Abstract: An authentication method includes sensing, pressure information through a touch screen. The pressure information includes a pressing strength value of a pressed contact when a user presses the touch screen. The sensed pressure information is compared with an authentication password by using the sensed pressure information as an authentication password. If the sensed pressure information matches the stored authentication password, it is determined that password authentication succeeds; otherwise, the password authentication fails.

Abstract: Various embodiments are generally directed to use of a keyboard as a biometric authentication device. In one embodiment, for example, an apparatus comprises a processor circuit executing a sequence of instructions causing the processor circuit to receive a signal indicative of a keypress of at least one key of a keyboard communicatively coupled to the apparatus, and indicative of at least one physical characteristic associated with the keypress; compare the at least one physical characteristic to at least one stored physical characteristic associated with at least one authorized user of the apparatus; and determine if the keypress is associated with at least one authorized user of the apparatus based on the comparison. Other embodiments are described and claimed herein.

Abstract: In an embodiment, the present invention includes a method for receiving a request for user authentication of a system, displaying an authentication image on a display of the system using a set of random coordinates, receiving a plurality of gesture input values from the user, and determining whether to authenticate the user based at least in part on the plurality of gesture input values. Other embodiments are described and claimed.

Abstract: A portable computing device receives an identity card and restricts access to the portable computing device if the identity card is unassociated with the portable computing device. If access to the portable computing device is restricted, the portable computing device receives identification from a second portable computing device and grants access to the portable computing device if the identification is successfully authenticated.

Abstract: An apparatus and method for securely providing identification information generates one or more obscured identifiers for a recipient, such as one or more identifiers that are generated based on data unique to a recipient or other information as may be appropriate. In one embodiment, the method and apparatus generates a translucent identification member, such as a plastic card, sheet, film or other suitable member that has a translucent area that includes one or more obscured identifiers. When the translucent identification member is overlayed on a screen displaying a visual filtering pattern, one of one or more obscured identifiers is visually revealed for use during the particular transaction. The revealed identifier is entered into a recipient device and sent to an authenticator to be verified as an appropriate identifier for the transaction.

Abstract: Methods for secure communications are provided. The methods include creating a safe user account on a secure access system, wherein creating an account includes provision of at least one strong authenticator to be associated with a user of the secure access system; providing a unique login and the at least one strong authenticator associated with the user to the secure access system to gain access to information associated with a referring organization, the referring organization being registered with the secure access system; and accessing the information associated with the referring organization based on the unique login and the at least one strong authenticator provided to the secure access system. Related systems and computer program products are also provided.

Abstract: Embodiments of the present invention may detect an access attack by analyzing the passwords from successive access requests in an access session or by analyzing successive access attempts to determine patterns in the access information. For example, the analysis may consist of examining the access information to determine cycling in passwords of the access information. Cycling passwords may consist of password that are varied in a predictable or repetitive manner such as “aaaa”, “aaab”, “aaac”, “aaad”, etc. In addition, the usernames and passwords from successive access requests in an access session are analyzed to determine patterns in both the usernames and passwords. The analysis may consist of examining the access information to determine the use of identical passwords for various usernames. The analysis may also detect the cycling of passwords across multiple usernames.

Abstract: Security analysis and vulnerability testing results are “packaged” or “bound to” the actual software it describes. By linking the results to the software itself, downstream users of the software can access information about the software, make informed decisions about implementation of the software, and analyze the security risk across an entire system by accessing all (or most) of the reports associated with the executables running on the system and summarizing the risks identified in the reports.

Abstract: The present invention enables improvement in user convenience while reducing security degradation. To accomplish this, an information processing apparatus includes a display unit that displays an operation screen; an acceptance unit that accepts input from a user; a display control unit that controls display so as not to change the operation screen to a predetermined state when a predetermined time elapses without accepting input from the user by the acceptance unit; and an acquisition unit that acquires biological information of the user, wherein the display control unit does not change the operation screen to the predetermined state even if the predetermined time elapses without accepting input from the user by the acceptance unit if, within the predetermined time, the acquisition unit acquires biological information of the last user from whom input was accepted by the acceptance unit before the predetermined time started to be counted.

Abstract: Provided is electronic paper that includes an imaging sheet for displaying content, a memory for storing the content, a mode switch unit for manually setting an operation mode of the electronic paper, and a controller for performing at least one operation from a plurality of operations including encryption of the content stored in the memory, deletion of the content stored in the memory, deletion of content displayed on the imaging sheet from a screen, and display of a lock screen that requires input of a password on the imaging sheet, according to an operation mode that is set by a user using the mode switch unit.

