Methods and systems are provided for supporting efficient and secure “Machine-to-Machine” (M2M) communications using a module, a server, and an application. A module can communicate with the server by accessing the Internet, and the module can include a sensor and/or an actuator. The module, server, and application can utilize public key infrastructure (PKI) such as public keys and private keys. The module can internally derive pairs of private/public keys using cryptographic algorithms and a first set of parameters. A server can authenticate the submission of derived public keys and an associated module identity. The server can use a first server private key and a second set of parameters to (i) send module data to the application and (ii) receive module instructions from the application. The server can use a second server private key and the first set of parameters to communicate with the module.

A system is disclosed for a platform that enables the biological owner of health data to manage and control access to their health data. In an embodiment, biological owners can take possession of their own health data. They control the level of access to their own health data by third parties through the use of data blurring to fit within specific data ranges. They also control access to their data through data encryption. In another embodiment, the biological owner of the health data can provide access to their health data to third parties through an auction system. Such access would be provided based on price, time duration of access, or quality of data, as determined by the biological owner of the health data. Additionally, such access could be provided by the system managing the health data access for the biological owner of the health data.

A method includes capturing first data associated with a first packet flow originating from a first host using a first capture agent deployed at the first host to yield first flow data, capturing second data associated with a second packet flow originating from the first host from a second capture agent deployed outside of the first host to yield second flow data and comparing the first flow data and the second flow data to yield a difference. When the difference is above a threshold value, the method includes determining that a hidden process exists and corrective action can be taken.

A computer-implemented method, computer program product and computing system for: obtaining system-defined consolidated platform information for a computing platform from an independent information source; obtaining client-defined consolidated platform information for the computing platform from a client information source; and comparing the system-defined consolidated platform information to the client-defined consolidated platform information to define differential consolidated platform information for the computing platform.

A management system detects a change at the target device. The management system transmits a request message to authorization devices of the authorization users of the multi-user authorization pool to from the authorization users an indication of whether the detected change is approved. The management system receives a plurality of response messages from authorization devices of the multi-user authorization pool indicating whether the detected change is approved by the corresponding authorization user, and based on at least three of the plurality of response messages indicating a disapproval, that the detected change is disapproved. In response to the determination that the change is disapproved, an instruction message is sent to a target managed device to instruct the target managed device to rollback to an earlier state.

Authentication translation is disclosed. A request to access a resource is received at an authentication translator, as is an authentication input. The authentication input corresponds to at least one stored record. The stored record is associated at least with the resource. In response to the receiving, a previously stored credential associated with the resource is accessed. The credential is provided to the resource.

Systems, methods, and computer-readable media for managing compromised sensors in multi-tiered virtualized environments. In some embodiments, a system can receive, from a first capturing agent deployed in a virtualization layer of a first device, data reports generated based on traffic captured by the first capturing agent. The system can also receive, from a second capturing agent deployed in a hardware layer of a second device, data reports generated based on traffic captured by the second capturing agent. Based on the data reports, the system can determine characteristics of the traffic captured by the first capturing agent and the second capturing agent. The system can then compare the characteristics to determine a multi-layer difference in traffic characteristics. Based on the multi-layer difference in traffic characteristics, the system can determine that the first capturing agent or the second capturing agent is in a faulty state.

According to an embodiment, an authentication device for authenticating a user includes a biological sensor, a storage unit, a communication interface, a detection mechanism, and a processor. The biological sensor acquires biological information. The detection mechanism detects attachment/detachment. The processor authenticates a user using the biological information, and when the authentication is successful, the processor then stores authentication information in the storage unit and turns off the authentication device. When the communication interface receives a magnetic field from an external device, the processor activates the authentication device using power from the communication interface, and upon receipt of an authentication command, if the storage unit stores the authentication information, the processor transmits an authentication signal indicating that authentication is successful to the external device. When the detection mechanism detects that the authentication device is removed from the user, the processor deletes the authentication information in the storage unit.

A search key is generated (S20). A key relationship array is transmitted (S11). If an element matching the key relationship array is present, the found search key is held (S21). A key relationship index is transmitted (S22). A record read out using the key relationship index is transmitted (S12). If the record matches the search key, the found search key is held (S23). The found search key is set for an empty element of the key relationship array and is transmitted (S24). A data array is transmitted (S13). If an element matching the data array is present, the found data is held (S25). A data index is transmitted (S26). A record read out using the data index is transmitted (S14). If the record matches the search key, the found data is held (S27). Desired data is set for an empty element of the data array and is transmitted (S28).

In embodiments of the present invention improved capabilities are described for detecting restricted content associated with retrieved content. The method and system may include receiving a client request for content, saving contextual information from the client request, presenting retrieved content in response to the client request, and presenting the contextual information from the client request, and retrieved content, to a scanning facility. The scanning facility may utilize the contextual information from the client request to aid in the detection of restricted content associated with retrieved content.