Patent application number | Description | Published |
20090175442 | Digital Rights Management System Protecting Consumer Privacy - Technologies for a Consumer Privacy Digital Rights Management system based on stable partially blind signatures that enable a license server to provide licenses for delivery to users without knowing the corresponding digital contents that users access with the license. Therefore consumer privacy is protected during license acquisition. Further, if the client DRM module in the DRM system does not disclose any information about a user's digital content access, and the messages that the client DRM module sends out are in plain text enabling verification that the client DRM module is not disclosing such information, then consumer privacy is fully protected by the DRM system. | 07-09-2009 |
20090260077 | SECURITY-ENHANCED LOG IN - A security-enhanced login technique that provides a convenient and easy-to-use two factor technique to enhance the security of passwords without requiring any changes on the server side of a client-server network. The technique employs a convenient and easy-to-use two-factor technique to generate strong passwords for Web and other applications. In this technique, a convenient or personal device such as a mouse is used as the other factor besides a user password. A secret stored in the mouse or other personal device is hashed together with the password entered by a user and the server ID, to generate a strong, server-specific password which is used to authenticate the user to the server. This password enhancement operation is carried out inside the personal device. | 10-15-2009 |
20090265760 | COMPONENT-ORIENTED ARCHITECTURE FOR WEB MASHUPS - A component-oriented web mashup system and method for communicating between component-oriented Web gadgets to facilitate secure Web mashups. Embodiments of the system and method redefine the traditional definition of gadget to mean a Web component having a verifiable controlled communication channel (a CompoWeb gadget). A CompoWeb gadget is created and defined using new HTML tags and global script objects and functions that extend the functions of the browser. CompoWeb gadget content is treated as a component that is isolated from other gadgets and frames by a browser, and only those allowed access can view data and code therein. Called functions of a CompoWeb gadget are run in the callee's environment instead of the caller's environment. This adds security, because all the requesting CompoWeb gadget receives is the run result. Embodiments of the system and method also include delayed binding of CompoWeb gadgets, such that binding is performed at run time. | 10-22-2009 |
20090320021 | DIAGNOSIS OF APPLICATION PERFORMANCE PROBLEMS VIA ANALYSIS OF THREAD DEPENDENCIES - A “Performance Evaluator” provides various techniques for tracking system events to diagnose root causes of application performance anomalies. In general, traces of system events involved in inter-thread interactions are collected at application runtime. These traces are then used to construct inter-thread dependency patterns termed “control patterns.” Control patterns are then evaluated to determine root causes of performance anomalies. Where an application terminates abnormally or full traces cannot be collected for some reason, partial control patterns are constructed for that application. In various embodiments, “fingerprints” are then generated from full or partial control patterns and are matched to fingerprints corresponding to operations in other control patterns extracted from reference traces collected on the same or similar systems. Matched fingerprints or control patterns are then used to deduce the root cause of application performance anomalies associated with full or partial traces. | 12-24-2009 |
20090320129 | SECURE CONTROL FLOWS BY MONITORING CONTROL TRANSFERS - A cross-module detection system and method for detecting and monitoring control flow transfers between software modules in a computer system. The system and method detect and monitor control flows entering and exiting the software modules. For a particular module, a checking model is extracted from the binary file of that module. In addition, a relaxed shadow stack is generated. If the module is an original module, meaning that the control flow originated from that module, then the checking model is used to check the validity of the control flow transfer. Otherwise, the relaxed shadow stack is used. An interception module is used to intercept and terminate invalid control flow transfers. If an invalid control flow transfer is detected, then the transfer is terminated. Otherwise, the control flow transfer is allowed to continue. | 12-24-2009 |
