Abstract: A method and computer program product for managing and controlling direct access of an administrator to a computer system. At least one computer program on the computer system receives from the administrator a request for the direct access to the managed computer system directly from the system console and requests a service management system to search open tickets. In response to that the open tickets are found, the at least one computer program requests the administrator to choose at least one ticket from the open tickets and grants the administrator the direct access to the computer system in response to determining that the at least one ticket is valid.

Abstract: This invention is directed to an electronic device with an embedded authentication system for restricting access to device resources. The authentication system may include one or more sensors operative to detect biometric information of a user. The sensors may be positioned in the device such that the sensors may detect appropriate biometric information as the user operates the device, without requiring the user to perform a step for providing the biometric information (e.g., embedding a fingerprint sensor in an input mechanism instead of providing a fingerprint sensor in a separate part of the device housing). In some embodiments, the authentication system may be operative to detect a visual or temporal pattern of inputs to authenticate a user. In response to authenticating, a user may access restricted files, applications (e.g., applications purchased by the user), or settings (e.g., application settings such as contacts or saved game profile).

Abstract: A content data reproducing method includes: decrypting encrypted data to generate plain-text data; dividing the plain-text data into decrypted content data and reproduction management information; sending the reproduction management information to a user space; storing the decrypted content data in a secret buffer; obtaining the decrypted content data as reproduction target data from the secret buffer and transmitting the reproduction target data to a decoder; and decoding the reproduction target data by the decoder.

Abstract: Provided are method and apparatus for authenticating a password of a user terminal. The method includes: pre-setting, by a user, a password and an identification image for identifying the password; moving a keypad window or an image window realized on a screen of the user terminal according to an action of the user; determining, when a plurality of images included in the image window and a plurality of keys included in the keypad window sequentially overlap with each other, whether a plurality of keys and the identification image corresponding to the password sequentially overlap; and authenticating the password when the plurality of keys and the identification image corresponding to the password sequentially overlap. Accordingly, password information may be protected from a third person observation as the user inputs a pre-set password in an indirect method without having to directly input the pre-set password through an authentication interface.

Abstract: Aspects of the subject disclosure are directed towards providing feedback to users of multi-user system that has biometric recognition capabilities, so that a user knows whether the system has correctly associated the user with his or her identity. The feedback may include a display of a current camera view, along with visible identity information that is associated with each user in the view. The feedback may include per-user icons (e.g., tiles, thumbnail images and so on) by which a user visually confirms that he or she is correctly recognized. Any misrecognition may be detected via the feedback and corrected. Feedback may convey other information, such as the current interaction state/capabilities of a user.

Abstract: In one exemplary embodiment, a computer-implemented method includes the step of providing an image to a user. The image is provided with a computer display. An eye-tracking data is obtained from the user when the user views the image. The eye-tracking data is obtained with an eye-tracking system. A user attribute is determined based on the eye-tracking data. The user is enabled to access a digital resource when the user attribute is associated with a permission to access the digital resource. The user attribute can be a personhood state. The digital resource can be a web page document. An instruction can be provided to the user regarding a pattern of viewing the image. The pattern of viewing the image can include instructing the user to gaze on a specified sequence of image elements.

Abstract: Context captured with sensors of an information handling system is applied to selectively lock access to currently unlocked information, with conditions for locking access based upon the context. Nervous states enforce locking of selected information based upon the confidence of the security of the information under sensed external conditions. Increased sensitivity for locking access includes reduced timeouts to a lock command, increased response to sensed conditions, and more rapid response where unlocked access is to sensitive information.

Abstract: A user can define a gesture-based input mode with respective input value to establish an authentication protocol to unlock a computer or govern other computer behavior. As an alternative or in addition, the user can define a second input mode based on face recognition plus IR sensing satisfying a threshold to ensure a live person is being imaged for authentication, and/or face recognition plus a particular facial expression such as a smile and wink.

