Provided is a system for blocking an external attack, which includes: a network file server; and a network file server (NFS) client installed in a user terminal or a service server and communication-connected with the network file server which is remotely positioned, and the network file server determines, when there is an access or opening request of a file stored in the network file server mounted in the user terminal or service server in a network drive format from the NFS client, whether at least one of the user information and the program information to request the access or opening is authorized and blocks the access to the file which is requested to be accessed or provides the file of which opening is requested to the NFS client only in a read only mode when the access or opening request is unauthorized according to a determination result.

An authentication system and method are provided. According to the embodiments of the present disclosure, it is possible to provide a secure authentication service capable of maintaining personal privacy by enabling authentication while preventing personal information used for personal authentication, such as biometric information, from being exposed in the authentication process.

A computer-implemented method at a service facility for capturing vehicle state and service information (VSSI) is provided. The method includes: detecting the arrival of a vehicle at the service facility; initiating, by a processor at the service facility, the establishment of a secure communication link with the vehicle via an in-vehicle wi-fi hotspot; wirelessly retrieving, by the processor at the service facility from the vehicle, a subset of VSSI via the wi-fi hotspot, wherein the retrieved VSSI includes the subset of the VSSI that has changed since the last update of the VSSI to a cloud-based server and wherein the subset of the VSSI includes some, but not all of the VSSI; and scheduling a vehicle service based on service indications derived from the VSSI.

Transitive restrictions can be applied to requests received on a session. A session token can be issued for an active session, and a transitivity setting specified to indicate the types of requests for which the transitive restriction is to be enforced. This can include enforcing the restriction on requests received from outside a trusted environment, requests within a scope of enforcement, or enforcing the restriction at request authentication. Any request received from an untrusted source that fails to satisfy the transitive restriction will be denied. Requests from inside the trusted environment may not have the transitive restriction enforced, such as where a new token is issued. This enables services within the environment to make calls on behalf of the customer, while ensuring that third parties obtaining the session token cannot successfully initiate such calls.

A managed directory service receives a request from a first service to link a directory of a contractor service to the first service's directory. The managed directory service identifies a group within the directory of the contractor service and links the directories using this group. Through the link, the managed directory service enables users in the group to authenticate to the first service's directory using credentials for the directory of the contractor service.

Disclosed herein are embodiments of systems, methods, and products comprises a server, which receives a request from a user's electronic client device. The server determines the authentication level of the request. If the authentication level satisfies a threshold, the server may route the request to a call center computing system; otherwise, the server authenticates the user based on the authentication level. Specifically, the server presents one or more security challenges corresponding to the authentication level and authorizes the user if the user correctly answers the security challenges. The server may receive a second request from the same user who has been authorized for the first authentication level. If the authentication level of the second request is higher, the server may present more security challenges on the second level; if the authentication level is lower, the server directly allows the access of the requested services.

A method and an apparatus for establishing an operating environment by certifying a code image received from a host over a communication link are described. The code image may be digitally signed through a central authority server. Certification of the code image may be determined by a fingerprint embedded within a secure storage area such as a ROM (read only memory) of the portable device based on a public key certification process. A certified code image may be assigned a hash signature to be stored in a storage of the portable device. An operating environment of the portable device may be established after executing the certified code.

A first computing device is provided for transmitting one or more volumes via a secured connection. The first computing device includes a controller that is executable by one or more processors and is configured to instruct a cloud computing device to generate a worker virtual machine. The controller is also configured to provide authentication information to facilitate establishing of the secured connection between the controller and the worker virtual machine. The controller is further configured to instruct the cloud computing device to generate one or more target volumes associated with the cloud computing service and to associate the one or more target volumes with the worker virtual machine. The controller is further instructed to provide, irrespective of the content type of the volumes and the size of the volumes, the one or more volumes to the worker virtual machine via the secured connection.

The present invention relates to Power-over-Ethernet (PoE) systems. The invention proposes to use a classification event to communicate from the PD (121) to the PSE (110, 910). A sensor (310, 410, 510a, 510b) may determine a sensor value, shut down the PoE connection, and reconnect so that the power up cycle with the PSE (110, 910) will start. The sensor (310, 410, 510a, 510b) provides a PoE resistance related to a class 0, 3 where the class relates to the sensor value (e.g., class 0=presence detected; class 1=no presence detected). This procedure may be repeated (e.g. continuously, every minute or whenever the sensor value changes such that the PSE (110, 910) needs to be informed) and if needed multiple cycles can be used to increase the length of the message communicated.

A system that allows a contractor to remotely monitor and/or interact with its customers' building control systems, such as heating, ventilating and air conditioning (HVAC) systems, and analyze information obtained from the building control systems over time. Such a system may help the contractor monitor and diagnosis customer building control systems, setup service calls, achieve better customer relations, create more effective marketing opportunities, as well as other functions. In some cases, the disclosed system may be configured to allow a user to grant or deny access to its HVAC system in response to the user receiving an electronic invitation to the system. The granting of access by a user to its HVAC system may allow for remote monitoring of the HVAC system.