49th week of 2015 patent applcation highlights part 81 |
Patent application number | Title | Published |
20150350116 | SYSTEM AND METHOD FOR EMAIL PRE-DELIVERY - Disclosed is a system and method for automatically pre-delivering messages such as emails that satisfy a certain criteria. Upon a received email satisfying certain criteria conforming to a pattern, an appropriate rule is triggered which pre-delivers an email(s) to other appropriate inboxes. The pre-delivered emails are marked with a display flag and a time-to-live (TTL) flag. The display flag masks the pre-delivered email. The display flag results in the pre-delivered email being hidden until the sending user actually executes the send/forward action. At that time, the display flag is toggled so that the pre-delivered email is instantly displayed in the recipient's inbox. The TTL flag set enables pre-delivered emails to have a life-span, such that in cases where the user chooses not to forward/send the email, they auto-destruct after a period of time. | 2015-12-03 |
20150350117 | CONVERSATION BRANCHING FOR MORE EFFICIENT RESOLUTION - A method for conversation branching may include storing a plurality of messages communicated in an online conversation and generating a fingerprint for each message. The fingerprint for each message may be stored in a lookup table. The method may also include detecting a new message from one of the users and processing the new message to generate an artifact that correlates to the new message. The lookup table may be queried using the artifact to determine a similarity between the new message and each of the stored messages. One or more proposed reply messages to the new message may be generated for branching the online conversation to a new conversation point that corresponds to a selected one of the one or more proposed reply messages. The one or more proposed reply messages are based on one of the stored messages that has a closest similarity to the new message. | 2015-12-03 |
20150350118 | CANNED ANSWERS IN MESSAGES - At an electronic device with a touch-sensitive display, display a message transcript, where the message transcript includes at least one message from at least a first user. Determine, based at least in-part on the at least one message, a plurality of suggested one or more characters. Display, on the touch-sensitive display, the plurality of suggested one or more characters. Detect an input on the touch-sensitive display. Determine whether the input represents user selection of one of the plurality of suggested one or more characters. Display the selected one of the plurality of suggested one or more characters in the message transcript. Send the selected one or more characters to the first user. | 2015-12-03 |
20150350119 | SENDING MESSAGES TO MULTIPLE RECEIVING ELECTRONIC DEVICES USING A MESSAGE SERVER - The described embodiments include a message server that is configured to send, to multiple receiving electronic devices, corresponding messages that each include a payload acquired from a single request message received from a client electronic device. In these embodiments, the request message received from the client electronic device includes a push token for each of the receiving electronic devices and the payload. Upon receiving the request message, the message server generates, for a receiving electronic device associated with each push token, a message that includes the payload. The message server then sends each message to the corresponding receiving electronic device. In this way, the message server “fans out,” to the multiple receiving electronic devices, corresponding messages that each include the payload from the single request message. | 2015-12-03 |
20150350120 | METHOD AND DEVICE FOR MANAGING INSTANT MESSAGE - A method for a terminal to manage an instant message, includes: determining whether the instant message is a reply to an existing message when receiving or sending the instant message; if the instant message is not a reply to any existing message, creating a new session and adding the instant message as a root node into the new session; and if the instant message is a reply to an existing message, adding the instant message into a session to which the existing message belongs and setting the instant message as a child node of the existing message. | 2015-12-03 |
20150350121 | A METHOD AND SYSTEM FOR PROVIDING MULTITHREADED COMMUNICATION - The present disclosure provides a system and method multithreaded communication. A user operating at a client device communicates a request for searching a particular keyword(s) to another user. Said communicating user in response performs a search at his/her client device. Further, the (chat) communication server is specifically configured to, simultaneously and in parallel, present said search process in progress and results so produced in real time at the client device of said requesting user. | 2015-12-03 |
20150350122 | METHOD FOR IMPROVING A MESSAGING SERVICE IN A COMMUNICATION NETWORK - Present invention refers to a method for improving a messaging service in a communications network. The method comprises the steps of: a group of users of the messaging service establishing a message conversation; including a unique message identifier to each message of the message conversation; a first user of the group of users, using a communication device, creating a first message to be sent to the group of users as a reply to a previously received message from the message conversation; and encoding the unique message identifier, referring to the previously received message, into the message of the first user. | 2015-12-03 |
20150350123 | USER TERMINAL APPARATUS, COMMUNICATION SYSTEM, AND METHOD OF CONTROLLING USER TERMINAL APPARATUS - A user terminal apparatus including: a display configured to provide a messenger service image of a messenger service; a user interface unit user interface configured to receive user interaction with respect to the messenger service image; and a processor configured to control the user terminal apparatus to transmit, in response to a user command for execution of an application being input in the messenger service image, identifier information of corresponding to the application and participant information corresponding to participants of the messenger service image to an app application providing server in response to a user command for app execution in the messenger service image being input, and to control the user terminal apparatus to receive app application execution information configured based on the participant information from the app application providing server, and to provide the app application execution information as an input message of the messenger service. | 2015-12-03 |
20150350124 | SYSTEM AND METHOD OF SHARING CONTENTS USING MESSENGER - The present invention provides to a system and method of sharing contents using a messenger program. The system includes a device server which registers Consumer electronic (CE) devices of the same user and CE devices of different users, and generates a messenger account; a messenger server which registers the generated messenger account; and a buddy setting module which sets a buddy relationship among the CE devices of the same user and a buddy relationship among the CE devices of different users, such that contents are shared by the CE devices having the buddy relationship. | 2015-12-03 |
20150350125 | Photo Avatars - In one implementation, endpoint computing devices communicate using one or more instant messages. A user interface of an endpoint receives text input from a user for an instant message. The endpoint generates a trigger command in response to the instant message. A camera captures an image in response to the trigger command. The image may depict the user that entered the text input but other images are possible. The endpoint sends the image with the instant message to a recipient of the instant message. | 2015-12-03 |
20150350126 | METHOD AND DEVICE FOR USING LOG INFORMATION - The present invention discloses a method and device for using log information, acquiring log information; and sending the log information to a first instant messaging client, so that the first instant messaging client displays the working status of the user according to the log information. In this way, the log information of the user is displayed in an instant messaging client that has an instant messaging identifier of the user. When the user performs communication by using instant messaging software, a peer end in communication can acquire a future status of the user in time, and the user can acquire a future status of the peer end in communication in time, which helps either communication party select an appropriate time to initiate communication with a peer end in communication, thereby greatly enhancing efficiency of communication performed by using the instant messaging software. | 2015-12-03 |
20150350127 | System and Method for Updating User Availability for Wireless Communication Applications - Systems and methods for monitoring and updating user availability based upon presence and television viewing behavior are described herein. In one embodiment, a presence system is used to detect a user's presence to update the user's availability status. The availability status is then used to update a contact list, voicemail message, and/or busy message. In further embodiments, user preferences are used in combination with presence data to update the user's availability status. In still further embodiments, a user's television viewing behavior is used in combination with the presence data, user preferences, or both to update the user's availability status. Alternative embodiments provide systems and methods in accordance with the present invention for other interactive devices. | 2015-12-03 |
