Abstract: The disclosed computer-implemented method for detecting unauthorized use of an application may include (1) receiving, by the computing device, fingerprint data associated with a fingerprint, where the fingerprint data is received from the touchscreen, when a user interface of the application is displayed on the touchscreen, and in an absence of displaying a request for fingerprint data on the touchscreen, (2) comparing the received fingerprint data to a whitelist of authorized fingerprint data to determine a presence of a match, where the authorized fingerprint data indicates at least one fingerprint of at least one user that is authorized to access the application and (3) performing, when the received fingerprint data does not match the whitelist of authorized fingerprint data, a security action. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Methods, non-transitory computer readable media, and network traffic manager apparatus that assists with managing a federated identity environment based on application availability includes identifying a current status of one or more applications. Next, a response to a received request is generated based on the identified current status and a status of user authentication, wherein the generated response comprises an access token and a notification message corresponding to the identified current status. The generated response is provided to the client.

Abstract: A method for automatically avoiding fault paths in software code of a System Under Test (SUT) includes generating a plurality of fingerprints by executing a plurality of regression tests. Each of the plurality of fingerprints uniquely identifies a specific code path in the software code of the SUT. A critical error is detected during execution of the software code of the SUT. A fault code path in the software code of the SUT associated with the critical error is identified by analyzing the plurality of generated fingerprints. At least one fingerprint associated with the fault code path in the software code of the SUT is identified. During subsequent execution of the software code of the SUT, the identified fault code path in the software code of the SUT is automatically prevented from being executed based on the identified at least one fingerprint.

Abstract: An example computing device is programmed to: (a) detect an attempt to secondarily access a user account, the user account being involved in an ongoing primary financial session with a primary device; (b) raise the level of authentication required to secondarily access the user account beyond that which was required to access the account for the primary financial session; (c) when successful authentication at the raised level is achieved, permit secondary access to the user account through a secondary financial session and compare one or more user activities occurring during the secondary financial session to a plurality of fraud profiles; and (d) indicate fraud when comparison of the user activity is consistent with one or more of the plurality of fraud profiles.

Abstract: A network server includes a communicator and at least one processor coupled to the communicator. The at least processing is configured to: receive a first data signal from a first user terminal that is shared with a game server; transfer to the game server a first request, together with the first data signal, to verify validation of a game item when a first message including information relating to the game item is received from the first user terminal; receive from the second user terminal a second message relating to the game item; and transfer to the game server a second request, together with the first data signal, to change an owner of the game item from a first game ID associated with the first user terminal to a second game ID associated to the second user terminal in response to determining whether second message is authorized.

Abstract: A system and method for media content management may comprise creating, via a digital vault, a container file comprising media content submitted by a first user and content metadata; verifying, via the digital vault, a completeness of the content metadata associated with the media content in the container file; classifying, via the digital vault, the container file based on the completeness of the media content; and capturing, via the digital vault, event metadata when a second user gains access to the container file, the event metadata comprising identification of the second user, an activation timestamp, a duration of access, portions of the container file accessed, and changes to the container file.

Abstract: One embodiment of the present invention provides a system that automatic discovers and monitors enterprise components. During operation, the system scans an enterprise environment for an item of meta-data. Next, the system analyzes the item of meta-data to determine a monitoring instruction for a corresponding enterprise component. Finally, the system performs the monitoring instruction for the corresponding enterprise component.

Abstract: Methods and devices for managing browser extensions may include receiving a security list for restricting usage of one or more browser extensions on webpages that includes at least one or more of a webpage category and a uniform resource locator (URL). The methods and devices may include receiving a navigation request to a webpage and providing a browser extension decision whether to allow the one or more browser extensions to operate on the webpage based at least upon the security list.

Abstract: Methods, systems, and computer-readable media for secure offline transmission of a plurality of data segments from a sending device to one or more receiving devices. The sending device and the one or more receiving devices may communicate via an offline local network. A secure, encrypted container may be created at the receiving device to temporarily cache the received data segments one at a time and the encrypted storage container prevents access by one or more applications of the receiving device to data stored therein based on storage instructions from the sending device. The encrypted container may be configured to store the data segments such that less than all of the data segments are stored at the receiving device at any one time.

