26th week of 2013 patent applcation highlights part 71 |
Patent application number | Title | Published |
20130167190 | MOBILE COMMUNICATION DEVICE SURVEILLANCE SYSTEM - A mobile communication device surveillance system is described. The system includes a gateway, a web server, a wireless mobile communication device, and a client device. The web server introduces the wireless mobile communication device to a gateway. The gateway authenticates the wireless mobile communication device. The gateway receives media data from the wireless mobile communication device and monitoring data from a security device connected to the gateway. The gateway aggregates the media data and the monitoring data, and communicates the aggregated data to the client device authenticated with the gateway. | 2013-06-27 |
20130167191 | SECURITY POLICY FLOW DOWN SYSTEM - A system and method are provided that distill an organization's information security plan into a detailed and unambiguous security object model. The developed security object model provides a visualization of complex relationships between individual elements and levels that is usable to carry into effect the organization's information security plan. Configuration control and a verifiable level of security compliance are provided through implementation of the organization's information security plan by the developed security object model. The developed security object model is hosted on a computing platform in communication with at least the organization's network to provide information security plan compliance, configuration control and gap analysis in a usable form to the organization. | 2013-06-27 |
20130167192 | METHOD AND SYSTEM FOR DATA PATTERN MATCHING, MASKING AND REMOVAL OF SENSITIVE DATA - Systems, methods and computer-readable media for applying policy enforcement rules to sensitive data. An unstructured data repository for storing unstructured data is maintained. A structured data repository for storing structured data is maintained. Request for information is received. The request is analyzed to determine its context. Based on the context, a policy enforcement action associated with generating a response to the request is identified. The policy enforcement action may be to remove sensitive data in generating the response to the request and/or mask sensitive data in generating a response to the request. An initial response to the request is generated by retrieving unstructured data from the unstructured data repository. Using the structured data maintained in the structured data repository, sensitive data included within the initial response is identified. The policy enforcement action is applied to the sensitive data included within the initial response to generate the response to the request. | 2013-06-27 |
20130167193 | Security policy editor - A shared computing infrastructure has associated therewith a portal application through which users access the infrastructure and provision one or more services, such as content storage and delivery. The portal comprises a security policy editor, a web-based configuration tool that is intended for use by customers to generate and apply security policies to their media content. The security policy editor provides the user the ability to create and manage security policies, to assign policies so created to desired media content and/or player components, and to view information regarding all of the customer's current policy assignments. The editor provides a unified interface to configure all media security services that are available to the CDN customer from a single interface, and to enable the configured security features to be promptly propagated and enforced throughout the overlay network infrastructure. The editor advantageously enables security features to be configured independently of a delivery configuration. | 2013-06-27 |
20130167194 | SYSTEM AND METHOD FOR DETERMINING A SECURITY ENCODING TO BE APPLIED TO OUTGOING MESSAGES - A device comprising a processor is disclosed herein. In one broad aspect, the processor is configured to: determine whether a general message encoding configuration setting at the device is set to a first setting indicating that when a security encoding is to be applied to a message, the security encoding is to be established by a policy engine, wherein the established security encoding cannot be overridden by a security encoding selection algorithm at the device; and if the general message encoding configuration setting is set to the first setting, transmit the message to at least one message recipient via the policy engine such that the policy engine applies the security encoding to the message prior to the policy engine transmitting the message. | 2013-06-27 |
20130167195 | HARDWARE IDENTIFICATION THROUGH COOKIES - Multiple cookies of a client device are used to form an identifier of the client device such that a change in one or even several browser cookies does not defeat proper device recognition. The cookies are included in the identifier such that individual cookies can be parsed for separate comparison with corresponding cookies of known devices. However, to protect privacy of all devices, individual parameters of the constituent cookies are represented with irreversible hashes of the respective parameters. Recognition involves quantification of a degree of correlation between the cookies and corresponding cookies of each of the known devices. To quantify the degree of correlation, the observed stability and uniqueness of each cookie, and each cookie attribute, is considered. | 2013-06-27 |
20130167196 | SYSTEM AND METHOD FOR REMOTE DEVICE RECOGNITION AT PUBLIC HOTSPOTS - Described are various embodiments of a system and method in which device-identifying data can be used to uniquely recognize and optionally track and report on device activity at one or more hotspot locations by way of the creation and management of a device profile uniquely associated with such devices and stored in a network accessible knowledge base. | 2013-06-27 |
20130167197 | Methods, Systems, and Computer Program Products for Invoking Trust-Controlled Services Via Application Programming Interfaces (APIs) Respectively Associated Therewith - A trust evaluation may be obtained for a network element in a communication network. Based on this trust evaluation, one or more services may be invoked to address the risk that a potentially untrustworthy network element poses in the communication network. Application programming interfaces (APIs) may automate the invocation of trust-controlled services. An API for a trust-controlled service may be used to directly perform a function on one or more resources in the communication network or may be used to set up an ongoing function on one or more resources in the communication network that may continue until the API is used to terminate the function. | 2013-06-27 |
20130167198 | Protocol for sequential rights transactions - Methods and apparatus, including computer program products, implement techniques for delivering a rights object granting one or more rights to a media object. The rights object has an associated return address, and the return address is usable to initiate a subsequent rights transaction relating to the rights granted by the rights object. | 2013-06-27 |
20130167199 | On-Demand Authorization Management - Methods and apparatus, including computer program products, are provided for authorization management. In one aspect, there is provided a computer-implemented method. The method may include receiving a request to authorize at least one user to at least one module of a system; mapping the received request to a semantic tag; processing, based on the semantic tag, the request to authorize the at least one user to determine whether to grant the at least one user access to the at least one module; and sending a response to the request to authorize the at least one user, wherein the response is in accordance with the result of the processing. Related apparatus, systems, methods, and articles are also described. | 2013-06-27 |