Abstract: A system and method for providing or exchanging healthcare information (e.g., medical information) to authorized users in a secure manner. The method is implemented in a computer infrastructure having computer executable code tangibly embodied on a computer readable storage medium having programming instructions operable to: assign identification information to a plurality of users and a plurality of items; associate the identification information of a user of the plurality of users with one or more items of the plurality of items; set-up security policies including predetermined locations, within predetermined stages within a sequence and during predetermined times; and provide the user access to the one or more items when there is a matching between the identification information of the user and the one or more items, and all of the security policies associated with the user and the one or more of the plurality of items are met.

Abstract: A mobile information terminal including a gripping-feature sample acquisition unit to acquire a gripping-feature sample, one or more environmental sensors outputting an environmental signal, a terminal status detector to acquire the environmental signal and detect a terminal status, a template selection unit to select a user authentication template fitting the detected terminal status, a user authentication unit collating the acquired gripping-feature sample with the selected user authentication template and outputting a user authentication result, a user authenticity level monitor that outputs a sensor power source OFF signal when the user authenticity level exceeds a threshold value and outputs a sensor power source ON signal when the user authenticity level falls below the threshold value, and a power source control unit halting energization to a sensor when acquiring the sensor power source OFF signal, and energizing a sensor when acquiring the sensor power source ON signal.

Abstract: A system and machine-implemented method for matching input gestures on a touch interface to a security pattern to allow user access to an electronic device or account. The security pattern may correspond to a combination of linear and non-linear input gestures relating to directional changes of the input gestures. A determination of the security pattern may be based on the end motion and speed of each input gesture.

Abstract: An embodiment of the present invention discloses a method for unlocking a terminal device, where a first unlocking password, a second unlocking password, a first unlocking interface, and a second unlocking interface are set on the terminal device. The method includes: acquiring information that triggers displaying of an unlocking interface; displaying the second unlocking interface when the information is acquired and if a status of the terminal device meets a preset condition; receiving information that is input by a user on the second unlocking interface; and determining whether the input information matches the second unlocking password, and if a result of the determining is yes, unlocking the terminal device; where complexity of the second unlocking password is lower than complexity of the first unlocking password. Correspondingly, an embodiment of the present invention further discloses a terminal device. Thus, user experience can be enhanced when robustness of password protection is ensured.

Abstract: An authentication management system for managing use of a processing apparatus includes an authentication management apparatus including a position storing unit to store position information of the processing apparatus; a receiving unit to receive user information that identifies a portable terminal to be used for authenticating when a user requests the processing apparatus via a requester to perform a target process; a determination unit to determine whether distance between the portable terminal and the processing apparatus satisfies a proximity determination condition between the portable terminal and the processing apparatus, the distance being obtained based on position information of the portable terminal received from the portable terminal, and the position information of the processing apparatus; and an authentication unit to conduct authentication processing based on user information received from the requester, and the user information received from the portable terminal when the distance satisfies

Abstract: An image processing apparatus performs specific processing on images read out of a document having pages as follows. Each of the pages is a member assigned to at least any one of groups. The apparatus determines a second security level of each group based on a first security level of each page of the corresponding group; before the specific processing on the N-th group, determines whether or not password entry is necessary based on the second security level of the N-th group and any of the second security levels of the first group through the (N?1)-th group; and performs the specific processing on the N-th group if it is determined that password entry is unnecessary for the N-th group, or, alternatively, if it is determined that password entry is necessary for the N-th group and if a password is appropriately entered.

Abstract: A method for performing authentication in a portable electronic device is provided. The method includes identifying whether a peripheral electronic device is located within a certain distance from the portable electronic device, receiving biometrics information from the peripheral electronic device when the peripheral electronic device is located within the certain distance from the portable electronic device, identifying whether the biometrics information received from the peripheral electronic device is identical to biometrics information stored in the portable electronic device, and releasing security set to the portable electronic device when the biometrics information received from the peripheral electronic device is identical to the biometrics information stored in the portable electronic device.

