Abstract: A Stateful Reference Monitor can be loaded into an existing commercial operating system, and then can regulate access to many different types of resources. The reference monitor maintains an updateable storage area whose contents can be used to affect access decisions, and access decisions can be based on arbitrary properties of the request.

Abstract: In accordance with an example embodiment of the present invention, a method comprising: receiving at least one request for generating a challenge from at least one device; generating the challenge with at least two components; transmitting component of the challenge to the at least one device; causing presentation of at least part of the challenge to at least two users; causing communication between said at least two users; and receiving at least two responses to the challenge from the at least one device. Related apparatus and computer program product are also described.

Abstract: A method for wave gesture detection performed by a touch processor in an optical touch detection system is provided. The method includes receiving a sequence of images of an illuminated surface comprised in the optical touch detection system, wherein the images are captured by a camera comprised in the optical touch detection system, detecting a wave gesture performed in front of the illuminated surface by analyzing the sequence of images, and outputting an indication that a wave gesture has been detected.

Abstract: A protection device controlling an external device is provided having a mode detector, security data, a data detector, and a controller. The external device operates with operation modes that include a user mode that is used when the external device is operated by a user, and a manufacturer mode that is used when the external device is operated by someone other than the user. The mode detector detects an operation mode of the external device. The security data is input to the protection device. The data detector detects input of the security data. The controller restricts certain functions of the external device when the data detector does not detect input of the security data while the external device is in the manufacturer mode.

Abstract: A security protocol for use by computing devices communicating over an unsecured network is described. The security protocol makes use of secure data provided to a peripheral memory device from a server via a secure connection. When the peripheral memory device is coupled to a computing device that attempts to establish a secure connection to the server, the secure data is used to verify that the server is authentic. Similarly, the secure data assists the server in verifying that the request to access the server is not being made by a malicious third party.

Abstract: A GNSS/IMU safety sensor platform is disclosed consisting of data fusion Processors, GNSS Acquisition and Tracking Processors, MEMS IMU sensors, one or multiple accelerometers able to provide orientation information, optional V2V communication modules, and optional V2I communication modules. The data fusion processors provide interface ports to GNSS/IMU processors, odometers, video (Visual/Infrared) cameras installed in the vehicle, V2V relative positioning sensors (laser, radar or any other distance measuring), and V2V and V2I communication modules. The data fusion processors are interfaced to a driver warning system and optionally to the vehicle controls for providing safety warning messages to drivers, or for automatic control of the vehicle for preventing and reducing accidents.

Abstract: An information processing apparatus includes a sensor unit that, in accordance with an image captured at a first distance from the information processing apparatus, senses a presence of a person within a second distance set to be closer to the information processing apparatus than the first distance, and a shifting unit that sets the information processing apparatus to a first mode when the presence of the person is sensed by the sensor unit, and shifts the information processing apparatus from the first mode to a second mode that consumes power less than in the first mode when the presence of the person is no longer sensed within the second distance by the sensor unit.

Abstract: The present application relates to performing operations on a computing device having a restricted mode of operation and an unrestricted mode of operation. A first input sequence comprising a correct authentication code and a command code is obtained while in the restricted mode of operation. The device executes one or more special operations associated with the command code while the device remains in the restricted mode of operation. The device transitions to the unrestricted mode of operation upon obtaining a second input sequence comprising a correct authentication code, and in the unrestricted mode of operation the device may execute one or more regular operations.

Abstract: Methods, systems, and products authenticate users for access to devices, applications, and services. Skills of a user are learned over time, such that an electronic model of random subject matter may be generated. The user is prompted to interpret the random subject matter, such as with a drawing, physical arrangement, or performance. The user's interpretation is then compared to the electronic model of the random subject matter. If the user is truly who they purport to be, their interpretation will match the electronic model, thus authenticating the user. If interpretation fails to match the electronic model, authentication may be denied.

Abstract: A controller for a communications device having a memory storing data specifying user instructions; and a communications controller arranged for receiving a request of a preformed format for the data from a second device and in response to the request transmitting the data to the second device. The user instructions are arranged for use by a user on the first device to authenticate the second device with the first device.

Abstract: A printing system includes at least one image forming apparatus and a management apparatus, each of the image forming apparatus and the management apparatus connected to an information system. The management system includes a receiving unit, an association relationship registration unit, and a user setting unit. The image forming apparatus includes a print data retrieval unit, a converter unit, and a control unit.