20150350128 | EXTENSIBLE CHAT ROOMS IN A HOSTED CHAT ENVIRONMENT - A method for extensible chat rooms in a hosted chat environment includes providing multiple different chat rooms, each executing in a separate process address space of at least one computing device. Each of the chat rooms includes a textual transcript of chat postings and a video feed of a subject. A catalog of extensions available for provisioning in connection with the different ones of the chat rooms is displayed to different moderators of the different ones of the chat rooms. Thereafter, in response to a selection of one of the extensions by one of the moderators, the selected one of the extensions is provisioned for use in connection with processing a particular event in a corresponding one of the chat rooms. Specifically, the extension pre-processes the particular event as the particular event occurs in the chat room before permitting the chat room to process the particular event. | 2015-12-03 |
20150350129 | MESSAGE PROCESSING BY SUBSCRIBER APP PRIOR TO MESSAGE FORWARDING - Certain embodiments of the present invention can detect and evaluate new messages at a coordinating device to determine whether to forward the message to a wearable device. In this manner, a server can reduce a number of devices that it is to communicate a message to, while still allowing the message to be availed to multiple devices. Further, certain embodiments relate to coordinating alerts (e.g., audio or haptic alerts) to reduce redundant alerts of a single message amongst spatially clustered devices. | 2015-12-03 |
20150350130 | MESSAGE USER INTERFACES FOR CAPTURE AND TRANSMITTAL OF MEDIA AND LOCATION CONTENT - A device provides user interfaces for capturing and sending media, such as audio, video, or images, from within a message application. The device detects a movement of the device and in response, plays or records an audio message. The device sends the recorded audio message in response to detecting a movement of the device. The device removes messages from a conversation based on expiration criteria. The device shares a location with one or more message participants in a conversation. | 2015-12-03 |
20150350131 | METHOD AND DEVICE FOR CONTROLLING THE DISPLAY OF A GROUP OF CONTACTS - A method and a device are provided for controlling the display of a group of contacts associated with a terminal. The group of contacts is ordered according to a first predetermined criterion, and displayed according to this arrangement. Each contact is represented in a frame of predetermined size. When at least one contact of the group fulfills a second predetermined criterion, the display control method includes enlarging the frame in which the contact is displayed so that a user scrolling through the list of contacts can easily identify a contact fulfilling the second predetermined criterion. | 2015-12-03 |
20150350132 | METHOD AND SYSTEM FOR PREDICTING FUTURE EMAIL - Disclosed is a system, method, and non-transitory computer readable storage medium for predicting future messages. A processor receives a message sent to a user operating a client device, analyzes the message in light of previously identified patterns and scores assigned to scanned messages, determines a future message that should be received by the client device based on the received message, and transmits an item of information based on the determined future message. | 2015-12-03 |
20150350133 | MESSAGE ATTACHMENT MANAGEMENT - A method and system for exchanging email attachments is disclosed. An attachment can be sent to one or more recipients using a file hosting service. In this way, instead of including the attachment with the email, the attachment is sent and stored on a file server. The attachment can later be retrieved by the email's recipients using a link that is included in the email. The link can be embedded in the email's header or body. In one case, the attachment is automatically retrieved from the file server using the link. In another case, a recipient can manually retrieve the attachment from the file server using the link. A link can be associated with an expiration date such that when a link expires, the link can no longer be used to retrieve the attachment. | 2015-12-03 |
20150350134 | DUAL SERVER SYSTEM FOR SENDING A LARGE EMAIL ATTACHMENT - An electronic device with a touch-sensitive surface and display can execute a messaging application. The messaging application provides options for sending a message with a large attachment. In one option it allows for sending a message with a large attachment by uploading and storing the attachment on a cloud server, embeds a link to the storage location in the message, and sends the message without the attachment. The messaging application may also include a UI element in the message that includes an indicator about the status of the stored attachment. Furthermore, the messaging application may embed in the message a smaller sized version of the attachment before sending the message. The status indicator may display whether the link to the storage location has expired or whether the attachment has previously been retrieved from the cloud server. | 2015-12-03 |
20150350135 | INFORMATION PROCESSING APPARATUS, ELECTRONIC INFORMATION BOARD, STORAGE MEDIUM OF SOFTWARE PROGRAM, INFORMATION PROCESSING SYSTEM, AND ELECTRONIC INFORMATION BOARD SYSTEM - An information processing apparatus includes a message receiver, an attachment data generator, an extractor, a message generator, and a message transmitter. The message receiver receives a message. The attachment data generator generates attachment data to be attached to a distribution message, to be transmitted from the information processing apparatus, by retrieving data loaded to the information processing apparatus. The extractor extracts candidate information to be used as transmission setting information of the distribution message from information included in the message received by the message receiver. The message generator generates the distribution message attachable with the attachment data generated by the attachment data generator based on the transmission setting information extracted by the extractor. The message transmitter transmits the distribution message generated by the message generator. | 2015-12-03 |
20150350136 | SYSTEMS AND METHODS FOR PROVIDING RESPONSES TO AND DRAWINGS FOR MEDIA CONTENT - Systems, methods, and non-transitory computer-readable media can detect an initiation of a drawing to a media content item. A first drawing option that is selectable via a first dimension can be provided. A second drawing option that is selectable via a second dimension can be provided. A first current state of the first drawing option and a second current state of the second drawing option can be indicated. | 2015-12-03 |
20150350137 | SYSTEM FOR MANAGING E-MAIL TRAFFIC - According to a first embodiment of the invention, if an e-mail sender attempts to make too many connections within a predetermined period of time, the excess connections are automatically rejected. According to a second embodiment of the invention, an agreement is established between an e-mail sender and an e-mail recipient that states when the sender may send e-mail messages to the recipient. According to a third embodiment of the invention, trend data reflecting an amount of e-mail sent by a sender is collected. The trend data can be used to establish a rate limit for the sender. According to a fourth embodiment of the invention, separate rate limits are established for authenticated and unauthenticated mail from addresses. According to a fifth embodiment of the invention, a sender may have a rate at which their e-mail is transmitted reduced if they exceed predetermined rate limits. | 2015-12-03 |
20150350138 | CONTROLLER, MESSAGE DELIVERY SYSTEM, MESSAGE DELIVERY METHOD, AND PROGRAM - A controller, for controlling a switch that forwards a message, comprises: a holding unit that, upon receipt of a notification including a tag from a second node that subscribes to a message delivered with the tag from a first node, associates and holds the tag and a virtual address, and associates and holds the virtual address and a physical address of the second node that transmits the notification; a setting unit that sets in the switch the association between the virtual address and the physical address; and a tag resolution unit that, upon receipt of an inquiry about the virtual address associated with the tag from the first node, responds the virtual address. | 2015-12-03 |
20150350139 | System and method for following topics in an electronic textual conversation - A method for following a topic in an electronic textual conversation, the method includes selecting, by a computing device, one or more primary terms related to a topic, sending, by the computing device, to at least one communication service, a first query containing the at least one primary term, receiving, by the computing device, from the at least one communication service, at least one first set of messages responsive to the first query, for each first set, extracting, by the computing device, from the first set of messages, a first plurality of additional terms, and for each term of the first plurality of additional terms, enumerating, by the computing device, the messages of the first set in which the term appears and adding the term to a list of secondary terms if the enumeration exceeds a threshold amount. | 2015-12-03 |
20150350140 | Live Location Sharing - Techniques for live location sharing are described. A first mobile device and a second mobile device can communicate with one another using an IM program. The first mobile device can receive a user input to share a location of the first mobile device in the IM program. Sharing the location can include causing the second mobile device to display a location of the first mobile device in an IM program user interface on the second mobile device. Duration of sharing the location can be user-configurable. The second mobile device may or may not share a location of the second device for display in the IM program executing on the first mobile device. | 2015-12-03 |
20150350141 | MESSAGE USER INTERFACES FOR CAPTURE AND TRANSMITTAL OF MEDIA AND LOCATION CONTENT - A device provides user interfaces for capturing and sending media, such as audio, video, or images, from within a message application. The device detects a movement of the device and in response, plays or records an audio message. The device sends the recorded audio message in response to detecting a movement of the device. The device removes messages from a conversation based on expiration criteria. The device shares a location with one or more message participants in a conversation. | 2015-12-03 |
