Abstract: Systems and methods for managing data exposure are provided and include a data protection device embedded or otherwise coupled to a computing device. The data protection device receives communications from the computing device and intended for a network resource over a secured connection between the data protection device and the computing device (e.g., a communications interface of the computing device). The data protection device identifies data privacy elements associated with the communication and generates corresponding modified data privacy elements. The data protection device establishes access to the network resource using the modified data privacy elements, thereby causing network hosts attempting to detect the data privacy elements to detect the modified data privacy elements instead.

Abstract: An Ethernet power supply receives a DC voltage through a bus positive terminal and a bus negative terminal, and is coupled to a load device. The Ethernet power supply includes a first control module and a second control module. The first control module provides a first control signal through the bus negative terminal to confirm whether the load device is a valid load. The second control module is used to connect or disconnect a coupling relationship between the bus positive terminal and the first control module according to whether the load device is connected to the Ethernet power supply.

Abstract: A modifier infrastructure that takes digital device behaviors and allows them to enact channel behaviors instead. This infrastructure preferably extends to address issues of channels connected to channels for controlling and managing identities, privileges, and the encryption and decryption of valuable information. Embodiments of the present invention provide methods for computer authentication—particularly for component authentication, human-component authentication, and/or network cryptography.

Abstract: An integrated circuit comprises a power input, digital logic circuitry, a plurality of charge stores, and obscuring circuitry. The charge stores are configured to receive power from the power input, are distributed through the digital logic circuitry and are capable of providing power to the digital logic circuitry. The obscuring circuitry is configured to obscure electromagnetic emissions associated with flow of current in current loops between the plurality of charge stores and the digital logic circuitry by switching between a plurality of different charge store activation patterns, wherein each charge store activation pattern describes a different selection of one or more of the plurality of charge stores providing power to the digital logic circuitry at a given time.

Abstract: A method of designing a memory system, which includes a semiconductor device and a power supply circuit supplying power to the semiconductor device via a board power distribution network, includes analyzing power characteristics of respective components of the power supply circuit by using a power characteristic model of the power supply circuit, and analyzing power characteristics of the memory system. The power characteristic model of the power supply circuit includes an encrypted model.

Abstract: A PHY constituted of: a clock arranged to generate a time signal indicative of the current time; and an egress stamp functionality arranged to: receive a data packet on the egress side, extract data from a predetermined section of the received data packet, and responsive to the extracted data, perform one of a plurality of predetermined timestamp operations, the plurality of predetermined timestamp operations comprising: generating a timestamp signal responsive to the generated time signal; not generating a timestamp signal; or modifying a timestamp written in the received data packet.

Abstract: A password power switch circuit for an electronic device includes a thermal energy conversion circuit and a programmable control chip. The thermal energy conversion circuit is used for generating a plurality of sensing temperatures. The programmable control chip is coupled to the thermal energy conversion circuit for storing a password and generating a power-on signal to a central processing device of the electronic device according to a plurality of locations corresponding to the plurality of sensing temperatures and a plurality of locations corresponding to the password. The central processing device determines at least one operation associated with the electronic device according to the power-on signal.

Abstract: A PoE system PSE, constituted of: a power source input; a classification functionality arranged to determine the class of a PD; a memory arranged to store thereon the determined class; a timing functionality arranged to output the length of a power interruption to the power source input; and a control circuitry; wherein, responsive to an indication of the timing functionality that the power interruption length is greater than a predetermined time value, the control circuitry is arranged to initiate the class determination of the classification functionality, and wherein, responsive to an indication of the timing functionality that the power interruption length is not greater than the predetermined time value, the control circuitry is arranged to: supply power from the power source input to the PD responsive to the stored determined class; and not initiate the class determination of the classification functionality prior to the power supplying.