Abstract: Systems and methods for creating and analyzing computer tag information for the prevention or detection of potential fraud. Computers and other devices accessing the Web carry device tags with date and time information describing when they were issued by a security tag server. A server time stamp may be inserted into time based computer tags such as a cookies indicating when they were created. Such time stamp information can be encrypted and analyzed during future attempts to access a secure network such as a customer attempting to log into an online banking account. When the time stamp information from the tag is compared to other selected information about the user, device and/or account, including but not limited to last account log-in date/time or account creation date, the invention may be used to detect suspicious activity.

Abstract: A system for automatic setting of system security comprises an input interface and a processor. The input interface is configured to receive an indication to set a secure mode. The processor is configured to: determine whether the indication to set the secure mode comprises an indication to set a certificate mode; in the event that the indication to set the secure mode comprises an indication to set a certificate mode: 1) detect one or more connected systems for which to set the certificate mode; 2) select one or more certificates for the certificate mode; 3) update initialization files for the certificate mode; and 4) reinitialize local and one or more connected systems.

Abstract: A touch input electronic device, an unlocking system and method are provided. An unlocking interface is displayed on a touch screen of the touch input electronic device. The interface can include a slidable unlocking icon and a number of icons. Each icon displays a content item. Each time when a user slides the unlocking icon to one of the icon, the content item in the icon is determined, and an arrangement of the icons is changed. After the user input is finished, an unlock password is determined according to an input sequence of the content items. The touch screen is unlocked when the unlock password matches a per-stored password.

Abstract: Various embodiments of the invention may be used to verify that a person being authorized by biometric techniques to use a device is a living person and not some form of recording intended to spoof the system. Some embodiments may try to cause a change in a measured biometric feature, and compare images taken before and after the change to verify the change occurred. In some embodiments, multiple stages of verification may be used, either to increase the difficulty of spoofing the security system, or to provide different levels of security for different levels of access to the device's functionality.

Abstract: An input device includes a display section, an input section, and an authentication section. The display section has a display area and displays a plurality of symbols in respective first regions of the display area. The input section receives an input indicating which of the plurality of symbols displayed on the display section is selected by a user by specifying a position in the display area. The authentication section authenticates the user based a result received by the input section. The input section receives an input indicating which of the plurality of symbols is selected, by receiving an input indicating which of a plurality of second regions allocated to each first region is selected. The authentication section authenticates the user based on the first region corresponding to the selected symbol from among the plurality of first regions and the second region selected from among the plurality of second regions.

Abstract: A display device is disclosed. The display device comprising: a display unit; a sensor unit; a storage unit; and a processor configured to: provide feedback for indicating a security on state of selected first information when selection input for selecting the first information in the security on state is detected, when a security off input for clearing security is detected in response to the feedback, obtain the fingerprint using the display unit, and convert the first information in the security on state into a security off state when the obtained fingerprint is matched with a pre-stored fingerprint, when a security maintenance input for maintaining security is detected in response to the feedback, maintain the security on state of the first information.

Abstract: Systems and methods for notifying a user of a user entry that matches security information and for hiding display of a user entry that matches security information are disclosed. According to an aspect, a method includes receiving user text input. The method also includes determining whether the user text input matches a predetermined portion of security information. Further, the method includes presenting notification of the match via a user interface in response to determining that the user text input matches the predetermined portion of the security information.

Abstract: In a method of unlocking an electronic device using an iris key, the iris key transmits an iris signal of a current user to the electronic device. The electronic device reads one or more pre-stored iris signal templates, and compares the received iris signal with the one or more iris signal templates. When the received iris signal matches with one of the one or more iris signal templates, the electronic device can be unlocked.

Abstract: A projector can be connected in cascade to another projector. Either a first mode for the projector to operate as a leading projector in the cascade connection or a second mode for the projector to operate as a second or subsequent projector in the cascade connection is set. The projector is made available for use based on success of authentication by an authentication unit or on reception of use permission information of the projector by a receiving unit.

Abstract: Certain embodiments herein relate to authenticating access to an operating system by a user before the operating system is booted. Such authentication may be performed by processing information received from a wireless communication token via Near Field Communication (NFC), in one embodiment. The received information may be processed to determine credentials for accessing the operating system, which if validated, may be sent to a Basic Input Output System (BIOS) which may boot the operating system in response. The BIOS may also perform various other functions if authentication is successful, such as decrypting a hard disk on which an operating system is installed before booting the operating system. According to this configuration, a decryption key may be received from the wireless communication token and subsequently sent to the BIOS to enable the decryption and subsequent booting of the operating system.

Abstract: System and method for high security biometric access control, according to the invention, enable high security access control to single instance or network resources, using biometric data, smart card technology and public key infrastructure or other symmetric/asymmetric encryption/decryption methodology.

