Abstract: Techniques for authenticating one or more entities are disclosed. Authentication can be performed based on one or more attributes associated with an image and/or input provided in connection with an image. The image is effectively provided for authenticating one or more entities associated with a computing environment. The attributes which can be measures include the manner in which an image has been created and/or traced by a person being authenticated. A person can initially register with an authentication system by creating and/or tracing an image. Subsequently, the person can be provided with the same, similar and/or completely different image in order to be authenticated by the authentication system. It will be appreciated that the image needs not be a signature or provide any personal information about the person being authenticated.

Abstract: Various of the disclosed embodiments concern efficiency improvements in wireless products. For example, some embodiments specify profiles for regional and custom-specified operational constraints. The profiles may be retrieved from across a network or stored locally upon the device. The profiles may specify various configuration adjustments that optimize the system's performance. For example, when possible, some embodiments may allow the system to operate at a lower power level and to thereby save energy. Various factors and conditions may be assessed in some embodiments prior to adjusting the existing power configuration.

Abstract: The present invention is a computer security system and method in which the various algorithms not only do not search for or detect the presence of a steganographic or other hidden image in a data file or across data files, but also includes at least one or more combined approaches for altering and neutralizing any hidden messages without significantly detracting from the underlying integrity of the data file or files thus treated.

Abstract: A verified antispoofing navigation apparatus is provided. The apparatus comprises: a primary navigation receiver configured to provide a set of primary measurements related to positioning of a mobile platform; a supplemental navigation device configured to provide a set of supplemental measurements related to positioning of the mobile platform; an identity monitoring device configured to verify an identity of a driver of the mobile platform; and a verification and authentication navigation processor configured to verify authenticity of the set of primary measurements provided by the primary navigation receiver by using the set of supplemental measurements provided by the supplemental navigation device. The verified antispoofing navigation apparatus further comprises: a driver authentication navigation processor configured to provide the driving and rest times of the driver to relevant authorities.

Abstract: This disclosure is directed to methods and systems for managing difficulty of use and security for a transaction. A transaction manager operating on a computing device may determining a range of possible steps for a transaction comprising security measures available for the transaction. The transaction manager may identify a threshold for a security metric to be exceeded for authorizing the transaction, the security metric to be determined based on performance of steps selected for the transaction. The transaction manager may select for the transaction at least one step from the range of possible steps, based on optimizing between (i) a difficulty of use quotient of the transaction from subjecting a user to the at least one step, and (ii) the security metric relative to the determined threshold.

Abstract: A system for authenticating mobile device users transparently is disclosed. This invention improves on the existing flaws by deriving encryption keys from environmental condition data when the user and device are trusted. The keys are then cryptographically hashed and compared with repository hashed data to determine if the conditions match a prior set of conditions. If a match is found and trust factors are sufficient, the system uses the condition data to decrypt a master key that allows access to secure data in the same manner as would a user-provided password. The security system cannot be bypassed if the device is stolen, as an attacker would have to replicate the exact environment and behavioral attributes employed and learned from the user without any knowledge as to the factors that constitute them because the factors are not maintained by the system.

Abstract: A pay television satellite broadcast includes validation data that can be used to validate authenticity of live global positioning system (GPS) data. The validation data may be included within entitlement messages and encrypted for security and selective reception by authorized receivers. A navigation system may compute checksums of received live GPS data and compare with the validation data for a match. A decision about whether or not to use the live GPS data may be taken based on whether or not the computed checksums match the validation data received via the pay television satellite broadcast signals.

Abstract: A server device provides for display a user interface that includes multiple code snippets, where each of the multiple code snippets, when executed, causes a user device to perform one or more functions. The server device receives a selection of a particular code snippet from the multiple code snippets provided by the user interface, and associates the particular code snippet with content. The server device provides the content with the particular code snippet to the user device, and executes the particular code snippet to cause the user device to perform a particular function with another server device.

Abstract: The present invention is to provide a wearable electronic device applied to an electronic commerce system, wherein the wearable electronic device is configured to be in communication with an information management server located in a cloud end through short-range wireless communication between the wearable electronic device and a network communication device, the wearable electronic device is also able to play audio files, store audio property of the audio files as an audio preference record and transmit the audio preference record to a streaming audio server located in the cloud end through the network communication device and the information management server sequentially, and the streaming audio server can then directly update the audio file stored in the wearable electronic device according to the audio preference record through the network communication device, so as for the client to enjoy the latest and favorite audio during sport through wearing the wearable electronic device.

