168results about How to "Avoid Information Leakage" patented technology

A document management system / method allowing coordinated synchronized modifications and secure, scalable, multi-level, and controlled access to Data Content and / or Documents (DCDS) over a computer network between multiple Content Owners and / or Reviewers (CORS) is disclosed. The system / method is configured to allow any number of CORS to share DCDS using a Content Collaboration Platform (CCP) while retaining complete DCDS integrity / retrieval control using a hierarchical Access Rights and Control List (ARCL) to prevent CORS from uncoordinated DCDS modification and prohibiting local maintenance of DCDS copies after the expiration of a CORS Data Access Session (DAS). Upon termination of a CORS DAS, the system synchronizes modifications to the DCDS and coordinates control information among various CORS to ensure proper return of the DCDS back to its original CORS owner and associated CORS storage location.

Disclosed is a technology by which rules on communication permission or control are enforced to network internal devices such that an environment which looks as if to have a virtual firewall existing between network internal devices can be established. A communication control apparatus for this is located on the same level in the network as other devices are located. By using this communication control apparatus, an address resolution protocol (ARP) packet in which a data link layer address is manipulated is provided to devices that are the objects of communication cut-off, such that data packets transmitted by the communication cut-off object devices are transmitted to manipulated abnormal addresses. By doing so, communication with the communication cut-off object devices is cut off. For a device which is in a communication cut-off state although the device is not an object of communication cut-off any more, the communication control apparatus transmits an ARP packet including normal address information to the device such that the communication cut-off state is canceled.

An information code product (101) comprising a body (105) having a code-including image (104) formed thereon which includes at least one unit of information codes (103) with one or more specific color, wherein the unit of information codes is adapted to be obtained by extracting an image with the specific color from the code-including image. A user is authenticated by an authentication system (301) which comprises an authentication terminal (302) for reading data included in the product (101) and an authentication server (303) which is interconnected to the authentication terminal through a network (304).

A structure and method for forming a tamper respondent electronic circuit enclosure that includes an integrated circuit structure, a mesh structure surrounding the integrated circuit structure, and a sealed enclosure surrounding the mesh structure. The mesh structure includes a layer of flexible dielectric having a first side and a second side, a screen-printed pattern of flexible electrically conductive first circuit lines forming a first resistor network on the first side, and a photo lithographically-formed pattern of flexible electrically conductive second circuit lines forming a second resistor network on the second side.

A structure and method for forming a tamper respondent electronic circuit enclosure that includes an integrated circuit structure, a mesh structure surrounding the integrated circuit structure, and a sealed enclosure surrounding the mesh structure. The mesh structure includes a layer of flexible dielectric having a first side and a second side, a screen-printed pattern of flexible electrically conductive first circuit lines forming a first resistor network on the first side, and a photo lithographically-formed pattern of flexible electrically conductive second circuit lines forming a second resistor network on the second side.

There is provided a management system including a managed device connected to a network, and assigned network information that allows the managed device to communicate over the network, and a management device. The management device is connected to the network, and manages the managed device based on the network information and stores the network information in an information recordable medium. The management device has a drive unit which reads data from the information recordable medium, wherein the managed device is made accessible when the data read from the information recordable medium corresponds to the network information assigned to the managed device.

The present invention provides an information processing device, an information processing system, and a program capable of improving security and convenience. An information processing system (1) includes an IC card (30) which stores an encryption key and a registered password and allows the encryption key to be read when the IC card (30) has authenticated the user as an authorized user based on the registered password, and an information processing device (10) which stores folder information in which the folder name, path, and hash value of the encryption key are associated, when a request to save data in the folder has been issued from the user, decides whether or not an encryption key corresponding to the folder is included in the encryption key read from the IC card (30) based on the folder information, encrypts the request target data using the corresponding encryption key when the information processing device (10) has decided “YES”, and stores the encrypted data.

