Abstract: An electronic apparatus includes a display module, a touch panel, a password input receiving module and a password display module. The touch panel is provided overlaying on the display module. The password input receiving module receives a password input through the touch panel. The password display module moves and displays keys while inputting a password on a password entry screen on which a group of the keys for identifying a password to be input is displayed.

Abstract: A method for secure authentication is provided which includes having a user who wishes to gain access to a computer or computer network select from among a plurality of randomly displayed images, having different background colors, the correct image and background color which correspond to the user's computer account. In one advantageous form, in addition to selecting the correct image, the user must first enter a username and password. In an alternative form, if a user is seeking access to a computer network by using a preapproved access point or computer having an approved IP address, a user is allowed to gain access to the computer network without being prompted to select a correct image.

Abstract: There is provided a system and method for human verification by a contextually iconic visual public Turing test. There is provided a method comprising receiving a request to verify whether a client is human controlled, selecting, by contextual criteria, a plurality of images each having one or more associated tags from a database, generating a challenge question and a corresponding answer set based on associated tags of a subset of the plurality of images, presenting the plurality of images and the challenge question to the client, receiving a submission to the challenge question from the client, and responding to the request by verifying whether the submission is contained in the answer set to determine whether the client is human controlled. The contextual criteria may comprise subject matter, branding, or intended audience of a content provider sending the request, thereby facilitating human responses while deterring automated systems.

Abstract: Methods, systems, and apparatus for voice authentication and command. In an aspect, a method comprises: receiving, by a data processing apparatus that is operating in a locked mode, audio data that encodes an utterance of a user, wherein the locked mode prevents the data processing apparatus from performing at least one action; providing, while the data processing apparatus is operating in the locked mode, the audio data to a voice biometric engine and a voice action engine; receiving, while the data processing apparatus is operating in the locked mode, an indication from the voice biometric engine that the user has been biometrically authenticated; and in response to receiving the indication, triggering the voice action engine to process a voice action that is associated with the utterance.

Abstract: A method for composing an authentication password associated with an electronic device is implemented by a password composing system including a display, a receiving unit, and a processing unit. In the method, the display is configured to display a start point, and a plurality of displayed paths. The receiving unit is configured to detect a set of user-input movements of a contact point at the display. The processing unit is configured to determine whether the user-input movements conform with a predefined valid user-input gesture, store a plurality of codes corresponding to the valid user-input gestures, and to compose the authentication password according to valid ones of the series of the user-input movements.

Abstract: A method includes receiving, at a computing device, one or more replicated authorization databases. At least one of the one or more replicated authorization databases corresponds to a subscription to access selected data. The selected data is aggregated from a plurality of sources. The method also includes storing the one or more replicated authorization databases at the computing device. The method also includes determining, via the replicated authorization databases, user permission to access the selected data via the computing device. The method also includes enabling access to the selected data at the computing device after determining the user permission to access the selected data.

Abstract: A popularity determination module (PDM) is described which reduces the effectiveness of statistical guessing attacks. The PDM operates by receiving a password (or other secret information item) from a user. The PDM uses a model to determine whether the password is popular among a group of users. If so, the PDM may ask the user to select another password. In one implementation, the model corresponds to a probabilistic model, such a count-min sketch model. The probabilistic model provides an upper-bound assessment of a number of times that a password has been encountered. Further, the probabilistic model provides false positives (in which passwords are falsely assessed as popular) at a rate that exceeds a prescribed minimum rate. The false positives are leveraged to reduce the effectiveness of statistical guessing attacks by malicious entities.

Abstract: The present disclosure provides an information processing method and an electronic device. The method comprises: determining, when a first application starts, whether first authentication data obtained by the electronic device at time T1 satisfies a predetermined condition, so as to obtain a first determination result, where the time T1 is prior to the starting of the first application; presenting an application interface for the first application by using a first display strategy, if the first determination result indicates that the first authentication data obtained by the electronic device at time T1 satisfies the predetermined condition; and presenting an application interface for the first application by using a second display strategy different from the first display strategy, if the first determination result indicates that the first authentication data obtained by the electronic device at time T1 does not satisfy the predetermined condition.