20150350142 | METHOD AND SYSTEM FOR MARKING EMAIL THREADS - Disclosed herein is a technique for marking email threads as important. When an email thread is marked as important, all email messages belonging to the email thread are marked as important in an email user interface. Also, notifications are generated for any incoming messages belonging to the email thread that has been marked as important. | 2015-12-03 |
20150350143 | DISPLAYING OPTIONS, ASSIGNING NOTIFICATION, IGNORING MESSAGES, AND SIMULTANEOUS USER INTERFACE DISPLAYS IN A MESSAGING APPLICATION - An electronic device with a touch-sensitive surface and display can execute a messaging application. In the messaging application, swipe options can be displayed for messages and threads. Swipe options correspond to actions that can be taken on the messages or threads. Messages and threads can be associated with notification rules as well as be ignored. Composition interfaces and messages can be displayed simultaneously in the messaging application. The messaging application can display a conversation view of a message thread with a common header that can include subject information and names of participants in the threads. The messaging application allows for adding and removing participants to the conversation view. The messaging application allows for grouping search results from a search of messages using a search term. The grouping can be based on the location of the search term within the messages. | 2015-12-03 |
20150350144 | EMAIL OPTIMIZATION FOR PREDICTED RECIPIENT BEHAVIOR: SUGGESTING CHANGES IN AN EMAIL TO INCREASE THE LIKELIHOOD OF AN OUTCOME - Techniques are described herein for predicting one or more behaviors by an email recipient and, more specifically, to machine learning techniques for predicting one or more behaviors of an email recipient, changing one or more components in the email to increase the likelihood of a behavior, and determining and/or scheduling an optimal time to send the email. Some advantages of the embodiments disclosed herein may include, without limitation, the ability to predict the behavior of the email recipient and suggest the characteristics of an email which will increase the likelihood of a positive behavior, such as a reading or responding to the email, visiting a website, calling a sales representative, or opening an email attachment. | 2015-12-03 |
20150350145 | SHARING OF ACTIVITY METADATA VIA MESSAGING SYSTEMS - Systems and methods are provided for sharing activity information of devices engaged in a messaging session. In operation, the devices provide activity and sharing preference information to a data service. Thereafter, the data service generates notifications for the devices based on the activity, sharing preference, and device information, wherein the notifications include a payload with instructions for messaging clients at the devices to present user interface elements that allow users to access content and applications associated with other users in the messaging session. | 2015-12-03 |
20150350146 | COORDINATION OF MESSAGE ALERT PRESENTATIONS ACROSS DEVICES BASED ON DEVICE MODES - Certain embodiments of the present invention can detect and evaluate new messages at a coordinating device to determine whether to forward the message to a wearable device. In this manner, a server can reduce a number of devices that it is to communicate a message to, while still allowing the message to be availed to multiple devices. Further, certain embodiments relate to coordinating alerts (e.g., audio or haptic alerts) to reduce redundant alerts of a single message amongst spatially clustered devices. | 2015-12-03 |
20150350147 | DISPLAYING INTERACTIVE NOTIFICATIONS ON TOUCH SENSITIVE DEVICES - Methods and devices display an interactive notification element at an electronic device. The method comprises detecting an occurrence of an event associated with an application. In response to detecting the occurrence of the event, a notification element is displayed. A user of the device inputs a sequence of one or more gestures to reveal actions he can take in response to the notification element. The device then displays a plurality of action option UI elements, the selection of each action option UI element causing the application to perform a different action. | 2015-12-03 |
20150350148 | HEALTHCARE SECURE MESSAGING AND REMINDER SYSTEM - A system provides secure messaging of healthcare data and prompts message responses using prioritized hierarchical reminders. Messages can be sent and received through an application executing on a mobile device or on a web browser or application executing on any computer. The system can provide message notifications and multiple reminders to ensure that a user is reliably receiving and also reading messages. If an in-application message is not read within a time period, the message can followed by a reminder message informing the recipient that there is a secure message waiting. The reminder message can be sent using an application notification or through other channels, such as by SMS text message, automated voice telephone call, or e-mail, without including sensitive patient healthcare information. | 2015-12-03 |
20150350149 | METHOD FOR REAL-TIME VIRAL EVENT PREDICTION FROM SOCIAL DATA - Filtering a set of social messages received in real time to yield a sub-set likely to relate to some first substantive content subject (such as a video available online). For each message in the sub-set, a respective social message sender, and a corresponding social influence value for each respective social message sender is determined. A prediction of the extent of the spread of the substantive content subject is made based on the social influence values of the social message senders. | 2015-12-03 |
20150350150 | System and Method for identifying and communicating with People and Business based on Proximity, Interest, availability, and a 16 view proximity based chat - The invention provides a system and method that enables local people and business to know each other and communicate based on proximity search and filtered access to profiles, public chat and private chat. The invention also provides a system and method to incent, facilitate and manage viral expansion of members as existing members sponsor (recruit) non-members (people and/or businesses) to join. | 2015-12-03 |
20150350151 | Generating a Conversation in a Social Network Based on Mixed Media Object Context - A system and method for generating a conversation in a social network based on visual search results. A mixed media reality (MMR) engine indexes source materials as MMR objects, receives images from a user device and identifies matching MMR objects. A content management engine generates metadata corresponding to the MMR objects. A social network application generates conversations corresponding to the MMR object. The conversation includes multiple discussion threads. If a conversation already exists, the social network application provides the user with access to the conversation. | 2015-12-03 |
20150350152 | MANAGING AND STORING MESSAGES RECEIVED BY A MOBILE COMPUTING DEVICE - In an approach to managing messages received by a mobile computing device, a computer retrieves a plurality of settings associated with the mobile computing device, with at least one of the plurality of settings associating a characteristic of the mobile computing device with an indication to initiate message retrieval. The computer determines the characteristic of the mobile computing device and determines, based, at least in part, on the characteristic of the mobile computing device, whether the associated indication to initiate message retrieval is received. Responsive to determining the associated indication to initiate message retrieval is received, the computer retrieves at least one message received by the mobile computing device and transmits the at least one message to a user of the mobile computing device. | 2015-12-03 |
20150350153 | SYSTEM AND METHOD FOR ACCOUNT-BASED DNS ROUTING - A system and method are disclosed herein for account-based domain name system (Account-Based DNS) routing in an Internet Protocol (IP) service network. An IP device is provided for generating SIP or IP service requests. A configuration database that contains an association between a customer account identifier and an account-based DNS address is used by a provisioning service for assigning an account-based DNS address to the IP service request. A proxy server is configured to receive the IP service request. The proxy server is in communication with a server database comprising an association between the customer account identifier, the type of SIP service request and a plurality of feature servers, wherein the proxy server dynamically assigns a forwarding account-based DNS address to the SIP service requests based on the association in the server database so that the SIP service request is forwarded to the assigned feature server. | 2015-12-03 |
20150350154 | Using Distributed Network Elements to Send Authoritative DNS Responses - This disclosure describes a network element controller that communicates with a bank of network elements over a software defined network (SDN) to provide DNS responds to external users. The network elements, such as switches and routers, reside within a computer perimeter network or data center and intercept DNS requests from resolving DNS servers that are destined for an authoritative name server. The network elements, in turn, send a DNS response to the resolving DNS servers on behalf of the authoritative name server, which include a corresponding DNS record and a source address of the authoritative name server. In one embodiment, the network element controller proactively programs DNS records on each of the network elements included in the perimeter network. | 2015-12-03 |
20150350155 | SYSTEMS AND METHODS FOR IP SHARING ACROSS WIDE AREA NETWORKS - Computer connectivity is dependent on network availability. When networks are offline, relocating systems and data to an available network is an inefficient, time consuming, and error prone process. A system and method is disclosed for instant IP sharing and relocation between geographical locations by combining BGP announcement in one or multiple locations and applying stateless NAT to the IP traffic. Thereby, IP traffic is redirected to the desired location and delivered to the final device using the shared/relocated IP address. This system and method allows a single IP address to actively respond to network requests from numerous locations which can be spread around the globe. | 2015-12-03 |