Abstract: Systems and techniques for removing a sound recording from an audio recording (e.g., an audio recording embedded in a media file) are presented. The system can include an identification component, a first subtraction component and a second subtraction component. The identification component identifies a sound recording in a mixed audio recording. The first subtraction component determines a local linear transformation of the sound recording and subtracts the local linear transformation of the sound recording from the mixed audio recording to generate a new mixed audio recording. The second subtraction component compares one or more segments of the sound recording with one or more corresponding segments of the new mixed audio recording and reduces a power level of the new mixed audio recording based at least in part on correlation of the one or more corresponding segments with the one or more segments.

Abstract: The present invention relates to data rights management and more particularly to a secured system and methodology and production system and methodology related thereto and to apparatus and methodology for production side systems and are consumer side systems for securely utilizing protected electronic data files of content (protected content), and further relates to controlled distribution, and regulating usage of the respective content on a recipient device (computing system) to be limited strictly to defined permitted uses, in accordance with usage rights (associated with the respective content to control usage of that respective content), on specifically restricted to a specific one particular recipient device (for a plurality of specific particular recipient devices), or usage on some or any authorized recipient device without restriction to any one in specific, to control use of the respective content as an application software program, exporting, modifying, executing as an application program, viewing,

Abstract: A networked device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences of messages, such as replicated data, using one or more keypairs and wrapping keys. The sequences of messages can include an initial set of messages that are encrypted by a wrapping key, and further include another set of messages that are encrypted by a replaced staggered key. The sequence of messages can be configured to be decrypted without exporting keys of hardware security modules.

Abstract: Detecting emergent abnormal behavior in a computer network faster and more accurately allows for the security of the network against malicious parties to be improved. To detect abnormal behavior, outbound traffic is examined from across several devices and processes in the network to identify rarely communicated-with destinations that are associated with rarely-executed processes. As a given destination and process is used more frequently over time by the network, the level of suspicion associated with that destination and process is lowered as large groups of devices are expected to behave the same when operating properly and not under the control of a malicious party. Analysts are alerted in near real-time to the destinations associated with the activities deemed most suspicious.

Abstract: A method for providing access to media content from a media content provider is performed at an electronic device. The method includes receiving, from a client device, a request for access to a media item. The method further includes, in response to the request for access to the media item: initiating an heuristic analysis to determine whether the client device is authorized to access the media item, including an examination of a media consumption log associated with the client device; and asynchronously providing access to the media item while performing the heuristic analysis. The method further includes, based on the examination of the media consumption log, determining that the client device has reached an access limit of requests to access media content. The method further includes, in accordance with the determination, after the client device has been provided to access the media item, terminating access to the media item.

Abstract: A method and a system for determining an optimal authentication scheme for an authenticating system. Embodiments may include: receiving, from the authenticating system an identity of a user requiring access to the authenticating system and a policy of the authenticating system; receiving, from a storage device, data including historical information regarding previous authentication attempts by the user; producing a list including an optimal selection of one or more authentication schemes, each including one or more authentication factors, according to the historical information and the authenticating system policy; and sending the selection list of one or more authentication schemes to the authenticating system.

Abstract: Embodiments of systems and methods for storing documents in a cloud storage system comprising a cloud processor and a plurality of storage components are disclosed.

Abstract: A trust management system providing secure communication for storing and sharing personal electronic—data of health (e-health data) and a method thereof are provided. The method includes creating a security policy in accordance with at least one input of a user of the electronic device through a security policy design tool, generating a link for gaining access to the data of health based on the security policy, receiving a transmission request for the data of health using the link from a health data request device, and performing authentication on the transmission request based on the security policy.

