Inventors list

Assignees list

Classification tree browser

Top 100 Inventors

Top 100 Assignees


By authorizing user

Subclass of:

726 - Information security

726026000 - PREVENTION OF UNAUTHORIZED USE OF DATA INCLUDING PREVENTION OF PIRACY, PRIVACY VIOLATIONS, OR UNAUTHORIZED DATA MODIFICATION

726027000 - Access control

Patent class list (only not empty are listed)

Deeper subclasses:

Entries
DocumentTitleDate
20130031641ADVANCED AUDIO CAPTCHA - A CAPTCHA challenge tool for determining if a user of a computer is a human or an automated program. The tool presents to the user a set of audio clips. At least a portion of the set of audio clips suggests a chronological sequence when organized correctly. The tool receives a suggested order from the user of the computer. If the suggested order matches the correct order, the tool assumes that the user is a human, if the suggested order does not match the correct order, the tool assumes the user is an automated program.01-31-2013
20130031640ADVANCED CAPTCHA USING IMAGES IN SEQUENCE - A CAPTCHA challenge tool for determining if a user of a computer is a human or an automated program. The tool presents a set of images. At least a portion of the set of images suggests a chronological sequence when organized correctly. The tool receives a suggested order from the user of the computer. If the suggested order matches the correct order, the tool assumes that the user is a human, if the suggested order does not match the correct order, the tool assumes the user is an automated program.01-31-2013
20130031639SYSTEM AND METHOD FOR EXECUTING WEB SERVICES - The subject embodiments provide a method such as a web service method. The method is used to execute two or more web services that have respective web user interfaces, and are operationally independent of each other. The method comprises: (i) executing the two or more web services under manual operation of a user; (ii) recording a script based on activities of the user in the execution; (iii) securing the recorded script; and (iv) executing the two or more web services by playing said secured script without individually executing them. The method is user friendly; highly customizable; and safe with respect to document retrieval and submission.01-31-2013
20100050273METHODS FOR PRE-POPULATING LOCAL URL RATING CACHE - A method and apparatus for improving the system response time when URL filtering is employed to provide security for web access. The method involves gathering the attributes of the user, and pre-populating a local URL-rating cache with URLs and corresponding ratings associated with analogous attributes from a URL cache database. Thus, the cache hit rate is higher with a pre-populated local URL rating cache, and the system response time is also improved.02-25-2010
20100050272METHOD AND APPARATUS FOR HIERARCHICAL ASSIGNMENT OF RIGHTS TO DOCUMENTS AND DOCUMENTS HAVING SUCH RIGHTS - A system and method for distribution of digital works in a tree-like structure of devices. A hierarchical right may include a first usage right governing a use for the digital work and a first delegation right governing distribution of the digital work to child nodes of the tree-like structure. A second usage right and/or a second delegation right may be generated based on the hierarchical right, the second usage right governing a use for the digital work and the second delegation right governing distribution of the digital work to child nodes of a first child node of the tree-like structure. The second usage right and/or the second delegation right may be assigned to a version of the digital work, and the second usage right and/or the second delegation right and the version of the digital work may be forwarded to the first child node.02-25-2010
20130212702Apparatus and Method for Data Security on Mobile Devices - A mobile device includes a lock screen configured to prevent unauthorized or inadvertent access to the mobile device by limiting access to the mobile device while displaying through the lock screen applications available on the mobile device.08-15-2013
20130212705SYSTEM AND METHOD OF GENERATING A PER SALE WATERMARKING ON DIGITAL FILES - A system, method and computer readable media provided for watermarking a digital file. The method comprises altering samples of the digital file available for distribution upon request by adding a number such as +or a −1 to each sample of the digital file according to a probability value and compressing the digital file with the altered samples. Altering the sample of the digital file may be done on a per distribution or per sale basis.08-15-2013
20110203005SOFTWARE DISTRIBUTION METHOD, INFORMATION PROCESSING APPARATUS, AND SOFTWARE DISTRIBUTION SYSTEM - A distribution server acquires authentication information acquired from an IC card reader of an MFP and authenticated by an authentication server, and generates an installer for software which allows addition of the authentication information to transmission data of a client PC and transmission of the transmission data such that the acquired authentication information and an installer for a device driver of an image formation section of the MFP are included in the installer. Subsequently, the distribution server distributes the generated installer to a user to be authenticated using the authentication information.08-18-2011
20110203004Method and System for Electronic Publishing and Distribution of Printed Sheet Music - Described are methods and systems, including computer program products, for distributing printed sheet music. The method includes storing a set of one or more digital-print files and a set of one or more digital-audio files in a computer-readable storage medium on a back-end server. Each digital-print file includes sheet music information associated with one of the digital-audio files. Each, digital-print file and digital-audio file is associated with one or more audio identifiers. An application programming interface (API) is provided for client systems remote from the back-end server to retrieve a list of the set of one or more digital-print files and to preview the digital-audio and digital-print files. A purchase order is received for the first digital-print file from the remote client system using the API. A digital watermark is inserted into the first digital-print file. The watermarked digital-print file is transmitted to the remote client system.08-18-2011
20120246741Universal Medical Records Processing System - A medical records collection and processing system to provide an efficient, scalable, and accurate process for collecting, analyzing, and delivering medical records or analysis of medical records to a client. The collection system allows for user configured projects. The processing system allows the user to securely deliver the requested documents to the collection system or any other system electronically without compromising security and efficiency. With the Universal Medical Records Processing System, a format, system and platform-independent, almost unlimited reach for the request and processing of responses for medical records is accomplished. The invention dramatically increases the efficiency and security of medical records processing while dramatically lowering costs.09-27-2012
20120246739INFORMATION PRIVACY SYSTEM AND METHOD - The subject disclosure relates to systems and methods for providing privacy for information. In one non-limiting embodiment, a system includes an environment monitoring component configured to monitor an aspect of an environment; and a privacy component configured to: determine whether factors associated with the environment are triggered; and obscure access or provide access to data or a program associated with the factors based on determining that the factors are triggered. Factors can be based on the time and the location or network connectivity of a device associated with the system, the detected presence or absence of an authorized person other than the user logged into the device or the privacy state of the user logged into the device. Motion detectors, cameras, biometric sensors and other devices can be employed in the determination of whether to provide or obscure access to the information.09-27-2012
20100115627APPARATUS AND METHOD FOR PROTECTING MEDIA CONTENT RIGHTS - A system that incorporates teachings of the present disclosure may include, for example, a server having a controller to maintain content rights parameters associated with media content and a user where the content rights parameters include limits to distribution of the media content to a plurality of communication devices associated with the user and where a portion of the plurality of communication devices use different communication protocols from another portion of the plurality of communication devices, monitor for access to the media content by one communication device of the plurality of communication devices of the user, and obtain rights control data that is adapted to allow for presentation of the media content by the one communication device of the user where the rights control data is generated based on the content rights parameters. Other embodiments are disclosed.05-06-2010
20130086696Method and Apparatus for Controlling Access to a Resource in a Computer Device - A computer device and method are described for controlling access to a resource. An execution environment executes a user process with access privileges according to a user security context. A security unit controls access to resources according to the user security context, with the user process making system calls to the security unit. A proxy hook module embedded within the user process intercepts the system call and generates a proxy resource access request. A proxy service module in a privileged security context validates the proxy resource access request from the proxy hook module and, if validated, obtains and returns a resource handle that permits access to the desired resource by the user process.04-04-2013
20130086695METHOD AND SYSTEM FOR REMOTE ACCESS TO DATA STORED ON A HOST SYSTEM - A method and system for remote access to data stored on a host system from a remote system via a data link, a method and system for storing validation password data on a pair of connected first and second modules, and a method and system for verifying the identity of a first module removed from a pair of initially connected and associated first and second modules.04-04-2013
20130086694VIRTUAL FEDERATION OF REMOTE PORTALS - Embodiments of the invention provide systems and methods for providing a virtual federation of remote portals. According to one embodiment, providing a virtual federation of remote portals can comprise defining, by a portal system, a configuration of a virtual federation of a plurality of nodes. For example, each node can comprise an application server executing a different enterprise application and maintaining application content for the enterprise application in a separate database. The portal system can also define access control information for a user of the portal system. Each node of the virtual federation can similarly define access control information for the user. The system can then provide access to the application content of the nodes at runtime based on the configuration of the virtual federation and the access control information for the user defined by the portal system and the access control information for the user defined by the nodes.04-04-2013
20130086693CLASSIFICATION-BASED DIGITAL RIGHTS MANAGEMENT - The present subject matter relates to a device for digital rights management. The device includes a classification module that assigns a classification tag to a document. The classification tag is selected from a predefined classification scheme. Further, the device includes an access control module that checks a lock status of the document at a predefined time interval. The predefined time interval depends on the classification tag of the document. Further, the access control module locks the document based on the lock status.04-04-2013
20130081146APPARATUS, SYSTEM, AND METHOD OF CONTROLLING ELECTRONIC DATA AND RECORDING MEDIUM STORING DATA CONTROL PROGRAM - A data control apparatus, a data control system, a data control method, and a data control program stored in a recording medium, are provided each of which allows a user to obtain electronic data stored in a storage apparatus in a data format compatible with a specific apparatus currently operated by the user or specific application of the electronic data that may be requested by the specific apparatus.03-28-2013
20130036478Identifying and Redacting Privileged Information - Systems and methods for identifying and redacting privileged information automatically in electronic discovery documents such as emails are disclosed. In reviewing documents for discovery review, some documents have both privileged and non-privileged information. Significant cost savings are achieved in conducting electronic discovery by automatically identifying and redacting privileged content while preserving non-privileged information for production.02-07-2013
20130042327GUIDED IMPLICIT AUTHENTICATION - Embodiments of the present disclosure provide a method and system for guided implicit authentication. The system first receives a request to access the controlled resource from a user. The system then determines whether the user request is inconsistent with regular user behavior by calculating a user behavior measure derived from historical contextual data of past user events. Next, the system allows the user to provide information associated with regular user behavior and/or current contextual data. The system further updates the user behavior measure based on current contextual data.02-14-2013
20130042326Mobile-Device User Authentication - In one embodiment, receiving a notice from a first user associated with a first mobile device indicating that the first user wishes to share information of the first user with one or more second users respectively associated with one or more second mobile devices; accessing information known about one or more users and one or more mobile devices respectively associated with the one or more users; identifying at least one candidate for the first user based on the information known about the one or more users and the one or more mobile devices; and confirming one or more of the at least one candidate as the one or more second users.02-14-2013
20130042328Enforcing single stream per sign-on from a content delivery network (CDN) media server - An apparatus for enforcing a media stream delivery restriction uses a stream control service (SCS). The SCS is implemented in a distributed network, such as a CDN, in which a given media stream is delivered to authorized end users from multiple delivery servers, but where an authorized end user is associated with a single log-in identifier that is not intended to be shared with other end users. According to the method, an enforcement server of the SCS identifies first and second copies of the given media stream associated with the single log-in identifier being delivered from multiple delivery servers. It then issues message to terminate delivery of the given media stream from at least one of the multiple delivery servers.02-14-2013
20100043080Methods and Systems Involving Survey Administration - A method includes authorizing a user to participate in a survey, generating a key associated with a user identifier and a survey identifier, sending the key to a user terminal, directing the user terminal to a survey uniform resource locator (URL), connecting communicatively with the user terminal via a second URL, determining whether the second URL designates the survey as completed, retrieving the encrypted key from the user terminal responsive to determining that the second URL designates the survey as completed, and updating the status of the survey in a memory responsive to verifying the integrity of the encrypted key.02-18-2010
20100043079CODE SECURING FOR A PERSONAL ENTITY - A system secures a personal code for a user of a personal entity containing data and associated with a code processing entity. The personal entity establishes a graphical representation of characters that may be modified for each data request. The representation is associated with first coordinates of characters of the personal code and transmitted to the code processing entity. The code processing entity displays the representation so that the user selects therefrom characters representative of the personal code, determines second coordinates of selected characters and transmits the second coordinates to the personal entity. The personal entity compares the first and second coordinates so as to transmit requested data if said coordinates match.02-18-2010
20130047266METHOD AND APPARATUS FOR TOKEN-BASED ACCESS OF RELATED RESOURCES - According to one embodiment, an apparatus may store a plurality of tokens indicating that a user is attempting to access a resource. The apparatus may determine an authorization level for the user based at least in part upon the plurality of tokens. The authorization level may indicate whether the user is authorized to access the resource. The apparatus may then determine a related resource that shares a relationship with the resource, and determine that the authorization level indicates that the user is authorized to access the related resource. The apparatus may then communicate a decision token indicating that the user is authorized to access the resource and the related resource.02-21-2013
20130047269SYSTEMS AND METHODS FOR REAL-TIME VIEWING AND MANIPULATION OF INFORMATION HOSTED ON THIRD-PARTY SYSTEMS, INCLUDING METRICS, FALSE ACKNOWLEDGEMENTS, AND AUTO-COMPLETION FOR INPUTTING INFORMATION OVER A NETWORK - Systems and methods for real-time viewing and manipulation of information hosted on third-party systems are described. The system and methods enable property managers to create, edit and delete real estate vacancy postings on multiple sites from a single account, view metrics associated with the postings, and shift the administrative burdens associated with the unreliability of third-party systems to the system itself.02-21-2013
20130047268Methods for Using Biometric Authentication Methods for Securing Files and for Providing Secure Access to Such Files by Originators and/or Authorized Others - Embodiments are directed to apparatus, methods and systems for locking data or program files and for allowing access to such files only by individuals given authorization and wherein the identity of locking or accessing individuals is provided by comparison of collected inertial information associated with providing a signature with information stored about the particular individuals. In a first embodiment two primary components work together to provide collection of inertial data (and potentially other data) and then comparing of the collected data to stored data to provide an authentication or identification assessment. The first of these components is a SigzaPen device for acquiring data while the second is a remote Signature Processing Center (“SPC”) wherein these two components are capable of communicating directly or indirectly with each other.02-21-2013
20130047267BENCHMARK MEASUREMENT FOR LEGITIMATE DUPLICATION VALIDATION - A system and method for detecting piracy of a software product that is distributed on a particular media type is described. Embodiments of the invention track a title load time of a software product that is distributed on a particular media type, and compare it against a benchmark load time for that media type. This comparison is used to detect if the title may have been illegally transferred or pirated to another, unauthorized media type.02-21-2013
20130047265Method and Apparatus for Token-Based Conditioning - According to one embodiment, an apparatus may store a plurality of tokens indicating a user is requesting access to a resource over a network. The apparatus may determine a condition associated with accessing the resource based on the plurality of tokens. The condition may be determined in addition to a determination to grant or deny access to the resource. The condition may include an obligation to be fulfilled and a message providing instruction regarding how to fulfill the obligation. The apparatus may generate a decision token representing the condition, and communicate the decision token to a resource provider to facilitate enforcement of the condition.02-21-2013
20090044283DOCUMENT MANAGEMENT APPARATUS, DOCUMENT MANAGEMENT SYSTEM AND METHOD, AND COMPUTER-READABLE MEDIUM - There is provided a apparatus including a unit that, when receiving a second document derived from a first document, registers a derivation relationship indicating that a parent of the second document is the first document; a unit that, when receiving a branching instruction in association with the second document, generates a new group and registers information indicating that the second document belongs to the new group and that, when receiving no branching instruction in association with the second document, registers information indicating that the second and the first document belong to the same group; a unit that registers an access right in association with the group; and a unit that, when receiving a request for an operation of a document from a user, based on an access right corresponding a group to which the document belongs, controls whether to allow the user to perform the operation of the document.02-12-2009
20130091587SYSTEMS AND METHODS OF IMPLEMENTING REMOTE BOUNDARY SCAN FEATURES - A system and method for remotely performing boundary scans on a circuit board, device and/or system across a network. A first computing component, connected to the network, includes a computer readable media including computer executable instructions. The instructions cause the computing component to maintain or access a library of test scan procedures for a plurality of subject circuit boards. At least one of the test scan procedure is downloaded to a second computing component proximate the circuit board, device and/or system. The second computing component and the test scan procedure are monitored and controlled remotely via the network.04-11-2013
20090307782DOCUMENT MANAGEMENT SYSTEM, DOCUMENT MANAGEMENT METHOD AND COMPUTER PROGRAM - When a shortcut of a document is generated, a user is caused to set the number of times of access to the shortcut. A shortcut identifier for identifying the shortcut is generated. The shortcut identifier and the number of times of access are registered in a shortcut management table in association with each other. Thereafter, the generated shortcut identifier and a mail address as a destination of a mail are set in the shortcut. The mail attached with the shortcut is transmitted. When the mail address set in the shortcut attached to the received mail and a mail address of the user stored in a PC that receives the mail coincide with each other, access to the document linked to the shortcut is permitted. This enables to more appropriately adjust the access to the document than in the past without changing an access right of the document itself.12-10-2009
20120192291SYSTEM AND METHOD FOR CONVEYING OBJECT LOCATION INFORMATION - An improved system and method for defining an event based upon an object location and a user-defined zone and managing the conveyance of object location event information among computing devices where object location events are defined in terms of a condition based upon a relationship between user-defined zone information and object location information. One or more location information sources are associated with an object to provide the object location information. One or more user-defined zones are defined on a map and one or more object location events are defined. The occurrence of an object location event produces object location event information that is conveyed to users based on user identification codes. Accessibility to object location information, zone information, and object location event information is based upon an object location information access code, a zone information access code, and an object location event information access code, respectively.07-26-2012
20120192290USER FILTERING IN SOCIAL NETWORKING APPLICATIONS - An apparatus and system are disclosed for filtering third-party generated content in a social network. A receive module receives, from a requesting third-party user, a request to view third-party generated content that is generated by one or more third-party users of a social network. A group module determines one or more group permissions set by a user for one or more groups. The one or more group permissions define access to the third-party generated content. A filter module filters the third-party generated content according to the one or more group permissions such that the third-party generated content is filtered prior to presentation of the third-party generated content to the requesting third-party user in response to the request.07-26-2012
20120192289ELECTRONIC INFORMATION ACCESS SYSTEM AND METHODS - An electronic information access system and associated methods. In one exemplary embodiment, the system comprises an antenna adapted to receive electromagnetic energy, the electromagnetic energy encoding first data associated with at least one person; and processing apparatus in signal communication with the antenna. The processing apparatus is configured to: access a first database containing second data relating to the one or more certain persons; analyze at least portions of the first data and the second data to determine if the at least one person is authorized to access the information; and if the at least one person is authorized access, facilitate download of the information to a personal electronic device (PED) of the at least one person.07-26-2012
20120192288ELECTRONIC DEVICE WITH FUNCTION OF SECURING DIGITAL FILES AND METHOD THEREOF - An electronic device with a function of securing digital files which includes a number of input units, a storage unit, a display unit and a processing unit. Each of the input units is assigned an identifier. The storage unit stores a predetermined identifier and a predetermined password. The processing unit includes an input unit determining module, an acquiring module, an identifier determining module, a prompt window generating module, a password determining module and a performing module. The input unit determining module determines which input unit is utilized. The acquiring module acquires the identifier of the determined input unit. The identifier determining module determines whether the acquired identifier matches the predetermined identifier. The prompt window generating module generates a prompt window. The password determining module determines whether the password input matches the predetermined password. The performing module opens the required file if the password input matches the predetermined password.07-26-2012
20120192287TEXT MESSAGE SECURITY - Systems and methods are provided for protecting text messages. A sending device inserts security information in a text message, and sends the text message to a receiving device. The receiving device detects an attempt by an end user to access the text message. When this occurs, the receiving device parses the text message to identify the security information inserted in the text message, and controls access to the text message by the end user based on the security information.07-26-2012
20130167249CUSTOMER SUPPORT ACCOUNT WITH RESTRICTED PATIENT DATA ACCESS - A method for accessing a user's account by customer support without viewing the user's private data includes receiving, in an application module communicating with a web service, a request for authentication by a support person using a linked user-support login name. The method includes authenticating the user, authenticating the support person and retrieving a current session of the user as viewed by the user on an electronic screen of a processing device of the user. The method further includes dynamically redacting private data of the user from the user session to create a redacted user session, and delivering the redacted user session for display in an electronic screen of a processing device of the support person.06-27-2013
20130074197RIGHTS MANAGED DISTRIBUTABLE SOFTWARE - A method of distributing rights-managed software makes use of binary portable application components and associated rights components. The application component includes un-encrypted execution code which causes the application component to execute in a restricted mode if either the rights component is missing or if the rights component determines that the relevant licensing conditions are not satisfied. Such an approach allows application components such as games for mobile phones to be distributed freely between users, and to be available for immediate use in a restricted mode without any need for the recipient to contact the rights issuer.03-21-2013
20130074196Signature Methods For Scientific Data Information Systems - A computer-implemented method that includes providing an authorized user with an option to define one more levels of a signature method, and providing the authorized user with an option to assign at least one user whose signature is required for each of the defined levels.03-21-2013
20130074195METHODS AND SYSTEMS FOR INCREASING THE SECURITY OF ELECTRONIC MESSAGES - A method for accessing e-mail messages from a control system includes requesting access to e-mail message contents of a user stored in the control system, determining whether the user is enrolled in and activated by the control system, and authenticating the user when the user is enrolled in and activated by the control system. Moreover, the method includes permitting the user to view a list of e-mail messages when the user is successfully authenticated. The e-mail messages included in the list are associated with the user. Furthermore, the method includes permitting the user to access the contents of e-mail messages in the list having a security level equal to or less than a security level associated with the successful authentication.03-21-2013
20130074194METHODS AND SYSTEMS FOR INCREASING THE SECURITY OF ELECTRONIC MESSAGES - A method for generating e-mail messages with increased security includes receiving an e-mail message at a control system. The e-mail message has recipients, a security level, control attributes, and e-mail message contents. Moreover, the method includes verifying the recipients at the control system, and storing the recipients, security level, control attributes, and e-mail message contents in the control system when each of the recipients is verified. Furthermore, the method includes generating modified e-mail messages from the e-mail message, transmitting each of the modified e-mail messages to a respective recipient, and capturing authentication data from one of the recipients when the one recipient indicates a desire to view the e-mail message contents with a communications device operated by the one recipient. When the one recipient is successfully authenticated, the method includes permitting the one recipient to view the e-mail message contents in accordance with the control attributes.03-21-2013
20130074193METHODS, APPARATUSES, AND COMPUTER PROGRAM PRODUCTS FOR EXCEPTION HANDLING - Methods, apparatuses, and computer program products are provided for exception handling. A method may include detecting attempted performance of a prohibited action involving protected data. The method may further include determining based at least in part on a role associated with a user associated with the prohibited action whether the user has elevated rights permitting performance of the prohibited action. The method may additionally include permitting an exception allowing performance of the prohibited action only in an instance in which it is determined that the user does have elevated rights permitting performance of the prohibited action. The method may also include prohibiting performance of the prohibited action in an instance in which it is determined that the user does not have elevated rights permitting performance of the prohibited action. Corresponding apparatuses and computer program products are also provided.03-21-2013
20130061335Method, Apparatus, Computer Readable Media for a Storage Virtualization Middleware System - A method stored on a computer useable medium for sharing digital assets. The method includes a virtual workspace containing links to multiple digital assets, the digital assets being stored on one or more secondary storage mediums. The method involves displaying at least some of the links to the digital assets in the workspace for an individual to access; receiving a request from the individual to access one of the digital assets in the workspace; retrieving a storage connector stored on the first storage medium, the storage connector being specifically associated with the digital asset; using the storage connector to translate the request to access from the individual to a request to access associated with the digital asset; and accessing the actual digital asset in response to the individual's request. A system and product are also disclosed for use with the method.03-07-2013
20130061334METHOD AND SYSTEM FOR FILTERING UNAUTHORIZED ELECTRONIC MAIL MESSAGES - A computer system and method for filtering unauthorized electronic mail messages that are sent by senders to a user. In one embodiment, the system includes a list of the identifications of the senders who are authorized to send an electronic mail message to the user. When an electronic mail message is received, the system determines whether the identification of sender in the electronic mail message is in the list of the identifications of the senders who are authorized. When the sender of the electronic mail message is determined to be authorized, the system stores the electronic mail message in a designated folder. When the sender of the electronic mail message is determined to be not authorized, the system stores the electronic mail message in a folder other than the designated folder.03-07-2013
20110067114METHODS AND APPARATUS FOR A CONFIGURABLE PROTECTION ARCHITECTURE FOR ON-CHIP SYSTEMS - Various methods and apparatuses of protection mechanism are described. A target intellectual property block may field and service requests from an initiator intellectual property block in a system-on-chip network. The target intellectual property block has an associated protection mechanism with logic configured to restrict access for the requests to the target intellectual property block. The request's access is restricted based on access permissions associated with a region within the target intellectual property block and attributes of the request trying to access that region.03-17-2011
20130061333Computational systems and methods for verifying personal information during transactions - Methods, apparatuses, computer program products, devices and systems are described that carry out accessing at least one persona that includes a unique identifier that is at least partly based on a first user's device-identifier data and the first user's network-participation data; verifying the persona by comparing the first user's device-identifier data and the first user's network-participation data of the unique identifier to a second user's device-identifier data and the second user's network-participation data; and presenting the persona in response to a request for personal information.03-07-2013
20130061332Computational systems and methods for verifying personal information during transactions - Methods, apparatuses, computer program products, devices and systems are described that carry out accessing at least one persona that includes a unique identifier that is at least partly based on a first user's device-identifier data and the first user's network-participation data; verifying the persona by comparing the first user's device-identifier data and the first user's network-participation data of the unique identifier to a second user's device-identifier data and the second user's network-participation data; and presenting the persona in response to a request for personal information.03-07-2013
20130061331Assigning Access Rights in Enterprise Digital Rights Management Systems - The present subject matter relates to assigning access rights in enterprise digital rights management (eDRM) systems. In one embodiment, a method includes receiving, by an enterprise digital rights management (eDRM) device, user data corresponding to a plurality of users. Further, the method includes creating a user group based on the user data. The user group, thus created, is sent for storage in a repository associated with an eDRM server, enabling the user group to be accessible by a plurality of eDRM devices.03-07-2013
20090271872MANAGING ELECTRONIC DATA WITH IDENTIFICATION DATA - An improved approach for managing and sending electronic data which allows one to access electronic data corresponding to a hardcopy document is provided. For example, when the hardcopy bearing a visible image is output, an identification image corresponding to identification data identifying the document is added to the visible image. The identification data can be recognized from the identification image, and used to retrieve various information in a database corresponding to the document.10-29-2009
20090271871INTELLIGENT UPLOADED CONTENT PLACEMENT - Described herein is technology for, among other things, storing content (e.g., files) on a content storage system (e.g., online storage website). It involves various techniques for intelligently placing content in a hierarchy (e.g., folders) within the content storage system. Such intelligent placement of files facilitates easy use of the content storage system and speeds the upload process for users (e.g., via a single click). Therefore, the technology simplifies the uploading of files to an online file system.10-29-2009
20090055937System, Method and Machine-Readable Medium for Periodic Software Licensing - A system and method for periodically licensing a software having a server configured to receive a first request code for a term extension of a software license, the request code being initiated by a user of an application unit, the term extension allows the software to operate within a predetermined period of time, provide advertising information to the application unit, and provide the term extension for the software license.02-26-2009