Abstract: This invention is directed to an electronic device with an embedded authentication system for restricting access to device resources. The authentication system may include one or more sensors operative to detect biometric information of a user. The sensors may be positioned in the device such that the sensors may detect appropriate biometric information as the user operates the device, without requiring the user to perform a step for providing the biometric information (e.g., embedding a fingerprint sensor in an input mechanism instead of providing a fingerprint sensor in a separate part of the device housing). In some embodiments, the authentication system may be operative to detect a visual or temporal pattern of inputs to authenticate a user. In response to authenticating, a user may access restricted files, applications (e.g., applications purchased by the user), or settings (e.g., application settings such as contacts or saved game profile).

Abstract: A content data reproducing method includes: decrypting encrypted data to generate plain-text data; dividing the plain-text data into decrypted content data and reproduction management information; sending the reproduction management information to a user space; storing the decrypted content data in a secret buffer; obtaining the decrypted content data as reproduction target data from the secret buffer and transmitting the reproduction target data to a decoder; and decoding the reproduction target data by the decoder.

Abstract: Provided are method and apparatus for authenticating a password of a user terminal. The method includes: pre-setting, by a user, a password and an identification image for identifying the password; moving a keypad window or an image window realized on a screen of the user terminal according to an action of the user; determining, when a plurality of images included in the image window and a plurality of keys included in the keypad window sequentially overlap with each other, whether a plurality of keys and the identification image corresponding to the password sequentially overlap; and authenticating the password when the plurality of keys and the identification image corresponding to the password sequentially overlap. Accordingly, password information may be protected from a third person observation as the user inputs a pre-set password in an indirect method without having to directly input the pre-set password through an authentication interface.

Abstract: A method and computer program product for managing and controlling direct access of an administrator to a computer system. At least one computer program on the computer system receives from the administrator a request for the direct access to the managed computer system directly from the system console and requests a service management system to search open tickets. In response to that the open tickets are found, the at least one computer program requests the administrator to choose at least one ticket from the open tickets and grants the administrator the direct access to the computer system in response to determining that the at least one ticket is valid.

Abstract: In one exemplary embodiment, a computer-implemented method includes the step of providing an image to a user. The image is provided with a computer display. An eye-tracking data is obtained from the user when the user views the image. The eye-tracking data is obtained with an eye-tracking system. A user attribute is determined based on the eye-tracking data. The user is enabled to access a digital resource when the user attribute is associated with a permission to access the digital resource. The user attribute can be a personhood state. The digital resource can be a web page document. An instruction can be provided to the user regarding a pattern of viewing the image. The pattern of viewing the image can include instructing the user to gaze on a specified sequence of image elements.

Abstract: Aspects of the subject disclosure are directed towards providing feedback to users of multi-user system that has biometric recognition capabilities, so that a user knows whether the system has correctly associated the user with his or her identity. The feedback may include a display of a current camera view, along with visible identity information that is associated with each user in the view. The feedback may include per-user icons (e.g., tiles, thumbnail images and so on) by which a user visually confirms that he or she is correctly recognized. Any misrecognition may be detected via the feedback and corrected. Feedback may convey other information, such as the current interaction state/capabilities of a user.

Abstract: Context captured with sensors of an information handling system is applied to selectively lock access to currently unlocked information, with conditions for locking access based upon the context. Nervous states enforce locking of selected information based upon the confidence of the security of the information under sensed external conditions. Increased sensitivity for locking access includes reduced timeouts to a lock command, increased response to sensed conditions, and more rapid response where unlocked access is to sensitive information.

Abstract: A mobile information terminal including a gripping-feature sample acquisition unit to acquire a gripping-feature sample, one or more environmental sensors outputting an environmental signal, a terminal status detector to acquire the environmental signal and detect a terminal status, a template selection unit to select a user authentication template fitting the detected terminal status, a user authentication unit collating the acquired gripping-feature sample with the selected user authentication template and outputting a user authentication result, a user authenticity level monitor that outputs a sensor power source OFF signal when the user authenticity level exceeds a threshold value and outputs a sensor power source ON signal when the user authenticity level falls below the threshold value, and a power source control unit halting energization to a sensor when acquiring the sensor power source OFF signal, and energizing a sensor when acquiring the sensor power source ON signal.

