Abstract: A gesture-based method is disclosed for authenticating a user. More specifically, the user of an information handling system is prompted to enter a passcode finger tap sequence input gesture via a touch-sensitive device. The finger tap sequence input gesture is processed to generate a passcode finger tap sequence. The passcode finger tap sequence is then compared to a previously-generated authentication finger tap sequence. If the two finger tap sequences match, then the user is authenticated.

Abstract: A system and method whereby the identity of a person, entity, device or the like attempting to gain access to a secured resource may be securely authenticated includes a means for receiving from a service client a request for access to a secured resource; means for generating and communicating to the purported authorized user a challenge string adapted to provide a basis for authenticating the identity of the requester; a means for receiving from the service client a response string corresponding to the challenge string; and a means for evaluating the response string to authenticate the identity of the requester. The secured resource has a common identifier by which it may be generally identified outside of the authentication system, but the request for access lacks sufficient information content for the service client to be able to determine the common identifier.

Abstract: An image forming apparatus which performs a log-in through an identification with respect to a user includes a non-volatility memory which previously stores discrimination information of the user as registration discrimination information. A discrimination information obtaining section obtains an identified discrimination information from the user. An identifying section compares the identified discrimination information and the registration discrimination information to determine whether the identification is authenticated. An inputting section which receives a process request input by the user. A process executing section executes the process request from the inputting section. A log-in section logs in for the user when the identification is authenticated. A log-out processing section logs out following an end of the input of the process request. The process executing section executes the requested process together with log-out.

Abstract: The present invention relates to using authorization information provided by an asserting agent to control insight-related interactions between a receiving agent and an insight agent. The insight may be information that relates to an entity with whom or a device with which the asserting agent is associated. Such insight is generally referred to as insight of the asserting agent. An insight source maintains the insight of the asserting agent, and the insight agent provides controlled access to the insight by the receiving agent through the insight-related interactions. For others to gain access to at least certain of the asserting agent's insight, the asserting agent must authorize the insight agent to provide the asserting agent's insight to the receiving agent. Upon obtaining the proper authorization, the insight agent will interact with the receiving agent and distribute the asserting agent's insight to the receiving agent.

Abstract: System and method for providing reciprocity in a reputation system are described.

Abstract: An identity management system incorporates privacy management processes that enable the user to exercise privacy controls over the disclosure of user identity information within the context of an authentication process. A combination includes an identity selector, a privacy engine, and a ruleset. The identity selector directs the release of a user identity in the form of a security token to satisfy the requirements dictated by a security policy. Prior to release of the user identity, the engine conducts a privacy enforcement process that examines the privacy policy of the service provider and determines if it is acceptable. The engine evaluates a ruleset against the privacy policy. A preference editor enables the user to construct, in advance, the ruleset, which embodies the user's privacy preferences regarding the disclosure of identity information.

Abstract: Single sign-on process allowing a mobile user with a mobile phone or with a laptop to remote-access a remote server, comprising the steps of: (1) sending a first authenticator over a first communication layer to a first intermediate equipment between said mobile equipment and said remote server, (2) verifying in said first intermediate equipment said first authenticator sent by said mobile equipment, (3) if said first authenticator is accepted by said first intermediate equipment, completing the communication layer between said mobile equipment and said intermediate equipment, (4) repeating steps (1) to (3) with a plurality of successive intermediate equipment and over a plurality of successive communication layers, until a communication has been completed at the last requested communication layer between said mobile equipment and said remote server, wherein at least a plurality of said authenticators are furnished by a smart-card in said mobile equipment.

Abstract: In accordance with embodiments of the present disclosure, an information handling system may include a user interface and a processor communicatively coupled to the user interface. The user interface may comprise a touch sensor configured to detect biometric fingerprint data of a human interacting within a user-interactive area of the user interface. The processor may be configured to receive biometric fingerprint data from the user interface inputted via the user interface during the human's natural interaction with the user interface. The processor may be further configured to determine if the biometric fingerprint data is that of an authorized user of the information handling system. The processor may also be configured to restrict access to the information handling system in response to determining that the biometric fingerprint data is not that of an authorized user of the information handling system.

