Abstract: Aspects of this disclosure are directed to outputting, for display at a presence-sensitive display, a first set of two or more selectable objects in a first arrangement of locations, the computing device operating in a first instance of a limited access state. At least one of the selectable objects includes an element of a predetermined passcode. The computing device may receive an indication of a first gesture to select one of the selectable objects and an indication of a second gesture to designate the selected object as an element of a candidate passcode. The computing device may transition to an access state based at least in part on a comparison between the candidate passcode and the predetermined passcode. The computing device may transition to a second instance of the limited access state, and may output a second set of two or more selectable objects in a second, different arrangement.

Abstract: A first device establishes a connection with a second device and attempts access, via the connection to an enterprise server of an enterprise. The first device may have a number of security perimeters, ones of which are allowed to use various communications proxies provided by the second device. If the first device and the second device are associated with a same common enterprise, an enterprise perimeter of the first device may be enabled to access the enterprise using an enterprise proxy of the second device.

Abstract: An operation method for an electronic apparatus is provided. The method includes: providing a setting function interface to be displayed on a display unit; detecting a motion trajectory operated on the display unit by a user using an input unit; performing an association setting to associate the motion trajectory with an operation function; making an original executing manner for executing the operation function unenforceable; and executing the corresponding operation function accordingly when an operation matching the motion trajectory is detected.

Abstract: An authentication processing device receives biometric data to be checked from a biometric measuring device; transforms the biometric data that is input from the biometric measuring device by using a checking transformation parameter that is different from a registration transformation parameter; and creates checking biometric data. Then, the authentication processing device performs a differential transformation process on the created checking biometric data by using a differential parameter by which a transformation state transformed by the checking transformation parameter and a transformation state transformed by the registration transformation parameter have the same state. Thereafter, the authentication processing device checks the transformed checking biometric data against the registration biometric data stored in a transformation registration data DB and performs authentication.

Abstract: A portable data or information carrier in the form of a smart card with partially or fully virtualized components. To maximize the confidentiality of information stored in the carrier, and more specifically to limit the amount of information available to a potential defrauder, electronic components such as circuits, I/O, cryptographic, memory and dummy objects are built, modified or influenced on demand from physical characteristics of an eligible person or device. Digitized unique biometric or hardware identifiers are read upon start-up and runtime of the device and, in case of an eligible person or device, subsequently supply all values necessary for determination of the characteristics of the user specific virtual smart cards objects, their placement and connections. By multi-factor authentication, the end-user or device will retain sole control of its keys and use them for authentication, signature or encryption purposes as if he had a physical smart card in his hand.

Abstract: A method comprises providing first user authentication data of a user and comparing the first user authentication data to first stored template data. When the comparison is indicative of a match, a first session is provided, which supports one of user access for retrieving first data that are stored within a peripheral memory storage device and user access for modifying a data content of the peripheral memory storage device. The first session does not support the other one of user access for retrieving first data that are stored within the peripheral memory storage device and user access for modifying a data content of the peripheral memory storage device. During the first session, second user authentication data of the same user is provided and compared to second stored template data.

Abstract: An electronic apparatus includes a display, a touch panel, a controller, an input module, a generator and a display controller. The controller deactivates security of the electronic apparatus when a password is inputted. The input module makes a user input the password by one character. The generator generates a key group including a first character in the password and a character other than the first character. The display controller displays a software key for displaying a character group in the key group as an input target on the display on a password input screen for inputting the password.

Abstract: A method for authentication is provided comprising: displaying, by an electronic device, a first screen including first objects, each first object being associated with a respective value; detecting a first gesture performed on a first set of the first objects; identifying a first operation based on the first gesture; performing, by the electronic device, the first operation using the respective values of the first objects in the first set as operands to obtain a first result; computing an input string based on the first result; detecting whether the input string matches a predefined password; and authorizing access to the electronic device in response to the input string matching the predefined password.

Abstract: A method includes obtaining information from an application to display to a user of a device having a screen from which information may be viewed by more than one person, generating a cover to selectively obscure sensitive information contained in a portion of the screen displaying the information, and receiving user input to selectively invoke or remove the cover relative to sensitive information to obscure display of the sensitive information on the screen.

Abstract: A keyboard is disclosed. The keyboard may comprise a biometric sensor configured for authenticating a user; a docking station configured for receiving a security device; and a processor configured for facilitating communication between the biometric sensor and the security device docked in the docking station with a computing device coupled to the keyboard.