20150350156 | NAT implementation system, method, and Openflow switch - Disclosed is an NAT implementation system, comprising: a controller and an Openflow switch. The Controller delivers a flow table and an improved group table. The Openflow switch receives the flow table and the improved group table, and matches, according to an address translation matching rule recorded in the flow table, a data packet that address translation needs to be performed on; and performs translation between a private address and a public IP address according to an address translation rule recorded in the improved group table, and sends the data packet out by using an address after translation. Further disclosed are an NAT implementation method and Openflow switch. By using the present invention, the flow table and the improved group table only need to be sent to the Openflow switch at once, and the Openflow switch does not need to frequently interact with the Controller, so that a forwarding delay of the data packet is shortened and the network transmission efficiency is improved. | 2015-12-03 |
20150350157 | SOURCE-DESTINATION NETWORK ADDRESS TRANSLATION (SDNAT) PROXY AND METHOD THEREOF - A proxy and method for performing source destination network address translation are presented. The method includes receiving a first message from a node communicatively connected to a first network to access a resource communicatively connected to a second network, wherein the first message contains at least a source address and a destination address used within the first network; translating the destination address designated in the first message to an address of the resource; generating a unique address for the destination address designated in the first message, wherein the unique address is an address not in use on the second network; providing a translated message including the translated destination address and the unique address; and forwarding the translated message to the resource communicatively connected to the second network. | 2015-12-03 |
20150350158 | Methods and Devices for Acquiring Media Access Control (MAC) Address - Provided are methods and devices for acquiring a Media Access Control (MAC) address. According to a method for acquiring an MAC address, an MAC address request message is received, wherein the MAC address request message carries a Fibre Channel Identifier (FCID); whether the FCID is matched with an FCID of a receiver receiving the MAC address request message or not is judged; and when it is judged that the FCID is matched with the FCID of the receiver receiving the MAC address request message, the receiver sends a response message, wherein the response message carries an MAC address of the receiver. The technical solution solves the problem in a related technology that communication cannot be directly performed through the link layer, and has the effect of directly acquiring an MAC address corresponding to an FCID of an opposite end so as to perform communication by fast switching at the link layer. | 2015-12-03 |
20150350159 | EFFICIENT COMMUNICATIONS THROUGH A SHARED COMMUNICATION MEDIUM - A method and apparatus are disclosed for transferring data through a shared communication medium between communication devices. In at least one embodiment, a timeout period used to detect data transfer errors may be modified based, at least in part, on a data transfer status message transmitted from a media access control (MAC) layer to a protocol adaptation layer of a first communication device. The data transfer status message may include a status and an expected duration of a pending data transfer. In another embodiment, The timeout period may be modified based, at least in part, on data transfer statistics transmitted from the MAC layer to the protocol adaptation layer. Data transfer statistics may be accumulated by the MAC layer and may include data transfer size, data throughput rates, and number of re-attempted data transfers. | 2015-12-03 |
20150350160 | METHOD AND APPARATUS FOR DYNAMIC DETECTION OF GEO-LOCATION OBFUSCATION IN CLIENT-SERVER CONNECTIONS THROUGH AN IP TUNNEL - Methods and systems are disclosed for dynamic detection of fraudulent client connections to a server, in which, for example, the connection is made using an internet protocol (IP) tunneling technology such as networking on a virtual private network (VPN) and making the connection via a VPN tunnel in order to obfuscate the client IP address, in which a user of a client device may employ spoofing of IP-geo location mechanisms and IP classification on the server side. Such a user may have various motivations for obfuscating the client device's geo-location by using an IP tunnel when connecting to a server such as gaining access to services that are not allowed in certain locations (e.g., certain movie and television content providers); browsing server data while maintaining a higher level of anonymity; and performing fraudulent actions on the server. | 2015-12-03 |
20150350161 | Network Traffic Analysis to Enhance Rule-Based Network Security - A method of interpreting a rule and a rule-interpreting apparatus for rule-based security apparatus, and an apparatus implementing the method. The method comprises the following steps: designating a suspicious timeslot; if any packet does not present in the designated timeslot, capturing current incoming packets or capturing other incoming packets in the designated timeslot next time; automatically associating the packets in the designated timeslot to form at least one traffic flow corresponding to a connection or call; analyzing the at least one traffic flow to select at least one suspicious target traffic flow; and outputting the at least one selected suspicious target flow. | 2015-12-03 |
20150350162 | CONTENT FILTERING OF REMOTE FILE-SYSTEM ACCESS PROTOCOLS - Methods and systems for content filtering of remote file-system access protocols are provided. According to one embodiment, a proxy, implemented within a network gateway device of a private network, monitors remote file-system access protocol sessions involving client computer systems and a server computer system associated with the private network. For each file on a share of the server computer system being accessed by one or more of the client computer systems: (i) a shared holding buffer corresponding to the file is created within a shared memory of the network gateway device; (ii) data being read from or written to the file by the monitored remote file-system access protocol sessions is buffered into the shared holding buffer; and (iii) responsive to a predetermined event, content filtering is performed on the shared holding buffer to determine whether malicious, dangerous or unauthorized content is contained within the shared holding buffer. | 2015-12-03 |
20150350163 | SYSTEM AND METHOD FOR INITIATING PROTECTED INSTANT MESSAGING CONVERSATIONS - A system and method are provided for initiating protected instant messaging conversations. The method includes enabling a shared secret to be sent to a contact to initiate a key exchange to protect messages exchanged in an instant messaging conversation, the shared secret being sent using a communication medium other than instant messaging. After the shared secret has been sent, the method includes displaying a pending protected instant messaging conversation user interface prior to receiving a confirmation associated with receipt of the shared secret by the contact, the pending protected instant messaging conversation user interface comprising an option to resend the shared secret. | 2015-12-03 |
20150350164 | INTELLIGENT CARD SECURE COMMUNICATION METHOD - The present invention relates to the field of information security. Disclosed is an intelligent card secure communication method, capable of preventing the communication data from being monitored or intercepted. The method of the present invention provides a card with a definitely secure communication mechanism, initiates a session for the two communication parties to authenticate each other, and to check the identification legitimacy of the other party and the integrity of communication data, and provides a security constraint for subsequent communication, thus improving communication security. | 2015-12-03 |
20150350165 | SYSTEM AND METHOD FOR DYNAMICALLY ALLOCATING RESOURCES - A computer network has a number of resources. One or more trusted localisation provider certifies the location of the resources. Encrypted data is closely associated with a policy package defining privacy policies for the data and metapolicies for their selection. A trusted privacy service enforces the privacy policies. The trusted privacy service is arranged to supply a key to a resource to allow that resource to process data if the trusted privacy service determines from the trusted localisation provider certifying the location and other contextual information of the resource that the privacy policy allows processing of the data on that resource in that location. | 2015-12-03 |
20150350166 | METHODS AND SYSTEMS OF COMMUNICATING ANONYMOUSLY FOR ENHANCED NETWORKING BY USING SPECIFIC LOCATIONS WITHIN A SPECIFIC RANGE OF DISTANCE - A method and system for robust social networking enabling a subscriber to anonymously communicate with other anonymous subscribers when the subscriber is located within a specific geographical area with other subscribers. The method and system also restrict the subscriber to only view the data transmitted by other subscribers if the subscriber is not located within the specific geographical area with these other subscribers. That is, if the subscriber is not located within the specific geographical area with other subscribers who transmit the data, the method and system will not permit the subscriber to post the subscriber's own messages in response to the data posted by other subscribers. However, the subscriber can rate the data posted by other subscribers even if the subscriber is outside the specific geographical area. | 2015-12-03 |
