Inventors list

Assignees list

Classification tree browser

Top 100 Inventors

Top 100 Assignees


By authorizing data

Subclass of:

726 - Information security

726026000 - PREVENTION OF UNAUTHORIZED USE OF DATA INCLUDING PREVENTION OF PIRACY, PRIVACY VIOLATIONS, OR UNAUTHORIZED DATA MODIFICATION

726027000 - Access control

Patent class list (only not empty are listed)

Deeper subclasses:

Entries
DocumentTitleDate
20100088772SECURE SYSTEM AND APPARATUS FOR DATA DELIVERY - A system and apparatus for data delivery facilitates secure and controlled delivery of digital information, particularly in the context of an event, but also in the context of commercial and educational forums and the like. Preferably an administrator is positioned between parties wishing to share digital information and parties wishing to obtain such information. The administrator ensures that the digital information falls within certain security and formatting criteria so that parties may obtain the information without fear of damage to or abuse of their computing devices.04-08-2010
20090106850CONDITIONAL ACCESS TO DIGITAL RIGHTS MANAGEMENT CONVERSION - The present invention provides for an interface between two seemingly incompatible and different content protection systems. Accordingly, protected content may be transferred between the respective security kernels of a conditional access (CA) and digital rights management (DRM) systems, while maintaining security of the content and any associated protection information. The transfer and consumption of protected content and the associated content protection information may be achieved by temporarily or permanently binding the respective security kernels of the CA and DRM systems, transcribing content protection information, and potentially transcribing the content.04-23-2009
20090193526POSTED MOVE IN ANCHOR POINT-BASED DIGITAL RIGHTS MANAGEMENT - An anchor-point based digital rights management provides for a posted move of one or more digital rights between two devices. By executing a posted move, a user (1) disables a binding record of a source user device, thereby terminating authorized use of the digital property instance through at the source anchor point; and (2) enables a different binding record of a target user device, thereby allowing authorized use of the digital property instance through that target anchor point. Such a “move” can accomplished through secure communications links mediated by one or both of a content handler and an anchor point message system.07-30-2009
20090193525IMAGE PROCESSING APPARATUS, IMAGE PROCESSING METHOD, AND STORAGE MEDIUM - An image processing apparatus includes a generation unit configured to scan a document and generate an original image, a decoding unit configured to decode a two-dimensional code on the original image generated in the generation unit to obtain original information, and a determination unit configured to determine whether the original information obtained in the decoding unit contains a password. The image processing apparatus also includes a conversion unit configured to convert the original image generated by the generation unit into an electronic file attaching the password if the determination unit determines that the original information contains the password, and convert the original image generated by the generation unit into an electronic file without attaching the password if the determination unit determines that the original information does not contain the password, and a sending unit configured to send the electronic file obtained by the conversion in the conversion unit.07-30-2009
20130036480SYSTEM AND METHOD FOR SHARING OF DATA SECURELY BETWEEN ELECTRONIC DEVICES - A system for securely sharing data and conducting transactions in an electronic environment. The system may include a personal information device having a processor, memory and biometric sensor. Personal data is stored in the memory of the personal information device. The personal information device may be registered with a centralized system. Data stored on the personal information device may be uploaded to an access device upon verification of a user's identity using a biometric recognition technique.02-07-2013
20100043081Detecting and Revoking Pirate Redistribution of Content - Disclosed are methods, systems and articles for tracing and disabling one or more unauthorized distributors of content originally transmitted by a distribution center. In some embodiments, a method includes receiving rebroadcast transmissions of a data segment previously transmitted by the distribution center, the received segment including embedded information associated with a subset of recipients that includes at least one of the unauthorized distributors, and identifying the subset based on the embedded information. The method further includes assigning recipients in the identified subset into two or more new subsets such that the at least one unauthorized distributor is assigned to one of the two or more new subsets, and coding a subsequent data segment to be transmitted with additional embedded information associated with the two or more new subsets. The above operations may be repeated until the at least unauthorized distributor is identified.02-18-2010