Abstract: Atomically modifying a personal security device includes presenting the personal security device to a reader/writer coupled to an access module, the access module determining if the personal security device includes a factory security mechanism, and, if the personal security device includes a factory security mechanism, using the reader/writer and the access module to replace the factory security mechanism with another security mechanism. The access module may authenticate the personal security device in connection with replacing the factory security mechanism. Authenticating the personal security device may grant access to a user through a door controlled by the access module. Replacing the factory security mechanism may include replacing an application on the personal security device. An ISO/IEC 7816-13 application management request command may be used to replace the application.

Abstract: An image processing apparatus includes an imaging unit, an authenticating unit, and a controller. The imaging unit acquires a face image of a user. The authenticating unit performs a first authentication process based on the face image and a second authentication process based on information other than the face image. The controller suspends the first authentication process based on the face image while maintaining the imaging unit in an activated state when the authenticating unit performs the second authentication process.

Abstract: A method is provided for controlling access to the BIOS/(U)EFI or for controlling sub-functions of the BIOS of a self-service machine. The password of the BIOS is calculated via a deterministic algorithm incorporating code-generating information that changes over time. The method includes displaying code-generating information that changes over time on a screen of the self-service machine during access to the BIOS of the self-service machine. The method proceeds by inputting the code-generating information in a program on a second computer that also has the deterministic algorithm for calculating the password for the BIOS, and calculating and displaying the password on the second computer. The method then includes inputting the password on the self-service machine and checking the password by the deterministic algorithm to allow access to the BIOS if the password is correct.

Abstract: To control privileges and access to resources on a per-process basis, an administrator creates a rule that may be applied to modify a token of a process. The rule may include an application-criterion set and changes to be made to the groups and/or privileges of the token. The rule may be set as a policy within a group policy object (GPO), where a GPO is associated with one or more groups of computers or users. When a GPO containing a rule is applied to a computer, a driver installed on the computer may access the rule(s) anytime a logged-on user executes a process. If the executed process satisfies the criterion set of a rule, the changes contained within the rule are made to the process token, and the user has expanded and/or contracted access and/or privileges for only that process.

Abstract: In various embodiments, a method comprises detecting a removable media device coupled to a digital device, authenticating a password to access the removable media device, injecting redirection code into the digital device, intercepting, with the redirection code, a request for data, determining to allow the request for data based on a security policy, and providing the data based on the determination. The method may further comprise selecting the security policy from a plurality of security policies based, at least in part, on the password and/or filtering the content of the requested data. Filtering the content may comprise scanning the data for malware. Filtering the content may also comprise scanning the data for confidential information.

Abstract: An image display apparatus and an operating method thereof are provided. The operating method of the image display apparatus includes receiving a request of entering into a personal screen mode from a first control device, receiving an input of user authentication information, when the received input of user authentication information coincides with user authentication information corresponding to a first personal screen, displaying the first personal screen, and granting, to the first control device, a control of the first personal screen that is displayed.

Abstract: The disclosure is related to a surveillance camera renting service. A service server may provide the surveillance camera renting service through receiving an image having an authentication pattern, captured by and transmitted from a surveillance camera and transmitting a video stream, produced by and transmitted from the surveillance camera, to user equipment authenticated based on the authentication pattern included in the received image.

Abstract: The present specification relates to a mobile device and a method of controlling therefor, and more particularly, to a mobile device providing a user interface of a different security level according to a fingerprint verification and a touch input trajectory and a method of controlling therefor.