Abstract: Protecting a fragment of a document includes automatically detecting the fragment without user intervention based on the content of the fragment and/or the context of the fragment within a set of documents, selectively encrypting the fragment to prevent unauthorized access, and providing an alternative view of the fragment that prevents viewing and access of content corresponding to the fragment unless a decryption password is provided. Automatically detecting the fragment may include detecting numbers and alphanumeric sequences of sufficient length that do not represent commonly known abbreviations, detecting generic terms, detecting proper names, detecting terms signifying a type of content, detecting mutual location of terms and sensitive content, and/or detecting user defined terms. The generic terms may correspond to password, passcode, credentials, user name, account, ID, login, confidential, and/or sensitive. The proper names may be names of financial organizations and security organizations.

Abstract: Systems and methods to secure authorized access are disclosed. A method includes receiving, an electronic device, a request to generate function-authorization settings including function-access data associated with a particular function of the electronic device to be protected. The method also includes prompting for and receiving function-access data. The received function-access data includes first function-access data that specifies access credentials of a first user to access the particular function and second function-access data that specifies access credentials of a second user to access the particular function. The method also includes associating the received function-access data with the particular function and storing the function-authorization settings including the received function-access data at a memory of the electronic device.

Abstract: One or more online configuration settings are received prior to deployment and execution of a software appliance. Once the configuration settings have been received, the online configuration settings can be utilized to configure a software appliance image prior to executing the image at a host computer. Once the application of the configuration settings to the image has been completed, the image may executed at a host computer.

Abstract: A method for fast activating applications of an electronic device having a touch screen displays a predetermined unlocking interface on the touch screen when the electronic device wakes from an idle state. The predetermined unlocking interface includes a plurality of pattern drawing regions. Each pattern drawing region corresponds to a predetermined application of the electronic device. When a pattern drawn by the user within any of the pattern drawing regions is the same as a preset unlocking pattern, the electronic device is unlocked. Then, an application of the electronic device corresponding to one of the pattern drawing regions in which the pattern is drawn is activated.

Abstract: A method of providing restricted access to computer application information via a computing device includes: displaying a limited-access icon on a display of the computing device, the limited-access icon including a function indicator and code-entry segments that can be selected by a user of the computing device, each of the code-entry segments including a visual indicator; receiving a selection sequence of user selections of selected ones of the code-entry segments; and performing a limited-access function corresponding to the function indicator in response to the selection sequence corresponding to an authorized sequence.

Abstract: Provided are method and apparatus for authenticating a password of a user terminal by using a password icon. The method includes: method of authenticating a password of a user terminal, the method including: pre-setting, by a user, a password icon corresponding to a password and a moving direction of the password icon; sequentially moving the icon according to actions of the user at a screen of the user terminal; when the icon is sequentially moved, determining whether the pre-set password icon and the pre-set moving direction of the password icon are matched; and authenticating the password when the password icon and the moving direction of the password icon is sequentially matched.

Abstract: Provided are method and apparatus for authenticating a password of a user terminal. The method includes: pre-setting, by a user, a password and an identification image for identifying the password; moving a keypad window or an image window realized on a screen of the user terminal according to an action of the user; determining, when a plurality of images included in the image window and a plurality of keys included in the keypad window sequentially overlap with each other, whether a plurality of keys and the identification image corresponding to the password sequentially overlap; and authenticating the password when the plurality of keys and the identification image corresponding to the password sequentially overlap. Accordingly, password information may be protected from a third person observation as the user inputs a pre-set password in an indirect method without having to directly input the pre-set password through an authentication interface.

