Entries |
Document | Title | Date |
20080216169 | SETTING APPARATUS, SETTING METHOD, PROGRAM, AND RECORDING MEDIUM - A setting apparatus sets any of authorization for and prohibition of access to data with a hierarchical structure. The setting apparatus includes: an object selection unit for selecting at least one object from a plurality of objects constituting the hierarchical structure; a pattern selection unit for selecting at least one pattern from a plurality of patterns, each of which determines a relative position in the hierarchical structure to the object selected by the object selection unit; and an access control policy setting unit for setting any of authorization for and prohibition of access to the object selected by the object selection unit and each of objects at the relative position to the selected object, which relative position is determined by the pattern selected by the pattern selection unit. | 09-04-2008 |
20080229406 | Method and apparatus for exclusively controlling a device in a home network - A method and apparatus exclusively control a device in a home network. A control point requests exclusive control authority from the device. In response to the request the control point receives an identifier (RID) used to successfully authenticate the exclusive control authority. The control point then acquires the exclusive control authority and controls the device. Accordingly, it is possible to prevent other control points from interfering with the device so as not to perform an operation which is not desirable for the control point that acquires the exclusive control authority over the device. | 09-18-2008 |
20080244729 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD AND COMPUTER READABLE MEDIUM - An information processing apparatus includes a communication section, a control section, an operating section, a storage section. The control section sends identification information of a first user to an external apparatus connected through the communication section. The operating section allows the first user to request at least one function. The storage section stores approver authentication information of an approver previously registered. When the communication section fails to receive, from the external apparatus, information indicating what function the first user is permitted to request as a response to the identification information of the first user, the control section authenticates a second user based on the stored approver authentication information. The control section executes the function requested by the first user when an authentication result shows that the second user is the approver. | 10-02-2008 |
20080263655 | INFORMATION-PROCESSING APPARATUS, METHOD FOR CONTROLLING INFORMATION-PROCESSING APPARATUS, AND STORAGE MEDIUM - The present invention can control a logout procedure of each user according to an operation state and provides an information-processing apparatus with enhanced security and excellent usability. A method for controlling an information-processing apparatus capable of maintaining a state in which a plurality of users has been logged in to the information-processing apparatus comprises causing a display unit to switch an operation screen for a user who currently logs in to the information-processing apparatus between an active state and an inactive state where the user can or cannot operate the screen respectively; automatically logging out the user of the information-processing apparatus when a predetermined time has elapsed; and controlling so as not to automatically log out a user whose operation screen is in the inactive state of the information-processing apparatus when the predetermined time has elapsed. | 10-23-2008 |
20080301802 | Trust-Based Link Access Control - An apparatus, program product and method control access to linked documents on a computer based on a calculated determination of the trustworthiness of such linked documents, so that user navigation to untrusted documents from a document with which such untrusted documents are linked can be deterred. Basing link access control on document trustworthiness permits owners, authors, developers, publishers, etc. of documents, for example, to avoid potential difficulties such as embarrassment, confusion or legal liability as a result of the content of linked-to documents under the control of third parties. | 12-04-2008 |
20090031416 | Authenticating a Computer Device at the User Level - The invention concerns authentication of a user device ( | 01-29-2009 |
20090038002 | CONTROLLING IMAGE FORMING FUNCTION - An apparatus, method, system, computer program and product each capable of controlling addition of a printing function or controlling use of the printing function are disclosed. | 02-05-2009 |
20090044267 | Method and Apparatus for Preventing Loading and Execution of Rogue Operating Systems in a Logical Partitioned Data Processing System - A method, apparatus, and computer instructions for managing operating systems. A request from an operating system is received in the multi-partitioned data processing system to register for access to hardware in the multi-partitioned data processing system. The request includes a key code for the operating system. A determination is made as to whether the operating system is an authorized operating system using the key code in response to receiving the request. The operating system is registered if the operating system is the authorized operating system. Otherwise, the operating system is terminated. | 02-12-2009 |
20090064312 | SYSTEM, METHOD AND PROGRAM FOR PROTECTING INFORMATION ON COMPUTER SCREEN - Whenever a drawing command is executed, a computer system having a graphic user interface such as a multi-window system determines, from the logical operation pattern of the drawing command, what kind of information is inherited by a drawing result from the drawing command, preferably without performing a complicated step such as an image process. At the same time, the computer system controls information flow of an image outputted to a screen by managing labeled area maps which correspond one to one to images on the screen and in a memory. | 03-05-2009 |
20090077652 | Contents Execution Device Equipped With Independent Authentication Means And Contents Re-Distribution Method - The present invention particularly relates to a digital content providing service method and a content execution device for the same, for maximizing user convenience and maintaining a sufficient level of security using a smart card. The inventive content execution device includes an independent authentication unit for storing a tool necessary for executing content; an authentication support module for providing a data communication channel between the smart card and an external broadcasting server; a tool agent for calling the tool stored in the independent authentication unit; and a content execution unit for executing content data received from the external broadcasting server. The content execution device included in a content authority management system of the present invention employs the smart card for user authentication and/or content playing tool management. Accordingly, a user can freely executing his/her licensed content in different content execution devices by conveniently removing and reinserting the smart card, without separate measures. Moreover, according to the present invention, a user can effectively use content from different broadcasters. | 03-19-2009 |
20090083847 | EMBEDDED AUTHENTICATION SYSTEMS IN AN ELECTRONIC DEVICE - This invention is directed to an electronic device with an embedded authentication system for restricting access to device resources. The authentication system may include one or more sensors operative to detect biometric information of a user. The sensors may be positioned in the device such that the sensors may detect appropriate biometric information as the user operates the device, without requiring the user to perform a step for providing the biometric information (e.g., embedding a fingerprint sensor in an input mechanism instead of providing a fingerprint sensor in a separate part of the device housing). In some embodiments, the authentication system may be operative to detect a visual or temporal pattern of inputs to authenticate a user. In response to authenticating, a user may access restricted files, applications (e.g., applications purchased by the user), or settings (e.g., application settings such as contacts or saved game profile). | 03-26-2009 |
20090094694 | COMMUNICATION APPARATUS - A communication apparatus is disclosed. The communication apparatus includes a destination information storing unit which stores a destination name and destination information corresponding to the destination name, an operating screen displaying unit which displays information of operations of the communication apparatus, and a destination information non-display determining unit which determines whether the destination information is not to be displayed on the operating screen. When a destination name stored in the destination information storing unit is displayed and the destination name is selected as a destination, the operating screen displaying unit displays the destination information together with the destination name on the operating screen. When the destination information non-display determining unit determines that the destination information is not to be displayed on the operating screen, the destination information non-display determining unit does not display the destination information on the operating screen. | 04-09-2009 |
20090100515 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING SYSTEM, RECORDING MEDIUM AND INFORMATION PROCESSING METHOD - A receiving unit receives information selected by a user on an operating screen. A detecting unit detects a function executing part corresponding to the information received by the receiving unit. A determining unit determines that the user authentication is required when a function is to be executed, when “the user authentication is required” is set for at least any one of a function allocated to a function executing part that is detected by the detecting unit, the function allocated to another function executing part, and the operating screen that includes the function executing part to which the function is allocated. A function executing unit executes a function allocated to the function executing part selected by the user, wherein the user is authorized to execute the function. | 04-16-2009 |
20090106832 | COMPUTER SYSTEM AND PROGRAM CREATING DEVICE - A mobile telephone | 04-23-2009 |
20090172806 | SECURITY MANAGEMENT IN MULTI-NODE, MULTI-PROCESSOR PLATFORMS - Multi-node and multi-processor security management is described in this application. Data may be secured in a TPM of any one of a plurality of nodes, each node including one or more processors. The secured data may be protected using hardware hooks to prevent unauthorized access to the secured information. Security hierarchy may be put in place to protect certain memory addresses from access by requiring permission by VMM, OS, ACM or processor hardware. The presence of secured data may be communicated to each of the nodes to ensure that data is protected. Other embodiments are described. | 07-02-2009 |
20090178133 | ELECTRONIC SYSTEM WITH ACCESS CONTROL - An electronic system includes an input device and an electronic device, and a switching device connected between them. The switching device allows and disallows access of the input device to the electronic device in response to a security signal. The input device is connected to the electronic device when the switching device is activated. The input device is disconnected from the electronic device when the switching device is deactivated. | 07-09-2009 |
20090217370 | SAFE FILE TRANSMISSION AND REPUTATION LOOKUP - Safe file transmission and reputation lookup. As a part of the safe file transmission and reputation lookup methodology, a data file that is to be made available to a data file receiver is accessed and it is determined whether the data file needs to be provided a protective file. The data file is wrapped in a protective file to create a non-executing package file. Access is provided to the non-executing package file where the associated data file is prevented from being executed until data file reputation information is received. | 08-27-2009 |
20090241182 | System and Method for Implementing a One Time Password at an Information Handling System - A system and method are provided which substantially reduce the disadvantages and problems associated with previous methods and systems for generating an OTP at an information handling system. An OTP is generated at an information handling system hardware or firmware layer upon detection of a predetermined input trigger, such as a key combination. The OTP is provided for authentication independent of an operating system or applications running on the information handling system. | 09-24-2009 |
20090249474 | SYSTEM AND METHOD FOR ADJUSTING THE SECURITY LEVEL OF A REMOVABLE MEDIUM - A method of adjusting a security level of a removable medium, including receiving a unique identification (ID) of a removable medium, a name of a file being processed, and a requested operation, determining the security level of the removable medium, determining a security level of the file being processed, and one of increasing and decreasing the security level of the removable medium based on the determined security level of the file being processed. Further, security levels of removable media are mapped to security zones which are subsequently used to allow or prevent transportation of a removable medium inside or outside of certain boundaries. | 10-01-2009 |
20090249475 | AUTHENTICATION SYSTEM, ELECTRONIC APPARATUS, ELECTRONIC APPARATUS AUTHENTICATION METHOD, AND COMPUTER-READABLE RECORDING MEDIUM HAVING AUTHENTICATION PROGRAM RECORDED THEREON - An authentication system includes a communication unit that originates a call on the basis of an entered telephone number, a vibration reception unit that receives vibrations generated by a portable device in response to an incoming call, vibration pattern registration unit registering a vibration pattern, and an authentication unit that performs authentication by determining whether or not a vibration pattern of the vibrations received by the vibration reception unit matches the vibration pattern registered in the vibration pattern registration unit. | 10-01-2009 |
20090265779 | TIME-SWITCH DEVICE AND METHOD FOR THE SAME - A time-switch device and method for the same is provided. The time-switch device mainly comprises a microprocessor unit, and an input element and a key secret element that are connected to the microprocessor unit. The microprocessor unit is connected to a data storage unit storing the time switch method and to a power control unit to control the connected host turning ON or OFF in a predetermined time of the schedule set in the time switch method stored in the time-switch device. Thus, the time-switch device and method for the same may not only force a user to use the host in a limited service time, but also prevent data in the host from being leaked. | 10-22-2009 |
20090271860 | AUTHENTICATOR APPARATUS - An authenticator apparatus which makes it difficult for an unauthorized user to masquerade and enhances safety includes an authenticating information holding unit ( | 10-29-2009 |
20090276844 | Method and Apparatus for Secure Hardware Analysis - A Hardware Analysis Module (“HAM”) embedded in an integrated circuit (IC) implements a dedicated hardware-controlled access control procedure. The secure hardware analysis features are unlocked by a key unit subject to successful completion of an access control procedure. The access control procedure prevents unlocking of the secure hardware analysis features by an unauthorized or compromised key unit by including an embedded control command in an authentication challenge sent by the HAM to the key unit during the access control procedure. | 11-05-2009 |
20090276845 | PROGRAMMABLE DISPLAY DEVICE, AND CONTROL SYSTEM - A programmable display device includes a communication driver, a file system process unit that accesses the portable storage medium storing backup/restore target information that includes a target control device and target setting information respectively specifying the control device on which the backup/restore process is performed out of the control devices connected to the programmable display device and setting information, and a setting-information obtaining/writing process unit that accesses the control device via the communication driver based on the backup/restore target information and performs the backup/restore process of the setting information by accessing the portable storage medium via the file system process unit. | 11-05-2009 |
20090288159 | Method and Apparatus for Secure Authorization - A method for authorizing access to a first computing device is provided. The method comprises the first computing device forming a challenge, encoding the challenge into a symbol, and displaying the symbol. The first computing device receives a request for access from a user. Access to the first computing device is allowed in response to provision of an access code to the first computing device by the user. The access code is formed by a server in response to capturing the symbol, decoding the symbol into the challenge, forming a request from the challenge, and providing the request to the server. The server forms a decision to allow access by the user to the first computing device. | 11-19-2009 |
20090300753 | METHOD FOR PREVENTING DATA IN A COMPUTER SYSTEM FROM BEING ACCESSED BY UNAUTHORIZED USER - A computer system is provided comprising a non-volatile storage medium and a processor. The processor acquires authentication information from a first removable storage device, stores the authentication information into the non-volatile storage medium, and forbids data access of the computer system when detecting that a second removable storage device has been inserted and identification data of the second removable storage device is different from the authentication information. | 12-03-2009 |
20090320123 | METHOD AND APPARATUS FOR USER RECOGNITION EMPLOYING MOTION PASSWORDS - A method and apparatus are disclosed that authenticate a user of a mobile device with motion sensors. During a learning session, the user initializes the mobile device by providing a motion sample. The mobile device extracts motion features that are unique to the user and converts them to parity bits and to a password shadow. During a recognition session, a motion pattern is gathered from the user moving the mobile device as if it were a virtual pen. The mobile device then uses the stored parity bits to correct small differences between motion patterns exhibited by the same user at different times. The mobile device converts the corrected motion pattern into a motion password that is compared with the stored password shadow. A user is authenticated only if the two values coincide. The system erases the generated motion password. | 12-24-2009 |
20090328195 | Authentication and Access Protection of Computer Boot Modules in Run-Time Environments - Methods and systems to authenticate and load a plurality of boot logic modules in corresponding access protected memory regions of memory, and to maintain the access protections in run-time environments. Access protection may be implemented with access control list (ACL) policies expressed in terms of page boundaries to distinguish between read, write, and execute access requests. | 12-31-2009 |
20100011437 | APPARATUS AND METHOD FOR STORING EVENT INFORMATION FOR AN HVAC SYSTEM - An apparatus for storing event information relating to operation of an HVAC system includes: (a) at least one memory controller coupled with the HVAC system for receiving the event information; and (b) at least one memory unit coupled with the at least one memory controller. A first memory unit of the at least one memory unit is configured for receiving first selected information of the event information for accessing by at least one of a first party and a second party. A second memory unit of the at least one memory unit is configured for receiving second selected information of the event information for accessing by the second party. | 01-14-2010 |
20100017872 | USER INTERFACE FOR MOBILE COMPUTER UNIT - A computer readable medium storing a computer program with computer program code, which, when read by a mobile computer unit, allows the computer to present a user interface for the mobile computer unit. The user interface includes a touch sensitive area in which a portion of a first window and a portion of a second window are displayed. The user scrolls the first window when an object touches a corresponding location in the touch sensitive area at which the first window is displayed, and scrolls the second window when an object touches a corresponding location in the touch sensitive area at which the second window is displayed. The user interface displays a plurality of keys which are selected when an object touches a corresponding key location and are activated when the object applies additional pressure to the corresponding key location. Alternatively, the key is activated when an object touches its corresponding location. The user interface presents keys in a manner facilitating entry of Chinese characters using stroke and Pinyin input. | 01-21-2010 |
20100024027 | Client-side security management for an operations, administration, and maintenance system for wireless clients - An Operations, Administration, and Maintenance (OA&M) | 01-28-2010 |
20100037312 | SECURE COMPUTING ENVIRONMENT TO ADDRESS THEFT AND UNAUTHORIZED ACCESS - Techniques for securing a client. A BIOS agent stores policy data within a BIOS of the client. The BIOS agent is one or more software modules that execute in the BIOS of the client. The policy data describes one or more policies which the client should follow. When an operating system agent detects that a condition, specified by a particular policy of the one or more policies, has been met, the operating system agent performs one or more actions specified by the particular policy, such as disabling the client, retrieving a file from the client, erasing a file from the client, or encrypting a file on the client. The operating system agent is one or more software modules that execute in the operating system of the client. | 02-11-2010 |
20100058460 | SYSTEM AND METHOD FOR AUTHENTICATING AN END USER - A method for authenticating an end user. The method comprising receiving a first userID and a first password from an end user. Next, attempting to authenticate the end user using the first userID and the first password provided. Finally, sending an error message to the end user in response to failing to authenticate the end user using the first userID and the first password wherein the error message comprises a first option and a second option. The first option comprising a first key combination that if entered would allow the end user to enter a second password and authenticate using the first userID and the second password. The second option comprising a second key combination that if entered would allow the end user to enter a second userID and a third password and authenticate using the second UserID and the third password. | 03-04-2010 |