Abstract: Disclosed herein are a method and electronic device for enhancing security authentication. An execution mode may be changed from a non-trusted execution mode to a trusted execution mode. At least one input may be authenticated while in the non-trusted execution mode.

Abstract: An information processing device having a lock function for restricting user operations and a mechanism executed by this information processing device are provided in which the information processing device includes: an input unit for receiving a first password and a specified location from a user; a mode setting unit for switching to a restricted mode restricting at least some of the functions of the information processing device in response to receiving the first password and location; and a releasing unit for releasing the restricted mode on condition that the information processing device has reached the specified location.

Abstract: A system and method for electronic stamping are disclosed. Personal fingerprint pre-stored is used to verify the fingerprint information collected, the document data and the fingerprint information is signed with a private key to get a first signature result, the user's public key and the pre-stored fingerprint information is then signed with a private key of a stamp producer to get a second signature result, the first signature result, the collected fingerprint information and the second signature result are combined to form electronic fingerprint stamp data.

Abstract: An authenticating system includes an authenticating device, a background display device, a sensing device, and an authentication pattern checking device. The authenticating device displays a first display pattern on a transparent display panel including a transmissivity pattern. The transmissivity pattern includes a plurality of regions with different transmissivities. The background display device displays a second display pattern on a display panel to overlap the transparent display panel. The sensing device generates a sensing pattern by sensing an authentication pattern generated based on the transmissivity pattern, the first display pattern, and the second display pattern. The authentication pattern checking device performs authentication by checking whether the sensing pattern is consistent with an authentication reference pattern.

Abstract: The invention relates to a method for entering data, data to be entered comprising at least one digit. A first device comprises at least one touch sensitive interface. The touch sensitive interface is sensitive to at least one touch. According to the invention, at least one digit being associated with no touch or a count of at least one touch, the method comprises the following steps. The first device detects, in a predetermined time period, a count of at least one touch that is or is not present at once or several times. The first or a second device determines the digit associated with no detected touch or a detected count of at least one touch, the second device being connected to the first device. The invention also relates to corresponding device and system.

Abstract: A method of and an apparatus for verifying authenticity of a target authentication device comprising a reference pattern having a characteristic frequency and a security pattern, the security pattern comprises an embedded security device that is coded with phase modulation information. The method comprises extracting frequency domain data from an image of the target authentication device to facilitate verification of authenticity of the target authentication device. The method provides a very effective end expedient mechanism for verifying authenticity of a moiré or moiré like authentication device to combat counterfeiting.

Abstract: A method of verifying an input biometric identifier against a reference biometric identifier is disclosed in this specification. The method comprises evaluating the input biometric identifier relative to a group (the ‘cohort’) to improve verification accuracy. Up to three matching scores are used to determine a verification probability for the input biometric identifier. The three matching scores measure the similarity of the input biometric identifier to the biometric identifiers of the cohort, the similarity of the reference biometric identifier to the biometric identifiers of the cohort and the similarity of the input biometric identifier to the reference biometric identifier.

Abstract: A computing system such as a game console maintains and updates a biometric profile of a user. In one aspect, biometric data of the user is continuously obtained from a sensor such as an infrared and visible light camera, and used to update the biometric profile using a machine learning process. In another aspect, a user is prompted to confirm his or her identify when multiple users are detected at the same time and/or when the user is detected with a confidence level which is below a threshold. A real-time image of the user being identified can be displayed on a user interface with user images associated with one or more accounts. In another aspect, the biometric profile is managed by a shell on the computing system, where the shell makes the biometric profile available to any of a number of applications on the computing system.

Abstract: Methods of configuring a different authority for a plurality of users to use at least one application in an electronic device. User inputs are received to set passwords for respective user levels, where each user level is associated with a different authority to access applications. The passwords are registered for the respective user levels. At least one application is associated with one of the user levels.