20150350167 | SYSTEMS AND METHODS FOR SECURE COMMUNICATION OVER A NETWORK USING A LINKING ADDRESS - Systems and methods for secure communication over a network using a linking address. Systems for secure communication may include a computer system in electronic communication over a network with a plurality of electronic devices, a database in electronic communication with the computer system, the database configured to electronically store at least a linking address and an associated payload of a data packet, an engine stored on and executed by the computer system, the engine electronically receiving a data packet over the network from a first electronic device, processing the data packet to identify a linking address and a payload, the linking address being at least 32 bit, storing the linking address and payload in the database, electronically receiving a query from a second electronic device, the second electronic device identifying the linking address, and electronically transmitting the data packet over the network to the second electronic device. | 2015-12-03 |
20150350168 | USER AND DEVICE AUTHENTICATION IN ENTERPRISE SYSTEMS - Methods and systems for authenticating users of client devices to allow access of resources and services in enterprise systems are described herein. An authentication device may validate a user based on authentication credentials received from a client device. Validation data stored by the authentication device, and a corresponding access token transmitted to the client device, may be used to authenticate the user for future resource access requests. A user secret also may be stored by the authentication device and used to validate the user for future resource access requests. Additionally, after validating a user with a first set of authentication credentials, additional sets of credentials for the user may be retrieved and stored at an access gateway for future requests to access other services or resources in an enterprise system. | 2015-12-03 |
20150350169 | METHOD FOR THE AUTHENTICATION OF APPLICATIONS - Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyses and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application. | 2015-12-03 |
20150350170 | Secure authentication of mobile users with no connectivity between authentication service and requesting entity - A method and system for secure authentication of a mobile device user in the absence of a connection between the authentication service and the entity that is requesting authentication. A mobile device scans and decodes a signal that is presented as a challenge whereby the mobile device obtains response requirements of the challenge. The mobile device transmits encrypted and signed response information to the authentication service for authentication, re-encryption and transmission to the presenting device as an encrypted, authenticated response to the initial challenge. | 2015-12-03 |
20150350171 | SEMI-DETERMINISTIC DIGITAL SIGNATURE GENERATION - Various features pertain to digital signatures for use in signing messages. In one aspect, a digital signature is generated based on a nonce derived using a per-message salt value, particularly a salt selected to provide a semi-deterministic nonce (i.e. a nonce that is neither fully deterministic nor completely random.) In one example, the nonce is generated by concatenating the salt value with a long-term private key and then applying the result to a key derivation function along with a hash of the message to be signed. The salt value may be, e.g., a counter, a context-specific message or may be randomly generated within a restricted range of values (relative to a full range of values associated with the particular digital signature generation protocol used to generate a digital signature from the nonce.) | 2015-12-03 |
20150350172 | ENCRYPTION ON COMPUTING DEVICE - A first component of a cryptographic key is received from a user via a user interface of a user computing device. A second component of the cryptographic key is received via a short-range communication interface that communicatively couples the user computing device to a physically separate storage device. The cryptographic key is generated based at least on the first component and the second component. The cryptographic key is then used to encrypt and/or decrypt data. | 2015-12-03 |
20150350173 | AUTOMATING AUTHENTICATION WITH MULTI-CHANNEL MEDIA DISTRIBUTORS - In some embodiments, a processing device extracts a cookie from a first media application that is prevented from providing the cookie to a second media application. The cookie includes authentication information that is associated with an authentication of the first media application with a multi-channel media distributor for accessing a first media channel. The processing device copies the extracted cookie to a shared storage resource that is accessible to both the first media application and the second media application. In response to the second media application accessing a second media channel, the processing device retrieves the extracted cookie from the shared storage resource. The second media application provides the authentication information from the extracted cookie to the multi-channel media distributor for authenticating the second media application to access the second media channel. | 2015-12-03 |
20150350174 | CONTROLLING APPLICATION PROGRAMMING INTERFACE TRANSACTIONS BASED ON CONTENT OF EARLIER TRANSACTIONS - Some aspects of the present disclosure operate an application programming interface (API) risk assessment equipment. An API transaction request is received from an application processed by a source node. A risk assessment score is generated based on comparison of content of the API transaction request to content of earlier API transaction requests. The risk assessment score indicates trustworthiness of the API transaction request. Deliverability of the API transaction request to a destination node for processing is controlled based on the risk assessment score. | 2015-12-03 |
20150350175 | Multi-factor secure appliance decommissioning - A network-based appliance includes a mechanism to erase data on the appliance's local storage. The appliance's normal system reset operation is overridden to enable a local user to place the appliance into a safe mode during which remote erasure of the storage is permitted, provided that mode is entered within a first time period following initiation of a system reset. If the appliance is placed in the mode within the time period, it can then receive commands to wipe the local storage. Once the safe mode is entered by detecting one or more actions of a local user, preferably the appliance data itself is wiped by another person or entity that is remote from the device. Thus, physical (local) presence to the appliance is necessary to place the device in the safe mode, while non-physical (remote) presence with respect to the appliance enables actual wiping of the storage device. | 2015-12-03 |
20150350176 | VEHICLE NETWORK AUTHENTICATION SYSTEM, AND VEHICLE NETWORK AUTHENTICATION METHOD - Provided is a vehicle network authentication system such that processing by a vehicle control device can be smoothed while security of communication using dummy data is maintained. A vehicle control device as an authenticating entity is provided with an authentication unit that allocates authority in accordance with the amount of authentication of data for authentication transmitted from a vehicle control device as an authenticated entity. The vehicle control device includes an authentication data generation unit that generates the data for authentication, a data division unit that divides the generated data for authentication, and a dummy data addition unit that adds dummy data as data that is transmitted to a vehicle network together with the data for authentication. | 2015-12-03 |
20150350177 | MANAGEMENT OF CREDENTIALS ON AN ELECTRONIC DEVICE USING AN ONLINE RESOURCE - Systems, methods, and computer-readable media for using an online resource to manage credentials on an electronic device are provided. In one example embodiment, a method, at an electronic device, includes, inter alia, receiving account data via an online resource, accessing commerce credential status data from a secure element of the electronic device, providing initial credential management option data via the online resource based on the received account data and based on the accessed commerce credential status data, in response to the providing, receiving a selection of an initial credential management option via the online resource, and changing the status of a credential on the secure element based on the received selection. Additional embodiments are also provided. | 2015-12-03 |
20150350178 | System and Method for Secure Login, and Apparatus for Same - Disclosed is a safe log-in system and method for allowing log-in of a user in association with a plurality of devices, and an apparatus for the same. The safe log-in method for allowing a safe log-in of a communication device which accesses a web site includes, by an authentication data providing device, determining whether the authentication data providing device and the communication device are located at the same place; by the authentication data providing device, acquiring authentication-related data of the communication device when the authentication data providing device and the communication device are located at the same place as a result of the determination; and by the authentication data providing device, providing the acquired authentication-related data to the communication device or the web site. | 2015-12-03 |
20150350179 | AUTHORITY TRANSFER SYSTEM, METHOD, AND AUTHENTICATION SERVER SYSTEM - An authority transfer system includes a determination unit configured to determine whether a domain of a service and a domain of an endpoint for allowing a client to acquire authority information are a same domain. An issue unit issues the authority information indicating that an authority of a user with respect to the service is transferred to the client without receiving an instruction to permit a transfer of the authority of the user with respect to the service to the client, if the two domains are determined to be the same domain by the determination unit. | 2015-12-03 |