20100071056 | METHOD AND SYSTEM FOR MULTI-PROTOCOL SINGLE LOGOUT - A method for multi-protocol logout. The method includes receiving, by a first identity provider, a logout request from a user agent, wherein the first identity provider executes in a federation manager, and initiating a logout on a service provider associated with the first identity provider based on the logout request by the first identity provider. The method further includes identifying, by the federation manager, a plurality of identity providers associated with the user agent, wherein the plurality of identity providers communicate using heterogeneous federation protocols, and initiating, by the federation manager, a logout on each of the plurality of identity providers based on the logout request using the plurality of heterogeneous federation protocols. The method further includes initiating, by the plurality of identity providers, a logout of each service provider corresponding to the plurality of identity providers, identifying a status of each logout, and sending the status to the user agent. | 03-18-2010 |
20100077472 | Secure Communication Interface for Secure Multi-Processor System - A secure communication interface for a secure multi-processor system is disclosed. The secure communication interface can include a secure controller that is operable to transfer data between a first memory that is directly accessible by a first (master) processor and a second memory that is directly accessible by a secure second (slave) processor in the multi-processor system. One or more control and status registers accessible by the processors facilitate secure data transfer between the first memory and a memory window defined in the second memory. One or more status and violation registers shared by the processors can be included in the secure communication interface for facilitating secure data transfer and for reporting security violations based on a rule set. | 03-25-2010 |
20100083365 | Apparatus and method to harden computer system - In some embodiments, a processor-based system may include a processor, the processor having a processor identification, one or more electronic components coupled to the processor, at least one of the electronic components having a component identification, and a hardware security component coupled to the processor and the electronic component. The hardware security component may include a secure non-volatile memory and a controller. The controller may be configured to receive the processor identification from the processor, receive the at least one component identification from the one or more electronic components, and determine if a boot of the processor-based system is a provisioning boot of the processor-based system. If the boot is determined to be the provisioning boot, the controller may be configured to store a security code in the secure non-volatile memory, wherein the security code is based on the processor identification and the at least one component identification. Other embodiments are disclosed and claimed. | 04-01-2010 |
20100122339 | DATA SURVEY DEVICE, INTEGRATED WITH AN ANTITAMPER SYSTEM | 05-13-2010 |
20100125904 | COMBINING A MOBILE DEVICE AND COMPUTER TO CREATE A SECURE PERSONALIZED ENVIRONMENT - A mobile device, such as a mobile phone, smart phone, personal music player, handheld game device, and the like, when operatively combined with a PC, creates a secure and personalized computing platform through configuration of the mobile device's CPU (central processing unit) and OS (operating system) to function as an immutable trusted core. The trusted core in the mobile device verifies the integrity of the PC including, for example, that its drivers, applications, and other software are trusted and unmodified, and thus safe to use without presenting a threat to the integrity of the combined computing platform. The mobile device can further optionally store and transport the user's personalization data—including, for example, the user's desktop, applications, data, certificates, settings, and preferences—which can be accessed by the PC when the devices are combined to thus create a personalized computing environment. | 05-20-2010 |
20100125905 | Method and Apparatus for Associating User Identity - In accordance with an example embodiment of the present invention, an apparatus, comprising a processor configured to associate a first virtual screen with a first user identity receive input for transitioning from the first virtual screen to a second virtual screen, and associate the second virtual screen with a second user identity based at least in part on the input is disclosed. | 05-20-2010 |
20100138912 | System and method for authenticating an end user - A method for authenticating an end user. The method begins by generating a login field in response to receiving an authentication request from an end user. The login field comprises a plurality of colored nodes containing a first subset of nodes matching both color and location to a second subset of nodes residing in a transparent credit card being controlled by the end user. Next the method determines the authenticity status of the end user by comparing data received from the end user with the first subset of nodes. The end user having generated the data by overlaying the transparent credit card on top of the login field and selecting at least one colored node. Each node being selected according to a function utilizing both static and dynamic variables. Finally, the method sends the determined authenticity status to the end user via an output device. | 06-03-2010 |
20100186080 | PROTECTION SYSTEM AND METHOD OF OPERATION THEREIN - A system comprises one or more slave elements operably coupled to a plurality of master devices. A central protection function is operably coupled to a first communication bus and configured to control data flow between the one or more slave elements and the plurality of master devices via the communication bus. | 07-22-2010 |
20100205666 | ELECTRONIC COMPUTER SYSTEM SECURED FROM UNAUTHORIZED ACCESS TO AND MANIPULATION OF DATA - In general, the invention relates to a method for securing a computer system. The method includes monitoring an operating system in the computer system and trapping, in response to the monitoring, a process system call where the process system call originated in a host executing in the computer system. Responsive to the trapping, an isolated user environment (IUE) is created in the computer system. Creating the IUE includes allocating memory and persistent storage for the IUE. In addition, the IUE includes a file system filter driver (FSFD) configured to redirect Input/Output (I/O) calls originating from the IUE to the persistent storage, and a network interface/NDIS hook component configured to control network traffic originating from the IUE and destined for the IUE. The method further includes, after creating the IUE, loading the process system call into the IUE and executing the process system call in the IUE. | 08-12-2010 |
20100212007 | SYSTEMS AND METHODS FOR ACCESS CONTROL - The disclosure describes various systems and methods for access control. One such method includes providing an access control module that is capable of operating at least a first carrier frequency and a second carrier frequency. In addition, the method includes providing a first access credential that operates at the first carrier frequency, and providing a second access credential that operates at the second carrier frequency. Various other systems, methods and features are also described herein. | 08-19-2010 |
20100223665 | SYSTEM AND METHOD FOR PROVIDING A VIRTUAL BINDING FOR A WORM STORAGE SYSTEM ON REWRITABLE MEDIA - A virtual binding system ensures that the WORM logic for protecting data immutability cannot be circumvented, effectively guaranteeing WORM property of a WORM storage system composed of rewritable magnetic hard disks. To close the security hole between the rewritable media and the WORM logic, virtual binding securely authenticates the legitimacy of a WORM logic controller before granting data access on a WORM storage media. Furthermore, the system verifies the legitimacy of the WORM logic controller during data access. This approach virtually binds together the WORM logic controller and the WORM storage media even though the WORM logic controller and the WORM storage media may be physically separate. | 09-02-2010 |
20100235904 | INFORMATION PROCESSING SYSTEM AND PROCESSING METHOD THEREOF - When a plurality of information processing apparatuses that have an authentication function cooperate to execute a job, user authentication information is transmitted from a cooperative information source processing apparatus to a destination cooperative information processing apparatus that execute the cooperative job. A user account is created at the destination cooperative information processing apparatus based on the transmitted authentication information. When the cooperative information source processing apparatus notifies execution of a cooperative job to the destination cooperative information processing apparatus, authentication information that is authenticated at the cooperative information source processing apparatus is transmitted to the destination cooperative information processing apparatus. The destination cooperative information processing apparatus creates a user account based on the authentication information, and executes the cooperative job using the created user account. | 09-16-2010 |
20100242107 | Image Processing Device - A low-cost Multi Function Peripheral (MFP) prevents a user from forgetting to cancel an authenticated state. The MFP includes a scanner unit, a printer unit, a touch screen, and a reset key for initializing various settings. When the user is authenticated, the MFP accepts various operations. Under a state in which the user is authenticated, when the reset key is operated, a control unit executes a logout process. | 09-23-2010 |
20100242108 | METHOD AND SYSTEM FOR MEMORY PROTECTION AND SECURITY USING CREDENTIALS - A computer-implemented system and method for protecting a memory are provided. The system includes a memory section with privileged and non-privileged sections, a host gateway (HG) to generate a capability credential, a device controller (DC) to append the credential to data transmitted to the memory, and at least one IO device enabled to do direct memory access (DMA) transactions with the memory. | 09-23-2010 |
20100275254 | SYSTEM AND METHOD FOR SELECTING AN EXTERNAL USER INTERFACE USING SPATIAL INFORMATION - A method and system for selecting an external user interface using spatial information is described. In one configuration the floor space of a mailroom is mapped using a two dimensional grid. At least one machine is located on the mapped grid and an associated control zone is defined for that particular machine. The machine includes a wireless transceiver for providing user interface access. An external portable processor with a wireless transceiver is provided with user interface logic for the machine. A user then moves the external portable processor into the control zone of the machine. An indoor positioning system is utilized to provide relative or absolute position information relating to the machine and the external processor. The system determines that the external processor is in the machine control zone and allows the external processor to function as a user interface for the machine. | 10-28-2010 |
20100333192 | Secure storage - A portable security storage unit is described, which comprises a firewall, access to networks and a hard drive external to a computer. A hard drive manager allows access to the external hard drive and provides encryption, decryption of data passing to and from the external hard drive as well as restore capability. The computer, which hosts the storage security unit, is coupled to the storage security unit by a USB connection, and the firewall and the hard drive manager are USB connected internal to the security storage unit. | 12-30-2010 |
20100333193 | System and Method for Protecting Data with Multiple Independent Levels of Security - A data security system includes a single central processing unit (CPU), a plurality of different security zones corresponding to different levels of security classification, a plurality of operating systems, a communications interface, a global zone, and a memory coupled to the plurality of security zones and the global zone. The CPU includes a plurality of processing cores and each security zone is associated with a different one of the processing cores. The global zone is communicatively coupled to the communications interface and the plurality of security zones, and is associated with a different one of the processing cores than the plurality of security zones. The global zone directs communications between the communications interface and the plurality of security zones. Each processing core executes a separate one of the plurality of operating systems, thereby providing separate processing capability on the single CPU for each of the different levels of security classification. | 12-30-2010 |
20110023110 | Interactive Video Captcha - Provided is a Captcha Access Control System (CACS) for generating an improved captcha that are based, in one described embodiment, upon a command in one format and a response in a different format, one or both of which are rendered in a format that is difficult for an automated system to interpret. A computer system or program to which a user is requesting access generates a textual or audible command. A video device captures the user's response and transmits the response to a response evaluation device. Based upon an analysis of the transmitted video and a comparison between the analyzed video and the command, the computer or program either enables access or denies access. | 01-27-2011 |
20110023111 | CONNECTION DEVICE AUTHENTICATION - A method and apparatus are provided for a secure interconnect between data modules, including a security apparatus within a secured data connection device installed with a security chip. The connection device may be authenticated prior to enabling a stacking feature. Authentication of a connection device may be used to ensure the quality and performance of the connection device and the data modules. | 01-27-2011 |
20110030050 | IMAGE FORMING APPARATUS - An image forming apparatus having a plurality of functions and executing a function designated from the plurality of functions includes a display device for displaying a function selection image allowing a user to designate any of the plurality of functions. The display device displays a first group of functions of which frequency of use is higher than a prescribed threshold value, and a second group of functions of which frequency of use is not higher than the threshold value, on mutually different function selection images, with a display item indicating that functions are displayed distinguished from each other. The image forming apparatus further includes: a designating device receiving a user input designating any of the plurality of functions displayed by the display device; and an image forming unit executing the function designated by the input received by the designating device. | 02-03-2011 |
20110047613 | SYSTEMS AND METHODS FOR PROVIDING AN ISOLATED EXECUTION ENVIRONMENT FOR ACCESSING UNTRUSTED CONTENT - A sandbox tool can cooperate with components of a secure operating system to create an isolated execution environment for accessing untrusted content without exposing other processes and resources of the computing system to the untrusted content. The sandbox tool can allocate resources (storage space, memory, etc) of the computing system, which are necessary to access the untrusted content, to the isolated execution environment, and apply security polices of the operating system to the isolated execution environment such that untrusted content running in the isolated execution environment can only access the resources allocated to the isolated execution environment. | 02-24-2011 |
20110093947 | IC CHIP, INFORMATION PROCESSING APPARATUS, SYSTEM, METHOD, AND PROGRAM - An IC chip, an information processing apparatus, system, method, and program are provided. An IC chip includes an authentication control unit configured to authenticate a request using authentication information. The request and/or the authentication information is received from outside the IC chip. | 04-21-2011 |
20110119754 | GAMING DEVICE HAVING HARD DRIVE BASED MEDIA AND RELATED METHODS - Various embodiments are directed to a gaming device that uses an internal hard drive for primary media storage. The software is installed on the hard drive without requiring physical access to the hard drive including, but not limited to, removal or replacement of the hard drive. According to one method, an install flash program is used to format and/or reformat an internal hard drive. Additionally, the install flash program is used to install media stored on a removable storage device onto the internal hard drive. | 05-19-2011 |
20110119755 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, INFORMATION PROCESSING PROGRAM AND COMPUTER READABLE RECORDING MEDIUM - In an information processing apparatus having a service mode for a service person to carry out maintenance of the apparatus enters for carrying out the maintenance, a registration page is provided for registering the service person as a service person in charge of the maintenance of the apparatus, and an input page is provided for inputting authentication information required for the service person that is registered in the registration page as a person in charge of the maintenance of the apparatus to enter the service mode. | 05-19-2011 |
20110126279 | INFORMATION PROCESSING APPARATUS, SOFTWARE INSTALLING METHOD, AND RECORDING MEDIUM - An information processing apparatus includes a communication unit that transmits and receives information to and from an IC chip of a recording medium, an authentication processing unit that executes mutual authentication processing with the IC chip, a list-display-screen outputting unit that reads identification information and usage control information and causes a display to display a list display screen, a selection input unit that receives a selection input from a user, a software reading unit that reads data of software selected according to selection input from the data area, an installation processing unit that causes the authentication processing unit to execute the authentication processing, reads key information necessary for installing the software, and executes installation processing for the software, and a usage-control-information updating unit that accesses the IC chip and updates the usage control information corresponding to the software. | 05-26-2011 |
20110154478 | ELECTRONIC DEVICE SECURITY - An apparatus comprises logic to manage data access in an electronic device by performing operations, comprising detecting at least one of a motion, vibration or change in orientation of the electronic device and in response to a detection, implementing a security policy for the electronic device. Other embodiments may be described. | 06-23-2011 |
20110154479 | IMAGE FORMING APPARATUS AND IMAGE FORMING METHOD - According to one embodiment, an image forming apparatus includes, a log authentication information acquiring unit configured to acquire log authentication information indicating whether or not to control browse of a job log in each image forming apparatus, a user authentication unit configured to execute user authentication of a user operating the browse of the job log and acquire a result of the user authentication, a log browse right information acquiring unit configured to acquire log browse right information indicating whether or not to limit the browse of the job log for the user, and a control unit configured to control the browse of the job log, based on the log authentication information, the log browse right information and the result of the user authentication that are acquired. | 06-23-2011 |
20110154480 | SECURE CONTROLLER FOR BLOCK ORIENTED STORAGE - A storage controller includes a command pointer register. The command pointer register points to a chain of commands in memory, and also includes a security status field to indicate a security status of the first command in the command chain. Each command in the command chain may also include a security status field that indicates the security status of the following command in the chain. | 06-23-2011 |
20110162063 | METHODS AND APPARATUS FOR PROVIDING ACCESS TO VEHICLE ELECTRONIC SYSTEMS - One embodiment is directed to providing access between external systems and embedded vehicle electronic systems. That is, an interface module may receive information from a system external to the vehicle, determine an embedded system of the vehicle to which to provide the information, and provide the information to the embedded system. Similarly, the interface module may receive information a embedded electronic systems of a vehicle, determine a system external the vehicle to which to provide the information, and provide the information to the external system. | 06-30-2011 |
20110185416 | METHOD AND APPARATUS FOR AUTHENTICATING A PERSON BY THEIR TYPING PATTERN USING THE LOCAL DISTRIBUTION OF KEYS ON A KEYBOARD - The present invention relates to a method and an apparatus for authenticating a person by means of their typing pattern, wherein, evaluation of key actuation takes account of the local position of the actuated keys ( | 07-28-2011 |
20110247065 | SIMULTANEOUS SCREEN UNLOCK AND OPERATION INITIATION - An electronic device such as a smart phone or personal computer, adapted to both unlock and to execute at least one step of a standard operation such as placing a telephone call, responsive to the user executing only one input command The input command may comprise moving a slider on a touch screen, entering a predetermined combination of alphanumeric characters, and the like. The input command may also comprise hand drawing a symbol on the screen, whereupon the electronic device will execute a matching procedure similar to character recognition to authenticate the symbol. Authentication may then unlock the device and execute the at least one step of the standard operation. | 10-06-2011 |
20110258697 | IMAGE PROCESSING APPARATUS AND USER AUTHENTICATION METHOD FOR IMAGE PROCESSING APPARATUS - An image processing apparatus includes a first authentication unit configured to authenticate a user, a second authentication unit configured to authenticate the user, an operation unit configured to receive an operation from the user, a logout unit configured to set the user in a logout state in which the user is unauthenticated, if a predetermined time has passed without the operation unit receiving any operation from the user while the user is authenticated by the first authentication unit or the second authentication unit, and a change unit configured to change the predetermined time to a second time shorter than a first time, if the user is unauthenticated by the second authentication unit while the user is authenticated by the first authentication unit and the second authentication unit. | 10-20-2011 |
20110283352 | Method and Apparatus for Migrating a Virtual TPM Instance and Preserving Uniqueness and Completeness of the Instance - A migration scheme for virtualized Trusted Platform Modules is presented. The procedure is capable of securely migrating an instance of a virtual Trusted Platform Module from one physical platform to another. A virtual Trusted Platform Module instance's state is downloaded from a source virtual Trusted Platform Module and all its state information is encrypted using a hybrid of public and symmetric key cryptography. The encrypted state is transferred to the target physical platform, decrypted and the state of the virtual Trusted Platform Module instance is rebuilt. | 11-17-2011 |