20130167200 | TECHNIQUES TO STORE SECRET INFORMATION FOR GLOBAL DATA CENTERS - Techniques to store secret information for global data centers securely are described. Various embodiments may provide a front end service for a back end data store. The front end service may be responsible for deployment, upgrade, and disaster recovery aspects, and so forth, of data center maintenance. Data centers may access data and data-related services from the back end data store through the front end service. Secrets that are needed to access secure data may be stored on behalf of the data centers without providing the secrets to the data centers. Other embodiments are described and claimed. | 2013-06-27 |
20130167201 | REMOTE ACCESS TO A DATA STORAGE DEVICE - A method may be performed in a data storage device that stores one or more files and that is operatively coupled to any host device that is accessible to another device via a network. The method includes receiving an access request originating from the other device. The access request is received via a particular host device registered as a recipient of requests for access to the data storage device via the network while the data storage device is operatively coupled to the host device and while the host device is accessible via the network. The method also includes, in response to receiving the access request, sending a response with access information to the other device. The response is provided to the particular host device to be sent to the other device via the network. | 2013-06-27 |
20130167202 | IMAGE PROCESSING APPARATUS - An image processing apparatus includes: a first acquisition unit acquiring input information from an outside for starting execution of an image processing function; a determination unit determining whether a specific apparatus connected through a network is logged in based on specific identification information corresponding to the input information; a first request unit requesting input of authentication information from the outside; and a function control unit controlling execution of the image processing function. When it is determined that the specific apparatus is not logged in, the first request unit requests the input of the authentication information from the outside. When it is determined that the specific apparatus is logged in, the function control unit permits the execution of the image processing function without the first request unit requesting the input of the authentication information from the outside. | 2013-06-27 |
20130167203 | METHOD AND SYSTEM FOR AUTHORIZING REMOTE ACCESS TO CUSTOMER ACCOUNT INFORMATION - System for authorizing a request for remote access to customer account information includes a server configured to receive the request via a network from a remote computing device, a database storing the customer account information accessible by the server, and memory accessible by the server and storing a customer notification program which, when executed by the server, performs steps for (a) identifying, responsive to the server receiving the request, the remote computing device by a device fingerprint and by a requesting location, (b) determining whether the device fingerprint matches any of a number of device fingerprints authorized to access the customer account information, and (c) sending, responsive to determining a mismatch between the device fingerprint and each of the previously authorized device fingerprints, a notification of the request to a customer-specified address, the notification indicating (i) the request, (ii) identity of the remote computing device, and (iii) the requesting location. | 2013-06-27 |
20130167204 | METHOD FOR MANAGING ACCESS TO PROTECTED COMPUTER RESOURCES - A method for controlling access to protected computer resources provided via an Internet Protocol network that includes registering identity data of a subscriber identity module associated with at least one client computer device; storing (i) identity data of at least one access server, (ii) the identity data of a subscriber identity module, and (iii) authorization data regarding the protect computer resources; receiving the identity data of a subscriber identity module, and a request for the protected computer resources; authenticating (i) the identity data of the at least one access server, and (ii) the identity data of a subscriber identity module; authorizing the at least one client computer device to receive at least a portion of the protected computer resources; and permitting access to the at least the portion of the protected computer resources (i) upon successfully authenticating the identity data of the at least one access server and the identity data of a subscriber identity module associated with the at least one client computer device, and (ii) upon successfully authorizing the at least one client computer device. | 2013-06-27 |
20130167205 | CONSTRAINING A LOGIN TO A SUBSET OF ACCESS RIGHTS - This document describes tools that constrain a login to a subset of access rights. In one embodiment, the tools generate a constrained password by executing a cryptographic algorithm on a user ID, general password, and one or more desired constraints. The constrained password is used in place of the general password to gain access rights that are a subset of the access rights that would be granted if the general password were used instead. | 2013-06-27 |
20130167206 | STORAGE SYSTEM, METHOD OF CONTROLLING ACCESS TO STORAGE SYSTEM AND COMPUTER SYSTEM - A plurality of servers is connected to a storage system via a network. A control unit in the storage system defines exclusive access groups from an address information of each access interface of the servers, defines logical volumes in which the server is permitted to access for each of the exclusive access groups, and controls the access to the volume of the server by a access list which defines correspondence between the server and the logical volume and the physical volume, which are permitted to access by the server. | 2013-06-27 |
20130167207 | Network Acquired Behavioral Fingerprint for Authentication - A computationally-implemented method, for certain example embodiments, may include, but is not limited to: identifying a network connection coupling a computer server to a computing device; and transmitting, via the network connection, a behavioral fingerprint associated with an authorized user of the computing device, the behavioral fingerprint providing at least one status of the authorized user with respect to the computing device. In addition to the foregoing, other example aspects are presented in the claims, drawings, and written description forming a part of the present disclosure. | 2013-06-27 |
20130167208 | Smart Phone Login Using QR Code - Systems and methods are disclosed for a user to use a mobile device such as a smart phone to scan a QR (Quick Response) code displayed on a login webpage of a website. The QR code may encode a server URL of the website. The mobile device decodes the QR code and transmits a device ID and other decoded information to a service provider. The service provider locates login credentials of the user linked to the device ID and communicates the login credentials to a website server for user authentication. Alternatively, the mobile device may transmit its device ID to the website server for the website server to locate a user account linked to the device ID for user login. Alternatively, the mobile device may transmit stored login credentials to the website server. Advantageously, a user may access a website without the need to provide any login credentials. | 2013-06-27 |
20130167209 | SYSTEM AND METHOD FOR ACCESSING A SOFTWARE APPLICATION - Systems and methods for managing a user identity on a mobile device are provided. The system comprises the mobile device comprising a user agent and a client application, the user agent and the client application in communication with each other. The system further comprises an identity provider in communication with the mobile device, and a client service in communication with the mobile device. The user agent is configured to communicate with the identity provider and retrieve the user identity for the client application, and the client application is configured to transmit the user identity to the client service. | 2013-06-27 |