Abstract: It is not possible to identify a suitable random value that can increase the validity of data after adding a random data and causing the concealment of original data values.

Abstract: A pre-installation environment used by an operating system includes a pre-installation kit, a running unit, and a write inhibiting unit. The running unit is used for running the pre-installation kit, and generating an inhibiting signal when running to call the executable files for configuring network environment. The write inhibiting unit is used for inhibiting information generated by running the executable files from being written into a log file in response to the inhibiting signal.

Abstract: The present disclosure relates to a Completely Automated Public Turing Test to tell Computers and Humans Apart (CAPTCHA) image authentication method and system. The CAPTCHA image authentication method comprises the steps of: collecting a plurality of first objects; defining a plurality of variables so as to be used as basis for classifying and dividing the plural first objects into M groups accordingly while allowing each group in the M groups to correspond to at least one variable selected from the plural variables; selecting at least one group from the M groups while further grading and dividing the first objects in the selected group into subgroups of N grades based upon a standard unit of the variable corresponding to the selected group; sorting and storing the subgroups of N grades; and selecting a plurality of authentication objects from the subgroups of N grades to be used in an authentication process.

Abstract: A biometric authentication device performs authentication of a user based on biometric information. In the biometric authentication device, a registry information storage stores pre-registered biometric information as registry information. An acceptance value determiner determines a verification acceptance value used for authentication, based on quality of the registry information with regard to reliability of characterizing an individual. An authentication information acquirer obtains biometric information of a user as authentication information. A similarity calculator compares the authentication information of the user with the registry information and calculates similarity between the authentication information and the registry information. An authenticator identifies whether the user is a registrant corresponding to the registry information, based on the similarity and the verification acceptance value.

Abstract: Secure access of an electronic device may be dynamically controlled based on an adaptive algorithm. Secure access may comprise locking or unlocking of the electronic device. The adaptive algorithm may enable adjusting parameters used in determining when access to the electronic device is granted or denied. The parameters may comprise one or more thresholds used when comparing current user related information, such as biometric information, with corresponding prior information. The adaptive algorithm may enable adjusting the parameters based on valuation of information that may be exposed when the electronic device is accessed, probability of unwanted access, and/or acceptable cost of improper denial of access.

Abstract: A system and method for controlling access to a secure resource in a device are disclosed. In some embodiments, the device may include a processor capable of receiving a first request from a first application of a plurality of applications executable by the processor, where the first request requests access to the secure resource, and the first request identifies the plurality of applications. In response to the first request, the processor is capable of generating a ticket associated with the secure resource and with each of the plurality of applications, and then storing the ticket in a memory. After receiving a second request from a second application requesting access to the secure resource, the processor is capable of granting the second application access to the secure resource, if the ticket associated with the secure resource exists and if the ticket is associated with the second application.

Abstract: A simplified messaging system is provided. In various embodiments, the simplified messaging system receives a selection of an image representing an identification for a user that the user previously provided, receives a selection of multiple images representing a password for the user that the user previously selected, and logs the user into an electronic messaging system based on the selected images. In various embodiments, the simplified messaging system comprises a mail transport server that receives and forwards electronic messages, a mail registration server comprising an images component that stores images associated with user identifications and user passwords, and a mail client that receives a selection of an image identifying a user and multiple images associated with a password of the user, and logs the user into an electronic messaging system when the images are selected.

Abstract: Disclosed is a system and method for automatically managing software licenses that are specifically tied to end users. A repository located on an authentication and license checking server contains the license requirements needed for each application. The repository is searched to determine which license(s) the requester needs to get access to an application. A user authentication is combined with a license checking at the server to grant or deny access to the application. A procurement license server may also be coupled to the license authentication and checking server to order any missing license(s).

Abstract: A key fob includes a biometric sensor including a fingerprint area sensor having a surface for receiving a finger, and a controller includes at least one processor configured to authenticate a user of the key fob based on biometric information obtained with the biometric sensor and stored biometric information for an individual. The key fob includes a RF transmitter for communicating stored transaction information to a reader upon authentication of the user and a housing. The housing includes a base for supporting the biometric sensor and a cover sleeve slidably engaged with the base to allow for extension from and retraction into the sleeve by the base, thereby permitting selective exposure of the fingerprint area sensor under user actuation.

Abstract: A method of authenticating a user of a computing device is proposed, together with computing device on which the method is implemented. In the method a modified base image is overlaid with a modified overlay image on a display and at least one of the modified base image and modified overlay image is moved by the user. In addition to the moving, a change in orientation of at least one of the modified base image and the modified overlay image is required. Positive authentication is indicated in response to the base image reference point on the modified base image being aligned with the overlay image reference point on the modified overlay image and the change in orientation matching a pre-selected orientation criterion.