20110321153 | SECURITY MECHANISM FOR INCREASED PERSONAL DATA PROTECTION - Apparatus, systems, and methods provide a mechanism to enhance the management of data security in a system for users of the systems. Various embodiments include apparatus and methods to manage security of data in an electronic system on an application-by-application basis. Such application-by-application basis can be applied in addition to managing data security globally in the electronic system. Additional apparatus, systems, and methods are disclosed. | 12-29-2011 |
20120030752 | Computer keyboard with ultrasonic user proximity sensor - A terminal for a computer system includes a keyboard incorporating modules for performing two factor authentication (TFA) for log-on of a user. TFA preferably combines a fingerprint scan with the proximity of a previously enrolled Bluetooth device that typically accompanies the user, such as a wireless phone or headset. The keyboard also includes an ultrasonic proximity detector aimed to detect the presence of the user at the keyboard and to terminate log-on when the user leaves the keyboard. The keyboard processor may be used as an encryption engine to encode all keystroke data and authentication/log-on transactions with the computer system. | 02-02-2012 |
20120030753 | MULTIPROTOCOL COMMUNICATION AUTHENTICATION - A method for authenticating a transmission between a first and a second circuit transiting through at least one third circuit, wherein: data are transmitted from the first to the third circuit, and from the third to the second circuit; a first signature of the data is calculated by the first circuit; at least a second signature of the data is calculated by the third circuit; at least one first portion of the first signature is transmitted by the first circuit to the third one; and the second signature is transmitted by the third circuit to the second one, a portion of this signature being distorted in case of a failure of authentication of the first portion of the first signature by the third circuit. | 02-02-2012 |
20120036573 | Drag-and-Tag Authentication - A drag-and-tag authentication apparatus includes an electronic device, a setting mechanism and an authentication mechanism. The electronic device includes a processor, a display electrically connected to the processor, an operation unit electrically connected to the processor, and a power supply electrically connected to the processor. The setting mechanism is electrically connected to the processor and includes first and second selection units operable for selecting literal and graphic items. The authentication mechanism is electrically connected to the processor and includes literal items and graphic items. Some of the literal items can be located and define a polygonal region. Some of the graphic items can be located and covered by the polygonal region for authentication. | 02-09-2012 |
20120079586 | METHOD AND APPARATUS FOR DIFFERENTIATED ACCESS CONTROL - A method for differentiated access control on a computing device, and the computing device, the method including starting a timer on the computing device; resetting the timer if activity occurs on the computing device prior to the expiration of the timer; and preventing a subset of applications from being launched or enabled on expiry of the timer. | 03-29-2012 |
20120084853 | INFORMATION PROCESSING APPARATUS AND METHOD FOR RESTRICTING ACCESS TO INFORMATION PROCESSING APPARATUS - An information processing apparatus includes: a body casing; a first connector provided in the body casing; a setting module; and a security module. The setting module is configured to set a security level to be applied to the information processing apparatus based on a type of a device connected to the first connector. The security module is configured to restrict access to the information processing apparatus according to the set security level. | 04-05-2012 |
20120096542 | PORTABLE CONFIDENTIAL ACCOUNT INFORMATION MANAGEMENT DEVICE - In one general aspect, a portable confidential account information management device is disclosed that includes a biometric sensor, keyboard, processor, and storage. The storage includes account information storage including fields that each include an account identifier field and a password field. It also includes program storage including native account management software responsive to the biometric sensor and the keyboard to enable retrieval of contents of the account identifier field and password field for selected accounts. A display screen is responsive to the account management software and operative to display retrieved contents of the account identifier field and the retrieved password field for the selected accounts. In another aspect, removable portable data storage device port is responsive to the storage to store backup copies of information. Disclosed devices can be designed to improve security by isolating them from external access or connectivity. | 04-19-2012 |
20120102564 | CREATING DISTINCT USER SPACES THROUGH MOUNTABLE FILE SYSTEMS - A method and a processing system for creating distinct user spaces. In a platform originally intended to be a single user platform, for each of a plurality of users, at least one mountable element can be uniquely assigned to the user and data associated with the user can be stored to the assigned mountable element to create a multi-user platform. | 04-26-2012 |
20120110659 | LESS-SECURE PROCESSORS, INTEGRATED CIRCUITS, WIRELESS COMMUNICATIONS APPARATUS, METHODS AND PROCESSES OF MAKING - An integrated circuit ( | 05-03-2012 |
20120110660 | TIME-DOMAIN REFLECTOMETRY USED TO PROVIDE BIOMETRIC AUTHENTICATION - An electronic device includes one or more Time-Domain Reflectometor (TDR) channels and a security block embedded at a silicon or software level to measure human electrical impedance and characteristics for biometric identification and provide biometric authentication. | 05-03-2012 |
20120110661 | TWO-WAY AUTHENTICATION - A method for activating a physiologic sensor ( | 05-03-2012 |
20120137359 | Method For Storing (Hiding) A Key In A Table And Corresponding Method For Retrieving The Key From The Table - A method is provided for storing/retrieving a key in a table, the method for storing a key comprising providing a table comprising a plurality of entries, each selected from a group consisting of random words and random strings; providing a question to a user; receiving from the user a corresponding secret answer; receiving the key to store in the table; determining a position in the table using the received corresponding secret answer and at least one table entry and storing the key at the determined position. | 05-31-2012 |
20120159608 | PASSWORD ENTRY USING 3D IMAGE WITH SPATIAL ALIGNMENT - A method of authenticating a user of a computing device is proposed, together with computing device on which the method is implemented. In the method a modified base image is overlaid with a modified overlay image on a display. At least one of the modified base image and modified overlay image is moved by the user. Positive authentication is indicated in response to the base image reference point on the modified base image being aligned, at least one of the base image reference point and the overlay image reference point having coordinates in three dimensions. | 06-21-2012 |
20120167197 | ENABLING GRANULAR DISCRETIONARY ACCESS CONTROL FOR DATA STORED IN A CLOUD COMPUTING ENVIRONMENT - Enabling discretionary data access control in a cloud computing environment can begin with the obtainment of a data request and response message by an access manager service. The response message can be generated by a data storage service in response to the data request. The access manager service can identify owner-specified access rules and/or access exceptions applicable to the data request. An access response can be determined using the applicable owner-specified access rules and/or access exceptions. Both the response message and the access response can indicate the allowance or denial of access to the requested data artifact. The access response can be compared to the response message. If the access response does not match the response message, the response message can be overridden to express the access response. If the access response matches the response message, the response message can be conveyed to the originating entity of the data request. | 06-28-2012 |
20120167198 | Resource Protection from Unauthorized Access Using State Transition Histories - A resource protection program, apparatus, and method for protecting resources to be processed on a computer. The resource protection program causes a computer to implement: a preparatory function as a function for preparing multiple defined state transition histories and multiple defined actions, both of which are associated with each other, wherein each of the defined state transition histories defines a state transition history of the computer upon execution of predetermined access to a predetermined resource, and each of the defined actions defined to be executable when a transition is made from a defined state to the next defined state; and an action execution function for selecting, upon execution of the real access to the real resource, a defined action associated with a marched defined state transition history from among one or more defined actions to execute die defined action selected. | 06-28-2012 |
20120167199 | COMPUTING DEVICE WITH GRAPHICAL AUTHENTICATION INTERFACE - A computing device with a graphical authentication interface in which the device displays a base image and authenticates a user when a pre-selected element in a secondary image overlying the base image is aligned with a pre-selected element in the base image. | 06-28-2012 |
20120185931 | APPARATUS, METHOD, AND COMPUTER PROGRAM PRODUCT FOR ACCESS CONTROL TO A MOBILE TERMINAL - An apparatus, computer program product, and method are disclosed for access control to a mobile terminal. A use end event is generated indicating an end of use of a mobile terminal. Acceleration of the mobile terminal is binarized by the mobile terminal after the use end event is generated to one of a first value indicating a stationary state and a second value indicating a moving state. A use start event is generated indicating a start of use of the mobile terminal. A movement preparation period is measured from a time at which the use end event is generated to a time at which a transition from the first value to the second value occurs. Use authentication is requested in response to the use start event and in response to the movement preparation period exceeding a first threshold. | 07-19-2012 |
20120185932 | Sensing and Secure Processing - A first and second apparatuses, first and second computer programs and first and second methods are provided. The first apparatus comprises: an interface; and a secure processor configured to control the interface to provide a request, to the second apparatus, requesting information from one or more sensors of the second apparatus. The request may be a data structure comprising an element having one of a multiplicity of predetermined configurations, each configuration identifying at least one of a plurality of sensors. The second apparatus comprises: a further interface; one or more sensors; and a processor configured to receive via the further interface the request, from the secure processor of first apparatus, requesting information from at least one sensor identified in the request. The processor is configured to process the request, to determine whether the second apparatus comprises the at least one sensor identified in the request. | 07-19-2012 |
20120192264 | PRINTER CAPABLE OF AUTHENTICATING USER, PRINT MANAGEMENT SYSTEM INCLUDING THE PRINTER AND COMPUTER READABLE DEVICE STORING USER AUTHENTICATION PROGRAM - In a printing apparatus, a controller authenticates a user with using first authentication information, and printing is allowed according to successful authentication using the first authentication information and printing is prohibited according to failed authentication using the first authentication information. The controller determines whether an authentication request condition is satisfied, and according to determination that the authentication information request condition is satisfied, the controller requests a user to input second authentication information and authenticates the user with using the second authentication information. Printing is allowed according to successful authentication using the second authentication information, and printing is prohibited according to failed authentication using the second authentication. | 07-26-2012 |
20120192265 | PORTABLE COMPUTING SYSTEM AND PORTABLE COMPUTER FOR USE WITH SAME - A computing system comprising a pocket personal computer and a reader are disclosed. The pocket PC is pocket-sized and comprises flash memory, and optionally a processor and a GPS chip. The reader includes a monitor, a keyboard with docking port and an optional processor and at least one input/output USB connector. A user cannot interact with the pocket PC without the reader. The credit card size and capabilities of the pocket PC allows a user to easily carry virtually their entire computer in a pocket for use anywhere there is a reader. In addition, the pocket PC provides security against unauthorized use, even if lost or stolen. A password or fingerprints are required to access to the device, the circuit board may be coated with a protective coating and the system may include an RFID tag and RFID reader. | 07-26-2012 |
20120192266 | Mask Based Challenge Response Test - A method for providing a challenge response test associated with a computer resource performed by a physical computing system includes, with the physical computing system, generating a challenge response test image comprising a plurality of well-formed construct elements forming a well-formed construct and a plurality of random construct elements, and providing a number of masks to be placed over the image, one of the number of masks configured to reveal the well-formed construct elements when placed over the image. | 07-26-2012 |
20120210418 | SECURITY ELEMENT HAVING AN ELECTRONIC DISPLAY DEVICE FOR DISPLAYING SECURITY-RELEVANT INFORMATION OR PATTERNS - A security element having an electronic display device, particularly a digital display for representing security-relevant information or patterns is provided, wherein the represented information or patterns changes or change over time due to an algorithm and/or external influences. A method for marking, identifying or authenticating objects or living beings is provide, with the living being or object being provided with a security element having an electronic display device, particularly a digital display for representing security-relevant information or patterns, whereby the represented information or patterns changes or change over time due to an algorithm and/or external influences. | 08-16-2012 |
20120210419 | SECURITY MANAGEMENT FOR AN INTEGRATED CONSOLE FOR APPLICATIONS ASSOCIATED WITH MULTIPLE USER REGISTRIES - A system for security management for applications associated with multiple user registries can include an integrated console configured to host a one or more applications or resource objects in corresponding realms. The system also can include one or more roles mapped to different ones of the resource objects and also to different users permitted to access the integrated console. The system yet further can include a user relationship system having associations with multiple different ones of the roles. Finally, the system can include console security management logic programmed to manage authentication for the users using realm of the resource object while not requiring a separate user registry for the integrated console. | 08-16-2012 |
20120216276 | SECURE PORTABLE OBJECT - The invention relates to a secure portable object of the smart card type comprising (a) an object body and (b) a micro-module comprising a processor and at least one memory in which a first application executed by a first execution engine in a first execution space is stored. The invention is characterised in that a second application is further stored in the said at least one memory, where the said second application is executed by a second execution engine distinct from the first execution engine, in a second execution space distinct from the first execution space. The invention particularly applies to smart cards. | 08-23-2012 |
20120227103 | INFORMATION PROCESSING APPARATUS AND INFORMATION PROCESSING METHOD - An information processing apparatus disposed on a shopping cart, comprises a display section; an input section; a position acquiring section of the shopping; a detecting section configured to detect the moving or the stopping of the shopping cart; a counting section configured to count a duration time of the stop state of the shopping cart while the detecting section detects the stopping of the shopping cart; an operation-lock control section configured to read a standby time and limit the display operation of the display section and the accepting operation of the input section. | 09-06-2012 |
20120233687 | SECURE METHOD FOR CONTROLLING THE OPENING OF LOCK DEVICES BY MEANS OF A COMMUNICATING OBJECT SUCH AS A MOBILE PHONE - The method consists in: a) generating by an application software (SWA) a message forming a key (DKE) comprising an encrypted data field containing a time-stamping or sequencing time marker; b) transferring the message to a portable communication device (CD), held by a user; c) transmitting the message, by short-range transmission, from the communication device to a reading interface (ERED) coupled to a lock device (LOCK); d) analyzing the message by decrypting the data field and checking the consistency of the time marker with an inner clock of the interface or with a sequence number memorized in the interface; and e) in case of compliant message, sending from the interface to the lock device a digital accreditation (OPEN) stored in memory in the interface and to operate the lock device unlocking upon recognizing the compliance of said digital accreditation. | 09-13-2012 |
20120240217 | Computer Security - Computer security processes include displaying information elements on a computer display screen. Some of the information elements are mapped to corresponding parameters. The computer security processes also include receiving a selected information element from the information elements displayed on the computer display screen, and determining a value of a parameter associated with the selected information element based on a condition. The value of the parameter is changeable according to changes in the condition. The computer security processes further include comparing the selected information element with the value of the parameter, and upon determining the value of the parameter matches the selected information element, providing a user with access to a system resource. | 09-20-2012 |
20120240218 | METHODS, APPARATUSES, AND COMPUTER PROGRAM PRODUCTS FOR RESUMING A SUSPENDED SESSION - Methods, apparatuses, and computer program products are provided for resuming a suspended session. A method may include determining a presence of a user within a predefined proximity of a workstation. The method may further include, responsive to determining the presence of the user, causing pre-retrieval of stored session state information for a suspended session associated with the user before the user enters credential information for logging onto the workstation. Corresponding apparatuses and computer program products are also provided. | 09-20-2012 |
20120240219 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND STORAGE MEDIUM - When receiving an access request to a resource of a first application from a second application, a resource management unit transfers an authentication result for the first application included in the access request to the first application, and when receiving a determination result on whether access of the second application to the resource is permitted from the first application, the resource management unit returns the determination result to the second application. | 09-20-2012 |
20120246713 | METHOD AND APPARATUS FOR CONTROLLING ACCESS OF A SECURE DIGITAL MEMORY CARD - A method for controlling access of a secure digital memory card includes inserting the secure digital memory card into a card reader; an electronic device performing an application program to detect whether a first password is stored in the secure digital card when a write protection function of the secure digital memory card is enabled; inputting a second password when the first password is not stored in the secure digital memory card; and sending a first command embedded with the second password to disable a read access function of the secure digital memory card. | 09-27-2012 |
20120246714 | Dynamic Password Strength Dependent On System State - An approach is provided by detecting password entries by a user of a system with each of the password entries corresponding to a password entered when invoking a password enabled application on the system. A password strength is calculated corresponding to each of the detected password entries. A strongest password is identified based on the password strength calculations. A device lock request is received from the user of the system, with the device lock request being received at a user interface, such as a GUI control. The system is set into a locked state. The locked state prevents data stored on the information handling system from being accessed while the information handling system is in the locked state. The system is subsequently unlocked by entry of the identified strongest password by the user. | 09-27-2012 |
20120246715 | RECORDING DEVICE AND CONTROL METHOD THEREFORE - One embodiment provides a recording device, including: a data storage module; an authentication information storage module configured to store authentication information; a receiving module configured to receive authentication information from a higher level apparatus; an authenticating module configured to perform authentication of access to the data storage module by comparing the received authentication information with the stored authentication information; a command tendency storage module configured to store a command tendency; a command tendency determinator configured to determine whether or not a command tendency relating to commands being transmitted from the higher level apparatus is similar to the previously-stored command tendency; and a use disabling module configured to render the data stored in the data storage module substantially unusable based on a determination of the command tendency determinator. | 09-27-2012 |
20120254981 | Access restriction in response to determining device transfer - A computationally implemented method includes, but is not limited to: determining that a computing device used by a first user has been transferred from the first user to a second user; and restricting access via the computing device to one or more items in response to said determining. In addition to the foregoing, other method aspects are described in the claims, drawings, and text forming a part of the present disclosure. | 10-04-2012 |