There is provided an image printing apparatus which can ensure confidentiality by including an identification section which identifies whether or not a user who requests a job is present in a predetermined range from the image printing apparatus, a queue which stores the job and manages an execution of the job in stored order, a job registration section which registers the job at the end of the queue, and a job management section which suspends the start of execution of the job registered in the queue when the identification section does not recognize the presence of the user who requests the job, and permits the start of execution of the job registered in the queue when the identification section recognizes the presence of the user who manages the job. A display device and a job processing method are also provided.

A system and method for conducting verifiably correct auctions that preserves the secrecy of the bids while providing for verifiable correctness and trustworthiness of the auction is disclosed. Some of the elements of the method and apparatus are that the auction operator accepts all bids submitted and follows the published rules of the auction. In one embodiment, the bids are maintained secret from the auctioneer and all bidders until the auction closes and no bidder is able to change or repudiate her bid. In another embodiment, the auction operator computes the auction results and publishes proofs of the results' correctness. In yet another embodiment, any party can check these proofs of correctness via publicly verifiable computations on encrypted bids.

In an information processing apparatus which transfers target information to an external data processing device to process the information, and saves the processed information, a data management unit stores second identification information corresponding to the target information in association with the target information to which first identification information is attached. The first changing unit deletes the first identification information from the target information and adds the corresponding second identification information to the target information in the data management unit. The transfer unit transfers the target information processed by the first changing unit to the external data processing device.

There is described an image forming apparatus that serves as a client in the client / server type information processing system. The apparatus includes a communicating section to communicate with the server; a device information acquiring section to acquire device information for specifying the device; an information storing section to store server information for specifying the server and client information for specifying the client itself; and a control section to transmit the device information, acquired by the device information acquiring section, and the client information, stored in the information storing section, to the server specified by the server information through the communicating section, in order to request the server to send an application program corresponding to the device information back to the client. When the control section receives the application program from the server, the control section develops the application program into the storage so as to make the device available.

A system for cryptographic processing of content comprises an input for receiving the content. A plurality of look-up tables represents a white-box implementation of a combined cryptographic and watermarking operation. The look-up tables represent processing steps of the combined cryptographic and watermarking operation and the look-up tables being arranged for being applied according to a predetermined look-up scheme. The look-up scheme prescribes that an output of a first look-up table of the plurality of look-up tables be used to generate an input of a second look-up table of the plurality of look-up tables. The combined cryptographic and watermarking operation comprises a cryptographic operation and a watermarking operation. A control module looks up values in the plurality of look-up tables in dependence on the received content and in accordance to the look-up scheme, thereby applying the combined cryptographic and watermarking operation to the content.

The present invention provides a thin semiconductor device in which its security such as prevention of counterfeit or information leakage is to be enhanced. One feature of the present invention is a thin semiconductor device in which a plurality of thin film integrated circuits are mounted and in which at least one integrated circuit is different from the other integrated circuits in any one of a specification, layout, frequency for transmission or reception, a memory, a communication means, a communication rule and the like. According to the present invention, a thin semiconductor device tag having the plurality of thin film integrated circuits communicates with a reader / writer and at least one of the thin film integrated circuits receives a signal to write information in a memory, and the information written in the memory determines which of the thin film integrated circuits communicates.

The invention discloses a capacity calling method, a capacity calling request device, a capacity calling platform and a capacity calling system, wherein the capacity calling method includes: transmitting a token acquisition request to an application side by a client side, receiving a token returned from the application side, and generating and transmitting a capacity calling request including the token; and performing validation according to the capacity calling request and calling capacity for the client side after successful validation by the capacity calling platform. Safety of internet platform capacity opening is improved, and the defects of information leakage and low safety caused by operation through the application side are avoided.

A hands-free loudspeaker system which is capable of achieving high-quality voice amplification without requiring a human speaker to move to a microphone or a microphone to be moved to a human speaker. A microphone whose input level has continued to be above a threshold value for not shorter than a predetermined time period is detected, based on input signals from dispersedly arranged microphones. An input signal from the microphone is selected and outputted to each loudspeaker at an output level or with a delay time, according to a location of the loudspeaker. A preset lowest threshold level is initially set to the threshold value, and an input level of the microphone higher than the threshold value is newly set to the same, while when the input level is lower than the threshold value, a lower value is set to the same in a step-by-step manner.

