20th week of 2014 patent applcation highlights part 70 |
Patent application number | Title | Published |
20140137135 | MULTI-CORE-BASED LOAD BALANCING DATA PROCESSING METHODS - Systems and methods for processing data are provided. A system can include a plurality of cores and a core manager. A load balancing unit can check and compare loads of the cores. An address mapping unit can perform a mapping process based on the loads of the cores, and the core manager can route data appropriately, thereby improving the overall performance of the system. | 2014-05-15 |
20140137136 | Method for Processing Data, Computing Node, and System - Embodiments of the present invention provide a method for processing data, a computing node, and a system. The method includes: registering, by a BPE, an algorithm with a CEP instance; transferring, by the CEP instance when detecting that an event concerned by the algorithm satisfies a computation-triggering condition, an event required for computation to the BPE; obtaining, by the BPE, a computation result, and if determining that a further computation is required for the computation result, writing the computation result as an intermediate event to the CEP instance; and transferring, by the CEP instance when detecting that an event concerned by another algorithm satisfies a computation-triggering condition thereof and the intermediate event is an event required for computation thereof, the intermediate event to a BPE that registers the another algorithm. The CEP instance performs association of multiple events and multiple algorithms, which simplifies a computation process and improves timeliness. | 2014-05-15 |
20140137137 | LIGHTWEIGHT POWER MANAGEMENT OF AUDIO ACCELERATORS - Systems and methods may provide for using audio output device driver logic to maintain one or more states of an audio accelerator in a memory store, detect a suspend event, and deactivate the audio accelerator in response to the suspend event. In addition, firmware logic of the audio accelerator may be used to detect a resume event with respect to the audio output accelerator, and retrieve one or more states of the audio accelerator directly from the memory store in response to the resume. Thus, the retrieval of the one or more states can bypass the driver logic. | 2014-05-15 |
20140137138 | Thin Web Optical Media Guiding Method - An optical data storage device includes an optical storage tape having one or more optical storage layers. A plurality of optical pickup units reads and/or writes data to the optical storage tape. A feed reel provides the optical storage tape to the optical pickup units. A guiding wheel that guides the optical storage tape when the optical storage tape is in the vicinity of the optical pickup units during read and/or write operations. Finally, a take-up reel receives the optical storage tape from the guiding wheel. | 2014-05-15 |
20140137139 | Automatic Deal Or Promotion Offering Based on Audio Cues - Aspects herein describe at least a new method, system, and computer readable storage media for recognizing the content of the audio. A computing device determines whether the content comprises a product and/or service, correlates the product and/or service with one or more promotional deals provided by an organization such as a financial institution, generates a subset of the one or more promotional deals based on the correlation, and transmits the subset to a multimedia viewing device such as a television. The subset of the one or more promotional deals may be viewed by a viewer. The one or more promotional deals are displayed on a portion of the screen of the television for viewing by the viewer. The viewer may make a purchase decision based on the one or more promotional deals displayed. | 2014-05-15 |
20140137140 | IMAGE PROJECTION KIT AND METHOD AND SYSTEM OF DISTRIBUTING IMAGE CONTENT FOR USE WITH THE SAME - An image projection kit and an imagery content distribution system and method. In one aspect, the invention can be a system for mapping and/or projecting imagery onto non-coplanar surfaces of a three-dimensional architecture comprising: a projection device configured to be secured in a fixed orientation at a location from which a line of sight exists to one or more desired surfaces of the architecture; a computer device having a display module and a video compositing application, the computer device operably coupled to the projector; the video compositing application comprising a composition window; the computer device configured to transmit content of the composition window to the projector device for display on the architecture; and the video compositing application configured to facilitate: (1) insertion of a matte into the composition window; and (2) adjustment of the size, shape, position, orientation, or any combination thereof of the matte within the composition window so that edges of a projected image of the matte are aligned with at least one of the desired surfaces of the architecture. | 2014-05-15 |
20140137141 | APPARATUS, SYSTEM AND METHOD FOR AUDIO-VISUAL CONTENT VIEWING USING ADVERTISEMENT CREDIT - An alternative system and method for charging to provide audio visual services typically made available by providers, namely DVR services, rDVR services, on-demand services, broadcast and switch video television services, and pay-per-view services, for example. A customer/user may be enabled to access certain services from a provider in exchange for viewing one or more commercials, advertisements, overlays, watermarks, logos, or the like, preferably in real time, before, during, or following viewing an audio visual work provided in accordance with the services. | 2014-05-15 |
20140137142 | VIDEO EFFICACY MEASUREMENT - Techniques and mechanisms are described herein for facilitating the detection of user responses to media content. According to various embodiments, movement data transmitted from a first client machine may be received. The movement data may be associated with a presentation of a media content item. The movement data may be detected at a sensor located at the first client machine. The received movement data may be compared with movement calibration information to create media content response data. The movement calibration information may correlate movement data with a plurality of user responses to the presented media content item. The media content response data may indicate one or more of the plurality of user responses. The media content reaction data may be stored on a storage medium. | 2014-05-15 |
20140137143 | METHODS AND APPARATUS TO COLLECT MEDIA EXPOSURE INFORMATION - Methods and apparatus to collect media exposure information are described. An example metering device to collect media exposure information includes a housing; an input carried by the housing; a display carried by the housing to present a list of media stations which may be tuned by a media device different than the metering device, the metering device incapable of tuning to the media stations; a processor carried by the housing to identify which of the media stations is displayed when the input is selected; and memory carried by the housing to store an indication of an exposure to the identified media station via the media device, the indication including the identified media station and a timestamp corresponding the selection of the input. | 2014-05-15 |
20140137144 | SYSTEM AND METHOD FOR MEASURING AND ANALYZING AUDIENCE REACTIONS TO VIDEO - A system and method for measuring and recording viewer reactions to content is provided. In an embodiment, the reactions are analyzed and the analysis is put into a report. The analysis may be of interest to the supplier of the content. In an embodiment, a viewer may view the content in combination with the reactions of others thereby creating an enhanced viewing experience. In an embodiment, highlights of the content may be compiled and combined with the reactions of the viewers of the content. In an embodiment, audience reactions may be recorded in real-time, and analysis, visualization, and report of the reactions may be prepared, which may be used for the purpose of playback along with the content, and/or for the information needs of the content supplier and/or interested parties. | 2014-05-15 |
20140137145 | SYSTEM AND METHOD FOR HANDLING STREAMING MEDIA - A system for handling streaming media at a customer premises includes a compute engine having a customer network interface device port and a customer premises equipment port, for installation between a customer network interface device and video destination customer premises equipment. The compute engine includes a processing module configured for receiving an incoming packet stream through the network interface device port, processing the incoming packet stream to generate stream data, forwarding the stream data through the network interface device port, and forwarding the incoming packet stream through the customer premises equipment port. Particular embodiments monitor and dynamically repair the incoming stream. | 2014-05-15 |
20140137146 | METHODS AND APPARATUS FOR GENERATING SIGNATURES - Signaturing methods and apparatus as described. An example method includes applying a first function to a portion of digital data to produce a first windowed block, applying a second function different from the first function to the same portion of the digital data to produce a second windowed block, determining a first characteristic of a band of frequencies in the first windowed block, determining a second characteristic of the band of frequencies in the second windowed block, comparing the first characteristic to the second characteristic, and assigning a signature bit representative of the portion of the digital data based on the comparison of the first characteristic and the second characteristic. | 2014-05-15 |