20100107261COMMUNICATION MANAGEMENT SYSTEM AND COMMUNICATION MANAGEMENT METHOD - In a communication management system, a communication control apparatus includes: a normal signature list which stores a list of signatures of normal communication; a search circuit which acquires communication data and searches the normal signature list storing signatures of normal communication to check if the signature of the communication data appears in the list; and a process execution circuit functioning as a warning unit which issues a warning when there is detected communication data of which the signature does not match any signature of normal communication stored in the normal signature list. An operator terminal includes: a determination result acquisition unit which acquires a determination result indicating whether or not communication data against which a warning has been issued is normal; and a normal signature list update unit which, when the determination result acquisition unit acquires a determination result that communication data against which a warning has been issued is found to be normal, adds the signature of the communication data to a normal signature list.04-29-2010
20100095385Method And Device For Classifying And Processing Data In Instant Messaging System - The embodiment of this invention provides a method for classifying and processing data in an instant messaging system, which includes: classifying the data of every service included in the instant messaging system into confidential data and non-confidential data; obtaining and processing the non-confidential data of every service after a first authentication is passed successfully; and obtaining and processing the confidential data of every service after a second authentication is passed successfully. The embodiment of this invention also provides a device for classifying and processing data in an instant messaging system. According to the embodiment of the present invention, the security requirements of the instant messaging system are met, and the user is facilitated to use various services provided by the instant messaging system.04-15-2010
20130047271Author Authorization of Electronic Works - Described is a system, device and method for granting rights or authorizing access to or delivery of a second, subsequent or other electronic copy of an author's work to consumers and others who have previously purchased a copy of the same or other author's work. The second copy of the work is for use on or through a consumer device such as a second consumer device that is also owned by the consumer who purchased or leased a first copy of the first work. An authentication credential or proof of purchase provides the system a means to determine if authorization may be granted for an electronic copy of an author's work.02-21-2013
20090044284System and Method of Generating and Providing a Set of Randomly Selected Substitute Characters in Place of a User Entered Key Phrase - Systems and methods of generating and providing a set of randomly selected substitute characters in place of a user entered key phrase are described here. One embodiment includes receiving a key phrase input by a user to gain access to secured data, and, in response to receiving the user entered key phrase, randomly selecting a set of substitute characters and providing the set of substitute characters in place of the key phrase entered by the user. In one embodiment, the randomly selecting comprises using a random number generator to select from a substitute character from a pre-generated set of substitute characters for each character, number, or text of the user entered key phrase. In one embodiment, the providing the set of substitute characters further comprises providing the randomly selected set of substitute characters in a display buffer as the user entered key phrase.02-12-2009
20110004943Online personal library - A method and an apparatus for creating an online library by establishing an account for a user on a first server computer, allocating storage space for the user on the first computer, the receiving from a second server computer a document to be stored in the first server computer in the user's allocated storage space. The library is made accessible to selected groups of others by the user based on access criteria. The library holds documents, which can be modified by another person who is authorized to so modify, whereupon the modifications may be transmitted to or approved by a group of users.01-06-2011
20130074198METHODS AND SYSTEMS TO FINGERPRINT TEXTUAL INFORMATION USING WORD RUNS - The present invention provides methods and systems to enable fast, efficient, and scalable means for fingerprinting textual information using word runs. The present system receives textual information and provides algorithms to convert the information into representative fingerprints. In one embodiment, the fingerprints are recorded in a repository to maintain a database of an organization's secure data. In another embodiment, textual information entered by a user is verified against the repository of fingerprints to prevent unauthorized disclosure of secure data. This invention provides approaches to allow derivative works (e.g., different ordering of words, substitution of words with synonyms, etc.) of the original information to be detected at the sentence level or even at the paragraph level. This invention also provides methods and systems for enhancing storage and resource efficiencies by providing approaches to optimize the number of fingerprints generated for the textual information.03-21-2013