Abstract: A method for logging in to an application program of an electronic device presets a plurality groups of account information of the application program, and presets fingerprints corresponding the plurality of groups of account information in a storage device. When the application program is executed and a user interface of the application program is displayed, the method receives fingerprint data input. When the received fingerprint data matches one of the fingerprints, the method further confirms a group of account information corresponding to the matched fingerprint, and logs in to the application program using the confirmed account information.

Abstract: The invention relates to a method for a first communication device to perform authenticated distance measurement between the first communication device and a second communication device, wherein the first and the second communication device share a common secret and the common secret is used for performing the distance measurement between the first and the second communication device. The invention also relates to a method of determining whether data stored on a first communication device are to be accessed by a second communication device. Moreover, the invention relates to a communication device for performing authenticated distance measurement to a second communication device. The invention also relates to an apparatus for playing back multimedia content comprising a communication device.

Abstract: A system and method for automatically comparing obtained wireless device location information from a wireless network and comparing that location with another independent source geographic location is provided. Location information is derived from two or more sources in a multiplicity of ways and a comparison is made within a Location Comparison Engine. The Location Comparison Engine makes use of databases that assist in resolving obtained raw positioning information and converting that positioning information into one or more formats for adequate location comparison.

Abstract: A location server includes: a first receiver module configured to receive, from a location-based services application server (LBS AS), a first identification for a first mobile device associated with the LBS AS; a second receiver module configured to receive, from an access/location network (ALN), a second identification for a second mobile device associated with the ALN; a comparison module, communicatively coupled to the first and second receiver modules, configured to determine whether the first and second identifications match and whether the first and second mobile devices are the same mobile device based at least in part on whether the first and second identifications match; and a location service information module, communicatively coupled to the comparison module, and configured to provide a location service for the first mobile device in response to the comparison module determining that the first and second mobile devices are the same mobile device.

Abstract: Systems and methods are provided in which external key devices are used for sealing and unsealing data-gathering devices without Internet, wherein the data-gathering devices invalidate the external key devices upon completing data collection in order to seal removable storage. Further, a sealed removable storage is transported to same location of a key server, where the key server uses a multi-factor sealing routine to unlock the sealed removable storage. The routine seals and unseals uses multiple factors including a location of the key server, hardware attributes of the removable storage, hardware attributes of the external key devices, and a private key of the key server. The data-gathering device may be used to support workers collecting data in disconnected parts in the world that are without Internet. The workers may collect data by using mobile devices to transfer data to a shared data-gathering device.

Abstract: A method for controlling access by of communication devices to a conference call, the method comprising associating proximity settings with a conference call, the proximity settings indicating a acceptable proximity of other communication devices relative to a selected communication device; sensing by the selected communication device proximity of the other devices within its proximity of the communication device to obtain proximity information; and determining, by a processor, from the obtained proximity information and the proximity settings an action to be performed with reference to the conference call.

Abstract: A method of sorting and displaying data on a portable electronic device includes: determining geographical coordinates of the portable electronic device, providing search criteria to the portable electronic device, performing a search in a database based on the search criteria resulting in a list of database records, determining a search area of the portable electronic device and displaying selected records from the list of database records on a display screen of the portable electronic device. Each of the selected records is located within a search radius, which originates at the geographical coordinates of the portable electronic device, and within the search area, which is determined based on a pointing direction of the portable electronic device.

Abstract: A data storage system including a SSD includes a capability to detect whether its location is acceptable for function, and a capability to self-disable in the event the location of the device is unacceptable, or to self-enable only while the location of the device is acceptable.

Abstract: Described herein are systems, devices and methods for decrypting content based on location. A media device may decrypt content based on determination of a location-based decryption event. The location-based decryption event may include the media device being located within a location previously defined as authorized to decrypt the content. The location-based decryption event may also include the media device being located within a predetermined distance of a designated reference object.

Abstract: Methods and arrangements for according access of a mobile device to an enterprise network. the presence of a mobile device relative to an enterprise network is detected, the enterprise network including a plurality of defined zones, wherein each zone is associated with a security level and with one or more resources. An agent of the mobile device is negotiated with to accord access to at least one of the defined zones. The negotiating includes: assessing at least one security constraint relative to the mobile device; and thereupon designating at least one zone to be accessible to the mobile device. Other variants and embodiments are broadly contemplated herein.