Abstract: This invention is directed to an electronic device with an embedded authentication system for restricting access to device resources. The authentication system may include one or more sensors operative to detect biometric information of a user. The sensors may be positioned in the device such that the sensors may detect appropriate biometric information as the user operates the device, without requiring the user to perform a step for providing the biometric information (e.g., embedding a fingerprint sensor in an input mechanism instead of providing a fingerprint sensor in a separate part of the device housing). In some embodiments, the authentication system may be operative to detect a visual or temporal pattern of inputs to authenticate a user. In response to authenticating, a user may access restricted files, applications (e.g., applications purchased by the user), or settings (e.g., application settings such as contacts or saved game profile).

Abstract: A simple, customizable and intuitive virtual combination unlock method and system. More specifically, an unlock system and method is disclosed which includes a virtual combination lock, where the virtual combination lock includes several rows of user-selectable images such as pictures or icons as the virtual combination wheels. In certain embodiments, the images are accessed via the user's database. To unlock the device, the user touches and drags pre-selected images into alignment with each other. Security can be adjusted by changing the number of images that need to be aligned to unlock the device.

Abstract: Methods, computer-readable storage medium, and systems described herein facilitate enabling access to a virtual desktop of a host computing device. An authentication system receives one of an authentication token and a reference to the authentication token, wherein the authentication token is indicative of whether a user successfully logged in to an authentication portal using a client computing device. The authentication system generates a private key, a digital certificate, and a personal identification number (PIN) for the user in response to receiving the one of the authentication token and the reference to the authentication token. The private key, the digital certificate, and the PIN are stored in a virtual smartcard, and the client computing device is authorized to log into a virtual desktop using the virtual smartcard.

Abstract: A method for real-time verification of live person presence at a network location comprises the following steps: receiving a verification request at a network location; generating a real-time security indicia; displaying the real-time security indicia on a display screen at the network location; capturing with a back-facing camera at the network location, a real-time image of the field of view (FOV) in front of the display screen displaying the security indicia; detecting a human face in the FOV image; detecting an eye region of the human face in the FOV image; and detecting a reflected image of the security indicia in the eye region in the FOV image. If the reflected image of the security indicia is not detected in the eye region of the FOV image, the verification attempt is deemed unsuccessful, whereas if the reflected image of the security indicia is detected, the verification attempt is deemed successful.

Abstract: If an MFP has not received setting information from a server at startup, it refers to setting information stored in a nonvolatile storage unit which stores setting information received in the last operation. This enables the MFP to start with some functions available in accordance with the last setting information referred to, while the MFP waits for reception of setting information at startup.

Abstract: Disclosed are various embodiments for an authentication manager. A security credential is generated based at least in part on a security credential specification associated with a network site. The security credential and a domain name associated with the network site are stored. The security credential is provided to the network site when a domain name associated with a trusted certificate provided by the network site matches the stored domain name.

Abstract: In one or more implementations, a computing device receives an indication that a device is attempting to pair with the computing device. If a user is not currently authenticated with respect to the computing device, inputs received by the device are restricted from being used by the computing device for uses other than authenticating the user.

Abstract: An apparatus for inputting a password using a game may include a password image display unit to display at least one group password image including at least one password image, in at least one region of a display device, a receiving unit to receive at least one piece of motion information from an external input device, a character image display unit to display, on the display device, a character image that may move based on the at least one piece of motion information, a determination unit to determine which of the at least one group password image the character image contacts, and to determine which of at least one password image included in the contacted group password image is selected when a contact takes place as a result of the determination, and an authentication unit to control a user authentication procedure to be performed based on password information corresponding to the selected password image.

Abstract: Techniques may be used to authenticate a user to a computing device using their skin tone. A color sample may be received while a computing device remains in a power saving state. A user may be authenticated when the color sample matches a skin tone record. The computing device may be placed in an active state when the user is authenticated. Other embodiments are described and claimed.

Abstract: Methods for recognition and interpretation of pinch-in and pinch-out gestures for unlocking a screen of a mobile device, which has been locked to prevent accidental activation of device functionalities while being carried, such as in pocket or purse.