20150350180 | PERSONAL AREA NETWORK - An entity may store various levels of sensitive and personal data in a secure computing environment. The entity may create permission rules which allow the data to be shared or not shared depending on the circumstances and situation. As an entity such as a human moves through life, the entity may be in touch with numerous electronic devices that act like sensors. The entity may share a token which may allow a sensor or operator of the sensor to access various levels of the sensitive data stored in the secure computing environment. | 2015-12-03 |
20150350181 | CLIENT/SERVER AUTHENTICATION USING DYNAMIC CREDENTIALS - In an embodiment, a method comprises intercepting, from a first computer, a first set of instructions that define one or more original operations, which are configured to cause one or more requests to be sent if executed by a client computer; modifying the first set of instructions to produce a modified set of instructions, which are configured to cause a credential to be included in the one or more requests sent if executed by the client computer; rendering a second set of instructions comprising the modified set of instructions and one or more credential-morphing-instructions, wherein the one or more credential-morphing-instructions define one or more credential-morphing operations, which are configured to cause the client computer to update the credential over time if executed; sending the second set of instructions to a second computer. | 2015-12-03 |
20150350182 | SYSTEMS AND METHODS FOR SECURELY ACCESSING PROGRAMMABLE DEVICES - According to various aspects and embodiments, a system including a programmable device is provided. The programmable device includes a memory storing an identifier of an authentication session and at least one processor coupled to the memory. The at least one processor is configured to receive an authentication credential, decode the authentication credential to access a session identifier and information associated with a requestor of the authentication credential, determine whether the session identifier matches the identifier of the authentication session, and grant the requestor access to protected functionality of the programmable device if the session identifier matches the identifier of the authentication session. | 2015-12-03 |
20150350183 | Internetwork Authentication - A technique for network authentication interoperability involves initiating an authentication procedure on a first network, authenticating on a second network, and allowing access at the first network. The technique can include filtering access to a network, thereby restricting access to users with acceptable credentials. Offering a service that incorporates these techniques can enable incorporation of the techniques into an existing system with minimal impact to network configuration. | 2015-12-03 |
20150350184 | SEAMLESS REMOTE STORAGE OF UNIFORMLY ENCRYPTED DATA FOR DIVERSE PLATFORMS AND DEVICES - A way of providing seamless remote data storage and access with a universal encryption key is provided. Data may be able to be uploaded from and/or downloaded to a variety of user devices and/or types of user devices. During transfer of data, a secure communication channel may be established between a user device and a destination storage. Data may be compressed and/or encrypted before being passed to the destination storage. Such compression and/or encryption may be performed at the user device or an intermediate processing module. Likewise, when downloading data, the data may be decompressed and/or decrypted before being made available to a destination user device. Such decompression and/or decryption may be performed at the destination device or the intermediate processing module. In any case, the universal encryption key may be utilized by all user devices to generate uniformly encrypted data. | 2015-12-03 |
20150350185 | SYSTEM AND METHOD USING SINGLE ENTRY PASSKEY FOR PAIRING MULTIPLE PERIPHERAL DEVICES - A system for pairing a plurality of peripheral devices is disclosed, and includes a portable electronic device and a plurality of peripheral devices in wireless communication with the portable electronic device. The portable electronic device includes a processor and memory. The processor is configured to execute an instruction for prompting a user to enter a passkey only once. The processor is also configured to execute an instruction which references the memory of the portable electronic device to determine if there is at least one peripheral device that is in wireless communication with the portable electronic device that is original. The processor is configured to execute an instruction for pairing the at least one peripheral device that is original together with the portable electronic device. | 2015-12-03 |
20150350186 | AUTHORIZATION TOKEN CACHE SYSTEM AND METHOD - A system includes one or more processors to request access tokens from a token service computer, cache the access tokens and related information in a token cache, transmit the access tokens with a resource request to a resource server, and receive requested resources in response to the resource request. The resource server transmits representations of requested resources to computing devices having valid tokens. The access tokens and related information including credentials information and token metadata are stored in the token cache. | 2015-12-03 |
20150350187 | SERVICE ACCOUNT ACCESS - A computer system detects an external media device and determines the external media device contains authentication data for the computer system. In response, a first password is generated based on an identifier unique to the computer system. A prompt is displayed for a second password obtained from a service provider. The second password is received through an input device. The computer system provides access to the service account if the second password matches the first password. | 2015-12-03 |
20150350188 | RESOURCE ACCESS CONTROL FOR VIRTUAL MACHINES - To provide enhanced operation of virtualized computing systems, various systems, apparatuses, methods, and software are provided herein. In a first example, a method of operating a computing system to control access to data resources by virtual machines is provided. The method includes receiving an access token and an instantiation command from an end user system. Responsive to the instantiation command, the method includes instantiating a virtual machine identified by the instantiation command using the access token as user data for the virtual machine during instantiation. The method also includes, in the virtual machine, executing a security module responsive to instantiation that transfers the access token for delivery to an authorization system, receiving credentials responsive to the access token, and accessing a data resource using the credentials. | 2015-12-03 |
20150350189 | METHOD, SYSTEM AND APPARATUS FOR ENHANCING SECURITY OF BEACON DEVICE - A method, system and apparatus for enhancing the security of a beacon device are herein disclosed. A service device includes a service communication unit and a service control unit. The service communication unit communicates with at least one terminal and a beacon device, and transmits and receives data required to enhance the security of the beacon device. The service control unit performs control so as to receive pieces of identification information from the terminal and the beacon device, to check the received pieces of identification information and then perform validation based on the times at which the pieces of identification information have been generated and whether authentication keys match each other, to extract service information in response to the result of the validation, and to transmit the extracted service information to the terminal. | 2015-12-03 |
20150350190 | ELECTRONIC DEVICE AND PASSWORD AUTHENTICATION METHOD FOR ELECTRONIC DEVICE - A password authentication method for an electronic device and an electronic device is provided. The method comprises: receiving by the electronic device an input password, in which the input password is an n-bit character string and n≧1; comparing by the electronic device characters of the input password with corresponding characters of a pre-stored correct password bit by bit in sequence or randomly; and providing by the electronic device a comparison result at a predetermined feedback time or a random feedback time, in which each of the predetermined feedback time and the random feedback time is not less than a total time required to compare the n-bit character string of the input password. | 2015-12-03 |
20150350191 | Method and Apparatus for Managing Passcode - An apparatus for managing a passcode comprises: one or more processors; a memory; and one or more programs stored in the memory and configured to be executed by said one or more processors. The program comprises: a storage module for storing passcode management data; an input window module for displaying the input window on which multiple key buttons are arranged; a combination code generating module for checking the code corresponding to each inputted key button in the code table included in the passcode management data, when the key button is inputted via the input window, and generating a combination code by combining each checked code; and a passcode acquiring module for receiving the passcode with a set storage address from a passcode storage server based on the generated combination code. | 2015-12-03 |
20150350192 | Dynamic Secure Login Authentication - A system for performing a secured transaction using a network including a server in communication with the network is provided. The server has a processor and a memory to store private account information from registered users and store commands that when executed by the processor cause the server to perform a method including: providing a login configuration to a user, including a matrix of dynamic symbols; determining an expected password for the user based on a trace pattern from the user and the symbols in the matrix; receiving a password from the user; and determining whether the password matches the expected password. A non-transitory machine-readable medium including a plurality of machine-readable instructions which when executed by one or more processors of a server controlled by a service provider are adapted to cause the server to perform a method as above is also provided. | 2015-12-03 |