20090055936METHOD AND SYSTEM FOR THE USER-SPECIFIC INITIALIZATION OF IDENTIFICATION DEVICES IN THE FIELD - The invention relates to a method and system for the user-specific initialization of identification devices in the field, particularly on-board units in road toll systems, based on a central facility, whereby each identification device, when delivered, has a unique device identification to which, in the central facility, a unique user identification is assigned, and in the central facility, an initialization PIN is generated from the device identification and from the user identification and is transmitted to the identification device from which the identification device, based on its device identification, computes the user identification for the user-specific initialization.02-26-2009
20120117662FILE SYSTEM OPERATION AND DIGITAL RIGHTS MANAGEMENT (DRM) - A file system is configured for use with files protected by digital rights management (DRM) content controls and to interact both with applications that are, and are not, DRM aware. The file system may be configured for use by two applications, in a manner that may provide the second application with protected files if the first application was previously allowed access. In one example, a user context cache of DRM-protected files is created. The files in the cache may have been decrypted in response to a request(s) from the first application. Subsequent requests from the second application may be received for files within the user context cache of DRM-protected files. At least one of the files within the user context cache of DRM-protected files may be provided to the second application if the second application has a joint user context with the first application.05-10-2012
20120117660ACCESS CONTROL FOR SERVER APPLICATIONS - A method, system, and computer program product for access control for a server application provided between a server executing an application and a client. Access control is added to an existing server application (for example, a legacy application) without changing the application or the database. The method includes: capturing a screen from the server application; determining if the screen includes sensitive content; and checking a client user's authorization before sending a screen including sensitive content to the client. Determining if the screen includes sensitive content may include: carrying out text recognition on the screen content; and analyzing the output of the text recognition to identify sensitive content.05-10-2012
20130067596DETECTION FILTER - A detection filter installed in an application server including a secure application is disclosed. In one embodiment, the filter includes a rules engine for receiving request data representing an access request for the secure application from a user. The engine applies at least one risk condition rule to the request data to generate a risk probability level, and detects at least one fraud condition when the risk probability level exceeds a threshold level, before passing the access request to the secure application.03-14-2013
20130067597SYSTEM FOR CONTROLLING ACCESS TO USER RESOURCES AND METHOD THEREOF - A system for controlling access to user resources and a method thereof are provided. The system includes a client device and a server. The client device receives an input of access regulations, which define an access level and access agent for first-user resources, from a first user, and transmits the received access regulations to the server. When a second user has access to the user resources, the server controls the access in compliance with the access regulations.03-14-2013
20130067595Data Isolation Service for Data and Information Sharing - A Data Isolation Service for data, information, and knowledge sharing giving organizations using any type of software solution the ability to provide the public with certain public declassified information using a public facing instance of the same software solution. The Data Isolation Service allows for sensitive data to remain secure using a hybrid data storage model. This hybrid model allows for all data to remain secure without the risk that the private data becomes compromised when sharing public data. The Data Isolation Service can be used with any software technology and application system. The Data Isolation Service is a technology service that keeps private and public data partitioned allowing for the transport of public declassified data from within the organization or private database to a public database for public use, then allowing the public declassified data to re-enter the private database for internal organization use.03-14-2013
20130067594Shared Item Account Selection - Techniques for sharing of items from online storage (e.g., cloud storage) are described herein. In at least some embodiments, sharing links can be configured as one-time sharing links that provide recipients with limited, one-time access to a shared item for the purpose of selecting or registering an account to use for subsequent access to the item. Recipients are able to select accounts they find most convenient for accessing a shared item without the owner/sharer of the item necessarily having contact information for those accounts or sending a link to the accounts. Selection of a one-time link initiates an authentication sequence that selectively provides an option to select a particular account. Once the one-time sharing link is redeemed, the one-time sharing link is invalidated for subsequent access to the item.03-14-2013
20110023130Smart Battery System and Methods of Use - A battery pack including a housing; at least one battery cell associated with the housing; at least one memory element associated with the housing; at least one electrical connection associated with the housing for supplying power from the battery cell to the electronic device; and at least one communication interface associated with the housing for receiving data from the electronic device for storage in the memory element and/or for sending data from the memory element to the electronic device can be used for powering electronic devices. The battery pack may be used to increase the efficiency of employment of the electronic devices by storing the data generated by the electronic devices allowing the devices to be immediately redeployed by replacing the battery packs, the data being available for downloading from the battery pack. The battery packs may also be useful in advertising and software distribution systems.01-27-2011
20090235364Media markup for promotional content alteration - A classification method and system for possible content alteration of a media work may include criteria regarding content that is feasible for alteration. Such criteria may be maintained in records that are accessible to an interested party. Some embodiments may include a record of primary authorization rights applicable to a possible content alteration. A further embodiment feature may include a record of secondary authorization rights applicable to substitute altered content incorporated in a derivative version. Various exemplary identifier markup schemes indicative of a location or category of an alterable media content component may be implemented for audio, visual, and audio/video alterable content.09-17-2009
20090007279Rights enforcement of unencrypted content - In accordance with one or more aspects of the rights enforcement of unencrypted content, a nameplate associated with unencrypted content is generated. The nameplate includes an identifier of the unencrypted content and an identifier of an authorized user of the unencrypted content. The nameplate is sent to a device of the authorized user for rights enforcement of the unencrypted content on the device. In accordance with one or more other aspects of the rights enforcement of unencrypted content, a nameplate for unencrypted content to be played back on a device is obtained. The nameplate includes an identifier of the unencrypted content and an identifier of an authorized user of the unencrypted content. The device presents, during playback of the unencrypted content on the device, the identifier of the authorized user of the unencrypted content.01-01-2009
20130167251METHOD OF USING MEMORY INSTRUCTION INCLUDING PARAMETER TO AFFECT OPERATING CONDITION OF MEMORY - Subject matter disclosed herein relates to techniques to use a memory device. A method includes receiving a memory instruction comprising at least one parameter representative of at least one threshold voltage value and a read command to read at least one cell of the memory device. The method further includes detecting at least one voltage value from the at least one cell. The method further includes comparing the at least one voltage value to the at least one threshold voltage value. The method further includes determining at least one logical value of the at least one cell in response to the comparison of the at least one voltage value to the at least one threshold voltage value.06-27-2013
20110321176AUTHORITY TRANSFER SYSTEM, AUTHORITY TRANSFER METHOD, INFORMATION PROCESSING APPARATUS, AND RECORDING MEDIUM - To prevent a transfer of an authority from being useless as much as possible, an authority transfer unit includes a decision unit for making a decision that an authority of a user with respect to a management unit is transferred to a processing request unit.12-29-2011
20110321175MONITORING AND REPORTING OF DATA ACCESS BEHAVIOR OF AUTHORIZED DATABASE USERS - A computer-implemented system and method of monitoring data access activity of a user of a system is presented here. The method maintains a respective score for each of a plurality of monitored data access events, resulting in a set of scores for the user. The method continues by monitoring behavior of the user to detect occurrences of the monitored data access events, and updating the set of scores in response to detected occurrences of the monitored data access events. The method initiates an appropriate course of action when the updated set of scores is indicative of unauthorized, suspicious, or illegitimate data access activity.12-29-2011
20130167250Application Security Framework - In accordance with the teaching described herein, systems and methods are provided for providing secure access to a software application on a computing device. The software application may include a security framework having a set of predetermined security requirements. Prior to enabling access to the software application by a user, the computing device may, (i) verify installation of a device security configuration profile on the computing device, wherein the device security configuration profile certifies that the software application includes the set of predetermined security requirements, (ii) receive identifying information from the user via a user interface, (iii) verify the identifying information with an authentication server, and (iv) based on a successful verification of the identifying information, receive and store a security token. Access to the software application on the computing device may be provided for a specified period identified by the security token.06-27-2013
20120204271METHOD AND APPARATUS FOR CONTROLLING ACCESS RESTRICTIONS FOR MEDIA PLAYBACK - A method and apparatus for controlling access restrictions for media resource playback may include defining a user-specific content control profile authorizing one or more classes of content to be delivered to a client device, generating a media resource request identifying a first media resource associated with a first class of content and one or more attributes of the content control profile, determining whether the first class of content has been authorized for delivery to the client device based at least in part upon the one or more attributes of the content control profile, and delivering the first media resource to the client device if the first class of content has been authorized for delivery to the client device.08-09-2012
20110283364COMMUNICATION METHOD, DISPLAY APPARATUS, MODERATOR TERMINAL APPARATUS, USER TERMINAL APPARATUS, AND MULTI-USER COMMUNICATION SYSTEM INCLUDING THE SAME - In a multi-user communication system in which communication is carried out between a display apparatus and multiple information terminal apparatuses (a moderator terminal apparatus and a user terminal apparatus) over a network, the moderator terminal apparatus sends, to the display apparatus, a data ID (ID information) for identifying data to be displayed in a display unit of the display apparatus, user information indicating a user that is an owner of that data, and access rights information that is set for each user using the information terminal apparatuses and that indicates whether or not the generation and changing of that data is permitted. The display apparatus displays the data identified by the data ID (ID information) in the display unit based on the user information and the access rights information.11-17-2011
20110283365METHOD FOR USER PRIVACY PROTECTION - A system for generation of processed data for use in third party relationship monitoring is described. The system includes a communications system providing services to subscribing users. The communications system includes a rules database for storing rules, a data mining agent for mining and storing data relating to subscribing users, a content generator for generating protected user-related data from the mined data and communicating said user-related data over an interface, and a rights object generator for generating a usage rights object in response to the rules stored in the rules database and communicating said usage rights object over the interface. A tamper proof processing arrangement is connected to the interface. The tamper proof processing arrangement receives the user-related data and usage rights object from the communications system and processes the user-related data under control of the usage rights object. A signal output generator generates an output signal representative of processed data received from the processing arrangement.11-17-2011
20110302661System & Method for Distributing Digital Assets Across a Network - Digital media assets are distributed through the use of identification data. A rights-holder server is adapted to introduce a digital asset which is associated with a set of distribution rules. The digital assets are stored on host servers and a management server tracks transfers of the digital asset over the network.12-08-2011
20110302660METHOD AND APPARATUS FOR SECURING DIGITAL DEVICES WITH LOCKING CLOCK MECHANISM - A mechanism to secure a synchronous digital device such as a Mobile Device is provided. Using the clocking mechanisms of the synchronous digital designs, the invention enables mechanisms to secure Mobile devices. When a potential security breach is detected, blocking the clock will disable the Mobile Device. The invention also contemplates mechanisms to re-enable the Mobile Device when the security risk from the block condition is resolved. The invention further contemplates mechanisms to secure the enterprise information technology system from the hacked or stolen Mobile Devices.12-08-2011
20110289598Blocking of Unlicensed Audio Content in Video Files on a Video Hosting Website - A system, method and various software tools enable a video hosting website to automatically identified unlicensed audio content in video files uploaded by users, and initiate a process by which the user can replace the unlicensed content with licensed audio content. An audio replacement tool is provided that enables the user to permanently mute the original, unlicensed audio content of a video file, or select a licensed audio file from a collection of licensed audio, and insert the selected in place of the original audio. Where a video file includes unlicensed audio, the video hosting website provides access to video files to a client device, along with an indication to the client device to mute the audio during playback of the video.11-24-2011
20110289597Method and Apparatus for Remediating Unauthorized Sharing of Account Access to Online Resources - A number of effective alternatives for discouraging unauthorized online-resource sharing are discussed. An anti-sharing strategy can be built by applying one or more of the alternatives in response to possible, strongly-suspected or virtually certain unauthorized sharing.11-24-2011
20100275269Procedure for the preparation and performing of a post issuance process on a secure element - A method for enabling post issuance operation on a secure element connectable to a communication device is disclosed. The method allows an SE controlling party to perform remotely operations such as creation of new security domains for an external party, loading, and installation of applications of an external party and management functions including personalization and activation of applications loaded on the SE for an external party. The method includes the steps of: 10-28-2010
20090151006GROUP REGISTRATION DEVICE, GROUP REGISTRATION RELEASE DEVICE, GROUP REGISTRATION METHOD, LICENSE ACQUISITION DEVICE, LICENSE ACQUISITION METHOD, TIME SETTING DEVICE, AND TIME SETTING METHOD - There is provided a group registration device or the like which is capable of simplifying registration processing to readily perform group registration while retaining secure registration processing.06-11-2009
20090183264SYSTEM AND METHOD FOR PROTECTING CONTENT IN A WIRELESS NETWORK - A method of providing access to content within a user device is disclosed and may include determining a location of the content, determining whether the content is within an allowed region, and selectively prompting a user to purchase a license to access the content. In a particular aspect, the user may be prompted to purchase the license to the access the content when the content is not within an allowed region. If the license is purchased, the user may be allowed to access the content. The license may be an unlimited license, a limited license, or a transfer license.07-16-2009
20100169982LICENSE MANAGEMENT APPARATUS, LICENSE MANAGEMENT METHOD, AND COMPUTER READABLE MEDIUM - A license management apparatus includes: a license information storage; a reproduced user information storage; an invalidation information storage; a compare unit; an update unit; and a setting unit.07-01-2010
20130219516SECURE CONTENT TRANSFER USING DYNAMICALLY GENERATED OPTICAL MACHINE READABLE CODES - Technologies are generally described for peer-to-peer or peer-to-server-to-peer communication systems based on mobile devices, servers, and personal computers, which utilize proximity communication and optical codes such as two-dimensional barcodes, in order to securely initiate and authorize digital data, file, and multimedia transfers, as well as digital financial transactions.08-22-2013
20130219517PARENT-CHILD GUIDANCE SUPPORT FOR SOCIAL NETWORKS - The present disclosure relates to parent-child guidance support for social networks. A method for providing controlled access to an online resource via a child account comprises (a) when said child account is registered for said online resource, providing access to said online resource via said child account, and at least one of the following steps: (b) in response to a user request via said child account, registering said child account for said online resource only when an age specification of the child account is higher than an average age specification of user accounts currently registered for said online resource, and (c) when registering said child account for access to said online resource in response to a user request via said child account, also registering at least one parent account associated with said child account for said online resource.08-22-2013
20110219459SYSTEM AND METHOD FOR SECURING INPUT SIGNALS WHEN USING TOUCH-SCREENS AND OTHER INPUT INTERFACES - A system and method for securing input signals when using input interfaces such as touch-screens and other input interfaces that are suitable for handheld, mobile, computing and other devices, by generating fake signals. In accordance with an embodiment, the technique can be used to protect input signals from, e.g. a touch-screen keyboard, and make it more difficult for malicious software applications to intercept and understand such input signals. The technique can also be implemented without requiring significant changes to the underlying operating system (OS) or graphical user interface (GUI). In accordance with an embodiment, a security enhancer or security enhancing application injects fake signals into the OS/GUI input signals queue. The security enhancer or security enhancing application is also associated with a communication channel that allows it to establish a cryptographic signature or key with authorized or sensitive application receivers that are authorized to receive the input signals. The fake signals can later be removed from the input signal stream only by the authorized receivers of the input signals. Unauthorized application listeners may be able to intercept a signal, but are unable to determine the original input.09-08-2011
20100115628DIGITAL RIGHTS MANAGEMENT SCHEME FOR AN ON-DEMAND DISTRIBUTED STREAMING SYSTEM - A DRM scheme that may be optionally invoked by the owner. With the DRM protection turned on, the media is encrypted before it is distributed in a P2P network, and is decrypted prior to its use (play back). The peers may still efficiently distribute and serve without authorization from the owner. Nevertheless, when the media is used (played back), the client node must seek proper authorization from the owner. The invention further provides a hierarchical DRM scheme wherein each packet of the media is associated with a different protection level. In the hierarchical DRM scheme of the invention there is usually an order of the protection level. As a result, in one embodiment of the invention, the decryption key of a lower protection layer is the hash of the decryption key at the higher protection level. That way, a user granted access to the high protection layer may simply hold a single license of that layer, and obtain decryption keys of that layer and below. The invention further provides for a process for managing digital rights to a scalable media file wherein a different encryption/decryption key is used to encrypt each truncatable media packet with a base layer without requiring additional storage space to store the key.05-06-2010
20100100968IMAGE PROCESSING APPARATUS - An image processing apparatus includes an input receiving unit for receiving an input of identification information to identify a user; a storage unit for storing the identification information and usage authority of the user with respect to a function of the image processing apparatus; a control information storage unit for storing unregistered user control information for allowing an unregistered user with usage authority not registered in the storage unit to use a minimum function of the image processing apparatus; a determining unit for searching the storage unit according to the identification information and determining whether the identification information is registered; and a control unit for controlling to allow the unregistered user to use the minimum function according to the unregistered user control information when the determining unit determines that the identification information is not registered in the storage unit.04-22-2010
20090064345INFORMATION MANAGEMENT APPARATUS, INFORMATION MANAGEMENT SYSTEM AND COMPUTER READABLE MEDIUM - An information management apparatus includes: a registration unit that registers electronic information in association with access right information representing whether a user has an access right; a condition storage that stores a condition for prohibiting an access to the electronic information registered by the registration unit on the basis of an administrator's right for the apparatus; a determination unit that determines whether the changed access right information satisfies the condition stored in the condition storage; a transmission unit that transmits the electronic information to a predetermined transmission destination in a case where the determination unit determines that the access right information of the electronic information satisfies the condition; and a deletion unit that deletes the electronic information stored in a transmission source after the electronic information is transmitted by the transmission unit.03-05-2009
20100005532Software Usage Controlled by CPU Utilization - A data processing apparatus has a data processor manager that checks and updates the credit account that is associated with the usage of a software application at the apparatus. The processor manager determines whether or not to proceed with execution of the software application dependent on the number of processor cycles left in the credit account. If the number of processor cycles in the account falls below a predetermined threshold, the software application is barred from being executed further. The user then can replenish the account by means of purchasing or otherwise obtaining further credits in terms of processor cycles for spending on the future execution of the software application. In this manner, a scenario is implemented for a business model based on prepaid software wherein the user pays exactly for the actual usage in terms of processor cycles.01-07-2010
20120110678Digital Rights Management (DRM) Domain Recommendation and Selection Based on a User's Social Graphs - A network server implements Digital Rights Management (DRM) techniques to limit or inhibit unauthorized access or usage of protected multimedia content, such as a video or a song. However, the server also allows a user who has purchased protected multimedia content to share that content with one or more other people based on the strength of the user's relationships with those people.05-03-2012
20090151005METHOD FOR IDENTITY THEFT PROTECTION WITH SELF-DESTRUCTING INFORMATION - A method for identity theft protection includes receiving an identity theft indicator indicating a possible loss or theft of a personal device, wherein the identity theft indicator includes at least one of a user-initiated signal, a geographic range indicator, an expired timer, a failure of a heart-beat verification, and a battery level indicator. The method further includes attempting contact of an owner of the personal device, wherein attempting contact includes at least one of transmitting a message to the owner over a telephone connection, transmitting an email to a registered email address of the owner, and transmitting a text-based message to a registered telephone number on the personal device. The method further includes protecting information stored on the personal device if attempting contact of the owner is not successful.06-11-2009
20090083860Security system for a browser-based environment - Various technologies and techniques are disclosed for enhancing security in a browser-based environment. A first browser application hosts one or more other applications. The first browser application is operable to load the one or more other applications on one or more separate domains than a host domain, using one or more cookies as a communication method between the first browser application and the one or more other applications. Input is received from a user to access a first browser application on a first domain. A selection is received from the user to run a second browser application from within the first browser application. A first cookie is created in a second domain, with the first cookie containing information to be used by the second browser application. The second browser application is loaded on the second domain. For example, the first browser application can be a browser-based software development application.03-26-2009
20080320604Controlling Program, Image Forming Apparatus and Print Controlling Method - There is described an image forming apparatus, which makes it possible to securely prevent the secret information from leaking out to unauthorized personnel. The apparatus includes: a display section to display a first document that includes secret information; an operating section to designate a concealing position in the first document and establish a disclosable range of the secret information, therefrom; a storage control section to store document data, designation positional information and disclosable range information, while correlating them with each other; an authenticating section to determine whether or not a user coincides with the disclosable range, based on identification information of the user; and a printing section to print either at least a copy of the first document, when the user coincides with the disclosable range, or copies of a second document, when the authenticating section determines that the user does not coincide with the disclosable range.12-25-2008
20080320601PROVIDING ACCESS RIGHTS TO PORTIONS OF A SOFTWARE APPLICATION - Techniques for providing access rights to different portions of a software application to one or more authorized users are described herein. An issuance license may be inserted into the software application that divides the software application into one or more portions and identifies, for each portion, one or more users that are authorized access to the portion. Each portion of the software application may then be encrypted using, for example, a different cryptographic key. When the software is executed, an end user license may then be requested that corresponds to a particular user and that entitles the particular user access to each portion of the software application that the issuance license identifies the particular user as being authorized to access. The end user license may then be used to decrypt each portion of the software application that the issuance license identifies the particular end user as being authorized to access.12-25-2008
20100088771VIRTUALIZATION OF A CENTRAL PROCESSING UNIT MEASUREMENT FACILITY - A central processing unit measurement facility is virtualized in order to support concurrent use of the facility by multiple guests executing within a virtual environment. Each guest of the environment has independent control over disablement/enablement of the facility for that guest.04-08-2010
20090255000Internet Protocol (IP) Location, Privacy and Presence - An extension to the Location Information Service (LIS) architecture uses a centralized, user-selected, Privacy Profile Register (PPR) and Presence Register (PR) element, the User Privacy and Presence Register (UPPR) (also known as the Home Register (HR)). This centralized model provides access to value added services that allow the user to be located anywhere in the world by people and services of his choosing. It also provides network elements using this location information with security that the location being provided has certification.10-08-2009
20090089884Method and system for indentifying a device implementing a digital rights management protocol - A method comprises receiving a first device ID request from user for registration of a first user device; generating a first unique identification number for the first user device; generating a first unique identification object based on a first DRM protocol, the first unique identification object including the first unique identification number; associating the user with the first user device, the first unique identification number and the first DRM protocol; receiving a second device ID request from user for registration of a second user device; generating a second unique identification number for the second user device; generating a second unique identification object based on a second DRM protocol, the second unique identification object including the second unique identification number, wherein the first DRM protocol and the second DRM protocol are incompatible; and associating the user with the second user device, the second unique identification number and the second DRM protocol.04-02-2009
20080289051INFORMATION PROCESSING APPARATUS AND SYSTEM, COMPUTER READABLE RECORDING MEDIUM, AND INFORMATION PROCESSING METHOD - An information processing apparatus includes: an authenticating unit that authenticate a user; a registering unit that reads operation setting information registered by a user who is not the authenticated user, and registers the operation setting information as the operation setting information of the authenticated user; and a controller that performs a control operation to prohibit a disclosure or registration of the operation setting information, when the operation setting information registered by the user who is not the authenticated user includes operation setting information that is prohibited from being used by the authenticated user or being disclosed to the authenticated user.11-20-2008
20090089882Methods and Apparatus for Restricting End-User Access to Content - Methods and apparatus are provided for restricting end-user access to content Access of an end-user to content is restricted by receiving a request from the end-user to access the content; identifying and authorizing user associated with the end-user; providing an authorization message to the authorizing user, wherein the authorizing user is remote from a location of the end-user; and providing the end-user with access to the content if authorized by the authorizing user. For example, the end-user can be a child and the authorizing user can be an individual responsible for the child, such as a parent or guardian. In a further variation, the end-user can be an automated recording device and authorization request is responsive to an attempt by the recording device to record the content.04-02-2009
20080209572Data Processing System, Data Processing Method, and Management Server - A technique is provided for maintaining the security of the secret data.08-28-2008
20110173705METHOD AND SYSTEM OF PROCESSING ANNOTATED MULTIMEDIA DOCUMENTS USING GRANULAR AND HIERARCHICAL PERMISSIONS - A method of processing at least one multimedia document includes determining at least one segment of the document. At least one type of permission is assigned to the at least one segment. The at least one type of permission is made available for a later use when processing the document.07-14-2011
20090282493MEHTOD AND SYSTEM FOR MANAGING ELECTRONIC MESSAGES - A computer implemented method, computer program product and a data processing system for managing electronic messages is disclosed. The contents of an electronic messages are segmented based on the recipients receiving the message and access control authorizing access to the segmented contents is provided to the segmented contents and transmitted to a list of recipients.11-12-2009
20090119783METHOD AND APPARATUS FOR MASKING CHILD USER AUTHORIZATIONS FROM ADVERSE USE AGAINST A PARENT USER - The present invention provides a computer implemented method, data processing system, and computer program product to protect a first user from authorization limitation by a second user. The computer may receive an authorization command from the second user, wherein the authorization command targets the first user, and the second user is at least partially authorized to operate the authorization command. The computer determines that the first user is an ancestor user of the second user. In addition, the computer, responsive to a determination that the first user is an ancestor user of the second user, prevents operation of code of the authorization command to change an authorization of the first user.05-07-2009
20100138932DATA PROTECTING METHOD AND COMPUTING APPARATUS - A data protecting method, including the steps of: (a) upon receipt of a triggering command, configuring a hardware control module to store data in a hidden zone that is unidentifiable, unreadable and unwritable by an operating system block in communication with the hardware control module; and (b) upon receipt of a restore request command from an input device in direct communication with the hardware control module, configuring the hardware control module to execute the restore request command so as to transfer the data from the hidden zone to a working zone that is identifiable, readable and writable by the operating system block when a predetermined condition is satisfied.06-03-2010
20120144501REGULATING ACCESS TO PROTECTED DATA RESOURCES USING UPGRADED ACCESS TOKENS - Various techniques and procedures related to client authorization and the management of protected data resources are presented here. One approach employs a computer-implemented method of regulating access to protected data resources. In accordance with this approach, a client sends a first access token to a server, the first access token having first data access attributes associated therewith. In response to receiving the first access token, the server sends a second access token to the client module, the second access token having second data access attributes associated therewith. The second data access attributes represent expanded or additional data access capabilities granted to the client. The client may then access protected data resources using the second data access token.06-07-2012
20090293134IMAGE PROCESSING APPARATUS, IMAGE PROCESSING METHOD, AND PROGRAM - Strict security is ensured with respect to information in originals scanned by an MFP. There are provided: password detector for judging if original information obtained by decoding the two-dimensional code of original images contains a one-way hash value generated from a password; password input for prompting input of a password in the case where it is determined by the password detector that a hash value is contained in the original information; password verifier for using the one-way hash value to verify a password input by the password input; and converter for converting the original images into an electronic file protected by the password input by the password input.11-26-2009
20100275270METHOD AND APPARATUS FOR MANAGING THE TRANSFER OF RIGHTS - A method and apparatus for managing the transfer of rights associated with items from a rights supplier to a rights consumer. A set of rights is associated with an item and includes meta-rights specifying derivable rights that can be derived therefrom by the rights consumer. The set of rights is transferred, in the form of a license to the item, from the rights supplier to the rights consumer. If it is determined that the rights consumer is entitled to derive the derivable rights specified by the meta-rights, the derivable rights are derived and a license including the derived rights is generated with the rights consumer designated as a principal.10-28-2010