Abstract: An authentication method using a password of an electronic device is provided. The method includes receiving a password. The method also includes determining whether the received password coincides with a password stored in advance. The method further includes determining whether an input condition at the time of password input coincides with a password input condition stored in advance when the received password coincides with the password stored in advance. The method includes executing a function when the input condition at the time of password input coincides with the password input condition stored in advance.

Abstract: Aspects of this disclosure are directed to outputting, for display at a presence-sensitive display, a first set of two or more selectable objects in a first arrangement of locations, the computing device operating in a first instance of a limited access state. At least one of the selectable objects includes an element of a predetermined passcode. The computing device may receive an indication of a first gesture to select one of the selectable objects and an indication of a second gesture to designate the selected object as an element of a candidate passcode. The computing device may transition to an access state based at least in part on a comparison between the candidate passcode and the predetermined passcode. The computing device may transition to a second instance of the limited access state, and may output a second set of two or more selectable objects in a second, different arrangement.

Abstract: A first device establishes a connection with a second device and attempts access, via the connection to an enterprise server of an enterprise. The first device may have a number of security perimeters, ones of which are allowed to use various communications proxies provided by the second device. If the first device and the second device are associated with a same common enterprise, an enterprise perimeter of the first device may be enabled to access the enterprise using an enterprise proxy of the second device.

Abstract: An operation method for an electronic apparatus is provided. The method includes: providing a setting function interface to be displayed on a display unit; detecting a motion trajectory operated on the display unit by a user using an input unit; performing an association setting to associate the motion trajectory with an operation function; making an original executing manner for executing the operation function unenforceable; and executing the corresponding operation function accordingly when an operation matching the motion trajectory is detected.

Abstract: An authentication processing device receives biometric data to be checked from a biometric measuring device; transforms the biometric data that is input from the biometric measuring device by using a checking transformation parameter that is different from a registration transformation parameter; and creates checking biometric data. Then, the authentication processing device performs a differential transformation process on the created checking biometric data by using a differential parameter by which a transformation state transformed by the checking transformation parameter and a transformation state transformed by the registration transformation parameter have the same state. Thereafter, the authentication processing device checks the transformed checking biometric data against the registration biometric data stored in a transformation registration data DB and performs authentication.

Abstract: A portable data or information carrier in the form of a smart card with partially or fully virtualized components. To maximize the confidentiality of information stored in the carrier, and more specifically to limit the amount of information available to a potential defrauder, electronic components such as circuits, I/O, cryptographic, memory and dummy objects are built, modified or influenced on demand from physical characteristics of an eligible person or device. Digitized unique biometric or hardware identifiers are read upon start-up and runtime of the device and, in case of an eligible person or device, subsequently supply all values necessary for determination of the characteristics of the user specific virtual smart cards objects, their placement and connections. By multi-factor authentication, the end-user or device will retain sole control of its keys and use them for authentication, signature or encryption purposes as if he had a physical smart card in his hand.

Abstract: A method comprises providing first user authentication data of a user and comparing the first user authentication data to first stored template data. When the comparison is indicative of a match, a first session is provided, which supports one of user access for retrieving first data that are stored within a peripheral memory storage device and user access for modifying a data content of the peripheral memory storage device. The first session does not support the other one of user access for retrieving first data that are stored within the peripheral memory storage device and user access for modifying a data content of the peripheral memory storage device. During the first session, second user authentication data of the same user is provided and compared to second stored template data.

Abstract: An electronic apparatus includes a display, a touch panel, a controller, an input module, a generator and a display controller. The controller deactivates security of the electronic apparatus when a password is inputted. The input module makes a user input the password by one character. The generator generates a key group including a first character in the password and a character other than the first character. The display controller displays a software key for displaying a character group in the key group as an input target on the display on a password input screen for inputting the password.

Abstract: A method for authentication is provided comprising: displaying, by an electronic device, a first screen including first objects, each first object being associated with a respective value; detecting a first gesture performed on a first set of the first objects; identifying a first operation based on the first gesture; performing, by the electronic device, the first operation using the respective values of the first objects in the first set as operands to obtain a first result; computing an input string based on the first result; detecting whether the input string matches a predefined password; and authorizing access to the electronic device in response to the input string matching the predefined password.