20130167210 | METHOD OF ASSIGNING A USER KEY IN A CONVERGENCE NETWORK - Discussed is a method of operating a CPNS (converged personal network service) gateway apparatus. The method includes transmitting a registration request message including user information to a server; transmitting an installation request message including the user information to a terminal; generating first authentication data on the basis of authentication information received by a user input; transmitting a trigger message including the first authentication data to the terminal; receiving a key assignment request message including second authentication data from the terminal in response to the trigger message; transmitting the received key assignment request message to the server; receiving a key assignment response message including a user key for the terminal in response to the key assignment request message; and transmitting the received key assignment response message to the terminal. | 2013-06-27 |
20130167211 | RE-AUTHENTICATION - In one example, a method of managing access to a network includes receiving a network access request including one or more credentials via an edge device. The one or more user credentials are authenticated, and a database record for a user associated with the one or more user credentials is identified. A re-authentication duration value is obtained from the database record for the user, wherein the re-authentication duration value is pre-assigned to the user or pre-assigned to a group associated with the user. A response comprising the re-authentication duration value is then sent to the edge device. | 2013-06-27 |
20130167212 | SYSTEM AND METHOD FOR PROVIDING SECURE ACCESS TO AN ELECTRONIC DEVICE USING BOTH A SCREEN GESTURE AND FACIAL BIOMETRICS - A system and method for providing secure authorization to an electronic device by combining two or more security features of authentication processed at substantially the same time where at least one of the factors is a “tolerant” factor. By combining two factors such as facial recognition and a screen gesture, these can be analyzed at substantially the same time such that the tolerance match required by the tolerant factors for providing a better user authentication experience without reducing the overall security accuracy. | 2013-06-27 |
20130167213 | METHOD AND SYSTEM FOR VERIFYING USER INSTRUCTIONS - A method for verifying instructions communicated from a user to a relying entity is described. A trusted entity receives a request from the relying entity to verify instructions received from the user wherein the request includes verification information corresponding to the instructions communicated to the relying entity from the user. The trusted entity sends a request to the user to provide verification information corresponding to the instructions. The trusted entity receives the verification information from the user and compares it to the verification information received from the relying entity. The trusted entity then verifies the instructions based on the comparing. | 2013-06-27 |
20130167214 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING SYSTEM, AND COMPUTER PROGRAM - An information processing apparatus includes a first session managing unit configured to manage a transaction including a request and a response over a network and a second session managing unit configured to manage authentication identification information of an authenticated user. The information processing apparatus also includes a token generating unit configured to acquire authentication identification information of a requesting user and generate a token value to be included in a first response using an internally managed value, in response to a first request, and a token validating unit configured to acquire the authentication identification information of the requesting user in response to a second request and validate correctness of a token value included in the second request by comparing the token value with a token value calculated using the managed value. | 2013-06-27 |
20130167215 | USER AUTHENTICATION APPARATUS, METHOD THEREOF AND COMPUTER READABLE RECORDING MEDIUM - A user authentication apparatus, a user authentication method, and a computer readable recording medium are provided. The user authentication apparatus includes: an information collection unit which collects authentication information on a plurality of portable devices of a user through a communication network; and a control unit which identifies whether each of the plurality of portable devices is registered for the user or not based on the collected authentication information, determines whether an amount of information collected from the plurality of portable devices that are identified is greater than a threshold value, and authenticates the user. | 2013-06-27 |
20130167216 | CLOUD IDENTIFICATION PROCESSING AND VERIFICATION - A system and method are provided for identification of a user collecting enrollment data from the user including dwell times for each of an enrollment series of login attempts; creating an iterative unified identification score for the user from the dwell times of login attempts; establishing an iterative average of identification score; establishing a standard deviation of the iterative identification score; deleting the dwell times and other data of the enrollment series of login attempts; prompting and collecting login specific dwell times; calculating a login identification score; comparing the login identification score to the iterative unified identification score, and updating the iterative scores and the iterative standard deviations and storing between login attempts only an iterative average dwell time, an iterative average flight time, the unified identification score and iterative standard deviation of the unified identification score. | 2013-06-27 |
20130167217 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND NON-TRANSITORY COMPUTER READABLE MEDIUM - An information processing apparatus includes following components. An authentication processing unit authenticates a user. A display displays information. An accessing unit accesses an external service. An authenticated-access-information acquiring unit acquires authenticated access information associated with user information for identifying an authenticated user. An unauthenticated-access-information acquiring unit acquires unauthenticated access information having been input by an unauthenticated user when accessing the external service. A controller performs control, when an authenticated user attempts to access the external service, so that the authenticated-access-information acquiring unit acquires authenticated access information associated with user information of the user and the accessing unit accesses the external service by using the acquired authenticated access information, and, when a user attempts to access the external service without being authenticated, so that the unauthenticated-access-information acquiring unit acquires the unauthenticated access information and the display displays the acquired unauthenticated access information. | 2013-06-27 |
20130167218 | SINGLE LOGON SYSTEM AND METHOD - The disclosure provides a single logon system for accessing different applications and a method for single logon. Before a client accesses an application, the system determines whether a valid session of the client has been stored. When there is a stored valid session of the client, the client can logon and access the application, or the client must input a legal user name and a legal password to access the application, and the system creates a session and save the session associated with the client. Therefore, when there is a stored valid session, the client can directly access other applications and does not input the user name and the password. | 2013-06-27 |
