1485 results about "Secure state" patented technology

A method and system for automated identification of phishing, phony, and malicious web sites are disclosed. According to one embodiment, a computer implemented method, comprises receiving a first input, the first input including a universal resource locator (URL) for a webpage. A second input is received, the second input including feedback information related to the webpage, the feedback information including an indication designating the webpage as safe or unsafe. A third input is received from a database, the third input including reputation information related to the webpage. Data is extracted from the webpage. A safety status is determined for the webpage, including whether the webpage is hazardous by using a threat score for the webpage and the second input, wherein calculating the threat score includes analyzing the extracted data from the webpage. The safety status for the webpage is reported.

The present invention extends to trusted third party authentication for Web services. Web services trust and delegate user authentication responsibility to a trusted third party that acts as an identity provider for the trusting Web services. The trusted third party authenticates users through common authentication mechanisms, such as, for example, username/password and X.509 certificates and uses initial user authentication to bootstrap subsequent secure sessions with Web services. Web services construct user identity context using a service session token issued by the trusted third party and reconstruct security states without having to use a service-side distributed cache.

Systems and methods for use with a service provider and a consumer electronic device include a trusted remote attestation agent (TRAA) configured to perform a set of checking procedures or mechanisms to help ensure the security status of a consumer electronic device (e.g., a mobile terminal or phone) that holds financial instruments. The checking procedures may include: self-verifying integrity by the TRAA; checking for presence of a provisioning SIM card (one that was present when the financial instruments were enabled on the device); checking that a communication connection between the consumer electronic device and the service provider is available and active; and checking that communication connectivity to a home mobile network is available and active. The frequency of the checking mechanisms may be adjusted, for example, according to a risk-profile of a user associated with the device or the location (e.g., GPS location) of the device. The checks may be used, for example, to temporarily disable or limit the use of the financial instruments from the device.

The invention provides a system for determining a vehicle security status and providing the status to the vehicle driver using a key fob wirelessly connected to a telematics unit located within the vehicle. A method for providing security status includes providing a key fob in wireless communication with a vehicle, the key fob including a status indicator, receiving sensor signals of vehicle components positions at the vehicle telematics unit determining whether the vehicle components positions are in an unsecured status position, sending a notification signal based on the determination from the vehicle telematics unit to the key fob and activating the status indicator of the key fob based on the notification.

The invention relates to a method for evaluating the security situation of a network and a system thereof. The system has a two-surface three-level framework and is provided with a public service surface and a service management surface for executing uniform coordinated management on each functional module of the system; according to a service logic processing flow, the system is divided into three levels: an acquisition level, an analysis level and an exhibition level for completing four evaluating operations of assets, frangibility, threat and security situation; the invention is based on the characteristic of service operation in the network, combines the prior risk evaluation method, the prior flow and the prior security detection tool and provides a set of a novel dynamic real-time evaluation method. The system can analyze the assets and service of the network and the risk of the whole network and carries out the evaluation of the security situation. The system can provide the security state of the whole network in macroscopy, can deepen to specific service and assets and know the specific security problem, thereby effectively helping network security personnel to analyze the root of the security problem and assisting to provide a security solution proposal and implement a defense measure.

A vehicle security system for a vehicle equipped with a passive keyless entry/passive start (PEPS) security system including a nomadic device configured to determine a present location of the nomadic device (e.g. key fob, smart phone), and a controller configured to control a security-status based on the present location. The controller determines the security status based on the proximity of the nomadic device in order to thwart theft of the vehicle using a relay attack.

The present invention is directed to a train detection system for detecting the velocity, presence, and direction of a railroad car which may be utilized in existing railroad crossing installations. The train detection system is suitable for self-testing of its components and if an anomaly has been detected, the train detection system is capable of placing the system in a fail-safe state. The train detection system of the present invention is also capable of constant communication between the sensor of said system and the implementing device of the train detection system via a wireless link.

A system and method for ensuring that machines having invalid or corrupt states are restricted from accessing network resources are provided. A quarantine server located on a trusted machine in a network provides a bill of health to a quarantine agent located on a client computer that wishes to gain access to network resources administered by an organization. The quarantine agent requests bill of health from the quarantine server, and receives a manifest of checks that the client computer must perform. The quarantine agent then sends a status report on the checks back to the quarantine server. If the client computer is in a valid security state, the bill of health is issued to the client. If the client computer is in an invalid state, the client is directed to install the appropriate software/patches to achieve a valid state. When a client requests the use of network resources from a network administrator, the network administrator requests the client's bill of health. If the bill of health is valid, the client is admitted to the network. If the bill of health is invalid, or if the client does not have a quarantine agent, the client is placed in quarantine, in which the only network resources accessible to the client are those necessary to install the quarantine agent and requisite software/patches to achieve a valid state.