Abstract: In an embodiment, an integrated circuit (IC) device for detecting fault attacks is disclosed. In the embodiment, the IC device includes a main CPU core, memory coupled to the main CPU core, and a co-processor core including a checksum generation module, the co-processor core coupled to the main CPU core, wherein the main CPU core is configured to direct the co-processor core to process data from the memory and the co-processor core is configured to process the data, in part, by feeding internal signals to the checksum generation module and wherein the co-processor core is further configured to return a checksum value generated by the checksum generation module to the main CPU core.

Abstract: A mechanism for protecting integrated circuits (IC) from security attacks includes an IC having components that may store one or more data items and may perform a number of functions and which produce resulting events. The IC may also include a security module that may modify signals and events provided to the components such that the resulting events are modified in a non-effectual way but that causes the events to be non-deterministic relative to an event that is external to the integrated circuit when the resulting events are viewed externally to the IC. This may result in obscuring the data, and the functions from being observed from external to the IC, particularly when using an IR laser probe.

Abstract: A method and system for collecting, aggregating, and displaying type specific content in an inbox like view are described. An inbox manager collects information about data objects that are stored locally and stored remotely. This information may be stored as inbox information on a local computing system. Using the inbox information, the inbox manager creates an inbox view of merged inbox items from the local data objects and the remote data objects. The inbox view is configured to display the inbox items as being merged into a single view regardless of where the respective data objects are stored.

Abstract: Aspects of the present invention monitor an electrical circuit in a power over Ethernet (“PoE”) installation to detect potential security breaches and implement a security response upon detecting the security event. The security event may be a disruption to the electrical circuit lasting more than a threshold duration (e.g., 250 ms, 0.5 second, 1 second). The disruption can be an open circuit caused by cutting or unplugging the Ethernet cable. In one aspect, the security response can be discontinuing further communications over the PoE connection.

Abstract: A system and method for managing energy of an electric vehicle are provided to calculate a necessary amount of energy based on battery characteristics and a user's schedule, and control charging and discharging of the electric vehicle using power information provided by a smart grid. The system includes a cloud server configured to collect a schedule from a user and store and generate the user's schedule information, an energy management device configured to calculate necessary energy based on the received schedule information of the user, set charging information based on power network state information received from a power supplier and the calculated necessary energy, generate a charging request signal based on the set charging information, and store electric energy, and a charging unit configured to transfer the electric energy to the energy management device based on the received charging request signal.

Abstract: As a user of a social networking system views a page that includes information provided by the system, certain types of social interactions are monitored. If an interaction monitored for is detected, at least one recommendation unit is identified to present to user on the page. The recommendation unit is identified based on a description of the interaction. The recommendation unit suggests that the user perform a social interaction in the social networking system. The recommendation unit is transmitted to a device of the user and is presented to the user on the page without having to reload the entire page.

Abstract: Secure code verification enforcement in a trusted computing device, including: examining, by a secure code validation module, a trusted computing device that is locked in a powered down state in response to an impermissible physical access of the trusted computing device; determining, by the secure code validation module, whether content of trusted memory in the trusted computing device has been altered; and responsive to determining that the content of trusted memory in the trusted computing device has not been altered, unlocking, by the secure code validation module, the trusted computing device such that the trusted computing device can be powered up.

Abstract: Systems and methods for marking electronic messages to indicate human origination are provided. According to one embodiment, an electronic message and information verifying the electronic message is human originated are received. Then, the fact that the electronic message is human originated is conveyed to one or more recipients of the electronic message by associating with the electronic message a human origination indication.

Abstract: Methods and systems of concealing access patterns to data storage, such as within servers of a cloud computing environment are presented. Server data storage is securely partitioned into smaller electronic data storage partitions of predetermined size. The client side maintains a shuffling buffer and position map for these blocks as stored on the electronic data storage partitions of the server. Concealment is performed with respect to accesses from the client to server using an oblivious sorting protocol. Access operation is concealed with each block being randomly assigned to any of the data storage partitions, and whenever a block is accessed, the block is logically removed from its current partition and logically assigned to a fresh random partition selected from all partitions, while the client maintains tracking of which partition each block is associated with at any point of time.