Abstract: In a first embodiment of the present invention, a method for registering a new device to a control point in a home network is provided, the method comprising: generating a first self-certified identification at the control point, the generation using a pseudo-random generated number and using an identification of the control point; and sending a secure message to the new device containing the first self-certified identification.

Abstract: In some applications, it may be more convenient to the user to be able to log in the memory system using one application, and then be able to use different applications to access protected content without having to log in again. In such event, all of the content that the user wishes to access in this manner may be associated with a first account, so that all such content can be accessed via different applications (e.g. music player, email, cellular communication etc.) without having to log in multiple times. Then a different set of authentication information may then be used for logging in to access protected content that is in an account different from the first account, even where the different accounts are for the same user or entity.

Abstract: A platform security apparatus and a method thereof are capable of protecting a mobile communication terminal from an abnormal or unintended operation of an application program installed over a platform of the mobile communication terminal. An authentication key is created with respect to each function of an application program, and the authentication key and an identifier of the application program are associated with each other and stored. An authentication process is performed by comparing an authentication key and an identifier of an application program registered as function parameters with an authentication key and an identifier of the application program which have been stored, when the application program calls the function.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for receiving, by a computing system that is locked, input from a user that provides an unlocking pattern. During entry of the unlocking pattern, a display of the computing system does not provide a visual indication of an action that will be performed upon the user completing the unlocking pattern. The computing system compares the provided unlocking pattern to a plurality of stored unlocking patterns to determine whether the provided unlocking pattern matches any of the stored unlocking patterns. The stored unlocking patterns are associated with respective actions that are performed upon completion of the respective unlocking patterns. The unlocking patterns are associated with a same level of unlocked security access to the computing system. The computing system responds by unlocking the computing system and performing the action that is associated with the matching unlocking pattern.

Abstract: A computer implemented security system (10) and method are disclosed. A user interface (20) is displayed on a display device (30), the user interface including a positioning guide (100) and a marker. User inputs are received on a password comprising a plurality of symbols and a location for each symbol in the user interface (20) relative to said positioning guide (100). Authentication is performed in dependence on the received user inputs and on the marker, the marker being selected from a plurality of markers, each marker designating a different condition to be met by the received user inputs to be successfully authenticated.

Abstract: An image processing apparatus capable of reducing the number of processing flows and also reduce time and effort required by a user in searching a desired processing flow. The image processing apparatus including an authentication unit adapted to execute user authentication, and an execution unit adapted to execute processing on image data with a plurality of processes as a sequential processing flow while cooperating a plurality of different functions with one another. Setting data personalized for a user authenticated by the authentication unit is obtained, and the plurality of processes is registered as a sequential processing flow. The processing flow is executed with a part of the processing flow replaced by processing personalized for the user set in the setting data, upon executing the registered processing flow.

Abstract: Auditing a communication is disclosed. Credentials are received from a client. It is determined whether the client is authorized to communicate with a remote resource. If it is determined that the communication with the remote resource is allowed, a communication is forwarded from the local resource to the remote resource.

Abstract: A computer device receives a personal authentication statement from a user seeking to access concealed computer objects or applications on the computer device. A parser syntactically parses the personal authentication statement to extract a user-authentication token and a computer objects-authentication token. The computer objects-authentication token can identify one or more concealed computer objects on the computer device. The computer device reveals the one or more concealed computer objects to the user upon authentication of the user and verification that the authenticated user is authorized to access the concealed computer objects.

Abstract: In a method for managing accounts and passwords of an application system using an electronic device, the method controls a fingerprint recognizing unit of the electronic device to capture a second fingerprint if a first fingerprint is stored in a storage device of the electronic device, and displays a login interface of the application system on a display screen of the computing device if the second fingerprint is the same with the first fingerprint. The method obtains the account and password of the application system from the storage device if the account and password of the application system is stored in the storage device, and inputs the account and password into two inputting boxes of the login interface of the application system.

Abstract: An apparatus for waking up a computer system is disclosed. The apparatus is electrically coupled to a south bridge, or a Platform Controller Hub (PCH), having a first USB host interface.

Abstract: A method of authentication is provided that includes capturing palm biometric data from an individual, transmitting the biometric data to an authentication system, and generating an authentication biometric template from the captured biometric data with the authentication system. Moreover, the method includes conducting a plurality of verification matching transactions between the authentication biometric template and enrollment biometric templates stored in the authentication system, and between the authentication biometric template and imposter biometric templates stored in the authentication system. Furthermore, the method includes updating a genuine matching score distribution with at least one genuine matching score, updating an imposter matching score distribution with at least one imposter matching score, and calculating a maximum genuine matching score and a minimum imposter matching score.

