19th week of 2015 patent applcation highlights part 67 |
Patent application number | Title | Published |
20150128208 | APPARATUS AND METHOD FOR DYNAMICALLY CONTROLLING SECURITY IN COMPUTING DEVICE WITH PLURALITY OF SECURITY MODULES - Provided are an apparatus and method for dynamically controlling security of a computing device provided with a plurality of security modules. The apparatus includes a security policy storage unit configured to store a security policy that is set according to at least one of a state of the computing device and a characteristic of an application program executed on the computing device, and a dynamic calling control unit configured to recognize that a security function is called by the application program, and determine one of the plurality of security modules whose security function is to be called according to the set security policy. | 2015-05-07 |
20150128209 | MANDATORY PROTECTION CONTROL IN VIRTUAL MACHINES - A method and system for authenticating a user to provide access to a secure application configured on a mobile device are disclosed. The method includes receiving an input from the user. The input is associated with a plurality of parameters. The method includes extracting a biometric pattern based on the input. The biometric pattern may be generated from the plurality of parameters associated with the input. The method may include comparing the biometric pattern with a plurality of reference patterns. The plurality of reference patterns are pre-defined by an owner of the mobile device. Furthermore, the method may include authenticating the user when the biometric pattern matches a reference pattern associated with the secure application from the plurality of reference patterns. Moreover, the method includes allowing the user to access the secure application, based on the authentication. | 2015-05-07 |
20150128210 | PROVISIONING USER PERMISSIONS ATTRIBUTE-BASED ACCESS-CONTROL POLICIES - An attribute-based access control policy (e.g., XACML policy) for a set of elements depends on attributes carried by elements in one of several predefined categories. In order to evaluate such policy for a set of elements, the invention provides a method including the steps of (I) selecting a primary category; (II) partitioning the elements in the primary category into equivalence classes with respect to their influence on the policy; and (III) using the equivalence classes to replace at least one policy evaluation by a deduction. The result of the evaluation may be represented as an access matrix in backward-compatible format. The efficiency of the policy evaluation may be further improved by applying partial policy evaluation at intermediate stages, by forming combined equivalence classes containing n-tuples of elements and/or by analyzing the influence of each element by extracting functional expressions of maximal length from the policy. | 2015-05-07 |
20150128211 | AUTOMATED GENERATION OF ACCESS CONTROL RULES FOR USE IN A DISTRIBUTED NETWORK MANAGEMENT SYSTEM THAT USES A LABEL-BASED POLICY MODEL - An access control rule authorizing communication between a plurality of managed servers within an administrative domain is determined. Communication information describing past communication between the plurality of managed servers is obtained. A subset of managed servers from the plurality of managed servers is identified by grouping the plurality of managed servers based on the obtained communication information. A group-level label set is determined to associate with the subset of managed servers. Role labels are determined for managed servers in the subset of managed servers. A managed server is associated with one role label. Based on the group-level label set and the role labels, an access control rule is generated authorizing communication between a first managed server of the subset of managed servers and a second managed server. The access control rule is stored as part of an administrative domain-wide management policy. | 2015-05-07 |
20150128212 | Determining, Without Using a Network, Whether a Firewall Will Block a Particular Network Packet - A determination is made regarding whether a firewall will block a network packet. The network packet indicates a set of one or more characteristics. A test packet is generated that indicates the set of characteristics. The test packet is sent to the firewall without using a network. A test result is received from the firewall. The test result is stored. | 2015-05-07 |
20150128213 | POLICY ENFORCEMENT - In a communications network, policies are applied to electronic mail messages by determining a plurality of routes for electronic mail messages, each route being defined by at least one sender and at least one recipient, and determining a policy to be applied to electronic mail messages on each route. At least one tag is associated with each of a plurality of servers in the communications network, and at least one of the tags is associated with each of the plurality of routes. Each of the plurality of servers identifies the or each route that is associated with a tag that is associated with the server, and then applies the respective policy to electronic mail messages on the or each identified route. This allows policy to be defined on the basis of the role of the server and the policy features that it supports. | 2015-05-07 |
20150128214 | POLICY DIRECTED SECURITY-CENTRIC MODEL DRIVEN ARCHITECTURE TO SECURE CLIENT AND CLOUD HOSTED WEB SERVICE ENABLED PROCESSES - A policy directed, security-centric model driven architecture is described to secure internal web services, such as those implementing service-oriented architecture (SOA), and external web services such as those hosted on a cloud computing platform. A distributed data dictionary hosted across multiple dictionary engines and operating in conjunction with web security services are used to embed security profiles in web services messages and to validate messages that contain such security profiles. | 2015-05-07 |
20150128215 | INTEGRATED CLOUD STORAGE SERVICE THROUGH HOME GATEWAY - Provided is a method of providing an integrate cloud storage service through a home gateway communicating with smart devices through a first network formed by the home gateway and communicating with cloud storages through a communication network. The method may include obtaining information on cloud storage accounts associated with a smart device, as cloud storage account information, upon generation of a predetermined event associated with the smart device, generating an integrated cloud storage list based on information on folders and data of cloud storages accessible by the cloud storage account information, and providing the generated integrated cloud storage list to the smart device. | 2015-05-07 |
20150128216 | SYSTEM AND METHOD FOR AUTHENTICATING LOCAL CPE - Systems, methods, apparatus and other mechanisms for authenticating wireless customer premises equipment (CPE) at a service location by transmitting an authentication trigger signal via a first communication mechanism associated with the service location toward CPE associated with the service location; monitoring a second communication mechanism associated with the service location to detect therefrom any received authentication trigger response signals; and authenticating only CPE associated with a received authentication trigger response signal, wherein at least one of the first and second communication mechanisms comprises a local infrastructure element. | 2015-05-07 |
20150128217 | AUTHENTICATION METHOD AND AUTHENTICATION PROGRAM - To enhance the convenience of authentication when executing an application, an application server: acquires, from a terminal, context information indicating the status of the terminal; generates, on the basis of the acquired context information, information (an authentication necessity table) pertaining to the necessity for authentication when executing the application; and transmits to the terminal the authentication necessity table and an authentication module described in the table. Then, the terminal, on the basis of the authentication necessity table and an authentication table, determines whether or not authentication is necessary before executing the application, and when it has been determined that authentication is necessary, prior to executing the application, changes the authentication module read destination to the application read destination and executes the authentication module. | 2015-05-07 |
20150128218 | SYSTEM AND METHOD FOR RESTRICTING INTERNET ACCESS - A system and method for controlling access to the Internet is presented. By reserving a selected generic top-level domain, controlling content placed on subdomains within the selected generic top-level domain, and utilizing an Internet browser program that is specially modified to limit browsing to within the selected generic top-level domain, access to a sharply-defined and controlled subset of the Internet is achieved. | 2015-05-07 |
20150128219 | SHARED WI-FI USAGE - Various technologies described herein pertain to utilization of shared Wi-Fi. For instance, network access rights of a Wi-Fi network can be controlled by a mobile device of a point of contact for the Wi-Fi network. Moreover, utilization of a Wi-Fi network can be tracked and usage data indicative of historic utilization of the Wi-Fi network can be retained. Further, groups of users between whom Wi-Fi credentials are shared can be created. | 2015-05-07 |