20090327735 | UNIDIRECTIONAL MULTI-USE PROXY RE-SIGNATURE PROCESS - A “proxy re-signature system” provides various techniques for transforming a delegatee's signature on a message m into a delegator's on the same message m. Various embodiments of non-interactive re-signature generation processes are described. Various embodiments to aggregate part of signatures to reduce the size of re-signed signatures are also described. Various combinations of the proxy re-signature process and the re-signature conversion process result in an overall process that is unidirectional, multi-use, private, and non-interactive. As such, the proxy re-signature system is applicable for use with a wide range of applications. | 12-31-2009 |
20100106671 | Comprehensive Human Computation Framework - Technologies for a human computation framework suitable for answering common sense questions that are difficult for computers to answer but easy for humans to answer. The technologies support solving general common sense problems without a priori knowledge of the problems; support for determining whether an answer is from a bot or human so as to screen out spurious answers from bots; support for distilling answers collected from human users to ensure high quality solutions to the questions asked; and support for preventing malicious elements in or out of the system from attacking other system elements or contaminating the solutions produced by the system, and preventing users from being compensated without contributing answers. | 04-29-2010 |
20100131755 | DISTRIBUTED SINGLE SIGN ON TECHNOLOGIES INCLUDING PRIVACY PROTECTION AND PROACTIVE UPDATING - Technologies for distributed single sign-on operable to provide user access to a plurality of services via authentication to a single entity. The distributed single sign-on technologies provide a set of authentication servers and methods for privacy protection based on splitting secret keys and user profiles into secure shares and periodically updating shares among the authentication servers without affecting the underlying secrets. The correctness of the received partial token or partial profiles can be verified with non-interactive zero-knowledge proofs. | 05-27-2010 |
20110072498 | TEARING AND CONFORMAL TRANSFORMATION HUMAN INTERACTIVE PROOF - The HIP creation technique described herein pertains to a technique for creating a human interactive proof (HIP) by applying tearing and/or a conformal transformation to a string of characters while maintaining readability of text. In one embodiment, the technique tears a character string into two or more pieces and applies conformal transformation to warp the pieces in order to create a HIP. The transformation changes the shape and orientation of the characters but preserves angles of the characters which makes it easy for humans to recognize the characters after the transformation. Other embodiments of the technique create HIPs by applying tearing only to a string of characters, or by applying conformal transformation only to the character string. | 03-24-2011 |
20110208716 | Image-Based CAPTCHA Exploiting Context in Object Recognition - Techniques for an image-based CAPTCHA for object recognition are described. The disclosure describes adding images to a database by collecting images by querying descriptive keywords to an image search engine or crawling images from the Internet. | 08-25-2011 |
20110292031 | MANIPULABLE HUMAN INTERACTIVE PROOFS - A manipulable human interactive proof (HIP) displays at most a portion of verification information. A user performs at least one manipulation on the HIP display to obtain full verification information. | 12-01-2011 |
20120110433 | PARALLEL WEB PAGE PROCESSING - Methods and systems for parallel Web page processing are usable to parallelize Web page document parsing, Web page layout calculations, Web page style formatting, and Web page script engine processing. Such parallelized parsers may be used to enhance Web page processing and exploit multi-core and multi-processor computing device resources. The parallelized script engine may be used to enhance Web page processing when independent scripting events exist in the Web page document. Additionally, the parallelized layout calculations and style formatting may be used to further enhance Web page processing by allowing multi-core and multi-processor computing devices to take advantage of their parallel processing abilities. | 05-03-2012 |
20120110437 | STYLE AND LAYOUT CACHING OF WEB CONTENT - Methods and systems for style and/or layout caching of Web content are usable to build reusable style caching trees and cacheable layout calculations. Such style caching trees may be used to avoid recalculating style content of Web pages for document object model (DOM) elements that have not changed. Additionally, the cacheable layout calculations may be used to avoid recalculating the layout content of Web pages that are subsequently accessed. | 05-03-2012 |