Abstract: A microprocessor includes an MSR and fuses. The microprocessor encounters an instruction requesting access to the MSR and specifying the MSR address, performs a function of the specified MSR address and a value read from the fuses to generate a first result, encrypts the first result with a secret key to generate a second result, compares the second result with an instruction-specified password, and allows the instruction to access the MSR if the second result matches the password and otherwise denies access MSR. Manufacturing subsequent instances of the microprocessor with a different fuse value effectively revokes the password. Alternatively, a control register of the microprocessor may be written by system software to override the fuse value and thereby revoke the password. The function may be XOR or concatenation, the encryption may be AES, and the secret key is externally invisible.

Abstract: A client hosted virtualization system (CHVS) includes a processor to execute code, a component, and a non-volatile memory. The non volatile memory includes BIOS code and code to implement a virtualization manager. The virtualization manager is operable to initialize the CHVS, launch a virtual machine on the CHVS, and assign the component to the virtual machine, such that the virtual machine has control of the component. The CHVS is configurable to execute the BIOS and not the virtualization manager, or to execute the virtualization manager and not the BIOS.

Abstract: A method and apparatus for interfacing a host computer with a hard drive cartridge is disclosed in one embodiment. The virtual device interface is divided between a kernel component in a driver stack of the kernel space and a user component configured to run in user space. The kernel component passes data commands from the operating system to a cartridge dock while separating other commands that are passed to the user component. The user component authenticates the kernel component and/or the hard drive cartridge. Use of the removable hard drive cartridge is also authorized by the user component.

Abstract: A system and method for integrating the Internet front end-sign on processes of the various systems of a financial institution which allows a customer to view and access its various financial accounts with the institution. During the initial sign up for the online access. to its accounts, a customer creates his/her User ID and password online during the same session. Once the customer has signed on (password) and verified ownership of at least one account, the system displays all of the customer's accounts that are available for access via the Internet website. The online ownership verification uses only a single account of the customer and the ownership verification criteria associated with the account. The account used for verifying a customer is first determined based on the accounts selected by the customer for accessing online. From the selected accounts, the system of the present invention creates a verification hierarchy with respect to the accounts.

Abstract: A mobile device includes a user interface that has a plurality of non-password-protected desktop screens and at least one password protected desktop screen. The mobile device includes a touch sensitive display device that accepts gestures used to navigate between the desktop screens. Applications may be installed to password protected desktop screens.

Abstract: In embodiments of restricted execution modes, a mobile device can display a device lock screen on an integrated display device, and transition from the device lock screen to display a shared space user interface of a shared space. The transition to display the shared space user interface is without receiving a PIN code entered on the device lock screen. The mobile device implements a restricted execution service that is implemented to activate a restricted execution mode of the mobile device, and restrict access of a device application to device content while the restricted execution mode is activated. The restricted execution service can also allow a shared device application that is included in the shared space access to the device content while the restricted execution mode is activated.

Abstract: A data secrecy system of an electronic device detects whether a screen unlocking interface of the electronic device is activated. The data secrecy system controls the recorder to record a phrase said by a user after the user is invited to speak. And then the data secrecy system extracts characteristics of the recorded phrase. The data secrecy system determines a privilege level for the user to access all or a part of functions of the electronic device according to the characteristics of the phrase, and controls the electronic device to work according to the determined privilege level of the user.

Abstract: A mobile device includes a user interface that has a plurality of non-password-protected desktop screens and at least one password protected desktop screen. The mobile device includes a touch sensitive display device that accepts gestures used to navigate between the desktop screens. Applications may be installed to password protected desktop screens.

Abstract: A low power driver system for controlling an electric strike of a door is provided. The low power driver system includes an input system configured to detect a user credential, a control system configured to authenticate the user credential and generate a plurality of signals based at least in part on an authentication of the user credential, a driver system configured to generate a plurality of voltage potentials during an unlocking cycle based at least in part on the plurality of signals, wherein each of the plurality of voltage potentials are difference from each other, and a locking device configured to unlock based at least in part on the plurality of voltage potentials.

Abstract: One or more user service tickets are obtained (i.e. pre-fetched) from an authentication server and stored in a ticket cache. The user service tickets facilitate a login device communicating with one or more users or group members associated with the login device. Login credentials for the users or group members may be subsequently authenticated against the user service tickets within the ticket cache thereby eliminating the need for immediate access to the authentication server or a previous login session by the users or group members. The user service tickets within the ticket cache may be refreshed as needed. In one embodiment, the user service tickets are refreshed daily and also in response to login attempts if the authentication service is readily accessible.