20150128220 | LOCATION BASED AUTHENTICATION OF USERS TO A VIRTUAL MACHINE IN A COMPUTER SYSTEM - An apparatus and method uses location based authentication of a user accessing a virtual machine (VM) by using the physical location of the virtual machine as a criteria for the authentication. When a user requires a logical partition to run in a known, specified physical location, the user specifies the physical location when the VM is created. The specified physical location is then incorporated into the user authentication process. Users are challenged and must know the physical location in order to be authenticated to the system. When a “disruptive event” in the cloud environment occurs that necessitates moving the VM to another location, the original physical location is stored so the virtualization manager later can automatically relocate the VM back to its original physical location. | 2015-05-07 |
20150128221 | LOCATION BASED AUTHENTICATION OF USERS TO A VIRTUAL MACHINE IN A COMPUTER SYSTEM - An apparatus and method uses location based authentication of a user accessing a virtual machine (VM) by using the physical location of the virtual machine as a criteria for the authentication. When a user requires a logical partition to run in a known, specified physical location, the user specifies the physical location when the VM is created. The specified physical location is then incorporated into the user authentication process. Users are challenged and must know the physical location in order to be authenticated to the system. When a “disruptive event” in the cloud environment occurs that necessitates moving the VM to another location, the original physical location is stored so the virtualization manager later can automatically relocate the VM back to its original physical location. | 2015-05-07 |
20150128222 | SYSTEMS AND METHODS FOR SOCIAL MEDIA USER VERIFICATION - Embodiments of the present disclosure provide an effective, user-friendly approach to help prevent the abuse of social networks by users who misrepresent their age, identity, and/or other information. | 2015-05-07 |
20150128223 | Using Security Levels in Optical Network - Path computation through nodes of a communications network to meet a desired security level against unauthorised physical access to the path, involves receiving a request ( | 2015-05-07 |
20150128224 | METHOD AND SYSTEM FOR EVALUATING ACCESS GRANTED TO USERS MOVING DYNAMICALLY ACROSS ENDPOINTS IN A NETWORK - A network analysis tool is provided in support of a data communication network having user devices at indeterminate endpoints wherein user identities, namely, the collection of meta-data about a user device of a network (beyond the conventional networking concept of an endpoint address), is modeled as fixed endpoints for purposes of tracking. More specifically, users at indeterminate endpoints are identified by modeling using user roles as models of the user devices. | 2015-05-07 |
20150128225 | APPARATUS AND METHOD FOR ACCESS VALIDATION - One or more techniques for access validation are provided. Access validation may be performed automatically or in real-time. Access validation may be at the resource level or at a sub-resource level. Techniques provided herein may be applied in a large variety of situations and industries, e.g. compliance management or inventory. Access validation reports may be generated in real-time or may link to indications of access validation in real-time. Five outcomes or options are provided, including affirmative, negative, stronger negative with larger implication, undetermined, and negative, however with temporarily granted access. A field for allowing entry of justification for access to a particular resource is provided. Reminders to validate privileges are provided. A continuous access validation process is provided. A technique for extending the hierarchy and corresponding workflow that is generated thereof is provided. | 2015-05-07 |
20150128226 | INDEPENDENT BIOMETRIC IDENTIFICATION SYSTEM - The inventive data processing system and method enable verifiable secure transfer of information between two or more parties, each having access to at least one identity verification system, utilizing a platform-independent architecture to enable verification of identities of parties sending and receiving secured information, and ensuring that only an authorized receiving party gains access to the secured information, regardless of the type, model, ownership and/or quantity of biometric identity verification (BIV) systems being utilized by each party. Parties desiring to securely transfer information between one another register at a central security management system, and each provide at least one biometric enrollment to their unique record configured for storing multiple BIV system enrollments for each party. The inventive system and method also provide an adaptive enrollment feature which enables the system to function automatically and transparently with new BIV systems that have not been previously enrolled by the user. | 2015-05-07 |
20150128227 | SYSTEMS AND METHODS FOR USING AN HTTP-AWARE CLIENT AGENT - Systems and methods are described for using a client agent operating in a virtual private network environment to intercept HTTP communications. Methods include: intercepting at the network layer, by a client agent executing on a client, an HTTP request from an application executing on the client; modifying the HTTP request; and transmitting, via a transport layer connection, the modified HTTP request to a server. Additional methods may comprise adding, removing, or modifying at least one cookie in the HTTP request. Still other methods may comprise modifying at least one name-value pair contained in the HTTP request. Corresponding systems are also described. | 2015-05-07 |
20150128228 | CHECKING FOR PERMISSION TO RECORD VOIP MESSAGES - Methods and arrangements to check for permission to record Voice over Internet Protocol (VoIP) messages and to respond to requests for permission are contemplated. Embodiments include transformations, code, state machines or other logic to check for permission to record VoIP messages and to respond to requests by transmitting an inquiry on permission to record a VoIP message of a participant in a VoIP call session comprising the VoIP message, receiving a response to the inquiry, determining by a processor whether the response to the inquiry grants permission to record the VoIP message, and recording the VoIP message based upon the response to the inquiry granting permission to record the VoIP message. Some embodiments may involve querying a participant in a VoIP call session comprising a VoIP message for permission to record the VoIP message through a user interface mechanism for checking for permission to record VoIP messages. | 2015-05-07 |
20150128229 | PROBABILISTICALLY EXPEDITED SECURE CONNECTIONS VIA CONNECTION PARAMETER REUSE - Methods for probabilistically expediting secure connections via connection parameter reuse are provided. In one aspect, a method includes determining whether a client had previously established a secure connection with a hostname. The method also includes obtaining a source identifier used by the client to establish the previous secure connection when it is determined that the client previously established the previous secure connection with the hostname. The method also includes sending a request to the hostname for a new secure connection based on the obtained source identifier. Systems and machine-readable media are also provided. | 2015-05-07 |
20150128230 | Network Access - Disclosed is a user device comprising storage means and a network interface for connecting to a network via an access point. The user device also comprises a processor configured to execute a client. This client is operable to receive access data pertaining to the access point which is conditionally useable by the client. The client is further operable to determine that the client can use the received access data based on a detected current condition at the user device. In response to said determination, the client is operable to use the received access data to: (i) store access credentials of the access point in said storage means, and (ii) configure the user device to an automatic connection mode. When so configured, the user device is capable of automatically connecting to the network via the access point using the stored access credentials independently from the client thereafter. | 2015-05-07 |
20150128231 | INFORMATION PROCESSING SYSTEM AND INFORMATION PROCESSING METHOD - An information processing system includes a device registration unit that stores device identification information of a device in a first storage unit in response to a device identification information registration request, a generation unit that generates user identification information of an unspecified user of the device, an authentication unit that performs authentication in response to an authentication request from the device and associates user identification information of a specified user specified in the authentication request with the device when the authentication performed in response to the authentication request is successful, and a processing unit that executes a process according to the user identification information associated with the device in response to a request from the device that has been successfully authenticated. Upon receiving an authentication request that does not specify user identification information, the authentication unit associates the user identification information generated by the generation unit with the device. | 2015-05-07 |
