500 results about "Security question" patented technology

This invention relates to one software analyzer and its test method based on source codes static analysis, wherein the analysis device comprises five function modules of code analysis device, codes analysis engine, safety risk report device, safety rules database and user interface; this invention gets programs safety risk to user according to the source program and grammar and meanings and delivers the safety leak to the user for audit and evaluation.

The invention relates to a method for evaluating the security situation of a network and a system thereof. The system has a two-surface three-level framework and is provided with a public service surface and a service management surface for executing uniform coordinated management on each functional module of the system; according to a service logic processing flow, the system is divided into three levels: an acquisition level, an analysis level and an exhibition level for completing four evaluating operations of assets, frangibility, threat and security situation; the invention is based on the characteristic of service operation in the network, combines the prior risk evaluation method, the prior flow and the prior security detection tool and provides a set of a novel dynamic real-time evaluation method. The system can analyze the assets and service of the network and the risk of the whole network and carries out the evaluation of the security situation. The system can provide the security state of the whole network in macroscopy, can deepen to specific service and assets and know the specific security problem, thereby effectively helping network security personnel to analyze the root of the security problem and assisting to provide a security solution proposal and implement a defense measure.

A computer implemented method and system for providing to a user (a manager) the effectiveness of an entity (employee or group of employees) by analyzing emails, social network data, CRM, calendar data, audio/video data, typing speed, galvanic skin response, etc. The computer method captures, analyzes and displays communication volumes, response times, and sentiment metrics, enabling the user to understand the effectiveness of an entity, optimal use of resources, trends, customer contact, collaboration patterns, security issues, entity turnover, entity health, and ideal work environments.

Embodiments of the present invention relate to a method and system for detecting and/or mitigating domain name system (DNS) spoofing Trojan horse (or Trojan) code. Trojan code (sometimes called malware or malicious software) is a common computer security problem. Some Trojans modify the DNS resolution mechanism employed by the infected computer, such that the computer traffic, when browsing the Internet, is routed to a location not intended by the rightful owner of the computer. The present invention can detect this phenomenon from a remote device or location and may take action to mitigate its effects.

A method of securely accessing at a client device content from a server without using the non-volatile memory of the client device is disclosed. The bypassing of non-volatile memory lessens the security risk of unauthorized viewing of the server originated content. An transport mechanism is initiated on a client device and creates a document container. Downloaded documents from a server are mapped into the document container and saved within the document container in volatile memory. Substitute menus are generated within the container to replace application menus. User documents are saved directly to the originating server via the substitute menus. The downloaded copies in volatile memory automatically delete when the document container is destroyed thereby reducing security concerns of unauthorized viewing of the content at the client device.

An apparatus, system, and method are disclosed for validating users based on fuzzy logic. An interface with security questions is presented to a user who requires authentication. A typical scenario is authentication for password recovery. The interface comprises security questions for the user to answer. The security questions may be limited or unlimited response questions. The answers to the security questions are either scored using fuzzy logic, which may attribute a value between “1” and “0” based on similarity with the original, correct answer; or scored using digital logic. When fuzzy logic scoring is used, a similarity score is computed for each answer. The similarity score is compared against a similarity score threshold to either grant or deny access. An average similarity score is also computed for all answers and compared against an average similarity score threshold to either grant or deny access.

An invention that enables the use of human speech to remotely access, interrogate, control and obtain real time information from security devices in a facility or location. Wireless, or other network connectivity, mobile devices are used as the voice recognition system. These devices interface to a management system located at the facility or location under surveillance. The user is able to view the mobile display device and command the system using human voice. The system supports detecting and tracking security intrusions, controlling the security devices at the location, requesting changes to the display, obtaining status information of the system or any device, and communicating to others that may be accessing the system jointly. The invention also uses hierarchical maps to quickly identify security problems within an enterprise. The system uses real-time altered icons or element pictures that identify the status of that element at a quick glance. The organized use of hierarchical maps to quickly traverse to and identify particular security problems to include intrusions, alarms, failures, pending failures, etc. Intruder movement is also automatically tracked on or between maps.

A system and method for sharing items. A sharer may choose to share individual items, such as documents, contacts, and e-mails. To begin the sharing process, a user selects the items that are to be shared. The user then selects the sharees who the items are to be shared with, and the permissions that are to be assigned to the sharees. When items are to be shared, they are left in place on the sharer's machine, while the system ensures that the permissions are set, and any security issues are handled so that the sharees are able to access the items. In addition, the details of the sharing transactions may be tracked and recorded for later review. The sharer may also have the system send a link to the sharee for directly accessing the shared items from the sharer's machine. The sharee may also be able to query the sharer's machine to see what the sharer has shared out with the sharee.

Apparatus and techniques are provided for screening personnel at secured installations like airports, courthouses, police stations, secured administrative buildings, military installations and other installations requiring heightened security. The apparatus and the system integrate state of the art available technologies in biometric identification, metal detection, document identification, and body scan apparatus. All technologies are integrated to provide reliable, efficient and economic solution to security problems. A corresponding method of screening is provided.