20130061337SECURING SHIPMENT INFORMATION ACCESSED BASED ON DATA ENCODED IN MACHINE-READABLE DATA BLOCKS - Example embodiments provide a Shipment Preparation System (“SPS”), which facilitates the preparation of shipments, such as by producing shipping labels. In one embodiment, the SPS is configured to receive shipment preparation information from a bar code or other machine-readable data block in a packing list. The shipment preparation information identifies a uniform resource identifier (“URI”) that identifies a code module that is remote from the SPS. The shipment preparation information and/or the URI further includes an access token. The SPS then uses the URI to communicate with the code module in order to access shipment information (e.g., to read a read a shipping address, to store an indication that a shipment is ready for pick up). The code module restricts access to the shipment information based on the access token, such as by only allowing a limited number or duration of access via the token.03-07-2013
20130061336STANDING ORDER DATABASE SEARCH SYSTEM AND METHOD FOR INTERNET AND INTRANET APPLICATION - An internet and/or intranet based system and method for limiting access to confidential records to properly authorized and authenticated parties. The system's central premise is that the person to whom such records pertain should control access rights through specific, informed consent. It reinforces the widely held conception of privacy in general, while also providing an expedited and cost efficient means to find and transfer confidential records. It also gives the repositories where these records are held the right to stipulate the specific terms and conditions that must be fulfilled before they will release documents. And it carries out all of these legitimate interests in a way that is fast, simple to use and easy to audit. The system optionally includes a billing mechanism to pay for any added cost associated with providing this additional protection; and in its preferred embodiment, is applicable to both digital as well as non-digital records.03-07-2013
20090271876IC CARD, AND ACCESS CONTROL METHOD THEREOF - There has been no access control method combining two different authentication methods, i.e., authentication by password collation or secret key encryption and authentication by public key encryption.10-29-2009
20090271875Upgrade Module, Application Program, Server, and Upgrade Module Distribution System - An upgrade module is configured to perform necessary upgrade of firmware to enable a function related to an operation of a device, and operates as part of an application program that uses the operation of the device. As a result, only those users that satisfy a special condition can upgrade the firmware.10-29-2009
20090271874METHOD AND SYSTEM FOR SECURE LIGHTWEIGHT STREAM PROCESSING - A system and method for processing an information unit/packet (IU) in a stream processing system includes decomposing an IU into sub-information units persisted other than in the IU. An index or reference is generated in the IU for retrieving the persisted sub-information units during processing.10-29-2009
20120227115LICENSE MANAGEMENT PLATFORM APPARATUSES, METHODS AND SYSTEMS - The LICENSE MANAGEMENT PLATFORM APPARATUSES, METHODS AND SYSTEMS (“LMP”) transform content seed selections and recommendations via LMP components such as discovery and social influence into events and discovery of other contents for users and revenue for right-holders. The LMP may detect a request to engage a universally resolvable media content (“URMC”) item. The LMP may obtain an expiration date for a URMC license token associated with the URMC item and may determine whether the license token is expired. The LMP may facilitate discarding of a license key associated with the expired license token and may deny the request to engage the URMC item with the associated expired license token. The LMP may provide a request for an updated token and requisite credentials for the updated token, obtain a response including an updated token and facilitate engaging of the requested URMC item with an associated valid updated token.09-06-2012
20120117665METHODS AND COMPUTER PROGRAM PRODUCTS FOR CONTROLLING RESTRICTED CONTENT - A method and computer program product for managing restricted content, such as confidential or classified content, using content signatures are provided. A registry is established within an indexed archive system for content signatures of restricted files. Participants enroll in the registry and submit content signatures of all their files to the registry. The registry compares the submitted content signatures to those stored previously in the registry. The registry initiates a control action whenever there is a match between a participant's content signature and a previously stored content signature of a file to which the participant does not have access rights. When there is no match, the participant retains access to the restricted file.05-10-2012
20120117664SYSTEM FOR SECURE WEB-PROMPT PROCESSING ON POINT OF SALE DEVICES - A point of sale system including at least one proxy server having an internet connection, a web browser operative to download web pages from the internet via the proxy server, and a real time user input limiting trusted computing base module communicating with the web browser and being operative to limit user input to the web pages in real time.05-10-2012
20110023133GRID LICENSING SERVER AND FAULT TOLERANT GRID SYSTEM AND METHOD OF USE - A system and method for managing licensed and non-licensed resources in a grid network is provided. A license server receives and processes requests for a license and determines whether a license is available and, if necessary, causes a new configuration to be created on a server for satisfying the request. A new grid node may also be created and configured to be added to the grid for creating additional capacity for grid processing. The configuration may be performed at a time prior to an actual need by the grid, perhaps due to a faulted node, and quickly brought on-line with a simple configuration update. The new grid node may also have a virtual IP address reassigned to quickly redirect processing from the faulted node to the newly configured node. Also, an external resource dispatcher may add new resources such as storage or processing capacity to the grid and may coordinate the new resources with the license server.01-27-2011
