The present invention puts forward a personal electronic access permission (Figure B, 31) that can both check on the customer's identity (Figure A, step 2) and right to access an event/venue in one scanning event, and address the unwanted secondary market, still enabling a customer (Figure D, 5) to sell back an electronic access permission to the system (Figure D, I) in case the customer is not able to attend the event.

An information processing system includes a first external apparatus, a second external apparatus, an information processing apparatus, and an image forming apparatus. The information processing system further includes an issuance unit configured to issue, in the first external apparatus, an access token for accessing a cloud service, a first registration unit configured to receive the access token and register the access token in the second external apparatus in association with an identifier, a display unit configured to display a reauthorization instruction object on a browser of the information processing apparatus, and a second registration unit configured to, in a case where the reauthorization instruction object is pressed and the access token is issued again, register the reissued access token in the second external apparatus in association with the identifier.

A certificate credential and an associated signature is received. The certificate credential and the associated signature are authenticated at an operating system level. Whether the certificate credential has expired is validated at an application level via an external certificate authority. Access to encrypted data is allowed based at least in part on the authentication and the validation of the certificate credential.

The present teaching relates to method, system, medium, and implementation for secure data management by a service provider. A request is first received for carrying out a transaction with a user and one or more data items associated with the user are then determined that need to be validated prior to the transaction. A request is then sent to the user seeking to validate the one or more data items. When a cloaked identifier is received from the user with information related to a trusted party, the cloaked identifier is then sent to the trusted party with a request for a validation response. When the validation response is received with an indication that the one or more data items are validated, the transaction with the user is carried out.

An information processing apparatus includes circuitry; and a memory storing computer-executable instructions that cause the circuitry to generate a password for connecting to a communication relay apparatus based on an operation to use the communication relay apparatus; transmit, to the communication relay apparatus, an addition request signal representing a request to add an identifier for identifying the communication relay apparatus, the addition request signal including the identifier and the generated password for connecting to a network that is set in association with the identifier on a per-identifier basis; and transmit, to the communication relay apparatus, a deletion request signal, which includes the identifier, representing a request to delete the identifier upon determining that an elapsed time from when the communication relay apparatus has added the identifier has exceeded a possible usage time of using the network.

A method, a communication device and a computer program product for protecting communication devices from access by unauthorized users. The method includes retrieving, from a memory, a biometric sensor disable time range and determining, via a processor of the communication device, if a current time is within the biometric sensor disable time range. In response to determining that the current time is within the biometric sensor disable time range, the method further includes determining if the communication device is in a sleep mode and in response to determining that the communication device is in the sleep mode, disabling at least one biometric sensor.

A method for setting a permission to view an operation record based on a time range is disclosed in the present invention, including: selecting a grantee; setting one or more viewed objects for each grantee, wherein said grantee and said viewed object are the same type as a role, a user, and an employee; and setting a viewing-permission time range for each grantee, wherein said grantee obtains the permission to view the operation records of its corresponding viewed object within the viewing-permission time range of the grantee. In the present invention, the grantee can be authorized to view operation records of the viewed object within a certain time range according to actual requirements, and cannot view the operation records of the viewed object out of the time range, thus satisfying the requirement for viewing operation records of the viewed object in various time-limited cases, reducing the possibility that the operation records are known by irrelevant personnel, and improving information security of the company.

Measurements of biometric information of a user are obtained over time, such as blood glucose measurements. These biometric measurements are typically obtained by a wearable biometric information monitoring device being worn by the user. These biometric measurements are used by various different systems, such as a computing device of the user or a biometric information monitoring platform that receives biometric measurements from multiple different users. The biometric measurements are used for various security aspects, such as one or more of part of multi-factor authentication of the user, generating security keys (e.g., connection keys, encryption keys), identifying biometric measurements associated with different user identifiers but the same use, and protecting biometric measurements so as to be retrievable only by a recipient associated with an additional computing device, and so forth.

A system is provided for enforcing time-based user access levels in a computing infrastructure of an organization. The system includes a processor and a computer readable medium operably coupled thereto, to perform operations which include executing a synchronization of the time-based user access levels, obtaining a first login identifier (ID) of a plurality of login IDs for a group of employees of the organization, identifying a position ID and an employment status ID for the first login ID, determining a current time and a last login timestamp for the first login ID, determining a time-based access rule for the group of employees, determining whether a time period from the last login timestamp to the current time violates the time-based access rule, and setting, for the synchronization of the first login ID, at least a first access level of the first login ID to computing resources.

An automatically predetermined credential system for a remote administrative operating system (OS) authorization and policy control is disclosed. Administrative activities are packaged in single-use downloaded software program. When executed, the administrative access to the OS is activated before completing the administrative activities. The single-use downloaded software program has policies that performs checks on a user computer executing the software program. The policies include checking firewall settings, confirming virus checking, interrogating software to confirm patches or updates have been performed, checking for key loggers or other surveillance software or devices The single-use downloaded software is protected with a passcode to prevent activation in an unauthorized way.