Abstract: The invention provides a method and apparatus for authenticating a user in a touchscreen environment. A first tier may be defined having at least one object, and a destination tier may be defined having at least one bin. An authentication-key may be registered, the authentication-key comprising a length defining a number of nodes and a correct sequence of nodes, each node specifying a movement of one object from the first tier to one bin of the destination tier. A user sequence of at least one touchscreen gestures is received, each gesture specifying that one object from the first tier should be moved to one bin of the destination tier. Access is permitted if the at least one touchscreen gestures corresponds to the length, the correct sequence, and the movement of the authentication-key.

Abstract: Embodiments of the invention relate to collecting keystroke timing data of samples of a phrase input by a user on an input device during different user sessions, and creating a biometric user template based on the timing data collected during the different sessions. Once a sufficient number of samples are collected, the template may be used to authenticate the user.

Abstract: In particular embodiments, a temporary user is able to use another's personal computing device in shared mode for a short period of time while experiencing a personalized user interface. An indication is detected that a personal computing device associated with a primary user is to be shared with a temporary user. Access to local personal information associated with the primary user is disabled if it is stored on the personal computing device. Access to remote personal information of the primary user that is accessible from the personal computing device is disabled. A personalized user interface incorporating personal information associated with the temporary user is presented on the personal computing device for the temporary user. Personal information of the primary user is not accessible by the temporary user, and vice versa. When shared mode is to be terminated, all personal information of the temporary user is deleted.

Abstract: A memory device includes a plurality of memory chips, including one or more memory chips that store authentication information, and a controller including a first register that stores information indicating a representative memory chip, from among the one or more memory chips that store the authentication information, that stores valid authentication information.

Abstract: In order to create and access a secure storage account in a non-volatile memory device, an account identification value is calculated. A memory identification value is read from a first non-volatile memory device. The memory identification value and the account identification value are transmitted to a second non-volatile memory device, and a calculated credential is received. A command is transmitted to create a secure storage account in the first non-volatile memory device, where the command contains the credential and the account identification value. To access the account, a sequence is transmitted, containing the account identification value and a value based on the credential. A secure storage system contains a first non-volatile memory device that stores a memory identification value and contains a secure partition accessible using a credential, a second non-volatile memory device that can compute the credential, and a host adapted to create and access the secure partition.

Abstract: Aspects of the present invention provide a solution for managing and retrieving encrypted biometric data. A plurality of biometric entries is obtained and each one is encrypted with a unique non-invertible encryption function to get a plurality of encrypted biometric entries. A biometric measurement to be compared against the biometric entries is obtained, a predetermined noise is applied to the biometric measurement, and then the biometric measurement if encrypted using the non-invertible encryption function, resulting in a scrambled encrypted biometric. For each comparison, one of the encrypted biometric entries is subtracted from the scrambled encrypted biometric to get a calculated noise. This calculated noise is then compared with the predetermined noise to determine whether a match exists. Based on a determination that a match exists any information associated with the encrypted biometric entry is forwarded to the requestor.

Abstract: A display apparatus includes an input section that inputs input information representing an input operation from an operation means contacting a touch screen, a display section that refers to an authentication table correlating the input operation with a display image so as to display the display image on the touch screen, and an authentication processing section that refers to the authentication table so as to determine whether or not a combination of a display image displayed on the touch screen and an input operation represented by the input information input by the input section in a state where the display image is being displayed is correlated in the authentication table, and authenticates an input action by the input operation when the combination is correlated in the authentication table.

Abstract: An information processing apparatus includes a user interface, an authentication unit, a controller, a restriction unit, and an authentication termination unit. The user interface accepts a first operation for setting a parameter from a user. The authentication unit authenticates the user. The controller controls the user interface to display the set parameter. The restriction unit restricts, in a case where a first condition is met after the user has been authenticated by the authentication unit, the user interface from accepting the first operation. The authentication termination unit terminates the authentication of the user in a case where a second condition is met while accepting of the first operation is being restricted by the restriction unit. The controller controls the user interface not to display the set parameter in a case where the second condition is met while accepting of the first operation is being restricted by the restriction unit.

Abstract: An image forming apparatus to execute user authentication includes an input unit through which user information is input, and an account management unit to manage an account information database. The account information database stores user information corresponding to functions of the image forming apparatus. The image forming apparatus further includes a user authentication unit to execute user authentication based on the user information input through the input unit by using the account information database, and a display unit to display a user interface where a function corresponding to the input user information is activated, in response to a result of the authentication.