Abstract: The invention relates to a method for decrypting encrypted broadband data by one or more authorized users comprising the following steps: provision of the encrypted broadband data (10) for a plurality of users; provision of encrypted or non-encrypted key data (30), which is of a comparatively narrower band than the broadband data (10) and which is personalized for one or more authorized users, exclusively in a decryption unit (40), said narrow-band key data (30) being held in the decryption unit (40) in a form that is not accessible to the authorized user; at least partial decryption of the encrypted broadband data (10) in the decryption unit (40) in order to output a broadband data stream (70) that is at least partially decrypted; or generation of broadband key information (30?) from the narrow-band key information (30) in the decryption unit (40) for the subsequent decryption of the encrypted broadband data (10).

Abstract: Embodiments of the invention are directed to a method for providing security against phishing attacks. The method can include receiving a login ID from a client, and providing an encrypted commitment to the client. The method can also include receiving a one-time password (OTP) from the client, and validating the OTP. The method can also include sending a commitment key, to be authenticated by the client, receiving a static password from the client and authenticating the client. Embodiments of the invention are directed to a system for providing security against phishing attacks. The system can include one or more servers configured to receive a login ID from a client, and provide an encrypted commitment to the client. The processors can be configured to receive a one-time password (OTP) from the client, validate the OTP, send a commitment key, to be authenticated by the client, receive a static password from the client and authenticate the client.

Abstract: An electronic device may include a finger sensor to sense a user's finger. The electronic device may also include a processor coupled to the finger sensor to perform multiple applications, acquire finger-matching biometric data of the user's finger from the finger sensor, and authenticate the user based upon a match between the acquired finger-matching biometric data and finger-enrollment biometric data. The processor may also start a given application, from among the applications thereof, based upon the authentication. The processor may treat the authentication as valid for a threshold time period.

Abstract: A mobile information terminal includes a mode acquisition section adapted to acquire the mode of the mobile information terminal; a sample filling section adapted to, when the number of gripping feature samples acquired in a mode is insufficient, fill in lacking gripping feature samples with gripping feature samples acquired in another mode; a gripping-feature sample acquisition section adapted to acquire gripping feature samples; a switch adapted to switch the mobile information terminal between a learning state and an authentication state; a template learning section adapted to learn an authentication template in each mode using the gripping feature samples when the mobile information terminal is in the learning state; an authentication section adapted to compare the learned authentication template with gripping feature samples in each mode to perform authentication; and a locking section adapted to lock some or all of functions of the mobile information terminal when the authentication fails.

Abstract: According to one embodiment, an information processing apparatus includes an input to input a password, a biological authentication device including a storage unit for storing biological information and identification information, and an authentication controller. The authentication controller sets and holds identification information to be stored in the storage unit of the biological authentication device, and permits a password input using the input to be substituted by authentication using the biological authentication device when the identification information held by itself and the identification information stored in the storage unit of the biological authentication device match.

Abstract: An image forming apparatus extracts, from image data, authentication data by which a user is identified, sends the extracted authentication data to a control terminal that recognizes a function available to the user identified by the extracted authentication data, and then receives, from the control terminal, available-function data indicative of a result of the recognition. Then, the image forming apparatus chooses, in accordance with the available-function data thus received, a function that is available in the image forming apparatus. This enables the image forming apparatus to validate or invalidate each function in accordance with a user on the basis of the extracted authentication data.

Abstract: An electronic mobile device that includes a controller including at least one processor, for controlling operation of the mobile device, a display coupled to the controller, and a navigational input mechanism coupled to the controller and responsive to user manipulation thereof. The controller, in one input mode, moves a selection marker on a user interface screen on the display in response to user manipulation of the navigational input mechanism, and in a second input mode, authenticates a user of the device in dependence on a sequence of input events resulting from user manipulation of the navigational input mechanism matching a predetermined passcode sequence.

Abstract: A method of verifying a password and methods of encryption and decryption using a key generated from a one-time pad. In one embodiment, the method of verifying includes: (1) receiving a password attempt, (2) retrieving a pointer from memory, (3) searching a one-time pad based on the pointer to retrieve a password, (4) comparing the password attempt with the password and (5) generating a new pointer if the password attempt matches the password.

Abstract: A system and method is provided for determining a risk associated with a login transaction. A password received during the login attempt and determination is made regarding whether the received password is derived form user information. A risk is determined based on a determination that the received password is derived from the user information.