Abstract: A method includes obtaining information from an application to display to a user of a device having a screen from which information may be viewed by more than one person, generating a cover to selectively obscure sensitive information contained in a portion of the screen displaying the information, and receiving user input to selectively invoke or remove the cover relative to sensitive information to obscure display of the sensitive information on the screen.

Abstract: A keyboard is disclosed. The keyboard may comprise a biometric sensor configured for authenticating a user; a docking station configured for receiving a security device; and a processor configured for facilitating communication between the biometric sensor and the security device docked in the docking station with a computing device coupled to the keyboard.

Abstract: In order to create and access a secure storage account in a non-volatile memory device, an account identification value is calculated. A memory identification value is read from a first non-volatile memory device. The memory identification value and the account identification value are transmitted to a second non-volatile memory device, and a calculated credential is received. A command is transmitted to create a secure storage account in the first non-volatile memory device, where the command contains the credential and the account identification value. To access the account, a sequence is transmitted, containing the account identification value and a value based on the credential. A secure storage system contains a first non-volatile memory device that stores a memory identification value and contains a secure partition accessible using a credential, a second non-volatile memory device that can compute the credential, and a host adapted to create and access the secure partition.

Abstract: An information processing apparatus includes a user interface, an authentication unit, a controller, a restriction unit, and an authentication termination unit. The user interface accepts a first operation for setting a parameter from a user. The authentication unit authenticates the user. The controller controls the user interface to display the set parameter. The restriction unit restricts, in a case where a first condition is met after the user has been authenticated by the authentication unit, the user interface from accepting the first operation. The authentication termination unit terminates the authentication of the user in a case where a second condition is met while accepting of the first operation is being restricted by the restriction unit. The controller controls the user interface not to display the set parameter in a case where the second condition is met while accepting of the first operation is being restricted by the restriction unit.

Abstract: Embodiments of the invention relate to collecting keystroke timing data of samples of a phrase input by a user on an input device during different user sessions, and creating a biometric user template based on the timing data collected during the different sessions. Once a sufficient number of samples are collected, the template may be used to authenticate the user.

Abstract: In particular embodiments, a temporary user is able to use another's personal computing device in shared mode for a short period of time while experiencing a personalized user interface. An indication is detected that a personal computing device associated with a primary user is to be shared with a temporary user. Access to local personal information associated with the primary user is disabled if it is stored on the personal computing device. Access to remote personal information of the primary user that is accessible from the personal computing device is disabled. A personalized user interface incorporating personal information associated with the temporary user is presented on the personal computing device for the temporary user. Personal information of the primary user is not accessible by the temporary user, and vice versa. When shared mode is to be terminated, all personal information of the temporary user is deleted.

Abstract: The invention provides a method and apparatus for authenticating a user in a touchscreen environment. A first tier may be defined having at least one object, and a destination tier may be defined having at least one bin. An authentication-key may be registered, the authentication-key comprising a length defining a number of nodes and a correct sequence of nodes, each node specifying a movement of one object from the first tier to one bin of the destination tier. A user sequence of at least one touchscreen gestures is received, each gesture specifying that one object from the first tier should be moved to one bin of the destination tier. Access is permitted if the at least one touchscreen gestures corresponds to the length, the correct sequence, and the movement of the authentication-key.

Abstract: A display apparatus includes an input section that inputs input information representing an input operation from an operation means contacting a touch screen, a display section that refers to an authentication table correlating the input operation with a display image so as to display the display image on the touch screen, and an authentication processing section that refers to the authentication table so as to determine whether or not a combination of a display image displayed on the touch screen and an input operation represented by the input information input by the input section in a state where the display image is being displayed is correlated in the authentication table, and authenticates an input action by the input operation when the combination is correlated in the authentication table.