20120254982 | SYSTEM AND METHOD FOR PROTECTING AND SECURING STORAGE DEVICES USING BELOW-OPERATING SYSTEM TRAPPING - In one embodiment, a system for securing a storage device includes an electronic device comprising a processor, a storage device communicatively coupled to the processor, and a security agent. The security agent is configured to execute at a level below all of the operating systems of the electronic device, intercept a request to access the storage device, identify a requesting entity responsible for initiating the request, and utilize one or more security rules to determine if the request from the requesting entity is authorized. In some embodiments, the security agent is configured to determine whether the request involves a protected area of the storage device. If the request involves a protected area of the storage device, the security agent may be configured to allow the request if the requesting entity is authorized to access the protected area of the storage device. | 10-04-2012 |
20120254983 | Selective item access provision in response to active item ascertainment upon device transfer - A computationally implemented method includes, but is not limited to: determining that a computing device used by a first user has been transferred from the first user to a second user; ascertaining, in response to said determining, which of one or more items that are at least conditionally accessible through the computing device are active; and providing one or more selective levels of access to the one or more items based, at least in part, on said ascertaining. In addition to the foregoing, other method aspects are described in the claims, drawings, and text forming a part of the present disclosure. | 10-04-2012 |
20120254984 | Selective item access provision in response to active item ascertainment upon device transfer - A computationally implemented method includes, but is not limited to: determining that a computing device used by a first user has been transferred from the first user to a second user; ascertaining, in response to said determining, which of one or more items that are at least conditionally accessible through the computing device are active; and providing one or more selective levels of access to the one or more items based, at least in part, on said ascertaining. In addition to the foregoing, other method aspects are described in the claims, drawings, and text forming a part of the present disclosure. | 10-04-2012 |
20120272311 | METHOD FOR AUTHENTICATING A USER ON A COMPUTING UNIT - The invention relates to a method for authenticating a user on at least one computing unit, in particular a data processing and/or communication device, comprising a graphical user interface unit having a graphical user interface and at least one input device, wherein the at least one graphical user interface comprises at least one symbol storage area having a plurality of graphical symbols and at least one symbol positioning area having a plurality of defined positions. | 10-25-2012 |
20120278879 | AUTHENTICATING HUMAN INTERFACE DEVICE - (EN)The invention relates to an authentication device (TK) set to identify itself to a computer (PC) as a native human interface device. It also relates to a system comprising an authentication device (TK) and a computer (PC), as well as to a method to have a computer (PC) recognize an authentication device (TK). | 11-01-2012 |
20120278880 | Secure Time/Date Virtualization - A system is provided that includes a processor and a system memory coupled to the processor, the system memory stores at least one application for execution by the processor. The system also includes logic coupled to the processor, the logic providing a secure time reference. The processor selectively accesses the secure time reference to generate a virtual time reference for the at least one application. | 11-01-2012 |
20120291118 | IMAGE PROCESSING SYSTEM, IMAGE PROCESSING APPARATUS AND COMPUTER-READABLE RECORDING MEDIUM - An image processing apparatus capable of executing a task including a plurality of processes includes the following units: an acquisition unit that acquires the security levels of the plurality of processes based on security-level information that defines the security level of each process; a specification unit that specifies a lowest-level process that is a process having a lowest security level, from among the plurality of processes; and a notification unit that notifies a user of information regarding the lowest-level process. | 11-15-2012 |
20120304280 | PRIVATE AND PUBLIC APPLICATIONS - Designating applications for public access or private access on a computing device is disclosed. An application on the computing device is designated for private functionality or public functionality. A security wall is enforced with respect to the application if the application is designated for private functionality, wherein enforcing the security wall includes preventing access to the application until a security input is received. Access to the application is provided if the application is designated for public functionality, wherein providing access to the application includes allowing a user to access the application without receiving the security input from the user. | 11-29-2012 |
20120304281 | METHOD AND APPARATUS FOR AUTHENTICATING A NON-VOLATILE MEMORY DEVICE - An apparatus and method for authenticating a Non-Volatile Memory (NVM) device are provided. A host device that authenticates the NVM device transmits challenge information for authentication to the NVM device, receives pieces of authentication information in response to the challenge information from the NVM device, and authenticates the NVM device using the pieces of authentication information by the host device. The pieces of authentication information are generated based on the challenge information and secret key information stored in the NVM device. | 11-29-2012 |
20120304282 | INFORMATION PROCESSING APPARATUS - According to one embodiment, an information processing apparatus is provided. The information processing apparatus includes: a body case;
| 11-29-2012 |
20120311695 | METHOD AND APPARATUS FOR DYNAMIC MODIFICATION OF AUTHENTICATION REQUIREMENTS OF A PROCESSING SYSTEM - Authentication requirements for a user to access a processing system may be dynamically modified based on status information received from sensors coupled to the processing system. The processing system may receive a request for access to the processing system by the user. The processing system determines an authentication policy based at least in part on the status information, and presents authentication requirements to the user based at least in part on the authentication policy. | 12-06-2012 |
20120331546 | INTELLIGENT STYLUS - An intelligent stylus is disclosed. The stylus can provide a stylus condition in addition to a touch input. The stylus architecture can include multiple sensors to sense information indicative of the stylus condition, a microcontroller to determine the stylus condition based on the sensed information, and a transmitter to transmit the determined condition to a corresponding touch sensitive device so as to cause some action based on the condition. | 12-27-2012 |
20130014247 | METHOD AND SYSTEM FOR AUTHENTICATING AN ACCESSORY - A method, system, and connector interface for authenticating an accessory, the method includes performing a first authentication operation on the accessory by the media player, where an authentication certificate is validated; and performing a second authentication operation on the accessory by the media player, where an authentication signature is validated. According to the system and method disclosed herein, the media player and accessory may utilize a plurality of commands utilized in a variety of environments such as within a connector interface system environment to control access to the media player. | 01-10-2013 |
20130019304 | Method and apparatus for detecting and dealing with a lost electronics deviceAANM CAI; LukaiAACI Redondo BeachAAST CAAACO USAAGP CAI; Lukai Redondo Beach CA USAANM Menendez; Jose R.AACI San DiegoAAST CAAACO USAAGP Menendez; Jose R. San Diego CA USAANM Silverstein; Roy BenjaminAACI San DiegoAAST CAAACO USAAGP Silverstein; Roy Benjamin San Diego CA USAANM Parameswaran; RajkrishnanAACI San DiegoAAST CAAACO USAAGP Parameswaran; Rajkrishnan San Diego CA US - Techniques for detecting and dealing with a lost electronics device are disclosed. In one design, the device may autonomously determine whether it is lost. The device may destroy at least one component to render it inoperable and may perform other actions in response to determining that it is lost. In another design, the device may determine available battery power of the device upon determining that it is lost, select at least one action in a list of possible actions based on the available battery power, and perform the selected action(s). In yet another design, upon determining that it is lost, the device may prevent access to information on the device based on a secondary security key, which is not used for encrypting information during normal operation. In yet another design, the device may notify at least one contact and may perform at least one additional action upon determining that it is lost. | 01-17-2013 |
20130024929 | TRUST LEVEL ACTIVATION - An isolation execution environment provides an application with limited resources to execute an application. The application may require access to secured resources associated with a particular trust level that are outside of the isolation execution environment. A trust activation engine determines the trust level associated with a request for a resource and operates differently based on the trust level. A broker process may be used to execute components providing access to resources having a partial trust level in an execution environment that is separate from the isolation execution environment. | 01-24-2013 |
20130024930 | Executing Functions of a Secure Program in Unprivileged Mode - Executing functions of a secure program in unprivileged mode. A program may be executed in a supervisory mode. The program may call multiple functions. Each function may be executed in a unprivileged mode. Additionally, each function may be executed in a respective constrained environment or sandbox. Each constrained environment may be dedicated to or customized for the respective function. For example, each constrained environment may have a set of privileges that are based on the respective function executing within the constrained environment. | 01-24-2013 |
20130024931 | DOWNLOADABLE COMMUNICATION SOFTWARE TOOL FOR FLASH MEMORY DEVICE - A flash memory device is provided that includes an operating system. The operating system has security features such as password protection and/or encryption. Further, the host computer to which the flash memory device is removably attached does not retain any electronic trail of the attachment, usage, communication, or other activity by the flash memory device. The operating system operates on the host computer without the host computer being able to detect and store information related to the operation of the flash memory device. An email service is also provided including timed deletion of emails between registered users. A browser is provided that has auto-populating multi-search, as well as tabbing capabilities. Cloud capabilities are provided, including a desktop run from the cloud as well as a browser run from the cloud. A clickless user interface is provided. | 01-24-2013 |
20130047250 | Methods of On-Chip Memory Partitioning and Secure Access Violation Checking in a System-on-Chip - Systems and methods for partitioning memory into multiple secure and open regions are provided. The systems enable the security level of a given region to be determined without an increase in the time needed to determine the security level. Also, systems and methods for identifying secure access violations are disclosed. A secure trap module is provided for master devices in a system-on-chip. The secure trap module generates an interrupt when an access request for a transaction generates a security error. | 02-21-2013 |
20130055376 | IMAGE PROCESSING APPARATUS, METHOD OF CONTROLLING THE SAME, AND STORAGE MEDIUM - This invention provides an image processing apparatus capable of allowing a user to easily confirm the display contents of a bulletin board without reducing operability if the user should confirm a message by the bulletin board function in authentication processing; a method of controlling the same; and a program. To accomplish this, in the image processing apparatus, an authentication processing unit acquires message information from a storage unit. When the message information is acquired, an authentication screen to execute authentication processing is displayed on a display unit together with the message information. If no message information is acquired, the authentication screen to execute authentication processing is displayed on the display unit. | 02-28-2013 |
20130081133 | SYSTEM AND METHOD FOR UNLOCKING AN ELECTRONIC DEVICE - A system and a method facilitating the unlocking of a locked touch screen device. In a preferred embodiment, the device is an e-reader device. The system and method provides a device unlock screen that simulates turning a page in a book rather than sliding a dead bolt lock or moving some other object from one place to another on the locked screen. | 03-28-2013 |
20130086671 | INFORMATION TERMINAL DEVICE AND METHOD OF PERSONAL AUTHENTICATION USING THE SAME - An information terminal device is provided that may use the input functionality of a touch panel to remove the restriction on the use thereof, for example, release the key lock. The information terminal device ( | 04-04-2013 |
20130091561 | EXECUTING COMMANDS PROVIDED DURING USER AUTHENTICATION - A mobile device may receive commands during confirmation of an identity of an individual access the device or secure data on the device. The commands may instruct the mobile device to perform security-related functions. For example, when the individual is under duress when logging in to the mobile device, the individual may perform a gesture indicating to the mobile device to change the password. The mobile device then changes the password for the individual to a secondary password. If a thief then takes the mobile device from the individual, the thief will no longer have access to the mobile device using the password provided by the individual under duress. | 04-11-2013 |
20130097693 | APPARATUS AND METHOD FOR AUTOMATIC UNLOCKING OF PORTABLE TERMINAL - A method automatically unlocks a portable terminal. The method includes collecting specific information by the portable terminal at a current location, and if the specific information satisfies a pre-set condition, automatically unlocking the terminal. | 04-18-2013 |
20130111578 | RELAY APPARATUS, PROGRAM OF RELAY APPARATUS AND TRANSMITTING APPARATUS | 05-02-2013 |
20130117838 | Superpositional Control of Integrated Circuit Processing - Specialized hardware functions for high assurance processing are seldom integrated into commodity processors. Furthermore, as chips increase in complexity, trustworthy processing of sensitive information can become increasingly difficult to achieve due to extensive on-chip resource sharing and the lack of corresponding protection mechanisms. Embodiments in accordance with the invention allow for enhanced security of commodity integrated circuits, using minor modifications, in conjunction with a separate integrated circuit that can provide monitoring, access control, and other useful security functions. In one embodiment, a separate control plane, stacked using 3-D integration technology, allows for the function and economics of specialized security mechanisms, not available from a coprocessor alone, to be integrated with the underlying commodity computing hardware. | 05-09-2013 |
20130117839 | METHOD FOR CONTROLLING APPLICATION USAGE ON A MOBILE DEVICE WHILE THE DEVICE IS IN MOTION - The disclosure generally describes computer-implemented methods, software, and systems for controlling access to applications on a device while the device is in motion. One example computer-implemented method includes identifying a request to access an application on a device, determining if the requested application is a motion-restricted application, upon determination that the requested application is a motion-restricted application, identifying a speed of movement associated with the device, and controlling access to the requested application based at least in part on the identified speed of movement of the device. | 05-09-2013 |
20130125231 | Method and system for managing a multiplicity of credentials - A wireless key device is configured to execute a digital credential management method to manage a plurality of digital credentials. According to this digital credential management method, the wireless key device polls an access terminal for an access terminal identification which uniquely identifies the access terminal. The wireless key device identifies a filter based on the access terminal identification, and selects a subset of the plurality of digital credentials based on the filter. The wireless key device renders a list of the subset of the plurality of digital credentials on a display, receives a user input selecting one of the subset of the plurality of digital credentials, and transmits the selected credential to the access terminal. | 05-16-2013 |
20130145453 | Multi Mode Operation Using User Interface Lock - A system and a method are disclosed for a computer implemented method to unlock a mobile computing device and access applications (including services) on a mobile computing device through a launcher. The configuration includes mapping one or more applications with a guest access code. The configuration receives, through a display screen of a mobile computing device, an access code, and determines whether the received access code corresponds with the guest access code. The configuration identifies the mapped applications corresponding to the guest access code and provides for display, on a screen of the mobile computing device, the identified applications. | 06-06-2013 |
20130145454 | PORTABLE INFORMATION TERMINAL, ITS CONTROL METHOD AND PROGRAM - Disclosed are a portable information terminal for materializing limitation of its use more effectively and method and program for controlling the terminal The portable information terminal comprises a mail address storing unit for storing mail addresses, a mail reception unit for receiving mails, a certification information generation unit for generating certification information and a terminal lock controlling unit for limiting a predetermined function or operation, wherein when a mail address of an originator of transmission of a mail received by the mail reception unit coincides with an address stored in the mail address storing unit, the predetermined function or operation is limited by certification information the certification information generating unit generates. | 06-06-2013 |
20130145455 | METHOD FOR ACCESSING A SECURE STORAGE, SECURE STORAGE AND SYSTEM COMPRISING THE SECURE STORAGE - It is described a method for accessing a secure storage of a mobile device, the method comprising: providing a generic interface for accessing the secure storage; accessing the secure storage using the generic interface by a first application of the mobile device; accessing the secure storage using the generic interface by a second application of the mobile device. Further, a corresponding secure electronic storage and a system is described. | 06-06-2013 |
20130152192 | RESTRICTING ACCESS TO THE RESOURCES OF A TERMINAL - A portable computer terminal having an operating system configured to switch from a first state to a second state in response to a first command from a user and to switch from the second state to the first state in response to a second command from the user, the second command including inputting an identification code of the user, the operating system being capable, in the first state, of causing execution in interactive manner of an application selected from a set of applications, the operating system being capable, in a second state, of causing execution in interactive manner of an application of said set of applications in compliance with an access condition, wherein the access condition is determined as a function of said first command. | 06-13-2013 |
20130167220 | Secure Operation of Transitory Computer Applications - A security application is described for determining conditions within a computer application that would create the desire to allow or disallow access to certain system functions or features by the application. The security application analyzes the conditions and sets a lock that enables the application to perform only certain types of actions that would be considered secure by the security application. | 06-27-2013 |
20130167221 | Motion-based authentication for a gesture-based computing device - A motion-based authentication method is operative in a mobile computing device having a display interface and that includes an accelerometer. Normally, the device software includes a locking mechanism that automatically locks the display interface after a configurable timeout. The authentication method operates to un-lock the display interface (and thus allow the user access to the device) by movement of the device in a predetermined series of physical movements and without display-based entry of a password or other access code on the display itself. In this manner, the user can un-lock the device without display-based entry of a password (on the display itself) by simply holding the device and performing the necessary movement(s) to generate the unique code. | 06-27-2013 |
20130174247 | Photo Combination Lock - A simple, customizable and intuitive virtual combination unlock method and system. More specifically, an unlock system and method is disclosed which includes a virtual combination lock, where the virtual combination lock includes several rows of user-selectable images such as pictures or icons as the virtual combination wheels. In certain embodiments, the images are accessed via the user's database. To unlock the device, the user touches and drags pre-selected images into alignment with each other. Security can be adjusted by changing the number of images that need to be aligned to unlock the device. | 07-04-2013 |
20130179964 | SECURITY REUSE IN HYBRID INFORMATION HANDLING DEVICE ENVIRONMENTS - Systems, methods and products directed toward providing security in hybrid information handling device environments are described herein. One aspect an information handling device comprising: one or more processors; and one or memories storing program instructions accessible by the one or more processors; wherein, responsive to execution of program instructions stored in the one or more memories, the one or more processors are configured to: ascertain a resume request for resuming to a secondary operating environment; and prior to resuming the information handling device to the secondary operating environment, initiate a primary operating environment security application. Other embodiments are described herein. | 07-11-2013 |
20130185787 | Safely Executing an Untrusted Native Code Module on a Computing Device - A system that safely executes a native code module on a computing device. During operation, the system receives the native code module, which is comprised of untrusted native program code expressed using native instructions in the instruction set architecture associated with the computing device. The system then loads the native code module into a secure runtime environment, and proceeds to execute a set of instructions from the native code module in the secure runtime environment. The secure runtime environment enforces code integrity, control flow integrity, and data integrity for the native code module. Furthermore, the secure runtime environment moderates which resources can be accessed by the native code module on the computing device and/or how these resources can be accessed. By executing the native code module in the secure runtime environment, the system facilitates achieving native code performance for untrusted program code without a significant risk of unwanted side effects. | 07-18-2013 |
