摘要:
One embodiment of the present invention provides a system for automatically authenticating a user. During operation, the system receives a user's request for authentication. The system then extracts information associated with the user from user-specific information stored in an enterprise computer. The extracted user information does not explicitly relate to a password. The system further generates one or more challenges based on the extracted user information, and receives the user's response to the challenges. Subsequently, the system compares the user's response to the extracted user information, and authenticates the user.
摘要:
One embodiment of the present invention provides a method for adjusting security status on a mobile device, the method comprising: collecting security-related contextual information which includes information of nearby mobile devices and/or the geographic location of the intelligent mobile device; evaluating a threat level based on the collected security-related contextual information; invoking a security policy; and adjusting the security status of the mobile device based on the threat level and the security policy.
摘要:
A system is provided to detect email spam. During operation, the system receives an email, extracts a set of keywords from the email body, and constructs a first search query based a keyword extracted from the email body. The system further constructs a second search query based on the keyword in the first query and one additional word which pertains to a known spam word or to the subject of the email. Next, the system receives a first number of hits and a second number of hits in response to the first and second search queries, respectively. The system then determines whether the email is spam based on the first number and the second number. The system can also perform Website filtering using inference detection which is based on search results received in response to search queries formulated with keywords extracted from Websites.
摘要:
One embodiment provides a system that detects sensitive passages. During operation, the system receives a document and disassembles the document into a plurality of passages. For a respective passage, the system performs a search through a non-sensitive-passage database to determine whether the passage is a known non-sensitive passage. If so, the system marks the passage as non-sensitive, and if not, the system determines whether the passage triggers a cut-and-paste attack detection. If so, the system forwards the passage to an administrator and allows the administrator to determine whether the passage is non-sensitive and, further, to add the passage to the non-sensitive-passage database responsive to the administrator determining the passage to be non-sensitive.
摘要:
Embodiments of the present disclosure provide a method and system for implicitly authenticating a user to access controlled resources. The system receives a request to access the controlled resources. The system then determines a user behavior score based on a user behavior model, and recent contextual data about the user. The user behavior score facilitates identifying a level of consistency between one or more recent user events and a past user behavior pattern. The recent contextual data, which comprise a plurality of data streams, are collected from one or more user devices without prompting the user to perform an action explicitly associated with authentication. The plurality of data streams provide basis for determining the user behavior score, but a data stream alone provides insufficient basis for the determination of the user behavior score. The system also provides the user behavior score to an access controller of the controlled resource.
摘要:
One embodiment provides a system that detects sensitive passages. During operation, the system receives a document and disassembles the document into a plurality of passages. For a respective passage, the system performs a search through a non-sensitive-passage database to determine whether the passage is a known non-sensitive passage. If so, the system marks the passage as non-sensitive, and if not, the system determines whether the passage triggers a cut-and-paste attack detection. If so, the system forwards the passage to an administrator and allows the administrator to determine whether the passage is non-sensitive and, further, to add the passage to the non-sensitive-passage database responsive to the administrator determining the passage to be non-sensitive.
摘要:
Embodiments of the present disclosure provide a method and system for implicitly authenticating a user to access controlled resources. The system receives a request to access the controlled resources. The system then determines a user behavior score based on a user behavior model, and recent contextual data about the user. The user behavior score facilitates identifying a level of consistency between one or more recent user events and a past user behavior pattern. The recent contextual data, which comprise a plurality of data streams, are collected from one or more user devices without prompting the user to perform an action explicitly associated with authentication. The plurality of data streams provide basis for determining the user behavior score, but a data stream alone provides insufficient basis for the determination of the user behavior score. The system also provides the user behavior score to an access controller of the controlled resource.
摘要:
One embodiment of the present invention provides a system that detects inferences from documents. During operation, the system receives one or more documents and extracts a first set of knowledge relevant to the documents. The system further formulates one or more queries to one or more reference corpora based on the first set of knowledge. The system then extracts a second set of knowledge from results received in response to the queries. Additionally, the system produces a mapping relationship between at least one document and a piece of the second set of knowledge which is not within the first set of knowledge, the mapping relationship indicating an inference from the documents.
摘要:
One embodiment of the present invention provides a system for authenticating a user. During operation, the system records user behavior history at one or more devices associated with the user. The system then extracts user information associated with a place and/or an activity from the recorded user behavior history. The system further generates one or more challenges based on the extracted user information, thereby facilitating the verification of the user's identity.
摘要:
One embodiment provides a system for transferring a file from a portable device to a scanning device. During operation, the system displays an optical code associated with the file on the portable device. Next, the system detects successful scanning of the current optical code by the scanning device. Subsequently, the system displays a next optical code associated with the file on the portable device, thereby allowing the scanning device to decode the file after a sequence of optical codes are scanned.