The invention relates to a database security auditing method which comprises the following steps: acquiring database network communication data; parsing a database network communication protocol; carrying out self-learning digging on audit rules; detecting database risk event invasion; evaluating database user permissions; tracking the three-layer correlation of a primary user. The database security auditing method can be used for auditing and monitoring a database in real time, so that the automatic assessment, audit, protection and invasion detection operation can be realized; the method can be used for preventing, recording and tracking the complete database operation behavior so as to help an administrator to find out the internal safety problems of unauthorized use, privilege abuse, permission theft and the like of the database in time; furthermore, after the method is used, the outside attacks such as SQL (structured query language) injection and the like can be avoided.

Systems and methods are provided which enable client environments, such as corporate and government enterprises, to adopt an integrated, strategic approach to governance, risk and compliance. The systems described herein provide a “cloud-based” information security service that provides such enterprises with round-the-clock visibility into security issues and risks across the enterprise. An advanced security information and event management system, also referred to as an information assurance portal (IAP), is described, which enables client customers to select various services such as threat and vulnerability management, asset classification and tracking, and business threat and risk assessments through a software-as-a-service portal.

The invention discloses a security protection method and a security protection system for a mobile terminal application, and belongs to the field of terminal application security protection. The method comprises the steps that a mobile terminal equipment identity, a mobile subscriber identity and subscriber login information are sent to a server for registration during a registration course, and bound to form a subscriber identity; login information, the mobile terminal equipment identity and the mobile subscriber identity in the current subscriber identity are compared with the original subscriber identity in the server sequentially during a login course to determine information required to be updated; and updating is performed by authentication of the original mobile subscriber identity finally. According to the method and the system, a mobile terminal equipment information binding method is adopted, so that the security problems due to the fact that terminal equipment is updated, an SIM (Subscriber Identity Module) card number is replaced or the subscriber login information is stolen under the condition of single registration of a subscriber are solved, and the security and conveniences of the terminal application are improved.

A method, device and system of ID based wireless multi-hop network authentication access are provided, which are used for security application protocol when the WAPI frame method (TePA, Triple-Element and Peer Authentication based access control method) is applied over the specific network including the wireless LAN, wireless WAN and wireless private network. The method includes the following steps: defining non-controlled port and controlled port; the coordinator broadcasts the beacon frame, the terminal device sends the connection request command; the coordinator and the terminal device perform the authentication procedure; the coordinator opens the controlled port and sends the connection response command at the same time if the authentication is successful; the terminal device receives the connection response command and opens the controlled port in order to access the network. The method of the present invention solves the technical problem of the presence of the security trouble in the present wireless multi-hop network authentication access method, improves the security and performance of accessing the wireless multi-hop network from the terminal device, and ensures the communication safety between the terminal device and the coordinator.

The invention discloses a method and device for repairing cheap-copy application programs. The method comprises the steps that the application programs installed on a terminal device are scanned and an application program list is generated according to information obtained through scanning; whether the application programs in the application program list exist in a preset application program white list or not is judged; if the application programs exist in the preset application program white list, whether at least parts of files in installation packages of the application programs are tampered or not is judged; if the parts of files in the installation packages of the application programs are tampered, the application programs on the terminal device are unloaded; official installation packages of the application programs are downloaded from a cloud-side server and are installed on the terminal device. By means of the method and device, a user can be helped to replace the cheap-copy application programs on the terminal device by the application programs in the official version, safety problems brought by malicious codes in the cheap-copy application programs are effectively avoided and the safety of an operation system of the terminal device is improved.

The invention provides a user privacy protection method based on attribute and homomorphism mixed encryption under a cloud environment. The method is mainly used for solving the safety problem of user privacy under the cloud environment. Firstly, a user sends the information of the user to a cloud service provider, and the cloud service provider clarifies the user privacy. Secondly, the user adopts different encryption modes for different types, namely a homomorphism encryption mode and an encryption mode based on the attribute. It is guaranteed that important privacy information is more difficult to be leaked out and stolen through the homomorphism encryption mode for the user, and the user can conduct operation on the privacy information of the user. Through the encryption mode based on the attribute, it is guaranteed that certain network resources can be shared with other users. Finally, the user downloads and decodes cryptograph. Through the mixed encryption mode, safety of the user data privacy is further guaranteed. Meanwhile, the user can operate important service data of the user conveniently. Moreover, coding efficiency and decoding efficiency are further improved.

The invention relates to a system applied to a transaction platform for realizing the grading safety processing of financial information. The system comprises an embedded safety control module for acquiring a safety control rule preset by a user, a sensitive information processing module for judging the coincidence degree of the sensitive information in electronic transaction information of the user and the safety control rule and a safety control platform for judging the risk of the electronic transaction and performing identity verification on the user for which the safety rule needs to be altered. The invention also relates to a method applied to the transaction platform for realizing the grading safety processing of the financial information. According to the system, adopting such a structure, and the method applied to the transaction platform to realize grading safety processing of the financial information, the financial information of the user can be divided into the sensitive information and insensitive information, the sensitive information processing module and an electronic transaction client end are integrally packaged, the user information safety is further ensured by grading processing, loss caused by the problem of account unsafety is reduced and the system and method have a wide application range.