Abstract: A peer-to-peer (P2P) bot(s) in a network is identified using an already identified P2P bot. More specifically, such embodiments may facilitate determining a candidate set of computers, which may be potential P2P bots, by identifying computers in a network that have a private mutual contact with a seed bot, which is a computer identified as a P2P bot, and identifying additional computers that have private mutual contacts with the identified computers. Further, a confidence level indicative of a certainty of a membership of each of the candidate computers in the P2P botnet is determined and responsive to a determination that the confidence level of the candidate computer exceeds a determined threshold confidence level, the candidate computer is identified as a P2P bot.

Abstract: A method of a semiconductor integrated circuit comprising a logic circuit including n storage elements (n is a positive integer) which can each store 1-bit information and an attack detection circuit, the method including detecting, by an error determination circuit, through a logic operation that k-bit or less errors (k is a positive integer) have occurred in n-bit codes stored in the n storage elements, and detecting, by a light irradiation detection circuit which includes light detection elements, that light has been irradiated to (k+1) or more of the n storage elements. It is determined that the logic circuit has been attacked from outside when the error determination circuit detects an error or the light irradiation detection circuit detects light irradiation.

Abstract: The present invention is an electronic device and has a positioning module, a micro processing unit and an electronic device with a first storing device. The micro processing unit electrically connects with the positioning module and the first storing device. The electronic detects a position thereof via the positioning module and generates a positioning coordinate datum. The micro processing unit determines whether the electronic device is in a preset working area through the positioning coordinate datum. When the electronic device is not in the preset working area, the micro processing unit stops the electronic device from accessing the first storing device.

Abstract: A system architecture allows for the transmission of multiple HDCP encrypted audio/video streams over a single unified cable to multiple receivers using a daisy chain topology. Each individual audio/video stream is first encrypted and then combined into a uniform stream, and the uniform stream is transmitted to each of the receivers. Each receiver contains a decryption engine that operates independently of the engines in the other receivers, therefore allowing each receiver to select to a unique channel and decrypt and display one of the audio/video streams.

Abstract: An approach is provided for remotely configuring a mobile device designated as missing. A request to remotely configure the mobile device is received. In response to the request, at least one setting parameter specifying at least one action to be performed by the mobile device is retrieved. A control message specifying the at least one setting parameter is generated. It is determined whether the mobile device is network inaccessible. The control message is queued for transmission over a data channel to the mobile device when the mobile device is determined to be network inaccessible.

Abstract: In a wired data telecommunication network power sourcing equipment (PSE) coupled to a powered device (PD) carries out an inline power discovery process to verify that the PD is adapted to receive inline power, then a plurality of classification cycles are carried out to convey a series of inline power classes back to the PSE. The series of inline power classes may all be the same, in which case the PD is legacy equipment and is adapted to receive the power level corresponding to that class. If they are not all the same, information is thus conveyed to the PSE which may, for example, correspond to a specific power level to be applied or to other information.

Abstract: Accessory device authentication techniques are described. In one or more embodiments, connection of an accessory device to a host computing device is detected. Responsive to the detection, an authentication sequence may occur to verify an identity and/or capabilities of the accessory device. Upon successful authentication of the accessory device, the host device may authorize the accessory device for power exchange interactions with the host device. The host device may then draw supplemental power from a power source associated with the authorized accessory device, such as a battery or power adapter. The host device may also enable the accessory device to obtain and use power supplied by the host device in some scenarios. Power exchange between a host device and an authorized accessory may be managed in accordance with capabilities of the accessory device that are identified during authentication.

Abstract: The present disclosure relates to a method and system for securing a performance state change of one or more processors. A disclosed method includes intercepting a request for a change of a performance state of the processor and determining whether to execute the request based on a security condition of the processor. The performance state of the processor includes at least one of an operating voltage and an operating frequency. A disclosed system includes an operating system module operative to transmit a request for a performance state change of at least one processing core. The system includes performance state control logic in communication with the operating system module and operative to receive the request and to change the performance state of the at least one processing core based on the request.