20080244757Vehicle control device and data rewriting system - A vehicle control device and a data rewriting system prevent a person having no permission from rewriting the data of the vehicle control device. When the vehicle control device rewrites the data thereof based on rewrite data distributed from a control center through a radio communication network, the vehicle control device performs a user identification check based on the verification whether an ID code manually inputted by a user coincides with an ID code previously stored in a vehicle. The vehicle control device permits the user to rewrite the data based on the distributed rewrite data on condition that the user is identified as a privileged user permitted to rewrite the data.10-02-2008
20080244756AUTHENTICATED PRINTING SYSTEM AND AUTHENTICATED PRINTING METHOD - An authenticated printing system includes a job creation unit that creates a print job in accordance with a direction of a user, a job holding unit that holds the print job created by the job creation unit, an authentication information acquisition unit that generates authentication information based on information acquired from an authentication device, an authentication unit that receives the authentication information generated by the authentication information acquisition unit and performs authentication of an user on the basis of the authentication information, and a print unit that acquires the print job of an authenticated user from the job holding unit and prints the print job in a case where the user is authenticated by the authentication unit. The authentication unit includes a process section that acquires the authentication information of an owner of the print job from a database and stores the authentication information in a cache as authentication usable information when the print job is held by the job holding unit, and a process section that performs the authentication of a user based on whether the authentication information generated by the authentication information acquisition unit is stored in the cache.10-02-2008
20080250506Device for Collecting, Looking Up and Processing Data, in Particular Medical Data - The inventive device for collecting, looking up, and processing data, in particular medical data, includes at least one mobile computer medium for recording data, the reader/writer and, if necessary, at least one fixed computer medium for data recording. The mobile and fixed computer media are embodied in such a way that they remotely communicate with each other by the reader-writer, through a communication network, like the Internet. The mobile computer medium includes a reading/writing mechanism which makes it possible to simultaneously read data recorded thereon, and write new data, while performing entirely from the mobile medium.10-09-2008
20080250507Information Sharing System, Information Processing Device, and Control Program - In an information sharing system including an information reading device and an information processing device, the information reading device includes: a member information reading unit for reading member information from member discrimination cards respectively owned by a plurality of members; and a transmitting unit for transmitting the member information read by the member information reading unit to the information processing device. The information processing device includes: a receiving unit for receiving the member information transmitted from the transmitting unit; an address information detection unit for detecting address information corresponding to the received member information; and an information sharing member list forming unit for forming an information sharing member list based on the address information detected by the address information detection unit.10-09-2008
20090265791METHOD A SYSTEM AND A UNIT FOR CONTROLLING LISTING OF ITEMS ON ELECTRONIC MARKET DATABASES - There is provided a method a method for controlling listing of a given item on an electronic market database, the method comprising (1) receiving a listing request originated from a prospective provider for listing said given item on said electronic market database; (2) authenticating at least one of said given item and of said prospective provider; and (3) if a successful authentication, listing said given item on said electronic database. There is further provided a system as well as a unit for controlling listing of a given item on an electronic market database.10-22-2009
20080289049TECHNIQUES FOR PERSONALIZING CONTENT - Techniques for personalizing content are presented. A principal requests access to content. Policy is evaluated in response to the request for the content. Scripts are processed in response to the policy evaluation to rewrite and modify the content. The modified content is then delivered to the requesting principal to personalize the content for the principal.11-20-2008
20100275268AUTHORISING USE OF A COMPUTER PROGRAM - A method of authorising use of a computer program only able to be used when an authorised message is received from an authorising system includes providing an authorisation system, making a request to use a computer program, signalling the request to the authorisation system, the authorisation system recording the use of the computer program and providing the authorisation message to the computer program upon receipt of the authorisation message the computer program may be used.10-28-2010
20100146638DETECTION FILTER - A detection filter installed in an application server including a secure application is disclosed. In one embodiment, the filter includes a rules engine for receiving request data representing an access request for the secure application from a user. The engine applies at least one risk condition rule to the request data to generate a risk probability level, and detects at least one fraud condition when the risk probability level exceeds a threshold level, before passing the access request to the secure application.06-10-2010
20120198565BUSINESS METHOD FOR AGGREGATION AND PRESENTATION OF THE MEDIA DATA - A method for aggregation and presentation of media data, includes the following steps: launching the application registered for interacting with internet community; authorizing the application in the external systems of the internet community using external Application Programming Interfaces; obtaining the permit from a media data keeper to access his/her media data in the internet community; retrieving the media data from the internet community through the application registered in that particular internet community to allow both the media data keeper and the registered application to access and use the aggregated data; selecting potentially presentable (supported) media data from the previously formed media data bank; presenting a series of the aggregated media data to an individual or corporate user (the recipient). The aggregation and presentation of the media data from the internet community is implemented through computer or telecommunication systems that provide the functioning of the application which obtains media data from various sources, aggregates it, filters, identifies the possibility of presenting the particular media data, sorts it out and implements its presentation.08-02-2012
20120198566Secure Distribution of Media Data - A technique for distributing media data in a secured fashion that mitigates unwanted or illegal copying/distribution of such data. An initial, degraded version of the media data is sent to one or more recipient(s). After confirming identity of a recipient at a receiving system, a supplemental version of the media data is sent to the receiving system which augments the degraded version such that it can then be played by the recipient(s). The degraded version of the media data has a reduced quality that is obtained by removing portions of the data and filling in the removed portions with dummy data. During a subsequent rebuilding of the media data, a supplemental version of the media data is sent to the receiving data processing system where it is merged/combined with the degraded version to form a copy that corresponds to the original, high-quality version of the media data.08-02-2012
20130219518Methods and Systems for Generating History Data of System Use and Replay Mode for Identifying Security Events Showing Data and User Bindings - Devices and methods are presented for managing data security. One example method includes receiving user identification information from a screen of a device that is connectable to a database of secure information. The method includes authenticating the user identification information, the authenticating includes capturing image data of a user associated with the user identification information. The method provides access to the database of secure information upon authenticating the user identification information. The method records data of user interactive input and viewed images displayed on the screen while the access provided. The method stores audit data for the user when accessing the database of secure information, the audit data being associated with a history of use by the user. The audit data including a plurality of events associated with the use. The method enables replay of the audit data for at least one of the plurality of events associated with the use.08-22-2013
20090158442Method of User Access Authorization in Wireless Local Area Network - The present invention discloses a method of user access authorization in wireless local area networks. The method comprises: when a Wireless Local Area Network (WLAN) user terminal is accessing a WLAN operational network, the WLAN operational network, while authenticating this WLAN user terminal, judging whether to allow this WLAN user terminal to access according to authorization conditions having an impact on the access of this WLAN user terminal, if yes, the WLAN operational network will determine the access rules of this WLAN user terminal according to the said authorization conditions; otherwise, the WLAN operational network will notify the WLAN user terminal about the failure. Different users can be controlled to access the network according to different authorization conditions, and be restricted by different access rules after getting accessed. Thus, the access control capability of a wireless local area network is enhanced and the working efficiency of the network is improved.06-18-2009
20090183265IDENTIFICATION OF POTENTIAL UNAUTHORIZED DISTRIBUTION OF COPYRIGHTED INFORMATION - A computer-implemented method is provided of identifying potential unauthorized distribution of copyrighted information. The copyrighted information includes copyrighted items and copyright filing information for each of the copyrighted items. A database file is provided of the copyrighted information. Also, a source of items is provided from an entity other than the copyright owner which contains items that are potentially in violation of the copyrighted items. An automatic comparison is made. The copyrighted items in the database file of copyrighted information are automatically compared in a computer with the items in the source of items. The comparison identifies any items in the source of items that are potentially in violation of a copyrighted item due to similarities with the copyrighted items. The identified items are displayed in association with the copyrighted items that are potentially being violated and the copyright filing information of the copyrighted items that are potentially being violated.07-16-2009
20090165146METHOD FOR MANAGING USER RIGHTS FOR A CODE PROTECTED OBJECT - The invention relates to a process for managing user rights for a code-protected object (06-25-2009
20090025090DIGITAL SAFETY DEPOSIT BOX - A system that enables secure data storage into a third party managed electronic storage vault is disclosed. This electronic storage vault provides customers with a secure location to store important data such as insurance policies, automobile titles, deeds, wills, birth certificates, tax documents or the like. An interface can be provided which secures (e.g., encrypts, digitally signs) data related to transmission, storage and retrieval. A management component can be employed to regulate (e.g., authenticate) deposit or access of documents to/from the storage vault.01-22-2009
20090025091ELECTRONIC APPARATUS AND INFORMATION PROCESSING APPARATUS - The electronic apparatus includes: a timer for measuring an elapse time duration under a component-disengaged state after detection of the disengaged state by the sensor; a copy controlling unit for making data stored in the recording unit to be copied in a storage unit of the information processing apparatus; and a deleting unit for deleting data stored in the recording unit. The copy controlling unit makes data stored in the recording unit to be stored in the storage unit of the information processing apparatus when the timer detects elapse of a first predetermined time duration, and the deleting unit deletes data stored in the recording unit when data stored in the recording unit is copied in the storage unit. This makes it possible to prevent loss of data stored in the recording unit of the electronic apparatus, and to improve data confidentiality, and to prevent confidential information leakage.01-22-2009
20090049558SYSTEM AND METHOD FOR TRACING TARDOS FINGERPRINT CODES - A system and method is provided for identifying the source of an unauthorized copy of content. The method includes embedding a unique user fingerprint code to into each of a plurality of authorized copies of content and identifying an unknown fingerprint code in an unauthorized copy of the content. Each member of the unknown fingerprint code is compared to each corresponding member in each of the user fingerprint codes. A score is assigned to each of the user fingerprint codes based on the comparison and users associated with scores exceeding a threshold are identified as a source of the unauthorized copy.02-19-2009
20120079606RIGHTS AND CAPABILITY-INCLUSIVE CONTENT SELECTION AND DELIVERY - Intelligent content delivery enables content to be delivered to different devices in formats appropriate for those devices based on the capabilities of those devices. A user might access the same piece of content on two different devices, and can automatically receive a higher quality format on a device capable of playing that higher quality format. The user can purchase rights to content in any format, such that as new formats emerge or the user upgrades to devices with enhanced capabilities, the user can receive the improved formats automatically without having to repurchase the content. Further, the user can pause and resume content between devices even when those devices utilize different formats, and can access content on devices not otherwise associated with the user, receiving content in formats that are appropriate for those unknown devices even if the user has not previously accessed content in those formats.03-29-2012
20090083859PROGRESS INDICATORS TO ENCOURAGE MORE SECURE BEHAVIORS - A method for enticing users to behave securely in a computing environment. For security related input, such as selection of password, a progress indicator is provided to the user. The progress indicator correlates to the level of security obtained by the user's entry, rather than to the completion of the task. The indicator follows a non-linear function that crosses zero security and maximum expected security for the task. The function starts at shallow slope, increases towards the middle, and then reverts to shallow slop towards the end of the task.03-26-2009
20080263676SYSTEM AND METHOD FOR PROTECTING DATA INFORMATION STORED IN STORAGE - A system and method are provided for protecting data information stored in a storage medium. The system includes a memory unit which is divided into a plurality of storage regions in which data information is stored; a domain unit which includes a plurality of OS domains, which are access subjects, and loads the data information stored in the storage regions that are accessed by the OS domains; and a control unit which controls access of the domain unit to the memory unit.10-23-2008
20080263675System and method of network printing - A method of printing a document, the method includes assigning a permission classification to a document to be printed; assigning a user permission profile to a user; and determining from the user permission profile and the permission classification of the document whether the user is authorized to print the document. Another method of printing a document includes assigning a permission classification to a document to be printed; assigning a printer permission profile to each of a number of network printers; and determining from the permission profile of the network printer and the permission classification of the document whether a the network printer is authorized to print the document.10-23-2008
20090100528Method for Linking Intellectual Property System to Other System and the System - Provided are a method and system for reducing user inconvenience by exchanging information between different intellectual property information systems having different servers from each other or storing the information in a storage folder of each user of one of the intellectual property information systems. The method associates at least first and second different intellectual property related systems operated by different servers from each other. The method includes the steps of: providing, by the first intellectual property information system, identification of a user of the first intellectual property information system to the second intellectual property information system; and providing, by the second intellectual property information system, searched case information or case information searched for each user of the second intellectual property information system to a storage folder of each user in the first intellectual property information system.04-16-2009
20110231940CREDENTIAL-BASED ACCESS TO DATA - Existing mechanisms that control access to data based upon whether the user seeking to access the data is identified among the users that are allowed to access the data, can be extended to further control access based upon the provision of credential data by the user, or processes associated therewith. Access control entries can limit access based upon Boolean conditionals, including those referencing credential data, such that access can be granted only to specific users that provide the credential data or, alternatively, to any user that provides it. The referenced credential data can be specified in the access control information in an obfuscated form for security purposes. Information associated with the user, such as a user token, can be temporarily updated to include credential data when provided by the user, so as to enable access to the data but to prevent such access from remaining open too long.09-22-2011
20090100529DEVICE, SYSTEM, AND METHOD OF FILE-UTILIZATION MANAGEMENT - Device, system, and method of file-utilization management. In some embodiments, a method may include linking between a computing device and at least one electronic mail address by verifying that a user of the linked computing device is authorized to access an electronic mail account represented by the linked electronic mail address; identifying an attempt by the user to access the content of a protected file, wherein the protected file is associated with permission information representing one or more allowed electronic mail addresses and including one or more content-utilization restrictions; and presenting the content of the protected file to the user of the linked device, if the linked electronic mail address is included in the allowed electronic mail addresses, while restricting the utilizing of the presented content according to a content-utilization restriction corresponding to the linked electronic mail address. Other embodiments are described and claimed.04-16-2009
20120198564Security Classification Based on User Interaction - An embodiment of the invention includes a method and system for content management. More specifically, the system includes a user interface for receiving content from a user and a data repository connected to the user interface for storing the content. The user interface also receives a request to access the content from the user. A program processor is connected to the data repository, wherein the program processor determines whether the content includes a security classification. A communications module is connected to the program processor, wherein the communications module sends an alert to the user interface when the content does not include a security classification. The alert includes a request to assign a security classification to the content.08-02-2012
20090254999MEDIATED ACCESS OF SOFTWARE DUMPED DATA THROUGH SPECIALIZED ANALYSIS MODULES - The present invention can include a method, computer program product, and system for mediating access to content of a software dump. The invention can identify an event occurring within a computing device, which causes data to be dumped to file. A dump file can be created responsive to the event, wherein the dump file includes data defining a state of the computing device. Using an analysis module to analyze the dump file to determine content to be placed in a tailored dump file. In one embodiment, custom analysis modules or custom modifications to existing analysis modules can be added to the computing device at any time, which permits a tailoring of dumps to cover circumstances not originally known in advance of a situation for which they are needed. The tailored dump file can include a subset of the content of the dump file for which access privileges have been granted in accordance with the analysis module. The output file can be created, which comprises the determined content.10-08-2009
20110145931System and Method for Managing Information Flow Between Members of an Online Social Network - An online social network is provided in which members of the online social network control who may view their personal information and who may communicate with them. The members control who may view their personal information by setting a visibility preference. A member may not view another member's full personal profile if the measure of relatedness between the two is greater than the visibility preference of the other member. The members also control who may communicate with them by setting a contactability preference. A member may not communicate with another member if the measure of relatedness between the two is greater than the contactability preference of the other member.06-16-2011
20110145930Method, Program Product and Server for Controlling a Resource Access to an Electronic Resource Stored Within a Protected Data - Controlling a user access through a computer network within a protected data environment of a computer environment. An exception list comprising an Identifier (URI) stored within the protected data environment for granting user access of an unauthorized user is defined. At least one allowed access property relation for user access is defined when accessed by the unauthorized user. A URI of a user access request of unauthorized user is checked in the exception list. A One-Time URI is created. The One-Time URI is assigned to the electronic data resource according to the allowed property relation. The requested is delivered to the unauthorized user by using the assigned One-Time URI.06-16-2011
20080313743Network Software License Management and Piracy Protection - Apparatus having corresponding methods and computer-readable media comprise an input circuit to receive, from a license management server, a check-in sequence representing a plurality of different check-in times; a processor to execute a software product comprising an application, and a client license management module to add timestamps to a check-in record at the check-in times; and an output circuit to transmit the check-in record to the license management server; wherein the license management server performs a comparison between the check-in record and at least one of the check-in sequence, and an earlier check-in record previously sent by the client license management module to the license management server; and wherein the license management server transmits a violation message to the client license management module when the comparison fails; and wherein the client license management module disables the application based on the violation message.12-18-2008
20100162412MEMBER REGISTRATION METHOD, COMMUNITY SERVICE SYSTEM, PORTABLE TERMINAL, AND MEMBER INVITATION PROCESSING PROGRAM - A community member registration method is for registering a member in a community service system in which a community service server, and authentication server and a plurality of portable terminals are connected via a network. The community service server provides community service, the authentication server determines whether or not a member has authority to receive services provided by the community service server, and the portable terminals are capable of direct communication to each other. The method includes: sending a terminal identifier obtained from a portable terminal of an invitee together with a registration request from a portable terminal of an inviter to the authentication server; issuing an account of the invitee in response to the registration request in the authentication server; notifying the account to the portable terminal of the inviter from the authentication server; and sending the account from the portable terminal of the inviter to the portable terminal of the invitee.06-24-2010
20100169983Display device and method aiming to protect access to audiovisual documents recorded in storage means - The invention relates to a display device and method aiming to protect access to audiovisual documents recorded in storage means.07-01-2010
20120246738Resource Sharing and Isolation in Role Based Access - The subject disclosure is directed towards resource sharing and/or isolation in a role based access (RBA) system. A resource may be associated with an owner, via an owner property, which provides isolation by enforcing exclusive access to that resource by the owner (unless the owner chooses to share). Sharing is provided by allowing the owner to identify, in a GrantedTo list, selected receiving user(s) or user role(s) that can have shared access. Also described is administrator-level control over the ability to share resources and/or receive shared resources, e.g., an administrator selects whether a resource owner is permitted to share resources and/or whether receiving users/user roles are permitted to receive shared resources.09-27-2012
20120246740STRONG RIGHTS MANAGEMENT FOR COMPUTING APPLICATION FUNCTIONALITY - Illegal, unauthorized, uncompensated and/or under-compensated utilization of computing application functionality may be mitigated at least in part by controlling access to executable instructions that implement the computing application functionality. The executable instructions may be executed by a set of one or more virtual machines provisioned by a multi-tenant virtual resource provider. The virtual resource provider may provision the virtual machines and other virtual resources with a set of implementation resources managed by a control plane of the virtual resource provider. The control plane may perform a number of control functions for the virtual resource provider including management and enforcement of virtual resource access policies such as one or more policies collectively specifying that the computing application functionality is to be accessed in accordance with a license or agreement between a third party provider or vendor of the computing application functionality and a user of the computing application functionality.09-27-2012
20120246742PROCESS FOR PRODUCING AND ASSEMBLING A MEDICAL OPERTIONS SYRINGE - A system and a method for managing and sharing, within a computer network, information and contacts related to users, according to which the user (UC), on his personal profile (PF) created on the restricted access web site, can create a certain number of business cards (BV) to be booked to given categories of persons, with the information and/or data he considers to inserted into that card; in this way, the system does not allow to a third party to access user's (UC) personal profile (UC), neither in as merely curios observers, and reserves to each user (UC) places for the insertion of their information which, thus, are made accessible only to whom the user (UC) decides to send them and only during the period for which the user (UC) desires to send them. Once the user (UC) comes into contact with a person belonging to the categories to whom he has allowed the vision of the data, he can share, for each category, certain information which are however lent, for a prefixed time period, and automatically updated in real time on personal profile (PF) of then web site.09-27-2012
20110119771SYSTEMS AND METHODS FOR HANDLING ELECTRONIC MESSAGES - Systems and methods for handling electronic messages are provided. One method includes monitoring a message and recipients of the message, detecting a reference in the monitored message to an entity, obtaining an access control list for the detected entity, the access control list defining permitted access to the entity, identifying a recipient of the message who is not permitted to access the entity, and performing a predefined action in response to the identification of the non-permitted recipient. The predefined action includes one or more specific actions such as identifying an administrator for the access control list, generating a reporting message, and transmitting the reporting message to the administrator. The predefined action additionally or alternatively includes preventing the transmission of the message to the non-permitted recipient and/or providing an alert to the author of the message. One system includes a processor and memory storing code for performing the above method.05-19-2011
20100229245System of security that prevents abuse of identity data in global commerce via mobile wireless authorizations - A system of security that prevents misuse of identity data of an identity data owner in an identity data driven transaction in a global commerce network, that has in the system, a transaction processing entity that after it receives a identity data driven transaction from a transaction initiating entity, puts on hold the processing of the transaction for a period of time and via the identity data owner's wireless mobile communication device, contacts the identity data owner for authorization of the transaction before the transaction processing is completed. The system of security for identity data may be used in the identity data driven transaction is one from a group of (i) credit card payment, (ii) bank account payment, (iii) release of credit profile, (iv) release of financial data, and (v) release of medical data.09-09-2010
20100229247UNIQUE IDENTIFIER ADDRESSING AND MESSAGING ENABLING DIGITAL COMMUNICATION, CONTENT TRANSFER, AND RELATED COMMERCE - A method and system to convert a plurality of unique identifiers (license plates) from defined certain defined classes of unique identifiers (i.e. license plates) into electronic addresses enabling digital communication, content, and commerce to be transferred to the associated address, whereby a verified rightful holder of the unique identifier can claim by contract; rights which can grant access to the digital data that has been transferred to the assigned electronic address. It is an object, in some aspects, to allow a sender without knowing the identity of the holder of the unique identifier, to communicate a message, send money, pictures, and files to the converted corresponding electronic address in the hopes that the holder will claim the email address through a verification process. In order to facilitate the invention a central domain repository is used to determine and publish a uniform convention for the unique identifier, to establish a standard that is universal. The preferred embodiment of the invention is in the inventions ability to be utilized as a universal uniform international standard email address assignment to all legally valid alphanumeric license plate numbers.09-09-2010
20100242121APPARATUS, SYSTEMS AND METHODS FOR AUTHENTICATING WIDGET ACCESS AND WIDGETS - In some embodiments, a content server receives a request for a widget from a web server, specifying a user identifier and a delegation server. If the delegation server is trusted, the user's identity is ascertained using the user identifier. The widget is delivered having a context of the user's identity. The content server receives a request to access content generated utilizing the widget incorporated into a web page and allows access based on the context of the widget. In other embodiments, a social network server receives a request from a web server for a widget. The widget is delivered having a source indicator. Subsequently, the social network server receives a request to access the social graph generated utilizing the widget incorporated into a web page. If the request includes a change to the social graph, the social network server allows the request if the widget is trusted.09-23-2010
20100212025INFORMATION PROCESSING APPARATUS, AND CONTROL METHOD AND STORAGE MEDIUM THEREOF - An information processing system, an information processing apparatus, and a control method thereof are provided that, without requiring a server for holding user information, effectively utilize the memory resources of each apparatus connected via a network to perform screen display and processing for each user. To accomplish this, the information processing system is provided with a plurality of information processing apparatuses provided with a storage area that stores personalized data, which is information unique to each user. When a portable authentication device is connected, each information processing apparatus reads out device information that indicates which information processing apparatus is storing the user information and the personalized data, performs authentication, and acquires the corresponding personalized data based on the device information. The personalized data is stored in the storage area at the time when access is performed by the user.08-19-2010
20080209574Partitioning data on a smartcard dependent on entered password - In one embodiment, an apparatus and method for partitioning data on a smartcard dependent on an entered password are disclosed. In one embodiment, the method includes maintaining multiple containers in a smartcard, associating a different personal identification number (PIN) with each of the multiple containers, and accessing contents of a container when an associated PIN for the container is provided by a user of the smartcard. Other embodiments are also described.08-28-2008
20100218262INTEGRATED CIRCUIT DEVICE, INFORMATION PROCESSING APPARATUS, MEMORY MANAGEMENT METHOD FOR INFORMATION STORAGE DEVICE, MOBILE TERMINAL APPARATUS, SEMICONDUCTOR INTEGRATED CIRCUIT DEVICE, AND COMMUNICATION METHOD USING MOBILE TERMINAL APPARATUS - A memory region on an IC card has a hierarchical structure. Each application allocated on the memory region is registered in a directory, and the memory region is managed in directory units. A personal identification code is set for each application and directory, and the access right is controlled in application units or directory units. If a mobile terminal is lost, the right to access each application in the IC card automatically disappears. Therefore, the right to access each application allocated to the memory region on the IC card is efficiently controlled.08-26-2010
20100251386METHOD FOR CREATING AUDIO-BASED ANNOTATIONS FOR AUDIOBOOKS - A computer implemented method, a data processing system, and a computer program publish an audio annotation of a media signal. A media player plays a media signal. The media player then records an audio annotation to the media signal. Responsive to recording the audio annotation to the media signal, the media player records an identifier to be associated with the media signal. The audio annotation is then published to a social networking host.09-30-2010
20090282494METHOD AND SYSTEM FOR MANAGING ELECTRONIC MESSAGES - A computer implemented method, computer program product and a data processing system for managing electronic messages is disclosed. The contents of an electronic messages are segmented based on the recipients receiving the message and access control authorizing access to the segmented contents is provided to the segmented contents and transmitted to a list of recipients.11-12-2009
20090165145CHANGING MODES IN A DEVICE - A method including storing one or more user profile modes in a device, activating a user profile from the stored profiles where activating a user profile mode comprises configuring a user interface of the device to allow access to only applications and/or information associated with the activated user profile mode and displaying only applications and/or information associated with the activated user profile mode.06-25-2009
20100223673PROVIDING MULTIMEDIA CONTENT WITH ACCESS RESTRICTIONS - Users are provided limited access to multimedia programs. An administrator may require users to log in to begin a multimedia distribution session. Further, administrators may permit certain users to access selected multimedia programs only for a limited number of views. In addition, an administrator may designate that users have a limited amount of time or a limited period to exercise the limited number of views of the multimedia programs. For example, an administrator may designate that a user can access a multimedia program for a single view, that the user may take three hours to exercise the single view, and that the single view must take place within next three days.09-02-2010
20080229430METHOD FOR PREVENTING PRANK ORDERS FOR INTERNET PURCHASING - A system and method are provided for establishing a secure user account, comprising contacting a registration server by a user and then providing, by the user, identification information of the user that identifies a verifiable hardware user device having third-party verifiable account information associated with it. The registration server sends, to the user, a verification contact address. The user then contacts the verification server, which may be the registration server, at the verification contact address using the verifiable hardware user device. The verification server then obtains the third-party verifiable account information from a third party associated with the verifiable hardware user device. Finally, the verification server authorizes the secure user account if the third-party verifiable account information matches, in part, the identification information provided by the user.09-18-2008