20140137147 | SYSTEM AND METHOD FOR PROVIDING PERSONALIZED CHANNEL SETTING TO SOCIAL TELEVISION VIEWER - A method of sharing usage data of multimedia content is provided. The method comprises providing a set of media channels, providing access, to one or more pre-selected remote users, to usage data regarding consumption of the multimedia content, and selectively restricting access of at least a portion of the usage data to at least a portion of the remote users. | 2014-05-15 |
20140137148 | System for Managing the Streaming and Recording of Audiovisual Data - A system for managing the streaming and recording of audiovisual data in the web providing the recording and management of the flow of audiovisual data, including the flow of work, replication and transmission via web, having a notably easy installation, operation and administration. | 2014-05-15 |
20140137149 | Set-Top Box Authentication Method and Apparatus - A set-top box authentication method and apparatus are provided. The set-top box authentication method and apparatus relate to the field of digital television communications and solve the problem that the reliability of the authentication and authorization process for the primary set-top box and the auxiliary set-top box is low. The method includes: first, receiving, by a first set-top box, through a wireless communications network, identification information of a second set-top box, which is sent by the second set-top box; then, searching, by the first set-top box, identification information of all set-top box information prestored in the first set-top box to determine whether a target set-top box consistent with the identification information of the second set-top box exists; and finally, when the target set-top box exists, confirming, by the first set-top box, that the authentication of the second set-top box is successful. | 2014-05-15 |
20140137150 | ON-DEMAND SWITCHED CONTENT ENCRYPTION - A number of encryption system types utilized by subscriber terminal devices currently requesting tuning to a particular switched digital video (SDV) content selection is determined in response to each change in a number of the subscriber terminals requesting tuning to the particular SDV content selection. SDV content associated with the particular SDV content selection is encrypted as either encrypted SDV content or multiply partially encrypted SDV content based upon the determined number of encryption system types beginning from a current play location indicated for the SDV content selection within an electronic program guide (EPG). Either the encrypted SDV content or the multiply partially encrypted SDV content is distributed as part of an outgoing SDV content stream to the subscriber terminals currently requesting tuning to the particular SDV content selection. This abstract is not to be considered limiting. Other embodiments may deviate from the features described in this abstract. | 2014-05-15 |
20140137151 | APPARATUS AND METHOD FOR TRANSMITTING MEDIA CONTENT - A system that incorporates teachings of the present disclosure may perform operations including, for example, receiving a plurality of user-generated comments associated with media content where the plurality of user-generated comments are temporally associated with a portion of the media content during a presentation of the media content at a group of communication devices, and identifying from the plurality of user-generated comments a cluster of comments associated with a segment of the media content based on satisfaction of a threshold number of comments for the segment. Other embodiments are disclosed. | 2014-05-15 |
20140137152 | Broadcast Program Scene Report System and Method, Mobile Terminal Device, and Computer Program - A mobile terminal | 2014-05-15 |
20140137153 | ON-DEMAND ACCESS TO SCHEDULED CONTENT - A method is provided for a reception apparatus to access content. The method includes outputting a distribution schedule for a plurality of content and receiving a selection of one of the plurality of content for which distribution started before or starts after a current time. At least one processor of the reception apparatus determines whether on-demand access is requested for the selected content. When on-demand access is determined to be requested for the selected content, a request for the selected content is sent over a first communication medium and the selected content is received via a second communication medium. | 2014-05-15 |
20140137154 | EXPANDED PLAYLIST FOR TV VIDEO PLAYER - An Internet TV video guide shows thumbnails of video assets available from one or more providers, and one or more of the assets may represent a playlist with two or more associated video clips. When a viewer selects a playlist asset, the thumbnail is expanded to show the individual clips so that a viewer can select a desired clip for play on the TV. | 2014-05-15 |
20140137155 | SERVER-CENTRIC CUSTOMIZED INTERACTIVE PROGRAM GUIDE IN AN INTERACTIVE TELEVISION ENVIRONMENT - Techniques to create, generate, and deliver customized interactive program guide (custom-IPG). In one embodiment, selections indicative of a set of channels to be included in the custom-IPG are received. In response, one or more custom-IPG screens including the set of selected channels are rendered at a headend. Custom-IPG screens can be formed as subsets of the regular IPG screens, or as new screens. The rendered custom-IPG screens are provided from the head end to a set top terminal upon receiving a viewer request for the custom-IPG. Commands indicative of a particular location at which to overlay the custom-IPG screens may also be received, and the custom-IPG screens are re-rendered at the indicated location. Custom-IPG screens can be overlaid on a video sequence provided on a particular channel being viewed, used to carry regular program guide, or a channel independent of the channel used to carry regular programming and program guide. | 2014-05-15 |
20140137156 | Television System And Method For Providing Computer Network-Based Video - A television system and method for providing computer network-based video. Various aspects may, for example, comprise a television system and method for providing both standard television video combined with computer network-based video, serially and/or concurrently. Various aspects may also comprise a user interface system and method for interacting with a user regarding the presentation and/or control of computer network-based video. | 2014-05-15 |
20140137157 | TELEVISION CONTROL INTERFACE WITH ELECTRONIC GUIDE - An on-screen menu method and system for controlling the functions of integrated electronic devices and a television schedule system and method for displaying television schedule information on a television screen includes a program guide having a schedule information area that depicts the programs that are being presented on each channel at each time during the day and an interconnected series of menus to control the features of the integrated electronic devices. An input device allows the viewer to move a pointer over different interactive areas of the guide and the function performed when the area is activated is displayed in a contextual help window. Various control glyphs provide for recursive interaction with the guide. | 2014-05-15 |
20140137158 | SCALABLE DATA ACQUISITION AND ACCUMULATION IN A RESOURCE CONSTRAINED ENVIRONMENT - A method of acquiring and accumulating data from a server via a network is provided. A request is transmitted for a plurality of items of data and includes at least one ingestion marker associated with the data. The at least one ingestion marker represents a last occurrence of when a change was made to the data. Data is received with a transfer protocol in response to the request. The data has at least one associated ingestion marker different than the at least one associated ingestion marker transmitted with the request. The received data and the at least one associated ingestion marker is stored in memory. The request is transmitted and the data is received and stored electronically by an electronic client device communicating with the server over the network. A system of acquiring and accumulating Electronic Program Guide (EPG) data from a web-server over a network is also disclosed. | 2014-05-15 |
20140137159 | SYSTEM AND METHOD FOR USING A USER DEVICE TO SELECT AND WIRELESSLY RECEIVE TELEVISION AUDIO - Systems and methods for using a cell phone to select and wirelessly receive audio from a display in a multi-display environment are provided. | 2014-05-15 |
20140137160 | Method for User Session Transitioning Among Streaming Interactive Video Servers - A plurality of servers whose video output is coupled to video compression apparatus that transmits streaming interactive video to a plurality of users, with a feedback loop whereby the streaming interactive video is recursively combined within the video output of the plurality of servers. | 2014-05-15 |
20140137161 | METHOD FOR SELECTING BASE STATION FOR DYNAMIC CONFIGURATION OF MOBILE IPTV SERVICE REGION IN MOBILE COMMUNICATION, SYSTEM THEREFOR, DEVICE THEREFOR, AND COMPUTER-READABLE RECORDING MEDIUM - Disclosed are a method for selecting a base station for dynamic configuration of a mobile IPTV service region in mobile communication, a system therefor, a device therefor, and a computer-readable recording medium. The present invention provides a method for selecting a base station for dynamic configuration of a mobile IPTV service region in mobile communication which sets up a mobile IPTV service zone by using base stations selected by a terminal to dynamically configure a mobile IPTV service region for supplying a mobile IPTV service using a multicast/broadcast method in a mobile communication network, and maintains continuous service of the mobile IPTV, a system therefor, a device therefor, and a computer-readable recording medium. | 2014-05-15 |