Abstract: While an electronic device with a display and a touch-sensitive surface is in a screen reader accessibility mode, the device displays an application launcher screen including a plurality of application icons. A respective application icon corresponds to a respective application stored in the device. The device detects a sequence of one or more gestures on the touch-sensitive surface that correspond to one or more characters. A respective gesture that corresponds to a respective character is a single finger gesture that moves across the touch-sensitive surface along a respective path that corresponds to the respective character. The device determines whether the detected sequence of one or more gestures corresponds to a respective application icon of the plurality of application icons, and, in response to determining that the detected sequence of one or more gestures corresponds to the respective application icon, performs a predefined operation associated with the respective application icon.

Abstract: The present invention relates to a locking apparatus with enhanced security using an iris image, wherein, if a terminal including a short-range wireless communication means and camera accesses the locking apparatus, the locking apparatus: transmits, a token comprising at least one of identification number and/or random number of the locking apparatus from a token generator mounted on the locking apparatus, to the terminal; requests an iris image be photographed and transmitted within a preset time period; generates an iris template from the iris image photographed by a camera fixed on the user terminal; encrypts and transmits the generated iris template and the token from the terminal to the locking apparatus using short-range wireless communication; and performs at least one of access permission (lock release), access denial (a maintenance of a locked state), a request for re-photographing, and an emergency alarm by decrypting the received encrypted iris template and token using a decoder mounted on the lock

Abstract: A method for starting an application program on a terminal device that has a touchscreen can be used to start at least one application program during unlocking. The method includes displaying, in a first sensing area, an application program to be displayed; and in a case that the first trigger signal is detected in the first sensing area and a second trigger signal is detected in a second sensing area, unlocking the touchscreen and starting an application program triggered by the first trigger signal.

Abstract: An image processing apparatus is provided that is capable of displaying a customized screen without requiring direct input operations to the image processing apparatus. The image processing apparatus (for example, a multi-function peripheral, or MFP) is communicably connected to an information processing apparatus (for example, a personal computer, or PC) and includes a displaying portion. The MFP acquires user information related to a login user who logs in to the PC, authenticates based on the acquired user information to determine whether the login user is a usage permitted user who is permitted to use the MFP, and displays a customized screen corresponding to the login user on the displaying portion of the MFP when the login user is authenticated as the usage permitted user.

Abstract: Methods and devices provide a secure virtual environment within a mobile device for processing documents and conducting secure activities. The methods and devices create a secure application environment in which secure data and documents may be segregated from unsecured data using document encryption, allowing the application of security policies to only the secure application environment. The creation of a secure application environment allows users to access and manipulate secure data on any mobile device, not just specifically designated secure devices, without having to secure all data on the mobile device, while providing the corporate entity with necessary document security. The methods and devices provide for securing data on a mobile device at the data level using encryption.

Abstract: According to one embodiment, a device includes a first data generator configured to generate a second key (HKey) by encrypting a host constant (HC) with the first key (NKey); a second data generator configured to generate a session key (SKey) by encrypting a random number (RN) with the second key (HKey); a one-way function processor configured to generate an authentication information (Oneway-ID) by processing the secret identification information (SecretID) with the session key (SKey) in one-way function operation; and a data output interface configured to output the encrypted secret identification information (E-SecretID) and the authentication information (Oneway-ID) to outside of the device.

Abstract: Systems, methods, and apparatus are disclosed for electronically sharing data using authentication variables, such as biometrics and contextual data. Example contextual data includes machine identifications (IDs) and data collected from sensors of computing devices.

Abstract: Data are accessed securely in a data storage device that includes a non-volatile solid-state storage device integrated with a magnetic storage device. An identical copy of drive security data, such as an encrypted version of a drive access password, is stored in both the non-volatile solid-state storage device and in the magnetic storage device. In response to receiving a command from a host device that results in access to the magnetic storage device, access is granted to the magnetic storage device if the copy of drive security data stored in the non-volatile solid-state storage device matches the copy of drive security data stored in the magnetic storage device. Furthermore, encrypted drive-unique identification data associated with the drive may be stored in both the non-volatile solid-state storage device and the magnetic storage device, and access is granted if both copies of the encrypted drive-unique identification data match.