20130198831 | IDENTIFIER GENERATION USING NAMED OBJECTS - A candidate identifier for a process is generated and an attempt is made to have a named object created that has a name that is the candidate identifier. In response to the attempt succeeding and the named object being created, the candidate identifier is used as an identifier for the process. In response to the attempt not succeeding and the named object not being created, the generating and attempting are repeated. | 08-01-2013 |
20130198832 | MULTILEVEL PASSCODE AUTHENTICATION - Mechanisms are provided to efficiently and effectively authenticate a user of a device. Passcode information such as passwords, pins, and access codes are obtained along with biometric information to periodically authenticate a user of a device. A user identity confidence score may be generated and continually modified by using data such as passcode information, biometric information, and/or user physical interaction characteristics information. If the user identify confidence score falls beneath a particular threshold, additional user authentication information may be requested. | 08-01-2013 |
20130198833 | SECURELY EXECUTING AN APPLICATION ON A COMPUTER SYSTEM - A method of and system for securely executing an application on a computer system such that a user of the computer system cannot access or view unauthorized content available on the computer system or accessible using the computer system. To securely execute an such method and system may terminate any unauthorized processes executing (i.e., running) on the computer system application prior to execution of the application, and may configure the application such that unauthorized content cannot be accessed, including configuring the application such that unauthorized processes cannot be initiated (i.e., launched) by the application. Further, such system and method may terminate any unauthorized processes detected during execution of the application, and may disable any functions of the computer system that are capable of accessing unauthorized content, including disabling any functions capable of initiating processes on the computer system. The application being securely executed may be any of a variety of types of applications, for example, a browser application or an application for receiving answers to questions of an examination (i.e., an exam-taking application). Securely executing an application may be used for any of a variety of purposes, including, among other purposes, to assist preventing students from cheating on exams, to assist preventing students from not paying attention in class, to assist preventing employees from wasting time at work, and to assist preventing children from viewing content that their parents deem inappropriate. | 08-01-2013 |
20130212671 | Security-Enhanced Computer Systems and Methods - In general, the invention provides a computer architecture designed for enhanced data security. In embodiments, the architecture comprises two sub-systems, each with their own processing units and memories, and a defined set of interfaces that interconnect the two sub-systems and the external world. One sub-system is designed to provide a familiar environment for running computer applications. The other sub-system is designed to provide a secure bridge between the first sub-system and users via input and output devices. | 08-15-2013 |
20130212672 | EXECUTION OF A SECURED ENVIRONMENT INITIALIZATION INSTRUCTION ON A POINT-TO-POINT INTERCONNECT SYSTEM - Methods and apparatus for initiating secure operations in a microprocessor system are described. In one embodiment, a system includes a processor to execute a secured enter instruction, and a chipset to cause the system to enter a quiescent state during execution of the secured enter instruction. | 08-15-2013 |
20130212673 | ENTERING A SECURED COMPUTING ENVIRONMENT USING MULTIPLE AUTHENTICATED CODE MODULES - Systems, apparatuses, and methods, and for entering a secured system environment using multiple authenticated code modules are disclosed. In one embodiment, a processor includes a decoder and control logic. The decoder is to decode a secured enter instruction. The control logic is to find an entry corresponding to the processor in a match table in a master authenticated code module and to read a master header and an individual authenticated code module from the master authenticated code module in response to decoding the secured enter instruction. | 08-15-2013 |
20130219487 | CONTROL SYSTEM AND SECURITY CONTROL METHOD - A moving state detecting section | 08-22-2013 |
20130227675 | TABLET COMPUTER - A tablet computer comprises an operating system, including an application framework layer and an application layer, and an overlay system. The overlay system controls access to application programs and provides a first user interface and a second operating environment associated with a second user interface. Optionally, the overlay system provides a first operating environment associated with the first user interface. The overlay system includes an access control configured to permit or deny a request for access in the second operating environment to resources and/or data. Optionally, the overlay system is executed in the application framework layer of the operating system and may comprise a hypervisor providing an operating platform comprising the first user interface, the second operating environment, and an application space providing access to the application layer. | 08-29-2013 |
20130239200 | ELECTRONIC DEVICE AND METHOD FOR OPERATING LOCKED TOUCH SCREENS - An electronic device and a method are used to operate a locked touch screen of the electronic device. A password of unlocking the locked touch screen is set and stored into a storage device of the electronic device. When touches are generated on the touch screen, a count of touch points of each of the touches is obtained to generate a number queue. The number queue is compared with the password stored in the storage device, and the touch screen is unlocked when the number queue is identical to the password. | 09-12-2013 |
20130254873 | SECURE CONTROLLER FOR BLOCK ORIENTED STORAGE - A storage controller includes a command pointer register. The command pointer register points to a chain of commands in memory, and also includes a security status field to indicate a security status of the first command in the command chain. Each command in the command chain may also include a security status field that indicates the security status of the following command in the chain. | 09-26-2013 |
20130269024 | ELECTRONIC DEVICE AND METHOD FOR CONTROLLING ACCESS TO THE ELECTRONIC DEVICE - A method for controlling access to an electronic device, the electronic device determines one or more selected colored shapes in response to receiving selection signals generated by a user selecting the one or more colored shapes, sequentially numbers the selected colored shapes to obtain numbering information. When the numbering information matches prestored unlocking numbering information, the electronic device is unlocked. | 10-10-2013 |
20130276095 | PASS-PATTERN AUTHENTICATION FOR COMPUTER-BASED SECURITY - Implementing security access includes mapping input elements of an input device to a coordinate system. Each of the input elements is assigned to a point on the coordinate system that is defined by respective coordinate values. The security access also includes receiving a number of inputs via corresponding input elements. An input element assigned to a first input of the number of inputs is denoted as a starting point for a sequence. Beginning with an input in the sequence that immediately follows the first input in the sequence, the security access further includes identifying a directional orientation of each of the input elements as compared to an input element immediately preceding the input element in the sequence, creating a directional pattern sequence from the directional orientation identified for each of the input elements, and providing access to an information source using the directional pattern sequence as an authentication mechanism. | 10-17-2013 |
20130276096 | MANAGEMENT OF DATA PROCESSING SECURITY IN A SECONDARY PROCESSOR - A data processing apparatus is configured to perform secure data processing operations and non-secure data processing operations, wherein the apparatus includes a master device with a secure domain and a non-secure domain. Components of the master device operate in the secure domain when performing secure data processing operations and operate in the non-secure domain when performing the non-secure data processing operations. A slave device is configured to perform a delegated data processing operation specified by the master device and a communication bus connecting the master device to the slave device. The delegated operation is initiated by an issuing component in the master device, wherein the slave device includes a security inheritance mechanism configured to cause the delegated operation to inherit a non-secure security status or a secure status depending upon whether the issuing component in the master device is operating in the non-secure domain or the secure domain. | 10-17-2013 |
20130283367 | METHOD OF MANAGING VIRTUAL COMPUTER, COMPUTER SYSTEM AND COMPUTER - A method of managing a virtual computer in a computer system including a plurality of computers, each of the computer storing a program for realizing a virtualization management module for managing a virtual computer, including a management storage area that is accessible only by the virtualization management module, storing start-up management information representing a correspondence among identification information on the virtual computer, identification information on a logical storage area storing a service program, and start-up authentication information for starting the virtual computer. The method including: a step of referring to the start-up management information to determine whether the start-up authentication information corresponding to the virtual computer exists, in a case of receiving a start-up request; a step of reading the service program from the logical storage area and executing the read service program, in a case of being determined the start-up authentication information exists. | 10-24-2013 |
20130305348 | CLIENT AUTHENTICATION AND DATA MANAGEMENT SYSTEM - Methods and systems for performing an authenticated boot ( | 11-14-2013 |
20130312083 | LOCKABLE WIDGETS ON A MOBILE DEVICE - A software widget running on a user device may be designed to operate in a locked or an unlocked mode. In unlocked mode, the user has full interactivity with the widget. In locked mode, however, at least some of the interactivity with the widget is restricted, despite the fact that the widget still operates normally otherwise while in the locked mode. While in locked mode, user input may be compared against a predefined unlocking sequence to determine if the widget should be unlocked. | 11-21-2013 |
20130318595 | Authenticate a Hypervisor with Encoded Information - Disclosed embodiments relate to authenticating a hypervisor with encoded hypervisor information. In one embodiment, booting firmware | 11-28-2013 |
20130326611 | VARIABLE-STRENGTH SECURITY BASED ON TIME AND/OR NUMBER OF PARTIAL PASSWORD UNLOCKS - An authentication scheme for unlocking a computing system may require a shortened password in some cases. For example, the computing system may be configured to determine a time that a user has been locked out of a computing device and to determine which of a plurality of time spans that the time falls within. The computing system may also prompt the user for a required password including a full password or a subset of the full password depending on the determined time span. The computing system may be further configured to display a visual indicator corresponding to the determined time span or a required password length on a visual display. A length of the required password for login may be progressively longer for each of the plurality of time spans as a time period that a respective time span covers increases. | 12-05-2013 |
20130326612 | Apparatus and Method for Forming Secure Computational Resources - A computer implemented method includes collecting logged operations associated with a computation resource. Permitted operations for the computation resource are inferred based at least in part on the logged operations. A computation resource is augmented to block all operations that can be performed by the computation resource except the permitted operations. | 12-05-2013 |
20130333020 | Method and Apparatus for Unlocking an Electronic Device that Allows for Profile Selection - A method and apparatus for unlocking an electronic device that allows for profile selection includes the electronic device storing a plurality of profiles, each of which is associated with a different unlocking pattern, and receiving a first pattern input generated from motion upon a user interface of the electronic device. The method further includes the electronic device determining that the first pattern input matches an unlocking pattern associated with a first profile of the plurality of profiles and performing an unlocking procedure. | 12-12-2013 |
20130340068 | MEMORY DEVICE COMPRISING A PLURALITY OF MEMORY CHIPS, AUTHENTICATION SYSTEM AND AUTHENTICATION METHOD THEREOF - A memory device includes a plurality of memory chips, including one or more memory chips that store authentication information, and a controller including a first register that stores information indicating a representative memory chip, from among the one or more memory chips that store the authentication information, that stores valid authentication information. | 12-19-2013 |
20140007221 | SECURE IMAGE AUTHENTICATION | 01-02-2014 |
20140007222 | SECURE EXECUTION OF ENTERPRISE APPLICATIONS ON MOBILE DEVICES | 01-02-2014 |
20140007223 | Biometric Capture for Unauthorized User Identification | 01-02-2014 |
20140013414 | USER-ROTATABLE THREE-DIMENSIONALLY RENDERED OBJECT FOR UNLOCKING A COMPUTING DEVICE - A computer-implemented method for controlling access to a computing device entails displaying a user-rotatable three-dimensionally rendered object on a display of the computing device, the object presenting a plurality of user-selectable visual indicia such that only a subset of the indicia are visible at any one angle of rotation and providing access to the computing device based on user input received in relation to at least one of the visual indicia. The object may be spherical or polyhedral or it may be composed of a plurality of independently rotatable rings that together form a generally spherical shape. The visual indicia may be letters, numbers, symbols, colours, photographs or any other visually distinctive indication. | 01-09-2014 |
20140013415 | AUTOMATIC GENERATION OF SECURITY CHECKS - The embodiments encompass an apparatus for generating security checks including a model editor configured to annotate at least one element in an architectural source model with security requirement information and countermeasure information. The security requirement information identifies the at least one element and provides a textual description of a corresponding security requirement, and the countermeasure information identifies the at least one element and indicates a countermeasure type to the corresponding security requirement. The apparatus also includes a code generation engine configured to generate a security check for the countermeasure information based on the countermeasure type. | 01-09-2014 |
20140013416 | ELECTRONIC DEVICE AND METHOD FOR RELEASING LOCK USING ELEMENT COMBINING COLOR AND SYMBOL - An electronic device and a method thereof for releasing lock using an element combining color and symbol are provided. In the method, at least two groups including at least two elements combining color and symbol are displayed. One element included in each of the at least two groups is allowed to be sequentially selected at least one time. When it is determined that a sequence of the sequentially selected elements is the same as a set sequence, a lock of the electronic device is released. | 01-09-2014 |
20140013417 | GESTURE INPUT DEVICE AND METHOD FOR CONTROLLING GESTURE INPUT DEVICE - A gesture input device that controls a control device on the basis of a gesture action of a user has a gesture detecting unit that detects a gesture from an image picked up by a camera, a first gesture determining unit that determines that the gesture detected by the gesture detecting unit includes a first gesture, a second gesture determining unit that determines that the gesture detected by the gesture detecting unit includes a second gesture, and a control signal generating unit that sets a period in which the first gesture determining unit determines that the gesture includes the first gesture as a second gesture valid period in which recognition of the second gesture is valid and generates a control signal on the basis of the second gesture when the second gesture determining unit determines that the gesture includes the second gesture in the second gesture valid period. | 01-09-2014 |
20140013418 | METHOD AND APPARATUS FOR MAKING A DECISION ON A CARD - Method and devices for making access decisions in a secure access network are provided. The access decisions are made by a portable credential using data and algorithms stored on the credential. Since access decisions are made by the portable credential non-networked hosts or local hosts can be employed that do not necessarily need to be connected to a central access controller or database thereby reducing the cost of building and maintaining the secure access network. | 01-09-2014 |
20140020084 | System & Method for Controlling Access to Resources with a Spoken CAPTCHA Test - Systems and methods for controlling access to resources using spoken Completely Automatic Public Turing Tests To Tell Humans And Computers Apart (CAPTCHA) tests are disclosed. In these systems and methods, entities seeking access to resources are required to produce an input utterance that contains at least some audio. That utterance is compared with voice reference data for human and machine entities, and a determination is made as to whether the entity requesting access is a human or a machine. Access is then permitted or refused based on that determination. | 01-16-2014 |
20140026208 | ELECTRONIC DEVICE SWITCHABLE TO A USER-INTERFACE UNLOCKED MODE BASED UPON SPOOF DETECTION AND RELATED METHODS - An electronic device may include a finger biometric sensor and a processor being switchable between a user-interface locked mode and a user-interface unlocked mode. The processor may cooperate with the finger biometric sensor to acquire spoof detection data based upon an object being placed adjacent the finger biometric sensor, and determine whether the acquired spoof detection data is representative of a live finger. The processor may also switch from the user-interface locked mode to the user-interface unlocked mode when the acquired spoof detection data is representative of a live finger, and cooperate with the finger biometric sensor to acquire biometric matching data. The processor may further perform finger matching based upon the acquired biometric matching data and stored biometric enrollment data. | 01-23-2014 |
20140026209 | DISTRIBUTION DEVICE, IMAGE FORMING DEVICE, SYSTEM, CONTROL METHOD AND STORAGE MEDIUM - A management server designates an image forming device to which import data including a plurality of setting values is distributed, and distributes the import data to the designated image forming device. When the distributed import data is reflected in the image forming device, the authentication information of the user who instructs the distribution of the import data is input, and a login by authentication processing using the input authentication information fails, the image forming device rolls back the settings for user authentication processing to the settings before the import data is reflected. | 01-23-2014 |
20140033297 | APPARATUS FOR CONTROLLING PROCESSOR EXECUTION IN A SECURE ENVIRONMENT - Various embodiments described herein relate to apparatus for executing software in a secure computing environment. A secure processor can be used and configured to request a context swap from a first context to a second context when switching execution from a first portion of software to a second portion of software. A context manager, which can be in communication with the secure processor, can be configured to receive and initiate a requested context swap. A trust vector verifier, which can be in communication with the secure processor and the context manager, can be configured to load a trust vector descriptor upon command from a context manager. | 01-30-2014 |
20140041015 | Systems and Methods of Exchanging Information for a Reward - Systems and methods for exchanging information for access to a computing resource are provided herein. Methods may include receiving a request to access a computing resource, the computing resource being selectively unavailable to the information provider, responsive to receiving the request, providing the information provider a problem that is to be solved by the information provider prior to making the computing resource selectively available to the information provider, wherein solving the problem elicits desired information from the information provider, and responsive to receiving the desired information, selectively making the computing resource available to the information provider. | 02-06-2014 |
20140047536 | ELECTRONIC DEVICE AND METHOD FOR PERFORMING USER AUTHENTICATION USING ACCESS POINT AND PERIPHERAL DEVICE - An electronic device and method for performing user authentication using at least one of an access point and a peripheral device are provided. The method includes determining whether an electronic device connects to at least one of a stored access point and a stored device within a predetermined time period; and requesting a predetermined user authentication when it is determined that the electronic device has not connected to the at least one of the stored access point and device within the predetermined time period. | 02-13-2014 |
20140068751 | AUTOMATED DEVICE ACCESS - A method of unlocking a locked device includes receiving a device identifier over a wireless communication protocol, determining if the device identifier is associated with a list of trusted devices, transmitting a request to generate an acoustic signal over the wireless communication protocol based on the determination, receiving the acoustic signal as an audio sound generated external to the locked device, estimating a distance between a source of the audio sound and the locked device, and unlocking the locked device based on the estimation. | 03-06-2014 |
20140068752 | ELECTRONIC DEVICE FOR RELEASING LOCK FUNCTION USING A PLURALITY OF OBJECTS AND METHOD THEREOF - An apparatus and method for sensing an input for releasing a predetermined lock function of an electronic device is provided. The method includes setting at least two or more objects for releasing the lock function, outputting an object group including the set objects and an object group including certain objects on a lock screen, allowing a user to select at least two or more objects in the output object groups, and releasing the lock function when the selected objects are identical to previously defined objects. | 03-06-2014 |