Abstract: A system configured for a format to control streaming of content, comprising: a content player module configured to enable a first user to request contents on a first computing device through search keywords on the content player module; request continuous play of the contents from pre-established station on the content player module, the content streaming service module configured to send symmetric encryption keys to content player module on the first computing device through a secure communication between first user and second user, content streaming service module configured to deliver the requested contents to content player module through a payload data, when the content player module starts playing the contents, content player module configured to connect to the content streaming service module to identify which content is being used, by whom, on what device and in which location for accurate accounting of used contents and use in fraud prevention heuristics.

Abstract: A computing device of a dispersed storage network includes a processing module operable to receive a plurality of requests regarding writing a plurality of data objects to storage units from a plurality of user computing devices. The processing module is further operable to activate a verification process to verify a content format verification code provided by a user computing device for a request regarding writing a data object, activate a signature process to sign the content format verification code with a trusted certificate to produce a signed content format verification code, send the trusted certificate and a signed content format verification code identification to a dispersed storage (DS) processing unit, receive a verification message indicating that the content format verification code identifies a correct format for the data object, and send the data object in the correct format to the DS processing unit for dispersed storage error encoding and storage.

Abstract: Multimedia content, such as film or video, is streamed to a plurality of users with a unique watermark embedded for each user. The content is provided through asynchronous multicast transmission. Users may request the content at different times and receive a uniquely watermarked stream of the content upon request as a discrete, just-in-time transmission. Content is watermarked upon a request for the content by a user. In several embodiments, each user is associated with a unique user identifier that becomes associated with a unique watermark. Once a watermark is associated with a user, the association is stored so that the same unique watermark may be used for future content requested by the user.

Abstract: A method implemented in a computing system hosting a three-dimensional virtual reality world. The computer system collects personally identifiable information of users of accounts, where each account in the accounts is identified by an account identifier and each data field of personally identifiable information of each account is identified by a data field identifier. The system uses a scrypt function to generate an encryption key from the global key, the account identifier, and the data field identifier specifically for the content of the data field of the personally identifiable information of the respective account. Different encryption keys are used for different data fields and different accounts. Encrypted content of a data field is stored at a random location; and the identification of the random location is stored in a device, database or system, separate from where the encrypted contents of the data fields of the accounts are stored.

Abstract: One embodiments provides a method, including: determining, using a processor, whether content to be displayed on an information handling device comprises sensitive information; filtering, responsive to determining that the content comprises sensitive information, the sensitive information from the content; displaying, on a display of the information handling device, the content with the sensitive information filtered; and transmitting the sensitive information to a secondary device. Other aspects are described and claimed.

Abstract: A a method for generating and maintaining trusted data in a network environment includes: 1) initializing a data block [A]0 and shared computation rules, and broadcasting the same to the network; 2) acknowledging a node of the data block [A]0 as a participating node; when new data A needs to be added, n participating nodes independently computing a candidate data block [A]T of [A]1 according to the shared computation rules, and broadcasting the same to the other n?1 participating nodes, wherein [A]1 is a data block containing the newly added data A; 3) The n participating nodes determine an acknowledged candidate result [A]Y according to a monitored broadcast packet; and 4) the participating nodes computing the monitored [A]T/[A]Y, and, when the computation result satisfies a predetermined condition, the participating node determining the computation result thereof as an acknowledged result and broadcasting the same.

Abstract: This is directed to providing access to content stored on a local cloud. In particular, a device can direct a librarian service overseeing the operation of a local cloud to provide another device with access to content stored on the local cloud. The librarian service can generate credentials for the other device, and provide the credentials to the other device. Using the credentials, the other device can connect directly to the local cloud and access the content. In addition, the local cloud can validate the credentials of the other before providing access to the content. The credentials can include, for example, a key to install or load on the device. The librarian may not require, however, the user to create credentials or register with the librarian before being permitted to access the content on the local cloud.