20110023132SYSTEM AND METHOD FOR GENERATING TARGET AREA INFORMATION OF A BATTLEFIELD USING INFORMATION ACQUIRED FROM MULTIPLE CLASSIFICATION LEVELS - A system and method for generating target area information. The system comprises a first processor effective to receive first information of a first classification level and a second processor effective to receive second information of a second classification level distinct from the first classification level. A cross domain processor is in communication with the first and second processors. The second processor is effective to receive a request from a requesting entity about a region of interest and interrogate a first sensor regarding the request. The second processor is further effective to receive first information from the first sensor and send the request through the cross domain processor to the first processor. The first processor is effective to interrogate a second sensor regarding the request and receive second information from the second sensor. The first processor is further effective to filter the second information based on the first and second classification levels to produce filtered information and send the filtered information through the cross domain processor to the second processor. The second processor is further effective to integrate the first information and the filtered information to produce integrated information and send the integrated information to the requesting entity.01-27-2011
20130067601GENERATING DEVELOPER LICENSE TO EXECUTE DEVELOPER APPLICATION - One or more techniques and/or systems are disclosed for generating a developer license that allows a developer application to run on developer machine. A user identification (userID) used to register a user can be used by the user to register as a developer. The userID can be authenticated for the registered developer. Further, a machine used by the developer for the developer application can be registered, and a resulting hardware identification (hardwareID) can be authenticated for the registered developer machine. Additionally, a developer certificate can be generated for the registered developer. The developer certificate can be authenticated and used to sign the developer application. The developer license can be generated for the developer, allowing the developer machine to execute the developer application, based at least upon the authenticated userID, the authenticated hardwareID, and the authenticated developer certificate.03-14-2013
20130067600SELECTIVE FILE ACCESS FOR APPLICATIONS - Methods, systems, and computer program products are provided for enabling selective file system access by applications. An application is installed in a computing device. An application manifest associated with the application is received. The application manifest indicates one or more file types that the application is allowed to access. The indicated file type(s) are registered in a location accessible by a broker service. The application is launched as an application process. The application process is isolated in an application container. The application container prevents direct access by the application process to file system data. An access request related to first data of the file system data is received at the broker service from the application process. Access by the application process to the first data is enabled when the broker service determines that a file type of the first data is included in the registered file type(s).03-14-2013
20120233711DIGITAL WORKS HAVING USAGE RIGHTS AND METHOD FOR CREATING THE SAME - Digital work adapted to be distributed within a system for controlling at least one of the distribution and use of digital works. The digital work includes digital content representing a portion of a digital work suitable for being rendered by a rendering device and usage rights associated with the digital content. The usage rights specify a manner of use indicating one or more stated purposes for which the digital work can be at least one of used and distributed by an authorized party.09-13-2012
20120233707DIGITAL WORKS HAVING USAGE RIGHTS AND METHOD FOR CREATING THE SAME - Digital work adapted to be distributed within a system for controlling at least one of the distribution and use of digital works. The digital work includes digital content representing a portion of a digital work suitable for being rendered by a rendering device and usage rights associated with the digital content. The usage rights specify a manner of use indicating one or more stated purposes for which the digital work can be at least one of used and distributed by an authorized party.09-13-2012
20120233706System and Method for Secure Licensing for an Information Handling System - Systems and methods for reducing problems and disadvantages associated with traditional approaches to secure licensing for an information handling system are provided. In accordance with additional embodiments of the present disclosure, a method may include: (i) booting an information handling system to an operating system stored on a memory of a secure licensing device coupled to a port of the information handling system; (ii) establishing a secure wireless network connection between the secure licensing device and a licensing server; (iii) retrieving information regarding one or more hardware components of the information handling system; (iv) retrieving a license key for a software program associated with information handling system from the licensing server; (v) generating a unique marker binding the license key to the one or more hardware components; and (vi) storing the unique marker on the information handling system.09-13-2012