20150128232 | METHODS AND APPARATUS TO DISCOVER AUTHENTICATION INFORMATION IN A WIRELESS NETWORKING ENVIRONMENT - Examples to discover network authentication information in a wireless network involve transmitting during network discovery and prior to authentication, a Generic Advertisement Services (GAS) request to a network access point. The request requests authentication information. In addition, a response to the request is received from the network access point. The network authentication information is retrieved from the response. The network authentication information includes a re-direct frame. | 2015-05-07 |
20150128233 | BLACKLISTING OF FREQUENTLY USED GESTURE PASSWORDS - A method of maintaining a blacklist for gesture-based passwords is provided. A data store of vectors corresponding to gestures is maintained on a blacklist server. Upon receiving a new gesture based password, an electronic device converts the password to a vector and forwards that vector to the blacklist server. The blacklist server assigns the vector to one of a cluster of vectors each having low distance from one another. If the increase in the occurrences of the number of vectors in the cluster results in a blacklist threshold being exceeded, the cluster of vectors is inputted to the blacklist. A notification can be sent back to the electronic device if the forwarded vector is on the blacklist or is inputted to the blacklist. | 2015-05-07 |
20150128234 | SYSTEM AND METHOD FOR GENERATING PASSWORDS USING KEY INPUTS AND CONTEXTUAL INPUTS - A method and system for automatically generating a new password from user selected characters via key press which are different from the user selected characters. Each key of a keypad can be entered within one or more contexts, manually selected by the user or automatically selected by the described system, such that the same key press within one context provides a unique code different than the same key press within another context. The code corresponding to the proper combination of a key press, the contexts of the selected key press, and the sequence of entry must match the previously stored code set by the user. Context selection is not based on any of the possible key presses selectable on the keypad. Therefore if the password characters are discovered without the context for each character, then it becomes difficult to access the content. The newly generated password can be the same length as the originally entered password, or can be longer or shorter in length than the originally entered password. | 2015-05-07 |
20150128235 | Establishing Historical Usage-Based Hardware Trust - Establishing trust according to historical usage of selected hardware involves providing a usage history for a selected client device; and extending trust to a selected user based on the user's usage history of the client device. The usage history is embodied as signed statements issued by a third party or an authentication server. The issued statement is stored either on the client device, or on an authentication server. The usage history is updated every time a user is authenticated from the selected client device. By combining the usage history with conventional user authentication, an enhanced trust level is readily established. The enhanced, hardware-based trust provided by logging on from a trusted client may eliminate the necessity of requiring secondary authentication for e-commerce and financial services transactions, and may also be used to facilitate password recovery and conflict resolution in the case of stolen passwords. | 2015-05-07 |
20150128236 | Systems and Methods for Verifying a User Based on Reputational Information - Systems and methods for verifying a user based on reputational information are provided. In particular, a computerized CAPTCHA system consisting of one or more computers can determine a trust score based on one or more reputation signals associated with a user computing device, select a challenge to provide to the user computing device based on the trust score, and determine whether to verify the user computing device based on a received response to the challenge and/or the trust score. | 2015-05-07 |
20150128237 | Delegating Authorizations - Delegation of authorizations from one device to another device is contemplated. The contemplated capabilities may enable an authenticated device to confer access tokens or other authoritative permissions to a non-authenticated or unsecured device, such as to enable the delegated device to access user content without the user having to enter a username and password or other identifying credentials thereto. | 2015-05-07 |
20150128238 | METHOD, DEVICE, AND SYSTEM FOR IDENTITY AUTHENTICATION - The present invention relates to the field of identity authentication. Provided are a method, device, and system for identity authentication, solving the technical problem that existing identity authentication technologies are incapable of protecting personal privacy, and that authentication technologies comprising personal privacy must provide a traceability feature. The method for identity authentication mainly comprises: a first authenticator transmitting to a second authenticator a first identity authentication message; the second authenticator transmitting to an authentication server a second identity authentication message; the authentication server verifying the validity of a secure domain where the second authenticator is at on the basis of the second identity authentication message; the authentication server returning to the second authenticator a third identity authentication message; when the third identity authentication message is received by the second authenticator, same transmitting to the first authenticator a fourth identity authentication message. | 2015-05-07 |
20150128239 | IMAGE FORMING APPARATUS CAPABLE OF REDUCING SECURITY RISK, METHOD OF CONTROLLING IMAGE FORMING APPARATUS, SYSTEM INCLUDING IMAGE FORMING APPARATUS, AND STORAGE MEDIUM - An image forming apparatus capable of notifying a user of violation of the information security policy or preventing execution of the job from being stopped. A password policy set via a password policy-setting screen. A password-added print job transmitted from a PC is stored in a storage device. A user inputs a password so as to execute processing of the password-added print job stored in the storage device. If the password input by the user matches the password added to the job, processing of the password-added print job is executed. It is determined whether or not the password added to the print job satisfies the password policy. | 2015-05-07 |
20150128240 | Determining Identity Of Individuals Using Authenticators - Systems are provided that allow users to access resources in a manner that addresses inherent deficiencies in existing authentication systems. During a typical authentication process, the system may connect the user to one or more authenticators in real time through a variety of communications channels so that the authenticators may verify that the user is who he/she purports to be. In this way, a user may be authenticated and allowed to complete transactions that require access to protected resources/transactions. In some embodiments, the system may automatically identify authenticators for a user via an onboarding process by searching the user's electronic files, accessing social and professional networking sites, searching one or more credit reporting databases, or other such means. Based upon the determinations made by the authenticators, and other factors, such as the trust scores assigned to authenticators, an authentication engine may be used to calculate a confidence score regarding the user's identity that may be utilized in determining whether to grant the user access to protected resources/transactions. | 2015-05-07 |
20150128241 | SYSTEMS AND METHODS FOR AUTHENTICATING A USER AND DEVICE - Systems and methods for authenticating a user request for authentication are provided. An authentication device that may be part of such a system includes a network interface component coupled to a network and configured to receive at least one data packet having authentication information including at least a username of a user and user credentials. The device also includes a memory coupled to the network interface component and configured to store the received authentication information, one or more instructions for authenticating the user, and account information of the user. The device further includes one or more processors configured to analyze the received information, calculate a score based on the received information, determine a threshold, compare the calculated score with the determined threshold, and authenticate the user and a device from which the data packet is received if the calculated score is greater than or equal to the determined threshold. | 2015-05-07 |
20150128242 | Federated identity mapping using delegated authorization - A method for identity mapping across web services uses a delegated authorization protocol, such as OAuth. In response to a request from a first user at a first web service, a connection to a second web service is established using the protocol. The second web service responds by sending information associated with a second user of the first web service who previously logged into the second web service from the first web service using the protocol. The second user may be a “contact” of the first user. The information received from the second web service is a access token that was obtained by the second user during that prior login. The access token is provided in lieu of data associated with the second user's account at the second web service. Thereafter, the first web service uses the access token it received to map to an identity of the second user. | 2015-05-07 |