Abstract: A method, system, and apparatus for agile generation of one time passcodes (OTPs) in a security environment, the security environment having a token generator comprising a token generator algorithm and a validator, the method comprising generating a OTP at the token generator according to a variance technique; wherein the variance technique is selected from a set of variance techniques, receiving the OTP at a validator, determining, at the validator, the variance technique used by the token generator to generate the OTP, and determining whether to validate the OTP based on the OTP and variance technique.

Abstract: In one aspect, a system and method is provided that matches images that are associated with street addresses with images that are associated with locations that are stored with respect to another reference system, such as latitude/longitude. If the images match, the street address is associated with the location. In a further aspect, text contained in the images is extracted and associated with the street address as well.

Abstract: This disclosure relates to systems, methods, computer program products, and means that control access to position information at a receiver, or at another device external to the receiver, based on various considerations, including a requested service type, a user type, a device type, a software application type, a payment, and/or other characteristics associated with a particular software application or distributor of that software application. The disclosure further relates to systems, methods, computer program products and means for carrying out secure data transmissions intended for a particular application among other applications.

Abstract: Methods, systems, apparatuses, and/or computer-readable media for providing device management via application modification may be provided. In some embodiments, upon receiving a request to perform an action associated with an application, a determination as to whether performing the action will utilize a metered resource may be made. If so, a further determination may be made as to whether the request complies with at least one cost compliance policy and, in response to determining that the request complies with the at least one cost compliance policy, the action may be caused and/or authorize to be performed.

Abstract: A data storage system including a SSD includes a capability to detect whether its location is acceptable for function, and a capability to self-disable in the event the location of the device is unacceptable, or to self-enable only while the location of the device is acceptable.

Abstract: A system and method is provided to determine location information of a portable computing device and, in particular, to a secure and scalable system and method of decoupling and exposing handset originated location information to third parties. The system includes a location platform to determine location information of a remote user, and an encryption service configured to secure the location information of the remote user and send the secure location information to a content provider.

Abstract: The present invention provides a system and method for determining the authenticity of reported positions of GNSS receivers, such as aircraft equipped with GPS positioning devices, and provides an in-band verification capability for GNSS positions by tasking one or more GNSS satellites as designated authentication support (DAS) satellites that transmit corrupted ephemeris data in a pseudo-random error corrupted C/A signal on the L1 band, and the GNSS receivers determine authentication ranges to the DAS satellites and transmit the DAS authentication ranges as part of their position report. The surveillance system can verify the authenticity by comparing the transmitted authentication ranges to true authentication ranges determined using actual ephemeris data and the known C/A code pseudo-random error for the DAS satellites.

Abstract: Embodiments are directed toward transparent denial of service protection. Instruction set information that references a seed file may be communicated to a client computer. A network packet key may be generated based on the instruction set information or encrypted and provided by a server. A client computer may generate a client network packet key based on the instruction set information provided by the network computer and a seed file installed on the client computer. The client computer may include the client network packet key the one or more network packets that it is sending to the network computer before they are provided to the network computer. A packet rule that includes the network packet key may be generated and installed in a packet inspection engine. If network packets are received, the packet inspection engine compares the network packet key to the network packets using the packet rule.

Abstract: A method and system for automatically connecting to a WiFi network is disclosed herein. The present invention provides a set of diagnostic steps that are undertaken automatically on a mobile communication device to identify this condition and generate a browser window so that the condition can be fixed and the mobile communication device can automatically access the Internet through an Internet access gateway.

Abstract: A method for determining the physical location of a vehicle being guided with an onboard navigational positioning system capable of detecting and generating a positioning location vector for the vehicle. The method includes the steps of detecting and receiving a plurality of electromagnetic radiation signals. A plurality of ambient parameter measurements is also received. A confirming location position is calculated from the plurality of electromagnetic radiation signals and the plurality of ambient parameter measurements. The confirming location position is compared to the positioning location vector generated by the onboard system to create a differential vector. If the confirmation location position and the positioning location vector are greater than a predetermined value, the positioning location vector generated by the onboard navigational positioning system is prevented from being used in directing the movement of the vehicle until the position differential is below a predetermined error value.