20090013413Systems and methods for providing privacy settings for applications associated with a user profile - Systems and methods for providing privacy settings for applications associated with a user profile are provided. Exemplary methods include receiving a request from a member of a web-based social network to install an application in association with a member profile, installing the requested application, providing privacy settings selections to control access to data associated with the installed application, receiving a privacy settings selection from the member, and displaying data associated with the application based on the privacy settings selection.01-08-2009
20130167254Universal Serial Bus Shield - A system for thwarting malicious malware attacks on computing devices potentially introduced by flash drives and similar universal serial bus (“USB”) devices. The system disclosed herein includes a USB shield that treats both a hosting computer and a newly inserted USB device with appropriate caution and monitors interactions between the host and the device based on its own logic. In some embodiments, the USB shield is configured independently of its intended host or intended target device. Once configured, the shield is typically plugged into a host computer, and then a desired USB device is plugged into the shield and then monitors and blocks all communications inconsistent with its configuration parameters. In some embodiments, the USB shield modifies certain communications (such as filenames) as a safety precaution if so configured to defeat auto-run logic even if configured on a host computer.06-27-2013
20120192292CATEGORIZED CONTENT SHARING, IDENTICAL CONTENT MAINTANANCE AND USER PROTECTION IN A PEER-TO-PEER NETWORK - Methods and apparatus for sharing content between devices over a peer-to-peer (P2P) network without servers. The content is distributed to all the devices connected to the network. The distributed content may be identical and/or categorized. The content may be marked with a trust rating, and a user is enabled to both report and delete inappropriate/defective content and also report trusted content. A user may also be protected from using inappropriate/defective/non-trusted content and may prevent re-sharing of such content by other users.07-26-2012
20110283368IDENTIFICATION AND END-USE DIFFERENTIATION IN DIGITAL MEDIA - A method for operating a media player includes extracting a set of identifiers from a digital medium holding an encoded video content, using a media player. The method further includes transmitting the set of identifiers to an identification service to obtain status information indicating a title for the video content, an authorization status of the digital medium, and an end-use designation for the digital medium selected from rental or sell-through. The method further includes controlling at least one function of the media player used to provide video output from the media player, in response to the status information. Extracting the set of identifiers may include extracting five identifiers comprising a volume name, a book type, and a time stamp for the digital medium, a file directory hash, and a watermark description. The method may be embodied in a media player or encoded instructions for a media player.11-17-2011
20110283369METHOD OF MANUFACTURING SECURITY DOCUMENT AND METHOD FOR AUTHENTICATING THE DOCUMENT - A method of manufacturing a security document is provided, comprising: providing a first security element article having a corresponding predetermined first unique identification code which is detectable from the first security element article; incorporating the first security element article into a document; generating a machine-readable security feature containing document data representative of the first unique identification code corresponding to the first security element article and of at least a second unique identification code corresponding to a second security element applied to the document; and applying the machine-readable security feature to the document.11-17-2011
20110283367SECURING A COMMUNICATION PROTOCOL AGAINST ATTACKS - A method, system, and computer usable program product for securing a data communication against attacks are provided in the illustrative embodiments. A segment in the data communication is received at a first application executing in a first data processing system. The segment is formed according to a data communication protocol and includes an option. The option includes a current clue and a next clue. The current clue is compared with a saved next clue, the saved next clue being a next clue in a previous segment. The segment is accepted as being a valid segment in the data communication if the current clue matches the saved next clue. A part of the segment is sent to a consumer application.11-17-2011
20090151009SYSTEMS AND METHODS FOR END-TO-END RESOURCE RESERVATION AUTHENTICATION - A network device constructs an outgoing resource reservation message and determines an authentication value, using, for example, a cryptographic algorithm and at least a portion of the outgoing message. The network device identifies a destination node for the message and inserts the authentication value in the message. The network device sends the message across a network to the destination node for authentication at the destination node using the authentication value.06-11-2009