Abstract: A mechanism to generate clocks when there is no security breach is contemplated. Using the conditional generation of clocks for synchronous digital designs, the invention enables mechanisms to secure Mobile Devices. When a potential security breach is detected, clock generation to at least a portion of the Mobile Device is disabled. The invention also contemplates mechanisms to re-enable the Mobile Device when the security risk is resolved.

Abstract: A method of user authentication on a computing device is proposed, together with computing device on which the method is implemented. In the method a modified base image is overlaid with a modified overlay image on a display and movement of either the modified base image or modified overlay image is responsive to receiving an input starting outside a display area of a touchscreen. Positive authentication is indicated in response to the base image reference point on the modified base image being aligned with the overlay image reference point on the modified overlay image.

Abstract: A user device comprising a processor configured to enable a mnemonic based digital signature scheme for user authentication that is based on a combination of one or more secrets and one or more actions implemented on the user device and associated with the secrets, and a device input system coupled to the processor and configured to detect the actions implemented on the user device. Also disclosed is an apparatus comprising a processor configured to implement a mnemonic based digital signature for authenticating a user, a device input system configured to enable the mnemonic based digital signature, and a memory unit configured to store input data that is used to recognize the mnemonic based digital signature, wherein the mnemonic based digital signature comprises a secret, an action associated with the secret and implemented using the device input system, and a cue associated with the action.

Abstract: Various aspects are discussed, for example, a method is described for authentication of devices in a wireless network involving NFC (Near Field Communication), wherein a device periodically switches its mode from a read mode, in which it is able to receive authentication data from one or more other devices, to a write mode, in which it sends out authentication data to the one or more other devices, according to a random time slot scheme, the device authenticates itself after having received authentication data from another device during the read mode, and the device switches permanently its mode to the write mode after being authenticated.

Abstract: A cloud connector key includes a network interface configured to connect to a network, a mass storage interface configured to connect to a network isolated device, and a computation module operatively connected to the network interface and the mass storage interface. The computational module is configured to connect to a cloud repository using the network interface by obtaining, from storage on the cloud connector key, a network address of the cloud repository, requesting connection to the cloud repository using the network address, and authenticating, using credentials in the storage on the cloud connector key, to an account in the cloud repository. The computational module is further configured to transfer a file between the account in the cloud repository and a network isolated device via the mass storage interface.

Abstract: A method and a system for processing an online financial transaction executed at least partially by a computing device coupled to a communications network, comprising a rule-module nexus for processing an online financial transaction, an on-line verification platform, an online user account registry, wherein the on-line financial transaction comprises a payor-payee transaction, wherein the user is the payor and a merchant is the payee, and comprising at least one of the following: (a) the user and the payee are each directly and independently connected to the rule-module nexus during simultaneous logon sessions via a communication network, and wherein upon the user clicking on a website widget of the payee, the rule-module nexus transmits secure socket layer data directly to the user interface apparatus for display to the user via a pop-up window, without requiring application programming interface integration with a website of the payee and without requiring a form re-direct of the user away from the website

Abstract: Example methods and apparatus for authenticating a user login are disclosed herein. An example method includes displaying an image and dynamically presenting symbols adjacent the image. The example method includes receiving a code, the code formed by an arrangement of one or more of the symbols on the image. The example method includes authenticating a user based on the code.

Abstract: Methods and apparatuses for controlling access to computer systems and for annotating media files. One embodiment includes a method including generating a challenge to a user, wherein the challenge includes a verify part and a read part. The methods also includes prompting the user to solve both the verify part of the challenge and the read part of the challenge; receiving input from the user; determining if the input from the user relative to the verify part of the challenge corresponds with the known answer for the verify part of the challenge; and identifying the input from the user relative to the read part of the challenge as an answer to the read part of the challenge, if the input from the user relative to the verify part of the challenge corresponds with the known answer for the verify part of the challenge.

