, at the authentication platform, authenticating the authority agent response; and in response to authenticating the authority agent response, transmitting a transaction confirmation from the authentication platform to the service provider.

Abstract: Various of the disclosed embodiments concern efficiency improvements in wireless products. For example, some embodiments specify profiles for regional and custom-specified operational constraints. The profiles may be retrieved from across a network or stored locally upon the device. The profiles may specify various configuration adjustments that optimize the system's performance. For example, when possible, some embodiments may allow the system to operate at a lower power level and to thereby save energy. Various factors and conditions may be assessed in some embodiments prior to adjusting the existing power configuration.

Abstract: The present invention is a computer security system and method in which the various algorithms not only do not search for or detect the presence of a steganographic or other hidden image in a data file or across data files, but also includes at least one or more combined approaches for altering and neutralizing any hidden messages without significantly detracting from the underlying integrity of the data file or files thus treated.

Abstract: Techniques for authenticating one or more entities are disclosed. Authentication can be performed based on one or more attributes associated with an image and/or input provided in connection with an image. The image is effectively provided for authenticating one or more entities associated with a computing environment. The attributes which can be measures include the manner in which an image has been created and/or traced by a person being authenticated. A person can initially register with an authentication system by creating and/or tracing an image. Subsequently, the person can be provided with the same, similar and/or completely different image in order to be authenticated by the authentication system. It will be appreciated that the image needs not be a signature or provide any personal information about the person being authenticated.

Abstract: A verified antispoofing navigation apparatus is provided. The apparatus comprises: a primary navigation receiver configured to provide a set of primary measurements related to positioning of a mobile platform; a supplemental navigation device configured to provide a set of supplemental measurements related to positioning of the mobile platform; an identity monitoring device configured to verify an identity of a driver of the mobile platform; and a verification and authentication navigation processor configured to verify authenticity of the set of primary measurements provided by the primary navigation receiver by using the set of supplemental measurements provided by the supplemental navigation device. The verified antispoofing navigation apparatus further comprises: a driver authentication navigation processor configured to provide the driving and rest times of the driver to relevant authorities.

Abstract: This disclosure is directed to methods and systems for managing difficulty of use and security for a transaction. A transaction manager operating on a computing device may determining a range of possible steps for a transaction comprising security measures available for the transaction. The transaction manager may identify a threshold for a security metric to be exceeded for authorizing the transaction, the security metric to be determined based on performance of steps selected for the transaction. The transaction manager may select for the transaction at least one step from the range of possible steps, based on optimizing between (i) a difficulty of use quotient of the transaction from subjecting a user to the at least one step, and (ii) the security metric relative to the determined threshold.

Abstract: A system for authenticating mobile device users transparently is disclosed. This invention improves on the existing flaws by deriving encryption keys from environmental condition data when the user and device are trusted. The keys are then cryptographically hashed and compared with repository hashed data to determine if the conditions match a prior set of conditions. If a match is found and trust factors are sufficient, the system uses the condition data to decrypt a master key that allows access to secure data in the same manner as would a user-provided password. The security system cannot be bypassed if the device is stolen, as an attacker would have to replicate the exact environment and behavioral attributes employed and learned from the user without any knowledge as to the factors that constitute them because the factors are not maintained by the system.

Abstract: A pay television satellite broadcast includes validation data that can be used to validate authenticity of live global positioning system (GPS) data. The validation data may be included within entitlement messages and encrypted for security and selective reception by authorized receivers. A navigation system may compute checksums of received live GPS data and compare with the validation data for a match. A decision about whether or not to use the live GPS data may be taken based on whether or not the computed checksums match the validation data received via the pay television satellite broadcast signals.

Abstract: A server device provides for display a user interface that includes multiple code snippets, where each of the multiple code snippets, when executed, causes a user device to perform one or more functions. The server device receives a selection of a particular code snippet from the multiple code snippets provided by the user interface, and associates the particular code snippet with content. The server device provides the content with the particular code snippet to the user device, and executes the particular code snippet to cause the user device to perform a particular function with another server device.

Abstract: The present invention is to provide a wearable electronic device applied to an electronic commerce system, wherein the wearable electronic device is configured to be in communication with an information management server located in a cloud end through short-range wireless communication between the wearable electronic device and a network communication device, the wearable electronic device is also able to play audio files, store audio property of the audio files as an audio preference record and transmit the audio preference record to a streaming audio server located in the cloud end through the network communication device and the information management server sequentially, and the streaming audio server can then directly update the audio file stored in the wearable electronic device according to the audio preference record through the network communication device, so as for the client to enjoy the latest and favorite audio during sport through wearing the wearable electronic device.