20110302663Method and System for Securing a Home Domain From External Threats Received by a Gateway - A method and system are provided in which a broadband gateway may handle at least one physical layer connection to at least one corresponding network access service provider. The broadband gateway may receive content comprising an application through the at least one network access service provider and may store the content in a first portion of a memory. A software agent may be utilized to request the content and/or to store the received content in the first portion of the memory. The broadband gateway may execute the application after access by the application to a second portion of the memory is disabled. After the execution of the application is completed, access to the second portion of the memory may be enabled. In some instances, the application may be verified to determine whether it is secure for utilization and/or distribution. When verification fails, the application may be deleted.12-08-2011
20120005763SYSTEM AND METHOD FOR RENDERING CONTENT ASSOCIATED WITH A DIGITAL WORK - A method, system and software for permitting use of digital works having rights associated therewith in a system having repositories configured to enable use of the digital work in accordance with the rights, including associating a transfer right with a digital work, the transfer right specifying that the digital work is transferred from a first repository to a second repository; transferring the digital work from the first repository to the second repository in accordance with the transfer right; and in response to the transferring, step updating transfer right information in respect of the digital work.01-05-2012
20110289601DIGITAL RIGHTS MANAGEMENT OF STREAMING CAPTURED CONTENT BASED ON CRITERIA REGULATING A SEQUENCE OF ELEMENTS - A captured content rights controller detects a first portion of streaming captured content and a second portion of the streaming captured content after the first portion of the streaming captured content is detected. The captured content rights controller determines whether rendering the second portion of the streaming captured content after the first portion of the streaming captured content is subject to at least one digital rights management protection rule for streaming captured content as specified by at least one owner of at least one restricted element within the streaming captured content captured independent of distribution of the content by the owner of the at least one restricted element within the streaming captured content. The captured content rights controller applies the at least one digital rights management protection rule to restrict rendering of the second portion of the streaming captured content after the first portion of the streaming captured content.11-24-2011
20110289600DETECTION OF HIDDEN OBJECTS IN A COMPUTER SYSTEM - System and method for detecting a security compromise of a service module of an operating system running on a computer. At least one native service module returns a first set of requested information relating to at least one object in the computer system in response to a request made by at least one process or thread. A secondary service module generates and returns a second set of requested information relating to the at least one object in the computer system in response to a request made by at least one authorized process or thread, bypassing the at least one native service module. Access of threads is limited to the secondary service module such that only predetermined threads generated by a trusted security application are permitted to access the secondary service module.11-24-2011
20110296534SECURITY THREAD FOR PROTECTING MEDIA CONTENT - Disclosed herein is a system and method for protecting copyrighted media content. The copyright and playback management information is embedded into at least one data field of the media content. The media content is then encoded for a serial copy management system (SCMS) that utilizes the copyright and playback management information to ensure the appropriate copyright protection of the media content based at least in part on the embedded copyright and playback management information.12-01-2011
20090025092SECURE ONLINE DATA STORAGE AND RETRIEVAL SYSTEM AND METHOD - In a preferred embodiment, a secure online data storage and retrieval system and method is provided. This may include a secure database capable of storing personal data provided by users, and a website in communication with the database which may be accessible to users who enter personal information. The website can securely receive and securely transfer user personal data to or from one or more third parties, such as private and/or state and/or federal governmental entities, upon a user's request. An API source code interface or other secure method of transmission may be used for this purpose. Portions of the personal data may be authenticated by one or more third parties prior to storage in the database. In this manner, users may be permitted to quickly obtain authenticated copies of various documents or send such copies to desired recipients. This can be especially advantageous should such documents (e.g., birth certificates, passports, etc.) be lost, stolen or destroyed.01-22-2009