Abstract: Security management in an electronic device is provided. An method of the electronic device includes displaying an icon of an application having a first security level in a first region which occupies part of an interface, and displaying an icon of an application having a second security level in a second region which occupies an exclusive part of the first region.

Abstract: An input device may be in communication with an application processor, wherein the input device may be configured to receive an input and the application processor may be configured to translate the input to a received template. A secure element may be in communication with the application processor and configured to receive the received template from the application processor. The secure element may include a matcher and an enrolled template database. The matcher may be configured to compare the received template from the application processor with an enrolled template within the enrolled template database and return a match status based on the comparison.

Abstract: The claimed subject matter provides an apparatus for facilitating no-look one-handed authentication. The apparatus includes logic to identify whether a user-manipulatable input is in one of a plurality of possible states for a time period, and authenticate a user based at least partially on identification that the user-manipulatable input is in the one of the plurality of possible states for the time period.

Abstract: In a file protection method, when a request for opening a protected file is received, an environment image is captured, and character features in the environment image are extracted. The extracted character features are compared with character features of one or more authorized users that are pre-stored in a storage device, to determine if the environment image contains character features that match with the pre-stored character features of an authorized user. The content of the file is shown on the display device when the environment image contains character features that match with the pre-stored character features of an authorized user, and the file is forbidden to open when the environment image does not contain character features that match with the pre-stored character.

Abstract: In a method for unlocking an electronic device, a plurality of icons are preset and an icon is designated to be an unlocking icon for unlocking the electronic device. When the electronic device is locked, the icons are moving on the display device, and the moving icons is highlighted one by one according to a moving direction and a time interval. When a highlighted icon is touched and the highlighted icon is the unlocking icon, the electronic device is unlocked.

Abstract: An application-executing method using fingerprint recognition wherein an application-executing device executes an application using fingerprint recognition, includes recognizing a fingerprint from a fingerprint image obtained through a fingerprint sensor in a locking state of the application-executing device, activating a specific area that is part of a locking state screen of the application-executing device when the fingerprint is recognized, displaying a list of a plurality of applications in the specific area, receiving selection information of at least one application from the list of the plurality of applications, and executing an application according to the selected information.

Abstract: The present invention refers to a method for verifying the identity of a speaker based on the speakers voice comprising the steps of: a) receiving a voice utterance; b) using biometric voice data to verify (10) that the speakers voice corresponds to the speaker the identity of which is to be verified based on the received voice utterance; and c) verifying (12, 13) that the received voice utterance is not falsified, preferably after having verified the speakers voice; d) accepting (16) the speakers identity to be verified in case that both verification steps give a positive result and not accepting (15) the speakers identity to be verified if any of the verification steps give a negative result. The invention further refers to a corresponding computer readable medium and a computer.

Abstract: A method and apparatus for providing password security to an electronic device. Access rights to an electronic device are determined by decrypting and decoding an encrypted password given to one or more individuals. When an individual enters a given encrypted password into the electronic device, a decrypting function decrypts the password to generate an decrypted password. The decrypted password contains information as to whether access should be granted to the individual, and if so, to what extent. For example, the decrypted password may comprise a time and date field which indicates a date and time at which access will not be granted.

Abstract: According to one embodiment, a method of authenticating a user includes receiving login credentials identifying a user. A plurality of pressure readings are received from a plurality of pressure sensors coupled to a biometric grip device. The plurality of pressure readings comprise a first biometric pressure reading from a first pressure sensor coupled to the biometric grip device and a second biometric pressure reading from a second pressure sensor coupled the biometric grip device. The first and second biometric pressure readings measure a first pressure exerted at the first pressure sensor and a second pressure exerted at the second pressure sensor. A neurological number is generated from the plurality of pressure readings. The user is authenticated by comparing the neurological number with a registered neurological number. If the neurological number matches the registered neurological number, the user is authorized to access a computer system coupled to the biometric grip device.