20140075543 | BIOS PROTECTION DEVICE - A boot program held in a BIOS memory device of a processing system is authenticated. At system start-up, a BIOS protection device temporarily prevents execution of the boot program by the central processor of the processing system by control of address and data paths. The BIOS protection device interrogates the contents of the BIOS memory device to establish authentication. If the contents of the BIOS memory device are not authentic, execution of the boot program is prevented. | 03-13-2014 |
20140075544 | DEVICE AND METHOD FOR AUTHENTICATING CONTENTS-PROTECTED INFORMATION - Provided are an authentication method that includes connecting an optical disc drive (ODD) for driving a medium and a host device for reproducing contents stored in the medium using an interface. An authentication for reproducing the contents is performed by mutually exchanging data between the host device and the ODD via the authentication area of the ODD for storing the data. Accordingly, the ODD may convert a file from the optical disc, which is in an intrinsic format, into a format that is recognizable by a host device. | 03-13-2014 |
20140075545 | SECURELY EXECUTING AN APPLICATION ON A COMPUTER SYSTEM - A method of and system for securely executing an application on a computer system such that a user of the computer system cannot access or view unauthorized content available on the computer system or accessible using the computer system. Such system and method may terminate any unauthorized processes detected during execution of the application, and may disable any functions of the computer system that are capable of accessing unauthorized content, including disabling any functions capable of initiating processes on the computer system. Securely executing an application may be used for any of a variety of purposes, including, among other purposes, to assist preventing students from cheating on exams, to assist preventing students from not paying attention in class, to assist preventing employees from wasting time at work, and to assist preventing children from viewing content that their parents deem inappropriate. | 03-13-2014 |
20140082720 | Method and System for Authentication of Device Using Hardware DNA - Methods and systems for authentication of a device are disclosed. An exemplary method includes transmitting an energy towards the device including a material, monitoring a response of the device to the transmitted energy, generating a signature of the device based on the response of the device to the transmitted energy, comparing the device signature to an enrolled signature for the device, and indicating that authentication of the device is successful when the generated signature matches the enrolled signature. An exemplary system includes a transmitter configured to transmit an energy towards the device, a receiver configured to monitor a response of the device, and a processor configured to generate a signature of the device based on the response of the device, compare the device signature to an enrolled signature for the device, and indicate that authentication of the device is successful when the generated signature matches the enrolled signature. | 03-20-2014 |
20140082721 | SECURED COMPUTING SYSTEM WITH ASYNCHRONOUS AUTHENTICATION - A computing device includes an input bridge, an output bridge, a processing core, and authentication logic. The input bridge is coupled to receive a sequence of data items for use by the device in execution of a program. The processing core is coupled to receive the data items from the input bridge and execute the program so as to cause the output bridge to output a signal in response to a given data item in the sequence, and the authentication logic is coupled to receive and authenticate the data items while the processing core executes the program, and to inhibit output of the signal by the output bridge until the given data item has been authenticated. | 03-20-2014 |
20140090049 | CONTEXT-BASED DATABASE SECURITY - A processor-implemented method, system, and/or computer program product secures data stores. A non-contextual data object is associated with a context object to define a synthetic context-based object. The synthetic context-based object is associated with at least one specific data store in a data structure, where the specific data store contains data that is associated with data contained in the non-contextual data object and the context object. An ambiguous request is received from a user for data related to an ambiguous subject-matter. The context of the ambiguous request from the user is determined and associated with the synthetic context-based object that is associated with said a specific data store, where that specific data store contains data related to the context of a now contextual request from the user. The user is then provided access to the specific data store while blocking access to other data stores in the data structure. | 03-27-2014 |
20140090050 | SYSTEMS AND METHODS FOR IDENTIFYING UNAUTHORIZED USERS OF AN ELECTRONIC DEVICE - This is generally directed to identifying unauthorized users of an electronic device. In some embodiments, an unauthorized user of the electronic device can be detected by identifying particular activities that may indicate suspicious behavior. In some embodiments, an unauthorized user can be detected by comparing the identity of the current user to the identity of the owner of the electronic device. When an unauthorized user is detected, various safety measures can be taken. For example, information related to the identity of the unauthorized user, the unauthorized user's operation of the electronic device, or the current location of the electronic device can be gathered. As another example, functions of the electronic device can be restricted. In some embodiments, the owner of the electronic device can be notified of the unauthorized user by sending an alert notification through any suitable medium, such as, for example, a voice mail, e-mail, or text message. | 03-27-2014 |
20140096231 | SECURE ACCESS MANAGEMENT OF DEVICES - Systems and methods may provide implementing one or more device locking procedures to block access to a device. In one example, the method may include receiving an indication that a user is no longer present, initiating a timing mechanism to set a period to issue a first device lock instruction to lock a peripheral device, relaying timing information from the timing mechanism to a controller module associated with the peripheral device; and locking the peripheral device upon expiration of the period. | 04-03-2014 |
20140096232 | INFORMATION PROCESSING APPARATUS AND INFORMATION PROCESSING METHOD - An information processing apparatus includes a user interface, an authentication unit, a controller, a restriction unit, and an authentication termination unit. The user interface accepts a first operation for setting a parameter from a user. The authentication unit authenticates the user. The controller controls the user interface to display the set parameter. The restriction unit restricts, in a case where a first condition is met after the user has been authenticated by the authentication unit, the user interface from accepting the first operation. The authentication termination unit terminates the authentication of the user in a case where a second condition is met while accepting of the first operation is being restricted by the restriction unit. The controller controls the user interface not to display the set parameter in a case where the second condition is met while accepting of the first operation is being restricted by the restriction unit. | 04-03-2014 |
20140096233 | SYSTEM AND METHOD FOR DISPLAY DEVICE ACCESS MANAGEMENT - A system and method for display device access management. An alphanumeric key is generated and displayed on a display device. The key is entered into the system by a user within sight of the display device and authenticated by the system. Media sent to the display device by the user is then displayed on the display device. | 04-03-2014 |
20140109215 | COMPUTER DEVICE CAPABLE OF LOCKING SCREEN AND THE SCREEN LOCKING METHOD THEREOF - A computer device capable of locking screen, including a display unit and a processing unit, is illustrated. The display unit is used for displaying one of a locking interface and a program interface of a designated program which is in use. The processing unit is configured for receiving a locking command of a locking application of the computer device, in order to keep the designated program being in use and the display unit displaying only the program interface, and for controlling the display unit to display only the locking interface when the designated program is not in use. | 04-17-2014 |
20140115689 | EXECUTION STACK SECURING PROCESS - An approach to securing an execution stack (or cloud architecture) is provided. For example, an image is separated into a plurality of layers to form a trusted execution stack. Each of the plurality of layers is hardened to secure key cloud components of the trusted execution stack. | 04-24-2014 |
20140115690 | ELECTRONIC DEVICE AND METHOD FOR RELEASING SCREEN LOCKED STATE - An electronic device and a method for releasing a screen locked state thereof are provided. The electronic device includes a touch screen, an operating unit, a display unit and a sensing unit that are coupled to each other and apply the method for releasing a screen locked state. The method for releasing a screen locked state includes: defining a prompt area and a signal input area on the touch screen, in which the prompt area has a plurality of prompt objects; an indication object in the signal input area indicating one of the prompt objects; receiving a touch track signal to indicate different prompt objects; detecting a click signal to acquire the indicated prompt object; and when the acquired prompt objects satisfies a preset arrangement order, releasing the screen locked state. | 04-24-2014 |
20140115691 | UNLOCKING SYSTEM AND METHOD - An unlocking system and an unlocking method of an electronic device are provided. When the electronic device in a lock state is moved during an unlock operation, the electronic device analyzes the movement of the electronic device based on its acceleration and direction and calculates a movement vector along each axis and draws an unlocking graphic. The electronic device determines whether the unlocking graphic is the same as a preset unlocking graphic. If the unlocking graphic is the same as a preset unlocking graphic, the electronic device is changed from the lock state to an unlock state. | 04-24-2014 |
20140115692 | METHOD OF PROTECTING USER AND ELECTRONIC DEVICE THEREFOR - A method and apparatus for recognizing a user in an electronic device and automatically controlling an output value of the electronic device is provided. The method includes detecting user related data using at least one sensor, determining whether the user is a user who is previously registered in the electronic device using the detected user related data, and automatically adjusting at least one output value of the electronic device when the user is determined as the user who is previously registered in the electronic device, wherein at least the one sensor includes at least one of a camera sensor, a touch sensor, and a microphone sensor. | 04-24-2014 |
20140123271 | IMAGE PROCESSING APPARATUS, ACCESS CONTROL METHOD, AND STORAGE MEDIUM - An image processing apparatus includes a request determining unit receiving an operation event indicating a request to use an image processing function and determining whether the request is from a guest user based on the received operation event; a guest login processing unit generating guest login information including a guest user identifier and access right information of the guest user if the request is from the guest user and sending a login request to request a login process for the guest user based on the guest login information; an access control unit disabling access control on the image processing function in response to the login request based on the access right information in the guest login information; and a usage history recording unit recording a usage history of the image processing function in association with the guest user based on the guest user identifier in the guest login information. | 05-01-2014 |
20140137231 | INCORPORATING ACCESS CONTROL FUNCTIONALITY INTO A SYSTEM ON A CHIP (SoC) - In one embodiment, the present invention includes a system on a chip (SoC) that has a first agent with an intellectual property (IP) logic, an interface to a fabric including a target interface, a master interface and a sideband interface, and an access control plug-in unit to handle access control policy for the first agent with respect to incoming and outgoing transactions. This access control plug-in unit can be incorporated into the SoC at integration time and without any modification to the IP logic. Other embodiments are described and claimed. | 05-15-2014 |
20140143856 | OPERATIONAL SHORTCUTS FOR COMPUTING DEVICES - Systems, devices, and techniques for providing shortcuts to applications of a computing device are described. In one example, a method includes outputting, for display at a screen, a plurality of input nodes while the computing device is in a locked state and receiving an indication of a selection of a set of the plurality of input nodes in a defined order. The method may also include determining that the selection matches a predetermined selection order of the input nodes, the predetermined selection order being associated with the computing device. The method may also include, responsive to the determining, outputting, for display in place of at least one of the plurality of input nodes at the screen, an icon representative of an operation executable by the computing device, receiving an indication of a selection of the icon, and responsive to receiving the indication, executing the operation. | 05-22-2014 |
20140150084 | USER AUTHENTICATION APPARATUS OF PORTABLE TERMINAL - A user authentication apparatus safely uses resources by forming a communication channel between a plurality of execution environments through user authentication in a portable terminal providing the plurality of execution environments based on a virtualization solution, and prevents private information from being illegally leaked by hacking by not directly exposing a PIN number or a password a user inputs using a virtual keyboard and a keyboard coordinate when authenticating the user. | 05-29-2014 |
20140157399 | INFORMATION PROCESSING APPARATUS, AUTHENTICATION METHOD FOR INFORMATION PROCESSING APPARATUS AND AUTHENTICATION PROGRAM FOR INFORMATION PROCESSING APPARATUS - One embodiment provides an information processing apparatus equipped with a housing having a first surface and a second surface opposite thereto and with a touch screen provided on the first surface of the housing. The information processing apparatus has a first operation receiver and an authentication processor. The first operation receiver is provided on the second surface of the housing. And, the authentication processor performs an authentication process based on operation of the first operation receiver. | 06-05-2014 |
20140157400 | DEVICE AND METHOD FOR PROVIDING SECURITY CHANNEL INTERFACE - A security channel interface providing device is provided. The device includes a sensor unit that comprises at least two sensors configured to sense a motion of a user, and a control unit that determines whether or not at least two sensing values sensed by the sensors satisfy a security channel interface activation condition, and activates or inactivates a security channel interface according to a result of the determination. When the security channel interface is activated, the control unit provides a security channel to the user. | 06-05-2014 |
20140173713 | Verification Code Generation and Verification Method and Apparatus - The present invention discloses a verification code generation and verification method, including: displaying a verification code display region on a touch display module, where the verification code display region includes at least one user-recognizable verification code element; sensing a touch action of a user on the touch display module, and determining a position of the touch action on the touch display module; and comparing whether the position of the touch action of the user on the touch display module is the same as a position of the verification code element to determine whether a verification code is correctly input. The verification code generation and verification method in the embodiments of the present invention is convenient for the user to input a verification code for verification, and brings a good verification effect while facilitating operations. Further, the present invention discloses a verification code generation and verification apparatus. | 06-19-2014 |
20140173714 | INFORMATION PROCESSING APPARATUS, AND LOCK EXECUTION METHOD - A lock execution method for information processing apparatus, includes performing a first authentication based on input information from a user after an application of a power source, preparing authentication information for a second authentication to be corresponded to the input information after the first authentication succeeds, performing the second authentication using the prepared authentication information, issuing a command to execute a lock operation for the information processing apparatus after the second authentication by the authentication succeeds, and invalidating at least some of content of manipulation input during a period time until the lock operation is completed after the command is issued at the issuing. | 06-19-2014 |
20140173715 | INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING METHOD, DEVICE, AND AUTHENTICATION APPARATUS - An information processing system includes a function unit having a plurality of functions; an execution command unit that prompts the function unit to execute one of the plurality of functions; an authentication information obtaining unit that obtains authentication information of a user; and a user authentication and function determination unit that authenticates the user based on the authentication information of the user and determines one function from the plurality of functions. The execution command unit prompts the function unit to execute the one function determined by the user authentication and function determination unit. | 06-19-2014 |
20140189848 | INFERRING SECURITY DECISIONS FROM TRUSTED USERS - Inferring security decisions from trusted users, including: identifying, by a security inference module on a computing device, a candidate application to be installed on the computing device; identifying, by the security inference module, one or more trusted users; identifying, by the security inference module, trusted user installation activity associated with the candidate application; and determining, by the security inference module, whether to install the candidate application in dependence upon the trusted user installation activity associated with the candidate application. | 07-03-2014 |
20140189849 | Inferring Security Decisions From Trusted Users - Inferring security decisions from trusted users, including: identifying, by a security inference module on a computing device, a candidate application to be installed on the computing device; identifying, by the security inference module, one or more trusted users; identifying, by the security inference module, trusted user installation activity associated with the candidate application; and determining, by the security inference module, whether to install the candidate application in dependence upon the trusted user installation activity associated with the candidate application. | 07-03-2014 |
20140196142 | DEVICE AUTHENTICATION USING LIST OF KNOWN GOOD DEVICES - Authentication techniques for electronic devices can provide more seamless communication between two devices. A first device (e.g., a host device) can maintain a list of known-good devices (e.g., accessory devices) with which it can interoperate. Information identifying a second device can be added to the known-good list when the second device successfully connects to the first device and completes an authentication process. After the second device disconnects, the first device can retain the identifying information on the known-good list for a predetermined period of time, after which the information can expire. If the second device reconnects to the host before its information expires, the authentication process can be bypassed. | 07-10-2014 |
20140215601 | AUTHENTICATION USING A SUBSET OF A USER-KNOWN CODE SEQUENCE - Authentication in a system includes presenting information to a user containing a partial sequence of a passcode along with distractors. The user is challenged to identify the partial sequence from among the information in order to gain access to the system. | 07-31-2014 |
20140223542 | SECURE NOTE SYSTEM FOR COMPUTING DEVICE LOCK SCREEN - Techniques are disclosed for recording secure notes from the lock screen of a computing device. A note recording user interface may be accessed from the lock screen to allow a user to leave a note, such as a text, video, audio, or drawn note, or some combination thereof. The notes left using the note recording user interface may be saved such that only the intended recipient can access them, for example, after unlocking the computing device, thereby preventing others from seeing previously saved notes. The secure note system may include a retrieve notes function that allows users and/or recipients to retrieve the recorded notes directly from the lock screen of the computing device used to record them. The secure note system may also be configured to send notifications to inform the recipient when a secure note has been recorded (e.g., email or text message including copy of note). | 08-07-2014 |
20140223543 | COMPUTING DEVICE INCLUDING A PORT AND A GUEST DOMAIN - A first guest domain and an isolated peripheral related task. A peripheral related task to communicate with the peripheral and prevent the first guest domain from communicating with the peripheral. | 08-07-2014 |
20140223544 | INFORMATION PROCESSING APPARATUS, METHOD FOR CONTROLLING INFORMATION PROCESSING APPARATUS, AND STORAGE MEDIUM - When an input prediction function is used, a character string which a user does not want to display is prevented from being displayed as an input candidate while suppressing a load on the user. | 08-07-2014 |
20140223545 | METHOD FOR THE DYNAMIC CREATION OF AN EXECUTION ENVIRONMENT FOR AN APPLICATION TO SECURE THE APPLICATION, ASSOCIATED COMPUTER PROGRAM PRODUCT AND COMPUTING APPARATUS - A method for the dynamic creation of an execution environment for an application to be secured, in order to secure the application, is implemented by a computing apparatus including an information processing unit and a memory. The memory is associated with the information processing unit and includes an operating system, the application to be secured and a security library including at least one security function, The operating system includes a set of unsecured function libraries, the application to be secured being adapted, during its execution, to call a function of the unsecured function library. The method including loading the security library, substituting, from among the function call(s) associated with the application to be secured, at least one call to an unsecured function with a call to a corresponding function of the security library, and launching the application to be secured after the substitution step. | 08-07-2014 |
