摘要:
A compound of formula (1) wherein R1 is aryl; and R2 is hydrogen or alkyl; pharmaceutically acceptable addition compounds thereof; and their use in therapy, particularly for the treatment and prophylaxis of CNS disorders such as anxiety and epilepsy.
摘要:
A method and apparatus are provided for extracting information from a user's memory that will be easily recalled during future authentication yet is hard for an attacker to guess. The information might be a little-known fact of personal relevance to the user or the personal details surrounding a public event. The user is guided to appropriate topics and forms an indirect hint that is useful to the user yet not to an attacker. Information extraction techniques verify that the information is not easily attacked and to estimate how many bits of assurance the question and answer provide. The information extracted may be, e.g., Boolean (Yes/No), multiple choice, numeric, textual, or a combination of the foregoing. The enrollment process may schedule the sending of one or more reminder messages to the user containing the question (but not the answer) to reinforce the memory of the user.
摘要:
Systems and methods for constructing and maintaining a peer-to-peer overlay graph are disclosed herein. The systems and methods include adding a node to the overlay graph. Adding the node includes choosing an edge that is not connected to the node, breaking the edge and connecting the node to broken edge nodes previously connected to the edge. The process is repeating if additional connections are need and node addition data is stored for the node.
摘要:
A telephone of the corded or portable type includes a light source. The light source may or may not have an ability to be pivoted or swiveled to illuminate a desired portion of a room. In the case of a corded telephone, the light source may be detachable from the telephone. The light source may be automatically activated to provide emergency illumination when a power failure condition exists in a building. The light source may also be manually activated to provide a convenient illumination source for the user.
摘要:
A method and apparatus are provided for evaluating the security of authentication information that is extracted from a user. The disclosed authentication information security analysis techniques determine whether extracted authentication information can be obtained by an attacker. The extracted authentication information might be, for example, personal identification numbers (PINs), passwords and query based passwords (questions and answers). A disclosed authentication information security analysis process employs information extraction techniques to verify that the authentication information provided by a user is not easily obtained through an online search. The authentication information security analysis process measures the security of authentication information, such as query based passwords, provided by a user. Information extraction techniques are employed to find and report relations between the proposed password and certain user information that might make the proposed password vulnerable to attack.
摘要:
A three party authenticating protocol is disclosed. During an enrollment phase, a user contacts a call center and is directed to a user verification server. The user verification server instructs the user to select and answer a number of questions that will be used for verification. The selected questions along with identifying indices for each question are stored at the user's location and at the user verification server. The user verification server sends the question indices to the call center, which in turn sends these indices to the user to obtain answer indices for each question. During a verification phase, the user contacts the call center and an authentication module asks the user to provide an asserted identity. The authentication module provides a random selection of question indices from those selected by the user. The user provides answer indices for each question to the authentication module. If the number of correctly matching answers exceeds a threshold, then the user is verified. Otherwise, the user fails verification. After verification, the user is transferred from the authentication module of the call center to a human agent for further processing.
摘要:
Methods and apparatus are provided for defending against telephone-based robotic attacks An interactive voice response method is provided for presenting a menu having one or more menu options to a caller. The method comprises the steps of obtaining a script to present to the caller, the script including the one or more menu options; permuting one or more characteristics of at least one of the one or more menu options; and presenting the permuted menu to the caller. The permutation may comprise, for example, adding one or more additional menu options to the menu; varying a selection number associated with the at least one menu option; varying an order of at least a plurality of the menu options; or varying a wording or pronunciation of one or more menu options.
摘要:
Methods and apparatus are provided for defending against telephone-based robotic attacks. An interactive voice response method is disclosed, comprising the steps of obtaining a script to present to a caller, the script including at least one menu option having at least one personal code; generating a random number for the personal code; and presenting the at least one menu option with the generated random number to the caller. The step of generating a random number for the personal code is optionally responsive to receipt of the call. The method is optionally performed only if one or more predefined criteria defining an attack are satisfied. The disclosed IVR system can optionally monitor the caller response to determine whether the caller enters the generated random number.
摘要:
Systems and methods for constructing and maintaining a peer-to-peer overlay graph are disclosed herein. The systems and methods include adding a node to the overlay graph. Adding the node includes choosing an edge that is not connected to the node, breaking the edge and connecting the node to broken edge nodes previously connected to the edge. The process is repeating if additional connections are need and node addition data is stored for the node.
摘要:
A query directed password scheme is disclosed that employs attack-resistant questions having answers that generally cannot be correlated with the user using online searching techniques, such as user opinions, trivial facts, or indirect facts. During an enrollment phase, the user is presented with a pool of questions from which the user must select a subset of such questions to answer. Information extraction techniques optionally ensure that the selected questions and answers cannot be correlated with the user. A security weight can optionally be assigned to each selected question. The selected questions should optionally meet predefined criteria for topic distribution. During a verification phase, the user is challenged with a random subset of the questions that the user has previously answered and answers these questions until a level of security for a given application is exceeded as measured by the number of correct questions out of the number of questions asked. Security may be further improved by combining the query directed password protocol with one or more additional factors such as Caller ID that assure that the questions are likely asked only to the registered user.