20140137162 | Systems and Methods for Communicating a Live Event to Users using the Internet - Systems and methods for distributing an audio/visual feed of a live event include mixing ambient audio signals, from ambient microphones monitoring the live event, with sound board feed from the event public address system, thereby forming a mixed audio signal. A video input signal is received at each video input in a plurality of video inputs at a video board from corresponding cameras recording the event. One such video input signal is selected as the video board output and is combined with the mixed audio signal thereby producing an audio/visual signal. This signal is encoded using a video codec, at each of several bitrates, and an audio codec, thereby forming bitrate streams each comprising the video portion of the audio/visual signal at a unique bitrate. The streams are received by a satellite router and transmitted to a satellite which sends them to one or more downlink servers for Internet distribution. | 2014-05-15 |
20140137163 | VEHICLE DISPLAY SYSTEM - A vehicle entertainment system comprising media player, master unit which capable of running at least two different tasks concurrently, slave units being under control of the master unit and slave units are capable of executing at least two different actions corresponding to the at least two different tasks concurrently. A smart device that is capable of controlling the operation of master unit and slave units. A media placed in the media player can be played and shared between master and slave units. The media can he stored in a storage device to be played at a later time. | 2014-05-15 |
20140137164 | IN-FLIGHT ENTERTAINMENT SYSTEMS AND METHODS FOR PROVIDING DIGITAL CONTENT IN AN AERIAL VEHICLE - An In-Flight Entertainment system is provided with a server unit and a display unit. The server unit is configured to maintain digital content. The display unit is configured to connect to the server unit through a wired network for receiving and presenting the digital content. The display unit further includes a wireless module for wirelessly transmitting the digital content received from the server unit to be presented by a first portable device. | 2014-05-15 |
20140137165 | INFORMATION PROCESSOR, INFORMATION PROCESSING METHOD AND PROGRAM - An information processor making up a home network system together with a terminal device. The information processor includes an identification request processing section, a publishing section, and a command execution section. The identification request processing section is configured to extract, from reproduced content, signature data indicating the features of the content, generate a query including at least the extracted signature data and transmit the query to an identification server so as to receive a response indicating the identification result of the reproduced content returned from the identification server in response to the query. The publishing section is configured to publish, to the terminal device, a command to operate the identification request processing section from the terminal device. The command execution section is configured to operate the identification request section in response to the command from the terminal device so as to transfer the response to the terminal device. | 2014-05-15 |
20140137166 | INTRA-PREMISES WIRELESS BROADBAND SERVICE USING LUMPED AND DISTRIBUTED WIRELESS RADIATION FROM CABLE SOURCE INPUT - A system that incorporates teachings of the present disclosure may include, for example, includes a broadband signal access point, which may be located internally or externally to the premises, in combination with the existing cabling is used with radiation device(s) to provide distribution of services, including broadband services, within the premises. Additional embodiments are disclosed. | 2014-05-15 |
20140137167 | Remote control device transaction setup in a home network - A technique of using a remote control device to identify a source for transferring content on a home network, a renderer for rendering the content and a pathway within a home network to couple the source to the renderer to transfer the content. The remote control device then transmits control information to the source to set a control parameter value within the source to send the content and transmits control information to the renderer to set a control parameter value within the renderer to receive the content. The commands from the remote configure parameter values associated with a media layer in the source and/or the renderer to initiate a hand-shake to effect the content transfer, so that the source and the renderer need not initiate the hand-shake between themselves. | 2014-05-15 |
20140137168 | TRANSMITTING APPARATUS, CONTROL METHOD FOR TRANSMITTING APPARATUS, CONTROL PROGRAM, AND RECORDING MEDIUM | 2014-05-15 |
20140137169 | SIGNAL EXPANSION SELECTION DEVICE - A signal expansion selection device receives a plurality of selection data from users to select one of audio-video signals generated from audio-video apparatuses. Each of the audio-video signals selected by a corresponding one of the users is converted into an audio-video datum for use by the user. The signal expansion selection device includes selection ports, a processing unit, multiplexing modules, and audio-video output ports. The selection ports send the selection data to the processing unit. The processing unit processes the selection data with an algorithm to generate a control command. The multiplexing modules select one of the audio-video signals according to the control command. The processing unit decodes and converts the selected audio-video signal to audio-video data and enables the audio-video data to be sent from one of the audio-video output ports. | 2014-05-15 |
20140137170 | Delivery of Workout Video - Techniques for workout video delivery includes presenting to a viewer's client process first data indicates a matrix of video segments including a set of warmup video segments, cool-down video segments and middle video segments. Second data indicating two or more video segments selected by the viewer is obtained from the client process. Video from all the selected video segments is presenting automatically to the viewer. | 2014-05-15 |
20140137171 | Method and Apparatus for Supporting Time Shift Playback in Adaptive HTTP Streaming Transmission Solution - A method and an apparatus for supporting time shift playback in an adaptive Hypertext Transfer Protocol (HTTP) streaming transmission solution are disclosed. The method includes: sending a live media presentation description (MPD) request message to a media server; receiving a response message that includes MPD for a current time period, where the MPD further includes media presentation information for another time period; determining that a moment of a media segment to be requested currently exceeds a time range corresponding to the MPD; acquiring the corresponding MPD according to the media presentation information corresponding to the media segment, and requesting, according to the acquired corresponding MPD, the media segment. In this manner, a client supports time shift playback of a larger time range, and at the same time, the size of the MPD is capable of remaining in an acceptable range. | 2014-05-15 |
20140137172 | VIDEO QUALITY AND AUDIO QUALITY ADJUSTMENT - A system that incorporates teachings of the present disclosure may include, for example, a system having a controller to allocate between a video and audio quality in a multimedia presentation and to utilize a resultant bandwidth as a result of allocation to enhance an audio or video quality in the multimedia presentation in response to a user selection among levels of video quality and audio quality. Other embodiments are disclosed. | 2014-05-15 |
20140137173 | REAL-TIME DVR POLLING SYSTEM - Techniques for real-time DVR usage and reporting enable using instant message protocol in a DVR environment to obtain real-time DVR usage data and to report data reflecting such usage in real-time. An example of DVR usage data comprises data reflecting that a viewer is viewing a video program which is R-rated. Another example of DVR usage data comprises a viewer entering a password, such as a kids zone password, to exit kids zone operational mode. | 2014-05-15 |
20140137174 | METHOD AND APPARATUS FOR PURCHASING UPGRADED MEDIA FEATURES FOR PROGRAMMING TRANSMISSIONS - The present invention provides an improved method and apparatus for purchasing media features for programming transmissions. A selection is sent to a server system to buy an upgraded media feature for a programming transmission. The server system automatically coordinates purchasing the media feature from a programming transmission source and providing the media feature from the programming transmission source. In one embodiment, an entertainment system includes a user interface from which a viewer selects an upgraded media feature for a programming transmission, wherein the programming transmission with the upgraded media feature is provided to the entertainment system. | 2014-05-15 |
20140137175 | METHOD AND SYSTEM FOR PROVIDING COMPLETE INTERNET ANYWHERE WITH PARTIAL SERVER PROCESSING - Methods and systems are described for providing complete Internet anywhere with partial server processing in which a request is sent from a set-top-box (STB) to a server communicatively coupled with the STB to process a portion of a web page that is unsupported by a web browser running on the STB. In one such method, the STB sends to the server an unsupported content request associated with a portion of a web page that is unsupported by a web browser executing on the STB. The STB receives a data stream from the server in response to the unsupported content request. The data stream was generated at the server by processing the unsupported portion of the web page. The STB composites the received data stream with another portion of the web page, that is supported by the web browser, to produce the web page. | 2014-05-15 |