20090106849Portable Computer - A portable computer, comprising a first display screen in the portrait format housed in a first panel and a second display screen in the landscape format housed in a second panel. The second panel is physically attached to the first panel, and the diagonal size of the second display screen is 40% to 70% of the diagonal size of the first display screen. The effective size of the display area is larger than the physical area of the display screens, and the portable computer can have small size, light weight, and long battery life.04-23-2009
20130133084DIGITAL RIGHTS MANAGEMENT OF CONTENT WHEN CONTENT IS A FUTURE LIVE EVENT - A system for managing use of digital content within a trusted community. An access list defines the trusted community. License requests for use of content made from outside the trusted community are handled in accordance with a license request policy process.05-23-2013
20130133085INFORMATION PROCESSING DEVICE AND MULTIFUNCTION PERIPHERAL - A control API controls secret data to be stored in a secret data storage area which is accessible only to the control API. Moreover, the control API controls the file information storing part in the secret data storage area to store (i) storing location information of the stored secret data and (ii) administrative storage location information notified by the web application so that the storing location information and the administrative storage location information are associated with each other. This makes it possible to (i) prevent a leakage of confidential information and (ii) allow an authorized web application to easily use the confidential information.05-23-2013
20130145483System And Method For Processing Protected Electronic Communications - Systems and methods for processing protected electronic communications are disclosed. According to one embodiment, a method for processing inbound messages may include (1) receiving a message containing protected content at an electronic device comprising at least one computer processor; (2) using the at least one computer processor, determining a manner in which unprotected content corresponding to the protected content is accessed by a user; and (3) using the at least one computer processor, automatically sending the unprotected content to a first storage location.06-06-2013
20100333211Method and system for providing digital media rental - There is provided a method and system for allocating access to digital media content. In one embodiment, the system may comprise a media server accessible over a communications network, a processor of the media server being configured to encrypt the digital media content to produce a secondary license for the digital media content, and to provide a temporary license key allowing a user to access at least a first portion of the digital media content during an activation usage interval of the secondary license for that portion of the digital media content assigned to the user. The media server further comprises an assignment database configured to store an assignment status of the license. Such a system is configured to permit the user to access the assigned portion of the digital media content during the usage interval.12-30-2010
20100180348SECURE ONLINE REPOSITORY - Techniques for secure online storage. A user is registered for securely storing documents on a network. User documents are stored on a network server. The user documents include documents for disposing of user property after death or for effecting user medical decisions. A secure network interface is provided for displaying the user documents remotely upon receiving a user security identifier. A secure network interface is provided for displaying the user documents remotely to authorized medical personnel who do not have access to the user security identifier.07-15-2010
20100154065Media markup for user-activated content alteration - A classification method and system for possible content alteration of a media work may include criteria regarding content that is feasible for alteration. Such criteria may be maintained in records that are accessible to an interested party. Some embodiments may include a record of primary authorization rights applicable to a possible content alteration. A further embodiment feature may include a record of secondary authorization rights applicable to substitute altered content incorporated in a derivative version. Various exemplary identifier markup schemes indicative of a location or topic or category of an alterable media content component may be implemented to enable selective audio, visual, and audio/video content alteration.06-17-2010
20110119770Password protected CD-DVD - Writable compact and digital versatile discs with a password protected option that protects access to the information on the disc. The password protection is optional, and may be used or removed at anytime. The discs can be used in every known application designed for compact and digital versatile discs formats, with no limitations.05-19-2011
20110131664CONTENT AGING - A device includes a memory to store instructions; and a processor to execute the instructions to determine that access rights, associated with a particular user in relation to particular content, have expired; degrade an appearance of the particular content or a representation of the particular content, where the degradation is amplified over a grace period that commences upon the expiration of the access rights, in response to determining that the access rights have expired; determine that the grace period associated with the expired access rights has ended; and end access to the particular content, in response to determining that the grace period has ended.06-02-2011
20110131663METHOD AND APPARATUS FOR PROVIDING ACCESS TO SOCIAL CONTENT - An apparatus for providing access to social content may include at least one processor and at least one memory including computer program code. The at least one memory and the computer program code may be configured to, with the at least one processor, cause the apparatus to perform at least receiving information providing corresponding identities of a plurality of members of a group, receiving an indication of group content including at least one content item stored in association with the group, and enabling access to the group content by the members based on presence information related to the members indicating that a presence threshold associated with the group content is met. A corresponding method and computer program product are also provided.06-02-2011
20110247083INTEGRATING SECURITY BY OBSCURITY WITH ACCESS CONTROL LISTS - Aspects of the subject matter described herein relate to providing and restricting access to content. In aspects, information (e.g., a URL) that identifies content and a user is provided to a user. In conjunction with providing the information to a user, a data structure (e.g., an access control list) is updated to indicate that the user has access to the content. The user may use the information to access the content and/or may send this information to other users. The other users may use the information (e.g., by pasting it into a browser) to access the content and may be added to the data structure so that they may subsequently access the content without the use of the information. Access to the content via using the information may be subsequently revoked.10-06-2011
20110023129DYNAMIC ENFORCEMENT OF PRIVACY SETTINGS BY A SOCIAL NETWORKING SYSTEM ON INFORMATION SHARED WITH AN EXTERNAL SYSTEM - An external system (such as a website) that interacts with users communicates with a social networking system to access information about the users, who may also be users of the social networking system. If a privacy setting is changed in the social networking system, and the change applies to information that has been shared with an external system, the change is enforced at the external system. For example, the external system may be notified that the information is invalid and must be deleted, or the external system may periodically request the information so that changes to the privacy settings are eventually experienced at the external systems. When an external system again needs the information, whether expired naturally or actively invalidated by the social network, the external system sends a new request for the information, which is subject to the (possibly revised) privacy settings.01-27-2011
20100146639ONLINE DIRECTORY WITH CONTACT INFORMATION - A method and system of storing and sharing contact information on a website of a specified group of users designated by a user X comprises: accessing the website by the user X; requesting the user X to provide or verify accuracy of most current contact information as a precondition to proceeding; storing the most current contact information from the user X and each user of the specified group of users; providing shared online access to contact information of user X to all users of the group; updating contact information of user X each time the website is accessed by User X; and updating contact information of each user of the group when contact information of a user of the group changes.06-10-2010
20100251385MANAGING SIGNATURE PAGES OF A TRANSACTIONAL DEAL USING A TAXONOMY DISPLAYABLE BY A COMPUTING DEVICE - Embodiments of the present invention relate to a computer-implemented method, system, and computer-readable medium for managing a collaborative deal transaction process that provides for tracking and managing signature pages of a deal transaction using a taxonomy displayable by a computing device, including receiving a list of users that are authorized to access the deal transaction, the list including an identifier associated with each of the users, storing the list of authorized users, parsing the identifier associated with each user, grouping the users according to parties based on the identifier, creating a taxonomy including a listing of documents relevant to the deal and a listing of the parties of the deal, receiving at least one document, and storing relevant pages of the at least one document, wherein each page is associated with at least one relevant party in the taxonomy.09-30-2010
20100132052INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING METHOD, AND COMPUTER READABLE MEDIUM - An information processing system includes: an organization information storage that stores organization information which defines an organization including users and groups of the users; a usage control information storage that stores usage control information which is for controlling use of control target information by each user in the organization defined by the organization information and defining a user or a group of users who or which is permitted to use the control target information and a usage range of the control target information in which the user or the group of the users is permitted to use the control target information; a judgment unit that judges whether or not an inconvenience resulting from a change of the organization occurs in the usage control information stored in the usage control information storage based on the organization information stored in the organization information storage; and a countermeasure unit that performs a countermeasure against the inconvenience in a case where the judgment unit judges that the inconvenience resulting from the change of the organization occurs.05-27-2010
20100132051PROTECTING LIVE CONTENT IN A NETWORK - A method for protecting live content in a multimedia system. An Acquisition Point that receives content distributes it in a network comprising a recording device and a rendering device. The content is associated with a license comprising a content identifier and the identity of the sending Acquisition Point. If the content is live, the license indicates that the content is “live protected”. A rendering device that receives the content and its license asks 05-27-2010
20100132050APPARATUS, SYSTEM, AND METHOD FOR ENFORCING POLICY REQUIREMENTS ASSOCIATED WITH A SERVICE - A computer-readable medium having stored thereon a plurality of instructions including instructions that when executed by a processor enable a service provider to track and enforce policy requirements associated with a provided service of the service provider. The application software configured to provide notification of the policy requirements and to trigger an intentional degradation of the provided service as a function of time when a user fails to comply with at least one of the policy requirements.05-27-2010
20100192233CONTENT REPRODUCTION DEVICE - Provided is a content playback apparatus that generates a GUI corresponding to various pieces of restriction information to restrict playback of a content when displaying the GUI for causing a user to select a content to be played back, and that can respond to a new piece of restriction information. The content playback apparatus generates content lists for the various pieces of restriction, and generates a GUI which can display each content list for each piece of restriction information by switching. When a content to which the new piece of restriction information has been attached is added, setting information for the new piece of restriction information is obtained from a content distribution server and the like by referring to an ID attached to the content, or an ID of the restriction information having been attached to the content, and a content list for the newly obtained restriction information is generated and displayed.07-29-2010
20100263058Deceptive Mobile Communications - A system comprises an electronic device operable to perform one or more legitimate functions for an authorized user. The device is further operable to be placed in a deceptive mode and perform one or more deceptive functions for an unauthorized user.10-14-2010
20100031372METHOD AND SYSTEM FOR SECURE FLEXIBLE SOFTWARE LICENSING - When executing a licensing management application, data indicative of licensing privileges of a software application for simultaneous execution on a subset of a plurality of computers are received from a licensor of the software application. The data indicative of licensing privileges comprise data indicative of a licensing key. For each of a plurality of users a peripheral licensing device is provided and the data indicative of a licensing key are then stored in memory thereof. Data indicative of a total number of users—equal to a number of the subset—are determined and provided to the licensor, or storage of the licensing key is prevented, when the total number is greater than a predetermined number of the subset. After execution of the licensing management application and provision of each of the users with a respective peripheral licensing device, each of the users is enabled to execute the software application by interfacing the peripheral licensing device with one of the computers, after which the data indicative of a licensing key are retrieved and the software application is executed.02-04-2010
20100064376Mobile terminal, restricting system and method of accessing an information using the mobile terminal - The exemplary embodiment relates to a system and method for restricting the disclosure of information employing a mobile terminal, which restricts the disclosure of information using a mobile terminal. In an aspect, the exemplary embodiment provides a mobile terminal, including a short-range communication module performing the short-range communication channel, memory storing authorization information for allowing access to unaccessible information stored in the information device, and a controller transmitting the authorization information through the short-range communication module.03-11-2010
20100077487COMPUTERIZED METHOD AND SYSTEM FOR RESTRICTING ACCESS TO PATIENT PROTECTED HEALTH INFORMATION - A computerized system and method for allowing restricted access to patient healthcare information is provided. Upon determining that one or more users are assigned to the location where an order for a patient is to be performed, the method allows one or more users restricted access to the order. The system includes an order entry module, an access evaluation module, a location entry module and a user module. The access evaluation module includes an assignment determination sub-module for determining whether one or more users are assigned to the specified location where an order for a patient is to be performed. The assignment determination module also includes a restricted access sub-module coupled with the assignment determination module and configured to allow restricted access to one or more users assigned to the specified location.03-25-2010
20100064375METHOD, SYSTEM AND APPARATUS FOR SECURE DATA EDITING - A system, method, and apparatus for secure data editing is disclosed. A data field receives focus to accept a data entry from a user. The user inputs a data entry into the data field via a user interface. A determination is made of whether a manual lock event, a change focus event, or a time out event has triggered based on the user's action or inaction with the user interface. Upon the triggering of a manual lock event, a change focus event, or a time out event, the data entry in the data field is obscured. The user interface may display a data entry with a validation character which provides a reference point within the data entry while the data entry is displayed and while the data entry is obscured. The system may allow a user to have a specified function set based on his user access level.03-11-2010
20100064377ACCESS RIGHTS FOR DIGITAL OBJECTS - A digital object for distribution from a provider to a content user and a method of distribution of such an object is disclosed. The digital object comprises content and a tag containing data that is derived algorithmically from the content and from a secret not known to the content user. The tag is constructed such that the content user can, upon receipt of a communication from a requestor purporting to have the authority of the provider, perform an exchange of information with the requestor, and by inspection of the exchanged information and of the tag, determine whether the requestor is in possession of the secret and choose to act upon or not act upon the communication accordingly. The tag may additionally include a value that defines an access category that specifies the extent to which the owner wishes the content to be distributed. A server from which an object has been delivered to a third party can send a message to the third party to request, amongst other things, that the access category be changed. The third party can use the tag in the object to verify the authority of the request.03-11-2010
20110107435STORAGE MEDIUM HAVING INFORMATION PROCESSING PROGRAM STORED THEREIN, INFORMATION PROCESSING APPARATUS, AND INFORMATION PROCESSING SYSTEM - An information processing apparatus displays, on a display device, personal information including person-identifying information based on which a person can be identified and non-person-identifying information based on which a person cannot be identified. First, the information processing apparatus determines whether or not authentication of a user has succeeded based on an input by the user and authentication information stored in storage means of the information processing apparatus. Then, the information processing apparatus prohibits display of the person-identifying information of the personal information stored in the storage means when it is determined that authentication has failed.05-05-2011
20120304312COMMUNICATIONS DEVICE - A mobile device is provided having a smart card. The smart card is programmed with UICC applications metadata that is provided to the mobile device during a power-up or reset routine. The mobile device uses the UICC applications metadata to generate a user interface that allows a user to launch directly an application on the smart card. Icons for the UICC applications can be displayed together with icons for applications residing on the mobile device. In this way, the user selection of UICC resident applications is facilitated and can be made transparent to the user.11-29-2012
20120304311Tokenized Resource Access - A method and system for unlocking diagnostic functions in a hardware device for a user. The method obtains a signed permission object for the hardware device, and validates the signed permission object. A memory of the hardware device stores a device identifier and a last recorded sequence number. The signed permission object includes a sequence number and is associated with an expiration counter having an initial value that indicates a lifetime for the signed permission object. When the signed permission object is valid, the method updates the expiration counter to decrease the lifetime of the signed permission object, stores the sequence number associated with the signed permission object as the last recorded sequence number in the hardware device, and unlocks the diagnostic functions for the user based on the signed permission object.11-29-2012
20120304310SECURE EXECUTION OF UNSECURED APPS ON A DEVICE - An app is secured on a mobile device by being deconstructed or unbundled into multiple modules, where a module is a segment of app code that performs a particular function. It is then determined which modules from the multiple modules perform some type of security function, for example, a function dealing with confidential or security-related data. These modules, forming a group of modules, are loaded into a trusted execution environment. The app is then re-bundled so that it has the first plurality of modules and the second plurality of modules. The app executes in a manner where the high security functions execute so that break points cannot be inserted into the app code. The re-bundling is done automatically in an app security wrapping process. Security constraints are added to the app.11-29-2012
20120304308METHOD AND SYSTEM PROVIDING ADVICE AND SERVICES TO CONSUMERS - The present invention provides a method and system for providing advice and/or services to a consumer including the secure electronic storage of rich private personal data preferably held on behalf of persons entities. The system provides the applications, processes, controls and data management services to collect, transfer, store and selectively retrieve data necessary to perform specified planning and decision support activities that have been integrated with the secure data store. The invention provides for the data owner and authorized persons to gain access to accessible data to undertake permitted tasks. These tasks may include receiving data, or undertaking planning, or such other tasks as prescribed. In an embodiment, the system limits access to applications to authorized persons and requires permissions from the owner in order to manage data privacy standards. The system allows the owner to provide and revoke access to applications and tracks and records all access events.11-29-2012
20120304307Computer Implemented System for Facilitating Configuration, Data Tracking and Reporting for Data Centric Applications - A computer implemented system for facilitating configuration, data tracking and reporting for data centric applications and a method for performing the same have been disclosed. The system enables an enterprise to quickly move from paper based tracking to web based mode by configuring metadata. Also, the system hosts multiple tenants on a single server and enables creation of workspace to enable users within a tenant to securely view the data based on his/her permission levels. Additionally, the system classifies the resources as ‘Human’ and ‘Non-Human’ resources and further as static resources which are shared metadata across tenants and non-static resources which are applicable only to a particular tenant. Thus, the system enables common information to be shared easily across various organizations while securing the data via workspaces. Furthermore, the system includes report creation and dashboard generation capability using data from within the system as well as from external databases.11-29-2012
20120304306SYSTEM FOR ENTERPRISE DIGITAL RIGHTS MANAGEMENT - The present subject matter relates to devices and methods for enterprise digital rights management. In one implementation, a device includes a security module configured to generate a security key. The security module encrypts at least one document of a user, using the security key, to generate a protected document. Further, the device includes an access control module configured to assign an access right to one or more users within an enterprise for accessing the protected document. The access control module is further configured to delegate the access right from the user to another user. The access control module is furthermore configured to lock at least one of the user and the protected document.11-29-2012
20110088100DISABLING ELECTRONIC DISPLAY DEVICES - A system for and method of management of electronic content access are disclosed. The system and method provide for managing electronic content access including detecting, at an electronic paper display device, an event requiring electronic content access management. According to some embodiments, access may be disabled to one or more portions of electronic content for a user of the electronic paper display device based at least in part on the detection of an event requiring electronic content access management. In one or more embodiments, a notification may be sent to a user of an electronic paper display device based at least in part on the detection of an event requiring electronic content access management.04-14-2011
20110107434PRIVACY THROUGH ARTIFICIAL CONTEXTUAL DATA GENERATION - Embodiments of the present disclosure provide a method and system for protecting privacy by generating artificial contextual data. The system collects real contextual data related to a user. The system then generates artificial contextual data, based on the collected real contextual data. The system also groups the generated contextual data into one or more groups. Each group of contextual data corresponds to a persona that can be presented as the user's persona. Subsequently, the system transmits the generated contextual data to an entity, thereby allowing the user to obscure the real contextual data related to the user.05-05-2011
20110083197PRIVILEGED ACCESS TO ENCRYPTED DATA - Content processing is disclosed. An indication that a sender desires to send encrypted content to a destination is received. An agreement is obtained from the sender to provide an access key to a node other than the destination and to encrypt content sent to the destination using an encryption key selected such that the access key is usable to decrypt the content.04-07-2011
20130014278INTELLIGENT DECISION SUPPORT FOR CONSENT MANAGEMENT - Embodiments of the invention relate to a system and computer program product to intelligently provide consent to access a record in a shared pool of resources. Tools are provided to support policies to address and maintain restrictive access of a designated record, both with respect to local and non-local rules and regulations, as well as personal restrictions pertaining to personal and discretionary sharing decisions.01-10-2013
20110061110Viewing Content Under Enterprise Digital Rights Management without a Client Side Access Component - An E-DRM remote caching system enables a user without a client side E-DRM access component to view E-DRM governed content on a variety of client devices. The user transmits inaccessible E-DRM governed content to be viewed to a the remote caching system. The remote system receives the content, temporarily stores it in a cache, and determines whether the user has sufficient rights to view the content. If the user does have sufficient access rights, the remote system transforms the content into a secure, viewable format and securely transmits it to the user. The user can view the E-DRM governed content without an E-DRM client side access component. The E-DRM remote caching system can add a unique digital marker to received content. The marker can be subsequently used to identify the origin of compromised content.03-10-2011
20110252483Reputation-Based Authorization Decisions - This document describes tools capable of receiving reputation metadata effective to enable better decision making about whether or not to authorize operations. The tools may build a reputation value from this reputation metadata and, based on this value and an authorization rule, better decide whether or not to authorize an operation requested by some program, application, or other actor.10-13-2011
20120072997Systems and Methods to Modify Interaction Rules During Run Time - In one aspect, a computing apparatus is configured to represent offer rules based on requirements for the detection of predefined types of events and actions scheduled to be performed in response to the detection of each occurrence of the events. The events are independent from each other in processing and are linked via prerequisite conditions to formulate the requirements of an offer campaign. The computing apparatus is configured to store data indicating the completion statuses of the events and process the events, including the scheduled actions, if any, in an atomic way. Thus, the offer rules can be changed on-the-fly during run time execution by the computing apparatus.03-22-2012
20110061111ACCESS PERMISSIONS ENTITLEMENT REVIEW - A system for operating an enterprise computer network including multiple network objects, said system comprising monitoring and collection functionality for obtaining continuously updated information regarding at least one of access permissions and actual usage of said network objects, and entitlement review by owner functionality operative to present to at least one owner of at least one network object a visually sensible indication of authorization status including a specific indication of users which were not yet authorized by said at least one owner of said at least one network object.03-10-2011
20130014283DATABASE APPLICATION SECURITY - A method allows access to a set of secure databases and database applications over an untrusted network without replicating the secure database. The method involves authenticating a user using a first authentication application. When the user is verified, then the user's credentials are directed to a second authentication application associated with a secure database based on a first set of user settings retrieved for the user. The second authentication application, based on a second set of user settings, grants the user access to the secure database and database applications associated with the secure database.01-10-2013
20090025089Security System Based on Input Shortcuts for a Computer Device - A method of activating security functions on a computer device, for example a mobile communications device. The computer device includes a device state that may be realized by way of a first user input or a second user input. The method includes designating the first user input to realize the device state as a security rule having an associated security function, detecting realization of the device state, and activating the associated security function if the device state was realized by way of the second user input rather than the first user input. For example, the first user input may be a shortcut input, and the second user input may be a conventional or normal input.01-22-2009
20110258707E-MAIL WITH SECURE MESSAGE PARTS - A method for preventing a recipient of an electronically transmitted message from taking at least one action in relation to the message is disclosed. The message has at least two parts with one of the parts having a higher level of security than the other part. The method includes the step of extracting information from the message. The information indicates that the higher level security part is not permitted to have the action taken on it while the other part is so permitted. The method also includes the step of preventing the higher level security part from having the action taken on it in reaction to said recipient making an offending request.10-20-2011
20130014284Leveraging A Social Graph From A Social Network For Social Context In Other Systems - A social network contains information describing information about members of the social network and about various connections among the members. An external system that interacts with users (such as a website) communicates with the social network to access information about the members of the social network. In particular, the external system may determine whether a user is a member of the social network and then obtain information about the member and the member's connections within the social network. This allows an external system to use information from the social network to enhance a user's experience on the external system, while enforcing each member's privacy settings.01-10-2013
20100325738DYNAMIC DUAL PERMISSIONS-BASED DATA CAPTURING AND LOGGING - Embodiments of the present invention address deficiencies of the art in respect to application data logging and provide a novel and non-obvious method, system and computer program product for capturing and logging application data. In an embodiment of the invention, a method for capturing and logging application data can include consulting both administrative permissions for capturing and logging application data, and also user permissions for capturing and logging application data. Subsequently, application data can be captured and logged only if permitted by the administrative permissions and the user permissions. In this regard, it can be determined from either or both of the permissions whether capturing and logging of application data is permitted generally, and also a type or portion of the application data that is permitted to be captured and logged.12-23-2010
20100325737RIGHTS-BASED ADVERTISEMENT MANAGEMENT IN PROTECTED MEDIA - A user playing a media file having ads on a playback device is able to automatically skip the ads during playback depending on the user's subscription level, as indicated in a user license or user account information. Whether an ad is automatically skipped may depend not only on the user license but also on attributes of the ad. An ad may have a skip-level which indicates the “importance” of the ad. If the advertiser wants to ensure that the ad will be seen and not be automatically skipped by a media playback unit, it can pay a higher price for the ad and the ad will be assigned a higher skip-level value. On the user subscription side, a user who wants to avoid ads may pay a higher subscription fee and have a user license that determines, via an auto-skip level value (“user level”), how many ads the user can automatically skip during playback of the media file. With a higher the auto-skip level value, the user is able to automatically skip more ads on the playback device.12-23-2010
20110154508METHOD AND SYSTEM FOR PROVIDING ONLINE RECORDS - A method for providing a user with the ability to access and collect records associated with the user in a secure and private manner includes associating access information with the user for the user to use to access a server storing files comprising records associated with the user in a computer readable storage medium, providing the user with a user interface on a computing device to remotely access the records stored on the server, receiving at the server the files comprising records associated with the user from a service provider associated with the user, receiving at the server a request from the user made through the user interface of the computing device for access to the files, wherein the access information is associated with the request, and sending the user a file containing the records associated with user from the server to the computing device in response to the request.06-23-2011
20110154507ESTABLISHING AN INTERACTIVE ENVIRONMENT FOR RENDERED DOCUMENTS - A system for identifying an electronic counterpart for a rendered document is described. The system receives an indication of a text capture operation performed from a rendered document. The indication identifies a text sequence captured as part of the text capture operation, the identified text sequence comprising fewer than nine words. In response to receiving the indication, the system uniquely identifies an electronic document from which the rendered document was rendered.06-23-2011
20110154506Federation of email - A method of federating electronic mail (e-mail). A request can be received from a first user to view at least one e-mail of a second user, the request including at least one identifier corresponding to the second user and a criteria indicating a subject matter of the e-mail. The method further can include verifying whether the first user is authorized to access the e-mail of the second user that satisfies the criteria. Responsive to determining that the first user is authorized to view the e-mail of the second user that satisfies the criteria, the first user can be provided access to view the at least one e-mail that satisfies the criteria.06-23-2011
20100306858Multi-Level Authentication for Medical Data Access - Techniques for multi-level authentication for medical data access are supported. A system may include a central medical information management system that provides restricted access to medical data. An accessing device supports multiple different authentication levels. For example, the accessing device may use a combination of device identifiers, passwords, and quick access codes to ensure access only by authorized users.12-02-2010
20100122350PASSWORD METHODS AND SYSTEMS FOR USE ON A MOBILE DEVICE - Systems and methods for operation upon a mobile device to handle a duress situation caused by another person. An input password is received from a user. The input password is decoded by the device. Responsive to the input password being a duress indication, a duress operation is performed to protect data on the mobile device.05-13-2010
20120151603Method, Apparatus and Server for User Verification - The present disclosure discloses a method, apparatus, and server for user verification to store a plurality of pictures in a database and define a plurality of rotational directions. The method includes: when receiving from a client a request for a checkcode, rotating a picture retrieved from a database according to a defined rotational direction; after storing a correlation between an identification of the client and the rotational direction of the retrieved picture, outputting the rotated picture to the client; receiving a rotational direction of the picture from the client; finding the stored correlation between the identification of the client and the stored rotational direction of the retrieved picture according to the identification of the client; determining whether or not the rotational direction of the picture returned from the client matches the stored rotational direction. If they match, user verification is passed; otherwise, the user verification is failed. The large number of pictures in the database makes it difficult for enumeration. In addition, by using the rotational direction as identification information to verify user, the safety and accuracy of user verification can be enhanced.06-14-2012