Abstract: A key for entering computer related passwords via a mnemonic combination includes an electronic key with a communication means, a computer program, a storage unit, and a user interface. The communication means is for communicating with a computer device where the computer device recognizing the electronic key as a human input device. The computer program is for creating a password and a mnemonic combination associated with the password. The storage unit is for storing the password and the mnemonic combination association with the password. The user interface is for allowing a user to enter the mnemonic combination into the electronic key. Wherein, when the user enters the mnemonic combination into the user interface, the electronic key communicating the password associated with the mnemonic combination to the computer device as a human input device.

Abstract: A computer-implemented method for mitigating mobile device loss may include (1) identifying historical data specifying a plurality of past locations of a mobile computing device, (2) identifying a current location of the mobile computing device, (3) determining that the current location deviates from an expected location based on the historical data, and (4) performing a security measure on the mobile computing device in response to determining that the current location deviates from the expected location. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A shut-off circuit interrupts the flow of power to the system circuit of a portable device, when liquids are detected within the portable device. Liquid sensors are placed proximate to the ports of the portable device. The ports may admit the flow of liquids, so the liquid sensors may detect the passage of liquids into the portable device. If the liquid sensors detect liquids entering the portable device, a shut-off circuit interrupts the flow of power from the battery to the system circuit.

Abstract: Systems and method for implementing an encryption technique by combining matrix mathematics, audio frequencies, and symmetric key. Data encryption/decryption may be performed using symmetric key based implementations, with the encryption keys being derived from unique sequences of frequencies (e.g., either in written or audible form). In this regard, the encryption key may be derived from a reference signal, which may comprise a plurality of different frequencies, and the generating of the encryption key is based on assigning values to the plurality of different frequencies and/or to one or more attributes associated with the reference signal or elements (e.g., particular portions, such as notes or frequencies) thereof. The data may then be encrypted based on the generated encryption key, wherein the encrypting of the data comprises encrypting plaintext values.

Abstract: In one embodiment, a system for secure application hosting is provided. The system includes a memory, a first processor coupled to the memory, a second processor coupled to the first processor via a bus, and a data storage device and a network interface coupled to the second processor. The second processor is configured to perform cryptographic processing to provide an encrypted domain, in which the network interface and data storage device operate, and an unencrypted domain, in which the processor and memory operate.

Abstract: Various embodiments described and illustrated here include one or more of systems, methods, software, and data structures that may be used to implement policies for hardware access and monitoring control in concert with a premises security system that controls ingress and egress of a facility. One embodiment includes identifying when certain devices are removed or decoupled from a computer and preventing one or more users of that computer from leaving a facility within which the computer is located.

Abstract: According to one embodiment, a cryptographic processing apparatus is provided with first to fifth units. The first unit mask-converts input data from first temporary mask into first fixed mask (an invariable value in a first linear operation). In an encryption, the third unit performs a nonlinear operation on the mask-converted data and outputs a first result masked with second fixed mask data (an invariable value in a second linear operation). The fourth unit performs the second linear operation and outputs a encryption result masked with second fixed mask data. In a decryption, the second unit performs the first linear operation on the mask-converted data and outputs a second result masked with the first fixed mask. The third unit performs the nonlinear operation and outputs a decryption result masked with the second fixed mask. In encryption/decryptions, the fifth unit converts the mask of the encryption/decryption results into second temporary mask.

Abstract: Various embodiments of devices and associated methods are described herein for authenticating electrical devices. In one aspect, an electrical device is provided comprising an interface configured to receive and transmit signals; a power line coupled to the interface and configured to provide a power signal thereto; and an authentication circuit coupled to the interface and the power line. The authentication circuit is configured to disable the power signal on the power line for a specified time period in response to an authentication request signal received at the interface and to provide an authentication response signal on the power line to represent the disabling of the power signal.