The invention discloses an intelligent mobile phone anti-theft method. Hardware feature information and state information of an intelligent mobile phone are stored in a database of an anti-theft server of a network side. The intelligent mobile phone anti-theft method comprises the steps that A, an anti-theft program in the intelligent mobile phone reads the hardware feature information of the intelligent mobile phone, and state inquiry information is sent to the anti-theft server at intervals; B, after the anti-theft server receives the state inquiry information, the database is inquired for finding corresponding state information according to the hardware feature information carried in the state inquiry information, and the state information is sent to the intelligent mobile phone; C, the anti-theft program receives the state information, if the state information represents that the intelligent mobile phone is in a normal state currently, no processing is conducted, and if the state information represents that the intelligent mobile phone is in a loss state currently, the intelligent mobile phone is triggered to enter a mode of finding the lost and stolen intelligent mobile phone .

An information asset management system in a network environment includes a monitoring program 11 that monitors operation events performed by users and creates terminal logs 12, a terminal log collection program 21 that stores an integrated log 22 created by collecting the terminal logs 12, and a correlation analysis program 31 that analyzes the whereabouts of information assets using the integrated log 22. When the user exports an information asset from the network environment and when the user imports the information asset into the network environment, the monitoring program 11 monitors these export and import events including feature values of the information assets. The correlation analysis program 31 compares a pre-export feature value of each information asset with a post-import feature value of each information asset to determine whether the information assets are identical and reports a list of information assets in the organization.

The invention discloses a mobile phone two-dimensional code safe use method based on information hiding. With the development of information technology and Internet technology, people pay more attention to the convenient and environmental-friendly two-dimensional code technology, and the use of the two-dimensional code is wider and wider. However, a traditional mobile phone two-dimensional code is lack of a necessary security mechanism, people can use a two-dimensional code as long as the people have the two-dimensional code, and the security of the private information of the user is invaded. The method is based on the information hiding technology, the cryptography theory and bar code technology are utilized, through a method of embedding user secret information in encoding and carrying out extraction, operation and comparison in decoding, the safe use problem of the mobile phone two-dimensional code is solved, the leakage and stealing of the information are prevented, and the integrity and confidentiality of the information are ensured. The method is simple and practical, with the gradual popularization of the Internet technology at the present age, and method plays an important role for the security of the information.

An information management system provided with an encrypting means for encrypting an original file to prepare an encrypted file, a data storage memory which stores the encrypted file, a decrypting means, a general memory, an information managing means for decrypting the encrypted file to an editable display file etc. and storing it in the general memory in a regular operational processing cycle, performing the required editing in the form of the display file etc., converting the display file etc. after editing to an encrypted file by the encrypting means, and storing this in the data storage memory, and an information management file which controls processing of or operations on the encrypted file by the information managing means. This standardizes information management at the different levels of an organization, managers, etc., enables secure protection and management of information contained in the different machinery and equipment, lightens the load of information management, prevents leakage of information, and preserves and protects files and prevents their destruction, tampering, and alteration.

The invention discloses an instant communication message processing method and a client. The method includes receiving instant communication messages, determining message types according to the instant communication messages, and calling corresponding notifying means according to the message types, wherein at least a first notifying means and a second notifying means are set in advance, and the first notifying means and the second notifying means are different. The instant communication message processing method and the client can give notification according to different types of instant communication messages.

An image forming apparatus is disclosed that includes multiple application modules configured to perform image processing including scanning, printing, and copying of an image; multiple service modules configured to perform an image forming operation and to control the image forming apparatus; a nonvolatile configuration information storage part configured to contain first configuration information of the application modules and the service modules; a configuration information comparison part configured to read second configuration information of the application modules and the service modules and compare the first configuration information and the second configuration information before starting the application modules and the service modules; and a notification part configured to notify the manager of the image forming apparatus of the difference between the first configuration information and the second configuration information in response to detection of the difference.