20140137176 | Fast Channel Change for Hybrid Device - There is provided according to embodiments of the invention a method of changing channels in a hybrid multicast video distribution environment, which is carried out by receiving a plurality of multicast video streams concurrently in a server, buffering first segments of the video streams respectively, wherein the first segments comprise an independently decodable frame and zero or more predicted frames, encoding the first segments to form new segments having new frame quality parameters that are less than the frame quality parameters of the first segments, assembling the first segments and the new segments into respective channel packs of the video streams, and responsively to a request, identifying one of the video streams and transmitting at least a portion of the oldest stored channel pack of the one video stream from the server to a receiving device. Related apparatus and methods are also described. | 2014-05-15 |
20140137177 | HYBRID ALL DIGITAL FIBER TO CATV CABLE SYSTEM AND METHOD - Producing advanced HFC CATV cable systems while easing the burden of backward compatibility. The system improves CATV data carrying capacity by moving RF QAM modulators from the cable head end to various individually or group addressed optical fiber nodes supplying neighborhood CATV cables, and sending data from the cable head IP backbone to the nodes over optical fiber as IP data packets. For high backward compatibility, the system digitizes legacy RF waveforms, or demodulates legacy QAM waveforms to QAM symbols, also transmits these over the optical fiber as IP data packets, and then reconstitutes back to original waveforms as needed. The system is thus able to easily handle legacy NTSC, FM, QPSK waveforms and do partial (QAM symbol level) compression of legacy QAM waveforms to and from multiple nodes without requiring additional optical fiber wavelengths. The system may use non-standard upstream/downstream CATV frequency splits, filter bank receivers, and FPGA/DSP/ASIC methods. | 2014-05-15 |
20140137178 | ATTACK PROTECTION FOR TRUSTED PLATFORM MODULES - A trusted platform module stores information in a protected object having an associated policy. A program requesting access to the information is allowed to access the information if the policy is satisfied, and is denied access to the information if the policy is not satisfied. The trusted platform module uses one or more monotonic counters associated with the protected object to track attempts to access the information. If a threshold number of unsuccessful requests to access the information are received, then the trusted platform module locks the information to prevent the program from accessing the information for an indefinite amount of time. | 2014-05-15 |
20140137179 | PROTECTION OF USER DATA IN HOSTED APPLICATION ENVIRONMENTS - A method of converting an original application into a cloud-hosted application includes splitting the original application into a plurality of application components along security relevant boundaries, mapping the application components to hosting infrastructure boundaries, and using a mechanism to enforce a privacy policy of a user. The mapping may include assigning each application component to a distinct virtual machine, which acts as a container for its assigned component. | 2014-05-15 |
20140137180 | Hypervisor-Based Enterprise Endpoint Protection - Described systems and methods allow the detection and prevention of malware and/or malicious activity within a network comprising multiple client computer systems, such as an enterprise network with multiple endpoints. Each endpoint operates a hardware virtualization platform, including a hypervisor exposing a client virtual machine (VM) and a security VM. The security VM is configured to have exclusive use of the network adapter(s) of the respective endpoint, and to detect whether data traffic to/from the client VM comprises malware or is indicative of malicious behavior. Upon detecting malware/malicious behavior, the security VM may block access of the client VM to the network, thus preventing the spread of malware to other endpoints. The client system may further comprise a memory introspection engine configured to perform malware scanning of the client VM from the level of the hypervisor. | 2014-05-15 |
20140137181 | PROTECTION OF USER DATA IN HOSTED APPLICATION ENVIRONMENTS - A method of converting an original application into a cloud-hosted application includes splitting the original application into a plurality of application components along security relevant boundaries, mapping the application components to hosting infrastructure boundaries, and using a mechanism to enforce a privacy policy of a user. The mapping may include assigning each application component to a distinct virtual machine, which acts as a container for its assigned component. | 2014-05-15 |
20140137182 | POLICY ENFORCEMENT IN COMPUTING ENVIRONMENT - An embodiment may include policy engine circuitry that may enforce, at least in part, one or more platform resource management policies in a cloud computing environment. The one or more policies may be based, at least in part, upon service arrangements of the cloud computing environment. The one or more policies may establish respective isolated computing environments in the cloud computing environment that may be used by respective users. The enforcement of the one or more policies may result in the respective isolated computing environments being virtually isolated from each other and prevented from interfering with each other in derogation of the one or more policies. The one or more policies may be established, at least in part, via interaction of at least one management process with one or more application program interfaces of the circuitry. Many modifications are possible. | 2014-05-15 |
20140137183 | SECURITY SYSTEM AND METHOD FOR THE ANDROID OPERATING SYSTEM - A method of linking a security policy stored in a policy database that is specific to an application in the application layer with a new corresponding process launched in the Linux layer in a security system for an operating system running on a device that comprises a Linux-based kernel. The system architecture is defined by a middleware layer between the Linux layer associated with the kernel and the higher application layer comprising the applications. | 2014-05-15 |
20140137184 | SECURITY SYSTEM AND METHOD FOR OPERATING SYSTEMS - A device comprising an operating system to run processes and a middleware layer operable to launch applications. An application launched by the middleware layer is run using one or more processes in the operating system. The operating system has a user layer and a kernel wherein the processes run in the user layer and interact with other processes running in the user layer through the kernel, the interaction being in response to calls to the kernel made by the processes. The device has one or more policy files defining policies for interaction of processes with the kernel of the device, and a monitor configured to monitor interaction of a process with the kernel to link or associate defined policies to the process, and to read code defined in the policy file or files linked or associated to the process. | 2014-05-15 |
20140137185 | METHOD AND SYSTEM FOR IMPLEMENTING MANDATORY FILE ACCESS CONTROL IN NATIVE DISCRETIONARY ACCESS CONTROL ENVIRONMENTS - A method is provided for implementing a mandatory access control model in operating systems which natively use a discretionary access control scheme. A method for implementing mandatory access control in a system comprising a plurality of computers, the system comprising a plurality of information assets, stored as files on the plurality of computers, and a network communicatively connecting the plurality of computers, wherein each of the plurality of computers includes an operating system that uses a discretionary access control policy, and wherein each of a subset of the plurality of computers includes a software agent component operable to perform the steps of intercepting a request for a file operation on a file from a user of one of the plurality of computers including the software agent, determining whether the file is protected, if the file is protected, altering ownership of the file from the user to another owner, and providing access to the file based on a mandatory access control policy. | 2014-05-15 |
20140137186 | Enterprise Application Session Control and Monitoring in a Large Distributed Environment - Mechanisms are provided for performing centralized control of application sessions across a distributed computing environment comprising a plurality of application servers. A request to perform an application session control operation to control the application sessions associated with a specified user account identifier across the plurality of application servers in the distributed computing environment is received. A plurality of application instances upon which to perform the requested application session control operation are identified. An application session control request is transmitted to a plurality of session control clients associated with the application instances on the plurality of application servers of the distributed computing environment. The application session control request causes each session control client to control a user's ability to use the application sessions of application instances, associated with the session control client, that are associated with the specified user account identifier, to access the associated application instances. | 2014-05-15 |