Abstract: A method for logging in to an application program of an electronic device presets a plurality groups of account information of the application program, and presets fingerprints corresponding the plurality of groups of account information in a storage device. When the application program is executed and a user interface of the application program is displayed, the method receives fingerprint data input. When the received fingerprint data matches one of the fingerprints, the method further confirms a group of account information corresponding to the matched fingerprint, and logs in to the application program using the confirmed account information.

Abstract: The invention relates to a method for a first communication device to perform authenticated distance measurement between the first communication device and a second communication device, wherein the first and the second communication device share a common secret and the common secret is used for performing the distance measurement between the first and the second communication device. The invention also relates to a method of determining whether data stored on a first communication device are to be accessed by a second communication device. Moreover, the invention relates to a communication device for performing authenticated distance measurement to a second communication device. The invention also relates to an apparatus for playing back multimedia content comprising a communication device.

Abstract: A system and method for automatically comparing obtained wireless device location information from a wireless network and comparing that location with another independent source geographic location is provided. Location information is derived from two or more sources in a multiplicity of ways and a comparison is made within a Location Comparison Engine. The Location Comparison Engine makes use of databases that assist in resolving obtained raw positioning information and converting that positioning information into one or more formats for adequate location comparison.

Abstract: A location server includes: a first receiver module configured to receive, from a location-based services application server (LBS AS), a first identification for a first mobile device associated with the LBS AS; a second receiver module configured to receive, from an access/location network (ALN), a second identification for a second mobile device associated with the ALN; a comparison module, communicatively coupled to the first and second receiver modules, configured to determine whether the first and second identifications match and whether the first and second mobile devices are the same mobile device based at least in part on whether the first and second identifications match; and a location service information module, communicatively coupled to the comparison module, and configured to provide a location service for the first mobile device in response to the comparison module determining that the first and second mobile devices are the same mobile device.

Abstract: Systems and methods are provided in which external key devices are used for sealing and unsealing data-gathering devices without Internet, wherein the data-gathering devices invalidate the external key devices upon completing data collection in order to seal removable storage. Further, a sealed removable storage is transported to same location of a key server, where the key server uses a multi-factor sealing routine to unlock the sealed removable storage. The routine seals and unseals uses multiple factors including a location of the key server, hardware attributes of the removable storage, hardware attributes of the external key devices, and a private key of the key server. The data-gathering device may be used to support workers collecting data in disconnected parts in the world that are without Internet. The workers may collect data by using mobile devices to transfer data to a shared data-gathering device.

Abstract: A method for controlling access by of communication devices to a conference call, the method comprising associating proximity settings with a conference call, the proximity settings indicating a acceptable proximity of other communication devices relative to a selected communication device; sensing by the selected communication device proximity of the other devices within its proximity of the communication device to obtain proximity information; and determining, by a processor, from the obtained proximity information and the proximity settings an action to be performed with reference to the conference call.

Abstract: A method of sorting and displaying data on a portable electronic device includes: determining geographical coordinates of the portable electronic device, providing search criteria to the portable electronic device, performing a search in a database based on the search criteria resulting in a list of database records, determining a search area of the portable electronic device and displaying selected records from the list of database records on a display screen of the portable electronic device. Each of the selected records is located within a search radius, which originates at the geographical coordinates of the portable electronic device, and within the search area, which is determined based on a pointing direction of the portable electronic device.

Abstract: A data storage system including a SSD includes a capability to detect whether its location is acceptable for function, and a capability to self-disable in the event the location of the device is unacceptable, or to self-enable only while the location of the device is acceptable.

Abstract: Described herein are systems, devices and methods for decrypting content based on location. A media device may decrypt content based on determination of a location-based decryption event. The location-based decryption event may include the media device being located within a location previously defined as authorized to decrypt the content. The location-based decryption event may also include the media device being located within a predetermined distance of a designated reference object.

Abstract: Methods and arrangements for according access of a mobile device to an enterprise network. the presence of a mobile device relative to an enterprise network is detected, the enterprise network including a plurality of defined zones, wherein each zone is associated with a security level and with one or more resources. An agent of the mobile device is negotiated with to accord access to at least one of the defined zones. The negotiating includes: assessing at least one security constraint relative to the mobile device; and thereupon designating at least one zone to be accessible to the mobile device. Other variants and embodiments are broadly contemplated herein.