Abstract: A method and an electronic device for authenticating release of data towards a device driver. the device comprises a main display area, a memory module and a processor module, the processor module is for executing a display function manager that manages access to an extra display area defined outside of the main display area, storing into the memory module authentication credentials identifying software applications, executing on the processor module, that are authorized for the display function manager and receiving a request, from one of the software applications executing on the processor module, for sending data towards the display function manager. the request comprises requesting credentials from the one software application. the processor is also for verifying the requesting credentials in relation to the extra display area against the stored authentication credentials and, when the requesting credentials are verified, authorizing the release of the data towards the device driver.

Abstract: Described are devices, methods and non-transitory computer readable media for implementing an enhanced multi-factor authentication system. The system uses three user identifiers, and after a first user identifier is verified, the system receives a second user identifier from the user. As the second user identifier is being received, the system automatically detects a third user identifier and verifies simultaneously the second and third user identifiers. The second and third user identifiers are correlated with each other, and the correlation of these two identifiers (e.g., in addition to the identifiers themselves) is also verified.

Abstract: Password definition and recognition in programmable devices with back-to-back transparent, touchscreens includes defining first and second contact patterns on respective first and second ones of the touchscreens as patterns of touchscreen contact inputs generated from contact of respective contact elements on the touchscreens contemporaneously, wherein the touchscreens enable a viewer to see through the touchscreens. A composite password pattern is defined by mapping location of the first pattern on the first screen relative to the location of the second pattern on the second screen.

Abstract: An approach receives a request from a user, typically a change implementer, on a computer system. The request includes a user identifier and a requested action. A current timestamp corresponding to a computer system clock is retrieved. Scheduled changes are retrieved from a data store accessible by the processor. The current timestamp is compared to the scheduled change periods. The requested action is allowed if the comparison reveals that the current timestamp is within one of the retrieved scheduled changes, and the requested action is denied if the comparison reveals that the current timestamp is outside of the retrieved scheduled change periods.

Abstract: A manipulable human interactive proof (HIP) displays at most a portion of verification information. A user performs at least one manipulation on the HIP display to obtain full verification information.

Abstract: We make door locks which has a receiver it can be locked or opened via receiving a password as long sequence of numbers when transmitted to it from the cellular phone where each lock when it is sold a plastic card comes with it containing password when we scratch and reveal the password and we input it in the cellular phone and save it, then the door lock will open when we press a button on the cellular phone and will be locked when we press the button again, as well the cars come with a plastic card and the same is done as explained before so by the cellular phones we can lock and unlock the car, the same can be done for the garage gate and office doors, ATM card will be replaced by a password saved in the cellular phone as explained above.

Abstract: A computer-implemented method for providing secure access to a computer is disclosed according to one aspect of the subject technology. The method comprises capturing an image with a camera at the computer, extracting facial features from the image, and comparing the extracted facial features with facial features of a user stored on the computer, wherein the computer is currently logged into a user account belonging to the user. The method also comprises, if the extracted facial features match the stored facial features of the user, then staying logged into the user account, and, if the extracted facial features do not match the stored facial features of the user, then automatically logging out of the user account.

Abstract: An information processing system establishes connection between an information storage apparatus and an application installed in a terminal including a storage device for storing authentication information. The information processing system includes a setting information acquisition unit configured to acquire setting information from the information storage apparatus when the terminal receives an execution request to execute the application, the setting information indicating whether to prompt input of the authentication information.

Abstract: Improved techniques to control utilization of accessory devices with electronic devices are disclosed. The improved techniques can use cryptographic approaches to authenticate electronic devices, namely, electronic devices that interconnect and communicate with one another. One aspect pertains to techniques for authenticating an electronic device, such as an accessory device. Another aspect pertains to provisioning software features (e.g., functions) by or for an electronic device (e.g., a host device). Different electronic devices can, for example, be provisioned differently depending on different degrees or levels of authentication, or depending on manufacturer or product basis. Still another aspect pertains to using an accessory (or adapter) to convert a peripheral device (e.g., USB device) into a host device (e.g., USB host). The improved techniques are particularly well suited for electronic devices, such as media devices, that can receive accessory devices.

Abstract: A processing device comprises a processor coupled to a memory and is configured to receive authentication information from a user, to generate a message authentication code based at least in part on the received authentication information, to generate a credential for a particular access control interval based at least in part on the message authentication code and an intermediate value of a hash chain, and to provide the credential to a user in order to allow the user to access a protected resource in the particular access control interval. The message authentication code may be generated over a message payload that includes a password provided by the user. The credential may comprise a combination of the message authentication code and the intermediate value of the hash chain.

Abstract: A wearable device includes a first sensor configured to detect a first biosignal generated in response to a gesture performed by a user, and a second sensor configured to detect a second biosignal of the user. The device further includes a memory configured to store, with respect to at least one user, information of the first biosignal and the second biosignal, and a processor configured to initiate user authentication based on a result of determining whether the detected first biosignal corresponds to the stored information, and authenticate the user by comparing the detected second biosignal to the stored information.