20150128243 | METHOD OF AUTHENTICATING A DEVICE AND ENCRYPTING DATA TRANSMITTED BETWEEN THE DEVICE AND A SERVER - A method of authenticating a device for secure communications between the device and a server comprises transmitting a security token request via a data communications network using a data communications protocol. A message is received from the device that no security token is available. In response, an identification request is transmitted from the server to the device via the data communications network and an identification message is received from the device via a mobile communications network using a mobile communications protocol, the identification message including an identification of the device. The identification of the device is stored in a memory. A security token is generated and transmitted to the device via the data communications network. The security token is stored associated with the identification of the device in a memory connected to the server for use in future secure communications with the device via the data communications network. | 2015-05-07 |
20150128244 | Systems and Methods for Secure Remote Access - Embodiments of the disclosure can include systems and methods for secure remote transfers. The onsite monitoring system secure file transfer solution can allow for transferring operational data by an onsite system behind a firewall to a central monitoring and diagnostic infrastructure by sending asynchronous, concurrent, parallel files over a port using a previously opened connection. The asynchronous TLS tunneling based remote desktop protocol solution is uni-directional because the communication ports are typically open outbound only. | 2015-05-07 |
20150128245 | MANAGEMENT OF ADDRESSES IN VIRTUAL MACHINES - Methods for managing an address on a switching device, managing an address on a network switch, and screening addresses in a cloud computing environment are provided. One embodiment is directed towards a computer-implemented method for managing an address on a switching device that is communicatively coupled to a plurality of virtual machines. The method includes accessing an address pool that includes an assigned address for each virtual machine from the plurality of virtual machines. The method includes determining, on the switching device, a used address for the virtual machine from the plurality of virtual machines. The method includes determining whether the used address is matching the assigned address for each virtual machine. The method also includes routing traffic from the virtual machine to a hypervisor in response to the used address matching the assigned address. | 2015-05-07 |
20150128246 | METHODS AND APPARATUS FOR REDIRECTING ATTACKS ON A NETWORK - A system is disclosed for protecting a network against malicious attacks or attempts for unauthorized access. A network is connected to an external network by a number of firewalls. Inspectors detect packets blocked by the firewalls and some or all of the packets are detected to a labyrinth configured to emulated an operational network and response to the packets in order to engage an attacker. Blocked packets may be detected by comparing packets entering and exiting a firewall. Packets for which a corresponding packets are not received within a transit delay may be identified as blocked. Entering and exiting packets may be compared by comparing only header information. A central module may receive information from the inspectors and generate statistical information and generate instructions for the inspectors, such as blacklists of addresses known to be used by attackers. | 2015-05-07 |
20150128247 | CENTRALIZED DEVICE REPUTATION CENTER - A method and system for selective web traffic blocking are provided herein. The method may include: receiving a request from a user to receive a resource from a web server; collecting data from the received request; applying either background device inspection or foreground device inspection in response to the received request, based on the collected data; receiving fingerprint data in response to inspection; and providing a rule how to respond to the user based on the fingerprint data. The system comprises a service node to receive a request from a user to receive a resource from a web server, to collect data from the received request and to apply either background device inspection or foreground device inspection based on the collected data, and a centralized device reputation center to receive fingerprint data and to provide to said service node a rule how to respond to the user based on the fingerprint data. | 2015-05-07 |
20150128248 | SYSTEM, METHOD, AND COMPUTER PROGRAM FOR PREVENTING INFECTIONS FROM SPREADING IN A NETWORK ENVIRONMENT USING DYNAMIC APPLICATION OF A FIREWALL POLICY - A method for containing a threat in network environment using dynamic firewall policies is provided. In one example embodiment, the method can include detecting a threat originating from a first node having a source address in a network, applying a local firewall policy to block connections with the source address, and broadcasting an alert to a second node in the network. In more particular embodiments, an alert may be sent to a network administrator identifying the source address and providing remedial information. In yet other particular embodiments, the method may also include applying a remote firewall policy to the first node blocking outgoing connections from the first node. | 2015-05-07 |
20150128249 | UPDATING ROLES BASED ACCESS - Embodiments for updating roles based system access to a user include systems for identifying an application login event and a role associated with the login event. Further the embodiments include selecting an application shell comprising data for an application, the data being associated with the identified role and where the application is a first version of the application, selecting a second version of the application that is different from the first version, modifying the data of the application shell in response to selecting the second version of the application, and providing the modified data to the application associated with a computing device of a user in response to the login event. In specific embodiments, data unrelated to the identified role is not provided to the application or stored in the computing device. | 2015-05-07 |
20150128250 | APPARATUS AND METHOD FOR GUARANTEEING SAFE EXECUTION OF SHELL COMMAND IN EMBEDDED SYSTEM - Provided are an apparatus and method for enhancing security and safety of an embedded system by monitoring and blocking unauthorized execution of a shell command in the embedded system. | 2015-05-07 |
20150128251 | MOBILE TERMINAL AND METHOD FOR CONTROLLING THE SAME - The disclosure relates to a mobile terminal communicable with a glass-type terminal and a method for controlling the same. The mobile terminal comprises a wireless communication unit configured to communicate with a glass-type terminal, a display unit configured to display visual information, and a controller configured to transmit output-limited information having a limitation in output on the display unit to the glass-type terminal so that the output-limited information may be output on the glass-type terminal when the mobile terminal is in communication with the glass-type terminal. | 2015-05-07 |
20150128252 | AUTHENTICATION CONTROL SYSTEM, AUTHENTICATION CONTROL METHOD, AND PROGRAM - There is provided an authentication control system including an acquisition unit configured to acquire information detected by a sensor, an evaluation unit configured to evaluate suitability for use of each of one or more sensors in environmental conditions indicated by the information, and an authentication mode selection unit configured to select an authentication mode from among a plurality of authentication modes based on an evaluation result obtained by the evaluation unit, each of the authentication modes using any one of the one or more sensors. | 2015-05-07 |
20150128253 | Multi-Security-CPU System - A computing system includes a first security central processing unit (SCPU) of a system-on-a-chip (SOC), the first SCPU configured to execute functions of a first security level. The computing system also includes a second SCPU of the SOC coupled with the first SCPU and coupled with a host processor, the second SCPU configured to execute functions of a second security level less secure than the first security level, and the second SCPU executing functions not executed by the first SCPU. | 2015-05-07 |
20150128254 | OFFLINE AUTHENTICATION WITH EMBEDDED AUTHORIZATION ATTRIBUTES - There is provided a method that includes (a) including in a dataset, data indicative of a time, (b) executing a hash function on the dataset to yield a hash value, and (c) employing the hash value as a password for a user to access a device. There is also provided a method that includes (a) including in a dataset, data indicative of a time, (b) executing a hash function on the dataset to yield a hash value, (c) determining that the hash value matches a password from a user, and (d) granting to the user, access to a device. There are also provided systems that perform the methods and storage devices that contain instructions for causing processors to perform the methods. | 2015-05-07 |