20140137187 | Scalable and Highly Available Clustering for Large Scale Real-Time Applications - Scaling and highly available clustering for large scale real-time applications is provided. A ring may be formed which includes multiple nodes for providing a set of services in a system. When a network partition is detected which affects communications between each of the nodes in the ring, the formation of additional rings is prevented by shutting down nodes which include a minority of voting nodes in the ring while maintaining the availability of the nodes which include a majority of the voting nodes to continue providing the set of services in the system. | 2014-05-15 |
20140137188 | DEVICES, SYSTEMS, AND METHODS FOR SIMULTANEOUSLY DELIVERING PERSONALIZED/ TARGETED SERVICES AND ADVERTISEMENTS TO END USERS - Systems, devices, and methods are disclosed for enabling the reconfiguration of services supported by a network of devices. Such reconfiguration can be realized dynamically and in real time without compromising the security of the overall system from external threats or internal malfunctions. These systems, devices and methods may provide a first functional stack supporting a previous version of a specific service and the provisioning of a second functional stack dynamically and in real-time that supports an updated version of the specific service. In addition, an administration function may be included in the embodiment such that the administration function manages and controls the functional stacks and network operations. Using these mechanisms, an existing service can be changed dynamically or a new service can be added dynamically in a secure manner without interruption of other existing services. | 2014-05-15 |
20140137189 | CROSS-SITE REQUEST FORGERY PROTECTION - A cross-site request forgeries (CSRF) protection system helps protect against cross-site request forgeries attacks. A CSRF protector is arranged to receive a signal from a service provider that notifies a browser running on a potential victim consumer machine to selectively permit and/or deny cross-site requests in accordance with a set of one or more security policies. The policies can be selected and applied on a domain name basis, IP address basis, trusted zone basis, and combinations thereof. The CSRF protector can also provide a context of the event that triggers a request that contains a cross-site request, where the context provides indicia of circumstances that indicate a likelihood of a cross-site request forgery is being attempted. | 2014-05-15 |
20140137190 | METHODS AND SYSTEMS FOR PASSIVELY DETECTING SECURITY LEVELS IN CLIENT DEVICES - Embodiments of the present teachings relate to systems and methods for testing and analyzing the security of a target computing device. The method can include providing, to a server via a network, a security tool operable to be associated with a webpage accessible by a target computing device through the server, wherein security tool is operable to be executable by the target computing device and operable to collect one or more security metrics of the target computing device; receiving, from the server, the one or more security metrics of the target computing device; comparing the one or more security metrics with a security vulnerability database; and determining a level of security vulnerability for the target computing device based on comparing the one or more security metrics with the security vulnerability database. | 2014-05-15 |
20140137191 | MOBILE COMMUNICATIONS DEVICE PROVIDING HEURISTIC SECURITY AUTHENTICATION FEATURES AND RELATED METHODS - A mobile communications device may include a plurality of first input devices capable of passively collecting input data, a second input device(s) capable of collecting response data based upon a challenge, and a processor capable of determining a level of assurance (LOA) that possession of the mobile communications device has not changed based upon a statistical behavioral model and the passively received input data, and comparing the LOA with a security threshold. When the LOA is above the security threshold, the processor may be capable of performing a given mobile device operation without requiring response data from the second input device(s). When the LOA falls below the security threshold, the processor may be capable of generating the challenge, performing the given mobile device operation responsive to valid response data, and adding recent input data to the statistical behavioral model responsive to receipt of the valid response data. | 2014-05-15 |
20140137192 | System and Method for Authenticating Email Messages from Trusted Sources - A system and method for authenticating email messages from trusted sources. A trusted sender (TS) registers at a Trusted Validator (TVAL). The TVAL performs a one-time validation of the TS's identity, and creates a public access URL and private application key for the TS. The TS uses the private application key to generate, for each email message/address pair, a unique message access URL. The message access URL is inserted, along a text containing instructions, at the top of the email message to be sent. The public access URL is published by the TS (typically at the TS's web site) for the message receiver (MR) to associate the TS with his/her account in the TVAL. The MR obtains an authentication cookie for his/her email address at the TVAL, and, for each TS, he/she registers a “key phrase” only known to the MR in relationship with the TS. When the email message is opened by the MR, the email client uses the message access URL to obtain from the TVAL (if an authentication cookie has previously been created) the MR's key phrase in the form of a human-readable (but machine-non-readable) form. The MR authenticates the message as trusted by identifying the key phrase associated with the TS. | 2014-05-15 |
20140137193 | COMMUNICATION SYSTEM, METHOD FOR PERFORMING THE SAME AND COMPUTER READABLE MEDIUM - A communication system including: a first acquiring unit configured to obtain start request information for specifying whether participation in the session of a terminal is limited or not, and participation authentication information for authenticating participation in the session for the terminal; a session manager configured to establish the session; a second acquiring unit configured to obtain participation request information for requesting participation of a third terminal in the session, and the participation authentication information input from the third terminal; and a participation determination unit configured to compere the participation authentication obtained by the first acquiring unit and by the second acquiring unit, and determine whether participation of the third terminal in the session is allowed or not, and the participation determination unit configured to record terminal information of the third terminal, and to reject a subsequent participation request of the third terminal in the session thereafter. | 2014-05-15 |
20140137194 | CONTROL SERVER, DATA PROCESSING DEVICE, AND CONTROL DEVICE FOR DATA PROCESSING DEVICE - A control server may receive first location information indicating a location of specific web page data via a data processing device, in a case where a terminal device comprising a web browser receives the specific web page data from a specific service providing server by using a first type of wireless communication and sends the first location information to the data processing device by using a second type of wireless communication. The control server may cause a display unit of the data processing device to display at least N items of account information among M items of account information currently stored in the data processing device, in a case where the first location information is received. Each of the N items of account information may be available for receiving a data providing service from the specific service providing server. | 2014-05-15 |
20140137195 | SYSTEM AND METHOD FOR VERIFIED SOCIAL NETWORK PROFILE - A method for verifying the on-line identity of a subscribed user and securely displaying an indicia in connection with that user's on-line content, wherein the indicia includes an aspect corresponding to the verification level assigned to the subject user's profile. | 2014-05-15 |
20140137196 | METHOD FOR INTERNET TRANSACTIONS - The present invention consists of a computer security method that enables all users of a computer application to enjoy superior security levels when sensitive information is being exchanged with transaction applications. The method of the present invention consists of developing a virtual desktop or isolated execution environment that restricts the user to working in a specific zone. Said virtual desktop or isolated environment is programmed in such a way that message listening techniques such as hooking or quartz techniques are implanted for intercepting messages between the transaction application, such as the electronic bank, and the user's Operating System (OS). The method that is used in the present invention also blocks special key combinations in order to prevent malicious code execution in OS support devices, like Apple® IOS and Google™ Android, where special key combinations are not evident, but combinations such as “*#06#” exist. | 2014-05-15 |