20120204270LICENSE RECONCILIATION FOR ONLINE SERVICES - A user interface that allows for efficient resolution of license conflicts. The user interface includes a license conflict discovery mechanism that automatically discovers whether a license conflict exists for a license. Upon determining a subset of available resolution methods that are suitable for the administrator right corresponding to the user of the user interface, the user interface provides a resolution prompt. The resolution prompt prompts the user of the user interface to resolve the license conflict using any one of the available subset of resolution methods. The types of the offered resolution methods offered by the user interface differ according to the administration rights of the user.08-09-2012
20090320142DATA PROCESSOR - A data processor by means of which when the right of a content being automatically reproduced extinguishes, the reproduction is continued so as to prevent the user from feeling discomfort, the content reproduction information is recorded and transmitted to a content distributor, and the user is charged. In the data processor, when a control unit (12-24-2009
20090241201TECHNIQUES FOR MULTILINGUAL PASSWORD CHALLENGE RESPONSE, PASSWORD RESET, AND/OR PASSWORD RECOVERY - Techniques for multilingual password challenge response, password reset, and/or password recovery are presented. When a password reset or password recovery request is received, a series of challenge questions are serially asked such that each question has to be answered correctly before the next question in the series is even presented. Furthermore, at least two questions are asked in different languages from one another.09-24-2009
20110162084SELECTING PORTIONS OF COMPUTER-ACCESSIBLE DOCUMENTS FOR POST-SELECTION PROCESSING - Processing documents by highlighting a portion of a document displayed on a computer display, where the portion is highlighted when a cursor is in a predefined location of the display relative to the location of the portion of the document, where the portion is identified as a candidate for selection for a post-selection operation prior to the cursor being in the predefined location of the display, and where the highlighting is done independent of any input received via a computer input device to indicate the extents of the portion, and recording a selection of the portion when an input that is predefined to indicate a selection action is received in association with the portion via a computer input device.06-30-2011
20080320602Method And System For Authenticating A User - Method of authenticating a user in a heterogeneous computer environment. The method may include defining a set of unique prefixes, each prefix identifying a type of user repository; defining a set of abstract repository names, each abstract repository name identifying an address of a user repository; and authenticating the user in the heterogeneous computer environment by assigning a sequence comprising a unique prefix, a reference to an abstract repository name and a unique identifier for the user within the user repository indicated by the reference to the abstract repository name.12-25-2008
20080320605METHOD AND SYSTEM FOR TRACKING AND MANAGING RIGHTS FOR DIGITAL MUSIC - A method for digital rights management for a copyright work that is copied from device to device from among a plurality of devices, some of which are parent devices and some of which are child devices, and wherein a child device may be registered with a parent device, including copying a digital work from a parent device, P12-25-2008
20110179499System and Method for Communicating with Elected Officials - A method for facilitating communication concerning elected officials or candidates for election is disclosed. A server stores information associated with elected officials or candidates for election. The information defines a constituency group for each elected official and for each candidate for election. A user is qualified for constituency groups when the user accesses the server through a computing device. The server then provides the user access to the information associated with those elected officials and candidates for election for which the user is a qualified member of the respective constituency group.07-21-2011
20080313745METHOD AND APPARATUS FOR PREVENTING ILLEGAL REUSE OF DIGITAL RIGHT MANAGEMENT CONTENT IN PORTABLE TERMINAL - A method and apparatus for preventing illegal reuse of Digital Right Management (DRM) content in a portable terminal is provided. The method includes performing user authentication when there is an attempt to restore a Right Object (RO) backup file, and identifying information on the RO backup file to be pre-restored in a terminal, and determining if the RO backup file can be restored according to the identified information.12-18-2008
20080313744Computer Readable Medium Embodying Control Program, Image Forming Apparatus, Control System, and Control Method - Disclosed a computer readable medium embodying a control program enabling a computer to function as: a save control section to save document data of a first document including secret information at a predetermined saving position; a code generating section to generate a code in which address information of the saving position and opening range information defining an opening range of users to whom the secret information is opened are recorded; and an output control section to enable printing or displaying a second document in which a specified position of the first document is obscured and the code is added.12-18-2008
20080289050Copyright Protection Storage Medium, Information Recording Apparatus and Information Recording Method, and Information Playback Apparatus and Information Playback Method - To provide a copyright protection storage medium in which copyright protected contents are recorded by an information recording apparatus connected to a content server providing copyright protected contents and a license server handling licenses concerning recording/playback of the copyright protected contents through a network, in which the copyright protected contents are written by a simple copy-and-paste when the information recording apparatus is possessed by a prescribed user, and the copyright protected contents are written by combining a domain model which assures playback in the apparatus and a media-bind model when the information recording apparatus is possessed by another user.11-20-2008
20110055934METHOD AND SYSTEM FOR TUNABLE DISTRIBUTION OF CONTENT - A method and system for tunable distribution of content are disclosed. Preferably, the content comprises digital rights and/or watermark information. In one embodiment, a computer-implemented method comprises receiving a request from a client. One or more content files related to the request and a user profile of a user are determined. One or more seeders are assigned to start the delivery of the one or more content files. The client is allowed to obtain a plurality of pieces of the one or more content files from the one or more seeders. At least one piece of the plurality of pieces of the one or more content files contains digital rights and/or watermark information.03-03-2011
20110167501Digital rights management method and digital rights management-enabled mobile device - A DRM method and DRM-enabled mobile device are provided, in which determinations are made as to whether a playback request is input for replaying a media file, and, if so, whether the media file is a rights-protected media file on the basis of a file format of the media file. If the media file is a rights-protected media file, at least one sample playback part of the rights-protected media file is verified and replayed; otherwise, the entire rights-protected media file is replayed.07-07-2011
20130198864LICENSING FOR SERVICES - A method, system, and computer-readable storage media for providing licensing for services are provided herein. The method includes determining, via a service partner, whether a user exists in a user provisioning cache and whether the user is provisioned to use a service provided by the service partner. The method also includes querying a licensing service to determine updates to the user provisioning cache if the user does not exist in the user provisioning cache or is not provisioned to use the service, or both. Further, the method includes determining whether the user is provisioned to use the service based on the updates to the user provisioning cache and, if the user is provisioned to use the service, allowing the user access to the service.08-01-2013
20130198865TRANSMISSION APPARATUS, TRANSMISSION METHOD, AND RECORDING MEDIUM - A transmission apparatus capable of transmitting a first content stored in a first storage area to a receiving apparatus includes a determination unit configured to determine whether the receiving apparatus has authority to access a second storage area storing a second content associated with the first content, a storage unit configured to store the second content in a third storage area different from the second storage area in a case where the receiving apparatus does not have authority to access the second storage area, and a transmission unit configured to transmit to the receiving apparatus access information for accessing the third storage area storing the second content by the storage unit.08-01-2013
20110010776Image Management System - A method of managing product images comprising the steps of establishing an inventory of products, obtaining a plurality of digital images of the inventory of products, storing the plurality of digital images of the inventory of products, providing a set of rules for controlling access to the plurality of digital images of the inventory of products, providing a management system for implementing the set of rules to control access to the plurality of digital images of the inventory of products based on the set of permissions granted to an authorized user, receiving an access request from a remote user via a network, determining whether the user is an authorized user who is authorized to access the plurality of digital images of the inventory of products, determining the set of permissions granted to the authorized user, and allowing the authorized user to access the plurality of digital images of the inventory of products via a network according to the set of permissions granted to the authorized user. The images are captured from multiple angles to allow the image to appear to be rotating when consecutive images are displayed. An image processing system removes background information from the image such that only the selected item appears, and alternative backgrounds may be provided to give the appearance that an object was filmed at the preselected location.01-13-2011
20080209571Device for Secure Access to Digital Media Contents, Virtual Multi-Interface Driver and System for Secure Access to Digital Media Contents - A device for secure access to digital media contents, the device comprising an access means for accessing digital media contents from a data source and a reader for authenticating a user, the authentication being performed by checking some authentication data. An internal communication path between the access means and the reader is not directly accessible from outside the device.08-28-2008
20110016536SYSTEMS AND METHODS FOR MANAGING PERMISSIONS FOR INFORMATION OWNERSHIP IN THE CLOUD - The present invention relates to a central (root) directory and the synchronization of unique identifiers associated with a payment addresses and permission preferences at different institutions. In a preferred embodiment, each unique identifier associates an account owner's permissions preference for the release of personal identifying information without the need for transaction-by-transaction explicit permissions or blanket implicit permissions. An asset transfer deposit account (for information and/or monetary assets) may be set up as a deposit only account. In this way, the present invention can be effective in eliminating many privacy concerns of account owners and security requirements of an information asset repository.01-20-2011
20110016535COMPUTER READABLE MEDIUM STORING PROGRAM, INFORMATION PROCESSING APPARATUS, AND INFORMATION PROCESSING METHOD - A computer readable medium storing a program causing a computer to execute a process for information processing, the process includes: receiving a first characteristic value calculated on the basis of first document information for use in detecting whether the first document information is tampered with or not; receiving a second characteristic value calculated on the basis of second document information for use in detecting whether the second document information is tampered with or not; and calculating a third characteristic value for use in detecting whether third document information is tampered with or not on the basis of the first characteristic value, the second characteristic value and the third document information related to integration of the first document information and the second document information.01-20-2011
20110016534IMPLICIT AUTHENTICATION - Embodiments of the present disclosure provide a method and system for implicitly authenticating a user to access controlled resources. The system receives a request to access the controlled resources. The system then determines a user behavior score based on a user behavior model, and recent contextual data about the user. The user behavior score facilitates identifying a level of consistency between one or more recent user events and a past user behavior pattern. The recent contextual data, which comprise a plurality of data streams, are collected from one or more user devices without prompting the user to perform an action explicitly associated with authentication. The plurality of data streams provide basis for determining the user behavior score, but a data stream alone provides insufficient basis for the determination of the user behavior score. The system also provides the user behavior score to an access controller of the controlled resource.01-20-2011
20110167500DOCUMENT MANAGEMENT DEVICE, DOCUMENT MANAGEMENT METHOD AND STORAGE MEDIUM - A document management device, when receiving information on a document registration user who is a requester for document registration and information on a document registration destination, provides a first page (top page) displayed when the document registration user logs into the document management device with a link (button) for accessing a second page for registering a desired document at the document registration destination. When the document registration user performs an operation of registering the desired document on the second page accessed through the link included in the first page, the desired document is registered at the document registration destination.07-07-2011
20120311723Physical Confirmation For Network-Provided Content - A computer-implemented method includes receiving, from a remote communication device and at a server system, information that indicates a unique identifier for a physical item that corresponds to media content, the identifier differing from identifiers for other physical items that correspond to the same content; associating the received information with an account of a first user of a hosted internet service; and subsequently providing, by the hosted internet service, content that matches the content that corresponds to the physical item, based on a determination that the received information authorizes the first user to obtain the content provided by the hosted internet service.12-06-2012
20120311722ELECTRONIC SYSTEMS WITH DATA PROTECTION FUNCTIONS - A communication component sends a request of an action list to a server if information fails to pass authentication. A control component processes content stored in an electronic device according to a reply generated in response to the request. The reply includes the action list. The processing is performed according to an action included in the action list.12-06-2012
20110126296Method For Scalable Access Control Decisions - Content access may be provided and processed by assigning responsibility for obtaining entitlement data to the client's browser. Thus, in one example, the client may be configured to synchronize and coordinate data lookups associated with a content request, rather than relying on the server to do so. The network architecture may use a mediator design pattern, in which the client's browser acts as the mediator (i.e., middleman) between a content server and an entitlement data server. Accordingly, synchronous calls between server-side services might not be required. Instead, data necessary for the content server to process a client request for access to protected content may be received in the incoming request from the client's browser.05-26-2011
20120278902INCREMENTAL DEPLOYMENT OF COMPUTER SOFTWARE PROGRAM LOGIC - Systems and methods for requesting computer software program logic by a client computing device from a server are provided. The method at the server comprises receiving a request for the computer software program logic from the client device along with a first list comprising details about multiple modules running on the client device; determining a second list comprising details about multiple modules required to deploy the computer software program logic on the client device; checking whether the modules of the second list need to be substituted based on their availability or suitability; updating the second list; checking whether the client device has permission rights for accessing the modules of the updated second list; and sending an object comprising the modules of the updated second list to the client device, the updated second list comprising details about the modules required for deployment of logic on the client device.11-01-2012
20110138482DATA DELIVERY APPARATUS AND DATA DELIVERY METHOD - A data delivery apparatus including a storage adapted to store limited-access data which associates user data for specifying a user, with data, access to which is permitted or limited to the user; a function determination unit adapted to determine whether a destination device to which the limited-access data is to be transmitted has an access control function of permitting or limiting access to the limited-access data for each user; an authentication unit adapted to, when the limited-access data destination device is determined not to have the access control function, request input of authentication information and performing an authentication process using the input authentication information; and a transmission control unit adapted to, when the authentication process by said authentication unit is successful, transmitting the limited-access data to the destination device.06-09-2011
20110138480METHOD AND APPARATUS FOR PROVIDING MOBILE SOCIAL NETWORKING PRIVACY - A method, computer readable medium and apparatus for providing mobile social networking privacy are disclosed. For example, the method receives a request from a third party application for location information of a mobile endpoint device user, determines whether the third party application is a multiple user application and provides the location information of the mobile endpoint device user to the third party application in accordance with a privacy setting pre-defined by an authorized user if the third party application is a multiple user application.06-09-2011
20110138479Maintaining The Integrity Of Email Authorship - Maintaining the integrity of email authorship including receiving, by a receiving email client, an email message containing content created by a sender; identifying, in dependence upon the email message, an edit authority value; receiving, from a recipient of the email message, an instruction to forward the received email message; receiving, from the recipient, an instruction to edit the content contained in the received email message; and determining, in dependence upon the edit authority value, whether to allow the recipient to edit the content; if the recipient is allowed to edit the content, determining, in dependence upon the edit authority value, whether to enforce edit tracking in the content; and forwarding the email message with the recipient's edits tracked if edit tracking is enforced; or forwarding the email message with the recipient's edits untracked if edit tracking is not enforced.06-09-2011
20110138481RECORDING MEDIUM, AND RECORDING/REPRODUCING METHOD AND RECORDING/REPRODUCING APPARATUS FOR RECORDING MEDIUM - The present invention provides a recording/reproducing method for a recording medium including a data recording layer and a user information recording layer, wherein the recording/reproducing method includes the steps of: receiving inputted user information; determining whether the inputted user information matches the user information recorded on the user information recording layer of the recording medium; and recording data onto the data recording layer of the recording medium, or reproducing data of the data recording layer, in accordance with the result of the determination.06-09-2011
20110258706LICENSING RIGHTS FOR MEDIA CONTENT THAT FOLLOWS A SUBSCRIBER - Various embodiments of the present invention relate to systems, methods, and computer-readable medium providing licensing rights for media content that follows a subscriber so that the subscriber may experience the media content on various content distribution platforms. In particular embodiments, the systems, methods, and computer-readable medium transfer licensing rights for a user for particular media content that is associated with a first device on a first distribution platform so that the rights are associated with a second device on a second distribution platform. As a result, in various embodiments, the user is able to experience the particular media content with the use of the second device on the second distribution platform.10-20-2011
20100077486METHOD AND APPARATUS FOR DIGITAL CONTENT MANAGEMENT - The present invention discloses a method for using digital content. According to this method, a user terminal acquires an authorization file at least including a predetermined processing right from the authorization terminal, the predetermined processing right allowing the user terminal to process the digital content in the predetermined manner, e.g. edit the digital content. When the processing right requested by the user is included in the authorization file that the user terminal acquires, the user can perform the predetermined processing on the digital content. This invention also discloses apparatus for using the digital content. The method and apparatus of the present invention can bring better convenience to the user and protect profits of the content provider as well.03-25-2010
20090293135INFORMATION PROCESSING APPARATUS AND CONTROL METHOD THEREFOR - An information processing apparatus includes a document registration unit configured to register a document, a data extraction unit configured to extract a content of the document, a first setting unit configured to set an access right to the document to each user, and a first character string registration unit configured to register a character string for each user. In the information processing apparatus, when the document is registered by the document registration unit, the first setting unit sets an access right of a user to the document based on a result of comparison of the character string registered by the first character string registration unit with the content of the document extracted by the data extraction unit.11-26-2009
20090293133Card Authorization Terminal System and a Card Management Method Using the Same - The present invention relates to a card authorization terminal system and an electronic card processing method using the card authorization terminal system. An authorization terminal system includes an exclusive database management system to update and delete property change information, and a card processing method uses the authorization terminal system. In the card processing method, since a physical memory area is efficiently managed, a problem of memory capacity limitation is solved, a processing speed delay caused by a file processing structure is improved, and various pieces of information may be managed.11-26-2009
20110265188Role-Based Graphical User Interfaces - A role-based Graphical User Interface (GUI) may be provided. First, information associated with an application user may be received. A role associated the application user may be then determined. The role may then be analyzed to determine which application elements are permitted to the user and which application elements are restricted from the application user. Next, the permitted application elements may be loaded with permissible GUI elements visible and restricted GUI elements hidden. The permissible GUI elements may be associated with the application elements permitted to the application user, while the restricted GUI elements may be associated with the application elements restricted from the user.10-27-2011
20110191862System and Method for Restricting Access to Requested Data Based on User Location - A system and method for restricting access to requested data based on user location are disclosed. The method comprises receiving a data request and determining origin location information of the data request from a source providing information having accuracy to a predetermined standard. The method further comprises retrieving one or more policies associated with the requested data, comparing the origin location information with the policies, and dynamically adjusting access restrictions to the requested data based on the comparison.08-04-2011
20110191861Systems and Methods for Dynamic Management of Geo-Fenced and Geo-Targeted Media Content and Content Alternatives in Content Management Systems - Computer-implemented systems and methods are described for providing user access to content via customized options for a plurality of regions, a customized option being provided to a user based on a region associated with the user. An upload of content for distribution and metadata describing the content are received. A first option definition is received that defines first criteria for accessing the content in a first region. A second option definition defining second criteria for accessing the content in a second region is received. One or more options for the content are provided to the user based on the region associated with the user. An identification of an option is received from the user, and access to the content is provided according to the criteria of the option that the user has identified.08-04-2011
20100058486METHOD FOR SECURE ACCESS TO AND SECURE DATA TRANSFER FROM A VIRTUAL SENSITIVE COMPARTMENTED INFORMATION FACILITY (SCIF) - The present disclosure is directed to a method for limiting access to a virtual sensitive compartmented information facility (SCIF) and secure transport of information between two virtual SCIFs. The method may comprise creating a virtual SCIF, allowing access to the to the virtual SCIF to only those virtual subjects having the proper security clearance as analyzed by an access rule set loaded into an object request broker, creating a second virtual SCIF, creating a key lockable secure container to transport the information from the first virtual SCIF to the second virtual SCIF, and restricting access to the key to unlock the secure container in the second virtual SCIF.03-04-2010
20100024045METHODS AND APPARATUSES FOR PRIVACY IN LOCATION-AWARE SYSTEMS - In one embodiment a method is disclosed for accepting and enforcing user selectable privacy settings for context awareness including location awareness data on a computing platform. The method may identify a requestor, assign a privacy setting to the requester then detect a request for location information from the requestor. The method may transmit location information to the requester based on the user selected privacy setting. The user selected privacy setting may have a granularity assigned to each requestor based on a privacy preference and the method may entirely block the location information from being disclosed or the method may modify the granularity/accuracy of the location information based on the privacy setting to report context of an appropriate level of granularity according to the privacy setting configured by the user. Other embodiments are also disclosed.01-28-2010
20100017890Symbol Based Cipher Code Registration System and Method - A symbol cipher system. The system has a symbol cipher application for execution on a digital platform. The symbol cipher application has: a first group of symbol components; a first range of code entry fields; a cipher correlation table. The cipher correlation table correlates the first group of symbol components to a first range of language characters. The first group of symbol components can be entered into the first range of code entry fields for registration of a symbol information item in an application database.01-21-2010
20100017889Control of Website Usage Via Online Storage of Restricted Authentication Credentials - A client communicates with a website usage server via a network to gain access to an account on a website. The client requests an indication of whether user access to the account on the website is permitted. The website usage server determines whether website usage is permitted based at least in part on a website usage policy associated with the website and the user. The website usage server provides restricted authentication credentials to the website responsive to determining that access to the account is permitted.01-21-2010
20120042393USER TERMINAL, METHOD AND SYSTEM FOR TRANSMITTING DIGITAL CONTENT - A user terminal, a method and a system for transmitting digital content. A user terminal receives digital content from a digital content provider, the digital contents include a digital rights management (DRM) unit to change DRM information of the received digital content; a content processing unit to encode the digital content having the changed DRM information; and a communication unit to transmit the encoded digital content to an external terminal.02-16-2012
20120042392PEOPLE DIRECTORY WITH SOCIAL PRIVACY AND CONTACT ASSOCIATION FEATURES - In one embodiment, a social networking system provides people look up service and establish anonymous communication session between users; creates contact association for future communication between users; and configures one or more privacy settings for users.02-16-2012
20120042391METHOD AND SYSTEM FOR PROTECTING CHILDREN FROM ACCESSING INAPPROPRIATE MEDIA AVAILABLE TO A COMPUTER-BASED MEDIA ACCESS SYSTEM - A method for protecting children from accessing inappropriate media available to a computer-based media access system according to one embodiment is described. The method comprises configuring a usage compliance mechanism with at least one restricted media identifier which identifies the inappropriate media. The method further includes determining that a child is attempting to access an instance of media and comparing that instance of media with the restricted media identifier. When the instance of media matches the restricted media identifier, the child is denied access to the instance of media.02-16-2012
20120210447Secure video download method - A method of movie distribution runs on a server accessible by a user desiring to look for a movie to download. After user authentication, the server retrieves a user's permissions list from storage. When it receives a request from the user to download the movie, it checks the permissions list to determine whether or not the user has permission to download the movie. If permitted, the server watermarks the video in a process involving segmenting the video and sends an integrated stream of watermarked-video over the network. When the user does not have permission, then the server requests personal details to gain permission. The server optionally checks if the user is accessing the server from the same Internet Protocol address as used in a previous access. If not, the server asks the user to prove that the user is the same user that has permission to access the server.08-16-2012
20120047584USER REQUEST APPROVAL SYSTEM USING ADVERTISMENTS AND METHOD - A user request approval system includes access to an advertisement database, an advertisement verification generation module, a user interface module and a checking module. The advertisement database stores a plurality of advertisement. The advertisement verification generation module receives advertisement from the advertisement database and generates an advertisement verification based on the advertisement. The user interface module displays the advertisement verification on a user interface and receives an input user verification. The checking module determines if the input verification corresponds to the advertisement verification.02-23-2012
20120210446SESSION-CONTROLLED-ACCESS OF CLIENT DATA BY SUPPORT PERSONNEL - A method for controlling access to client data by support providers is disclosed herein. In one embodiment, such a method includes initiating a session on a server computer in response to receipt of a request for assistance from a client, the session having client data associated therewith. A session key is generated for the session. The session key includes a session identifier and a support provider identifier corresponding to an assignee. The session key may further include a client identifier corresponding to the client. Requests to access the client data include an assignee key including a session identifier and a support provider identifier, and potentially a client identifier if needed. The assignee key is compared to the session key. If correspondence is found between the identifiers in the assignee key and the session key, access is granted.08-16-2012
20120005761MOBILE ACCESS TO DIGITAL MEDIA - A computer implemented method provides a specific traveler with mobile access to a digital media library. A plurality of registration stations, which are utilized in a travel and lodging industry to acknowledge arrivals and departures of travelers, are monitored. In response to detecting a specific traveler checking in at a pre-determined registration station from the plurality of registration stations, contents of a pre-defined digital media library are transmitted to a digital media player for use by the specific traveler.01-05-2012
20120011594SYSTEM AND METHOD FOR COPPA COMPLIANCE FOR ONLINE EDUCATION - A method of providing an online verifiable consent from a parent to a minor to permit usage of an online education system and that prevents misrepresentation and unauthorized access is provided. The method comprises establishing a relationship between an adult parent and a minor and based on the relationship verifying whether the adult parent permits the minor access to the online education system. If the adult parent permits the minor access, the method then grants access to the minor to the online education system.01-12-2012
20120117661SOFTWARE AUTHORIZATION SYSTEM AND METHOD - A software authorization system has a server end and a user end. A software authorization method includes acquiring a software identification code of a protected software when the user end downloads the protected software from the server end; transmitting the software identification code and an inherent user identification code to the server end; acquiring a first key and main key by the server end according to the user identification code and the software identification code, respectively, so as to generate a second key by operating the main key and the first key and transmit the second key to the user end; restoring the main key by the user end with the second key combined with the first key; and decrypting the protected software by the main key. Therefore, the protected software is hard to be decrypted.05-10-2012
20120017286IMAGE FORMING APPARATUS, EQUIPMENT SYSTEM, AND COMPUTER-READABLE STORAGE MEDIUM - An image forming apparatus includes a login unit configured to receive a login of a user; a program storage unit; a function introduction unit configured to obtain a first program licensed to the user and license information of the first program, and to store the first program and the license information in the program storage unit without deleting a second program that is a different version of the first program from the program storage unit; a user information storage unit configured to store user information that registers license information of introduced programs and version information with user IDs; and a function providing unit configured to specify license information and version information that are associated with a user ID of a user who logs into the image forming apparatus in order to provide a function realized by a program corresponding to the license information and the version information to the user.01-19-2012
20120023593SYSTEM AND METHOD FOR FILTERING INTERNET CONTENT & BLOCKING UNDESIRED WEBSITES BY SECURE NETWORK APPLIANCE - A secure network appliance for filtering Internet websites checks each request from a user's browser against a whitelist of pre-approved websites and passes it only if it is on the whitelist. Otherwise, the request is replaced with pre-arranged content and returned as a response to the user's web browser. It can also check the port the user's request came through against an approved ports whitelist, and responses sent from the Internet against an approved websites whitelist. The network appliance is encapsulated within a secure container so that only an authorized administrator having a unique key can unlock it and access its control functions. The secure container may be formed as a separate hardware component that is physically interposed between a router and a user's computer, or as secure software that run on or operates with a network server.01-26-2012