20150128255 | DIRECTIONAL TOUCH UNLOCKING FOR ELECTRONIC DEVICES - A system and machine-implemented method for matching input gestures on a touch interface to a security pattern to allow user access to an electronic device or account. The security pattern may correspond to a combination of linear and non-linear input gestures relating to directional changes of the input gestures. A determination of the security pattern may be based on the end motion and speed of each input gesture. | 2015-05-07 |
20150128256 | AUTHENTICATION MANAGEMENT SYSTEM, AUTHENTICATION MANAGEMENT APPARATUS, AUTHENTICATION METHOD, AND STORAGE MEDIUM - An authentication management system for managing use of a processing apparatus includes an authentication management apparatus including a position storing unit to store position information of the processing apparatus; a receiving unit to receive user information that identifies a portable terminal to be used for authenticating when a user requests the processing apparatus via a requester to perform a target process; a determination unit to determine whether distance between the portable terminal and the processing apparatus satisfies a proximity determination condition between the portable terminal and the processing apparatus, the distance being obtained based on position information of the portable terminal received from the portable terminal, and the position information of the processing apparatus; and an authentication unit to conduct authentication processing based on user information received from the requester, and the user information received from the portable terminal when the distance satisfies the proximity determination condition. | 2015-05-07 |
20150128257 | METHOD FOR UNLOCKING TERMINAL DEVICE AND TERMINAL DEVICE - An embodiment of the present invention discloses a method for unlocking a terminal device, where a first unlocking password, a second unlocking password, a first unlocking interface, and a second unlocking interface are set on the terminal device. The method includes: acquiring information that triggers displaying of an unlocking interface; displaying the second unlocking interface when the information is acquired and if a status of the terminal device meets a preset condition; receiving information that is input by a user on the second unlocking interface; and determining whether the input information matches the second unlocking password, and if a result of the determining is yes, unlocking the terminal device; where complexity of the second unlocking password is lower than complexity of the first unlocking password. Correspondingly, an embodiment of the present invention further discloses a terminal device. Thus, user experience can be enhanced when robustness of password protection is ensured. | 2015-05-07 |
20150128258 | AUTHENTICATION MODE REPORTING - Embodiments relate to systems for, and methods of, reporting authentication failures in a security system that includes a token reader and a host. The authentication failure report may include an identification of the type of authentication failure. | 2015-05-07 |
20150128259 | SOFTWARE DISTRIBUTION SYSTEM AND SOFTWARE DISTRIBUTION METHOD - A software distribution system comprises a computer; a first distribution device; and a second distribution device, wherein the computer includes a first software reception unit configured to receive the software; a second software reception unit configured to receive the test program corresponding to the software; and a software execution unit configured to merge the software described in an executable format and the test program, and execute, the second software reception unit attempts to acquire a test program corresponding to the software at a timing at which the first software reception unit has received the software, and makes repeated attempts at a predetermined interval when the test program cannot be acquired, and the software execution unit merges the software and the test program at a timing at which the second software reception unit has received the test program. | 2015-05-07 |
20150128260 | METHODS AND SYSTEMS FOR CONTROLLING COMMUNICATION IN A VIRTUALIZED NETWORK ENVIRONMENT - Methods and related systems for controlling communication between Network Virtualization Edges (NVEs) in a network virtualization domain are provided. The methods generally involves generating and transmitting, by a Network Virtualization Authority (NVA), a list of participating NVEs to the NVEs comprised in the list, and the selective processing by the NVEs of messages received from other NVEs. By limiting NVE to NVE communication only to NVEs comprised in the list, attacks on the network can be mitigated. | 2015-05-07 |
20150128261 | SAFE FILE TRANSMISSION AND REPUTATION LOOKUP - A method of safe file transmission and reputation lookup is provided. As a part of the safe file transmission and reputation lookup methodology, a data file that is to be made available to a data file receiver is accessed and it is determined whether the data file needs to be provided a protective file. The data file is wrapped in a protective file to create a non-executing package file. Access is provided to the non-executing package file where the associated data file is prevented from being executed until data file reputation information is received. | 2015-05-07 |
20150128262 | Taint vector locations and granularity - An embodiment or embodiments of a computing system can be adapted to manage security risk by accumulating and monitoring taint indications, and can respond to predetermined taint conditions detecting by the monitoring. An illustrative computing system can comprise a plurality of resources operationally coupled into the computing system, and at least one taint vector operable to list a plurality of taints indicative of potential security risk associated with a selected location and granularity of selected ones of the plurality of resources. | 2015-05-07 |
20150128263 | Methods and systems for malware detection - Methods, system, and media for detecting malware are disclosed. A network may be monitored for a configured time interval collecting all of or some of the network traffic or samples of the network traffic. Feature vectors may be extracted from the network traffic resulting in feature vectors. One or more machine learning models may be applied to the feature vectors producing a score. The score may indicate the presence of malware or the presence of a particular type of malware. One or more scores obtained by applying learning models may be fused by another machine learning model into a resulting score. A threshold value may be calculated to accompany a score indicating the likelihood that the traffic sample indicates the presence of malware and the likely effectiveness of planned remediation effort. An alert may be generated from the score and the threshold when the threshold is acceded. The alert may be presented to a user based on an indication by the user as to the type of malware of interest. | 2015-05-07 |
20150128264 | METHOD AND SYSTEM FOR DELEGATING ADMINISTRATIVE CONTROL ACROSS DOMAINS - In one embodiment, a method for delegating partial administrative controls across one or more administrative domains is provided. An upstream network device may advertise capabilities for controlling certain administrative functions to a downstream network device. The downstream network device may chose to act on one or more capabilities, allowing for partial administrative control across the administrative domain. | 2015-05-07 |
20150128265 | Malware And Anomaly Detection Via Activity Recognition Based On Sensor Data - A system for malware and anomaly detection via activity recognition based on sensor is disclosed. The system may analyze sensor data collected during a selected time period from one or more sensors that are associated with a device. Once the sensor data is analyzed, the system may determine a context of the device when the device is in a connected state. The system may determine the context of the device based on the sensor data collected during the selected time period. The system may also determine if traffic received or transmitted by the device during the connected state is in a white list. Furthermore, the system may transmit an alert if the traffic is determined to not be in the white list or if the context determined for the device indicates that the context does not correlate with the traffic. | 2015-05-07 |
20150128266 | Systems and methods for detecting return-oriented programming (ROP) exploits - Described systems and methods allow protecting a computer system from malware, such as return-oriented programming (ROP) exploits. In some embodiments, a set of references are identified within a call stack used by a thread of a target process, each reference pointing into the memory space of an executable module loaded by the target process. Each such reference is analyzed to determine whether it points to a ROP gadget, and whether the respective reference was pushed on the stack by a legitimate function call. In some embodiments, a ROP score is indicative of whether the target process is subject to a ROP attack, the score determined according to a count of references to a loaded module, according to a stack footprint of the respective module, and further according to a count of ROP gadgets identified within the respective module. | 2015-05-07 |