20140137197 | DATA INTEGRITY FOR PROXIMITY-BASED COMMUNICATION - Methods, systems, and computer programs for trusted communication among mobile devices are described. In some aspects, an authentication value is generated at a first mobile device based on a message and a shared secret value stored on the first mobile device. In response to detecting proximity of a second mobile device, the message and the authentication value are wirelessly transmitted from the first mobile device to the second mobile device. In some implementations, the message and the authentication value can be wirelessly transmitted by a proximity-activated wireless interface, such as, for example, a Near Field Communication (NFC) interface. | 2014-05-15 |
20140137198 | Anonymous Authentication - A method and system for anonymous purchase by a first user device, is described, the method and system including sending R from the first user device to a second user device, where R is a result of a one-way function performed on a random number r selected by the first user device, the second user device being operative to send R to a service provider, which stores R with a data string T and the service provider returns a digitally signed R and T to the second user device, thereby providing the a data string T to the second user device, receiving R and T at the first user device from the second device, thereby ensuring that the identity of the first user device remains unknown to the service provider, opening a communication channel between the first user device and the service provider, sending the service provider r and T from the first user device via the communication channel along with a re quest for the service provider to provide a service, and receiving the requested service from the service provider. Related methods, systems and apparatus are also described. | 2014-05-15 |
20140137199 | METHOD AND SYSTEM FOR AUTHENTICATING INTERNET USERS - The invention provides methods for facilitating the identification of internet users, for detection of misuse of an identity during an electronic transaction, and for controlling access to web sites. The method employs determining the location of the user's wireless communication device, based on the geographical proximity of Wi-Fi locations and cached position information. | 2014-05-15 |
20140137200 | APPARATUS AND METHODS FOR MULTI-MODE ASYNCHRONOUS COMMUNICATIN - A method includes receiving at a host device a first communication associated with a transaction from at least one electronic device included in a set of electronic devices. The host device includes at least a memory, a processor, and a database. The first communication received at a first time and via a first communication mode. The method includes sending a response to the first communication at a second time after the first time and independent of the first time. The host devices receives a second communication associated with the transaction from the at least one electronic device at a third time. The first communication, the response to the first communication, and the second communication are displayable in a persistent record of the transaction regardless of a difference between the first time and the third time. | 2014-05-15 |
20140137201 | DETERMINING A TRUST LEVEL OF A USER IN A SOCIAL NETWORK ENVIRONMENT - A system and method for determining a trust level for a non-approved user in a social network is described. The method includes monitoring requests for social network interactions between an approved user and the non-approved user and determining if each interaction requested is of a first type or a second type. The method further includes increasing a first trust value when the interaction requested is of the first type and increasing a second trust value when the interaction requested is of the second type. The method further includes determining the trust level based on the first trust value and the second trust value. The method further includes changing the status of the non-approved user to an approved user based on the trust level, the first trust value and/or the second trust value. | 2014-05-15 |
20140137202 | INFORMATION SHARING METHOD AND SYSTEM USING THE SAME - An information sharing method and a system using the same are provided. The information sharing method includes establishing a wireless connection between a first device and a second device. The method also includes determining whether a first surface of the first device is in proximity to a second surface of the second device according to an audio-based authorization mechanism, and the audio-based authorization mechanism is activated through an authorization audio message in which an identification message is embedded. If it is determined that the first surface is in proximity to the second surface, the method further includes sharing information by the first device with the second device through the wireless connection. | 2014-05-15 |
20140137203 | AUTOMATICALLY GENERATING CHALLENGE QUESTIONS INFERRED FROM USER HISTORY DATA FOR USER AUTHENTICATION - User authentication is provided. At least one of a social network and a business network of each user in a plurality of users is accessed. User history data of each user in the plurality of users is monitored in the at least one of the social network and the business network. Challenge questions requiring a user response are generated based on monitoring the user history data of the users. The user response to a generated challenge question is evaluated. A set of events is triggered based on evaluating the user response. | 2014-05-15 |
20140137204 | SYSTEMS AND METHODS FOR PROVIDING MULTIMEDIA CONTENT WITHIN AN APPLICATION AND A SECURITY SOLUTION INTEGRATED THEREIN - A system is provided for downloading, for distribution and for acoustic reproduction of a music album, which includes at least one or several digital music files and/or multimedia content in the form of one or several multimedia files assignable to the music file, wherein the music file and/or multimedia file are provideable as data sets for downloading, wherein the music file and/or multimedia file are as data sets pre-holdable grouped after downloading as a music album in a data memory of an end-user-device, wherein the music file and/or multimedia file is treatable by a treatment means, particularly in dependency to an authorization, and wherein the treated music file and/or multimedia file is transferable to an output device of the end-user-device, especially a speaker device with or without a display device, in such a way, that the music file and/or multimedia file is at least acoustically emittable to one user. | 2014-05-15 |
20140137205 | System and Method for Automatic Provisioning of Managed Devices - A method and system for automatic provisioning of communication devices is described herein. The method can include the steps of receiving a pre-authorization request from a communication device and receiving an authorization request based on the pre-authorization request in which the authorization request may be in a first form. The method can also include the steps of converting the authorization request into a second form that may be recognizable by a directory service and obtaining an authorization approval from the directory service. The authorization approval may include a functional indicator that corresponds to a function associated with the operation of the communication device. Based on the authorization approval, the communication device may be established as a managed communication device. In addition, a bundle may be delivered to the managed communication device based on the functional indicator. | 2014-05-15 |
20140137206 | PASSWORD-FREE, TOKEN-BASED WIRELESS ACCESS - A method, system, and/or computer program product establish a password-free, token-based wireless network access for a mobile device that is within a wireless communication range of a wireless access point. A wireless connection is established between the mobile device and the wireless access point, where the wireless connection utilizes an extended existing protocol, and where the extension of the existing protocol is based on data stored as content in a data field in a token stored in a memory of the mobile device. The mobile device transmits a portion of the token as part of an initialization message to a verification server that is connected to the wireless access point. The mobile device receives a confirmation message for establishing the wireless connection based on a verification application running on the verification server. | 2014-05-15 |
20140137207 | OUT-OF-BAND TOKENS FOR RIGHTS ACCESS - Access to content may be administered by storing content, the content comprising one or more selections, accessing a passive optical out-of-band token associated with the content, determining an access right for the content based on the passive optical out-of-band token, and enabling access to the content in accordance with the access right. | 2014-05-15 |
20140137208 | MOBILE COMPUTING DEVICE-BASED SECURE BRIEFING SYSTEM - Systems, methods and computer program products that: convert hard-copy, text-based report delivery mechanism into digital delivery application with modern user interface functionality; provide a secure, reliable back-end infrastructure for report assembly and dissemination within a classified network; and integrate interactive multi-media content and technologies, including real-time interactive content and communication, are disclosed. In an aspect, secure briefs customized for multiple individuals within an entity are created. Such secure briefs replace traditional physical briefing books and are accessible via a secure mobile computing device, such as a tablet computer. | 2014-05-15 |