Abstract: An apparatus is provided that comprises a test circuit; a first receiver unit arranged to receive test commands and to provide the test commands to the test circuit; a power supply unit arranged to supply power to the test circuit and to the first receiver unit; a second receiver unit arranged to receive power commands. The second receiver is arranged to control the operation of the power supply unit in response to the power commands received by the second receiver unit.

Abstract: Systems and methods are disclosed for enhancing anti-terrorism public safety measures, by more securely determining whether explosives or other contraband have been inserted into notebook computer batteries or other large, replaceable subsystems of electronic devices. Because notebook computers typically require large, heavy batteries, they present attractive containers for smugglers and terrorists attempting to bring explosives onto an airplane. The disclosed security testing system provides more reliable results than many current tests, and does not require that the device under test be powered on. The systems and methods disclosed use out-of-band authentication for added security.

Abstract: According to one embodiment, a communication device includes a detector, a power controller and an authentication module. The detector is configured to detect connection of a source device. The authentication module is configured to perform authentication of the source device based on authentication data. The power controller is configured to continue supplying power to the source device when the authentication of the source device is successfully completed.

Abstract: The present invention provides a remote control method and system for a smart card. The remote control method for a smart card includes the following steps: a smart card management platform receives a request for destruction of a smart card from a user (S101); the smart card management platform carries out short message interactive processing with a terminal via a mobile network platform according to the request to make the terminal destruct the smart card (S103).

Abstract: Whether a combination method defined in an output rule satisfies a combination condition of each content specified in a play list is judged in order of priority defined in a priority list. Based on the judgment result, the output rule is edited in such a manner that the combination condition of each content specified in the play list is satisfied. The resources of the combination target contents specified in the play list are combined in accordance with the combination method of the edited output rule.

Abstract: The present disclosure provides a method and system for remote control of a smart card. The method comprises that: a smart card management platform receives a request of locking or unlocking a smart card from a subscriber; and the smart card management platform performs interactive processing with a terminal side according to the request via a mobile network platform, so as to enable the terminal side to perform the locking or unlocking of the smart card. The present disclosure enables the payment subscriber to avoid loss when the terminal is robbed, lost, stolen, or is illegally used seriously, and provide a higher flexibility to the payment system.

Abstract: According to an embodiment, a first linear transformation unit performs a linear transformation from mask data to first mask data. A second linear transformation unit performs a linear transformation from mask data to second mask data. A first calculator calculates first data based upon data to be processed and the first mask data. A selecting unit selects the first data or the second mask data. A non-linear transformation unit performs a non-linear transformation on the selected first data or second mask data. A second calculator calculates second data based upon the first data after the non-linear transformation and the mask data. A third linear transformation unit performs a linear transformation on the second data. The second data after the linear transformation by the third linear transformation unit is retained as new data to be processed, and the second mask data after the non-linear transformation is retained as new mask data.

Abstract: The disclosure discloses a method and a system for remote control of a smart card; the method comprises: receiving, by a smart card management platform, a request for performing a LOCKING/UNLOCKING operation for a smart card from a user (S101); and the smart card management platform performs a short message interaction with a terminal side through a mobile network platform based on the request, so as to make the terminal side perform the LOCKING/UNLOCKING operation for the smart card (S103). By means of the disclosure, the effects are achieved that the user can apply to a smart card supervision department for locking/unlocking the smart card and a terminal through a short message and disabling or enabling the smart card, when the smart card and the terminal in which the smart card is located are robbed, lost, stolen and has a serious illegal behavior, so as to protect the security of the user and the smart card relevant department to the greatest extent and provide a better flexibility for a payment system.