Abstract: A method, system, and apparatus for agile generation of one time passcodes (OTPs) in a security environment, the security environment having a token generator comprising a token generator algorithm and a validator, the method comprising generating a OTP at the token generator according to a variance technique; wherein the variance technique is selected from a set of variance techniques, receiving the OTP at a validator, determining, at the validator, the variance technique used by the token generator to generate the OTP, and determining whether to validate the OTP based on the OTP and variance technique.

Abstract: In one aspect, a system and method is provided that matches images that are associated with street addresses with images that are associated with locations that are stored with respect to another reference system, such as latitude/longitude. If the images match, the street address is associated with the location. In a further aspect, text contained in the images is extracted and associated with the street address as well.

Abstract: This disclosure relates to systems, methods, computer program products, and means that control access to position information at a receiver, or at another device external to the receiver, based on various considerations, including a requested service type, a user type, a device type, a software application type, a payment, and/or other characteristics associated with a particular software application or distributor of that software application. The disclosure further relates to systems, methods, computer program products and means for carrying out secure data transmissions intended for a particular application among other applications.

Abstract: A data storage system including a SSD includes a capability to detect whether its location is acceptable for function, and a capability to self-disable in the event the location of the device is unacceptable, or to self-enable only while the location of the device is acceptable.

Abstract: Methods, systems, apparatuses, and/or computer-readable media for providing device management via application modification may be provided. In some embodiments, upon receiving a request to perform an action associated with an application, a determination as to whether performing the action will utilize a metered resource may be made. If so, a further determination may be made as to whether the request complies with at least one cost compliance policy and, in response to determining that the request complies with the at least one cost compliance policy, the action may be caused and/or authorize to be performed.

Abstract: The present invention provides a system and method for determining the authenticity of reported positions of GNSS receivers, such as aircraft equipped with GPS positioning devices, and provides an in-band verification capability for GNSS positions by tasking one or more GNSS satellites as designated authentication support (DAS) satellites that transmit corrupted ephemeris data in a pseudo-random error corrupted C/A signal on the L1 band, and the GNSS receivers determine authentication ranges to the DAS satellites and transmit the DAS authentication ranges as part of their position report. The surveillance system can verify the authenticity by comparing the transmitted authentication ranges to true authentication ranges determined using actual ephemeris data and the known C/A code pseudo-random error for the DAS satellites.

Abstract: A system and method is provided to determine location information of a portable computing device and, in particular, to a secure and scalable system and method of decoupling and exposing handset originated location information to third parties. The system includes a location platform to determine location information of a remote user, and an encryption service configured to secure the location information of the remote user and send the secure location information to a content provider.

Abstract: Embodiments are directed toward transparent denial of service protection. Instruction set information that references a seed file may be communicated to a client computer. A network packet key may be generated based on the instruction set information or encrypted and provided by a server. A client computer may generate a client network packet key based on the instruction set information provided by the network computer and a seed file installed on the client computer. The client computer may include the client network packet key the one or more network packets that it is sending to the network computer before they are provided to the network computer. A packet rule that includes the network packet key may be generated and installed in a packet inspection engine. If network packets are received, the packet inspection engine compares the network packet key to the network packets using the packet rule.

Abstract: A method and system for automatically connecting to a WiFi network is disclosed herein. The present invention provides a set of diagnostic steps that are undertaken automatically on a mobile communication device to identify this condition and generate a browser window so that the condition can be fixed and the mobile communication device can automatically access the Internet through an Internet access gateway.

Abstract: A method for determining the physical location of a vehicle being guided with an onboard navigational positioning system capable of detecting and generating a positioning location vector for the vehicle. The method includes the steps of detecting and receiving a plurality of electromagnetic radiation signals. A plurality of ambient parameter measurements is also received. A confirming location position is calculated from the plurality of electromagnetic radiation signals and the plurality of ambient parameter measurements. The confirming location position is compared to the positioning location vector generated by the onboard system to create a differential vector. If the confirmation location position and the positioning location vector are greater than a predetermined value, the positioning location vector generated by the onboard navigational positioning system is prevented from being used in directing the movement of the vehicle until the position differential is below a predetermined error value.

Abstract: A method of verifying the identity of a user comprising: initiating (50) a sign-in request from a first computing device to an authentication server; receiving (58) an instruction from the authentication server to provide signature data from a second computing device; entering (64) signature data at the second computing device and sending the signature data to the authentication server; verifying (65) the signature data at the authentication server; notifying (66) the user that their identity has been verified on the basis of the data received from the second computing device.

Abstract: An implementation of a system, device and method for communicating location data of a mobile station, enhancing location data, optimally communicating Assistance Data, and/or reducing rebids of Measure Position Request messages in a wireless network.