20140137209 | MODULE FOR MANAGING A TRANSACTION BETWEEN A TERMINAL AND AN ELECTRONIC DEVICE - A transaction module can be incorporated in a terminal for authorizing a transaction between a first application resident in the terminal and a second application resident in an electronic device. The module may include code-obtaining means for obtaining a code; an interface with a communications means of the terminal enabling a validation request including the code to be sent to a secure server; means for generating an audio signal from the code; an interface with a module of the terminal suitable for sending the audio signal to a loudspeaker of the terminal in order to play it back; and means for authorizing the transaction on receiving a validation message from the secure server. The validation message may be representative of the secure server receiving the code from the electronic device. | 2014-05-15 |
20140137210 | METHOD OF PROCESSING A DATA PACKET ON TRANSMISSION, A METHOD OF PROCESSING A DATA PACKET ON RECEPTION, AND ASSOCIATED DEVICES AND NODES - A method is provided for processing a data packet on reception, where the data packet is transmitted by a first node to a second node over a link of a wireless electronic communications network. The packet includes a header and payload data. The method includes a step of receiving the data packet in two stages, a first stage of receiving the header and a second stage of receiving the payload data. The first stage includes the following steps performed by the second node on receiving a header of the data packet: detecting in the received preamble an authentication preamble for authenticating the link; using the data packet authentication preamble to authenticate the link; and in the event of the authentication having a positive result, deciding to trigger the second stage of receiving the payload data from the data packet. | 2014-05-15 |
20140137211 | APPARATUS-SPECIFIC INFORMATION GENERATION DEVICE, APPARATUS-SPECIFIC INFORMATION GENERATION METHOD, TERMINAL APPARATUS, AND AUTHENTICATION SYSTEM - The present invention has: a dynamic random access memory (DRAM); a refresh controller that receives information related to a range of the number of lost bits that are lost by stopping refresh processing of the DRAM, and controls a time to stop the refresh processing to achieve the range of the number of lost bits; and a physical information mapping unit that generates device specific information based on position information of the lost bits generated by stopping the refresh processing. It is preferable that the refresh controller corrects the time to stop the refresh processing based on the number of current lost bits to achieve the range of the number of lost bits set. | 2014-05-15 |
20140137212 | SYSTEM AND METHOD FOR USING RESOURCES OF A COMPUTER SYSTEM IN CONJUNCTION WITH A THIN MEDIA CLIENT - A computer system including a processor and a memory for retrieving digital media content, storing the digital media content in the memory, and providing the digital media content to a thin media client is provided. | 2014-05-15 |
20140137213 | ACCESS CONTROL OF REMOTE COMMUNICATION INTERFACES BASED ON SYSTEM-SPECIFIC KEYS - A computer implemented method, computer program product, and computer system is provided for receiving a service request to obtain service from a second application, the service request including a client context and a signed ticket obtained by the first application from a system computer, validating the received signed ticket based on the key associated with the system, determining that the first application has authorization to obtain the requested service via the remote interface of the second application based on a comparison of one or more attributes of the received client context to an access control list associated with the second application, and sending a service reply from the second application to the first application to provide the requested service to the first application in response to determining that the first application has authorization to obtain the requested service via the remote interface of the second application. | 2014-05-15 |
20140137214 | PROVIDING SECURITY IN A CLOUD STORAGE ENVIRONMENT - A method of providing security as a service in a cloud storage environment includes storing, through a cloud manager of the cloud storage environment, a security level of access of a storage controller associated with a customer of the security as a service, and receiving a request from the customer to access security information of the storage controller associated therewith. The method also includes providing, through the cloud manager, security information of the storage controller associated with the customer in accordance with the request and the stored security level of access of the storage controller associated with the customer. | 2014-05-15 |
20140137215 | DATA FLOW PROCESSING IN A NETWORK ENVIRONMENT - Described are a system and method for managing a data exchange in a network environment. A flowtag is assigned to a data packet at a source device. The flowtag includes a port identification corresponding to a port at an aggregation device. A destination device is in communication with the port at the aggregation device. The data packet is authenticated at the aggregation device. The data packet is output from the source device to the destination device via the aggregation device according to the port identification in the flowtag of the authenticated data packet. | 2014-05-15 |
20140137216 | PASSWORD MISMATCH WARNING METHOD AND APPARATUS - Systems and methods for providing an authentication credential mismatch warning are disclosed. More particularly, at least one character from an authentication credential required to access a resource is recorded. When a user attempts to enter the required authentication credential, a mismatch warning can be generated if a monitored character is input incorrectly. The user can then revise the authentication credential input, prior to submitting the authentication credential to the resource. | 2014-05-15 |
20140137217 | VERIFYING AN INDIVIDUAL USING INFORMATION FROM A SOCIAL NETWORK - Systems and methods for verifying individuals using social network information are described. In some examples, the systems and methods receive a request to verify an individual, obtain social network information associated with the individual, and provide the social network information to the requestor. | 2014-05-15 |
20140137218 | MANAGING SECURITY CREDENTIALS FOR SCALED-OUT SERVICES - Embodiments are directed to establishing separate security identities for a shared service and shared service instances, and to managing shared and service instance credentials. In one scenario, a computer system establishes a shared credential for a shared service that includes multiple shared service instances, where the shared credential uniquely identifies the shared service. The computer system establishes a service instance credential for each shared service instance that uniquely identifies each shared service instance and maintains a relationship between the service instance and the shared service. The relationship provides service instance access to the shared credentials as the shared credentials are updated over time. Then, upon determining that the shared credentials have been updated and are no longer valid, the shared service instance accesses the updated shared credentials using the established relationship. | 2014-05-15 |
20140137219 | AUTOMATICALLY GENERATING CHALLENGE QUESTIONS INFERRED FROM USER HISTORY DATA FOR USER AUTHENTICATION - User authentication is provided. At least one of a social network and a business network of each user in a plurality of users is accessed. User history data of each user in the plurality of users is monitored in the at least one of the social network and the business network. Challenge questions requiring a user response are generated based on monitoring the user history data of the users. The user response to a generated challenge question is evaluated. A set of events is triggered based on evaluating the user response. | 2014-05-15 |
20140137220 | Obtaining Password Data - A method of obtaining password data for entry to an application running on a device. The method may include running a password manager application on a device. The password manager application may identify one or more applications installed on the device. The password manager application may display the identified applications on a display of the device. The password manager application may receive a user selection of a displayed application. The password manager application may determine whether an entry exists for the selected application in a memory associated with the password manager application. If no entry exists, the password manager application may generate an entry comprising password data for the selected application. If an entry exists, the password manager application may retrieve password data relating to the selected application. | 2014-05-15 |
20140137221 | IMAGE META DATA DRIVEN DEVICE AUTHENTICATION - Embodiments of the present invention address deficiencies of the art in respect to image based authentication and provide a novel and non-obvious method, system and computer program product for image meta data driven device authentication. In an embodiment of the invention, a method for image meta data driven device authentication is provided. The method includes acquiring an image in a computing device on behalf of an end user and generating a set of keywords describing the image in image recognition logic coupled to the computing device. The method additionally includes comparing the set of keywords describing the image to keywords in a keyword list stored in connection with the end user. Finally, the method includes authenticating the end user if a threshold number of keywords in the set match keywords in the keyword list, but otherwise denying the end user access to the computing device. | 2014-05-15 |