A method and apparatus are provided for network security based on a security status of a device. A security update status of a device is evaluated; and one or more of a plurality of security policies are selected to apply to the device based on the security update status. The available security philosophies may include, for example, a “protect the good” philosophy, an “encourage the busy” philosophy and a “shut off the non-compliant” philosophy. The security update status can evaluate, for example, a version level of one or more security features installed on the device or can be based on a flag indicating whether the device satisfies predefined criteria for maintaining one or more computer security protection features up-to-date.

A firewall system adapted for location outside the client machine, preferably in the same data processing device as the client machine but outside a virtual machine containing the client machine. Control logic of the firewall system receives incoming and outgoing connections from the network and client machine respectively. In response to a connection request initiating a connection between respective endpoints in the network and client machine, the control logic performs a security assessment comprising obtaining from at least one of the network and client machine information indicative of the security state of the endpoint therein, and allows or inhibits the connection in dependence on the result of the security assessment. The security assessment may be performed in accordance with a security policy of the system, and different security assessments may be performed for different connection requests in accordance with the security policy.

The invention discloses a safe state recognition system for people on the basis of machine vision, aiming to solve the problem that the corresponding intelligent control decision for the vehicle driving behaviour can not be formulated according to the safe state of the people in the prior art. The method comprises the following steps: collecting a vehicle-mounted dynamic video image; detecting and recognizing a pedestrian in an interested area in front of a vehicle; tracking a moving pedestrian; detecting and calculating the distance of pedestrian in front of the vehicle; and obtaining vehicle real-time speed; and recognizing the safe state of the pedestrian. The process of recognizing the safe state of the pedestrian comprises the following steps: building a critical conflict area; judging the safe state when the pedestrian is out of the conflict area in the relative moving process; and judging the safe state when the pedestrian is in the conflict area in the relative moving process. Whether the pedestrian enters a dangerous area can be predicted by the relative speed and the relative position of a motor vehicle and the pedestrian, which are obtained by a vision sensor in the above steps. The safe state recognition system can assist drivers in adopting measures to avoid colliding pedestrians.

The invention is directed to providing threat and risk analysis for a network that has a high degree of inter-relationships and interdependencies among the assets comprising it, using a “cut set” enumeration method. The identified cut sets are used as the basis to the threat and risk analysis, since each cut set may affect the traffic between two dependent assets in the network, and thereby affect the security state of the dependent assets themselves. The affected security state may be confidentiality, integrity, availability, or other network or security relevant parameter.

The invention relates to a safety monitoring early warning and safety management system of oil and gas extraction and gathering operations as well as a method thereof, belonging to the technique field of safety production monitoring and supervision, and the system is composed of a monitoring center arranged at an oil and gas extraction safety monitoring and management department and a plurality of on-site monitoring terminals disposed at all oil and gas extraction operation areas. The method comprises: collecting and transmitting safety-related parameter signals, video signals and audio signals in real time; implementing the analog-digital conversion or signal conversion and compression coding to the signals; then transmitting the signals to all hosts of the monitoring center; processing and analyzing the received three types of signal information by all the hosts and then carrying out the parameter monitoring, video monitoring and audio communication respectively; and outputting the processed three types of information to the spot for being controlled correspondingly. The invention can realize the risk assessment, dynamic intelligent monitoring, safety state analysis, accident early warning and alarming, safety guarantee control and safety management of the whole process of operations ranging from oil and gas extraction, heating, separation processing, storage to transportation for oil and gas production enterprises.

A network security control system includes: a network event generator for generating network events; a security event processing apparatus for collecting the network events from the network event generator via a network and processing the collected network events as a target data for visualization; and a visualization processing apparatus for visualizing the target data to display a security status as a third-dimensional (3D) visualization information on an organization basis.

An electronic lock box contains a secure compartment for storing keys to a structure. A linear actuator moves in one direction opening the door to the secure compartment, and moves in the opposite direction releasing a shackle that holds the lock box to the structure. A lock box system uses an encryption algorithm to diversify user PIN data at a central computer, and stores that diversified information on a memory card for later use when the user attempts to access a lock box. The central computer and electronic lock box both keep track of system “epoch time,” and the memory card must be presented to the electronic lock box within a correct epoch time window for the diversified PIN data to be successfully decrypted and compared to the user's PIN data that is entered on a keypad of the electronic lock box.

Methods and systems for increasing the security or trust associated with an untrusted device are provided. For example, a trusted hardware component may send a request to the untrusted device. The request may indicate one or more challenges to be performed by a secure application executing on the untrusted device. The trusted hardware component may determine an expected response to the one or more challenges. The expected response may be determined at the secure hardware component based on an expected configuration of the untrusted device. The trusted hardware component may receive a response to the request from the untrusted device. The trusted hardware component may determine a security status of the untrusted device based on the expected response and the received response