Abstract: A mobile device includes a user interface that has a plurality of non-password-protected desktop screens and at least one password protected desktop screen. The mobile device includes a touch sensitive display device that accepts gestures used to navigate between the desktop screens. Applications may be installed to password protected desktop screens.

Abstract: A method of controlling access to an electronic device is disclosed. The method comprises: generating a modified first image from a first image, wherein the first image and the modified first image include a first image reference point; generating a modified second image from a second image, wherein the second image and the modified second image include a second image reference point; displaying a three dimensional representation of the modified first image overlaid by the modified second image; authenticating access to the electronic device in response to substantial alignment of the first image reference point in the modified first image with the second image reference point in the modified second image.

Abstract: A portable terminal includes a touch panel including a press detection mechanism capable of accepting a press operation on an operating surface, a detection unit to detect a first operation being an operation of sliding a contact object over the operating surface of the touch panel during a period from contact to release of the contact object to/from the operating surface and a second operation being the press operation performed during the first operation through the press detection mechanism, a storage unit to store an authentication pattern composed of the first operation and the second operation, and an execution controller to control whether to execute a function of the information terminal based on a result of verification between an input pattern composed of the first operation and the second operation detected by the detection unit and the authentication pattern.

Abstract: Described herein are systems and methodologies for managing document access permissions. Embodiments of the invention have been particularly developed for allowing group-based permission management in a file system. While some embodiments will be described herein with particular reference to that application, it will be appreciated that the invention is not limited to such a field of use, and is applicable in broader contexts.

Abstract: A novel system and method for accessing data stored in a secure or tamperproof storage device in a wireless communication device is provided. The wireless communication device may include a biometric sensor for capturing a biometric sample of the user. The captured biometric sample may be compared to known biometric samples of users stored in a memory device of the wireless communication device. If the captured biometric sample matches one of the known biometric samples, the user is allowed access to the tamperproof storage device for a preset amount of time. The user may delete existing data, add new data, modify existing data or view existing data stored in the tamperproof storage device.

Abstract: Various embodiments of the invention may be used to verify that a person being authorized by biometric techniques to use a device is a living person and not some form of recording intended to spoof the system. Some embodiments may try to cause a change in a measured biometric feature, and compare images taken before and after the change to verify the change occurred. In some embodiments, multiple stages of verification may be used, either to increase the difficulty of spoofing the security system, or to provide different levels of security for different levels of access to the device's functionality.

Abstract: Data on a first computing device can be represented by a graphical object displayed on a screen of the first device. A user can initiate an “attach event” (e.g., a pinching gesture with respect to the object) to enable the object (e.g., the data represented by the object) to be associated and/or virtually attached to him/her. One or more cameras can view/track the user's hand/finger movement(s). Based on the viewed/tracked movement(s), the object representing the data can be moved on a screen of the first device to correspond to the movement of the user's hand/finger. The object can also be moved to a position on a screen of a second computing device when the user moves his/her hand/finger to an area corresponding to the position. A user initiated “release event” (e.g., an unpinching gesture) can end the association and enable the data to be shared with the second device.

Abstract: This invention is directed to an electronic device with an embedded authentication system for restricting access to device resources. The authentication system may include one or more sensors operative to detect biometric information of a user. The sensors may be positioned in the device such that the sensors may detect appropriate biometric information as the user operates the device, without requiring the user to perform a step for providing the biometric information (e.g., embedding a fingerprint sensor in an input mechanism instead of providing a fingerprint sensor in a separate part of the device housing). In some embodiments, the authentication system may be operative to detect a visual or temporal pattern of inputs to authenticate a user. In response to authenticating, a user may access restricted files, applications (e.g., applications purchased by the user), or settings (e.g., application settings such as contacts or saved game profile).

Abstract: A system and a method for extending the sign-in process for accessing computer system is provided. The system and method allows construction of notices which contains prerequisite conditions to be fulfilled by the user along with the credentials for accessing the computer system. The system and the method further allow updation of the data provided by the user in data storage.