Abstract: A system and method for providing or exchanging healthcare information (e.g., medical information) to authorized users in a secure manner. The method is implemented in a computer infrastructure having computer executable code tangibly embodied on a computer readable storage medium having programming instructions operable to: assign identification information to a plurality of users and a plurality of items; associate the identification information of a user of the plurality of users with one or more items of the plurality of items; set-up security policies including predetermined locations, within predetermined stages within a sequence and during predetermined times; and provide the user access to the one or more items when there is a matching between the identification information of the user and the one or more items, and all of the security policies associated with the user and the one or more of the plurality of items are met.

Abstract: A user can define a gesture-based input mode with respective input value to establish an authentication protocol to unlock a computer or govern other computer behavior. As an alternative or in addition, the user can define a second input mode based on face recognition plus IR sensing satisfying a threshold to ensure a live person is being imaged for authentication, and/or face recognition plus a particular facial expression such as a smile and wink.

Abstract: A system and machine-implemented method for matching input gestures on a touch interface to a security pattern to allow user access to an electronic device or account. The security pattern may correspond to a combination of linear and non-linear input gestures relating to directional changes of the input gestures. A determination of the security pattern may be based on the end motion and speed of each input gesture.

Abstract: An authentication management system for managing use of a processing apparatus includes an authentication management apparatus including a position storing unit to store position information of the processing apparatus; a receiving unit to receive user information that identifies a portable terminal to be used for authenticating when a user requests the processing apparatus via a requester to perform a target process; a determination unit to determine whether distance between the portable terminal and the processing apparatus satisfies a proximity determination condition between the portable terminal and the processing apparatus, the distance being obtained based on position information of the portable terminal received from the portable terminal, and the position information of the processing apparatus; and an authentication unit to conduct authentication processing based on user information received from the requester, and the user information received from the portable terminal when the distance satisfies

Abstract: An embodiment of the present invention discloses a method for unlocking a terminal device, where a first unlocking password, a second unlocking password, a first unlocking interface, and a second unlocking interface are set on the terminal device. The method includes: acquiring information that triggers displaying of an unlocking interface; displaying the second unlocking interface when the information is acquired and if a status of the terminal device meets a preset condition; receiving information that is input by a user on the second unlocking interface; and determining whether the input information matches the second unlocking password, and if a result of the determining is yes, unlocking the terminal device; where complexity of the second unlocking password is lower than complexity of the first unlocking password. Correspondingly, an embodiment of the present invention further discloses a terminal device. Thus, user experience can be enhanced when robustness of password protection is ensured.

Abstract: An image processing apparatus performs specific processing on images read out of a document having pages as follows. Each of the pages is a member assigned to at least any one of groups. The apparatus determines a second security level of each group based on a first security level of each page of the corresponding group; before the specific processing on the N-th group, determines whether or not password entry is necessary based on the second security level of the N-th group and any of the second security levels of the first group through the (N?1)-th group; and performs the specific processing on the N-th group if it is determined that password entry is unnecessary for the N-th group, or, alternatively, if it is determined that password entry is necessary for the N-th group and if a password is appropriately entered.

Abstract: An authenticating system includes an authenticating device, a background display device, a sensing device, and an authentication pattern checking device. The authenticating device displays a first display pattern on a transparent display panel including a transmissivity pattern. The transmissivity pattern includes a plurality of regions with different transmissivities. The background display device displays a second display pattern on a display panel to overlap the transparent display panel. The sensing device generates a sensing pattern by sensing an authentication pattern generated based on the transmissivity pattern, the first display pattern, and the second display pattern. The authentication pattern checking device performs authentication by checking whether the sensing pattern is consistent with an authentication reference pattern.

Abstract: The invention relates to a method for entering data, data to be entered comprising at least one digit. A first device comprises at least one touch sensitive interface. The touch sensitive interface is sensitive to at least one touch. According to the invention, at least one digit being associated with no touch or a count of at least one touch, the method comprises the following steps. The first device detects, in a predetermined time period, a count of at least one touch that is or is not present at once or several times. The first or a second device determines the digit associated with no detected touch or a detected count of at least one touch, the second device being connected to the first device. The invention also relates to corresponding device and system.

Abstract: A method for performing authentication in a portable electronic device is provided. The method includes identifying whether a peripheral electronic device is located within a certain distance from the portable electronic device, receiving biometrics information from the peripheral electronic device when the peripheral electronic device is located within the certain distance from the portable electronic device, identifying whether the biometrics information received from the peripheral electronic device is identical to biometrics information stored in the portable electronic device, and releasing security set to the portable electronic device when the biometrics information received from the peripheral electronic device is identical to the biometrics information stored in the portable electronic device.