Abstract: Provided is a process for mobile-initiated authentications to web services. Credential values of the user are established within a trusted execution environment of the mobile device and representations are transmitted to a server. The user of the mobile device may authenticate with the mobile device to the server, which may convey access to a web-based service from a relying device. The server may pass credentials corresponding to the web-service received from the mobile device and verified to permit user access to the web-service to the relying device. The relying device presents credentials to the web-service to login, authenticate, or otherwise obtain user-level permission for the user on the relying device. The user of the mobile device may authenticate with the mobile device to the server, and may initiate the authentication process from the mobile device, without inputting credentials corresponding to the web-service on the relying device.

Abstract: A client device is connected to a network via one or more communication channels and exchanges content with one or more content provider systems via the network and the communication channels. To evaluate performance of the network or communication channels, the client device requests content from each of multiple content provider systems via the network. The client device determines one or more metrics, such as download data rate or upload data rate, for receiving or for transmitting content from each of the different content provider systems during a time interval. Based on metrics determined for content from multiple content provider systems, the client device determines one or more network performance metrics. Different types of content may be requested from different content provider systems in some embodiments.

Abstract: The invention relates to a system of obtaining authorization where there are multiple authorization modules. When an authorization is provided by a module, it is combined with a security token, digital signature or encryption identifying which module provided the authorization. To obtain a full authorization, multiple authorization modules may be required and these modules can be connected in parallel and or in series with each other.

Abstract: Various embodiments are generally directed to utilizing an offline and/or online verification or authentication protocol to access, redeem, or otherwise utilize multiple loyalty points and loyalty accounts A method for utilizing various loyalty points includes: determining that a user is requesting access to a loyalty points account database, receiving encrypted data generated based a cryptographic algorithm and a diversified key, receiving, a verification of the user, the verification including verifying a data combination that includes the encrypted data, where a server associated with the issuer may decrypt the data combination based on the cryptographic algorithm and the diversified key, responsive to receiving the verification of the user, accessing the database associated with a loyalty points account of the user, and authorizing a redemption of a plurality of loyalty points associated with the loyalty points account.

Abstract: This disclosure relates to adaptive recommendations for user-generated mediasets. A mediaset component provides for users to generate mediasets. A user-generated mediaset can include a user-generated playlist or a user-generated media channel. A monitoring component monitors consumption of media, e.g., by a consumer. A relatedness component determines a set of the user-generated mediasets that are related to the media consumed by the consumer. A recommendation component recommends a subset of the user-generated mediasets based on a set of criteria. A rights management component determines a set of authorizations of the consumer for respective media content associated with the set of user-generated mediasets, and takes at least one action based on the set of authorizations, e.g., updating one of the mediasets based on the set of authorizations.

Abstract: A network apparatus according to an embodiment is provided in a radio access network including a plurality of core network slices. The network apparatus includes a controller configured to manage a resource allocated to a radio terminal for each core network slice, based on a quality of service requirement of each of the plurality of core network slices. The controller provides a control signal related with the resource to the radio terminal.

Abstract: A user provided content provided via the Internet is identified. The user provided content belongs to a previous version content item of a content page accessible via the Internet. A previous version content item identifier for the previous version content item is generated including by combining a content from a title of the previous version content item and a content from a description text of the previous version content item. A new version content item identifier for each content item of a plurality of content items belonging to a new version of the content page are generated, including by combining a content from a title of the corresponding content item belonging to the new version and a content from a description text of the corresponding content item belonging to the new version. Measures of similarity between the previous version content item identifier and each of the new version content item identifiers are calculated.

Abstract: A communication system includes an encryption device, a decryption device and a communication link connecting the encryption device to the decryption device. The encryption device is configured to send encrypted messages to the decryption device over the communication link. The system includes a failure monitor configured to monitor for a failure of the encryption device or the decryption device, and, in the event of failure, to continue the sending of the messages to the decryption device but without encrypting the messages.

Abstract: A method for detection and use of device identifiers to enhance the security of data transfers between electronic devices. A first electronic device can transmit access data to a second electronic device. The access data can be associated with a first access code that can be generated based at least in part on data representing a device identifier of the first electronic device. A device identifier can uniquely identify the first electronic device from a plurality of electronic devices. Transferring the access data can involve transforming the first access code into a second access code that can include data representing a device identifier associated with the second electronic device. Transforming the first access code into the second access code can facilitate access to a resource associated with the access data for a second user, but not for a first user.