20130167219 | APPARATUS AND METHOD FOR CYBER-ATTACK PREVENTION - Provided are a method of preventing cyber-attack based on a terminal and a terminal apparatus therefor. The terminal apparatus includes: a packet processor configured to determine whether excessive traffic is generated by a transmission packet; an anomalous traffic detecting unit configured to determine whether anomalous traffic is generated, using a first condition of the excessive traffic being maintained for a first time period and a second condition of a generation count of the same kind of transmission packets exceeding a predetermined threshold value for a second time period; and a traffic block request unit configured to generate a traffic block request signal for requesting blockage of the transmission packet according to the result of determining whether anomalous traffic is generated. | 2013-06-27 |
20130167220 | Secure Operation of Transitory Computer Applications - A security application is described for determining conditions within a computer application that would create the desire to allow or disallow access to certain system functions or features by the application. The security application analyzes the conditions and sets a lock that enables the application to perform only certain types of actions that would be considered secure by the security application. | 2013-06-27 |
20130167221 | Motion-based authentication for a gesture-based computing device - A motion-based authentication method is operative in a mobile computing device having a display interface and that includes an accelerometer. Normally, the device software includes a locking mechanism that automatically locks the display interface after a configurable timeout. The authentication method operates to un-lock the display interface (and thus allow the user access to the device) by movement of the device in a predetermined series of physical movements and without display-based entry of a password or other access code on the display itself. In this manner, the user can un-lock the device without display-based entry of a password (on the display itself) by simply holding the device and performing the necessary movement(s) to generate the unique code. | 2013-06-27 |
20130167222 | USING A CALL GATE TO PREVENT SECURE SANDBOX LEAKAGE - Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for enveloping a thread of execution within an IDT-based secure sandbox. In one aspect, embodiments of the invention provide that a request is received from an application, the request being generated using an application programming interface of a device driver. After the request is received a call gate descriptor for a call gate is added to a segment descriptor table for the application. The call gate descriptor specifies: (a) that the call gate can be called from a first privilege level of the application; and (b) that the call gate requests a second privilege level higher that the first privilege level. A call gate selector for the call gate descriptor is provided to the application in response to the request. | 2013-06-27 |
20130167223 | METHODS AND APPARATUS FOR SECURING A SOFTWARE APPLICATION ON A MOBILE DEVICE - A method of securing a software application on a mobile device is described. The method includes configuring the mobile device with a management server to allow the mobile device to communicate wirelessly over a wireless network. A listing of applications is transmitted to the management server over the wireless network. The management server generates user credentials data to associate at least one user with an authorization to access at least one application residing on the mobile device. The management server transmits the user credentials data to the mobile device over the wireless network. The mobile device accesses the user credentials data when a user attempts to access the software application on the mobile device. The user is permitted to execute the software application when the user credentials data indicates that the user is authorized to access the software application. | 2013-06-27 |
20130167224 | LOCK FUNCTION HANDLING FOR INFORMATION PROCESSING DEVICES - Embodiments relate to a method, program product and an information processing device for handling lock functions. The device includes a lock function for restricting user operations and a lock setting unit responsive to the lock function for transitioning the information processing device to a locked state after a period of inactivity. It also includes a lock releasing unit responsive to the lock setting unit for releasing the locked state in response to the input of a predetermined first password and a changing unit responsive to the lock releasing unit for changing the number of characters to be inputted in the first password to release the locked state. | 2013-06-27 |
20130167225 | GRAPHICAL IMAGE PASSWORD AUTHENTICATION METHOD - A method for secure authentication is provided which includes having a user who wishes to gain access to a computer or computer network select from among a plurality of randomly displayed images, having different background colors, the correct image and background color which correspond to the user's computer account. In one advantageous form, in addition to selecting the correct image, the user must first enter a username and password. In an alte rnative form, if a user is seeking access to a computer network by using a preapproved access point or computer having an approved IP address, a user is allowed to gain access to the computer network without being prompted to select a correct image. | 2013-06-27 |
20130167226 | Handheld Mobile Device with USB Hard Drive and Optional Biometric Scanner, and Systems Including the Same - Mobile handheld communication devices such as cellular and/or smart phones are equipped with a detachable USB drive, and optionally, a biometric scanner and/or an electronic release mechanism and/or circuitry. The communication device has a housing, a central processing unit (CPU) within the housing, a memory controller within the housing and coupled to the CPU, and a universal serial bus (USB) hard drive that electrically communicates with the memory controller. The USB hard drive has an outer surface or casing that is integrated and/or integratable with the housing. The USB device may include a USB interface, a hard drive that communicates through the USB interface, and a biometric sensor. The biometric sensor establishes or authorizes electronic communication between the hard drive and the USB interface when biometric data obtained with the biometric sensor matches data stored in the hard drive. | 2013-06-27 |
20130167227 | WORKING MACHINE, DATA COMMUNCATION SYSTEM FOR WORKING MACHINE, OPERATION SYSTEM FOR WORKING MACHINE, AND SETTING CHANGE SYSTEM FOR WORKING MACHINE - A working machine is provided with a control device that can make wireless communication with a mobile terminal storing a mobile-use ID code and stores a working machine-use ID code, wherein the control device is provided with: ID code checking means adapted to check the mobile-use ID code obtained by ID code obtaining means and the working machine-use ID code with each other; data communication means adapted, in the case where as a result of the checking by the checking means, matching between the ID codes is established, to allow data communication between the mobile terminal and the control device, and in the case where the matching is not established, not to allow the data communication; and ID code registration means adapted to register the working machine-use ID code in the mobile terminal as the mobile-use ID code. | 2013-06-27 |