20090031430SOFTWARE ACTIVATION CONTROL METHOD - A software application installation method installs a software application on a device such that the installed application can only be activated on said device. Thereto, an authorization application is installed as well on the device. During installation, the authorization application generates a software release code that is stored in a first and a second memory location, of which at least one is a memory location not accessible to a user. When the software application is later activated on the device, the authorization application compares the software release codes stored in said two memory locations. The application is only started if the software release codes correspond. Further, an authorization verification method is disclosed. A second party may verify the legitimacy of the installed application by storing device specific identification data and application specific installation data when a first connection is established and later comparing said data if a second or further connection is established.01-29-2009
20100154066System and Method for Managing Security Testing - The subject matter relates generally to a system and method for managing security testing. Particularly, this invention relates to maintaining a security database by correlating multiple sources of vulnerability data and also to managing security testing from plural vendors. This invention also relates to providing secure session tracking by performing plural authentications of a user.06-17-2010
20100169984METHOD AND APPARATUS FOR CONTENT MANAGEMENT - The present application relates generally to content management (e.g., managing audio and video items in portable devices). One claim recites a method including: utilizing electronic memory housed in a portable device, maintaining a listing of up to N identifiers associated with previously accessed audio or video items, where N is an integer, and where each previously accessed audio or video item has an identifier associated therewith; utilizing a programmed electronic processor housed in the portable device, restricting access to a new audio or video item if: i) an identifier associated with the new content item is one of the N identifiers associated with the previously accessed audio or video items, or ii) less than N audio or video items have been accessed within a predetermined time. Of course, other claims and combinations are provided as well.07-01-2010
20100269179Security Client Translation System and Method - Systems and methods for controlling the use of audio, video and audiovisual content are provided. Usage rights and entitlement translation permit numerous devices to store and view media content. The usage rights may be encoded in the content or otherwise bound to the content. Security packages may be created by mapping Conditional Access System entitlements to DRM in hardware security elements. Playback devices are configured to access the translated usage rights and verify rights prior to the viewing of media.10-21-2010
20130219523SELECTIVELY EXPOSING BASE CLASS LIBRARIES BASED ON APPLICATION EXECUTION CONTEXT - Allowing access to APIs based on application context. A method includes determining an application context for an application. A layer is determined for a base class library. Layers of the base class library are defined by one or more developer defined attributes associated with an API, where the API is included in the base class library. The base class library is divided into layers based on the developer defined attributes. The one or more attributes define which application contexts can access the API. If the layer matches the application context then access by the application to the API is allowed.08-22-2013
20110219460NETWORK BASED DIGITAL RIGHTS MANAGEMENT SYSTEM - A network-based DRM system manages digital media assets stored in the network. The system provides consumers with access to the digital media from any device connected to an electronic network such as the internet, while enforcing the intended uses by the copyright owners.09-08-2011
20100115630ARCHITECTURE OF AN OPEN LOCAL AREA NETWORK FOR AUDIO SERVICE SUPPORT BETWEEN USERS OF PARTITIONED DOMAINS - The invention relates to a system for data exchange between at least two communication networks using the IP Internet protocol, a first network having a security level N05-06-2010
20120110681SYSTEMS FOR EMAIL COMMUNICATIONS - Systems and methods are provided for email communications between senders and receivers. In accordance with one implementation, a computerized method is provided that allows composing an email by a sender in Send Location of Send City at Send Time through the sender's mobile device. In the implementation, in composing the email, the sender's company may monitor the sender's Send Location, without awareness of the sender. In addition, when composing the email, the GPS receiver included in the sender's mobile device may be configured to locate the Send Location. Moreever, to prevent the sender's realization that the sender is being monitored, the Send location may be included only as header information of the composing email of the composing email.05-03-2012
20120110680METHOD AND APPARATUS FOR APPLYING PRIVACY POLICIES TO STRUCTURED DATA - An approach is provided for applying privacy policies to structured data. A privacy policy management infrastructure receives a request for an exchange of structured data among a plurality of devices. The privacy policy management infrastructure determines one or more elements of the structured data. The privacy policy management infrastructure also determines one or more privacy policies corresponding to the structured data, respective ones of the one or more elements, or a combination thereof. The privacy policy management infrastructure further determines to apply the one or more privacy policies to the structured data, respective ones of the one or more elements, or a combination thereof when initiating the exchange.05-03-2012