Abstract: Methods, systems and computer program products for periodically generating a personalized playlist of media objects based on a most recent taste profile of a user. An N-dimensional latent factor vector that defines a taste profile of a user is constructed and matched to an M-dimensional latent factor vector that defines attributes of a media object. A playlist including the first media object is generated based on the matching.

Abstract: An unregistered cable modem is in a cable operator network having a computer, a dynamic host configuration protocol (DHCP) server, a spoofing domain name system (DNS) server and a good DNS server, a captive portal application, and a trivial file transfer protocol (TFTP) server. The cable modem is provisioned by the cable modem obtaining a configuration, rebooting, and activating the configuration. The computer obtains a plurality of computer configuration parameters including an IP address of the spoofing DNS. The spoofing DNS server answers an HTTP request from the computer with an IP address associated with the captive portal application. The captive portal obtains an activation code from the computer, verifies the activation code is correct, and forces the cable modem to reboot.

Abstract: Providing an objective measure of trust in data provided by an Industrial Internet of Things (IIoT) device utilizes an objective trust indicator generated based at least in part on baseline device characteristics and corresponding monitored/observed device characteristics. These device characteristics may comprise device hardware characteristics, device software characteristics, application software characteristics (of software installed on the device), and/or device behavior characteristics. The trust indicator is determined by comparing a match vector indicative of weighted scores for the baseline device characteristics relative to a generated monitored characteristics vector indicative of differences between baseline and monitored device characteristics, and determining a directional difference between the match vector and the monitored characteristics vector.

Abstract: Example implementations are described that include displaying a graphical element related to privacy risk information for an application. A processor of a computing device may determine, for the application, a privacy attention score based on first privacy risk information. The processor may determine, for the application, an aggregated privacy assessment score from a plurality of privacy risk scores that are based on second privacy risk information. The processor may cause a graphical element representing a combination of the privacy attention score and the aggregated privacy assessment score to be displayed via a display device.

Abstract: A system and method for song management may include a digital vault receiving a song submitted by a user, the song comprising music in digital form; the digital vault uploading the song data to a song repository; the digital vault receiving and storing song metadata associated with the song; the digital vault sending a message to a reviewing user, inviting the reviewing user to access the song; and the digital vault capturing event metadata when the reviewing user gains access to the song, the event metadata comprising identification of the reviewing user and an activation timestamp.

Abstract: The present invention relates to data rights management and more particularly to a secured system and methodology and production system and methodology related thereto and to apparatus and methodology for production side systems and are consumer side systems for securely utilizing protected electronic data files of content (protected content), and further relates to controlled distribution, and regulating usage of the respective content on a recipient device (computing system) to be limited strictly to defined permitted uses, in accordance with usage rights (associated with the respective content to control usage of that respective content), on specifically restricted to a specific one particular recipient device (for a plurality of specific particular recipient devices), or usage on some or any authorized recipient device without restriction to any one in specific, to control use of the respective content as an application software program, exporting, modifying, executing as an application program, viewing,

Abstract: Mobile devices executing applications utilize data services worldwide. The application executing on these mobile devices may be tested using proxy access devices (PADs) located at various points-of-presence (POPs) at different geolocations. A plurality of PADs in a high density configuration are managed to provide a pool of accessible devices at a POP for developers to utilize in testing. The PADs may comprise consumer-grade devices which individually are less reliable than that desired by an operator of the POP. Systems are used to provide a desired level of reliability by maintaining a reserve of additional PADs, automatically fixing problems, generating trouble tickets for more detailed troubleshooting, and so forth.

Abstract: A system, computer program product and method for healthcare information management in a multi-party healthcare network. The system includes a plurality of remote computers, a central server, a network interface in communication with the central server and the plurality of remote computers over a network, and a shared database in communication with the central server.