20150128267 | CONTEXT-AWARE NETWORK FORENSICS - Systems and methods for management of security events and their related forensic context are disclosed. Network forensics involves monitoring and analyzing data flows in a network to assist security analysts to review, analyze and remove a security threat. Security threats in a network environment are generally detected by one or more devices on the network. If a security threat is determined to be severe or significant enough, a security event corresponding to the security threat is often created and stored in the system. To assist in future review and analysis of security threats, timely and relevant context information about network security events may be obtained and stored along with each security event. The forensic context may be accessible to security administrators viewing the security events to provide detailed information about the circumstances surrounding a security event. | 2015-05-07 |
20150128268 | MALICIOUS ATTACK PREVENTION THROUGH CARTOGRAPHY OF CO-PROCESSORS AT DATACENTER - Technologies are directed to prevention of malicious attacks through cartography of co-processors at a datacenter. According to some examples, configuration data to create a co-processor at a field programmable gate array (FPGA) may be received at a configuration controller. The configuration controller may determine unused arrangements for the co-processor and unused placements at the FPGA corresponding to the unused arrangements. The used arrangements and the unused placements, associated with a type of the co-processor, may be stored in a configuration matrix. One of the unused arrangements and one of the unused placements corresponding to the selected unused arrangement may then be selected by the configuration controller to create the co-processor. | 2015-05-07 |
20150128269 | ANTI-MALWARE DETECTION AND REMOVAL SYSTEMS AND METHODS - An anti-malware system including at least one database, remote from a plurality of computers to be protected, which stores identification of computer applications resident on the computers to be protected and an application-specific communications footprint for the computer applications, and at least one server, remote from the plurality of computers to be protected, and being operative to calculate a reference computer-specific communications composite pattern based on multiple application-specific communications footprints for applications installed on the computers to be protected, calculate a current computer-specific communications composite pattern based on actual communications of at least one the plurality of computers to be protected, and provide an alert when the current computer-specific communications composite pattern of the at least one of the plurality of computers to be protected differs from the reference computer-specific communications composite pattern of the at least one of the plurality of computers to be protected. | 2015-05-07 |
20150128270 | INTELLIGENT WIRELESS INVASION PREVENTION SYSTEM AND SENSOR USING CLOUD SENSOR NETWORK - A wireless intrusion prevention system, according to one embodiment of the present invention, comprises: a first group comprising at least one first sensor and at least one first authorized wireless LAN equipment; a second group comprising at least one second sensor and at least one second authorized wireless LAN equipment; and a management server for managing the at least one first sensor and the at least one second sensor, wherein the first sensor detects the occurrence of an event from an unauthorized wireless LAN equipment and transmits a first broadcast signal on the occurrence of the event to the other first sensors in the first group and the at least one second sensor. | 2015-05-07 |
20150128271 | APPARATUS AND METHOD FOR COLLECTING NETWORK DATA TRAFFIC - The present invention relates to an apparatus and method for collecting network data traffic. The apparatus for collecting network data traffic includes a graph creation unit, an initialization unit, an edge selection unit, a reconstruction unit, an algorithm application unit and a traffic collection route provision unit. The reconstruction unit converts the selected edge into an inactive edge and connects the inactive edge to two nodes, so that the reconstruction unit reconstructs the tree structure. The algorithm application unit applies a minimal spanning tree algorithm to the reconstructed tree structure. The traffic collection route provision unit eliminates a leaf node and a leaf edge from the tree structure to which the minimal spanning tree algorithm has been applied, and generates a monitoring tree for providing a traffic collection route minimizing a total weight of the edges. | 2015-05-07 |
20150128272 | SYSTEM AND METHOD FOR FINDING PHISHING WEBSITE - Disclosed are a system and method for finding a phishing website. The system comprises: a seed library establishing unit, configured to place the original link of a target web page having the number of hits on known phishing websites that is greater than a predetermined threshold value into a seed library as a seed link; a seed extractor, configured to extract the seed link from the seed library; a seed web page analyzer, configured to find a corresponding seed web page according to the extracted seed link, and analyze the seed web page to acquire a suspicious link found in the seed web page; a judgement unit, configured to find a suspicious web page corresponding to the suspicious link, and judge whether the suspicious web page is a phishing website; and an output interface, configured to output the corresponding phishing website when the suspicious web page is a phishing website. The system and method greatly increase the speed in finding the phishing website, and reduce the security risks for the netizens to use the Internet. | 2015-05-07 |
20150128273 | REMOTE DOM ACCESS - A method for protecting a browser from malicious processes, comprises providing at least one process-proxy object and at least a browser-proxy object, interposed between the browser and a process, such that when the process invokes one of the DOM entry points, the process-proxy object isolates it from the real browser implementation and executes the process-proxy object's code instead. | 2015-05-07 |
20150128274 | SYSTEM AND METHOD FOR IDENTIFYING INFECTED NETWORKS AND SYSTEMS FROM UNKNOWN ATTACKS - Systems and method of the present disclosure are directed to a network security monitor. The monitor can receive logs of a second computer network indicative of a status of the second computer network determined by a monitoring agent executing on the second computer network. The monitor can generate indexed logs from the logs based on log format. The monitor can retrieving a list of threat indicators from a database based on a schema from a plurality of threat indicators received from a plurality of heterogeneous repositories via the first computer network. The monitor can compare the list of threat indicators with the indexed logs. The monitor can generate a report based on the comparing to identify a threat. | 2015-05-07 |
20150128275 | SYSTEM AND METHOD FOR UPLOADING AND VERIFYING A DOCUMENT - A computer implemented method may allow for the upload and verification of a document. In one aspect, the method may receive a file associated with an insurance company event, determine if the file contains malicious code and transmit the file to a temporary data server. The method may also determine if the file is in a supported file format and if the file meets a supported file size, convert the file and transmit the converted file to the client device for a verification that the converted file can be uploaded. The method may further receive the verification from the client device that the converted file can be uploaded, flag the converted file for association with a customer account associated with the client device and transmit the converted file to a permanent storage server. | 2015-05-07 |
20150128276 | METHOD AND APPARATUS FOR A CENTRALLY MANAGED NETWORK VIRUS DETECTION AND OUTBREAK PROTECTION - A method, non-transitory computer readable medium, and apparatus for configuring a virus detection of a plurality of network elements in a communication network are disclosed. For example, the method monitors an attribute of each one of the plurality of network elements, detects the attribute of one or more of the plurality of network elements breaches at least one respective threshold, configures each one of the one or more of the plurality of network elements to reduce a number of virus detection processes of the virus detection in accordance with a respective type of network element and resumes a normal virus detection for each one of the one or more of the plurality of network elements when the attribute of a respective one of the one or more network elements does not breach the respective threshold. | 2015-05-07 |
20150128277 | SCANNING COMPUTER FILES FOR SPECIFIED CONTENT - Scanning for computer viruses or E-mail and data content filtering is performed using a distributed programming approach. A master computer | 2015-05-07 |