20140137222 | EXTENSIBLE DEPLOYMENT SYSTEM - An extensible deployment system is disclosed that provides for flexible deployment and centralized management of a scalable communication system. The scalable communication system may be segmented into multiple groups of services, e.g. multiple solutions, that may be deployed across one or more servers. The groups of services may each access separate databases in a single database instance that may allow for the groups of services to be deployed and upgraded independently. A management interface may be provided that allows for centralized management, and deployment, of all of the groups of services, irrespective of the independent upgrade paths of the groups of services. The management interface may include a local authentication system and may also be interoperable with one or more external authentication systems, such that users may use login credentials of an external authentication system to access the management interface. | 2014-05-15 |
20140137223 | METHOD AND APPARATUS FOR AUTHENTICATING USERS OF A HYBRID TERMINAL - The invention relates to a method and an apparatus for the authentication of users of a hybrid terminal comprising generation of a unique registration code, and a profile file, at least one registration step, comprising entry of user identification data, entry and transmitting a personal identification number from the internet-capable terminal to a registration server, transmitting the user identification data of the user from the internet-capable terminal to the registration server, entry of the unique registration code, validation of the user identification data and, in the case that the user identification data correspond to a user reference data record, assignment of the profile file and if the entry of the personal identification number by the user has not taken place, generation and transmission of the personal identification number from the registration server to the user, and an authentication step, comprising checking whether the profile file is present on the hybrid terminal and, if it is present, carrying out an authentication, otherwise carrying out an initial authentication and, if the initial authentication shows that the user is authorised, generation and transfer of the profile file from the authentication server to the hybrid terminal, and after carrying out the initial authentication or the authentication, transfer of a clearance message to at least one of the service providers. | 2014-05-15 |
20140137224 | SECURING PASSWORDS WITH HASH VALUE - A password security system, hosted by a server, whose method of operation may include receiving a client hash value from a client where the client hash value is computed by hashing a password to generate a first hash value, and hashing the first hash value combined with a user input of an answer to a challenge to generate the client hash value. A server hash value is computed using password data for the user that is stored in a data store coupled to the server and a server-side answer that is stored in the data store. A determination is made whether the server hash value matches the client hash value and data access is granted to the user in view of a determination that the server hash value matches the client hash value, and data access is denied to the user in view of a determination that the server hash value does not match the client hash value. | 2014-05-15 |
20140137225 | SINGLE SIGN-ON FOR NETWORK APPLICATIONS - A method may include authenticating a device to a first server, where the device includes an agent; receiving a request, in the first server from a second server, to verify the authenticity of the device, where the device is not authenticated to the second server; sending a browser plug-in to the device to communicate with the agent for verifying the authenticity of the device; receiving, in the first server, a message from the agent verifying the authenticity of the device; and sending a message from the first server to the second server to authenticate the device to the second server. | 2014-05-15 |
20140137226 | Method and System for Processing Identity Information - A method for processing identity information may include: a first identity for logging into a first website is obtained; a user logs into a second website by using the first identity; a second identity for logging into the second website is obtained; a relation which associates the first identity with the second identity is established. | 2014-05-15 |
20140137227 | Systems and Methods for Enhancement of Single Sign-On Protection - Systems and methods are provided for enhancement of single sign-on protection. For example, information associated with one or more executable files related to an application process is acquired at a beginning of the application process; whether the one or more executable files are included in a pre-established white-list database is determined based on at least information associated with the executable files; a target uniform-resource locator (URL) associated with the application process is acquired in response to the one or more executable files being not included in the pre-established white-list database; and in response to the target URL being included in a pre-established log-in URL database on an authentication server, the application process is intercepted, and/or a risk notification is provided to a user. | 2014-05-15 |
20140137228 | Web application vulnerability scanning - Present example embodiments relate generally to scanning websites, wherein the devices, methods, and logic for the scanning comprises receiving interaction information between a user computing device and a web application of the website; dynamically determining an action to be performed to the web application that approximately simulates the user computing device interacting with the web application, wherein the action is dynamically determined based on the received interaction information; establishing a browsing session with the website; discovering the web application within the website; and identifying a vulnerability of the web application by interacting with the web application using the action. | 2014-05-15 |
20140137229 | PROVIDING NOTIFICATION OF SPAM AVATARS - Provided are approaches for monitoring activities, movements, and other behavior patterns necessary to determine whether an avatar is a spam advertisement. A storing mechanism stores a “black list” and a black list score consisting of a list of spam avatar identifications (UUIDs) matching avatars that have been flagged as confirmed or suspected spam advertisers. Another mechanism allows the owner to redraw or otherwise re-render a distinguishing mark when an avatar has been detected as being a spam advertiser. Yet another mechanism signals to the owner of an offending avatar that they have been added to the black list or had a report filed against them. Another mechanism allows for a black listed avatar to be removed from the black list, and scores to be decreased and for the virtual universe and users to utilize the black list and score. | 2014-05-15 |
20140137230 | PROVISIONING PROXY FOR PROVISIONING DATA ON HARDWARE RESOURCES - A processing device receives an unauthenticated provisioning request from a hardware, wherein the processing device is in a first network zone that is accessible to the hardware resource. The processing device determines whether the hardware resource satisfies one or more provisioning criteria. Responsive to determining that the hardware resource satisfies the one or more provisioning criteria, the processing device forwards the provisioning request to a server residing behind a firewall in a second network zone that is inaccessible to the hardware resource, receives provisioning data from the server by the provisioning proxy, and forwards the provisioning data to the hardware resource. | 2014-05-15 |
20140137231 | INCORPORATING ACCESS CONTROL FUNCTIONALITY INTO A SYSTEM ON A CHIP (SoC) - In one embodiment, the present invention includes a system on a chip (SoC) that has a first agent with an intellectual property (IP) logic, an interface to a fabric including a target interface, a master interface and a sideband interface, and an access control plug-in unit to handle access control policy for the first agent with respect to incoming and outgoing transactions. This access control plug-in unit can be incorporated into the SoC at integration time and without any modification to the IP logic. Other embodiments are described and claimed. | 2014-05-15 |
20140137232 | DEVICE APPARATUS, CONTROL METHOD, AND RELATING STORAGE MEDIUM - A device apparatus transmits a request for delegating authority, after it is delegated from a user, to an application, together with first authority information identified, to an approval server system, and acquires second authority information issued based on the first authority information from the approval server system. | 2014-05-15 |
20140137233 | KEY WITH INTEGRAL BIOMETRIC INPUT DEVICE - A key integrates with a biometric input device. According to an aspect of the present disclosure, a fingerprint scanner may be integral with a spacebar. | 2014-05-15 |
20140137234 | MOBILE DEVICE AUTHENTICATION THROUGH TOUCH-BASED GESTURES - A method, system, and apparatus of a touch-based authentication of a mobile device through user generated pattern creation are disclosed. In one embodiment, a method of a mobile device includes recognizing a tactile force on a touch screen without a visual aid as an unlocking gesture, storing the unlocking gesture to a memory of the mobile device, associating another tactile force on the touch screen with the unlocking gesture, and transforming the mobile device from an initial state to an unlocked state based on the association between the another tactile force and the unlocking gesture. The method may include transforming the mobile device to operate as a telephonic communication device in the unlocked state. | 2014-05-15 |