20140237586 | APPARATUS FOR PROCESSING WITH A SECURE SYSTEM MANAGER - Method and apparatus for secure processing. The method includes detecting communication among secure and non-secure data entities, prohibiting execution of non-secure executable instructions on secure data entities unless the non-secure executable instructions are recorded in a permitted instruction record, and prohibiting execution of non-secure executable instructions if the non-secure executable instructions are recorded in a prohibited instruction record. The apparatus includes a processor, at least one non-secure data entity, and secure data entities including: a communication monitor adapted to detect communication among secure and non-secure data entities; a permitted instruction record; a first prohibitor adapted to prohibit execution of non-secure executable instructions on secure data entities unless the non-secure executable instructions are recorded in the permitted instruction record; a prohibited instruction record; and a second prohibitor adapted to prohibit execution of non-secure executable instructions if the non-secure executable instructions are recorded in the prohibited instruction record. | 08-21-2014 |
20140245427 | STORAGE SYSTEM IN WHICH FICTITIOUS INFORMATION IS PREVENTED - According to one embodiment, a storage system includes a host device and a secure storage. The host device and the secure storage produce a bus key which is shared only by the host device and the secure storage by authentication processing, and which is used for encoding processing. The host device produces a message authentication code including a message which can be stored in the secure storage based on the bus key, and sends the produced message authentication code to the secure storage. The secure storage stores the message included in the message authentication code in accordance with instructions of the host device. The host device verifies whether the message stored in the secure storage is intended contents. | 08-28-2014 |
20140245428 | COMPUTER AND CONTROL METHOD THEREOF - A computer and a control method thereof are disclosed. The computer comprises a processor, a chipset, a near field communication (NFC) module and a coprocessor. The chipset is coupled to the processor. The NFC module reads a current user identification (UID) from the NFC card when the NFC card is close to the NFC module. The coprocessor stores a default UID, and verifies whether the current UID is the same as the default UID. The coprocessor controls the chipset to execute a power-on sequence when the current UID is the same as the default UID. | 08-28-2014 |
20140245429 | VISUALLY REPRESENTING AND MANAGING ACCESS CONTROL OF RESOURCES - An approach is provided for controlling access to a resource. Visual representations of the resource and an entity are included in a display. A movement in the display of the entity representation to a position proximate to a boundary of the resource representation is detected. An attribute assigned to the entity representation is determined to not satisfy an access control requirement assigned to the resource representation. The entity is not permitted to access the resource based on the attribute not satisfying the access control requirement. Based on the entity not being permitted to access the resource, a visual cue is presented that indicates the entity representation is prevented from moving in the display across, and being placed within, the boundary of the resource representation. | 08-28-2014 |
20140250521 | RULE BASED ACCESS FOR REMOVABLE STORAGE - Various techniques and solutions are described for rule-based access to removable storage devices. For example, a request can be received to perform a file system operation using a removable storage device that is formatted with a file system that does not support access controls. A rules-based check of the received request can be performed by a service by checking the request against a plurality of rules. Based on results of the rules-based check, the request can be allowed or denied. | 09-04-2014 |
20140259148 | APPLICATION FORENSICS - Disclosed herein are systems, methods, and software for facilitating application forensics. In least one implementation, the identity of a user associated with an attempt to access an application program that resides in a development environment is determined. Information is generated with which to encode the identity of the user in a various views of the application program rendered in a runtime environment. A reply to the attempt is communicated that includes the information and at least a portion of the application program. | 09-11-2014 |
20140259149 | PROGRAMMABLE DIRECT MEMORY ACCESS CHANNELS - A storage location of a device that can be configured to act as a master in a particular security mode, such as a Direct Memory Access (DMA) having one or more channels, can be programmed to indicate a security indicator to be provided when configured to operate as a master device. | 09-11-2014 |
20140259150 | METHOD AND APPARATUS FOR RECOGNIZING PATTERN - A method in an electronic device is provided. The method includes displaying a polygon comprising a plurality of line segments on a screen, receiving a drag input from a user, and detecting at least one intersection between the drag input and one of the plurality of line segments. An electronic device for receiving a pattern is provided. The electronic device includes at least one memory, a display, and at least one processor configured to display a polygon comprising a plurality of line segments on a screen, receive a drag input from a user, and detect at least one intersection between the drag input and one of the plurality of line segments. Other various embodiments are also disclosed. | 09-11-2014 |
20140259151 | ARRANGEMENTS FOR IDENTIFYING USERS IN A MULTI-TOUCH SURFACE ENVIRONMENT - Arrangements to identify, in some form, multiple participants by an interactive surface system utilizing multi-touch technology are disclosed. The interactive surface system could identify, authorize, and allocate space on a surface for a participant based on identifying at least one attribute of the participant such as an object associated with the participant. The method can include searching for a first distinctive attribute of the participant, assigning an identifier to the attribute,. and storing the identifier for future use. Other embodiments are also disclosed.” | 09-11-2014 |
20140283005 | BEHAVIOMETRIC SIGNATURE AUTHENTICATION SYSTEM AND METHOD - The present invention discloses a method of verifying the authenticity of a provided signature, comprising the steps of: receiving a set of sampled data points, each sampled data point being associated with a different position along the signature; identifying a set of characterising nodes within the set of sampled data points using a set of predetermined characterising nodes comprised in a pre-stored user profile; determining if each identified characterising node lies within a predetermined threshold range of a corresponding predetermined characterising node; and generating a positive verification when the characterising nodes lie within the predetermined threshold range. A system arranged to carry out the method is also disclosed. | 09-18-2014 |
20140283006 | APPLICATION AUTHENTICATION METHOD AND ELECTRONIC DEVICE SUPPORTING THE SAME - A method for operating an electronic device is provided. The method includes executing, by a processor of the electronic device operable in a first mode (e.g. a trusted execution environment (TEE)) or a second mode (e.g. a non-trusted execution environment (NTEE)), wherein the first mode is more secure than the second mode; receiving, by the processor operating in the first mode, data or information related to a first software program stored in a first memory region; and authenticating, by the processor operating in the first mode, at least a portion of the data or information using a second software program stored in a second memory region. | 09-18-2014 |
20140304805 | INFORMATION PROCESSING APPARATUS AND IMAGE FORMING APPARATUS - It is enabled to execute a setting unique to a user easily without excessively increasing storage data capacity of a storage portion. A control portion, in the case of newly permitting login of a user, compares identification information included in authentication information of the user who is permitted to log in to identification information stored in the storage portion to determine whether the user who is newly permitted to log in is the same user as the user who logged in last time, and in the case where it is determined that the user who logged in last time and the user who has newly logged in are the same, reads operation information stored in the storage portion, to restore operations performed from login to logout last time. | 10-09-2014 |
20140304806 | SECURITY MEDIA AND AUTHENTICATION SYSTEM INCLUDING THE SAME - Disclosed is a security media which can increase a user's convenience without needing for the user to directly input a security code to a touch screen. The security media includes a plate and a plurality of conductive patches adhered to the plate. The plurality of conductive patches may be arranged as a pattern, and thus, when the plurality of conductive patches touch a touch screen of a target device, the pattern may be used as a code for authentication or control of the target device. | 10-09-2014 |
20140310798 | METHOD FOR MANDATORY ACCESS CONTROL OF PROCESSING IN HARDWARE CORES - A method for providing hardware mandatory access control (MAC) may include coupling an input filter to a hardware core. The input filter may receive one or more labeled objects and may qualify the labeled objects based on a first label associated with each of the labeled objects. The input filter may strip the first label from each of the labeled objects to provide one or more input objects. The hardware core may receive the one or more input objects and may provide one or more output objects. An output filter may be coupled to the hardware core. The output filter may receive the one or more output objects and may associate to each of the one or more output objects a second label. Operations of the input filter and the output filter may be coordinated by a label manager. | 10-16-2014 |
20140317721 | SECURE ELEMENT FOR A TELECOMMUNICATIONS TERMINAL - A secure element for a telecommunications terminal, the secure element including means for performing a trusted services management application to manage at least one trusted application to he run by the telecommunications terminal. | 10-23-2014 |
20140325638 | COMPUTING DEVICE SECURITY - Techniques for providing security for a computing device are described herein. In one example, a maintenance issue for the computing device is detected. Additionally: a maintenance credential proximate the computing: device can be detected. Furthermore, an alarm system within the computing device can be disabled in response to detecting an authorized maintenance credential. | 10-30-2014 |
20140331312 | ACCESS CONTROL SYSTEM AND CONTROL METHOD THEREOF - An access control system includes a mobile device, a control device and an electronic lock module. The mobile device includes an input module, an identification module, a display module, a storage module, a battery module, a wireless transmission module and a central processor. The control device connects with the mobile device wirelessly and includes a wireless transceiver module, a power module, a memory module, an electronic control module and a microcontroller. The electronic control module of the control device is electrically connected with the electronic lock device. The identification module captures the biological characteristic of the user so as to make the identification module identify the biological characteristic of the user, so as to lower an identification burden of the access control system and ensure a usage security of the access control system. | 11-06-2014 |
20140331313 | AUTHENTICATION OF SIGNATURE USING ACOUSTIC WAVE ANALYSIS - Embodiments relate to capturing an acoustic signal generated when generating a pattern of movement for authentication of a user (e.g., signing on a touchscreen for authentication of a signature). In addition to or in lieu of a digital image of the signature, the captured acoustic signal is used as information for authenticating the signature. To capture the acoustic signals, an electronic device includes a sensor for detecting the vibration on the touchscreen. During an initial registration process, the signal from the sensor is processed and stored for use as reference information. Subsequently received signals from the sensor are compared with the reference information to identify a signer or authenticate the signature. | 11-06-2014 |
20140344918 | Method and electronic device for providing security - A method for securing an electronic device is provided. The method includes determining a security level of the electronic device, the security level comprising one of a high security level and a low security level, and adjusting a security level of the electronic device, based on the current status of the electronic device. An electronic device includes a screen configured to display information, a processor configured to determine a security level of the electronic device, the security level comprising one of a high security level and a low security level, and adjust a security level of the electronic device, based on the current status of the electronic device. Other embodiments are also disclosed. | 11-20-2014 |
20140359750 | Associating Distinct Security Modes with Distinct Wireless Authenticators - In some aspects, a first device detects information encoded in a wireless authenticator device based on a wireless interaction between the first device and the wireless authenticator device. The first device detects the information while securing resources on the first device according to a first security mode. Based on the detected information, the first device selects a second security mode associated with the wireless authenticator device. The first device then applies the selected second security mode. The selected second security mode is one of multiple distinct security modes. Each of the multiple distinct security modes is associated with a respective one of multiple wireless authenticator devices and defines accessibility attributes of the resources on the first device. | 12-04-2014 |
20140359751 | USER DEVICE AND OPERATING METHOD THEREOF - A security method in an electronic device is provided. The method includes pairing the electronic device with an Access Point (AP), obtaining at least one item of information about the AP, and setting a security level of the electronic device according to the at least one item of information. | 12-04-2014 |
20140359752 | WEB-BASED DATA AND INSTRUMENT MANAGEMENT SOLUTION - A data and instrument management and interface system comprises a web server hosted on an intranet network having a wireless range. The web server has a processor, and a non-transitory computer memory coupled with the processor and storing processor executable code. The web server can communicate over the intranet network with a web browser running on a handheld user device located within the wireless range of the intranet network, and with an instrument. The processor executable code causes the processor to: receive a first wireless signal over the intranet network, the first wireless signal transmitted by the web browser and indicative of request for data for the instrument; authenticate the handheld user device and a user of the web browser; and transmit a second wireless signal to the web browser indicative of data for the instrument responsive to the handheld user device and the user being authenticated. | 12-04-2014 |
20140359753 | SECURITY-ENHANCED COMPUTER SYSTEMS AND METHODS - In general, the invention provides a computer architecture designed for enhanced data security. In embodiments, the architecture comprises two sub-systems, each with their own processing units and memories, and a defined set of interfaces that interconnect the two sub-systems and the external world. One sub-system is designed to provide a familiar environment for running computer applications. The other sub-system is designed to provide a secure bridge between the first sub-system and users via input and output devices. | 12-04-2014 |
20140366123 | Wearable Device Multi-mode System - Systems and techniques are disclosed for detecting whether a wearable computing device is worn by a user or not. The detection can be made based on whether the device is secured to a user or based on a sensor. A device worn by a user may be operated in a private mode such that the user wearing the device is provided information that is useful while wearing the device. For example, the user may receive message notifications, news updates, telephone call information, or the like. A wearable computing device maybe operated in a public mode while not being worn by a user. While in the public mode, the device may provide non user specific information such as a current time, media items, or the like. | 12-11-2014 |
20140366124 | DETERMINATION DEVICE, DETERMINATION METHOD AND DETERMINATION PROGRAM - The determination device displays a target image specifying a random position on a screen, and obtains a designated position by the user for the target image. Then, the determination device determines whether or not the designated position coincides with the position of the target image. When a number of times determined to coincide reaches a predetermined necessary number of coincidence, the determination device determines that the authentication is successful. | 12-11-2014 |
20150020189 | ELECTRO-MECHANIC USB LOCKING DEVICE - USB ports present risk of data leak from computers. The invention provides an electromechanical USB port protection device capable of mechanically block unused USB port, thus preventing the connection of any USB device to that port. Removal of the device requires electrically energizing the lock using security code. Security software provides scalable and secure centralized keys management. The device provides clear and continuous user visual indications when device is secure. Device derivative secures USB cable to the computer USB port. Another device derivative filters and secures a connected user peripheral device, for example a USB locking device that only allows a connection of USB mouse or keyboard. | 01-15-2015 |
20150020190 | METHOD FOR DISPLAYING CONTENTS AND ELECTRONIC DEVICE THEREOF - An electronic device is provided. The electronic device includes an output module, a sensing module, and a processor. The output module is configured to output contents. The sensing module is configured to obtain at least one of user information and environment information. The processor is configured to control an operation of the electronic device in response to at least one of the user information and the environment information depending on an attribute of the contents. | 01-15-2015 |
20150033326 | System and Method for Unlocking Screen - Disclosed are a method for unlocking a screen and a system for installing a screen. It is determined whether to unlock the screen by calculating an angle between a starting position and a current position of a touch point on the screen with the unlocking reference point as a vertex of the angle. With a technical solution of the disclosure, no path or destination position for screen unlocking is defined, with more casual operation, enhanced user experience, and simpler setting, thereby facilitating usage. Moreover, unlocking by mistake can also be prevented by the setting. | 01-29-2015 |
20150040209 | SYSTEM AND METHOD FOR APPLICATION SPECIFIC LOCKING - An unlocking application limits access to a computer application on a computing device. The unlocking application is configurable with at least one unlocking command comprising a sequence of inputs received by input devices of the computing device. The unlocking application limits access to at least one of the computer applications by requiring a user of the computing device to provide the at least one unlocking command using the input devices to access the at least one computer application. | 02-05-2015 |
20150040210 | CONTROLLING A CURRENT ACCESS MODE OF A COMPUTING DEVICE BASED ON A STATE OF AN ATTACHMENT MECHANISM - A computing device can receive an indication of a change in the proximity state of a first structure of an attachment mechanism and a second structure of the attachment mechanism. Responsive to receiving the indication, the computing device can be operable to change, based at least in part on the indication, a current access mode provided by the computing device. In some examples, both the computing device and the attachment mechanism may be part of a wearable computing device. In other examples, the computing device may be or be part of a physically separate device from the attachment mechanism. | 02-05-2015 |
20150040211 | MOTION INPUT DEVICE FOR PORTABLE TERMINAL AND OPERATION METHOD USING THE SAME - The present invention relates to a motion input device for portable terminal and an operation method using the same. A motion input device of a portable terminal of the present invention includes a sensor unit configured to collect a sensor signal from at least one sensor; an operation recognition unit configured to generate a motion signal corresponding to an operation of portable terminal based on the sensor signal; a scenario preparation unit configured to generate an input scenario based on at least one motion signal; and a scenario mapping unit configured to detect, in a scenario database, a standards scenario corresponding to the input scenario, and to generate an input signal corresponding to the standards scenario. | 02-05-2015 |
20150047013 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, PROGRAM, STORAGE MEDIUM, AND INFORMATION PROCESSING SYSTEM - Provided is an information processing apparatus configured to execute at least one function, including: a storage configured to store a first code; an authentication unit configured to obtain a second code from an external storage medium, and to verify the second code against the first code to thereby authenticate the second code; an execution allowing unit configured, when the authentication unit succeeds in authentication, to allow execution of a predetermined function out of the at least one function; and an update unit configured, when the authentication unit succeeds in authentication, to update the first code stored in the storage with another first code, and to update the second code stored in the external storage medium with another second code such that the authentication unit will succeed in authentication based on the updated first code. | 02-12-2015 |
20150047014 | METHOD AND APPARATUS FOR UNLOCKING LOCK SCREEN IN ELECTRONIC DEVICE - A method and apparatus for unlocking a lock screen in an electronic device are provided. A method for unlocking a lock screen in an electronic device includes displaying a lock screen in which objects of the On and Off state have been randomly disposed, detecting a gesture for unlocking the lock screen, determining whether or not a first unlocking value generated in response to the gesture is identical with a predetermined second unlocking value, and unlocking the lock screen if the first unlocking value is identical with the second unlocking value. | 02-12-2015 |
