Abstract: According to one embodiment, the data transmitting device includes a storing unit, an authenticator generating unit, and a communication unit. The storing unit stores accuracy information based on an accuracy of synchronization between a first clock and a second clock. The first clock indicates a current time of the data transmitting device. The second clock indicates a current time of other device to be a destination of a data packet. The authenticator generating unit calculates a first time by adding a predetermined time to the current time of the data transmitting device, calculates a second time by adjusting the first time using the accuracy information, and generates an authenticator using the second time, the data packet, and a predetermined secret key. The communication unit transmits, to the other device, the data packet with the authenticator at a third time obtained by adding the second time to a predetermined time.

Abstract: An electronic transaction evidence archive apparatus and method archives electronic transaction evidence, such as public key based electronic transaction evidence on behalf of a first party. The apparatus and method determines redundant electronic transaction evidence and removes the redundant electronic transaction evidence prior to archival. In one embodiment, the electronic transaction evidence archive apparatus and method indexes received electronic transaction evidence and archives the indexed data elements thereof. When a subsequent archival request is made, the apparatus and method evaluates the index data to determine redundant electronic transaction evidence and discards redundant information to save memory resources. The first party provides the electronic transaction evidence in, for example, an archive evidence bundle, which includes data elements related to a single transaction.

Abstract: A facsimile system and method provides authentication of transmitted image information, which authentication may be in the form of a signature page. An authentication device computes authentication information at a sending device, a receiving device, both, or at a remote location during transmission. The signature page may also be transmitted with the document. The sending and receiving devices may each generate signature pages or acknowledgement of receipt in response to receiving a signature page. The authentication information may be encrypted with a public/private key pair. The authentication information may be in the form of a checksum, and may be prepared based on separate regions of the document. A previously generated signature page is compared to a newly generated signature page to verify the document content or authenticity. Document authentication signatures may include machine-readable symbols to represent the authentication information.

Abstract: In accordance with an embodiment of the invention, a method of writing and reading redundant data is provided. Data is written by storing a copy of the data along with a timestamp and a signature at each of a set of storage devices. The data is read by retrieving the copy of the data, the timestamp and the signature from each of a plurality of the set of data storage devices. One of the copies of the data is selected to be provided to a requestor of the data. Each of the storage devices of the set is requested to certify the selected copy of the data. Provided that a proof of certification of the selected copy of the data is valid, the storage devices of the set are instructed to store the selected copy of the data along with a new timestamp.

Abstract: In an embodiment, a first device detects a first interaction between the first device and a second device. The first device assigns a first rating of the first interaction. The first device calculates an internal trust for the second device based on the first rating and a first time since the occurrence of the first interaction. The first device receives trust data from a third device. The first device calculates a community trust for the second device based on the trust data and an internal trust that the first device has for the third device. The first device calculates a total trust that the first device has for the second device based on the community trust and the internal trust that the first device has for the second device. If the total trust is less than a minimum threshold, the first device disallows a second interaction.

Abstract: Provided are an apparatus and method for preventing falsification of black box data. The apparatus for preventing falsification of black box data includes a driving information storage module and a falsification prevention module. The driving information storage module stores a driving information data which is collected by a black box. The falsification prevention module encrypts the driving information data to generate a falsification determination data through a predetermined encryption mechanism, and stores the falsification determination data.

Abstract: A gateway server interoperates with client and remote server systems to provide stateless security management for a distributed Web application. A Web client application on the client system initiates a WebSocket connection directed to a remote Web service by performing an authentication challenge directed to a user of the Web-browser client where a secure token is not present in a local store instance corresponding to the client application. The authentication challenge obtains the user credentials and then exchanges the user credentials with the gateway server for a secure token. The secure token is then sent in a protocol specific connect message to the gateway server.

Abstract: A system, method, and computer program product are provided for populating a list of known wanted data. In use, an update to data is identified. In addition, a list of known wanted data is populated with the data, in response to the update.

Abstract: A bidirectional entity authentication method based on the credible third party includes the steps that: entity A receives message 1 sent from entity B including the authentication parameters of said entity B, and sends message 2 to the credible third party TP, said message 2 including the authentication parameters of entity B and the authentication parameters of entity A; entity A receives message 3 sent from said credible third party TP, said message 3 including the checking result after checking that whether said entity A and entity B are legal based on said message 2 by said credible third party TP; entity A gets the authentication result of entity B after authenticating said message 3, and sends message 4 to said entity B to make entity B authenticating based on said message 4 and getting the authentication result of entity A.