Abstract: Concepts and technologies are disclosed herein for event-based security challenges. A computer can execute a security application. The computer can receive a request for authentication information associated with a user device. The computer can access event data corresponding to the user device. The computer can generate, based upon the event data, a challenge question and a response to the challenge question. The computer can provide data indicating the challenge question and the response to a requestor associated with the request.

Abstract: An authentication system and method thereof capture an image of a user and extract biometric features of the user from the image to determine whether a stored biometric feature matches with the extracted biometric features. If there is a match, an interactive information is generated to invite the user to perform actions shown or specified or described by the interactive information. The user will be authenticated if an action of the user matches the required action in a timely fashion. An electronic device using the same is also provided.

Abstract: An identity is identified by an electronic device. The electronic device receives a connection request from a remote device and controls a remote device to capture an image using the remote device. The electronic device accepts the connection request and authorizes the remote device to access the electronic device upon the condition that the captured image matches a predetermined image stored in the electronic device.

Abstract: A method for confirming identity of a user of a mobile electronic device, the method including: receiving touch data from a touch-screen of the mobile electronic device; receiving acceleration data from an accelerometer of the mobile electronic device; correlating between the touch data and the acceleration data; based on the correlating, generating a user-specific trait indicative of said user. The method further includes storing a reference value of the user-specific trait, indicative of said user; in a subsequent usage session of the mobile electronic device, generating a current value of the user-specific trait correlating between touch data and acceleration data; and based on a comparison between the current value of the user-specific trait and the reference value of the user-specific trait, determining whether or not a current user of the mobile electronic device is an authorized user of the mobile electronic device.

Abstract: Disclosed is a novel system, computer program product, and method for allowing access to an application on a handheld device. This is also known as logging on or password entry. The method begins with detecting a change in at least one of orientation and position of a handheld device relative to a given plane. At least one of a keyboard, a touch screen, a gesture, and voice recognition engine input is received. Based on a combination of the at least one of orientation and position of the handheld and the user input received matching a previously stored value, unlocking access to an application running on the handheld device. The detecting of the change in orientation or position or both can occur simultaneously with the user input or previous to the user input or after the user input.

Abstract: An embodiment may include at least one die produced, at least in part, from a wafer, and may include at least one integrated circuit and/or at least one other integrated circuit. These integrated circuits may be mutual replications of each other and may include respective core and additional blocks. Each respective core block may have an associated respective capability. As formed in the wafer, the respective additional blocks may be coupled together so as to permit the associated respective capabilities of the respective core blocks to be functionally combined to provide an increased capability relative to each of the associated respective capabilities considered separately, and also so as to permit the integrated circuits to be externally interfaced as a unified device. The wafer may be separable into respective dice including respective of the integrated circuits such that the integrated circuits include respective external interfaces. Many modifications are possible.

Abstract: A report generation system is provided. The system comprises at least one data generator that generates data, a data store that comprises the data, a computer system, and a reporting engine. The reporting engine receives a request to generate a report from a client device, applies a first pre-established filter to the data based on credentials associated with a user of the client device to isolate a subset of the data, and applies a second pre-established filter to the subset of the data based on the credentials associated with the user of the client device to isolate a report generation set of data. The reporting engine further generates the report using the report generation set of data from the data store based on user-defined criteria and pre-established default criteria and outputs the report to the client device.

Abstract: There is a verification application arranged to interact with other applications on an electronic device, the electronic device having a processor, a memory and an operating system controlling operation of the verification application and the other applications on the processor using arbitrary memory locations, where the other applications are enabled to call the verification application to securely determine authenticity of a user of the electronic device. The verification application is arranged to receive verification data for secure determination of authenticity of the user; and provide, upon a call from any of the other applications and a match between the verification data and a verification reference, a trust token to the calling application. A method, electronic device and computer program are also disclosed.