Abstract: Securing an electronic device and associated information is facilitated. A security component facilitates display and operation of a lock track comprising a locked portion having a positive slope and an unlocked portion, including a chasm, that is adjacent to a high point of the positive-sloped unlocked portion of the lock track. A lock facilitator component (LFC) can be moved along the track between a low point of the locked portion and the unlocked portion. The LFC can be moved in response to received input, and if the input is not sufficient to move the LFC from the locked region to the unlocked region, the LFC can be moved back down the positive-sloped lock track to the low point. The security component can control information to be displayed in an overlay display region in accordance with security level(s) of the device or application.

Abstract: A display device may include a display, an optical touch system proximate the display and a control system. The control system may be capable of receiving input for initiating a peer-to-peer data transfer and of performing an authentication process for the peer-to-peer data transfer. The authentication process may involve obtaining fingerprint images via the optical touch system. The display device may provide a prompt to position the display device proximate a second device, e.g., with the display adjacent to a display of the second device. The display may display data transfer parameters for the peer-to-peer data transfer. The optical touch system may receive a confirmation that the second device received the data transfer parameters. The peer-to-peer data transfer may be performed, at least in part, by an array of optical transceivers.

Abstract: An electronic device can include a processing device operatively connected to a biometric sensing device. The processing device can be adapted to compare one or more captured biometric images with respective reference biometric images and change one or more settings of the electronic device or one or more settings of an application on the electronic device only when each captured biometric image matches a respective reference biometric image.

Abstract: An electronic device and a method for unlocking a screen of the electronic device are provided. The electronic device includes a screen and a storage unit. The method includes detecting, in a screen-locked state, intent of a user to unlock the screen; if it is detected that the user intends to unlock the screen, extracting contact information from the storage unit of the electronic device, where the extracted contact information includes a first attribute value and a second attribute value; displaying the first attribute value of the extracted contact information on the screen and prompting the user to input a second attribute value; and detecting an input of the user, and comparing the input of the user with the second attribute value; if the input of the user is the same as the second attribute value, unlocking the screen; and otherwise, maintaining the screen-locked state.

Abstract: A system for pre-boot authentication of a virtual appliance includes one or more subsystems to receive a command to power-on an information handling system (IHS). After receiving the command to power-on the IHS, the system initializes a power-on self test (POST), passes control of the IHS to a hypervisor, loads a concurrent service environment (CSE), requests user credentials, receives user credentials, authenticates user credentials using the CSE and authorizes a specific operating system image from a plurality of images to run on the IHS via the virtual appliance after the user credentials are authenticated.

Abstract: Apparatus, methods and/or computer program products are provided that facilitate entering secure passwords into a user device. A user requested image is displayed via a display or monitor of a user device. The image is zoomable to one or more higher resolution levels beyond an initial display resolution, and the image is displayed at higher resolution levels in response to a user activating a zoom function via the user device. The coordinates of a user selected feature within a displayed higher resolution level image are obtained and translated into a password. The password is then entered into the requesting application.

Abstract: An embodiment generally relates to a method of managing tokens. The method includes detecting a presence of a token at a client and determining a status of the token. The method also includes formatting the token at the client in response to the status of the token being unformatted.

Abstract: Provided are method and apparatus for authenticating a password of a user terminal by using a password icon. The method includes: method of authenticating a password of a user terminal, the method including: pre-setting, by a user, a password icon corresponding to a password and a moving direction of the password icon; sequentially moving the icon according to actions of the user at a screen of the user terminal; when the icon is sequentially moved, determining whether the pre-set password icon and the pre-set moving direction of the password icon are matched; and authenticating the password when the password icon and the moving direction of the password icon is sequentially matched.

Abstract: Systems and methods are provided which allow for motion-based authentication of a user using magnified motion. Very small or imperceptible motions of a user may be captured and magnified to determine characteristics of the motions that may be used as a motion-based credential for user authentication. The motions, which may be very small and imperceptible to an observer, may be difficult for potential attackers to observe and copy, but may be useful when magnified.

Abstract: An electronic device includes a touch panel, a time information obtaining section, and an authentication section. The time information obtaining section obtains time information for user authentication. The authentication section executes user authentication based on the time information obtained by the time information obtaining section. The time information obtaining section changes the time information according to a user's touch duration on the touch panel and changes an amount of change in time that the time information indicates according to a user's manner of touching the touch panel.