Abstract: A computer system to authenticate documents periodically appending a hash representing a document to a data structure, the data structure configured to store one or more hashes and creating a commitment for the data structure at pre-established intervals by creating a digest of the one or more hashes of the of the data structure, wherein the size of the commitment is constant regardless of the number of hashes in the data structure.

Abstract: A method and computer readable medium for conducting a transaction, comprising receiving a verification value and a portion of a dynamic data element, determining candidate dynamic data elements using the portion of the dynamic data element, calculating candidate verification values using candidate dynamic data elements, and determining if the received verification value matches any of the candidate verification values, wherein the transaction is thereafter authenticated if a candidate verification value matches a candidate verification value.

Abstract: Disclosed are methods and circuits for detecting and recording timestamps for multiple events (222/322, 224/324) using a single input pin (252, 352) on a real time clock (RTC) (250, 350). Signals associated with each of the events are modulated to create a multiple level composite signal (240). The RTC includes a multiple signal level detection circuit to distinguish from among the various signal levels so that each event can be separately flagged and timestamped. For example, the opening of two or more covers (112, 114) on the housing (110) of an electronic device (100) can be monitored, distinguished, and separately flagged using a single RTC input port.

Abstract: A method and apparatus to establish a trustworthy local time based on trusted computing methods are described. The concepts are scaling because they may be graded by the frequency and accuracy with which a reliable external time source is available for correction and/or reset, and how trustworthy this external source is in a commercial scenario. The techniques also take into account that the number of different paths and number of hops between the device and the trusted external time source may vary. A local clock related value which is protected by a TPM securely bound to an external clock. A system of Accuracy Statements (AS) is added to introduce time references to the audit data provided by other maybe cheaper sources than the time source providing the initial time.

Abstract: A security module on a client detects a signed file at the client and reports signing information identifying a certificate used to sign the file and a file identifier identifying the file to a security server. The security server uses the signing information to determine whether the certificate is compromised. If the certificate is compromised, the security server compares a discovery date of the file with a compromise date of the certificate. The security server generates trust data assigning a trust level to the file responsive to the comparison. The trust data assign a low trust level to the file if the comparison indicates that the file discovery date is after the compromise date and assign a high trust level to the file if the comparison indicates that the file discovery date is not after the compromise date. The security server provides the trust data to the client.

Abstract: A non-transitory computer readable medium storing a program causing a computer to execute a process including: accepting an instruction for verifying an electronic signature added to information; verifying the electronic signature on the basis of an electronic certification corresponding to the electronic signature in accordance with the accepted instruction; calculating, when it is determined that the information has not been tampered with, a hash value of a combination of the information, the electronic signature, and validity-period information indicating a validity period of the electronic certification; adding a time stamp to the calculated hash value; outputting the information, the electronic signature, the hash value, and the validity-period information to a storage device; and outputting, when it is determined that the information has not been tampered with, a verification result including information indicating that the information has not been tampered with.

Abstract: A system and method is disclosed for placing an electronic apparatus into a protected state in response to environmental data. The method discloses: receiving a set of environmental data applicable to an electronic apparatus; generating an environmental status applicable to the electronic apparatus based-on the environmental data; and placing the electronic apparatus into a protected state based-on the environmental status. The system discloses an environment characterization module which receives a set of environmental data applicable to an electronic apparatus, and generates an environmental status applicable to the electronic apparatus based-on the environmental data; and an apparatus protection module which places the electronic apparatus into a protected state based-on the environmental status.

Abstract: A method and system for supply of data, including generating a first digital certificate referred (empowerment certificate) signed with a first signing entity's electronic signature. The empowerment certificate includes attributes of the described entity, information identifying the first signing entity, indication of data relating to the described entity, indication of a source of the data, and identification of a relying entity to which the data can be supplied. The relying entity forwards the empowerment certificate to a source supplying the data indicated in the empowerment certificate. The data may be supplied to the relying entity by a second digital certificate (custom certificate), signed with a second signing entity's electronic signature. Custom certificates may appear in custom certificate revocation lists. A system and method for transfer of ownership of electronic property from a first entity to a second entity, and a method and system for electronic voting are also provided.