20130167228 | SECURE DATA IN REMOVABLE STORAGE DEVICES VIA ENCRYPTION TOKEN(S) - Systems, methods, and devices that secure data on removable storage devices are presented. A token component can interface with a communication port on a host device. One or more removable storage devices can interface with one or more other communication ports on the host device. The token component includes a security component that, when interfaced with the host device, is employed to automatically and simultaneously enable access, encrypt data being stored in, and decrypt data being retrieved from the removable storage devices. When the token component is not interfaced with the host device, the removable storage devices are secured so that they cannot be accessed and data stored thereon cannot be retrieved and decrypted. A user optionally can utilize a password, which can be entered when the token component is interfaced with the host device, to facilitate controlling access to the removable storage devices and data encryption/decryption. | 2013-06-27 |
20130167229 | TRAFFIC MANAGING DEVICE AND METHOD THEREOF - Disclosed is a traffic managing device which includes an information collector collecting primary information associated with a flow; a controller judging a traffic state, collecting secondary information associated with the traffic based on the judged traffic state and the primary information, and judging whether the flow is abnormal, based on the secondary information; and a traffic correspondence unit dropping the flow based on the judged traffic state and whether the flow is abnormal. The primary information includes internet protocol addresses of source and destination of the flow and the secondary information includes a flow number of each internet protocol address of a source. | 2013-06-27 |
20130167230 | DEVICE REPUTATION MANAGEMENT - A device reputation server recognizes malicious devices used in prior attacks and prevents further attacks by the malicious devices. Server computers require a digital fingerprint of any client devices prior to providing any service to such client devices. Logging of network activity include the digital fingerprint of the device perpetrating the attack. When an attack is detected or discovered, the attacked server reports the attack and the digital fingerprint of the perpetrating device to a device reputation server. The device reputation server uses the report to improve future assessments of the reputation of the device associated with the reported digital fingerprint. | 2013-06-27 |
20130167231 | PREDICTIVE SCORING MANAGEMENT SYSTEM FOR APPLICATION BEHAVIOR - A system may be provided that comprises one or more servers to: receive information regarding known epitypes of malness, where the information includes malness scores and behaviors for the known epitypes of malness; store the information regarding the known epitypes of malness; generate rules for a model based on the information regarding the known epitypes of malness; input application data from an application on a device into the model; output a malness score from the model based on the application data; and allow the application and/or the device access to a network when the malness scores for the application is below a first threshold level, or block the application and/or the device access to the network when the malness score the application is above a second threshold level, where the first threshold level is less than the second threshold level. | 2013-06-27 |
20130167232 | EVENT DETECTION/ANOMALY CORRELATION HEURISTICS - A system for detecting network intrusions and other conditions in a network is described. The system includes a plurality of collector devices that are disposed to collect data and statistical information on packets that are sent between nodes on a network. An aggregator device is disposed to receive data and statistical information from the plurality of collector devices. The aggregator device produces a connection table that maps each node on the network to a record that stores information about traffic to or from the node. The aggregator runs processes that determine network events from aggregating of anomalies into network events. | 2013-06-27 |
20130167233 | SYSTEMS, METHODS, AND MEDIA PROTECTING A DIGITAL DATA PROCESSING DEVICE FROM ATTACK - In accordance with some embodiments of the disclosed subject matter, systems, methods, and media for protecting a digital data processing device from attack are provided. For example, in some embodiments, a method for protecting a digital data processing device from attack is provided, that includes, within virtual environment: receiving at least one attachment to an electronic mail; and executing the at least one attachment; and based on the execution of the at least one attachment, determining whether anomalous behavior occurs. | 2013-06-27 |
20130167234 | Method for Processing Messages in a Communication Network Comprising a Plurality of Network Nodes - A method for processing messages in a communication network, wherein messages are transmitted between network nodes of the communication network, which are each combined with test information that is verifiable to determine whether a corresponding message is admissible, where an admissible message leads to a positive test result and an inadmissible message leads to a negative test result. For at least one message that is provided for a respective network node, an action coupled to the message is performed from the respective network node in time a message is received in the respective network node without checking the test information combined with the message, wherein, upon execution of the action, the test information is verified by the respective network node and, when the test result is negative, at least one predefined measure is performed. | 2013-06-27 |
20130167235 | AUGMENTING SYSTEM RESTORE WITH MALWARE DETECTION - An anti-malware program monitors the behavior of a system after a system restore to determine the likelihood of a hidden infection of malicious code still existing after the system restore. The anti-malware program observes the dynamic behavior of the system by monitoring conditions that are likely to signify the possibility of an infection thereby necessitating the need to initiate anti-malware detection. The anti-malware program may observe the restoration history, system settings, malware infection history, to determine the likelihood of an existing hidden infection after a system restore. | 2013-06-27 |
20130167236 | METHOD AND SYSTEM FOR AUTOMATICALLY GENERATING VIRUS DESCRIPTIONS - Systems and methods for automatically generating information describing malware are disclosed. In accordance with certain embodiments, a client computer may be provided with an antivirus program capable of finding malware and a server for receiving malware information sent from the antivirus program via a network. In accordance with one embodiment, the antivirus program may checked the client computer for malware and, in the event that malware is found, the antivirus program may acquire information about the malware such as the type of malware, the form of identification of the malware, whether the malware has already been executed, and/or whether it has been possible to remove the malware. This malware information may be transmitted from the client computer to the server in an automatic, structured manner. When received by the server, the malware information may be fed into a database on the server and subsequently displayed, for example, in an automatic, structured manner on a web page or via an interface of the antivirus program. | 2013-06-27 |
20130167237 | DETECTION OF SECOND ORDER VULNERABILITIES IN WEB SERVICES - A system for detecting a vulnerability in a Web service can include a processor configured to initiate executable operations including determining whether a Web service uses identity of a requester to select one of a plurality of different paths of a branch in program code of the Web service and, responsive to determining that the Web service does select one of a plurality of different paths of a branch according to identity of the requester, indicating that the Web service has a potential vulnerability. | 2013-06-27 |
