A certificate credential and an associated signature is received. The certificate credential and the associated signature are authenticated at an operating system level. Whether the certificate credential has expired is validated at an application level via an external certificate authority. Access to encrypted data is allowed based at least in part on the authentication and the validation of the certificate credential.

In some examples, a security application may monitor data received from one or more of sensors of a computing device, one or more input devices of the computing device, or one or more biometric sensors of a smartwatch that is connected to the computing device. If the user is not logged in and the user that is carrying the computing device has an uneven gait or is stumbling, the security app may, when the user initiates a login process, gather additional data, such as, from the sensors, the smartwatch, or both. If the user makes too many errors, based on data from the input devices, when attempting to login or after logging in, the security application may gather additional data. If the additional data indicates that the user may be under the influence of prescription or recreational drugs or alcohol, the user may be prevented from logging in.

In some examples, a security application may monitor data received from one or more of sensors of a computing device, one or more input devices of the computing device, or one or more biometric sensors of a smartwatch that is connected to the computing device. If the user is not logged in and the user that is carrying the computing device has an uneven gait or is stumbling, the security app may, when the user initiates a login process, gather additional data, such as, from the sensors, the smartwatch, or both. If the user makes too many errors, based on data from the input devices, when attempting to login or after logging in, the security application may gather additional data. If the additional data indicates that the user may be under the influence of prescription or recreational drugs or alcohol, the user may be prevented from logging in.

A method for managing data includes obtaining a workload generation request, wherein the workload generation request specifies a security compliant rule, in response to the workload generation request: selecting a first set of resource devices using a resource allocation master list, initiating a security compliance test on the first set of resource devices to obtain a security compliance result, making a first determination, based on the security compliance result, that the first set of resource devices meet a security compliance criterion, and in response to the first determination: storing a virtual certificate in a security compliance database based on the security compliance result, and allocating the first set of resource devices to a workload based on the workload generation request.

A method for managing data includes obtaining a workload generation request, wherein the workload generation request specifies a security compliant rule, in response to the workload generation request: selecting a first set of resource devices using a resource allocation master list, initiating a security compliance test on the first set of resource devices to obtain a security compliance result, making a first determination, based on the security compliance result, that the first set of resource devices meet a security compliance criterion, and in response to the first determination: storing a virtual certificate in a security compliance database based on the security compliance result, and allocating the first set of resource devices to a workload based on the workload generation request.

The invention provides an alternative applications programming interface (API) for a software application to interface with and to control and coordinate the operation of a variety of specialty devices, including a barcode scanning device and a label printing device. In some embodiments, this alternative API is provided via a software application interface module (SAIM) that is remotely accessible to a software application module (SAM) via a computer network. The SAIM provides for interface and control of specialty devices that would otherwise be un-accessible to a software application module (SAM), via employment of a device specific interface module (DSIM), which functions like a device driver to specialty devices that can be geographically distributed away from the software application module (SAM) and sway from the software application interface module (SAIM), and also function in circumstances where the software application module (SAM) is mobile.

The invention provides an alternative applications programming interface (API) for a software application to interface with and to control and coordinate the operation of a variety of specialty devices, including a barcode scanning device and a label printing device. In some embodiments, this alternative API is provided via a software application interface module (SAIM) that is remotely accessible to a software application module (SAM) via a computer network. The SAIM provides for interface and control of specialty devices that would otherwise be un-accessible to a software application module (SAM), via employment of a device specific interface module (DSIM), which functions like a device driver to specialty devices that can be geographically distributed away from the software application module (SAM) and sway from the software application interface module (SAIM), and also function in circumstances where the software application module (SAM) is mobile.

The system has a unique identifier (2) stored in client's hardware (1). Via a transfer environment (3) using a higher layer protocol (4), the unique identifier (2) is coupled to a server (5), where, in an evaluation module (6), it is connected to a substitution and calculation module (7). A w polynomial system (8) stored in the persistent memory (9) of the server (5) is also connected to the substitution and calculation module (7), the output of which is a calculated key (10). At the same time, the client's hardware (1) stores a local key (11) which is via the transfer environment (3) using the higher layer protocol (4) connected to a key comparison module (12) to which the calculated key (10) is also connected. The key comparison module (12) is through its positive output (13) and negative output (14) connected via the transfer environment (3) using the higher layer protocol (4) to a response processing module (15) which is stored in the client's hardware (1). The system, at high security levels, provides the required response speed even for a large number of users and/or licenses without significantly increasing the space/memory requirements of computing resources.

The system has a unique identifier (2) stored in client's hardware (1). Via a transfer environment (3) using a higher layer protocol (4), the unique identifier (2) is coupled to a server (5), where, in an evaluation module (6), it is connected to a substitution and calculation module (7). A w polynomial system (8) stored in the persistent memory (9) of the server (5) is also connected to the substitution and calculation module (7), the output of which is a calculated key (10). At the same time, the client's hardware (1) stores a local key (11) which is via the transfer environment (3) using the higher layer protocol (4) connected to a key comparison module (12) to which the calculated key (10) is also connected. The key comparison module (12) is through its positive output (13) and negative output (14) connected via the transfer environment (3) using the higher layer protocol (4) to a response processing module (15) which is stored in the client's hardware (1). The system, at high security levels, provides the required response speed even for a large number of users and/or licenses without significantly increasing the space/memory requirements of computing resources.

Improved methods and systems for secure data entry and/or authentication of a user are provided. A preferred method of the invention comprises: selecting a keypad zone within an area of a display zone of a touch screen which comprises a plurality of hotspots that implement the keys of an operable keypad; providing an image of a keypad at the same location as the keypad zone such that the keypad image covers the operable keys within the keypad zone and the keypad image functions as a visible mask or cover over the operable keys of the keypad zone; a new keypad zone is selected at a different location within the display zone when the process is subsequently repeated, such that the keypad zone and the image are re-positioned to provide an operable keypad and overlaid, masking keypad image in a new area of the screen.