20150058970 | SYSTEM AND ARCHITECTURE FOR SECURE COMPUTER DEVICES - The present invention relates to a system and architecture for securing otherwise unsecured computer subsystems. According to one aspect, the invention provides an independent hardware platform for running software in a secure manner. According to another aspect, the invention provides the means to control and secure all disk, network and other I/O transactions. According to still further aspects, the invention provides a means to monitor and prevent unauthorized user and malicious software activity Additional aspects include providing a secure platform for device and user authentication as well as encryption key management, providing a means to perform background backup snapshots, and providing the means for enabling full management over computer operations. | 02-26-2015 |
20150067821 | METHOD FOR UNLOCKING ELECTRONIC DEVICE - An electronic device includes an acceleration sensor and a rotation sensor, both being independently powered, in providing a method of unlocking when locked. An acceleration of the electronic device is detected using the acceleration sensor and a rotation angle of the electronic device is then detected using the rotation sensor. The electronic device is unlocked only if the acceleration of the electronic device exceeds the predetermined value and the electronic device is additionally rotated a predetermined angle within a predetermined time. | 03-05-2015 |
20150082420 | Security Certificates For System-On-Chip Security - A SoC includes multiple hardware modules that are implemented on a substrate. The hardware modules include a plurality of hardware and software security features and the SoC provides one or more external interfaces for accessing the security features. A validation module, implemented in the boot code of the SoC for example, manages security certificates to control access to the plurality of security features. Each security certificate includes one or more unique identifiers corresponding to one or more hardware modules in the SoC and access control settings for one or more security features of the one or more hardware modules. The security certificate additionally includes a certificate signature signed by a secure key. | 03-19-2015 |
20150082421 | Method and Apparatus for Extending an Authentication Timeout Period - A method and apparatus for extending an authentication timeout period for an electronic device includes a primary processor of the electronic device initiating an authentication timeout period at a timeout initiation time and putting the primary processor into a sleep mode. The method also includes awakening the primary processor from the sleep mode at an expiration time, upon expiration of the authentication timeout period, and determining whether an authentication timeout extending input was detected by an adjunct processor of the electronic device at an input detection time that occurred during the authentication timeout period. The method further includes extending the authentication timeout period to expire at an extended expiration time, which is based on the input detection time, when the authentication timeout extending input was detected by the adjunct processor or locking the electronic device when the authentication timeout extending input was not detected by the adjunct processor. | 03-19-2015 |
20150082422 | SECURITY SWITCH - System and method for securing a personal device that includes a device core and a peripheral device from unauthorized access or operation. The system comprises an isolated switch, included fully or partially within an envelope of the personal device. The isolated switch cannot be affected in its operation by either the device core or the peripheral device. The switch may be operated by an authorized user of the personal device either preemptively or in response to a detected threat. In some embodiments, the isolated switch includes an isolated controller which can send one or more signals to the peripheral device and/or part of peripheral device. In some embodiments, the isolated switch includes an isolated internal component and an isolated external component, both required to work together to trigger the isolated switch operation. In some embodiments, the isolated switch includes an isolated disconnector for connecting and disconnecting the device core from part of the peripheral device. | 03-19-2015 |
20150089630 | CRUM CHIP MOUNTABLE IN COMSUMABLE UNIT, IMAGE FORMING APPARATUS FOR AUTHENTIFICATING THE CRUM CHIP, AND METHOD THEREOF - Provided herein is an image forming apparatus, comprising: a consumable unit where a CRUM (Customer Replaceable Unit Monitoring) chip is mounted; and a main body configured to perform at least one of a first authentication and a second authentication of the consumable unit, when the consumable unit is mounted, wherein the main body comprises: a main controller for performing the first authentication according to firmware stored in the image forming apparatus; and an authentication controller for using at least one ASIC (Application Specific Integrated Circuit) to perform the second authentication of the consumable unit. Accordingly, it is possible to effectively authenticate a consumable unit even when the image forming apparatus is hacked. | 03-26-2015 |
20150089631 | UNLOCK PROCESSING METHOD AND DEVICE - An unlock processing method for a terminal, includes: receiving an input unlocking instruction from a user; determining whether the user belongs to a preset user group according to the unlocking instruction; and acquiring and storing information regarding the user, if it is determined that the user does not belong to the preset user group. | 03-26-2015 |
20150101037 | PHYSICALLY UNCLONABLE FUNCTION PATTERN MATCHING FOR DEVICE IDENTIFICATION - A method is provided for using obtaining a reproducible device identifier from a physically unclonable function. An authentication device may receive a first physically unclonable function (PUF) dataset from the electronic device, the first PUF dataset including characteristic information generated from a physically unclonable function in the electronic device. The authentication device may then identify a pre-stored PUF dataset corresponding to the electronic device. Authentication of the electronic device may be performed by correlating the pre-stored PUF dataset and the first PUF dataset for the electronic device, wherein such correlation is based on a pattern or distribution correlation the pre-stored PUF dataset and the first PUF dataset. Because such correlation is performed on datasets, and not individual points, systematic variations can be recognized by the correlation operation leading to higher correlation than point-by-point comparisons. | 04-09-2015 |
20150106915 | TRUST LEVEL ACTIVATION - An isolation execution environment provides an application with limited resources to execute an application. The application may require access to secured resources associated with a particular trust level that are outside of the isolation execution environment. A trust activation engine determines the trust level associated with a request for a resource and operates differently based on the trust level. A broker process may be used to execute components providing access to resources having a partial trust level in an execution environment that is separate from the isolation execution environment. | 04-16-2015 |
20150113631 | TECHNIQUES FOR IDENTIFYING A CHANGE IN USERS - Various embodiments are generally directed to an apparatus, method and other techniques for detecting an input comprising an object contacting a surface of an apparatus, determining object characteristics based on the detected input and selecting a user profile based on the determined object characteristics. | 04-23-2015 |
20150113632 | IDENTITY AUTHENTICATION SYSTEM - According to one embodiment, an identity authentication system includes a detecting unit that detects an identity theft by determining whether a photographing target is a living body or a non-living body, a collating unit that performs identity collation based on a photographed image, and a control unit that controls execution timing of a detection process performed by the detecting unit and an identity collating processing performed by the collating unit and, in a case where the detection performed by the detecting unit is performed for a first number of times, performs the collation process performed by the collating unit, wherein the first number of times is set in consideration of a tradeoff between a required intensity of security and convenience of a user using the identity authentication system. | 04-23-2015 |
20150121506 | METHODS OF DYNAMICALLY SECURING ELECTRONIC DEVICES AND OTHER COMMUNICATIONS THROUGH ENVIRONMENTAL AND SYSTEM MEASUREMENTS LEVERAGING TAILORED TRUSTWORTHY SPACES - This invention is for a system capable of securing one or more fixed or mobile computing device and connected system. Each device is configured to change its operating posture by allowing, limiting, or disallowing access to applications, application features, devices features, data, and other information based on the current Tailored Trustworthy Space (TTS) definitions and rules which provided for various situationally dependent scenarios. Multiple TTS may be defined for a given deployment, each of which specifies one or more sensors and algorithms for combining sensor data from the device, other connected devices, and/or other data sources from which the current TTS is identified. The device further achieves security by loading digital credentials through a unidirectional multidimensional physical representation process which allows for the device to obtain said credentials without the risk of compromising the credential issuing system through the data transfer process. This secure system methodology may be used to create a Mobile Secure Compartmentalized Information Facility (M-SCIF), among other applications. | 04-30-2015 |
20150128249 | UPDATING ROLES BASED ACCESS - Embodiments for updating roles based system access to a user include systems for identifying an application login event and a role associated with the login event. Further the embodiments include selecting an application shell comprising data for an application, the data being associated with the identified role and where the application is a first version of the application, selecting a second version of the application that is different from the first version, modifying the data of the application shell in response to selecting the second version of the application, and providing the modified data to the application associated with a computing device of a user in response to the login event. In specific embodiments, data unrelated to the identified role is not provided to the application or stored in the computing device. | 05-07-2015 |
20150128250 | APPARATUS AND METHOD FOR GUARANTEEING SAFE EXECUTION OF SHELL COMMAND IN EMBEDDED SYSTEM - Provided are an apparatus and method for enhancing security and safety of an embedded system by monitoring and blocking unauthorized execution of a shell command in the embedded system. | 05-07-2015 |
20150128251 | MOBILE TERMINAL AND METHOD FOR CONTROLLING THE SAME - The disclosure relates to a mobile terminal communicable with a glass-type terminal and a method for controlling the same. The mobile terminal comprises a wireless communication unit configured to communicate with a glass-type terminal, a display unit configured to display visual information, and a controller configured to transmit output-limited information having a limitation in output on the display unit to the glass-type terminal so that the output-limited information may be output on the glass-type terminal when the mobile terminal is in communication with the glass-type terminal. | 05-07-2015 |
20150150116 | Preventing Spoofing Attacks for Bone Conduction Applications - Concepts and technologies are disclosed herein for preventing spoofing attacks for bone conduction applications. According to one aspect, a device can receive an authentication signal that has propagated through a body. The device can prevent an adversary from using the authentication signal to spoof a user to be authenticated by the device. The device can also authenticate the user. | 05-28-2015 |
20150150117 | INFORMATION PROCESSING APPARATUS, METHOD OF CONTROLLING THE SAME AND STORAGE MEDIUM - An information processing apparatus, a method of controlling the same, and a non-transitory computer-readable storage medium. The information processing apparatus comprises management unit configured to manage a login application at least having both a login screen display function and a user authentication function. The apparatus, in a case where a plug-in module, having one function out of the login screen display function and the user authentication function, is added to the information processing apparatus, enables the function of the plug-in module, and enables the function of the login application other than the function of the plug-in module. | 05-28-2015 |
20150302224 | COMPUTING DEVICE AND METHOD OF PROCESSING SECURE SERVICES FOR COMPUTING DEVICE - A method of processing secure services is provided. The method is applied to a processing unit of a computing device to control the processing unit to process multiple secure services. The computing device includes a storage unit. The method includes: controlling a core of the processing unit to perform following steps in a secure mode: accessing the storage unit to obtain a first command that includes first secure service information, processing a first secure service associated with the first secure service information according to the first command, and accessing the storage unit to obtain a second command that includes second secure service information. During a period from a time point that the core accesses the storage unit to obtain the first to a time point that the core accesses the second command, the core is controlled to stay in the secure mode. | 10-22-2015 |
20150317473 | DEVICE AND ACCESSORY PAIRING - A device authenticates accessories by detecting that an accessory is attached to the device, determining a unique identification (ID) for the accessory, determining, based on the unique ID, if the accessory has been paired to the device, and in response to determining that the accessory has been paired to the device, enable use of the accessory by the device. In response to determining the accessory has not been paired to the device, the devices performs a secondary authentication process on the accessory. | 11-05-2015 |
20150324557 | ELECTRONIC DEVICE, UNLOCKING METHOD, AND NON-TRANSITORY STORAGE MEDIUM - An object is to provide a technology for preventing content of an unlocking operation from being easily recognized by another person even when the unlocking operation is seen by the other person. In order to achieve the object, there is provided an electronic device ( | 11-12-2015 |
20150324575 | INTELLIGENT CONTROLLER SYSTEM AND METHOD FOR SMART CARD MEMORY MODULES - A storage device contains a smart-card device and a memory device, both of which are accessed though a controller. The storage device may be used in the same manner as a conventional smart-card device, or it may be used to store a relatively large amount of data in various partitions corresponding to the protection level of the data stored therein. The smart-card device stores critical security parameters that are provided to the controller to protect access to some or all of the partitions of the memory device. A host connected to the controller issues commands, and the controller analyzes the commands and responds to them in various ways depending upon the nature of the command. In particular, depending upon the nature of the command, the controller may either pass the command to the smart-card device, or ignore the command either indefinitely or until a predetermined event has occurred. | 11-12-2015 |
20150332035 | BIOMETRIC DATA DETECTION DEVICE - A biometric data detection device includes a biometric authentication sensor electrically connected to a data processing terminal through a connecting member, a housing that houses the biometric authentication sensor, a window portion that acquires biometric data to be authenticated by the biometric authentication sensor and that is formed in the housing, and an attachment member that is rotatably provided at the housing and that renders the housing rotatable in a state in which the housing is attached to the data processing terminal. | 11-19-2015 |
20150339280 | System and Method for Synchronizing and Editing Electronic Documents - Embodiments described herein include a system and method for editing one or more electronic documents synchronized among multiple electronic devices. The electronic devices may include mobile devices having a touch screen display to capture the edits to the electronic document. Edits to the electronic document can be received and updated in real time on all synchronized devices. In one embodiment, the edits to the electronic document include a handwritten signature from a signer of the electronic document. The handwritten signature is concurrently viewable in each display of the synchronized mobile devices in real time to simulate a real-world experience of signing a paper document with several witnesses. Additional multifactor authentication data can be associated with the handwritten signature data for security and authentication purposes. | 11-26-2015 |
20150339466 | Unlocking An Apparatus - An apparatus, method, and computer program product for: receiving a user input comprising an unlock sequence; comparing the user input to a predefined unlock sequence comprising a static part and a dynamic part; in response to determining that a first part of the user input complies with the static part of the predefined unlock sequence, performing an unlock operation; and in response to determining that a second part of the user input complies with the dynamic part of the predefined unlock sequence, performing an action based on the second part of the user input. | 11-26-2015 |
20150347778 | ELECTRONIC APPARATUS AND CONTROL METHOD THEREOF - According to one embodiment, an electronic apparatus includes a processor configured to operate based on a clock, the processor includes a register in which a value added in accordance with the clock is stored, and a memory configured to store first period information indicating a first period in which a file is accessible. The processor is configured to acquire first time and date information indicating a first time and date from an external device, calculate a second time and date indicating a present time and date based on the first time and date information and the value, and restrict access to a resource of the electronic apparatus, when the second time and date does not correspond to the first period. | 12-03-2015 |
20150371028 | WEARABLE ELECTRONIC DEVICE AND METHOD FOR SECURING SAME - The disclosure is directed to a wearable device that is configured to secure itself based on signals received from a pulse sensor. According to one implementation, the pulse sensor includes a light source (e.g., a light-emitting diode) and a photo sensor. The light source, under the control of a processor, shines light having a particular wavelength (e.g., green or infrared). The photo sensor generates signals based on light that it senses. For example, when the light from the light source reflects off a person's skin, then the photo sensor will generate signals based on the reflected light that the photo sensor detects. In this manner, the wearable device can accurately determine whether it is being worn by a user (e.g., by taking a photoplethysmogram) and, when necessary, secure the wearable electronic device. | 12-24-2015 |
20150371036 | DEVICE SIMULATION IN A SECURE MODE SUPPORTED BY HARDWARE ARCHITECTURES - A secure mode of a computer system is used to provide simulated devices. In operation, if an instruction executing in a non-secure mode accesses a simulated device, then a resulting exception is forwarded to a secure monitor executing in the secure mode. Based on the address accessed by the instruction, the secure monitor identifies the device and simulates the instruction. The secure monitor executes independently of other applications included in the computer system, and does not rely on any hardware virtualization capabilities of the computer system. | 12-24-2015 |
20160012239 | AUTOMATING POST-HOC ACCESS CONTROL CHECKS AND COMPLIANCE AUDITS | 01-14-2016 |
20160070937 | ELECTRONIC DEVICE AND METHOD THEREOF FOR UNLOCKING DISPLAY OF ELECTRONIC DEVICE - A method for unlocking a display of an electronic device includes initializing a process of unlocking the display, detecting a first orientation of the electronic device from a number of predefined orientations, detecting a second orientation of the electronic device from the number of predefined orientations, detecting a third orientation of the electronic device from the number of predefined orientations, detecting a fourth orientation of the electronic device from the number of predefined orientations, and unlocking the display after detecting the first, second, third, and fourth orientations in sequence. The first, second, third, and fourth orientations are detected within a first, second, third, and fourth predetermined time duration, respectively. The first, second, third, and fourth orientations are oriented 90 degrees away from each other along a common rotation direction. | 03-10-2016 |
20160196454 | USB SECURITY DEVICE, APPARATUS, METHOD AND SYSTEM | 07-07-2016 |
20160379028 | BARCODE READER AND ACCESSORY FOR THE BARCODE READER - A barcode reader and an accessory are disclosed. The accessory may include an interface system and a wireless and/or wired interface for communication with a host computer such that the barcode reader may communicate with the host computer via the accessory. The interface system includes an authentication coprocessor such that the barcode reader may establish mutual authentication with the host computer using the authentication coprocessor of the interface system. The barcode reader may send a request for an accessory identifier, and the accessory may then query the authentication coprocessor for the accessory identifier and provide the accessory identifier to the barcode reader. The barcode reader may send an authentication challenge to the accessory, and the accessory may then present the authentication challenge to the authentication coprocessor to obtain an authentication response, and provide the authentication response to the barcode reader. | 12-29-2016 |
20160379508 | Managing Grouped Student Devices With Timed Locks - Systems and methods presented herein can allow a teacher to manage student devices in a classroom setting by grouping student devices on a graphical user interface and using the interface to set locks with respect to the groups of student devices. Lock requests can be received and managed by a server, which can issue file locks, web locks, and application locks. These locks can restrict file access, website access, and application access, respectively, on the students' personal mobile devices. Additionally, the teacher device can allow the teacher to provide timing information in conjunction with the lock requests, which can control when to lock and/or unlock the student devices. | 12-29-2016 |
20170235952 | SYSTEM AND METHOD FOR PROVIDING NETWORK SECURITY TO MOBILE DEVICES | 08-17-2017 |