20130167238 | SYSTEM AND METHOD FOR SCANNING FOR COMPUTER VULNERABILITIES IN A NETWORK ENVIRONMENT - A method in one embodiment includes identifying a set of known vulnerabilities and a set of new vulnerabilities in an asset, selecting one or more scripts that include checks for vulnerabilities in a union of the set of known vulnerabilities and the set of new vulnerabilities, and using the selected scripts to scan the asset. Known vulnerabilities and new vulnerabilities may be identified by accessing results of previous scans on the asset. The method may also include identifying a plurality of assets to scan in a network, identifying a plurality of sets of known vulnerabilities and a plurality of sets of new vulnerabilities in substantially all assets in the plurality of assets, and inserting checks for vulnerabilities included in a union of the plurality of sets of known vulnerabilities and the plurality of sets of new vulnerabilities into the selected scripts. | 2013-06-27 |
20130167239 | DETECTION OF SECOND ORDER VULNERABILITIES IN WEB SERVICES - A method of detecting a vulnerability in a Web service can include determining, using a processor, whether a Web service uses identity of a requester to select one of a plurality of different paths of a branch in program code of the Web service. The method further can include, responsive to determining that the Web service does select one of a plurality of different paths of a branch according to identity of the requester, indicating that the Web service has a potential vulnerability. | 2013-06-27 |
20130167240 | METHOD AND APPARATUS FOR DETECTING EVENTS PERTAINING TO POTENTIAL CHANGE IN VULNERABILITY STATUS - Method and apparatus for Vulnerability Assessment techniques is disclosed. A method comprises detecting an event on a target in real time or at periodic intervals, by at least one of an OS service, an OS command, a hook, and an API. The event comprises a change in status of at least one of a network interface, a server network service, a client network service, and a port. An apparatus comprises a target having at least one of a deployed server network service, and a deployed client network service; and an agent deployed on the target, to detect an event on the target in real time or at periodic intervals. At least one of the agent and the VA server detect the event comprising a change in the status of at least one of a network interface, the server network service, the client network service, and a port. | 2013-06-27 |
20130167241 | Locating security vulnerabilities in source code | 2013-06-27 |
20130167242 | Software Application Operational Transfer - Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, enable software application transfer among connected computing devices. In one aspect, a method includes receiving a request, corresponding to an application running on a first computer, to operate the application on a second computer; initiating a communication session between the first computer and the second computer over a network; disabling the application on the first computer with respect to one or more operational parameters; and enabling the application on the second computer with respect to the one or more operational parameters. The one or more operational parameters can include a software licensing state of the application, current application data of the application running on the first computer, or both. | 2013-06-27 |
20130167243 | Secure User Interface Content - Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for handing secure user interface content. In one aspect, a method includes receiving, at a data processing apparatus, content over a communication network from a computing system separate from the data processing apparatus; determining that the received content is authentic secure content; retrieving information stored at the data processing apparatus and previously selected by a user for purposes of securing user interface content; rendering the received content, to a display of the data processing apparatus, as a user interface with a visual wrapper, where the visual wrapper includes the retrieved information, visually separates the user interface from other visual elements on the display, and includes an indication that the user interface is secure; and processing input received through the user interface. | 2013-06-27 |
20130167244 | System for Managing Risk in Employee Travel - A system for managing risk in employee travel may control access by users to the travel risk management system. The travel risk management system may receive and store company information for a client company subscribing to the travel risk management system, and allow activation code packages to be defined for allowing a specified number of activation codes to be generated for the subscribing client company. Once the activation code packages are defined, the specified number of activation codes may be generated and assigned to employee's of the subscribing client company. The system may provide for defining super admin users authorized to input client company information and define activation code packages, and client admin users authorized to select activation code packages, and generate and assign the activation codes to users. | 2013-06-27 |
20130167245 | CUSTOMER ERROR SCREEN CAPTURE - A method for capturing a user's view of an electronic screen having an error message in a health management application without showing private information of the user includes receiving an error message from a web service responding to a request for a web page by the user. The method includes receiving an electronic file of the web page with the error message, redacting private information of the user from the electronic file to create a redacted electronic file, and storing the redacted electronic file in a support log module. | 2013-06-27 |
20130167246 | RESTRICTING OPERATION RESULTS FROM BEING TRANSFERRED TO COUPLED EXTERNAL DEVICE - Described embodiments provide a method and user equipment for restricting transferring of image data produced by a predetermined application to a coupled external device. The method may include detecting an activation of an application in a user equipment while the user equipment is coupled to an external device and determining whether image data produced by the activated application is transferred to the coupled external device. The determining may include restricting the produced image data of the activated application from being transferred to the coupled external device when an application control type of the activated application is a restricted application, otherwise, transferring the produced image data of the activated application to the coupled external device. | 2013-06-27 |
20130167247 | SELECTIVELY WIPING A REMOTE DEVICE - A system and method for selectively securing data from unauthorized access on a client device storing a plurality of data types with reference to an authorization level indicated in a command. A command is received at a client device comprising an authorization level indicator. Based on at least one predefined rule, which may be implemented in an IT policy stored at the client device, each of the plurality of data types to be secured is determined, and then the data corresponding to those types is secured. The data may be secured by encrypting and/or deleting the data at the client device. The predefined rules associated with each authorization level may be configured by a user or administrator having an authorization level that exceeds the associated authorization level. | 2013-06-27 |
20130167248 | METHOD FOR GENERATING SMART CONTENTS, METHOD FOR EXECUTING SMART CONTENTS AND METHOD FOR PROVIDING N-SCREEN SERVICE OF SMART CONTENTS - A method for generating smart contents includes contents protected by a digital right management (DRM) technology; and metadata including information necessary to use the contents. Further, the method includes a smart code for protecting copyright of the contents and position information which the smart code is downloaded. | 2013-06-27 |