Abstract: Devices, systems and methods that route a communication link to a proper destination are disclosed. The method may include connecting the communication link to a first destination; requesting a response from the first destination; validating the response from the first destination; and disconnecting the communication link to the first destination if the response from the first destination is not valid. The method may also include connecting the communication link to a second destination; requesting a response from the second destination; and disconnecting the communication link to the second destination if the response from the second destination is not valid. The devices, systems and methods may provide hunt group, call center and conference call features as discussed later herein.

Abstract: An image forming apparatus includes a main controller unit provided in a main body of the image forming apparatus. The main controller includes a replacement component management memory to store lifespan information of a replacement component is provided in An authentication operation is performed with respect to the replacement component management memory, and the lifespan information of the replacement component is encrypted and stored in the replacement component management memory. Accordingly, the security of the main controller unit may be enhanced and illegal use of the replacement component may be prevented.

Abstract: A microcomputer has a processing unit; a plurality of registers; a storage storing hardware initialization data that includes an initial value and a register address in which the initial value is set, the processing unit performing a process including: setting the initial value in a register having the register address based on the hardware initialization data; performing a functional capability limitation releasing processing to determine whether authentication data in an authentication register, which is selected in advance from the plurality of registers, is correct based on an authentication information for releasing limitations on a functional capability of a function, and to put a function corresponding to the authentication information into an executable state when the authentication data is correct; and executing the function which is put into the executable state to realize the functional capability of the executed function.

Abstract: An industrial manipulating system includes a plurality of computers and an input assembly shared by the computers. A response capability of the computer is interrupted to operation commands. A camera is used to take a photograph of a current operator and determination is made whether the photograph contains a face image of the current operator. The response capability of the identified computer is restored to the operation commands when the photograph contains the face image of the current operator.

Abstract: An authentication scheme for unlocking a computing system may require a shortened password in some cases. For example, the computing system may be configured to determine a time that a user has been locked out of a computing device and to determine which of a plurality of time spans that the time falls within. The computing system may also prompt the user for a required password including a full password or a subset of the full password depending on the determined time span. The computing system may be further configured to display a visual indicator corresponding to the determined time span or a required password length on a visual display. A length of the required password for login may be progressively longer for each of the plurality of time spans as a time period that a respective time span covers increases.

Abstract: A PIN is automatically generated based on at least one rule when the user enters a password through a user device. In one example, the PIN is a truncated version of the password where each character in the truncated version is mapped onto a number. The mapping can be a truncation at the beginning or end of the password, or the mapping can be with any pattern or sequence of characters in the password. This PIN generation may be transparent to the user, such that the user may not even know the PIN was generated when the password was entered. When the user attempts to access restricted content, the user may enter the PIN instead of the password, where the user may be notified of the rule used to generate the PIN so that the user will know the PIN by knowing the password.

Abstract: A method and system for managing user authentication. First authentication data associated with a user is received from a first authentication mechanism. The first authentication data is generated in response to the first authentication mechanism successfully authenticating the user. In response to receipt of the first authentication data, a first identifier associated with the user is registered. The first authentication data is associated with the first identifier. In response to associating the first authentication data with the first identifier, second authentication data associated with the user is received from a second authentication mechanism. The second authentication data is generated in response to the second authentication mechanism successfully authenticating the user. The second authentication data is associated with the first authentication data and the first identifier.

Abstract: In some embodiments, a computerized method includes presenting multiple choices for attributes of a multi-layered graphical password, wherein each of the attributes is associated with one of a plurality of layers of the multi-layered graphical password. The multi-layered graphical password is for use in accessing a system. The method includes receiving selections from among the multiple choices, wherein the selections identify a group of the attributes of the multi-layered graphical password. The selections are associated with a user attempting access to the system. The method includes authenticating the user based on the group of the attributes of the multi-layered graphical password. The method also includes allowing the user access to the system.