Abstract: Systems and methods are disclosed for preventing tampering of a programmable integrated circuit device. Generally, programmable devices, such as FPGAs, have two stages of operation; a configuration stage and a user mode stage. To prevent tampering and/or reverse engineering of a programmable device, various anti-tampering techniques may be employed during either stage of operation to disable the device and/or erase sensitive information stored on the device once tampering is suspected. One type of tampering involves bombarding the device with a number of false configuration attempts in order to decipher encrypted data. By utilizing a dirty bit and a sticky error counter, the device can keep track of the number of failed configuration attempts that have occurred and initiate anti-tampering operations when tampering is suspected while the device is still in the configuration stage of operation.

Abstract: Accessory device authentication techniques are described. In one or more embodiments, connection of an accessory device to a host computing device is detected. Responsive to the detection, an authentication sequence may occur to verify an identity and/or capabilities of the accessory device. Upon successful authentication of the accessory device, the host device may authorize the accessory device for power exchange interactions with the host device. The host device may then draw supplemental power from a power source associated with the authorized accessory device, such as a battery or power adapter. The host device may also enable the accessory device to obtain and use power supplied by the host device in some scenarios. Power exchange between a host device and an authorized accessory may be managed in accordance with capabilities of the accessory device that are identified during authentication.

Abstract: The present application discloses a method and system for remote control of a smart card. The method includes: a smart card management platform receives a request to destroy the smart card from a subscriber (S101); according to the request, the smart card management platform performs interactive processing with a terminal side via a mobile network platform to make the terminal side destroy the smart card (S103). The present application enables the subscriber to avoid loss when the terminal is robbed, lost, stolen, or is illegally used seriously, and provide a higher flexibility to the payment system.

Abstract: Systems and methods are disclosed for enhancing anti-terrorism public safety measures, by more securely determining whether explosives or other contraband have been inserted into notebook computer batteries or other large, replaceable subsystems of electronic devices. Because notebook computers typically require large, heavy batteries, they present attractive containers for smugglers and terrorists attempting to bring explosives onto an airplane. The disclosed security testing system provides more reliable results than many current tests, and does not require that the device under test be powered on. The systems and methods disclosed use out-of-band authentication for added security.

Abstract: A method and device include a power pin, a ground pin, and a communications pin. A communications module receives power from the power pin and utilizes an edge counting communication protocol over the communication pin.

Abstract: A portable computer and a charging method thereof are provided. The portable computer includes a charge integrated circuit (IC), a basic input/output system (BIOS) and embedded controller (EC), a south bridge chip, a north bridge chip and a central processing unit (CPU). After the portable computer is connected to a battery, the BIOS and EC controls the south bridge chip to read a sealed security bit of the battery and checks whether the sealed security bit equals a default value. The BIOS and EC controls the south bridge chip to read a battery data of the battery if the sealed security bit equals default value. The BIOS and EC controls the charge IC via the south bridge chip to charge the battery according to the battery data. The CPU controls the south bridge chip and the north bridge chip.

Abstract: A method of masking a cryptographic operation using a secret value, comprising the steps of dividing the secret value into a plurality of parts; combining with each part a random value to derive a new part such that the new parts when combined are equivalent to the original secret value; and utilizing each of the individual parts in the operation.

Abstract: A method of masking a cryptographic operation using a secret value, comprising the steps of dividing the secret value into a plurality of parts; combining with each part a random value to derive a new part such that the new parts when combined are equivalent to the original secret value; and utilizing each of the individual parts in the operation.

Abstract: In electronic equipment device 1, a limitation level on reading an access level to selectively control the ability to read data from a USB flash drive (storage device) 2 is set to a setting section by an access level setting unit 3 in advance. The USB flash drive 2 ascertains the setting at the setting section 3 access level when the USB flash drive is connected to the electronic equipment 1 and limits reading data based on the determined setting device. If the limitation access level does not match with the condition for permitting data read-out as determined in USB flash drive 2 permit the reading of data, the USB flash drive 2 prohibits the electronic equipment 1 device from reading out data from a memory 24 of the USB flash drive by removing an application of power from the external device to the memory. By executing the processing for limiting data read-out at the side of the USB flash drive 2, unauthorized leakage of data can easily be prevented.