Abstract: Systems and methods of securely updating BIOS are disclosed. One such system comprises a reprogrammable memory, a first and a second register, and comparison logic. The reprogrammable memory comprises a first portion and a protect input. The protect input is configured to disallow writes to at least the first portion when the memory protect input is at a first level, and to allow writes to at least the first portion when the protect input is at a second level; The comparison logic is configured to drive a comparison output to a third level responsive to the first and second registers having equal values, and to drive the comparison output to a fourth level responsive to the first and second registers having different values. The comparison output is electrically coupled to the memory protect input.

Abstract: Systems and methods are disclosed for authenticating electronic messages. A data structure is generated by a computer server which allows for the authentication of the contents and computer server identity of a received electronic message and provides a trusted stamp to authenticate when the message was sent. Data which can authenticate the message, the computer server identity, and the time the message was sent is included into a data structure which is called an Electronic PostMark (EPM).

Abstract: Enhancing locality in a security co-processor module of a computing system may be achieved by including one or more additional attributes such as geographic location, trusted time, a hardware vendor string, and one or more environmental factors into an access control space for machine mode measurement of a computing system.

Abstract: A mobile node and its home system generate synchronized time-based codes at periodic time intervals. Each time-based code is valid for a predetermined time period. To facilitate anonymous operation when roaming, the mobile node identifies itself with a coded identifier instead of a public identifier. The coded identifier used at a given time includes the time-based code that is valid for that given time. To authenticate the mobile node, a serving system receives authentication information from the mobile node and forwards the authentication information to a home system. The authentication information includes the current time-based code and a timestamp. The home system identifies the mobile node from the current time-based code and the timestamp. The home system then uses the authentication information to authenticate the mobile node.

Abstract: A method and system for creating and authenticating a document are disclosed. According to the method, a user of a document creation system is registered to ensure the creation of an authentic document. A document is then created having a user discernable portion and an encoded portion. The encoded portion includes identification data identifying the registered user of the document creation system; as well as contents data corresponding to at least part of the user discernable portion of the document, and authentication data. A central record of the document is created, the record comprising data which corresponds at least partially to the data in the encoded portion of the document. To authenticate the document subsequently, an image of the encoded portion of the document is acquired, for example using fax machine or a camera of a mobile telephone and transmitted to an authentication center.

Abstract: Embodiments are directed to the providing a cloud keying and signing service and to securing software package distribution on the cloud. In an embodiment, a computer system instantiates a signing service configured to sign software packages. The computer system receives a signing request from a computer user requesting that a selected software package be signed. The signing request includes a computed hash of the selected software package. The computer system generates a private and public key pair on behalf of the computer user and stores the private key of the generated key pair in a secure data store.

Abstract: Various embodiments of a system and method for a single request-single response protocol with mutual replay attack protection are described. Embodiments include a system that receives multiple single request messages, each of which include a respective nonce, timestamp, and digital signature. The system may create a record of previously received nonces that, at any given time, may include multiple message nonces received within a valid period of time prior to that given time. To validate a given single request message, the system verifies the digital signature of the message, determines that the timestamp of the message indicates a time within the valid period of time prior to the current time, and determines that the nonce of the message is not present within the record of previously received nonces. The system sends a single response message that includes the same nonce as the validated message.

Abstract: An archival storage cluster of preferably symmetric nodes includes a data privacy scheme that implements key management through secret sharing. In one embodiment, the protection scheme is implemented at install time. At install, an encryption key is generated, split, and the constituent pieces written to respective archive nodes. The key is not written to a drive to ensure that it cannot be stolen or otherwise compromised. Due to the secret sharing scheme, any t of the n nodes must be present before the cluster can mount the drives. Thus, to un-share the secret, a process runs before the cluster comes up. It contacts as many nodes as possible to attempt to reach a sufficient t value. Once it does, the process un-shares the secret and mounts the drives locally. Given bidirectional communication, this mount occurs more or less at the same time on all t nodes. Once the drives are mounted, the cluster can continue to boot as normal.

Abstract: A system verifies an identity of a content sender by receiving content purporting to originate from a content sender, and performing a validation of the content to determine a purported identity of the content sender. The system prepares and transfers verification data to an address associated with the purported identity of the content sender. In response to transferring the verification data, the system receives a verification response to the verification data, and performs a validation of the verification response to verify the purported identity of the content sender.