20130167249 | CUSTOMER SUPPORT ACCOUNT WITH RESTRICTED PATIENT DATA ACCESS - A method for accessing a user's account by customer support without viewing the user's private data includes receiving, in an application module communicating with a web service, a request for authentication by a support person using a linked user-support login name. The method includes authenticating the user, authenticating the support person and retrieving a current session of the user as viewed by the user on an electronic screen of a processing device of the user. The method further includes dynamically redacting private data of the user from the user session to create a redacted user session, and delivering the redacted user session for display in an electronic screen of a processing device of the support person. | 2013-06-27 |
20130167250 | Application Security Framework - In accordance with the teaching described herein, systems and methods are provided for providing secure access to a software application on a computing device. The software application may include a security framework having a set of predetermined security requirements. Prior to enabling access to the software application by a user, the computing device may, (i) verify installation of a device security configuration profile on the computing device, wherein the device security configuration profile certifies that the software application includes the set of predetermined security requirements, (ii) receive identifying information from the user via a user interface, (iii) verify the identifying information with an authentication server, and (iv) based on a successful verification of the identifying information, receive and store a security token. Access to the software application on the computing device may be provided for a specified period identified by the security token. | 2013-06-27 |
20130167251 | METHOD OF USING MEMORY INSTRUCTION INCLUDING PARAMETER TO AFFECT OPERATING CONDITION OF MEMORY - Subject matter disclosed herein relates to techniques to use a memory device. A method includes receiving a memory instruction comprising at least one parameter representative of at least one threshold voltage value and a read command to read at least one cell of the memory device. The method further includes detecting at least one voltage value from the at least one cell. The method further includes comparing the at least one voltage value to the at least one threshold voltage value. The method further includes determining at least one logical value of the at least one cell in response to the comparison of the at least one voltage value to the at least one threshold voltage value. | 2013-06-27 |
20130167252 | AUTONOMOUS ACCESS CONTROL - Methods and devices for controlling actions associated with a plurality of resources available on a computing device are described herein. One example embodiment comprises: presenting a request for a usage preference that indicates a manner in which the computing device is preferred to be used; receiving input indicating the usage preference; determining an action for a resource that is to be controlled in order to satisfy the usage preference, wherein the determining is performed according to a heuristic that maps the usage preference to the action for the at least one resource; and controlling whether or not to allow the action to be performed; wherein the request for the usage preference or the input identifying the usage preference does not explicitly indicate that the determined action is to be controlled in order to satisfy the usage preference. | 2013-06-27 |
20130167253 | METHOD AND APPARATUS FOR PROVIDING CLOUD-BASED DIGITAL RIGHTS MANAGEMENT SERVICE AND SYSTEM THEREOF - A method for providing a Digital Rights Management (DRM) service in a network is provided. The method includes receiving a request message for device registration, which includes DRM-related identification information, from a user device; and registering registration information of the user device, which is distinguished according to a corresponding user account and according to a corresponding DRM solution, based on the DRM-related identification information. | 2013-06-27 |
20130167254 | Universal Serial Bus Shield - A system for thwarting malicious malware attacks on computing devices potentially introduced by flash drives and similar universal serial bus (“USB”) devices. The system disclosed herein includes a USB shield that treats both a hosting computer and a newly inserted USB device with appropriate caution and monitors interactions between the host and the device based on its own logic. In some embodiments, the USB shield is configured independently of its intended host or intended target device. Once configured, the shield is typically plugged into a host computer, and then a desired USB device is plugged into the shield and then monitors and blocks all communications inconsistent with its configuration parameters. In some embodiments, the USB shield modifies certain communications (such as filenames) as a safety precaution if so configured to defeat auto-run logic even if configured on a host computer. | 2013-06-27 |
20130167255 | SCREENING METHOD FOR ANTICANCER DRUGS - Use of an animal model of spontaneous metastasis bearing a tumor derived from a cell line RM72 (Accession No. NITE BP-1110) allows simultaneous evaluation of tumorigenesis and spontaneous cancer metastasis. Use of a screening method using the animal model of spontaneous metastasis allows the obtainment of a substance having an anticancer activity and/or an anti-metastatic activity. Use of another screening method for selecting a substance that increases the expression of RECK in a cancer cell allows the obtainment of a substance that can serve as an active ingredient in an anticancer drug. | 2013-06-27 |
20130167256 | GENETIC ENGINEERING OF NON-HUMAN ANIMALS FOR THE PRODUCTION OF CHIMERIC ANTIBODIES - The invention provides non-human cells and mammals having a genome encoding chimeric antibodies and methods of producing transgenic cells and mammals. Certain aspects of the invention include chimeric antibodies, humanized antibodies, pharmaceutical compositions and kits. Certain aspects of the invention also relate to diagnostic and treatment methods using the antibodies of the invention. | 2013-06-27 |
20130167257 | METHODS OF SEED BREEDING USING HIGH THROUGHPUT NONDESTRUCTIVE SEED SAMPLING - The present invention provides for novel methods to facilitate germplasm improvement activities through the use of high throughput, nondestructive sampling of seeds. A method of evaluating seeds for a desired trait, for example, for facilitating germplasm improvement activities, etc., generally includes removing tissue samples from individual seeds using an automated seed sampler without affecting germination viability of the seeds, analyzing the tissue samples for one or more characteristics indicative of a desired trait, and selecting the sampled seeds that include the desired trait. | 2013-06-27 |
20130167258 | TOMATO HYBRID PX 02481245 AND PARENTS THEREOF - The invention provides seed and plants of tomato hybrid PX 02481245 and the parent lines thereof. The invention thus relates to the plants, seeds and tissue cultures of tomato hybrid PX 02481245 and the parent lines thereof, and to methods for producing a tomato plant produced by crossing such plants with themselves or with another tomato plant, such as a plant of another genotype. The invention further relates to seeds and plants produced by such crossing. The invention further relates to parts of such plants, including the fruit and gametes of such plants. | 2013-06-27 |
20130167259 | SOYBEAN CULTIVAR AR1000290 - The present invention is in the field of soybean variety breeding and development. The present invention particularly relates to the soybean variety AR1000290, its seed, its progeny and their cell, and methods of making AR1000290. | 2013-06-27 |
20130167260 | SOYBEAN CULTIVAR AR0902031 - The present invention is in the field of soybean variety breeding and development. The present invention particularly relates to the soybean variety AR0902031, its seed, its progeny and their cell, and methods of making AR0902031. | 2013-06-27 |