Abstract: A method of verifying the identity of a user comprising: initiating (50) a sign-in request from a first computing device to an authentication server; receiving (58) an instruction from the authentication server to provide signature data from a second computing device; entering (64) signature data at the second computing device and sending the signature data to the authentication server; verifying (65) the signature data at the authentication server; notifying (66) the user that their identity has been verified on the basis of the data received from the second computing device.

Abstract: An implementation of a system, device and method for communicating location data of a mobile station, enhancing location data, optimally communicating Assistance Data, and/or reducing rebids of Measure Position Request messages in a wireless network.

Abstract: An apparatus for securing communications includes a processor and memory storing executable computer code causing the apparatus to at least perform operations including receiving a request to activate a service transferring communications of a cellular network to a wireless local network. The computer program code may further cause the apparatus to provide an activation key to a device responsive to an indication that the device is authorized to utilize the service based on determining an identifier(s) of the request is valid. The computer program code may further cause the apparatus to provide a private key to the device, to enable the device to utilize the private key to subsequently register to transfer communications of the cellular network to a wireless local network(s), responsive to receiving a message for the private key from the device and a message from the cellular network. Corresponding methods and computer program products are also provided.

Abstract: User authentication techniques based on geographical locations associated with a client device is provided. A network connection can be established between two or more host machines and a client device. Upon a request received from the client device by one of these host machines, round trip times of test messages may be measured between the client device and each of the host machines. The round trip times can be utilized to determine the current geographical location of the client device. If the location is within a tolerance geographical area, the client device may be authenticated. Otherwise, the authentication may fail or additional security procedures may be implemented. In some examples, a travel time from a historical geographical location to current geographical location can be determined. This data may be also utilized in the user authentication process.

Abstract: A method and apparatus support delivering a video media stream to a wireless device by exchanging communication signals through a secure communications interface to establish first and second communication channels. The channels may be according to different communication protocols. A first portion of the streamed video media stream over the first communication channel is encrypted while a second portion of the video media stream over the second communication channel is not encrypted. The second portion is based on the first. In addition to encryption of only the first portion, one embodiment includes using different communication protocols for the first and second channels to further enhance secure media delivery.

Abstract: A method and apparatus for endpoint configuration management comprising receiving an endpoint topology and storing the endpoint topology in a configuration store, modifying a configuration for a remote session to conform to the endpoint topology and corresponding the configuration to the endpoint topology in the data structure and presenting to the endpoint the modified configuration of the remote session.

Abstract: Method and apparatus for SPS authentication, for example for use with GPS, are disclosed. The method may include receiving a first set of Y codes from a plurality of satellites, generating authentication decisions using W code estimates extracted from the first set of Y codes for satellite channels corresponding to the plurality of satellites, and generating an authentication response according to authentication decisions generated for the satellite channels.

Abstract: A cryptanalysis method comprising: (A) Performing a ciphertext-only direct cryptanalysis of A5/1 and (B) Using results of Step (A) to facilitate the decryption and/or encryption of further communications that are consistent with encryption using the session key and/or decryption using the session key, wherein the cryptanalysis considers part of the bits of the session key to have a known fixed value, and wherein the cryptanalysis finds the session key. An efficient known plaintext attack on AS/2 comprises trying all the possible values for R4, and for each such value solving the linearized system of equations that describe the output; The solution of the equations gives the internal state of RI, R2, and R3; Together with R4, this gives the full internal state which gives a suggestion for the key.

Abstract: Embodiments of the present invention disclose a method, computer program product, and system for location-based authorization to access a resource. A first computer receives a request to access a resource from a second computer. The request to access the resource includes location information of the second computer. The first computer responds by sending a request to a third computer, requesting location information of the third computer. In response to receiving from the third computer, the location information of the third computer, the first computer determines a distance between the second computer and the third computer. If the distance between the second computer and the third computer fulfills a proximity condition, the first computer authorizes the resource request.

Abstract: A security system assesses the response time to requests for information to determine whether the responding system is in physical proximity to the requesting system. Generally, physical proximity corresponds to temporal proximity. If the response time indicates a substantial or abnormal lag between request and response, the system assumes that the lag is caused by the request and response having to travel a substantial or abnormal physical distance, or caused by the request being processed to generate a response, rather than being answered by an existing response in the physical possession of a user. If a substantial or abnormal lag is detected, for example due to the fact that the information was downloaded from the Internet, the system is configured to limit subsequent access to protected material by the current user, and/or to notify security personnel of the abnormal response lag.