20120023592MEDICAL ALERT COMPUTER INTERFACE TAMPER-PROOF SECURE DEVICE - A medical information system includes a portable device and remote authentication computing device. The portable device stores a person's personal medical information, which it does not allow to be accessed without authentication, and has an activation mechanism and a computing device communication mechanism. The remote authenticating computing device is connected to a computing device network and stores authentication information and has an authentication software module and a diagnostic software module. The activation mechanism communicates the device with the remote authenticating computing device. The authentication software module requests authentication information from a user, receives input authentication information, verifies received authentication data against the stored authentication information, and after successful verification allows the medical information to be accessed by a computing device. The diagnostic software module determines whether the portable device has been damaged or tampered with and if so the stored medical information is destroyed.01-26-2012
20120023595METHOD FOR UPDATING DATA IN ACCORDANCE WITH RIGHTS MANAGEMENT POLICY - Disclosed is a computerized system and method for dynamically applying a rights management policy to a message by allowing an administrator to associate certain rights management policies with certain senders and recipients of messages, with groups of users possessing certain common criteria which define the users and groups of users, with certain attributes of the message, and with certain environmental attributes. In some embodiments, an administrator is allowed to automatically update a rights management protected message as it passes through a message transfer agent. The administrator may determine either on a regular interval or an ad-hoc basis that the message transfer agent scan the messages stored to determine whether or not the content has expired. If the content has indeed expired the administrator may take steps to have the expired content deleted entirely, refreshed with more current content, or replaced with a tombstone indicating that the original content has expired.01-26-2012
20080320603ACCESS RIGHT MANAGEMENT APPARATUS, ACCESS RIGHT MANAGEMENT METHOD AND RECORDING MEDIUM STORING ACCESS RIGHT MANAGEMENT PROGRAM - An access right management apparatus, which includes: a management unit that manages permission and denial of access to an electronic document; a request reception unit that receives a request for an access right to access the electronic document; a determination unit that, when the request reception unit receives the request, determines whether or not the access to the electronic document is permitted to a requestor of the request based on the management unit; an access right provision unit that provides the access right to the requestor when the determination unit determines that the access to the electronic document is permitted to the requestor; and a changing unit that changes the denial of the access to the electronic document managed by the management unit to permission according to a history of provision of the access right to the requestor.12-25-2008
20120159646Storage device with a hidden space and its operation method - A storage device with a hidden space comprises a case, a biometric identification device and a switch device and embodies digital data protected in a private zone without any concern about digital data disclosed to any person who holds a data disk according to a procedure of comparing a user's characteristic signals transferred from a user's features read by the biometric identification device with a test program in an automatic executive program.06-21-2012
20120159649Sensitive Information Handling on a Collaboration System - On a document collaboration system, such as a wiki, the content of postings to the collaboration system is monitored for sensitive information. Under some embodiments, when instances of such sensitive information are detected, an e-mail is sent to the user that posted the collaboration page posting. In other embodiments, a message is then sent to a person associated with the entity that indicates that the information placed on the collaboration page is confidential information or is related to an asset of the entity. In further embodiments, individual people are assigned responsibility for monitoring the use of certain instances of sensitive information on the collaboration system. Each user is only notified when the instances they are responsible for appear on a collaboration page. In other embodiments, if a collaboration page includes an instance of sensitive information, access to the collaboration page is changed such that fewer people can access the collaboration page.06-21-2012
20120159648APPARATUS AND METHOD FOR MANAGING DIGITAL RIGHTS USING VIRTUALIZATION TECHNIQUE - The present invention relates to an apparatus and a method for managing digital rights using virtualization technique, and more particularly to an apparatus and a method for enabling a user to access a desired text file in an independent area through a virtual machine corresponding to a licensed right for accessing the text file. The present invention comprises a virtual machine (VM) management unit for controlling a user access authorization function for accessing the text file in the area to which the virtualization technique is applied.06-21-2012
20120210444APPARATUS AND METHOD FOR RESTRICTING THE EXECUTION OF A PROGRAM - An attribute detector detects the attributes of a user of a program. A determining unit determines, based on the detected attribute of a user, whether the user is a superior user for whom usage restriction is not necessary or a subordinate user for whom the usage restriction is necessary, for a program of a first type. The program of the first type is a program appealing to the taste of the user and that is frequently run by the user for many hours. When the user is verified to be the subordinate user and also when the user has executed a program of a second type for a predetermined number of recommended executions, a permission/rejection determining unit permits the execution of the program of the first type.08-16-2012
20120210445Systems and Methods for Verifying the Authenticity of a Remote Device - Some embodiments of the invention are directed to, among other things, systems, computer readable media, methods and any other means for verifying the authenticity of a client device. In some embodiments, a token is issued by one or more remote media servers that allows the client device to download video, media or other data from one or more remote media servers.08-16-2012
20120159647Systems and methods for user identity verification and risk analysis using available social and personal data - A new approach is proposed that contemplates systems and methods to support user identity verification based on social and personal information of the user. Under the approach, customers/users are required to grant identity verifying party a degree of access to their social network information, including but not limited to, account data and social graph information on social networks. The identity verifying party then acquires information of a current or potential user's online presence in addition to other information of the user and utilizes such information to verify the user's identity in the real world and/or to assess the fraud risk of a specific financial transaction requested by the user.06-21-2012
20120072996FACEMAIL - Systems and methods are disclosed for generating, sending, and delivering a message addressed using an image of an intended message recipient of the message. In one embodiment, a central server receives a message including an image of an intended message recipient from a first user device of a first user. The central server then identifies a second user as the intended message recipient based on the image of the intended message recipient. Then, before delivering the message, the central server obtains an image of a user at a second user device associated with the second user and sends the image to the first user device where the image is presented to the first user. Upon receiving authentication from the first user device that the user at the second user device is the intended message recipient, the central server delivers the message to the second user device of the second user.03-22-2012
20090138974CONTROLLED ACCESS TO MEDIA CONTENT05-28-2009
20120124676QUICK PAYMENT USING MOBILE DEVICE BINDING - Methods and systems are provided for secure device binding that provides user convenience through avoiding repetitive logging in when changing apps or moving from website to website. A mobile device undergoes binding to an account so that customers do not always have to enter their password when going through a financial transaction process, on a known (e.g., registered) mobile device. A device may be bound during an initial login, and once logged in, the user can select an option to be “remembered” so that the user need not re-login on the same device for future visits with an app or to a website that shares the service provider library.05-17-2012
20120124675APPARATUS AND METHOD FOR MANAGING DIGITAL RIGHTS THROUGH HOOKING A KERNEL NATIVE API - Provided are an apparatus and method for managing digital rights. An agent unit manages application programs to which DRM is to be applied and rights to contents processed by the application programs to which DRM is to be applied, and encrypt and decrypt the contents processed by the application programs. A rights management unit authenticates a user and manages a user right to the contents processed by the application programs. A kernel API hooking unit monitors input/output of a file through hooking kernel native APIs, requests the rights management unit to verify the user right to the contents to be processed, and requests the agent unit to encrypt or decrypt the contents when the user right to the contents to be processed is verified.05-17-2012
20110099642CONTROLLER FOR EVENT-BASED STATISTICAL COVERT CHANNELS - A controller for an event-based statistical covert channel includes a data receiver; a data transmitter; and a channel controller that includes a fixed distribution randomized event buffer construction processor (FDREBCP) and a fixed distribution randomized event buffer (FDREB). The FDREBCP holds event distribution data that define one or more fixed distributions that the FDREBCP employs to fill the FDREB, whereby the event distribution data is stored during the occurrence of the event, subsequently removed from the FDREB and reordered, and a dummy event distribution data created to prevent an unauthorized outsider modulating the timing of events by alternatively causing and not causing the event.04-28-2011
20090133131METHOD AND SYSTEM FOR MANAGING SOFTWARE LICENSES - A method and system for managing licenses over a network is disclosed. The method and system include establishing a user account on a server coupled to the network, and allowing a user or publisher to upload or download licenses from a computer to or from the server. The licenses are then associated with the user account, and the user is allowed to log into the user account to review the account and associated uploaded licenses. The method and system further include allowing the user to review and retrieve the licenses for download to the user computer in the case of a lost or damaged license.05-21-2009
20090133130Media editing system using digital rights management metadata to limit import, editing and export operations performed on temporal media - A computer system for editing temporal media, such as audio, video, audiovisual works and the like, limits the editing operations that can be performed on the temporal media according to the digital rights management metadata associated with the temporal media. The digital rights management metadata may be, for example, rules associated with the temporal media which describe how the temporal media can be imported into the editing system, manipulated by the editing system and/or exported by the editing system.05-21-2009
20120317656TWO-PARTY PRIVATE ESTIMATION OF DATASET SIMILARITY - A two-party approximation protocol is transformed into a private approximation protocol. A first input x∈{0,1, . . . , M}12-13-2012
20120317655Method for Flexible Data Protection with Dynamically Authorized Data Receivers in a Content Network or in Cloud Storage and Content Delivery Services - A networking system comprising an application service that runs on a cloud infrastructure and is configured to receive dual encrypted content from a content provider and re-encrypt the dual encrypted content to enable dynamic user group control for group-based user authorization, and a cloud storage service coupled to the application service and configured to store the dual encrypted content from the content provider and the re-encrypted dual encrypted content from the application service, wherein the application service and the storage service are configured to communicate and operate with a content delivery service that uses a content delivery network (CDN) to deliver the re-encrypted content to one or more users in a group authorized by the content provider.12-13-2012
20120222134SECURE DATA PARSER METHOD AND SYSTEM - A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data that may be communicated using multiple communications paths.08-30-2012
20120222132Permissions Based on Behavioral Patterns - Users may choose to have their behavior analyzed in order to infer default sharing permission settings for documents and other information maintained in one or more computer systems. This may increase information security for the users and streamline implementation of privacy and/or sharing permissions. The default sharing permissions are implemented by a computer system as soft permissions that may be used to determine which documents are to be shared with which recipients. The soft permissions may address sharing situations for which a user has not expressly indicated his or her sharing rules. The soft permissions may change over time in response to changing user behavior and/or the soft permissions may be revised in light of user feedback.08-30-2012
20120255033LICENSING SOFTWARE ON A SINGLE-USER BASIS - The claimed subject matter provides a method for licensing software in a computing environment. An exemplary method includes initiating application software program on a computer system having a plurality of authorized users, one of the authorized users having a single-user license to use the software program. An identity of a current user of the computer system is checked. Operation of the software program is prohibited if the current user is one of the plurality of authorized users other than the user who is granted the single-user license.10-04-2012
20120131682METHOD AND APPARATUS FOR PROTECTING DIGITAL CONTENTS - The present invention discloses an apparatus and method for protecting digital spatial information. The apparatus for protecting digital spatial information according to the present invention includes a spatial information authority database which stores access authority information on spatial information, an access authority determining unit which, when there is a request for access to the spatial information from a user, determines whether to permit the user to access the requested spatial information by referring to the spatial information authority database, a spatial information database, a spatial information providing unit which obtains the access-permitted spatial information from the spatial information database, organizes the information based on the user's request for access, and provides the information, and an access control unit.05-24-2012
20120131683UNIFIED ONLINE CONTENT MANAGER APPARATUSES, METHODS, AND SYSTEMS - Apparatuses, methods, and systems for transforming user identification information and user selection data inputs into a profile data output, a generated query output, search results output, and a secure home page with customized content. According to one embodiment, the method includes indexing disparately owned content via a multi-content owner spider indexing engine; generating a disparately owned content index from the indexing engine; receiving, by a first server, a request to access secure content through a network, the request including user identification information; automatically constructing a query based on the request without input from the user; providing the constructed query to the search engine and running the constructed query against the index; constructing a display by placing the results of the query sent from the search engine within a multi-source owner template interface; and providing the multi-source owner template interface to a requestor for display.05-24-2012
20120131681RELIABLE SOFTWARE PRODUCT VALIDATION AND ACTIVATION WITH REDUNDANT SECURITY - Systems, methods, and apparatus for validating product keys. In some embodiments, a product key includes security information and identification information identifying at least one copy of a software product. The security information may include a first portion to be processed by a first validation authority using first validation information and a second portion to be processed by a second validation authority using second validation information. The second validation information may be stored separately from the first validation information and may not be accessible to the first validation authority. In some embodiments, the first validation authority randomly determines whether a product key is to be audited by the second validation authority. Alternatively, the first validation authority may determine whether to audit based on a type of the software product associated with the product key and/or a perceived level of security risk.05-24-2012
20120216296SHARED CONTENT ACCESS PLATFORM APPARATUSES, METHODS AND SYSTEMS - The SHARED CONTENT ACCESS PLATFORM APPARATUSES, METHODS AND SYSTEMS (“SCAP”) transform content seed selections and recommendations via SCAP components such as discovery and social influence into events and discovery of other contents for users and revenue for right-holders. In one embodiment, the SCAP may receive from a first universally resolvable user a request to access a media library of a second universally resolvable user. The user may retrieve the second user specified privacy controls and may apply the second user specified privacy controls to determine a portion of the media library permitted for access by the first user. The SCAP may then allow the first user access to the determined portion of the media library.08-23-2012
20120216298Pre-Access Location-Based Rule Initiation In a Virtual Computing Environment - Methods, systems, and devices are described for updating resource access permissions in a virtual computing environment. In these methods, systems, and devices, a host computer system determines that a user associated with an existing session has moved from a first location to a second location, identifies at least one pre-access rule based on the second location, applies the at least one pre-access rule to the existing session before authenticating the user for access to the existing session in response to the determination that the user has moved to the second location, and authenticates the user at the second location for access to the existing session after the at least one pre-access rule has been applied to the existing session.08-23-2012
20120216297MEDICAL DATA MANAGEMENT SYSTEM AND PROCESS - Systems and processes for managing data relating to one or more medical or biological conditions of a plurality of subjects (such as patients) over a wide area network, such as the Internet, may be employed for diabetes subjects or subjects with other medical conditions requiring monitoring and/or treatment over time. Such systems and processes provide various functions for several types of users, including patients or subject-users, healthcare provider-users and payor entity-users and combinations thereof, which allow for improved treatment and medical data management of individual subjects and groups of subjects and which allow collection and analysis of aggregate data from many subject sources, for improving overall healthcare practices of providers and subjects (e.g., patients).08-23-2012
20120137373Role-based Access Control over Instructions in Software Code - In one embodiment, a method determines a role for a user for access to software code. A marker associated with an instruction in the software code is determined. An access level for the user based on the marker and the role is then determined. The access level is enforced based on the instruction associated with the marker for the software code.05-31-2012
20120137375SECURITY SYSTEMS AND METHODS TO REDUCE DATA LEAKS IN ENTERPRISE NETWORKS - Disclosed are embodiments of a security system for reducing data leaks by checking information flows between resources of a network. When an information flow is attempted between a sending resource, which can be anywhere in the network, and a receiving resource residing at a specific host within the network, a host labeler can determine whether information is allowed to flow from the sending resource to the receiving resource. The sending resource and the receiving resource can each have an applicable label, and each label can comprise zero, one, or more taints. For each taint having an active secrecy characteristic in a label of the sending resource, the host labeler can require that there be a matching taint with active secrecy characteristic in the receiving resource. If this condition is not met, the security system can block the information flow between the sending and receiving resources.05-31-2012
20120137376RE-DOWNLOAD MANAGEMENT OF PREVIOUSLY ACQUIRED DIGITAL MEDIA ASSETS - Improved techniques that enable users to download digital media assets are disclosed. According to one aspect, digital media assets that a user has acquired from a remote media repository can be authorized for download multiple times. This, for example, allows a user to subsequently re-downloaded digital media assets that the user previously acquired. In one embodiment, digital media assets that a user previously downloaded to a user client device from a remote media repository can be made available to the user for subsequent re-download. Advantageously, a remote media repository can, in effect, provide users with a remote backup for previously acquired digital media assets.05-31-2012
20120137374SYSTEM AND METHOD FOR MANAGING HEALTH DATA - A system and method for managing health data based on a reader of a storage unit containing at least one health datum, said reader comprising an RFID tag reader containing a user code. The reader is configured to request, from a remote server by a local PC, validation of said user code and means for requesting entering of a password by said PC, and means for verifying said password, when said remote server is not accessible. When said user code or said password has been validated, the reader has access to said storage unit for reading/writing.05-31-2012
20110185437METHOD AND SYSTEM FOR MULTI-USER, MULTI-DEVICE LOGIN AND CONTENT ACCESS CONTROL AND METERING AND BLOCKING - A method and system for multi-user, multi-device content access metering and control is provided. In one embodiment, a system implements a method such that in response to user login requests, the system controls login access by providing multiple users login access to plural electronic devices capable of communicating via a communication system. Further, in response to user content access actions, the system controls access to content by selectively providing content to said one or more users via said one or more electronic devices based on content access policies.07-28-2011
20110185436URL FILTERING BASED ON USER BROWSER HISTORY - A URL monitoring system may use a user's browsing history to generate a score for the user. The score may be used to permit or deny access to a URL. The score may be used to represent the user's intent when browsing, and based on that intent, the user may be allowed access to a URL with conflicting classifications. The score may be also be used as a trustworthiness score so that a user who browses responsibly may have their score increased over time, and a user who browses irresponsibly or inappropriately may have their score decreased. The scores may be calculated and maintained on a user's client device, edge device, or other device within a network.07-28-2011
20100287621Method For The Use-Specific Initialization Of Vehicle Devices - Method for the use-specific initialization of vehicle devices of a road toll system, wherein the devices communicate with a central system via a radio interface and have device identifiers (OID), the method including the steps of: registering driver data under a driver identifier (AID) and vehicle data under a vehicle identifier (VID) in the central system; allocating a use identifier (UID) to a driver identifier (AID) and to a vehicle identifier (VID) in the central system; input of the use identifier (UID) into a vehicle device; transmitting the use identifier (UID) and the device identifier (OID) from the vehicle device to the central system via the radio interface; registering the driver data and vehicle data for each driver identifier (AID) and vehicle identifier (VID) to which the received use identifier (UID) is allocated in the central system; transmitting the determined driver data and vehicle data from the central system back to the vehicle device specified by the received device identifier (OID) via the radio interface; and initializing the vehicle device with the received driver data and vehicle data.11-11-2010
20100299761SYSTEM AND METHOD FOR SENDING ELECTRONIC DATA TO INMATES - The invention includes delivering and monitoring electronic letters to correction facility inmates while giving supervisory authorities the ability to screen the incoming mail. This may be achieved by providing a database having an entry for each inmate and having a plurality of fields, and by scanning an original letter as an electronic letter and storing each electronic letter sent to a specific inmate in a relational database management system (RDMS) table. Another aspect of the invention involves providing a computer-operated kiosk that may be used by individuals (e.g., inmates) in a restrained environment/restricted-access location (e.g., a prison) to browse through a catalog of available digital media or content, such as music, that may be purchase with credits earned based on work performed by the inmate or bought through some other means, for example by family members of the inmate.11-25-2010
20100299760COMMUNICATION SYSTEM FOR TRADE FAIRS - The present invention provides a communication system for communication between exhibitors and visitors at trade fairs, exhibitions, conferences and the like, which comprises:11-25-2010
20100299759DIGITAL INFORMATION SECURITY SYSTEM, KERNAL DRIVER APPARATUS AND DIGITAL INFORMATION SECURITY METHOD - Disclosed herein are a digital information security system, a kernel driver apparatus, and a digital information security method. The digital information security system includes a user module configured to operate in a user mode and to provide environment setting information comprising policy information about a use of digital information, and a kernel driver configured to operate in a kernel mode, to acquire information generated by an application of the user mode for the use of digital information, and to perform rights control regarding the use of digital information based on the acquired information and the policy information. Accordingly, the construction of a security system can be simplified, and the security of a security system can be improved.11-25-2010
20100299758METHOD AND DATA SHARING SYSTEM IN PEER TO PEER ENVIRONMENT - The present invention relates to the method and data sharing system which establishes an access right for data to share in pure or hybrid P2P environment and thus decides to open and share the data in accordance with which whether a recipient peer has the access right or not, thereby protecting the data from the access of the unspecified public and preventing the data from spreading in an improper manner. Also, since the existence of the data is not open to recipients with no having access right, the method and data sharing system according to the present invention has an effect of protecting the copyright and privacy of a data provider.11-25-2010
20100050271MANAGING APPLICATIONS RELATED TO SECURE MODULES - An apparatus capable of hosting a secure module. The hosting apparatus is configured to provide connectivity to the secure module, and comprises a memory for storing secure module related applications. A processing module is configured to check whether an application chosen or activated by the user of the apparatus is a secure module related application. In case the chosen or activated application is a secure module related application, the processing module is 101 configured to restrict user rights concerning the application.02-25-2010
20100050270Control of Access to Content Received from a Multimedia Content Distribution Network - A disclosed method for controlling access to content provided by a multimedia content delivery network includes detecting a remote control signal, determining identification information and action information in the remote control signal, generating a CPE code based on a combination of the identification and action information, and performing a content control action based on the CPE code. The identification information may indicate a setting of a switch of the remote control device or a user of the remote control device. Generating the CPE code may include generating a first CPE code when the identification information indicates a first user and generating a different CPE code when the identification information indicates a second user. Generating the CPE code may still further include accessing parental control restrictions associated with a user or user class indicated by the identification information and generating a CPE code in compliance with the parental control restrictions.02-25-2010
20100011449Chip Card Having A First User Function, Method For Selecting An Identifier, And Computer System - The invention relates to a chip card having a first user function (01-14-2010
20120222133SHARED CONTENT MANAGEMENT PLATFORM APPARATUSES, METHODS AND SYSTEMS - The CONTENT DISCOVERY AND DELIVERY PLATFORM APPARATUSES, METHODS AND SYSTEMS (“SCMP”) transform content seed selections and recommendations via SCMP components such as discovery and social influence into events and discovery of other contents for users and revenue for right-holders. In one embodiment, the SCMP may obtain from a first universally resolvable media content service user a request to share the user's universally resolvable media content collection and a selection of at least one second universally resolvable user. The SCMP may configure the first user's media content collection for shared access with the second user and may provide the second user access to the shared media content collection.08-30-2012
20090019553TAGGING PRIVATE SECTIONS IN TEXT, AUDIO, AND VIDEO MEDIA - The present invention comprises a method for the creation of designated private segments within a medium stream comprising determining at least one subsection of information content of the media stream that is to be designated as confidential, and granting permission to a party to access the at least one subsection of information content that has been, designated as confidential. The medium stream is delivered and presented to the party, wherein the at least one subsection of information content that has been designated as confidential is not presented to the party. Further, access validation is requested from the party in regard to accessing the at least one subsection of information content that has been designated as confidential and presenting the at least one subsection of information content that has been designated as confidential to the party in response to received access validation.01-15-2009
20120260351DELIVERY CONTROL FOR EMAIL COMMUNICATED AMONG MULTIPLE END USER COMMUNICATION DEVICES - An exemplary method is implemented by end-user communication devices for processing the receipt of an email wherein a received email comprises a digital packet having a header and a user data segment. The user data segment contains a user message and an acknowledgement command where the acknowledgement command conveys a request from an originating device to acknowledge receipt of the subject email. The received user message is prevented from being displayed on a screen of the first end-user communication device of content until input is entered authorizing a reply to the acknowledgement request. Upon receiving the authorization: a reply email with an acknowledgement is automatically generated by the first end-user communication device and transmitted to the originating device corresponding to the subject email; the content of the corresponding received user message is displayed on the screen of the first end-user communication device; and the first end-user communication device stores a read message indicator having a value that represents that the reply email was authorized and the content of the received email enabled to be displayed.10-11-2012
20120260350INFORMATION PROCESSING APPARATUS AND METHOD OF CONTROLLING THE SAME - An information processing apparatus of this invention displays an operation window which allows selection of any of multiple applications. Each of the applications includes multiple functions with use authorization being set for each of the functions. The information processing apparatus displays, upon accepting selection of a specific application having some of the multiple functions for which use authorization which requires authentication of a user is set, an authentication window for authentication of the user. The authentication window allows use of the specific application to be selected without authentication of the user, by permitting use of a function, of the multiple function of the specific application, for which use authorization requiring no authentication of the user is set.10-11-2012
20120260349STORAGE DEVICE, STORAGE SYSTEM, AND AUTHENTICATION METHOD - According to one embodiment, a storage device that has a nonvolatile semiconductor memory includes an authentication information storage unit that previously stores first apparatus authentication information to authenticate an authorized host device and first user authentication information to authenticate an authorized user. The storage device executes apparatus authentication on the basis of second apparatus authentication information received from a newly connected host device and the first apparatus authentication information in the authentication information storage unit and executes an invalidation process of user data stored in the nonvolatile semiconductor memory, when the apparatus authentication is failed.10-11-2012
20080301820OFFLINE DATA DELETE WITH FALSE TRIGGER PROTECTION - Systems and methods for protecting data stored on an electronic device from access by an illegitimate user are presented. The data is protected by activating an offline data delete module installed in the electronic device to conditionally delete the data according to the following criteria: after establishing a first communication between an agent installed in the electronic device and a remote server, obtaining a password from a user if a second communication is not established between the agent and the remote server within a predetermined period of time. After obtaining a password from the user, deleting at least some data stored on the electronic device after a second communication is not established between the agent and the remote server within the predetermined period of time and a predetermined number of incorrect passwords has been obtained.12-04-2008
20110004942METHOD AND APPARATUSES FOR AUTHORISING PROVISION OF INDIRECTED CONTENT ASSOCIATED WITH A PRESENTITY OF A PRESENCE SERVICE - The invention provides a method of authorising provision of in-directed content to a user of an IPcommunications network. The in-directed content is associated with a presentity subscriber of a presence service, the presence service including authorisation rules regarding users to which the in-directed content may be provided. The in-directed content is stored at a content server that is not controlled by the presence service. The method includes receiving at an authorisation proxy in the network a request from the user to be provided with the in-directed content, and identifying the presentity subscriber associated with the requested in-directed content. The authorisation proxy retrieves the authorisation rules to verify that the user is authorised to receive the in-directed content. Subject to the verification, the in-directed content is provided from the content server the user.01-06-2011
20120266258METHODS FOR PROVIDING CROSS-VENDOR SUPPORT SERVICES - According to one aspect, a first request is received at a services application programming interface (API) of a support center from a first user for a first product provided by a first client. A second request is received at the services API of the support center from a second user for a second product provided by a second client. A first knowledgebase (KB) associated with the first client and a second KB associated with the second client are identified. A third KB that contains information common to the first product and the second product is identified. The first KB and the third KB are enabled to be accessible by a first agent assigned to provide support services of the first product. The second KB and the third KB are enabled to be accessible by a second agent assigned to provide support services of the second product.10-18-2012
20120240243SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR CREATION, TRANSMISSION, AND TRACKING OF ELECTRONIC DOCUMENT - A system for creating and delivering a locked electronic document in a computing environment includes a computer readable system memory comprising at least one program module, a bus coupled to the computer readable system memory, a processor coupled to the bus, and program instructions stored on the system memory for execution by the processor. The program instructions create a lead sheet having a unique embedded identifier, add a payload to the lead sheet to form the electronic package, add a blanking layer to the electronic package to obscure the payload from view of a recipient, send the electronic package in the computing environment to a designated recipient, validate the designated recipient's identity, and remove the blanking layer in response to validating the designated recipient's identity, thereby allowing the recipient to view the payload.09-20-2012