20130167261 | SOYBEAN VARIETY S05-11482 - A novel soybean variety designated S05-11482 is herein disclosed. This disclosure relates to the seeds of soybean variety S05-11482, to the plants of soybean S05-11482 to plant parts of soybean variety S05-11482 and to methods for producing a soybean plant produced by crossing plants of the soybean variety S05-11482 with another soybean plant, using S05-11482 as either the male or the female parent. | 2013-06-27 |
20130167262 | SOYBEAN VARIETY S05-11268 - A novel soybean variety designated S05-11268 is herein disclosed. This disclosure relates to the seeds of soybean variety S05-11268, to the plants of soybean S05-11268 to plant parts of soybean variety S05-11268 and to methods for producing a soybean plant produced by crossing plants of the soybean variety S05-11268 with another soybean plant, using S05-11268 as either the male or the female parent. | 2013-06-27 |
20130167263 | Nucleic acid molecules and other molecules associated with plants and uses thereof - Polynucleotides useful for improvement of plants are provided. In particular, polynucleotide sequences are provided from plant sources. Polypeptides encoded by the polynucleotide sequences are also provided. The disclosed polynucleotides and polypeptides find use in production of transgenic plants to produce plants having improved properties. | 2013-06-27 |
20130167264 | PESTICIDAL GENES FROM BREVIBACILLUS AND METHODS FOR THEIR USE - Compositions and methods for conferring insecticidal activity to bacteria, plants, plant cells, tissues and seeds are provided. Compositions including a coding sequence for a | 2013-06-27 |
20130167265 | ISOLATED POLYNUCLEOTIDES AND POLYPEPTIDES, AND METHODS OF USING SAME FOR INCREASING NITROGEN USE EFFICIENCY, YIELD, GROWTH RATE, VIGOR, BIOMASS, OIL CONTENT, AND/OR ABIOTIC STRESS TOLERANCE - Provided are isolated polynucleotides and nucleic acid constructs which comprise a nucleic acid sequence at least 80% identical to a nucleic acid sequence selected form the group consisting of SEQ ID NOs: 277, 1-276, 278-469 and 785-2397; and isolated polypeptides which comprise an amino acid sequence at least 80% homologous to an amino acid sequence selected from the group consisting of SEQ ID NOs: 482, 470-481, 483-784 and 2398-3818. Also provided are transgenic cells and plants expressing same and methods of using same for increasing nitrogen use efficiency, yield, biomass, growth rate, vigor, oil content, fiber yield, fiber quality, and/or abiotic stress tolerance of a plant. | 2013-06-27 |
20130167266 | PLANT HEAT-RESISTANCE GENE JAZ5A AND USE THEREOF - The present invention provides a heat-resistance plant gene JAZ5a and use thereof. The inventors of the present invention isolated for the first time a heat resistance gene from the plant of | 2013-06-27 |
20130167267 | PROCESSES USING VLPS WITH CAPSIDS RESISTANT TO HYDROLASES - Novel processes and compositions are described which use viral capsid proteins resistant to hydrolases to prepare virus-like particles to enclose and subsequently isolate and purify target cargo molecules of interest including nucleic acids such as siRNA's and shRNA's, and small peptides. | 2013-06-27 |
20130167268 | COMBINATIONS INCLUDING CRY34AB/35AB AND CRY3Aa PROTEINS TO PREVENT DEVELOPMENT OF RESISTANCE IN CORN ROOTWORMS (DIABROTICA SPP.) - The subject invention relates in part to Cry34Ab/35Ab in combination with Cry3Aa. The subject invention relates in part to the surprising discovery that combinations of Cry34Ab/Cry35Ab and Cry3Aa are useful for preventing development of resistance (to either insecticidal protein system alone) by a corn rootworm ( | 2013-06-27 |
20130167269 | COMBINATIONS INCLUDING Cry34Ab/35Ab AND Cry6Aa PROTEINS TO PREVENT DEVELOPMENT OF RESISTANCE IN CORN ROOTWORMS (DIABROTICA SPP.) - The subject invention relates in part to Cry34Ab/35Ab in combination with Cry6Aa. The subject invention relates in part to the surprising discovery that combinations of Cry34Ab/Cry35Ab and Cry6Aa are useful for preventing development of resistance (to either insecticidal protein system alone) by a corn rootworm ( | 2013-06-27 |
20130167270 | METHOD FOR DIFFERENTIATING FERTILE AND STERILE PLANT LINES BY DETECTION OF POLYMORPHIC MARKERS IN CHLOROPLAST DNA - This technology is generally related to a method for differentiating fertile and sterile plant lines at the DNA level, by detecting polymorphisms in chloroplast DNA and compositions and uses thereof. More specifically, the technology is directed to a method for detecting plant line contamination by detecting polymorphic markers targeting simple sequence repeats (SSRs) that distinguish normal fertile plant lines from cytoplasmic male sterile (cms) plant lines in chloroplast DNA. This method may be applied to plants that have not yet flowered or to plant seeds. The technology also relates to a method of mitigating seed contamination based on this differentiation method by selecting plants essentially free of contamination or rejecting a plant if it exhibits contamination. The technology also relates to a plant seed lot produced by these same processes. | 2013-06-27 |
20130167271 | PROTEIN HAVING GLYCOALKALOID BIOSYNTHETIC ENZYME ACTIVITY AND GENE ENCODING THE SAME - Disclosed is the provision of a DNA for a glycoalkaloid biosynthetic enzyme in a plant belonging to the family Solanaceae such as potatoes. Also disclosed is a protein having the enzymatic activity of a glycoalkaloid biosynthetic enzyme of a plant belonging to the family Solanaceae such as potatoes and a method for producing and examining a novel organism using a gene encoding this protein. | 2013-06-27 |
20130167272 | ELECTRICAL-MECHANICAL COMPLEX SENSOR FOR NANOMATERIALS - Disclosed is an electrical-mechanical complex sensor for nanomaterials, including: a detector having a piezoelectric film therein, for measuring a mechanical property of a nanomaterial when a bending or tensile load is applied to the nanomaterial; a first detection film formed at an end of the detector to measure the mechanical property and an electrical property of the nanomaterial) in real time at the same time, when the nanomaterial contacts the first detection film; and a support to which one end of the detector is integrally connected, for supporting the detector. | 2013-06-27 |
20130167273 | Pear tree named "CELINA' - A new and distinct | 2013-06-27 |
20130167274 | Avocado tree named 'Pflum's Best' - A new avocado variety called ‘Pflum's Best’ that displays an early fruiting season, precocity, vigorous growth, tolerance to wet soil, and large maroon fruit. The variety is also selected for its resistance and tolerance to common avocado diseases and various insects. Additionally, ‘Pflum's Best’ bears fruit earlier, by one to three years, than its male parent ‘Brogdon’ and female parent ‘Choquette.’ The characteristic maroon skin of the fruit of ‘Pflum's Best’ has a subtle texture and may be somewhat mottled with a light green color, and the flesh has an exceptionally delicious taste that is buttery and nutty. The fruit of ‘Pflum's Best’ is approximately 6-11 inches in length, 4.5 inches in diameter, and approximately 25 ounces when ripe. | 2013-06-27 |
20130167275 | Variety of Calla Lily Named 'PACO' - ‘Paco’ is a new variety of | 2013-06-27 |
20130167276 | Variety of Calla Lily Named 'Samur' - ‘Samur’ is a new variety of calla lily having flowers with a pink-colored spathe that produces 2-15 flowers per tuber. The flower stems are about 50 cm. in length and the leaves are green with no whitish spots and have a leathery texture. | 2013-06-27 |
20130167277 | Variety of Calla Lily Named 'Calgary' - ‘Calgary’ is a new variety of calla lily having flowers with a creamy-colored spathe that produces 3-20 flowers per tuber. The flower stems are about 25 cm. in height and the leaves are green with whitish spots and have a leathery texture. The new variety has a dwarf plant architecture. | 2013-06-27 |
20130167278 | Variety of Calla Lily Named 'Aspen' - ‘Aspen’ is a new variety of | 2013-06-27 |
20130167279 | Lomandra fluviatilis plant named ' AU807' - ‘AU807’ is a distinctive variety of | 2013-06-27 |
20130167280 | Gaillardia plant named 'DGAL3' - A new and distinct | 2013-06-27 |