Abstract: Various embodiments of a system and method for long-term digital signature verification utilizing light weight digital signatures are described. Embodiments may include a verifying entity system that receives digitally signed data including a portion of data, signing time, and digital signature. The verifying entity system may receive a digital certificate that includes information for verifying the digital signature and an expiration time for the certificate. The verifying entity system may receive CRL that persists revocation information corresponding to ones of the revoked digital certificates that have already expired. The verifying entity system may utilize the CRL to determine that the digital signature is valid subsequent to its expiration time. The verifying entity system may evaluate the CRL to determine that the digital certificate was not revoked at the signing time. The verifying entity system may determine the digital signature is a valid digital signature and generate a corresponding result.

Abstract: A system and method for performing a security check may include using at least one processor to periodically check a status of a flag, generate and store a baseline representation of modules stored on the device where the flag is determined to be set to a first state, and, where the flag is determined to be set to a second state, generate an active representation of modules stored on the first device, compare the active representation of modules to the baseline representation of modules, and, responsive to a determination in the comparing step of a difference between the baseline and active representations of modules, output an alert. The flag status may depend on an association of the device with one of a plurality of authorization policies, each mapped to one of the two states. Results of the comparison may be appended to an activity log of the device.

Abstract: A signing method, apparatus, and system, which relate to the information security field. The present invention overcomes the problem of signature counterfeit in prior art. The client host generates a transaction message and determines the key information of the message after receiving transaction information entered by a user, forms a data packet for signing, and transmits the data packet to the USB key, which will then extract the key information and output it for confirmation by the user, and if a confirmation is received, the USB key signs the data packet and transmits a signature to the client host; after receiving the signature and the transaction message from the client host, the server extracts the key information from the transaction message to form a data packet for signing and verifies the signature against the data packet. The embodiments of the present invention are mainly applicable to the field of information security.

Abstract: A presence attribute information server and manager application, and corresponding method is provided for managing access to presence attribute information. In addition to the presence attribute information entries, access authorization entries associated with at least some of the presence attribute information entries are provided which define conditions in which access to the presence attribute information is authorized. Generally, the defined conditions can include temporal and/or spatial requirements associated with either the user requesting the presence attribute information or the person/item associated with the presence attribute information, for purposes of establishing authorization to access the presence attribute information.

Abstract: In a portable electronic device, a method of authenticating a document associated with a geographical location is disclosed. A document is provided in the form of digital data, and a hash value is generated from the digital data of said document. Raw GPS data are received from at least one GPS satellite, and then digitally signed by a first private key of the portable electronic device. From the raw GPS data, exact GPS coordinates are calculated. A request for an authentic location stamp is sent to a certification unit, the request containing at least the hash value of the document, the raw GPS data and the exact GPS coordinates, wherein said request is digitally signed by a private key of the portable electronic device. In response to said location stamp request, a nonce value from the certification unit is received, said nonce value being digitally signed by a private key of the certification unit.

Abstract: A system is comprised of a user and a group, wherein the group is comprised of a group leader and a group of M members where M is equal to or greater than one. The group leader generates a group public key and a group leader “master” private key. The group leader creates a personalized watermarked or decryption key, also referred to as an individual private key, for each group member. The individual private key uniquely identifies each group member. The group leader distributes the individual private keys to each of the group members. Each group member receives from a user a message encrypted using the group public key. Each of the group members uses its individual private key to decrypt the encrypted message sent by the user to the group.

Abstract: An information processing apparatus according to the present application includes a first application allowed to access the IC chip, including an IC chip in which predetermined data is recorded, an IC chip reading unit that reads the data recorded in the IC chip, and a signature data generation unit that generates signature data by performing encryption processing on the recorded data read by the IC chip reading unit and a second application not allowed to access the IC chip, including a server access unit that requests acquisition of content from an information providing server by receiving the signature data and the recorded data from the first application and transmitting the signature data and the recorded data to the information providing server that provides predetermined content.

Abstract: An authentication method of an electronic device is disclosed. A plurality of key inputs is received from a user via activation of input keys. At least one key input from the key inputs is validated based on a predefined criterion to obtain a password. The password is compared to a registered password to obtain an authenticated password.