20120240242RESOURCE EXPRESSION FOR ACCESS CONTROL - Various embodiments of systems and methods for providing an expression of a resource for access control are described herein. One or more business security profiles associated with a user are received. The business security profile is defined including a resource expression. The resource expression can include a resource expression with a quantifier or the resource expression without a quantifier. Further, a net profile of the user is computed using symbolic calculus on the resource expression of the one or more business security profiles. The net profile of the user includes a set of granted resources and a set of denied resources. Based upon the computed net profile, access to a resource is authorized for the user.09-20-2012
20110047629Method and Apparatus for Enhanced Age Verification and Activity Management of Internet Users - Methods and apparatus are provided for verifying the age of an online user. The age and identity of at least one primary user is verified and the primary user provides an age of at least one secondary user. Content requests from the secondary user to access content from at least one online content provider are granted if the primary user has authorized the secondary user to access the content. A content provider delivers content by receiving an identifier and a content request from a secondary user to access content; redirecting the secondary user to a third party age verification server; receiving an indication from the third party age verification server that the secondary user has been authorized by a primary user to access the content; and granting the content request if the primary user has authorized the secondary user to access the content.02-24-2011
20110047628IDENTITY VERIFICATION AND INFORMATION MANAGEMENT - The present invention provides an efficient, secure and verified information exchange using an identity verification platform and common interface data formats, whereby an individual can set different levels of access for different clients and further set different levels of access for different files. Therefore, the present invention provides a multi-layer access to records particular to an individual.02-24-2011
20120324590Method and Apparatus for Content Management - The present disclosure relates generally to audio and video processing. One claim recites a portable apparatus comprising: electronic memory comprising one or more identifiers, each of the identifiers being associated with previously accessed audio or video items, with each previously accessed audio or video item including an identifier associated therewith; and a logic processor programmed for: a. restricting access to an encountered audio or video item if an identifier associated with the encountered audio or video item is one of the one or more identifiers associated with the previously accessed audio or video items, and b. limiting a number of content items with different user identifiers that can be accessed in a predetermined amount of time. Other claims and combinations are provided as well.12-20-2012
20120324589AUTOMATIC SHARING OF EVENT CONTENT BY LINKING DEVICES - Embodiments enable content sharing using event notifications that include a global identifier and a private identifier. The event notifications are sent to potential participants to an event. Potential participants that accept the event notification or otherwise request to join the event use the private identifier to submit content to a content sharing service. Based at least on the private identifiers associated with event participants, the content from event participants is selectively shared among the other event participants.12-20-2012
20120272337CONTENT OBJECT ENCAPSULATING CONTENT ITEMS FOR ACCESSING CONTENT AND ACCESS AUTHORIZATION INFORMATION - Provided are a method, system, and computer program product for a content object encapsulating content items for accessing content and access authorization information. User input of content items is received, wherein each content item indicates a network address and content type of content at the network address, content items are added to a content object. User input is received of access authorization information indicating a user having authority to access the content object. The access authorization information is added to the content object. A user request is received for the content object from. The access authorization information is processed to determine whether the user initiating the request has authorization to access the content object. The content object is processed to generate a presentation page to return to the client computer in response to determining that the user of the client computer is authorized to access the content object.10-25-2012
20120272336Transcoding Content Based On Verification of Ownership of the Content - A computer-implemented method includes generating data indicative of one or more times in which to sample content of a first resource and content of a second resource; receiving, from a client device, content of the first resource sampled at the one or more times; comparing the sampled content from the first resource to content sampled from the second resource at the one or more times; determining, based on comparing, that the first resource includes a same resource as the second resource; verifying, based on determining, ownership of the second resource; generating, based on a verifying, a user key specifying ownership of the second resource; and transmitting the user key to the client device.10-25-2012
20120272335IDENTITY VERIFICATION SYSTEMS AND METHODS - Systems and methods for authenticating the identity of a user prior to giving access to confidential data at a user interface via a network. In an embodiment, a user provides initial data as part of a request to access the confidential data. At least one database having the confidential data stored therein is accessed by the server to retrieve confidential data relating to the user based on the initial data. An exam creation function causes creation of an exam comprising at least one question based at least in part on a portion of the confidential data relating to the user. This function creates the exam based on at least one exam definition. An exam administration function causes transmitting of the exam to the client interface for presentation to the user. The user is granted access to the confidential data subsequent to determination that the user successfully passed the exam.10-25-2012
20130174272Digital Content Distribution and Protection - Embodiments provide a system for content distribution and protection. The system first receives an order from a user for a protected document. In response to a successful user authentication, the system generates an access code for the user to access the protected document. In response to a received user reading request, the system validates the access code for a reading session. The system then transfers a set of URLs for accessing a set of pages and associated metadata in the protected document to the user. The set of URLs are valid for a period of time. Responsive to a request for reading a next set of pages, the system again validates the access code for the session and transfers another set of URLs for accessing the next set of pages. The system also logs user activities related to the protected document.07-04-2013
20130174276CONTENT DISTRIBUTION SYSTEM, CONTENT DISTRIBUTION METHOD, AND CLIENT TERMINAL - If the user of a first portable terminal intends to let a second portable terminal try out a certain content, the user sends to a distribution server trial permission information including the user's own user ID, a content ID of the content of interest, and a digital signature. The distribution server authenticates the received information before distributing a streaming data of a trial-oriented content with the content ID and user ID attached to it as search keys. This allows the content that can be used on a given user terminal to be tried out on another user terminal without the latter user having recourse to the steps of searching for the content in question.07-04-2013
20130174275Computer Implemented Methods And Apparatus For Providing Access To An Online Social Network - Disclosed are systems, apparatus, methods, and computer-readable storage media for providing access to an online social network. The online social network can be specific to an organization having one or more internal users. In some implementations, a request message is received from a requesting user to access social network data of the online social network. The requesting user is identified as an external user of the organization, and it is determined that the requesting user has an authorized status. Access to only a portion of the social network data is provided to the authorized requesting user.07-04-2013
20120278903DYNAMIC MANAGEMENT OF GROUPS FOR ENTITLEMENT AND PROVISIONING OF COMPUTER RESOURCES - Methods, systems, and techniques for managing groups of entities, such as individuals, employees, or systems, and providing entitlement and access to computer resources based on group membership are provided. Example embodiments provide a Group Management System having a Group Management Engine “GME,” an Entitlement Engine, and a Provisioning Engine, which work together to allow simplified grouping of entities and providing entitlement and access to the entities based upon the group membership. In one embodiment, the GME leverages dynamic programming techniques to enable accurate, scalable systems that can manage near real time updates and changes to the group's status or to the entities' status. These components cooperate to enable provisioning of applications based upon current entitlement.11-01-2012
20120278900SYSTEMS AND METHODS FOR REGULATORY COMPLIANCE WITH QUALIFIED SYSTEMS - Disclosed are systems and methods for facilitating compliance with regulatory requirements concerning systems that must be qualified prior to use. In one embodiment, a qualified system is provided. The qualified system includes a qualified server and a qualified software application. The qualified system is located in a controlled environment specified and controlled by an application service provider. A qualified workstation is provided at the point of use. The qualified workstation and qualified system are configured to communicate with each other via a public computer network. The qualified system is substantially qualified before a specific customer is identified. Other embodiments of the invention pertain to methods of facilitating regulatory compliance. An exemplary method involves qualifying a system based on a generic functional requirement specification before identifying a specific customer for the system. After the customer is identified, additional qualification may be performed to customize the system to the customer's specific needs.11-01-2012
20120278899APPARATUS, SYSTEMS AND METHODS FOR PARENTAL CONTROL SYNCHRONIZATION WITH MOBILE MEDIA DEVICES - Systems and methods are operable to enforce parental controls at a mobile media device. An exemplary embodiment establishes a communication link between the mobile media device and a local media device, receives parental control setting information from the local media device at the mobile media device, receives at least one media content event and rating information associated with the received media content event at the mobile media device, compares at the mobile media device the rating information associated with the received at least one media content event with the parental control setting information received from the local media device, and prevents presentation of the at least one media content event by the mobile media device if the rating information associated with the received media content event violates the parental control setting information.11-01-2012
20120090037CONTROL AND VERIFICATION OF PERMISSIONS - A verification method includes configuring a reference system, running on a computer, to have the same set of executables and customizations as an e-business system to be verified. The reference system is configured with one or more roles that have permissions to execute all transactions in a scope of a planned verification. One or more business processes that are implemented in the e-business system and are in the scope of the planned verification are mapped and are executed using the reference system. Reference data is created by merging records from logs of the permission checks with respect to at least one role in the scope of the verification. Permission settings for roles in the e-business system are compared with corresponding permission values in the reference data. Based on comparing the permission settings, an indication is displayed to a user of whether the permission settings match the corresponding permission values.04-12-2012
20110277039Image Storage In Electronic Documents - A computer-implemented method for controlling access to digital media involves receiving a URL at a computer server system, decoding the URL, extracting a user ID of a user who submitted the URL and an image ID of an image that is accessible by the server system, using the user ID to determine whether the user who submitted the URL is authorized to access the image, and controlling access to the image by the user based on the determination of whether the user who submitted the URL is authorized to access the image.11-10-2011
20100229246METHOD AND SYSTEM FOR CLASSIFYING AND REDACTING SEGMENTS OF ELECTRONIC DOCUMENTS - A method for classifying and redacting electronic documents, for example an email message, is described. The classification and redaction of segments of the email message are based on rules. Using the rules, multiple versions of the email message, each corresponding to recipients with specific clearance levels are generated. A selective redacting of certain segments of the email message concurrently with sending previously redacted segments of the same email message is described. A corresponding system for classifying and redacting electronic documents is also provided.09-09-2010
20120331567SYSTEM AND METHOD FOR CONTROLLING COMMUNICATION OF PRIVATE INFORMATION OVER A NETWORK - A system and method for controlling access to private information over a network is provided including a privacy preference repository accessible by one or more subjects of the private information and by a private access bureau. The privacy preference repository stores privacy preferences configured by the subjects to indicate conditions for disclosure of said private information. A policy repository that stores legal criteria for accessing the private information is also accessible by the private access bureau. The private access bureau is configurable to receive requests from privacy-enabled systems for privacy directives that take into account the privacy preferences and legal criteria required to release particular documents on said privacy enabled system in response to the privacy-enabled systems.12-27-2012
20120331566CAPTURING AND MANIPULATING CONTENT USING BIOMETRIC DATA - A method, system, and computer program product for capturing and manipulating content using biometric data are provided in the illustrative embodiments. Biometric data is received from a biometric sensor associated with the data processing system, the biometric data forming a first biometric data. The content is received, the content being captured using the data processing system by a first user associated with the first biometric data. The content is modified using information from a first profile associated with the first biometric data.12-27-2012
20120102574CREATING DISTINCT USER SPACES THROUGH USER IDENTIFIERS - A method of, and a processing system for, creating distinct user spaces. In a platform originally intended to be a single user platform, for each of a plurality of users, a first application used by the user can be assigned a user identifier (UID) unique to the user and the first application. The first UID can be associated with user data exclusively associated with the user and the first application to create a multi-user platform.04-26-2012
20120102573DIGITAL DELIVERY SYSTEM AND USER INTERFACE FOR ENABLING THE DIGITAL DELIVERY OF MEDIA CONTENT - A system, method, and computer readable storage medium provides the ability to deliver media content. A repository stores media content and marketing assets for the media content. A server computer provides a website accessible on the Internet worldwide to client computers. The website provides the ability to search a public site catalog/library of media content that is publicly available. The website further provides marketing assets for licensed media content from the library to authorized client users (that have a license to media content) in a secure manner. The website further provides preview screening access and download access to licensed media content (e.g., titles of audio-visual media content) to the authorized client users.04-26-2012
20120102572NODE CONTROLLER FOR AN ENDPOINT IN A CLOUD COMPUTING ENVIRONMENT - Embodiments of the present invention provide an intelligent node controller (e.g., for an endpoint/node such as a cloud node) to process requests. Specifically, (among other things) the node controller will read a request message from a cloud node queue that is associated with the endpoint. The request message typically includes details related to a request for cloud resources and/or services received from a consumer. The node controller executes program code in an attempt to process the request. As the request is being processed, the node controller can place state messages indicating a state of fulfillment of the request on a cloud manager queue that is associated with a cloud manager from which the request message was received. In addition, the node controller can update an audit via an audit queue with the state messages. When a request cannot be processed, the node controller can place a failure message in a triage queue or the like.04-26-2012
20130014280Managing Secure Sharing of Private Information Across Security Domains Via a Communication Link, Including Through the Internet, Wireless Communications, Mobile Devices, a Telephone Network, and Electronic Messaging - A system and method of sharing information among at least a first organization and a second organization, comprising receiving via a communication link a request for authorization for a user in the first organization to access one or more individual's information in a second organization, the communication link comprising the Internet, Wireless Communications, Mobile Devices, a Telephone Network, and Electronic Messaging. A request is logged and authorization is determined based on at least an access profile, one or more caseloads and the one or more roles associated with the user and the type of the one or more individual's information in the second organization. The information requested is transferred, by the communication link, from the second organization to the user in the first organization and such transfer of information is logged.01-10-2013
20130014279SYSTEM FOR PROVIDING PRIVACY OF USER INFORMATION IN AN ONLINE SOCIAL NETWORK WITH INLINE EDITING OF PRIVACY LEVELS AND CUSTOMIZED PRIVACY GROUPS - A method of displaying, editing, and enforcing privacy settings for individual pieces of information published on a website. Privacy selections are displayed next to the information they protect. A user interface is presented in response to user-interaction with the displayed privacy selections that allows further privacy selections. The privacy selections indicate which other users may view the associated information. These options may be in the form of tiers of users with granted access or privacy groups. The publishing user may customize the privacy options by creating new tiers or groups for inclusion in the selection interface. Privacy icons may be associated with the privacy options, and may be displayed to the publishing user next to protected information, allowing easy identification of currently selected privacy settings. The publishing user may also upload additional privacy icons. Other users who access the published information are shown only those pieces of information that they have the right to view, based on the selected privacy settings.01-10-2013
20120291140Method and System for Allocating Access to Digital Media Content - There is provided a method and system for allocating an entitlement to digital media content. In one implementation, the system includes a media server accessible over a communications network and configured to utilize a processor to issue the entitlement including a transferable authorization to access the digital media content to a first user, and to store an entitlement record identified with the first user and authorizing access to the digital media content by the first user in a memory of the media server. The media server is further configured to receive a communication including a data corresponding to the transferable authorization to access the digital media content from a second user and to update the entitlement record to authorize access to the digital media content by the second user.11-15-2012
20120291141SYSTEM, METHOD AND PROGRAM PRODUCT FOR CONSOLIDATED AUTHENTICATION - A first computer sends a request to the second computer to access the application. The second computer determines that the user has not yet been authenticated to the application. The second computer redirects the request to a third computer. The third computer determines that the user has been authenticated to the third computer. The third computer authenticates the user to the application. The second computer returns a session key to the third computer for a session between the application and the user. The session has a scope of the second computer or the application but not a scope of a domain. The third computer generates another session key with a scope of the domain and sends the domain-scope session key to the first computer.11-15-2012
20120291139INFORMATION MANAGEMENT APPARATUS, INFORMATION MANAGEMENT SYSTEM, INFORMATION MANAGEMENT METHOD AND PROGRAM - An information management apparatus which can set an area in which use of a file is not allowed for each file separately is provided. The existing zone area information acquisition unit 11-15-2012
20090089883Method and apparatus for controlling media content distribution - A method and apparatus for establishing a syndication right of media content information and distributing the media content information amongst a plurality of web pages using the syndication right. The method and apparatus further includes granting the syndication right to a user, coupling with user criteria data, and authenticating a request for the media content information according to user criteria data.04-02-2009
20130014282Method and System for Controlled Distribution of Information Over a Network - An information management and distribution system is disclosed. The information management and distribution system includes a client-side application and a server application that interact to facilitate the controlled exchange of contact information over a network. The client-side application can provide creation and design, rolodex, exchange, and update features. The information management and distribution system can also include a corporate administrator application. Still another aspect of the invention is that contact information can be distributed to registered users in a common format.01-10-2013
20130014281Method and System for Controlled Distribution of Information Over a Network - An information management and distribution system is disclosed. The information management and distribution system includes a client-side application and a server application that interact to facilitate the controlled exchange of contact information over a network. The client-side application can provide creation and design, rolodex, exchange, and update features. The information management and distribution system can also include a corporate administrator application. Still another aspect of the invention is that contact information can be distributed to registered users in a common format.01-10-2013
20120151605Information Exchange Engine Providing a Critical Infrastructure Layer and Methods of Use Thereof - A virtual record manager and a data exchange engine are provided for dynamically defining data records in a database and for dynamically allocating instances of defined data records. These components are capable of mediating between the database and application and client interface layers to facilitate exchange of information over a network. Embodiments are configured to allow complex data records having a plurality of related fields, and to allow management and exchange of information at both the data field level and data record level.06-14-2012
20120151604SEEDING OF ACCOUNT SETUP OPERATIONS - A system and method and provided for setting up target user accounts based on the accounts or experiences of other users or archetypes. One example method first includes determining that a first user wants to set up or modify an account for the consumption of digital content items. Then an account profile is identified for a second user that has an affinity with the first user, with the account profile being based on an account of the second user. Underlying protected information in the source account/profile is then protected to ensure that the account profile is free of sensitive or otherwise protected information. The account profile is then made available and used to set up or modify an account for the target user.06-14-2012
20130019320MECHANISM FOR FACILITATING MANAGEMENT OF DATA IN AN ON-DEMAND SERVICES ENVIRONMENT - In accordance with embodiments, there are provided mechanisms and methods for facilitating management of data in an on-demand services environment. In one embodiment and by way of example, a method for facilitating management of data in an on-demand services environment is provided. The method of embodiment includes detecting an attempt by a user to manipulate data via a collaboration application at a computing system, wherein the attempt includes attempted deletion of the data posted for viewing using the collaboration application. The method may further include determining whether the user is authorized to manipulate the data, and blocking the attempt if the user is not authorized to manipulate the data.01-17-2013
20110162086METHODS AND APPARATUS FOR SHARING, TRANSFERRING AND REMOVING PREVIOUSLY OWNED DIGITAL MEDIA - The invention provide systems and methods for management of digital media objects, comprising first and second client digital data processors (e.g., personal (or private) computers, laptops, dedicated music devices, electronic book readers, and so forth) that are in communications coupling with one or more stores (e.g, dedicated disk drives, flash drives, cloud storage, etc.). At least one digital media object (DMO) or copy thereof is stored in one or more of those stores and is accessible by at least one of the first and second client digital data processors.06-30-2011
20110162085INFORMATION PROCESSING APPARATUS - An information processing apparatus including: a storage unit configured to store a plurality of applications and a plurality of certificates, an application execution unit configured to execute one of the plurality of applications by using one of the plurality of certificates which is designated by a user, and a storage control unit configured to control the storage unit to store correspondence information indicating that the executed application corresponds to the designated certificate, when the application execution unit executes one of the plurality of applications and one of the plurality of certificates is designated by the user.06-30-2011
20130024949Presentity Authorization of Buddy Subscription in a Communication System - A server, computer readable medium and method for accessing buddy data related to a first user (presentity) that is connected to a START communication network that includes a server, the data being accessed by a second user (watcher) connected to the communication network. The method including storing, at a server, information associated with a plurality of users associated with the presentity as the buddy data, receiving, at the server, a request from a watcher for buddy data of the presentity, authorizing, at least in part by the server, the request for buddy data, and transmitting, by the server, the buddy information to the watcher.01-24-2013
20130024948SYSTEM FOR ENTERPRISE DIGITAL RIGHTS MANAGEMENT - The present subject matter relates to devices and methods for enterprise digital rights management. In one implementation, a device includes a security module configured to generate a security key. The security module encrypts at least one document of a user, using the security key, to generate a protected document. Further, the device includes an access control module configured to assign an access right to one or more users within an enterprise for accessing the protected document. The access control module is further configured to delegate the access right from the user to another user. The access control module is furthermore configured to lock at least one of the user and the protected document.01-24-2013
20130024947METHODS AND SYSTEMS FOR REPLACING SHARED SECRETS OVER NETWORKS - A method for replacing a shared secret over a network is provided that includes determining that a security breach could have occurred, determining that a shared secret of a user is to be replaced, and transmitting a renewal message to an authentication system requesting a new shared secret and an associated effective life for the user. Moreover, the method includes generating a new shared secret and an associated effective life at the authentication system for the user, and replacing the shared secret and associated effective life in an enrollment data record of the user with the new shared secret and associated effective life. Furthermore, the method includes transmitting the new shared secret and associated effective life to a communications device associated with the user, and replacing a shared secret and associated effective life stored in the communications device with the new shared secret and associated effective life.01-24-2013
20130024946METHOD AND SYSTEM FOR STREAMLINING VOTING PROCESS - A method and system for streamlining a voting process performed by a web application is provided. As the web application may require that a voting action is effectuated after the user is registered to vote and also has supplied valid credentials, a voting application may be configured to intercept a request from a user to effectuate voting process directed to the web application, access credentials of the user stored by the web-based social networking application, and provide these credentials to the web application, such that the web application can process the request to effectuate voting process by registering the user to vote and storing the vote information for the user.01-24-2013
20080250508System, Device and Method for Interoperability Between Different Digital Rights Management Systems - A system, device and method for allowing protected content to be transferred to end user communication devices that support different digital rights management (DRM) formats or schemes than the DRM format of the content provider. The method includes providing a Limited Rights Issuer (LRI) that issues content and associated digital rights to one or more of the end user devices within a domain defined by a Domain Authority with which the LRI has registered. The Limited Rights Issuer also translates content and associated digital rights information from the DRM format of an upstream DRM system to the DRM format of a downstream DRM system, which includes the end user devices within the defined domain. The system allows select end user devices to enjoy interoperability of content protected under different DRM schemes, while allowing content providers to still maintain a suitable level of DRM protection for their content.10-09-2008
20080235809Restricted erase and unlock of data storage devices - A data storage device in which access to user data is restricted. The data storage device includes a data memory having memory locations that store user data. The device also has a program memory. The program memory includes first program code that enables a user to create a first device security ID and thereby restrict access to the stored data. Second program code, also included in the program memory, is capable of receiving a security command and comparing a second device security ID associated with the received security command to a stored security key. If the second device security ID and the stored security key correspond, then authentication with the first device security ID is bypassed and access is provided to the stored data.09-25-2008
20080235808Method and Apparatus for Protection of Content Using Biometric Watermarks - A method and apparatus are that restrict access to digital content to an authorized user on one or more systems using biometric watermarks. The disclosed biometric watermarking techniques allow an authorized user to be uniquely identified. Access to digital content is restricted to digital content in accordance with the present invention by embedding a biometric watermark, such as a biometric image, in the content. Thereafter, a user can only access the content if a biometric sample of the user matches the embedded biometric watermark. In one variation, the user can only access the content if the biometric sample is a live biometric sample. The embedded biometric watermark optionally includes information describing a system employed by the user to obtain the content. The user can optionally be permitted to access the content, without a biometric evaluation, if the content is on a system that has been previously authorized for the user using a biometric evaluation.09-25-2008
20110247082Integration of Different Mobile Device Types with a Business Infrastructure - A mobile implementation channel enables secure mobile customer alerts, content delivery, event and location awareness and context integration that can be leveraged across multiple lines of business using basic interfaces. Pushed documents may be processed by an application executing at a mobile device in a secure manner. An alert indication may be sent to the mobile device when the documents are available. The documents may then be downloaded over a secure channel if the user affirmatively responds to the alert indication and may be further encrypted and stored in an application file store. The user may subsequently select one of the documents from a document list so that the selected document may be decrypted and displayed. The stored documents in the application file store may be deleted if the operating system has been compromised, the user is not associated with a business, or the user device is lost or stolen.10-06-2011
20110247081SYSTEM AND METHOD FOR SELECTIVELY REDACTING INFORMATION IN ELECTRONIC DOCUMENTS - A computer implemented system and method is provided for imposing access controls on selective portions of electronic documents by defining data attributes as conditions for access to particular information in a document. Commands from a redactor identify at least one portion of an electronic document to be subject to access control. A set of selectable access control directives defining conditions for accessing the identified portions is presented to the redactor. Access control is imposed on the identified portions in accordance with the defined conditions in response to receiving the selective access control directives.10-06-2011
20110247080CONTROLLING ACCESS TO AND MANIPULATION OF A DATA OBJECT BY DIFFERENT DATA OBJECT USERS - A method, system, and computer program product for controlling access to and manipulation of a data object by different data object users. An example method includes determining a current user role of a current user requesting interaction with the data object. The method also includes determining a current lifecycle state of the data object. The method further includes restricting, by a computer processor, interaction with the data object by the current user based on at least the current user role of the current user and the current lifecycle state of the data object.10-06-2011
20130174274DATA POLICIES FOR ONLINE SERVICES - An online service may maintain or create data for a user, and a user may be allowed to exert control over how the data are used. In one example, there may be several categories of data, and the user may be able to specify who may use the data, and the purpose for which the data may be used. Additionally, a user may be able to see how many of his “friends” (or other contacts) have extended trust to a particular entity, which may aid the user in making a decision about whether to extend trust to that entity. User interfaces may be provided to allow users to specify how their data are to be used.07-04-2013
20130174277METHOD AND APPARATUS FOR CONTROLLING ACCESS TO RESOURCES - An approach is provided for controlling access to resources according to social connections and/or characteristics of the resources. An access control platform determines one or more resources associated with at least one user, at least one device associated with the at least one user, or a combination thereof. The access control platform further processes and/or facilitates a processing of social networking information associated with the at least one user, the at least one device, or a combination thereof to determine one or more social networking groups. The access control platform also causes, at least in part, a controlling of access to the one or more resources for one or more other users, one or more other devices associated with the one or more other users, or a combination thereof based, at least in part, on membership in the one or more social networking groups.07-04-2013
20110265189RE-RANKING SEARCH RESULTS FROM AN ENTERPRISE SYSTEM - A flexible and extensible architecture allows for secure searching across an enterprise. Such an architecture can provide a simple Internet-like search experience to users searching secure content inside (and outside) the enterprise. The architecture allows for the crawling and searching of a variety of sources across an enterprise, regardless of whether any of these sources conform to a conventional user role model. The architecture further allows for security, recency, or other attributes to be submitted at query time, for example, in order to re-rank query results from enterprise resources. The user query also can be transformed to provide for dynamic querying that provides for a more current result list than can be obtained for static queries.10-27-2011