20120144465 | DISTRIBUTED SINGLE SIGN ON TECHNOLOGIES INCLUDING PRIVACY PROTECTION AND PROACTIVE UPDATING - Technologies for distributed single sign-on operable to provide user access to a plurality of services via authentication to a single entity. The distributed single sign-on technologies provide a set of authentication servers and methods for privacy protection based on splitting secret, keys and user profiles into secure shares and periodically updating shares among the authentication servers without affecting the underlying secrets. The correctness of the received partial token or partial profiles can be verified with non-interactive zero-knowledge proofs. | 06-07-2012 |
20120158626 | DETECTION AND CATEGORIZATION OF MALICIOUS URLS - This document describes techniques for using features extracted from a URL to detect a malicious URL and categorize the malicious URL as one of a phishing URL, a spamming URL, a malware URL or a multi-type attack URL. The techniques employ one or more machine learning algorithms to train classification models using a set of training data which includes a known set of benign URLs and a known set of malicious URLs. The classification models are then employed to detect and/or categorize a malicious URL. | 06-21-2012 |
20120159588 | DISTRIBUTED SINGLE SIGN ON TECHNOLOGIES INCLUDING PRIVACY PROTECTION AND PROACTIVE UPDATING - Technologies for distributed single sign-on operable to provide user access to a plurality of services via authentication to a single entity. The distributed single sign-on technologies provide a set of authentication servers and methods for privacy protection based on splitting secret, keys and user profiles into secure shares and periodically updating shares among the authentication servers without affecting the underlying secrets. The correctness of the received partial token or partial profiles can be verified with non-interactive zero-knowledge proofs. | 06-21-2012 |
20120159589 | DISTRIBUTED SINGLE SIGN ON TECHNOLOGIES INCLUDING PRIVACY PROTECTION AND PROACTIVE UPDATING - Technologies for distributed single sign-on operable to provide user access to a plurality of services via authentication to a single entity. The distributed single sign-on technologies provide a set of authentication servers and methods for privacy protection based on splitting secret, keys and user profiles into secure shares and periodically updating shares among the authentication servers without affecting the underlying secrets. The correctness of the received partial token or partial profiles can be verified with non-interactive zero-knowledge proofs. | 06-21-2012 |
20120174207 | DISTRIBUTED SINGLE SIGN ON TECHNOLOGIES INCLUDING PRIVACY PROTECTION AND PROACTIVE UPDATING - Technologies for distributed single sign-on operable to provide user access to a plurality of services via authentication to a single entity. The distributed single sion-on technologies provide a set of authentication servers and methods for privacy protection based on splitting secret keys and user profiles into secure shares and periodically updating shares among the authentication servers without affecting the underlying secrets. The correctness of the received partial token or partial profiles can be verified with non-interactive zero-knowledge proofs. | 07-05-2012 |
20120260157 | Cooperative Rendering Cache for Mobile Browser - A cooperative rendering cache browser (CRC-Browser) for a mobile device may cooperatively manage cached content with a proxy server to reduce redundant transmissions of processed Web data. Additionally, the CRC-Browser may provide stateful, thin-client Web browsing to maintain synchronized information about rendering objects of a Web page. Further, the CRC-Browser may cache only stable and/or visible document object model (DOM) elements and communicate a list of IDs of the cached elements to the proxy. Such stateful thin-client browsers may be useful for reducing battery drain, poor responsiveness, and high wireless network costs of mobile Web browsing. | 10-11-2012 |
20120272302 | Human User Verification - Techniques for generating a human user test for online applications or services may include splitting the visual objects in an image into multiple partial images, and forming one or more alignment positions. At each of the alignment positions, some of the visual objects appear recognizable while some bogus visual objects also appear to prevent robots from recognizing the alignment positions. A user is requested to find the multiple alignment positions to return recognizable visual objects. A system determines that the user is a human user if the recognizable visual objects input by the user match the visual objects in the image. | 10-25-2012 |
20120306769 | MULTI-TOUCH TEXT INPUT - This document describes tools associated with symbol entry control functions. In some implementations, the tools identify a first finger that is in tactile contact with a touch screen. The first finger can select a subset of symbols from a plurality of symbols that can be entered via the touch screen. The tools can also identify whether one or more other fingers are in concurrent tactile contact with the first finger on the touch screen. The tools can select an individual symbol from the subset based on whether the one or more other fingers are in concurrent tactile contact with the first finger on the touch screen. | 12-06-2012 |