The invention discloses a method for detecting an unauthorized access vulnerability of a power mobile application. The method comprises the steps of obtaining and storing all the user types of the mobile application and the user number corresponding to each user type; constructing http requests aiming at the same operation of different users in the same user type, modifying the http request of one user, sending the modified request to a server-side and analyzing an execution result to detect parallel unauthorized access vulnerabilities; constructing http requests of different users in different user types, modifying the http requests which can be executed by users in certain user types, but cannot be executed by users in other types, sending the modified requests to the server-side, and analyzing the execution results to detect the unauthorized access vulnerabilities; and comprehensively detecting the discovered vulnerabilities and finishing the unauthorized access vulnerability detection. The method for detecting the unauthorized access vulnerability of the power mobile application is used for performing safety assessment on the mobile application in an integrated testing stage and provides support for reducing the safety risk of the mobile application and improving the safety of the mobile application.

A hardware cryptographic engine may include a plurality of ciphertext engines. A first ciphertext engine may receive a second intermediate ciphertext output from a second ciphertext engine, generate a first intermediate ciphertext, and use the first intermediate ciphertext to generate and output a first final ciphertext. The second ciphertext engine may output the second intermediate ciphertext, and use the second intermediate ciphertext to generate and output a second final ciphertext. A comparison unit may generate and output a control signal having a logic state depending on whether the first final ciphertext is the same as the second final ciphertext. An encryption data output unit may respond to the logic state of the output control signal, and output a final ciphertext when the first final ciphertext is the same as the second final ciphertext. A ciphertext engine may include plurality of round blocks, one of which may receive an odd number of intermediate ciphertext inputs, inclusive of an intermediate ciphertext from another ciphertext engine, to generate the respective intermediate ciphertext. A round block may include an encryption unit, a first logic operator, and a second logic operator that receives an intermediate ciphertext generated by the encryption unit and the intermediate ciphertext generated by the first logic operator.

After a print request is made from a personal computer to a multifunction peripheral, when a user who logs into the multifunction peripheral instructs an execution of the print request in the multifunction peripheral, the multifunction peripheral requests the personal computer to transmit image data. Then, the personal computer transmits the requested image data to the multifunction peripheral. The multifunction peripheral executes the printing using the received image data. When the printing is completed, the multifunction peripheral transmits a completion notification indicating that the printing is completed to the personal computer. When receiving the completion notification, the personal computer transmits a completion notification having the same content as the received completion notification to the multifunction peripheral.

An information processing system for recording operational information in a log includes a log generating unit configured to generate the log in such a manner that a conversion target character string included in the log is recognizable; a log converting unit configured to convert the conversion target character string to an irrecoverable and unique character string; a log outputting unit configured to output the log including the converted character string; and a log collecting unit configured to collect the output log.

An image forming apparatus includes an image receiving unit configured to receive image data, a sender identifying unit configured to identify a sender of the received image data, a check unit configured to check whether the identified sender corresponds to a predetermined sender, a management information providing unit configured to provide management-purpose image data obtained by encoding management information for controlling at least one of a transmission operation for transmitting an image scanned from a printout and a copy operation for copying an image scanned from a printout, and a print unit configured to print the management-purpose image data together with the received image data in response to a check result by the check unit indicating that the identified sender corresponds to the predetermined sender.

A facsimile apparatus 1 is provided, which can access a latest database 6a associating facsimile numbers and destination names. The apparatus includes a storage unit 20 for storing a destination table 12a in which button information such as one-touch dial buttons, facsimile numbers, and destination names are associated, an input unit 21 for accepting an instruction for one-touch facsimile transmission, a facsimile number acquisition unit 23 for identifying a destination name associated with the transmission instruction by referring to the destination table 12a and searching the database 6a using the destination name as a search key to acquire a facsimile number associated therewith, and a transmission unit 24 for determining whether the acquired facsimile number agrees with a facsimile number associated with a one-touch dial button accepted by the input unit 21 and executing facsimile transmission only when the numbers agree.