20130174273SYSTEMS AND METHODS FOR MANAGING DIGITAL RIGHTS BASED ON A UNION OR INTERSECTION OF INDIVIDUAL RIGHTS - Systems and methods are provided for aggregating digital access rights owned by a group of individuals and for correlating access rights to physical presence of the users to more accurately control access and distribution of copyrighted media. The intersection of content authorization information associated with each individual of a group may be analyzed. The aggregation and analysis of digital access rights enables multiple users to share the cost of a digital access right to access a content asset in a common area.07-04-2013
20120255035SECURE DATA PARSER METHOD AND SYSTEM - A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data that may be communicated using multiple communications paths.10-04-2012
20120255034SECURE DATA PARSER METHOD AND SYSTEM - A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data that may be communicated using multiple communications paths.10-04-2012
20080216178METHOD OF ACCESSING MULTIMEDIA CONTENT IN ACCORDANCE WITH INFORMATION OF A RECORDING MEDIUM - This invention relates to a process for an individual (09-04-2008
20130104246E-MAIL, TEXT, AND MESSAGE MONITORING SYSTEM AND METHOD - The present invention relates to a system and method for safe electronic communication for children. According to one exemplary embodiment, the present invention provides a method of monitoring e-mails, text messages, and other forms of electronic communication. In one embodiment, a software system monitors electronic messages for inappropriate content such as inappropriate words and excess skin flesh that would indicate that sexually explicit images are present in the message. If inappropriate content is detected, the message is first sent to a third party, usually a parent or guardian, for review and if acceptable to the third party, the message can be sent to the child. In another exemplary embodiment, the system and method of the present invention provides a calendaring system and points redemption system wherein points can be earned by children and redeemed for awards or merchandise.04-25-2013
20130104245AUTHENTICATION SYSTEM - A system and method whereby the identity of a person, entity, device or the like attempting to gain access to a secured resource may be securely authenticated includes a means for receiving from a service client a request for access to a secured resource; means for generating and communicating to the purported authorized user a challenge string adapted to provide a basis for authenticating the identity of the requester; a means for receiving from the service client a response string corresponding to the challenge string; and a means for evaluating the response string to authenticate the identity of the requester. The secured resource has a common identifier by which it may be generally identified outside of the authentication system, but the request for access lacks sufficient information content for the service client to be able to determine the common identifier.04-25-2013
20130125248Variably Controlling Access To Content - A software module is presented that enables a person to determine the relevance of a document while preventing the person from making a copy of the entire document. In one embodiment, this is accomplished by programmatically controlling which portions of a document will be presented to a user and which portions will not be presented to the user. In one embodiment, the software module is used in conjunction with a search engine to present a document search result.05-16-2013
20130125247Security Systems And Methods For Encoding And Decoding Digital Content - Systems and methods may be provided for masking data on public networks, such as social networking sites. At a publishing node, the system may monitor data input fields in a webpage, and intercept and encode content, such as text, images, and video input at the data input fields, prior to the content being posted online on a public service provider's website. A privacy agent may process input field content to try to detect encoding markers in the input field content, which define portions of the content that are to be encoded. A third party key server may be used to store decoding keys. A URI reference to the decoding key may be used to access the decoding key by a node attempting to view the decoded version of the input field content.05-16-2013
20130125246METHOD AND SYSTEM FOR ACCESSING NETWORK ON PUBLIC DEVICE - A method and system for accessing a network over a public device are provided in the present invention. The method includes: after receiving a network access request message transmitted by a user over a public device, an Access Service Node (ASN) transmitting the received network access request message to an Authentication Center (AC), wherein, the network access request message comprises identifier information of the user; the AC initiating inquiring to an Identity Information Center (IIC) according to the identifier information of the user, and authenticating the legal validity of the user according to an inquired result, and if the authentication passes, transmitting the user's Access Identifier (AID) to the ASN; and after receiving the user's AID, the ASN sending the received AID to the public device, and the public device using the user's AID as a virtual AID, and using the virtual AID to transmit/receive packets of the user.05-16-2013
20130125245APPARATUSES, INTEGRATED CIRCUITS, AND METHODS FOR TESTMODE SECURITY SYSTEMS - Apparatuses, integrated circuits, and methods are disclosed for testmode security systems. In one such example apparatus, a data storage is configured to store data. A testmode security system is configured to allow a user to access one or more testmodes of the apparatus at least partially responsive to the data storage not storing sensitive data and disallow the user from accessing the one or more testmodes of the apparatus at least partially responsive to the data storage storing sensitive data.05-16-2013
20130133087ENFORCING POLICIES IN WIRELESS COMMUNICATION USING EXCHANGED IDENTITIES - Techniques for facilitating the exchange of information and transactions between two entities associated with two wireless devices when the devices are in close proximity to each other. A first device uses a first short range wireless capability to detect an identifier transmitted from a second device in proximity, ideally using existing radio capabilities such as Bluetooth (IEEE802.15.1-2002) or Wi-Fi (IEEE802.11). The detected identifier, being associated with the device, is also associated with an entity. Rather than directly exchanging application data flow between the two devices using the short range wireless capability, a second wireless capability allows for one or more of the devices to communicate with a central server via the internet, and perform the exchange of application data flow. By using a central server to draw on stored information and content associated with the entities the server can broker the exchange of information between the entities and the devices.05-23-2013
20130133086METHOD FOR AUTHENTICATING A USER REQUESTING A TRANSACTION WITH A SERVICE PROVIDER - The present invention relates to a method for authenticating a user (Ui) requesting a transaction with a service provider (SP), which comprises: using authentication data (d05-23-2013
20130179990Confidential information access via social networking web site - A server computing device for a social networking web site receives from a user, via access of the web site, confidential information regarding the user, including information that the user does not socially share on the web site. The device associates the confidential information with a user identifier that uniquely identifies the user on the web site, and with an export group identifier corresponding to a type of the confidential information. The device associates the export group identifier with a password different from a user password the user employs to access the web site. The device receives, from a third party, a purported user identifier, a purported export group identifier, and a purported password, which the device validates against the user identifier, the export group identifier, and the password. Where validation is successful, the device permits access to the confidential information by the third party.07-11-2013
20130145482VEHICLE MIDDLEWARE - The present disclosure describes a vehicle implementing one or more processing modules. These modules are configured to connect and interface with the various buses in the vehicle, where the various buses are connected with the various components of the vehicle to facilitate information transfer among the vehicle components. Each processing module is further modularized with the ability to add and replace other functional modules now or in the future. These functional modules can themselves act as distinct vehicle components. Each processing modules may hand-off processing to other modules depending on its health, processing load, or by third-party control. Thus, the plurality of processing modules helps to implement a middleware point of control to the vehicle with redundancy in processing and safety and security awareness in their applications.06-06-2013
20080209573METHODS AND SYSTEMS FOR DISTRIBUTING ADVERTISEMENT-SUPPORTED SOFTWARE WHILE ENSURING CERTAIN SOFTWARE FREEDOMS BY LICENSE - Embodiments related generally to a method of delivering software. The method includes providing the software that includes an advertising module. The software is distributed under a license, which requires the advertising module to be distributed and active with the software. The license may also permit modification of the software and/or redistribution of the software under similar licensing terms.08-28-2008
20080201784METHODS AND APPARATUS FOR SECURE DOCUMENT PRINTING - A secure document printing system is provided. A policy server is used to define access rules for a document, and select individual users and/or groups that will have access to the document. The policy server stores the access rules along with a document decryption key. The policy server's name and address are packed in the document, and then encrypted and sent to a print server which stores it for later access. A recipient is notified that the document resides on a particular print server. The print server retrieves the specified document, contacts the policy server named in the document, and requests the document decryption key and access rules for the user, print server, and document from the policy server which replies with the related decryption key and access rules. The print server decrypts the document and prints the document based on the access rules.08-21-2008
20080201783Document file, document file generating apparatus, and document file usage method - A document file is configured to restrict, without a costly special-purpose terminal or the like, use of document data contained therein, if the document data is taken out of a predetermined location. A document file contains (i) electronic document data, (ii) usage location information indicating one or more usage locations in which use of the electronic document data is less restricted, and (ii) a data management program that causes, when a user requests use of the electronic document data, a computer to request for user location information indicating the current location of the user. Under control of the data management program, use of the electronic document data is permitted within a first usage pattern, if the user location is included in the usage locations. If not, use of the electronic document data is prohibited or permitted within a second usage pattern which is more restricted than the first usage pattern.08-21-2008
20110225659SEMANTIC CONTROLS ON DATA STORAGE AND ACCESS - Methods and apparatus teach defining an access policy to digital data available on one or more computing devices, including identifying one or more semantic attributes of at least one first digital data set and using the identified attributes to define policy dictating user access privileges. On receipt of a user request to access at least one second digital data set, semantic attributes are compared to the at least one first digital data set and access is allowed or not allowed based on the policy. Semantic attributes are selected from at least one of a closeness attribute, a relatedness attribute, and a semantic vector attribute. Also is taught configuring a policy enforcement agent on the one or more computing devices to undertake the comparing and to allow or not allow access. In turn, computer program products and computing systems for accomplishing the foregoing are provided.09-15-2011
20110225658END USER LICENSE AGREEMENT ON DEMAND - Systems and methods for providing end user license agreements on demand for information as a service is provided. In some embodiments, a computer-implemented system can include: at least one processor; and at least one publication module configured to publish content to a consumer. The computer-implemented system can also include at least one condition generation module configured to generate a representation of one or more conditions associated with use by the consumer for published content from the at least one publication module. The conditions can be canonicalized conditions representing standard terms to be included in the representation. In some embodiments, the representation is a license agreement for the consumer. The computer-implemented system can also a computer-readable storage medium storing computer-executable instructions that, when executed, cause the at least one processor to perform one or more functions of the at least one publication module or the at least one condition generation module.09-15-2011
20120278901MANAGEMENT OF ACCESS RIGHTS - A system for management of access rights to operating data and/or control data of buildings or building complexes can include a communications release service running on a first server. This release service releases a communication of a user, who is registered with an identity, with the buildings or building complexes filed for him or her in a list when his or her identity corresponds with an identity filed in the list. Also, after release of the communication has taken place by the communications release service, a building authorization service running on a second server releases specific access rights for the user to operating data and/or control data of the building or building complex on the basis of access rights filed in an authorization databank.11-01-2012
20130152215SECURE LOCATION COLLECTION AND ANALYSIS SERVICE - A location collection system is described herein that provides a uniform facility for reporting location data to a cloud-based service from a variety of devices, and that provides a uniform facility for accessing aggregated location data collected by the cloud-based service. The system collects location information related to a user and reports the location information to a central service to provide a variety of useful services to the user. By providing a big, secure location vault in the cloud, the system enables big data analytics to be used to allow current and future questions to be asked of this data and to correlate this with other data to enable new scenarios not yet enabled. Thus, the location collection system provides a model to report, gather, and analyze location data across devices and users.06-13-2013
20130152216SYSTEMS AND METHODS FOR STORAGE OF USER INFORMATION AND FOR VERIFYING USER IDENTITY - Systems and methods are provided for maintaining user profile information and allowing for biometric verification of the user's identity. The user stores or links to personal, financial, etc. information in a web page. The user can limit the types of information that is available to others. The information can be downloaded to a portable device. The information can be used for financial transactions, where the financial information is transmitted to a web site, an ATM, credit card machine, etc. for financial approval. The information can also be used to find other users with similar interest. The user stores selected characteristics that they would like to find in other users, which are compared with other user's profiles. Matching users are aided in locating one another, where they may then prove their identity to each other by biometrically verifying that they are the owner of the user profile.06-13-2013
20100299762SHARING MEDIA CONTENT ASSETS BETWEEN USERS OF A WEB-BASED SERVICE - In one embodiment, a method comprises receiving a request for access to a media content asset from a first user of a web-based service, the request specifying a second user that has provided access to the media content asset; retrieving, from a user database, a user entry describing attributes associated with the second user; determining whether the user entry includes digital rights metadata for determining whether the second user is licensed to share at least a portion of the media content asset; and selectively providing the first user with access to at least the portion of the media content asset based on determining from the digital rights metadata that the media content asset is licensed to the second user, and determining that the first user is authorized by the second user to access the media content asset.11-25-2010
20120260352METHOD AND APPARATUS FOR STORING A SOFTWARE LICENSE - In accordance with an example embodiment of the invention there is provided a method, comprising: associating an International Mobile Equipment Identity (IMSI) with a mobile telecommunication device, the IMSI configured to identify the device to a mobile telephone network; storing a software program in memory associated with the device; storing a licence, necessary for allowing the operation of the software program on the device, in memory associated with the device; and locking the licence to said IMSI such that the software application cannot be operated on the device without said IMSI being associated with the device; wherein, the licence and the IMSI are stored on the same memory medium such that they are transportable from the device together.10-11-2012
20120260348TWO-PARTY PRIVATE ESTIMATION OF DATASET SIMILARITY - A two-party approximation protocol is transformed into a private approximation protocol. A first input x∈{0, 1, . . . , M}10-11-2012
20130160143PROCESSING MACHINE WITH ACCESS CONTROL VIA COMPUTER NETWORK - A control device controlling a processing machine receives from an external source initial data which includes at least identification data identifying the source of the initial data. The control device transmits the identification data via a connection to a computer network to a computer that is part of a computer cluster and receives authorization data from the computer or from another computer of the computer cluster. The control device allows or denies the user access to the internal data of the control device depending on the authorization data.06-20-2013
20130160141Multi-User Login for Shared Mobile Devices - In particular embodiments, two or more users are provided with personalized experiences while using a shared mobile computing device. A login interface is presented for a plurality of users of the shared mobile computing device. When an indication of a login action by a first user of the plurality of users is detected, access to restricted information associated with any other user of the plurality of users is disabled. Cached information associated with the first user is retrieved from a local data store. A personalized user interface is then presented, based on the cached information. Updates to information and/or content may be cached and/or stored remotely. When an indication of a logout action by a first user of the plurality of users is detected, particular information and/or content is flushed from the local data store.06-20-2013
20130160142Track Changes Permissions - Various features and processes related to document collaboration are disclosed. In some implementations, animations are presented when updating a local document display to reflect changes made to the document at a remote device. In some implementations, a user can selectively highlight changes made by collaborators in a document. In some implementations, a user can select an identifier associated with another user to display a portion of a document that includes the other user's cursor location. In some implementations, text in document chat sessions can be automatically converted into hyperlinks which, when selected, cause a document editor to perform an operation.06-20-2013
20130185809SYSTEM FOR DELEGATION OF AUTHORITY, ACCESS MANAGEMENT SERVICE SYSTEM, MEDIUM, AND METHOD FOR CONTROLLING THE SYSTEM FOR DELEGATION OF AUTHORITY - In sequential processing including issuance of an approval token from a user to a cooperation source service via an access management service, a system for delegation of authority confirms whether each of the user and the cooperation source service has a sufficient authority to execute a service of a cooperation destination before issuing the approval token.07-18-2013
20130185808APPARATUS AND METHOD FOR PROTECTING DATA STORED IN DATA STORAGE DEVICE - A computerized method protects data stored in a data storage device. One or more safe destinations are set and correlated with predetermined data of the data storage device. When target data correlated with the safe destinations is needed to be transmitted to a target destination, whether the target destination matches with one of the safe destinations is determined. A data transmission program of the data storage device is executed, and the target data is transmitted to the target destination using the data transmission program, when the target destination matches with one of the safe destinations. If the target destination does not match with any of the safe destinations, a user is notified to input a password and the target data is transmitted to the target destination when the user has input a valid password within a predetermined time period.07-18-2013
20130185807End User License Agreement Detection and Monitoring - An approach is provided for detecting and monitoring end user license agreement (EULA) compliance is provided. A request to access a executable software code is received from an end user. A EULA version corresponding to the requested executable software code is identified. A determination is made as to whether the end user has accepted the identified EULA. If the end user has not accepted the identified EULA, then an out of date EULA notification is sent to the end user, the EULA is sent to the end user requesting an acceptance to the EULA. A EULA response is received from the end user. If the end user accepts the EULA, then the end user is allowed access to the executable software code.07-18-2013
20110289596RESTRICTING ACCESS TO VOLUMES - Architecture that provides programmatic association of a device (e.g., removable) to a currently logged-in user, and restricts access to the drive only to that particular logged-in user. When active, the architecture detects when devices are added to the system, determines which logged-in user a given device (or devices) should be assigned, modifies the security settings for the device(s), and makes a per-user drive letter mapping to that device such that only the logged-in user can see the mapped device. In the context of serially attachable peripheral devices such as USB (universal serial bus) devices (and IEEE 1394 devices), for example, access can be restricted to a user based on the USB hub into which the device is connected. This prevents the operating system from assigning a global drive letter to a device or device volume (for drives) when the device is added.11-24-2011
20110314560SHARING AND LENDING OF DIGITAL CONTENT - An individual may wish to make a gift of digital media to a designated recipient. The digital media may be previously purchased by the individual or may be new, unused digital media purchased specifically as a gift for the recipient. The sender of the gift sends a gift notification. The sender is then verified to ensure that the sender is authorized to make the gift by matching an identifier of the digital media with an identifier associated with the sender. The digital media may be associated with a set of rights and privileges. Further rights and privileges associated with the digital media may be offered to the recipient.12-22-2011
20110314559SYSTEM ACCESS DETERMINATION BASED ON CLASSIFICATION OF STIMULI - An authentication system is disclosed. Information associated with at least one of a user's use of a resource and demographic information associated with the user is collected. The collected information is processed to determine one or more stimuli to be presented to the user. The collected information is processed to determine one or more stimuli to be presented to the user. Classification data provided by the user is stored. Classification data associated with the user is received. The received classification data is compared to the stored classification data. A determination of whether to authorize an action based at least in part on the comparison is determined.12-22-2011
20110314558METHOD AND APPARATUS FOR CONTEXT-AWARE AUTHENTICATION - A method for authenticating access to an electronic document. The method includes receiving an authentication request from a user, receiving an aggregate risk score, selecting an authentication mechanism based at least on the aggregate risk score, and applying the authentication mechanism to decide the authentication request from the user. The aggregate risk score may be based at least on a comparison of the user's past behavior with a plurality of context data associated with the user.12-22-2011
20130191929FEDERATED AUTHENTICATION - A system may receive, at a site, a first message for authentication from a browser hosted on a user device; send, from the site, a redirect universal resource locator of a partner system to the browser; receive a response from the partner system via the browser, the response including a second message indicating whether an authentication of a user of a first device, at the partner system, was successful; determine whether the authentication has been successful based on the second message; and register the first device when it is determined that the authentication has been successful based on the second message.07-25-2013
20120023594METHOD AND APPARATUS FOR MANAGING CONSUMPTION RIGHT FOR MULTIMEDIA SERVICE - Disclosed is a method and an apparatus for managing a consumption right for each stage for a service including a plurality of stages or episodes. The right issuer includes the access condition, which allows an access to the Right Object (RO) for each stage, in the right object representing the consumption right for the stepped multimedia service and then transfers the right object to the device. When the stepped multimedia service is executed, the device obtains the access information satisfying the access condition corresponding to a corresponding stage from the right issuer or a service provider and then transfers the access information to the RO, allowing a user to access the RO and execute a service of the corresponding stage by using the RO.01-26-2012
20120030773MANAGING DEVICE CONNECTIVITY AND NETWORK BASED SERVICES - Methods and apparatus are provided for interoperating a device with network based services. In one embodiment, a method includes detecting registration with a service account, providing a graphical display for user selection during output associated with content stored by the device, the graphical display identifying a network based service based on the service account, and detecting user selection of the graphical display, wherein the network based service relates to a network accessible third party service associated with the device based on the service account. The method may further include transmitting the content by the device based on the user selection to the network based service.02-02-2012
20130198860Identity Verification for at Least One Party to a Text-Based Communication - Methods and apparatus are provided for identity verification for at least one user to a text-based communication. An identity of at least one user to a text-based communication is verified by obtaining a plurality of characteristic features of at least one prior text-based communication between the at least one user and at least one additional user; comparing the plurality of characteristic features to a current session of the text-based communication; and verifying the identity of the at least one user based on a result of the comparison. The text-based communication can optionally be suspended if a user is not verified and/or an alarm can be generated.08-01-2013
20130198862Identity Verification for at Least One Party to a Text-Based Communication - Methods and apparatus are provided for identity verification for at least one user to a text-based communication. An identity of at least one user to a text-based communication is verified by obtaining a plurality of characteristic features of at least one prior text-based communication between the at least one user and at least one additional user; comparing the plurality of characteristic features to a current session of the text-based communication; and verifying the identity of the at least one user based on a result of the comparison. The text-based communication can optionally be suspended if a user is not verified and/or an alarm can be generated.08-01-2013
20130198863DIGITAL ASSET AUTHENTICATION SYSTEM AND METHOD - The invention provides a digital asset authentication system and method. The invention includes a digital asset metadata register storing details of parties enrolled with the system, including at least one end user and at least one digital asset supplier, and details of digital assets available from the digital asset supplier. A security module is provided for producing a unique tag and for creating a digital asset security container for the tag comprising data relating to events involving the tag, and the tag and the security container are stored in a store. A processor executes authentication software in response to a request from said one end user for a respective digital asset to validate the request by reference to the metadata register to verify that the metadata register lists said one end user and the respective digital asset. In response to a valid request, the processor firstly causes the security module to produce the tag and to create the security container containing data relating to the end user, the digital asset request and the digital asset, and secondly generates a message for said one end user including the tag and authorizing release of said digital asset for download, play or use.08-01-2013
20130198861VIRTUAL AVATAR AUTHENTICATION - In one general embodiment, a method for determining a controlling entity of a first avatar in a virtual world includes: receiving a request for access to a resource via a first avatar; providing a challenge to the first avatar in response to receiving the request; receiving a challenge response via the first avatar in response to the challenge; determining an identity confidence level based on the challenge response; making an identity determination for a controlling entity of the first avatar based on the identity confidence level; and providing or denying access to the resource based on the identity determination.08-01-2013
20120036584REPORTING INFORMATION ABOUT USERS WHO OBTAIN COPYRIGHTED MEDIA USING A NETWORK IN AN UNAUTHORIZED MANNER - Methods and systems for reporting information about users who obtain copyrighted media illegally using a network are provided. A particular copyrighted media from a source of copyrighted media may be associated with a user's computer. Copyright fees have not been paid for the particular copyrighted media. Information about the user of the computer is reported.02-09-2012
20120060226METHOD FOR AUTHORIZING USE OF AUGMENTED REALITY (AR) INFORMATION AND APPARATUS - A method for authorizing use of Augmented Reality (AR) information includes acquiring information regarding a location at which the AR information is to be provided, authorizing a user to use the AR information, creating attribute information including the AR information, the location information, and authority information, and transmitting the attribute information to an AR system. The AR system can register the attribute information, and can provide the AR information only to authorized users. An apparatus to authorize use of Augmented Reality (AR) information includes a location information acquiring unit, an authorization unit to authorize a user to use the AR information, and an AR information processor to create attribute information. The attribute information is transmitted to an AR system as a request for the AR system to register the attribute information so the AR system provides the AR information only to authorized users.03-08-2012
20130205407USER INTERFACE, MACHINE AND METHOD - A user interface (08-08-2013
20130205409APPARATUS, AND ASSOCIATED METHOD, FOR ALERTING USER OF COMMUNICATION DEVICE OF ENTRIES ON A MAIL MESSAGE DISTRIBUTION LIST - Apparatus, and an associated method, for alerting a respondent that generates a reply to a received mail message of addressing of the reply message to a non-secure address. A detector detects reception of a received mail message, and a correlator determines whether any of the entries on a distribution list associated with the received mail message is of selected characteristics, i.e., non-secure. If determined to be non-secure, an annunciator generates an annunciation requiring the respondent to elect whether to include the identified address as a recipient of the reply message.08-08-2013
20130205408LIVE REPRESENTATION OF USERS WITHIN ONLINE SYSTEMS - The present disclosure relates to representation of users within online systems, such as social networks, online services, and platforms. A method for representing a user within an online system is provided, comprising receiving by the online system a live recording of a first user of the online system, the first user defining permissions to access the live recording; requesting a representation of the first user by a second user of the online system; determining if the second user is authorized to access the live recording based on the permissions; and if the second user is authorized, providing the live recording to the second user as the representation of the first user. Furthermore, an online system and a data structure representing a user of an online system are defined.08-08-2013
20130205410Methods and Systems for Securing Data by Providing Continuous User-System Binding Authentication - Devices, methods, and computer programs are presented for managing data security. One example method includes receiving user identification information from a screen of a device that is connectable to a database of secure information. The method proceeds to authenticating of the user identification information. The authenticating includes capturing image data of a user associated with the user identification information. The method further includes providing access to the database of secure information upon authenticating the user identification information, such that while the access is provided the capturing of the image data of the user is maintained. The method includes recording data of user interactive input and viewed images displayed on the screen while the access provided. The method binds the captured image data of the user to the recorded data to produce audit data for the user when accessing the database of secure information. The method is executed by a processor.08-08-2013
20120304309Conditional Access System and Method - The present invention relates to methods of and systems for providing conditional access to electronic content. Electronic content is provided to a user along with authorization information. The electronic content may be transmitted to the user, and the user may use the authorization information to access the electronic content. An authorization code may be provided to the user such that the user may be granted access to the content based on a comparison of the provided authorization code and a second authorization code transmitted with the electronic content, and transmission of the second authorization code may be controlled by a content provider to control access by the user.11-29-2012
20130212703Role-Based Content Rendering - Systems and methods for rendering role-based content are described herein. The system includes a registration module configured to define an application role in a metadata driven framework for providing selective access to the content. The content may include data and content objects. The registration module may also be configured to associate content objects with the application role. The system may also include an authentication module configured to authenticate a user from a plurality of users. The user may be authenticated based on log-in credentials of the user. The authentication module may also determine the application role of the user. Additionally, the authentication module may identify one or more content objects based on the determined application role of the user. The content objects may be identified based on the application role of the user.08-15-2013
20130212704SECURE DIGITAL STORAGE - Systems and methods for activating a token to enable a user to enter a transaction based on information received from a recovery key and a passcode are described herein.08-15-2013
20130212706BROADCASTING OF ELECTRONIC DOCUMENTS PRESERVING COPYRIGHT AND PERMITTING PRIVATE COPYING - A method of broadcasting electronic documents allowing the protection of copyright and private copying includes a network accessible control server taking customer orders, network accessible delivery and control servers, and equipment supporting a display for consulting the document. Each document copy is generated by the delivery server based on the document model ordered. A controller verifies digital rights in force at consultation time, and contains other digital rights acquired by the customer. Copy generation is triggered by the customer activating a URL link to the delivery server. This link was previously sent to the customer via electronic messaging by the order server, containing at least the unique identifier of the copy ordered. The copy is loaded onto the customer's equipment on completion of generation and can be consulted only after issuing a request to the control server containing the unique identifier, and the receipt of the response permitting consultation.08-15-2013

Patent applications in class By authorizing user