20130013859 | Structure-Based Adaptive Document Caching - Techniques for generating, updating, and transmitting a structure-based data representation of a document are described herein. The structure-based adaptive document caching techniques may effectively eliminate redundancy in data transmission by exploiting structures of the document to be transmitted. The described techniques partitions a document into a sequence of structures, differentiate between cache-worthy structures and cache-unworthy structures, and generating a structure-based data representation of the document. The techniques may transmit updated structures and instructions, instead of all data of the document, to update previously cached structures at a client device; thereby resulting in higher cache hit rates. | 01-10-2013 |
20130060726 | COMPREHENSIVE HUMAN COMPUTATION FRAMEWORK - Technologies for a human computation framework suitable for answering common sense questions that are difficult for computers to answer but easy for humans to answer. The technologies support solving general common sense problems without a priori knowledge of the problems; support for determining whether an answer is from a bot or human so as to screen out spurious answers from bots; support for distilling answers collected from human users to ensure high quality solutions to the questions asked; and support for preventing malicious elements in or out of the system from attacking other system elements or contaminating the solutions produced by the system, and preventing users from being compensated without contributing answers. | 03-07-2013 |
20130097697 | Security Primitives Employing Hard Artificial Intelligence Problems - A security module generates a random image having a plurality of password-element indicators therein. The random image is provided to a user. The user selects portions of the random image. The security module determines whether the selected portions of the random image correspond to a password for the user. The security module grants access if the selected portions of the random image correspond to the user's password. However, if the selected portions of the random image do not correspond to the user's password, the security module may generate another random image having a plurality of password-element indicators therein, wherein each of the random images are computationally de-correlated. | 04-18-2013 |
20130185230 | MACHINE-LEARNING BASED CLASSIFICATION OF USER ACCOUNTS BASED ON EMAIL ADDRESSES AND OTHER ACCOUNT INFORMATION - A trust level of an account is determined at least partly based on a degree of the memorability of an email address associated with the account. Additional features such as those based on the domain of the email address and those from the additional information such as name, phone number, and address associated with the account may also be used to determine the trust level of the account. A machine learning process may be used to learn a classification model based on one or more features that distinguish a malicious account from a benign account from training data. The classification model is used to determine a trust level of the account, and/or if the account is malicious or benign, and may be continuously improved by incrementally adapting or improving the model with new accounts. | 07-18-2013 |
20130218566 | AUDIO HUMAN INTERACTIVE PROOF BASED ON TEXT-TO-SPEECH AND SEMANTICS - The text-to-speech audio HIP technique described herein in some embodiments uses different correlated or uncorrelated words or sentences generated via a text-to-speech engine as audio HIP challenges. The technique can apply different effects in the text-to-speech synthesizer speaking a sentence to be used as a HIP challenge string. The different effects can include, for example, spectral frequency warping; vowel duration warping; background addition; echo addition; and varying the time duration between words, among others. In some embodiments the technique varies the set of parameters to prevent using Automated Speech Recognition tools from using previously used audio HIP challenges to learn a model which can then be used to recognize future audio HIP challenges generated by the technique. Additionally, in some embodiments the technique introduces the requirement of semantic understanding in HIP challenges. | 08-22-2013 |
20130298195 | Image-Based CAPTCHA Exploiting Context in Object Recognition - Techniques for an image-based CAPTCHA for object recognition are described. The disclosure describes adding images to a database by collecting images by querying descriptive keywords to an image search engine or crawling images from the Internet. | 11-07-2013 |