Abstract: In some embodiments, techniques for computer security comprise displaying an electronic document, detecting a request to traverse a link, such as a hyperlink or a form submission, wherein the link is associated with an element of the document, evaluating an attribute, wherein the attribute is associated with the element of the document, and determining whether to perform the action based on the evaluation. Applications of these techniques include mitigating the effect of an attempt to modify web pages for fraudulent purposes, such as by a “phishing” attack incorporating malicious scripting.

Abstract: This invention is time stamping subsystem of an electronic apparatus. A time stamp generator generates a multibit time stamp value including a predetermined number of least significant bits overlapping a predetermined number of most significant bits. Each client receives the least significant bits. Each client associates captured data with a corresponding set of the least significant bits in a message. A central scheduling unit associates most significant bits of the time stamp value with the least significant bits of the message. This associating compares overlap bits of the most significant bits and least significant bits. The most significant bits are decremented until the overlap bits are equal.

Abstract: A method and apparatus for creating and/or using trustworthy timestamps and certifiable clocks using logs linked by cryptographic hashes. In one embodiment, the method comprises maintaining a first, chained-hash log; associating a first clock with the chained-hash log, and entangling the first log; with a second by adding a time-stamped synchronization entry to the chained-hash log, where the synchronization entry has a second time indication associated with the second log and a hash of one or more entries in the first log.

Abstract: At each of a plurality of transit readers of a transit system, for each of a plurality of riders, where each rider seeks to conduct an access transaction with the transit system for access into the transit facility by using a payment device issued by an issuer in a payment system, data is read from the payment device. The data includes an encryption code that uniquely corresponds to the payment device and was created by the issuer using one or more encryption keys and a predetermined algorithm. A check will be performed, remotely and/or locally, of one or more lists of other encryption codes to determine if the encryption code is on the list. On the basis of whether the encryption code is on the list, the rider is permitted access to the facility of the transit system. The payment device need not be changed for the rider's fare. Decryption of the encryption code read from the payment device is not required to complete the access transaction.

Abstract: A method for secure communication and printing, comprising: user entering user and destination information to host; authentication server producing, saving encryption key for the job, user, and destination information into database, and sending to host; host encrypting the job using encryption key and sending job to destination; user entering user and destination information to device; authentication server retrieving encryption key from database, and sending to device; and device decrypting the job using encryption key and releasing job. Authentication at both host and MFP sides disables unauthorized, malicious attack to a user's mailbox, and results in jobs to a mailbox having different dynamic encryption keys, and no password or mailbox PIN trafficking on network. Furthermore, host and MFP can be at different domains. Methods also include secrecy encrypting encryption key; hashing key generator using SHA1, MD5, etc.

Abstract: A method and system which provides communication between a first portable device and a second portable device. The first portable device stores a first sequence number and a first key, and the second portable device stores a second sequence number and a second key. Verification is performed using the first and second keys. The first sequence number is compared to the second sequence number. If the second sequence number is newer than the first sequence number, the first sequence number is set to have a value of the second sequence number if the verification succeeds. If the first sequence number is newer than the second sequence number, the second sequence number is set to have a value of the first sequence number if verification succeeds.

Abstract: A system and method for dynamically and automatically updating the appropriate fields on the message application screen of an electronic message to show which of the appropriate service book, security encoding or security properties are acceptable or allowed for the message being composed. This updating occurs automatically based on the contents of the fields that are modified during composition of the message, such as, for example, modifications to classification of the message, recipients, keywords, or the like. Thus, the properties in place for a given message is reflected in a dynamic options list provided to the user based on the contents of various fields of the electronic message and the system policies resident on the system. The dynamic updating may provide an updated list of options to the user, or may optionally automatically apply minimum level settings based on security policy and contents of the message.

Abstract: The current invention describes a method for long term archiving of qualifiedly signed data in accordance with the current invention, which comprises the steps of hashing the data, encrypting the data through a cryptography algorithm, hashing the encrypted data, signing the hashed data with an advanced time stamp, generating a hash tree over the whole data file or the subgroups thereof and signing the hash tree(s) with a qualified time stamp. Furthermore, a computer system for conducting the method is disclosed.