20150350193 | AUTHENTICATION INFORMATION THEFT DETECTION METHOD, AUTHENTICATION INFORMATION THEFT DETECTION DEVICE, AND COMPUTER-READABLE RECORDING MEDIUM STORING PROGRAM FOR THE SAME - The method is for detecting theft of authentication information for a communication device that provides a service for a user. The method includes storing, for each log-in request, a record of information on a log-in request source, authentication information that the log-in request source submits to the communication device when the log-in is performed, and information indicating a success or failure of the log-in using the authentication information; receiving information on an attack source against the communication device, from a management device of a network in which the communication device exists; determining that authentication information in the record is stolen by the attack source when information that indicates success of the log-in is stored in the record, the record including information on the log-in request source which is matched with the information on the attack source; and outputting the authentication information that is determined to be stolen. | 2015-12-03 |
20150350194 | SYSTEMS, METHODS, AND SOFTWARE TO PROVIDE ACCESS CONTROL IN CLOUD COMPUTING ENVIRONMENTS - An access control service to provide access control for operations between resources and/or between resources and users in a cloud computing environment. The access control service receives a request to perform an operation. The requested operation could be initiated by a resource with respect to another resource. The requested operation could also be initiated by a user with respect to a resource. The access control service determines whether the requested operation is permitted. If the requested operation is permitted, the access control service provides the credentials required to perform the requested operation. | 2015-12-03 |
20150350195 | SEAMLESS AUTHENTICATION MECHANISM FOR USER PROCESSES AND WEB SERVICES RESIDING ON COMMON HOST - Techniques are presented herein for authenticating local process to a web service, both executing on a common host computer server. The local process may present a self-signed certificate to the web service. In response, the web service may identify a file system directory on the first computer server containing a file storing the self-signed certificate. If the subject information identifying the owner of the process matches file system metadata indicating an owner of the file, then the web service may consider the process as being authenticated to the web service. | 2015-12-03 |
20150350196 | TERMINAL AUTHENTICATION SYSTEM, SERVER DEVICE, AND TERMINAL AUTHENTICATION METHOD - Provided is a terminal authentication system including a client terminal and a server device. The client terminal transmits first information based on secret information different for each client terminal and a client certificate including a hash value of the secret information which is derived from the secret information, to a server device. The server device receives the first information and the client certificate, derives a hash value from the secret information based on the first information using a unidirectional function, and authenticates the client terminal on the basis of the derived hash value and the hash value of the secret information which is included in the client certificate. | 2015-12-03 |
20150350197 | SIGNATURE VERIFICATION SYSTEM, COMMUNICATION DEVICE, VERIFICATION DEVICE, SIGNATURE GENERATION METHOD, AND SIGNATURE VERFICATION METHOD - Provided is a signature verification system including a communication device and a verification device. The communication device and the verification device are connected to each other through a network. The communication device derives a first hash value from a first random number, derives a second hash value from data including electronic data and a certificate of the communication device which includes the first hash value and a public key of the communication device, using a unidirectional function, generates a signature using a secret key of the communication device with respect to the second hash value, and transmits the electronic data, the certificate, and the signature to the verification device. The verification device receives the electronic data, the certificate, and the signature, authenticates the communication device using the first hash value included in the certificate, derives the second hash value from the data including the electronic data and the certificate using a unidirectional function, and verifies the signature using the public key of the communication device and the derived second hash value which are included in the certificate. | 2015-12-03 |
20150350198 | METHOD AND SYSTEM FOR CREATING A CERTIFICATE TO AUTHENTICATE A USER IDENTITY - A method for creating a certificate to authenticate a user identity at a web browser includes receiving a login request including a first user identity for a user and generating a first browser-signed certificate using public and secret keys associating the first user identity to the web browser. The first browser-signed certificate is sent to a first identity provider server and in response a first server-signed certificate is received from the first identity provider server. The first server-signed certificate associates the first user identity to the first identity provider server. A final certificate is generated by merging the first browser-signed certificate with the first server-signed certificate. | 2015-12-03 |
20150350199 | SECURE ACCESS SYSTEM AND OPERATING METHOD THEREOF - A method of operating a secure access module (SAM) includes receiving an operation parameter via a terminal from a management server, the operation parameter including a registered value indicating a permissible range for operation of the SAM, receiving an authentication request for providing a card-related service from the terminal when a corresponding card is coupled to the terminal, determining whether the SAM is within the permissible range for operation in response to the authentication request, and transmitting information on a determination result to the terminal. | 2015-12-03 |
20150350200 | BIOMETRIC FRAMEWORK ALLOWING INDEPENDENT APPLICATION CONTROL - Generation and segregation of mobile device biometric application template storage is described. Applications request a memory domain within mobile device storage for storing enrolled templates in the domain. The application calls a secure API associated with the biometric driver and software of the mobile device. As a result, the biometric driver and software does not search a number of domains to locate the enrolled templates that correspond to the mobile application or search all enrolled templates stored in memory. The mobile device applications maintain control of the storage domain and the template. The enrolled template may only be deleted through the controlling mobile device application. | 2015-12-03 |
20150350201 | SYSTEMS AND METHODS FOR USING WEARABLE TECHNOLOGY FOR BIOMETRIC-BASED RECOMMENDATIONS - Methods and systems are disclosed herein for determining a biometric state of a user or an emotional state of a user. Based on the determined biometric state or emotional state, a determination is made whether information about a location is restricted. In response to determining that information about a location is restricted, a portion of the information about the location is identified, and access to the portion of the information is disabled. | 2015-12-03 |
20150350202 | Processing Method For Piecing Together Fingerprint Based on Mobile Terminal and Mobile Terminal - A processing method for piecing together a fingerprint based on a mobile terminal and a mobile terminal are disclosed. The method includes: acquiring fingerprint information of a user via a fingerprint multiplexing button; comparing the fingerprint information of the user with fingerprint information which is stored in advance; unlocking the mobile terminal if the fingerprint information of the user matches the fingerprint information which is stored in advance; and locking the mobile terminal and prompting the current operating user to re-input fingerprint information to unlock the mobile terminal if the fingerprint information of the current operating user is inconsistent with the fingerprint information which is stored in advance. When the user utilizes the mobile terminal, a fingerprint match is performed. If different, the mobile terminal is locked for increasing the safety of the information. | 2015-12-03 |
20150350203 | MOBILE DEVICE, METHOD OF AUTHENTICATING A USER, COMPUTER PROGRAM, ARTICLE OF MANUFACTURE, DISPLAY - There is disclosed a mobile device comprising a processing unit for executing a host application, a user-interactive display and an authentication unit; wherein the authentication unit is arranged to receive an authentication request from the host application; wherein the authentication unit is arranged to cause the display to show a set of pictures in response to receiving the authentication request; wherein the authentication unit is further arranged to identify a selection of at least one picture from said set of pictures; and wherein the authentication unit is further arranged to initiate a verification of said identified selection. Furthermore, a corresponding method of authenticating a user is disclosed, as well as a corresponding computer program, an article of manufacture and a display. | 2015-12-03 |
20150350204 | CLOUD-BASED DEVICE AUTHENTICATION - System, apparatus, and methods for authenticating a device for access to a server. The method includes receiving a set of device-specific attributes from the device as a part of a device registration process, storing the set of device-specific attributes in a device attribute storage, and receiving a request to perform an operation using the device and involving the server. The method further includes transmitting a set of device-specific challenge questions derived from the set of device-specific attributes to the device, receiving responses to the set of device-specific challenge questions from the device, confirming that the responses each conform to the set of device-specific attributes, and enabling the operation involving the server. | 2015-12-03 |