Abstract: This disclosure relates to systems, methods, computer program products, and means that control access to position information at a receiver, or at another device external to the receiver, based on various considerations, including a requested service type, a user type, a device type, a software application type, a payment, and/or other characteristics associated with a particular software application or distributor of that software application. The disclosure further relates to systems, methods, computer program products and means for carrying out secure data transmissions intended for a particular application among other applications.

Abstract: A system can include a mobile computing device and a wearable computing device. The wearable computing device can include a sensor that outputs an indication that the wearable computing device is being worn. In some examples, one or both of the devices can be operable to determine that the devices are within a threshold distance of each other. Responsive to receiving the indications that the wearable computing device is being worn and the devices are within the threshold distance of each other, one or both of the devices can be operable to change an access mode of computing environment provided by the respective device from a reduced access mode to an increased access mode.

Abstract: Securing access to a portable electronic device (PED), securing e-commerce transactions at an electronic device (ED) and dynamically adjusting system settings at a PED are disclosed. In an example, usage or mobility characteristics of the PED or ED (e.g., a location of the ED or PED, etc.) are compared with current parameters of the PED or ED. A determination as to whether to permit an operation (e.g., access, e-commerce transaction, etc.) at the ED or PED can be based at least in part upon a degree to which the current parameters conform with the usage or mobility characteristics. In another example, at least a current location of a PED can be used to determine which system settings to load at the PED.

Abstract: A method for composing an authentication password associated with an electronic device is implemented by a password composing system including a display, a receiving unit, and a processing unit. In the method, the display is configured to display a start point, and a plurality of displayed paths. The receiving unit is configured to detect a set of user-input movements of a contact point at the display. The processing unit is configured to determine whether the user-input movements conform with a predefined valid user-input gesture, store a plurality of codes corresponding to the valid user-input gestures, and to compose the authentication password according to valid ones of the series of the user-input movements.

Abstract: A method includes controlling security in a communication system that involves a node capable of routing traffic according to one or more security algorithms with respective security levels. The node is adapted to estimate at least one safety degree relating to the node, to select at least one security algorithm of the one or more security algorithms, depending on the estimated safety degree; and to activate the at least one security algorithm.

Abstract: Embodiments of the invention are directed to systems, methods and computer program products for enrolling a user in a device identification program. In some embodiments, a system is configured to: receive device identification information from a mobile device, receive user information associated with a user, the user information enabling identification of the user, associate the device identification information with the user information, and create a record based on the device identification information and the user information.

Abstract: Embodiments of the present invention are directed to systems, apparatuses and methods for using a mobile device with an accelerometer to gain access into a secured or restricted area. A first device and a second device interact by making physical contact with each other thereby generating interaction data that is representative of the physical interaction between the first and second device. The first and second device may be mobile phones. The second device may be a point of sale terminal, access point device, or any other stationary (i.e., in a fixed position) device positioned at a line, door, gate, or entrance. A server computer determines, based on interaction data, that the first device and the second device made physical contact. After determining that the first device and the second device made contact, communications may be initiated between the devices.

Abstract: An approach is provided for selecting a security policy. A security policy manager determines one or more factors for adjusting a safety score associated with a device. The safety score is based, at least in part, on a context associated with the device. The security policy manager then processes and/or facilitates a processing of the one or more factors and the safety score to calculate an adjusted safety score, and determines to select a security policy based, at least in part, on the adjusted safety score.

Abstract: A selective barrier prevents undesired communication between a protected region and an unprotected region. Wireless communication is allowed within the protected region, while wireless communication is prevented between the protected region and any unprotected regions. Particular undesired message packets might be selected by business rules responsive to aspects of individual messages. Particular unprotected regions might be statically or dynamically determined. Alternatively, the selective barrier similarly operates to block undesired message packets from originating in any of the unprotected regions and successfully being received in the protected region.

Abstract: Systems and methods of restricting access to mobile platform location information may involve receiving, via a link, location information for a mobile platform at a processor of the mobile platform, and preventing unauthorized access to the location information by an operating system associated with the mobile platform.

Abstract: A gesture-based method is disclosed for authenticating a user. More specifically, the user of an information handling system is prompted to enter a passcode finger tap sequence input gesture via a touch-sensitive device. The finger tap sequence input gesture is processed to generate a passcode finger tap sequence. The passcode finger tap sequence is then compared to a previously-generated authentication finger tap sequence. If the two finger tap sequences match, then the user is authenticated.