Abstract: A service provider receives a request to obtain a text-based transmission. In response to the request, the service provider generates an identifier corresponding to the request and, based at least in part on the identifier and text to be included in the transmission, determines a set of textual transformations to associate with the identifier. The service provider modifies the text in accordance with the set of textual transformations and provides the modified text to the requestor as the text-based transmission.

Abstract: A computing system includes a database and a discovery application. The discovery application obtains credentials for accessing a server hosting a software bus application which connects a plurality of applications within a managed network. The discovery application selects, based on a pattern corresponding to the software bus application, one or more files to access, transmits, to the server, instructions to access the one or more files, and receives therefrom data identifying a plurality of attributes of the software bus application. Based on this data, the discovery application transmits, to the server, instructions to identify communicative connections established between the plurality of software applications by way of the software bus application and receives therefrom data identifying the communicative connections.

Abstract: HTML5 multimedia redirection is implemented. When a multimedia application is started, a hooking library can be injected to enable the hooking library to modify the application's interactions with the Microsoft Media Foundation multimedia platform. These modifications include causing only a redirecting MFT to be enumerated so that the application will employ the redirecting MFT in the topology of a media pipeline created to play HTML5 video and/or audio. These modifications also include handling playback controls to synchronize the playback that is occurring on the client with the media session on the server.

Abstract: An exemplary embodiment of the present invention indexes components of a systematization of technical data. An author, a publisher, and a renderer are defined. The author, the publisher, and the renderer are relatedly configured in the technical data system so that the author represents a first stage, the publisher represents a second stage, and the renderer represents a third stage. The author creates and outputs author data, which is input into and implemented by the publisher. The publisher creates and outputs publisher data, which is input into and implemented by the renderer. The renderer creates and outputs renderer data, which is input into and implemented by a user. Respective levels of data are determined at the three stages. A first-stage level of data corresponds to the author data. A second-stage level of data corresponds to the publisher data. A third-stage level of data corresponds to the renderer data.

Abstract: A method and system for remote viewing of multimedia content using a multimedia content distribution network (MCDN) is configured to duplicate multimedia content displayed on a first MCDN terminal device and route the duplicate multimedia content to a second MCDN terminal device. The MCDN terminal devices may be coupled to a local network at an MCDN client premises. The MCDN terminal devices may also include wireless telephony devices for mobile remote viewing functionality. The method may include transcoding of the multimedia content into a format suitable for the second MCDN terminal device.

Abstract: Computer systems and methods in various embodiments are configured for improving the security and efficiency of server computers interacting through an intermediary computer with client computers that may be executing malicious and/or autonomous headless browsers or “bots”.

Abstract: A system and method for managing and controlling data licenses for information assets. An information asset is stored in a repository, and registered in a catalog for the repository. A data license is associated with the information asset in the catalog, wherein the data license is stored as part of the information asset's metadata in the catalog. Access to the information asset stored in the repository is controlled based on the data license. A new data license is automatically created for a new information asset derived from an existing information asset, wherein the new data license is derived from an existing data license for the existing information asset. A lineage graph of the information asset is automatically created for audit purposes, to show that the information asset has been accessed in compliance with the data license.

Abstract: Embodiments are disclosed for a method that may include accessing events in a field-searchable data store. The events may include raw machine data associated with a timestamp. The raw machine data may represent interactions between a mobile device and one or more network devices at a locale. The method may further include determining, based on the interactions, one or more geographic positions of the mobile device, and calculating a metric for the locale using the geographic positions.

Abstract: The present invention discloses a method, apparatus and a storage medium for defending against malicious clicks. The method includes: acquiring a shielding policy corresponding to promotional content; determining a user in a shielding policy list as the user to be shielded based on the shielding policy and historical click information of users; and performing shielding processing on the promotional content for the user to be shielded, if the user to be shielded in the shielding policy list conducts a retrieval. According to the technical solution provided by the embodiments of the present invention, malicious clicks are prevented at the stage of displaying promotional content in a front end of a server.