20150350205 | CONTENT URL AUTHENTICATION FOR DASH - Technology for content uniform resource locator (URL) authentication for dynamic adaptive streaming over hypertext transfer protocol (HTTP) (DASH) is disclosed. In an example, a client device can include computer circuitry configured to: Receive a URL authentication key indicator and a content URL signature indicator from a server; generate a calculated URL signature for a URL in a DASH media presentation description (MPD) from the URL authentication key indicator; request the DASH segment when the calculated URL signature matches the received content URL signature, thereby authenticating content URL; and receive a DASH segment using the authenticated content URL. The received content URL signature is derived at the server from the content URL contained within the DASH segment URL. | 2015-12-03 |
20150350206 | STORAGE SYSTEM AND METHOD FOR PERFORMING SECURE WRITE PROTECT THEREOF - A storage system includes a host configured to provide a request for setting or clearing secure write protection; and a storage device including a register, the register including fields that store information for controlling write protection attributes and a secure mode of the storage device, the storage device being configured to authenticate a request of the host when the secure mode is enabled, wherein the storage device is configured set or clear the secure write protection based on the request of the host when the storage device authenticates the request of the host, wherein after the secure mode is set, the storage device restricts an access of an unauthenticated host for setting and clearing write protection, and wherein the register comprises a secure write protection (WP) configuration masking field for controlling register fields of the register that are associated with write protection. | 2015-12-03 |
20150350207 | METHOD AND APPARATUS FOR PROVIDING SECURITY FUNCTION - A method for providing a security function includes obtaining a request for executing a function of application through an electronic device if the electronic device is located within a predetermined distance from a user, identifying a success or failure of a first authentication which is previously performed for the user in response to the request, and determining whether to perform a second authentication for executing the function of the application based on the success or failure of the first authentication, wherein determining whether to perform the second authentication comprises performing the second authentication by using a security level lower than a security level related to the first authentication if the success of the first authentication is identified. An electronic device includes a processor configured to determine a success or failure of a first authentication, and decide whether to perform a second authentication with a second security level for executing the function. | 2015-12-03 |
20150350208 | TOKEN SERVER-BASED SYSTEM AND METHODOLOGY PROVIDING USER AUTHENTICATION AND VERIFICATION FOR ONLINE SECURED SYSTEMS - One embodiment of the invention could be a method of authenticating a requesting party's request to access to a secure system or website as entity authorized to access the secure system or website, the method comprising of the following steps: sending via a first communication network from the secure system or website an user authentication request associated with an identifier for an authorized user's communication device; receiving by the token server user the user authentication request, generating a token by the token server, transmitting the token via a second an different communication network to user's communication device, using a receipt by the token server of the token sent back by the user's communication device to determine whether or not a requesting entity of the secure system or website is an entity authorized by the secure system or website to access the secure system or website | 2015-12-03 |
20150350209 | AUTHORITY DELEGATION SYSTEM, METHOD, AUTHENTICATION SERVER SYSTEM, AND STORAGE MEDIUM THEREFOR - There is provided an authority delegation system capable of issuing, in a case where an identifier of a user is associated with an identifier of a client, authority information indicating that an authority of the user has been delegated to the client without receiving an instruction for authorizing the authority of the user on the service to be delegated to the client. | 2015-12-03 |
20150350210 | ADVANCED PROOFS OF KNOWLEDGE FOR THE WEB - Embodiments described herein relate to a server computer operable to provide a proof of knowledge service. In some embodiments, the server computer includes processor(s) and memory containing instructions executable by the processor(s) such that the server computer is operable to authenticate a user on behalf of a relying party server. The server computer is further operable to obtain results of one or more tests from a client device of the user. The server computer is further operable to send one or more instructions to the relying party server in accordance with the results of the one or more tests, where the one or more instructions have been predefined by the user and define one or more actions to be taken by the relying party server in an event where the user does not pass the one or more tests. | 2015-12-03 |
20150350211 | SECURELY INTEGRATING THIRD-PARTY APPLICATIONS WITH BANKING SYSTEMS - Systems and methods enable third-party applications and devices to interface with financial service provider computer networks in a secure, compliant manner. In one embodiment, an interface computing device connected to a provider computer network transmits a registration request message to a custodian. The interface computing device receives a registration request response message from the custodian indicating whether the registration request was approved or denied. The interface computing device receives a data request message requesting data stored on the provider computer network. The interface competing device gathers data stored on the provider computer network, sanitizes the data, and generates a response communication using the sanitized data. | 2015-12-03 |
20150350212 | METHODS AND SYSTEMS FOR AUTHORIZING WEB SERVICE REQUESTS - Systems and methods for authorizing web service requests. In some embodiments, a computer-implemented method includes receiving a web service request having an authorization header and business code, authenticating a Security Assertion Markup Language (SAML) token included in the authorization header and constructing a security context based on attributes of the SAML token. The process also includes passing the security context to an authorization interceptor to interact with a policy information point (PIP) and a policy decision point (PDP), receiving a permit response, and then authorizing the web services request. In some implementations, the requested web service is then transmitted to the client computer that requested the web service. | 2015-12-03 |
20150350213 | SELECTIVELY PROTECTING VALID LINKS TO PAGES OF A WEB SITE - In an embodiment, a method comprises intercepting, using a server computer, a first set of instructions that define a user interface and a plurality of links, wherein each link in the plurality of links is associated with a target page, and the plurality of links includes a first link; determining that the first link, which references a first target page, is protected; in response to determining the first link is protected: generating a first protected link that is different than the first link and includes first data that authenticates a first request that has been generated based on the first protected link and that references the first target page; and generating a first decoy link that includes second data that references a first decoy page and not the first target page; rendering a second set of instructions comprising the first protected link and the first decoy link, but not the first link, and which is configured to cause a first client computer to present the first protected link in the user interface and hide the first decoy link from the user interface; sending the second set of instructions to the first client computer. | 2015-12-03 |
20150350214 | INDIVIDUALIZED AUDIT LOG ACCESS CONTROL FOR VIRTUAL MACHINES - To provide enhanced operation of computing systems to control access to audit logging resources by virtual machines, various systems, apparatuses, methods, and software are provided herein. In a first example, a method of operating a computing system is provided. The method includes receiving requests for audit credentials from virtual machines, and responsively providing individualized audit credentials to the virtual machines based at least on identities of the virtual machines. The method also includes, in the audit system, authorizing storage of audit data transferred by the virtual machines based at least on the individualized audit credentials accompanying the audit data. The method also includes, in the authorization system, selectively de-authorizing one or more of the virtual machines and reporting information regarding the de-authorized one or more of the virtual machines to the one or more audit systems. | 2015-12-03 |
20150350215 | METHOD AND TERMINAL DEVICE FOR KID MODE - The disclosure relates to a method and a terminal device for processing an application in a kid mode, and the disclosure belongs to the field of Internet technology. The method includes receiving a list of allowed functions or a list of prohibited functions of a target application from a first terminal device, determining allowed functions in the target application according to the list of allowed functions or the list of prohibited functions, and displaying the allowed functions in a kid mode of the target application. Therefore, according to the present disclosure, normal usage of applications is not affected in the kid mode. | 2015-12-03 |