Abstract: Shaking patterns and/or environmental information associated with real-world handheld devices may form a basis for enabling authentication and/or effectuating events in a virtual environment. The handheld devices may include toys and/or other object that can be used to play. The handheld devices may be associated with the virtual environment in that individual handheld devices may share an appearance and/or theme with an avatar, a virtual object, and/or other element within the virtual environment. Shaking a pair of handheld devices together may facilitate authentication of the handheld devices with respect to the virtual environment and/or effectuate one or more events within the virtual environment. By way of non-limiting example, two avatars may dance together or become friends in the virtual environment responsive to two corresponding handheld devices being shaken together.

Abstract: A system and method for exchanging secure information between Secure Removable Media (SRM) devices. An initialization operation is performed between the SRM devices. After a mutual authentication operation is performed between the SRM devices, a secret key is exchanged for secure information exchange. An installation setup operation is then performed to establish an environment for moving rights between the SRM devices, and the rights information can be directly exchanged between the SRM devices by performing a rights installation operation between the SRM devices.

Abstract: A method of authenticating a user of a computing device is proposed, together with computing device on which the method is implemented. In the method a modified base image is overlaid with a modified overlay image on a display. At least one of the modified base image and modified overlay image is moved by the user. Positive authentication is indicated in response a first point relative to the base image reference point being aligned with a second point relative to the overlay image reference point.

Abstract: Systems and methods for integrating biometric authentication with video conference sessions are described. An individual seeking to participate in a video conference may first be identified with a biometric parameter such as an iris scan based on a comparison of the scanned iris with a database of stored parameters. If authorized, the system may connect the individual to the video session. In addition, the system may generate dynamic tags that allow the participants to identify and locate individuals in the video conference. For example, if one of the participants is speaking and moving within the room, her tag may change color and move with her on the video screen.

Abstract: A device and method to use a password by touch-less gesture are described. The device includes two or more ambient light sensors arranged at respective surface locations of the device, each of the two or more ambient light sensors measuring light intensity at the respective surface location. The device also includes a first processor to execute a password application on the device, and a second processor to detect two or more gestures performed by an object in touch-less communication with the device and define or verify a password based on the two or more gestures.

Abstract: A system and method for controlling access to a secure resource in a device are disclosed. In some embodiments, the device may include a processor capable of receiving a first request from a first application of a plurality of applications executable by the processor, where the first request requests access to the secure resource, and the first request identifies the plurality of applications. In response to the first request, the processor is capable of generating a ticket associated with the secure resource and with each of the plurality of applications, and then storing the ticket in a memory. After receiving a second request from a second application requesting access to the secure resource, the processor is capable of granting the second application access to the secure resource, if the ticket associated with the secure resource exists and if the ticket is associated with the second application.

Abstract: A display apparatus including an image processor which processes a video signal is provided. The display apparatus includes; a display which displays an image based on a processed video signal; a receiver which receives a key signal input by a user; a storage which stores a password key; and a controller which receives a user's first key signal which comprises an arrow key signal when a password is set up for the display apparatus, sets up and stores the password key which corresponds to the received first key signal, receives a user's second key signal when access is attempted, and allows the access in response to the received second key signal and the stored password key matching each other through a comparison.

Abstract: An approach is provided for authenticating using user actions. A prompt is initiated on a display for an input to authenticate a user. The input is received as a sequence of user actions on the display. A predetermined sequence associated with the user is retrieved. The received sequence is compared with the predetermined sequence to determine a match. The user is declared to be authenticated based on the comparison.

Abstract: A communication device for performing communication by employing first and second communication units, includes: a reception unit for receiving a communication packet including a random number generated for every connection with another communication device, a certificate calculated with the random number, and authentication method information indicating whether or not an authentication method at the second communication unit is compatible with the public key system, through the first communication unit; and a method determining unit for determining whether or not an originator of the communication packet accepts public key encryption based on the authentication method information included in the communication packet; wherein in a case of the method determining unit determining that the originator of the communication packet does not accept the public key system, the random number included in the communication packet is replied to the originator as the identification information of the device itself.