20150128278 | SYSTEM AND METHOD FOR CORRECTING ANTIVIRUS RECORDS USING ANTIVIRUS SERVER - Disclose are system, method and computer program product for correcting antivirus records. In an example aspect, an antivirus application receives a software object for malware detections using an antivirus database and an antivirus cache. The antivirus database comprising antivirus records and the antivirus cache comprising corrections of the antivirus records. The antivirus application determines that software objection is malicious by activating an antivirus record based on information in the antivirus database or the antivirus cache. The antivirus application transmits information relating to the antivirus record to a server prior to executing actions associated with the antivirus record in response to detecting a selected status indicator of the antivirus record. The antivirus application then receives a correction of the antivirus record from the server for processing the software object. | 2015-05-07 |
20150128279 | APPLICATION SECURITY TESTING SYSTEM - Embodiments of the invention are directed to an apparatus, method, and computer program product for an exposure based application security testing system. In some embodiments, the apparatus is configured to: access an application, wherein the application comprises an assessment parameter, wherein the assessment parameter comprises one or more assessment sub-parameters, wherein the one or more assessment sub-parameters comprise one or more assessment indicators; process the application, wherein processing the application comprises calculating a total exposure score for the application based on at least an application exposure score and a protective control score; determine whether the application qualifies for security testing based on at least the calculated total exposure score; and initiating the presentation of the qualified application to the user to implement security testing. | 2015-05-07 |
20150128280 | NETWORK SERVICE INTERFACE ANALYSIS - In one implementation, a service interface analysis system defines a plurality of service templates based on a plurality of Uniform Resource Identifiers associated with a network service, and generates at least one utility measure of each service template from the plurality of service templates. | 2015-05-07 |
20150128281 | DETERMINING APPLICATION VULNERABILITIES - Disclosed herein are techniques for determining vulnerabilities in applications under testing. It is determined whether a first database instruction of an application enters information into a database and whether a second database instruction thereof obtains said information from the database. If the first database instruction enters the information in the database and the second database instruction obtains the information therefrom, it is determined whether the application is vulnerable to entry of malicious code via the database. | 2015-05-07 |
20150128282 | PRIVACY PROTECTION FOR PARTICIPATORY SENSING SYSTEM - Provided is a method that may be used for privacy protection. The method comprises: generating a pseudonym at a user equipment in association with sensed data; calculating a unique value based upon the pseudonym using a first algorithm; sending the unique value and the sensed data to a server; receiving from the server a certificate, wherein the certificate is calculated based at least in part on the unique value using a second algorithm; and sending at least the pseudonym and the certificate to a certification center via a secure channel, for obtaining a reward associated with the sensed data; wherein the certification center is internal or external to the server. By this method, a user's identify may be protected. | 2015-05-07 |
20150128283 | ENERGY USAGE DATA MANAGEMENT - A method including receiving energy usage data representative of energy usage of a customer during a particular time period. The energy usage data is sign with a digital signature of a utility. The method includes receiving input of a customer effective to select a data block of the energy usage data. The method includes redacting the selected data block from the energy usage data in response to the input. The method includes calculating a hash value for the redacted data block using a per-customer key that is unique to the customer, an initialization vector, and a counter. The method includes replacing in the energy usage data the redacted data block with the calculated hash value corresponding to the redacted data block. | 2015-05-07 |
20150128284 | Dynamic De-Identification And Anonymity - Various systems, computer-readable media, and computer-implemented methods of providing improved data privacy, anonymity and security by enabling subjects to which data pertains to remain “dynamically anonymous,” i.e., anonymous for as long as is desired—and to the extent that is desired—are disclosed herein. Embodiments include systems that create, access, use, store and/or erase data with increased privacy, anonymity and security, thereby facilitating the availability of more qualified and accurate information. When data is authorized by subjects to be shared with third parties, embodiments may facilitate sharing information in a dynamically controlled manner that enables delivery of temporally-, geographically-, and/or purpose-limited information to the receiving party. In one example, anonymity measurement scores may be calculated for the shared data elements so that a level of consent/involvement required by the Data Subject before sharing the relevant data elements to third parties may be specified. | 2015-05-07 |
20150128285 | Dynamic De-Identification And Anonymity - Various systems, computer-readable media, and computer-implemented methods of providing improved data privacy, anonymity and security by enabling subjects to which data pertains to remain “dynamically anonymous,” i.e., anonymous for as long as is desired—and to the extent that is desired—are disclosed herein. Embodiments include systems that create, access, use, store and/or erase data with increased privacy, anonymity and security, thereby facilitating the availability of more qualified and accurate information. When data is authorized by subjects to be shared with third parties, embodiments may facilitate sharing information in a dynamically controlled manner that enables delivery of temporally-, geographically-, and/or purpose-limited information to the receiving party. In one example, anonymity measurement scores may be calculated for the shared data elements so that a level of consent/involvement required by the Data Subject before sharing the relevant data elements to third parties may be specified. | 2015-05-07 |
20150128286 | PREVENTING CHANGES TO COMPUTING DEVICES IN A COMPUTING SYSTEM SERVICING A CRITICAL JOB - Preventing changes to computing devices in a computing system servicing a critical job, including: identifying, by a job protection module, a critical job executing in the computing system; identifying, by the job protection module, one or more computing devices in the computing system utilized during execution of the critical job; and locking, by the job protection module, each of the one or more computing devices in the computing system utilized during execution of the critical job from undergoing a configuration change during execution of the critical job. | 2015-05-07 |
20150128287 | Dynamic De-Identification And Anonymity - Various systems, computer-readable media, and computer-implemented methods of providing improved data privacy, anonymity and security by enabling subjects to which data pertains to remain “dynamically anonymous,” i.e., anonymous for as long as is desired—and to the extent that is desired—are disclosed herein. Embodiments include systems that create, access, use, store and/or erase data with increased privacy, anonymity and security, thereby facilitating the availability of more qualified and accurate information. When data is authorized by subjects to be shared with third parties, embodiments may facilitate sharing information in a dynamically controlled manner that enables delivery of temporally-, geographically-, and/or purpose-limited information to the receiving party. In one example, anonymity measurement scores may be calculated for the shared data elements so that a level of consent/involvement required by the Data Subject before sharing the relevant data elements to third parties may be specified. | 2015-05-07 |
20150128288 | Private photograph storage in digital camera user interface - This invention relates in general to a digital information/imaging system such as a digital camera which captures and processes an image for immediate or future viewing, and more particular to a digital information/imaging system having an immediate switch for quickly routing subsequent photos into a separate secured area. | 2015-05-07 |
20150128289 | DISTRIBUTED MANAGEMENT FRAMEWORK FOR PERSONAL ATTRIBUTES - A technique for distributed management of attributes includes propagating attributes based upon attribute-granularity permissions. An example of a system according to the technique may include a server, coupled to a first client and a second client, that includes a module that receives attribute data from the first client; a permissions database where first permissions associated with the first client are set at the individual attribute level for the second client; an engine for updating the permissions database and for validating the first permissions for the second client; and an engine for distributing first client updates based on validated permissions to destinations associated with the one or more second destination stores. | 2015-05-07 |