Abstract: A method of and an apparatus for verifying authenticity of a target authentication device comprising a reference pattern having a characteristic frequency and a security pattern, the security pattern comprises an embedded security device that is coded with phase modulation information. The method comprises extracting frequency domain data from an image of the target authentication device to facilitate verification of authenticity of the target authentication device. The method provides a very effective end expedient mechanism for verifying authenticity of a moiré or moiré like authentication device to combat counterfeiting.

Abstract: A system and method for electronic stamping are disclosed. Personal fingerprint pre-stored is used to verify the fingerprint information collected, the document data and the fingerprint information is signed with a private key to get a first signature result, the user's public key and the pre-stored fingerprint information is then signed with a private key of a stamp producer to get a second signature result, the first signature result, the collected fingerprint information and the second signature result are combined to form electronic fingerprint stamp data.

Abstract: An information processing device having a lock function for restricting user operations and a mechanism executed by this information processing device are provided in which the information processing device includes: an input unit for receiving a first password and a specified location from a user; a mode setting unit for switching to a restricted mode restricting at least some of the functions of the information processing device in response to receiving the first password and location; and a releasing unit for releasing the restricted mode on condition that the information processing device has reached the specified location.

Abstract: Disclosed herein are a method and electronic device for enhancing security authentication. An execution mode may be changed from a non-trusted execution mode to a trusted execution mode. At least one input may be authenticated while in the non-trusted execution mode.

Abstract: Methods of configuring a different authority for a plurality of users to use at least one application in an electronic device. User inputs are received to set passwords for respective user levels, where each user level is associated with a different authority to access applications. The passwords are registered for the respective user levels. At least one application is associated with one of the user levels.

Abstract: An authentication method using a password of an electronic device is provided. The method includes receiving a password. The method also includes determining whether the received password coincides with a password stored in advance. The method further includes determining whether an input condition at the time of password input coincides with a password input condition stored in advance when the received password coincides with the password stored in advance. The method includes executing a function when the input condition at the time of password input coincides with the password input condition stored in advance.

Abstract: A method of verifying an input biometric identifier against a reference biometric identifier is disclosed in this specification. The method comprises evaluating the input biometric identifier relative to a group (the ‘cohort’) to improve verification accuracy. Up to three matching scores are used to determine a verification probability for the input biometric identifier. The three matching scores measure the similarity of the input biometric identifier to the biometric identifiers of the cohort, the similarity of the reference biometric identifier to the biometric identifiers of the cohort and the similarity of the input biometric identifier to the reference biometric identifier.

Abstract: A computing system such as a game console maintains and updates a biometric profile of a user. In one aspect, biometric data of the user is continuously obtained from a sensor such as an infrared and visible light camera, and used to update the biometric profile using a machine learning process. In another aspect, a user is prompted to confirm his or her identify when multiple users are detected at the same time and/or when the user is detected with a confidence level which is below a threshold. A real-time image of the user being identified can be displayed on a user interface with user images associated with one or more accounts. In another aspect, the biometric profile is managed by a shell on the computing system, where the shell makes the biometric profile available to any of a number of applications on the computing system.

Abstract: Aspects of this disclosure are directed to outputting, for display at a presence-sensitive display, a first set of two or more selectable objects in a first arrangement of locations, the computing device operating in a first instance of a limited access state. At least one of the selectable objects includes an element of a predetermined passcode. The computing device may receive an indication of a first gesture to select one of the selectable objects and an indication of a second gesture to designate the selected object as an element of a candidate passcode. The computing device may transition to an access state based at least in part on a comparison between the candidate passcode and the predetermined passcode. The computing device may transition to a second instance of the limited access state, and may output a second set of two or more selectable objects in a second, different arrangement.

Abstract: A first device establishes a connection with a second device and attempts access, via the connection to an enterprise server of an enterprise. The first device may have a number of security perimeters, ones of which are allowed to use various communications proxies provided by the second device. If the first device and the second device are associated with a same common enterprise, an enterprise perimeter of the first device may be enabled to access the enterprise using an enterprise proxy of the second device.

Abstract: A Virtual Single Account (VSA) system and method that provides a mobile user with automatic authentication and connection to a remote network via local access networks with a single password, where the local access networks may be independent of the remote network. A mobile user has a single authentication credential for one VSA that is utilized by a VSA client installed on a mobile computing device. The VSA client provides for automatically authenticating and connecting the user's mobile device to a current local access network, and the target remote network such as the user's office network. All authentication credentials are encrypted using a key generated from the user's VSA password that is generated from the user's single password. The VSA client derives the key from the submitted VSA password and decrypts all authentication credentials that are required in order to connect the mobile device to the current local access network and thereafter to the office network.