Abstract: For visually authenticating to a computing device, a method is disclosed that includes receiving an authentication request at a computing device, displaying a dynamic visual signal in response to the authentication request, wherein the visual signal suggests an authentication token. The method also includes receiving the authentication token in response to displaying the dynamic visual signal, and determining if the authentication token satisfies authentication requirements at the computing device.

Abstract: An electronic device and a method for unlocking a screen of the electronic device are provided. The electronic device includes a screen and a storage unit. The method includes detecting, in a locked state, intent of a user to unlock the screen, extracting multiple pieces of contact information from the storage unit of the electronic device when it is detected that the user intends to unlock the screen, where each piece of the extracted contact information includes a first attribute value and a second attribute value, displaying, on the screen, first attribute values and second attribute values that are of the extracted contact information, detecting an action of matching the contact attribute values by the user, and unlocking the screen when it is detected that the user correctly matches a first attribute value and a second attribute value that are of the contact information, and otherwise maintaining the locked state.

Abstract: Provided is a terminal with a fingerprint reader and method of operating the same. The terminal includes a fingerprint reader to scan and read a fingerprint of a user and a user verification module. The user verification module calculates a matching value between the fingerprint read by the fingerprint reader and a previously registered fingerprint of the user, and identifies the matching value and a security level of a requested application to determine whether to execute the requested application. The security level is variable; for example, the security level may vary according to a type of application or may be arbitrarily set by the user.

Abstract: Solutions are disclosed for simplified user access to IEDs in industrial or utility operating environments such as those compatible with IEC 62351-8, having an LHMI with a restricted IED key set. A central Access Enabler assigns a short and temporary session secret to a previously authenticated user, and forwards the session secret to an IED for subsequent local user validation by the IED. A user session at the IED is remotely initiated by the Access Enabler, with the IED screen being instantaneously locked by the session secret.

Abstract: Systems and methods for authenticating a user include a wearable user device receiving a first request to access a secure system. A plurality of authentication elements are then displayed on a display device to a user eye in a first authentication orientation about a perimeter of an authentication element input area. A user hand located opposite the display device from the user eye is then detected selecting a sequence of the plurality of authentication elements. For each selected authentication element in the sequence, the wearable user device moves the selected authentication element based on a detected movement of the user hand and records the selected authentication element as a portion of an authentication input in response to the user hand moving the selected authentication element to the authentication element input area. The user is authenticated for the secure system if the authentication input matches stored user authentication information.

Abstract: A data presentation system for a search engine may use classified or tagged elements in a resulting document to create a search result document that has portions redacted, modified, or changed based on the tags or classifications of elements within the document. The document may be rebuilt from the search engine database at presentation time with one or more elements changed or modified. The permission settings for a user or other factors may be used to determine which elements within the document are permitted to be accessed.

Abstract: A system to facilitate management of surveillance devices, that are distributed over a monitored region, through a geographic information (GI) portal, having GI storage to store map data defining a geographic map of the monitored region. A GI manager unit (GIMU) to record, in the GI storage, asset position information with regarding locations for assets of interest within the monitored region. The GIMU obtains, from a remote surveillance device (SD) database, device-related records. The GIMU obtains, from a remote network (NW) database, network-related records. The SD and NW databases are maintained and managed separately from the GI database by one or more independent management units. A display presents a geographic map of the monitored region with device markers and network links illustrated thereon.

Abstract: A bus connection apparatus according to an embodiment includes a bus connection unit configured to connect an internal application unit and a common bus. The bus connection unit receives, from an external application unit via the common bus, a request message which designates a service name and a destination. The bus connection unit specifies element names from a file based on the service name in the request message. The bus connection unit processes the request message by calling and executing respective element programs based on the element names. The bus connection unit extracts data from the request message processed by a first processing unit, and sends the data to an internal application unit corresponding to the service name or destination in the request message.

Abstract: A method for associating an analog input device gesture with an account for account access includes creating a user identifier for an account, creating a password for the account, generating the analog input device gesture, and associating the analog input device gesture with the account.

Abstract: Techniques are disclosed for providing an image pattern unlock mode in electronic touch sensitive devices. The image pattern unlock mode can display an unlock screen to the user, prompting the user to arrange or create or otherwise select a specific image pattern in order to unlock the device. The customizable image pattern may include any uniquely identifiable unlocking pattern including a combination of images, or even a single image selected from an image group. The unlocking mechanism may include images gathered from the user's photo collection and/or one or more online profiles, and the unlock pattern could be a selection of such images. In other embodiments, a combination of color and images can also be used, such as matching colors to images. When the user has arranged the proper image pattern, the device unlocks and may be used. If the correct image pattern is not arranged, the device remains locked.