20150128290 | DIGITAL COMMUNICATIONS - A device to apply a digital fingerprint to a digital signal comprises a means of intercepting or acquiring a signal, a storage element and a processor for executing computer implemented programme code components in the storage element to effect the methods. The methods include transforming a plurality of signal samples onto a discrete orthonormal basis and ranking the transformed samples according to their magnitude. The n largest principal components of the ranked transformed samples are optionally permuted to generate a re-ordered set of principal components, which are then altered by a marking angle. The marked principal components and unmarked non-principal components are converted and combined and applying an inverse of the transform function to the combined principal and non-principal components to generate a fingerprinted digital signal. Methods to prepare the signal for marking, recover the digital fingerprint and verify the distributor and/or recipients of the signal are also disclosed. | 2015-05-07 |
20150128291 | INFORMATION PROCESSING APPARATUS AND INFORMATION PROCESSING METHOD - There is provided an information processing apparatus including a user analysis unit configured to analyze a result of detection by a user detection apparatus that detects users neighboring a device and to acquire user attribute information indicating a characteristic of each detected user, and an interface control unit configured to control a mode of presenting information to be provided for the users, the mode being determined based on the user attribute information. | 2015-05-07 |
20150128292 | METHOD AND SYSTEM FOR DISPLAYING CONTENT INCLUDING SECURITY INFORMATION - A method and a system for displaying content including security information by using a Virtual Reality (VR) technology are provided. A method for displaying content by an electronic device includes a see-through-type display apparatus and may include connecting a communication channel to another electronic device having a display unit, receiving security information from the other electronic device, and displaying the received security information through the see-through-type display apparatus. | 2015-05-07 |
20150128293 | APPLICATION DISTRIBUTION NETWORK - Methods and systems for remotely provisioning applications from the cloud in secure environments with robust license control failover options using a hierarchical server topology. Cloud-based servers provide applications and licenses to an organization's local servers, which in turn serve applications and licenses to end user devices. By synchronizing information including license and application provision information among the local and cloud-based servers, an organization's local servers can continue to serve applications and licenses when one or more of the organization's local servers fail. | 2015-05-07 |
20150128294 | INFORMATION PROCESSING APPARATUS, CONTROL METHOD THEREFOR AND SYSTEM - A system in which a communication apparatus and first and second information processing apparatuses are communicably connected, comprises a comparison unit which compares a first disclosure range set in the first information processing apparatus with a second disclosure range set in the second information processing apparatus, and a notification unit which sends a notification to the communication apparatus. The information processing apparatuses distributes the content to a third-party terminal included in a disclosure range decided based on the result of the comparison. | 2015-05-07 |
20150128295 | METHOD AND SYSTEM FOR VALIDATING A VIRTUAL ASSET - Virtual asset creation data used to create a virtual asset is generated through a virtual asset creation system that includes primary virtual asset data. Secondary authentication data is also generated. When the virtual asset is launched, the secondary authentication data is passed to the virtual asset from the virtual asset creation system. The primary virtual asset data and secondary authentication data from the virtual asset creation system and the virtual asset, and/or one or more other sources associated with the virtual asset, are then sent to a virtual asset validation system through different communication channels. If the primary virtual asset data and secondary authentication data from the two sources match, or have a defined threshold level of similarity, the status of the virtual asset is transformed to the status of validated virtual asset eligible to receive sensitive data. | 2015-05-07 |
20150128296 | ACTIVATION CODE SYSTEM AND METHOD FOR PREVENTING SOFTWARE PIRACY - A system and method for preventing piracy of a given software application limits the number of times that such software application is activated. A given software application must be activated in order to become fully functional. The user must provide a unique software identification code, relating to the specific software which the user is attempting to activate, to a remote provider. The remote provider determines the number of times that such specific software has already been activated, and provides an activation code to the user unless the number of activations exceeds a predetermined threshold. Once activated, the software becomes fully operational, and the user is allowed complete access to its functions. | 2015-05-07 |
20150128297 | SECURE POINT OF SALE TERMINAL - A data entry device including a housing formed of at least two portions, data entry circuitry located within the housing, at least one case-open switch assembly operative to sense when the housing is opened and tamper indication circuitry operative to receive an input from the at least one case-open switch assembly and to provide an output indication of possible tampering with the data entry circuitry located within the housing, the at least one case-open switch assembly including an arrangement of electrical contacts including at least first, second and third contacts and a displaceable conductive element, the tamper indication circuitry and the third contact together being operative such that when the third contact is short circuited to at least one of the first contact, the second contact and another contact, an output indication of possible tampering is provided. | 2015-05-07 |
20150128298 | UROKINASE-TYPE PLASMINOGEN ACTIVATOR TRANSGENIC MOUSE - The present invention provides a mouse with liver damage, having a high degree of damage against the mouse's original hepatocytes while having a uPA gene in a heterozygous form, and a method for efficiently preparing the mouse. Specifically, the method for preparing a mouse with liver damage having the uPA gene in a heterozygous form comprises the following steps of: | 2015-05-07 |
20150128299 | NORMALIZATION OF THE ENTEROHEPATIC CIRCULATION IN ANIMALS WITH A CHIMERIC HUMANIZED LIVER - Methods of normalizing bile acid production in a mouse engrafted with human hepatocytes by the administration of human FGF19 are disclosed. Also disclosed is a transgenic host animal, such as a mouse, that expresses human FGF19 that has normalized bile acid production when engrafted with human hepatocytes. | 2015-05-07 |
20150128300 | METHODS AND COMPOSITIONS FOR GENERATING CONDITIONAL KNOCK-OUT ALLELES - The disclosure provides methods and compositions for generating conditional knock-out alleles using donor constructs together with sequence-specific nucleases to generate conditional knock-out alleles. Specifically, the donor construct comprises a 5′ homology region, a 5′ recombinase recognition site, a donor sequence, a 3′ recombinase recognition site, and a 3′ homology region. Further disclosed are the donor sequences each comprises a target sequence having at least one neutral mutation. Different sequence-specific nucleases can be used with the donor constructs are further disclosed. | 2015-05-07 |
20150128301 | AROMATIC PRENYLTRANSFERASE FROM CANNABIS - Nucleic acid molecules from | 2015-05-07 |
20150128302 | UBIQUITIN REGULATORY ELEMENTS - The present invention provides compositions and methods for regulating expression of heterologous nucleotide sequences in a plant. Compositions are novel nucleotide sequences for a constitutive regulatory element isolated from | 2015-05-07 |
20150128303 | TRANSGENIC PLANT-BASED METHODS FOR PLANT PESTS USING RNAI - The present invention relates to methods for controlling pest infestation using double stranded RNA molecules. The invention provides methods for making transgenic plants that express the double stranded RNA molecules, as well as pesticidal agents and commodity products produced by the inventive plants. | 2015-05-07 |
20150128304 | Plant Body Showing Improved Resistance Against Environmental Stress and Method for Producing Same - [Problem] To impart an improved resistance against environmental stress to a plant body without inducing a delay in the growth or dwarfing of the plant body. [Solution] The present invention clarifies for the first time that | 2015-05-07 |
20150128305 | POLYNUCLEOTIDE ENCODING CaTLP1 PROTEIN AND USES THEREOF - The present invention provides herein a polynucleotide sequence encoding the tubby-like protein, CaTLP1, from chickpea ( | 2015-05-07 |
20150128306 | METHOD FOR PRODUCING STEVIOL GLYCOSIDE - The invention provides a method for producing steviol glycosides. The invention provides a transformant having introduced therein the steviol glucosyltransferase and a method for producing steviol glycosides using the transformant. | 2015-05-07 |
20150128307 | Optimal Soybean Loci - As disclosed herein, optimal native genomic loci have been identified in dicot plants, such as soybean plants, that represent best sites for targeted insertion of exogenous sequences. | 2015-05-07 |