Abstract: Various embodiments of a system and method for a single request—single response protocol with mutual replay attack protection are described. Embodiments may include a system that receives multiple single request messages, each of which may include a respective nonce, timestamp, and digital signature. The system may create a record of previously received nonces that, at any given time, may include multiple message nonces received within a valid period of time prior to that given time. To validate a given single request message the system may verify the digital signature of the that message, determine that the timestamp of that message indicates a time within the valid period of time prior to the current time, and determine the nonce of the that message is not present within the record of previously received nonces. The system may send a single response message that includes the same nonce as the validated message.

Abstract: A mobile communication device operates in a wireless communication network with use of a communication service provided by a service provider (e.g. a wireless carrier for voice telephony, or data service provider for data synchronization). An application server receives, via the wireless network, a message from the mobile device. The message has a field for inclusion of a token having a digital signature corresponding to the service provider. The application server performs token validation of the message, which includes a verification step for verifying the digital signature of the token with a public key corresponding to the service provider. The application server then grants or denies access to an application service depending on the outcome of the token validation. In one embodiment, the application service is an e-commerce transaction service, wherein a proof-of-work (POW) test (e.g. a Captcha test) otherwise utilized for the service is bypassed or excluded.

Abstract: There is described a method for transmitting synchronization messages, for example PTP messages of the IEEE 1588 standard, the PTP message being inserted into a data packet in line with the Internet Protocol, the data packet having an IP header, and the data packet having a UDP header. In this case, for the encrypted transmission on the PTP message, the data packet is addressed to a UDP port that is reserved for encrypted PTP messages, the data packet is provided with an additional S-PTP header that is provided for encryption, the PTP message is extended with a pseudo random number, and the PTP message is encrypted together with the pseudo random number.

Abstract: Methods and systems for robust watermark insertion and extraction for digital set-top boxes are disclosed and may include descrambling, detecting watermarking messages in a received video signal utilizing a watermark message parser, and immediately watermarking the descrambled video signal utilizing an embedded CPU. The embedded CPU may utilize code that may be signed by an authorized key, encrypted externally to the chip, decrypted, and stored in memory in a region off-limits to other processors. The video signal may be watermarked in a decompressed domain. The enabling of the watermarking may be verified utilizing a watchdog timer. The descriptors corresponding to the watermarking may be stored in memory that may be inaccessible by the main CPU. The watermark may comprise unique identifier data specific to the chip and a time stamp, and may be encrypted utilizing an on-chip combinatorial function.

Abstract: The present application is directed towards systems and methods for generating and maintaining cookie consistency for security protection across a plurality of cores in a multi-core system. A packet processing engine executing on one core designated as a primary packet processing engine generates and maintains a global random seed. The global random seed may be used as an initial seed for creation of cookie signatures by each of a plurality of packet processing engines executing on a plurality of cores of the multi-core system using a deterministic pseudo-random number generation function such that each core creates an identical set of cookie signatures.

Abstract: Techniques are disclosed for sharing information in a wide variety of contexts. An information sharing system is described that allows both an explicit capture process and an implicit capture process to add information items to a staging area. Further, the information sharing system supports both implicit and explicit consumption of information items that are stored in said staging area. A rules engine is provided to allow users to create and register rules that customize the behavior of the capture processes, the consuming processes, and propagation processes that propagate information from the staging areas to designated destinations. Techniques are also described for achieving exactly-once handling of sequence of items, where the items are maintained in volatile memory. Techniques are also provided for recording DDL operations, and for asynchronously performing operations based on the previously-performed DDL operations.

Abstract: Determination is executed as to whether an electronic document has been edited after addition of a second signature added after addition of a first signature. When it is determined that editing is made after the addition of the second signature, a verification result of the electronic document is output without determining whether editing is made after the addition of the first signature. If it is determined that editing is not made after the addition of the second signature, determination is executed as to whether editing is made after the addition of the first signature and the verification result of the electronic document is output based on an obtained determination result.

Abstract: A first user (110) requests a service provider (130) to create (200,400) a record of a transaction. The service provider (130) creates (230,430) a digital receipt (300,700,900), which includes a description (310,710,720,910,1020) of the transaction understandable by humans, tamper-proof evidence (320) of the transaction, and a verification prompt (330,740,940,1030). A second user (120) who desires to verify the transaction displays (265,465) the digital receipt (300,700,900) and activates (270,470) the verification prompt (330,740,940,1030). Upon activation, the tamper-proof evidence (320) is verified without requiring further human interaction to identify the tamper-proof evidence.