Abstract: Aspects of the present invention provide a solution for managing and retrieving encrypted biometric data. A plurality of biometric entries is obtained and each one is encrypted with a unique non-invertible encryption function to get a plurality of encrypted biometric entries. A biometric measurement to be compared against the biometric entries is obtained, a predetermined noise is applied to the biometric measurement, and then the biometric measurement if encrypted using the non-invertible encryption function, resulting in a scrambled encrypted biometric. For each comparison, one of the encrypted biometric entries is subtracted from the scrambled encrypted biometric to get a calculated noise. This calculated noise is then compared with the predetermined noise to determine whether a match exists. Based on a determination that a match exists any information associated with the encrypted biometric entry is forwarded to the requestor.

Abstract: A memory device includes a plurality of memory chips, including one or more memory chips that store authentication information, and a controller including a first register that stores information indicating a representative memory chip, from among the one or more memory chips that store the authentication information, that stores valid authentication information.

Abstract: An image forming apparatus to execute user authentication includes an input unit through which user information is input, and an account management unit to manage an account information database. The account information database stores user information corresponding to functions of the image forming apparatus. The image forming apparatus further includes a user authentication unit to execute user authentication based on the user information input through the input unit by using the account information database, and a display unit to display a user interface where a function corresponding to the input user information is activated, in response to a result of the authentication.

Abstract: Password definition and recognition in programmable devices with back-to-back transparent, touchscreens includes defining first and second contact patterns on respective first and second ones of the touchscreens as patterns of touchscreen contact inputs generated from contact of respective contact elements on the touchscreens contemporaneously, wherein the touchscreens enable a viewer to see through the touchscreens. A composite password pattern is defined by mapping location of the first pattern on the first screen relative to the location of the second pattern on the second screen.

Abstract: A method and an electronic device for authenticating release of data towards a device driver. the device comprises a main display area, a memory module and a processor module, the processor module is for executing a display function manager that manages access to an extra display area defined outside of the main display area, storing into the memory module authentication credentials identifying software applications, executing on the processor module, that are authorized for the display function manager and receiving a request, from one of the software applications executing on the processor module, for sending data towards the display function manager. the request comprises requesting credentials from the one software application. the processor is also for verifying the requesting credentials in relation to the extra display area against the stored authentication credentials and, when the requesting credentials are verified, authorizing the release of the data towards the device driver.

Abstract: Described are devices, methods and non-transitory computer readable media for implementing an enhanced multi-factor authentication system. The system uses three user identifiers, and after a first user identifier is verified, the system receives a second user identifier from the user. As the second user identifier is being received, the system automatically detects a third user identifier and verifies simultaneously the second and third user identifiers. The second and third user identifiers are correlated with each other, and the correlation of these two identifiers (e.g., in addition to the identifiers themselves) is also verified.

Abstract: An approach receives a request from a user, typically a change implementer, on a computer system. The request includes a user identifier and a requested action. A current timestamp corresponding to a computer system clock is retrieved. Scheduled changes are retrieved from a data store accessible by the processor. The current timestamp is compared to the scheduled change periods. The requested action is allowed if the comparison reveals that the current timestamp is within one of the retrieved scheduled changes, and the requested action is denied if the comparison reveals that the current timestamp is outside of the retrieved scheduled change periods.

Abstract: A manipulable human interactive proof (HIP) displays at most a portion of verification information. A user performs at least one manipulation on the HIP display to obtain full verification information.

Abstract: We make door locks which has a receiver it can be locked or opened via receiving a password as long sequence of numbers when transmitted to it from the cellular phone where each lock when it is sold a plastic card comes with it containing password when we scratch and reveal the password and we input it in the cellular phone and save it, then the door lock will open when we press a button on the cellular phone and will be locked when we press the button again, as well the cars come with a plastic card and the same is done as explained before so by the cellular phones we can lock and unlock the car, the same can be done for the garage gate and office doors, ATM card will be replaced by a password saved in the cellular phone as explained above.