A method, computer program product, and a system where a processor(s) determine that a user of a given computing device has been authenticated to initiate an application session, that the application session is open, and that the application session has a timeout mechanism triggered by inactivity (i.e., the session not receiving a selection within a first predefined period of time). The processor(s) determines that the application session will automatically timeout within a second predefined period of time based on the inactivity. The processor(s) monitors activities of the user during pendency of the application session with the application including physical and computing activities of the user. The processor(s) determines that at least one activity of the activities indicates engagement of the user with the application session. The processor(s) prevent the timeout mechanism from being triggered during a duration of the at least one activity.

A system for monitoring actual access to data elements in an enterprise computer network and providing associated data, the system including an at least near real time data element audit subsystem providing audit output data including at least one of a time stamp, identification of an accessor, user depository stored data regarding the accessor, accessed data element data, affected data element data, type of access operation, source IP address of access and access outcome data, in at least near real time, relating to actual access to data elements in the enterprise computer network, and an additional data providing subsystem receiving in at least near real time at least a part of the audit output data and utilizing the at least part of the audit output data for providing additional data which is not part of the audit output data.

An access control system is described in which a credential may be authenticated and permitted to access a protected resource only after discovery of a second device. Requiring discovery of a second device prior to authentication enhances security by protecting against unauthorized access by an illicit user of a credential.

Methods and systems for providing quality of service to an information handling system may involve generating a new transport encryption key for a management controller group, notifying nodes in the management controller group to negotiate for the new transport encryption key, and encrypting a first message to be sent to a first node in the management controller group using a current transport encryption key. The new transport encryption key for encrypted communications in the management controller group and to replace a current transport encryption key. The first message encrypted after notifying the nodes in the management controller group to negotiate for the new transport encryption key. The nodes of the management controller group including the first node.

A system to generate a graphical user interface to display a presentation of a set of shared user groups between users of a social networking service is described. Embodiments of the present disclosure relate generally to systems for: receiving an identification of a second user from a user account of a first user; identifying a user group that includes the first user and the second user in response to the identification of the second user from the user account of the first user; retrieving user identifiers of the first user and the second user, wherein the user identifiers may include graphical avatars; generating a group identifier based on the user identifiers; and causing display of a presentation of the user group at a client device.

A computing device may include a memory and a processor cooperating with the memory and configured to receive a connection request from a client device having a public/private encryption key pair associated therewith. The connection request may be based upon a connection lease and the public key for the client device, and the connection lease may be generated based upon an authenticated version of the public key for the client device. The processor may also be configured to verify that the authenticated version of the public key upon which the connection lease was generated matches the public key for the client device and authorize a connection with the client device and provide the client device with access to a virtual computing session via the connection.

Exemplary system, method, and computer-accessible medium for transmitting or generating an encrypted message(s) to or for a receiver(s) from a sender(s), can be provided, which can include, for example, generating an electronic public key(s) and an electronic private key(s) for the sender(s), generating first information based on (i) data of the sender(s), (ii) a state(s) of the sender(s), and/or (iii) a type of the sender(s), electronically selecting an electronic message signal(s) and a time stamp(s) based on the first information, generating a message(s) based on the electronic message signal(s) and the time stamp(s), generating the encrypted message(s) by encrypting the message(s) using the electronic private key(s), and transmitting the encrypted message(s) to the receiver(s).

Techniques for computer security, and more specifically timestamp-abased authentication, are described. Some implementations provide an authentication method that utilizes an authentication process that is shared as a secret between a client and an authenticator. The process provides as output a number that is based on a timestamp. To authenticate the client when it attempts to access a target service, both the client and authenticator execute the authentication process using locally generated timestamps. If the outputs of the authentication process match, the client is authenticated. If not, subsequent network communications from the client are either denied or redirected to an alternative computing system that masquerades as the target service.

Various embodiments of the present invention set forth techniques for security monitoring of a network connection, including analyzing network traffic data for a network connection associated with a computing device, identifying one or more network traffic metrics for the network connection based on the network traffic data, determining that the network connection corresponds to at least one network connection profile based on the one or more network traffic metrics, detecting a potential security threat for the network connection based on the one or more network traffic metrics and the at least one network connection profile, and initiating a mitigation action with respect to the network connection in response to detecting the potential security threat. Advantageously, the techniques allow detecting potential security threats based on network traffic metrics and categorizations, without requiring monitoring of the content or the total volume of all traffic exchanged via the connection.

This disclosure is directed to monitoring a crypto-partitioned, or cipher-text, wide-area network (WAN). A first computing device may be situated in a plain-text portion of a first enclave behind a first inline network encryptor (INE). A second device may be positioned in a plain-text portion of a second enclave behind a second INE. The two enclaves may be separated by a cipher-text WAN, over which the two enclaved may communicate. The first computing device may receive a data packet from the second computing device. The first computing device may then determine contents of a header of the data packet. The first computing device may, based at least in part on the contents of the header of the data packet, determine a status of the cipher-text WAN.