20090151007DIGITAL RIGHTS MANAGEMENT FOR RETRIEVING MEDICAL DATA FROM A SERVER - The invention relates to a method of and system for retrieving medical data from a server, the method comprising: requesting the medical data from the server by an uncertified client; installing a certified digital rights management service on the uncertified client; managing the requested medical data according to the installed certified digital rights management service thereby retrieving the medical data from the server; the system comprising means for requesting the medical data from the server by an uncertified client means for installing a certified digital rights management service on the uncertified client; means for managing the requested medical data according to the installed certified digital rights management service thereby retrieving the medical data from the server.06-11-2009
20100122352Method for Operating an Installation Using Data Protected Against Unauthorized Use - A method and a device for operating a technical installation using data from a third party are provided, the data being protected against unauthorized use. A first and a second rights object are used for protecting the data, the first rights object specifying an authorized use of the data with a variable not defined in respect of its value and the second rights object defining a value for the variable.05-13-2010
20110197287SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR EVALUATING METADATA BEFORE EXECUTING A SOFTWARE APPLICATION - Systems and methods are provided for managing license objects to applications in an application platform database system. The method includes associating an LMA with an application installed to the application platform by a developer, notifying a license manager to which the license manager application is installed of the installation of the application to the application platform, and managing subscriber access to the application using the license manager application.08-11-2011
20100031374Security-activated operational components - Various methods and systems include exemplary implementations for a security-activated operational component. Possible embodiments include but are not limited to obtaining access to an object data file configured to implement various functional operation regarding one or more objects; verifying validity of an authorization code associated with the object data file; and controlling operation of the operational component to enable or prevent its activation pursuant to the authorization code in accordance with one or more predetermined conditions.02-04-2010
20100100970ENFORCING ALIGNMENT OF APPROVED CHANGES AND DEPLOYED CHANGES IN THE SOFTWARE CHANGE LIFE-CYCLE - On a host, host content change requests are intercepted in real-time. In a tracking mode, the change requests are logged and allowed to take effect on the host. In an enforcement mode, the change requests are logged and additionally compared against authorized change policies and a determination is made whether to allow the change to take effect or to block the changes, thereby enforcing the authorized change policies on the host. Tracking and enforcement can be done in real-time. In either mode and at any time, the logged changes can be reconciled against a set of approved change orders in order to identify classes of changes, including changes that were deployed but not approved and changes that were approved but not deployed.04-22-2010
20100083385RIGHT MANAGEMENT METHOD, ITS SYSTEM, SERVER DEVICE USED IN THE SYSTEM, AND INFORMATION DEVICE TERMINAL - There is provided an authority management system in which, when a data user discloses secret information only to a specific partner having the authority to receive the disclosure of the secret information, the information can be disclosed only if the correctness of the partner is confirmed in a face-to-face manner. A holder of disclosure data encrypts data, generates and divides a decryption key of the data, and sends a partial decryption key to a disclosure partner beforehand. At the time of data disclosure, the data holder physically meets a disclosure partner terminal. The partial decryption key is sent in a proximate state, and the decryption key is reproduced. With this, the data is decrypted and disclosed. Thus, the data holder meets the disclosure partner having the authority to receive the disclosure, and visually confirms the correctness of the partner.04-01-2010
20100100969COPYRIGHT PROTECTION DATA PROCESSING SYSTEM AND REPRODUCTION DEVICE - If playback devices are prohibited from playing back contents recorded in R media, there occurs a problem that it takes more time to manufacture commercial ROM media. Conversely, if playback devices are permitted to play back contents recorded in R media, there occurs a problem that copyrights might be infringed. In view of these, the aim of the present invention is to provide a content protection data processing system and a playback device capable of determining whether to permit playback of a content recorded in a recording medium, based on a medium type of the recording medium and a signature type of a signature attached to a program, and switching a procedure relating to a digital signature for each signature type of the digital signature. This enables both the protection of the copyright of the content and the efficient manufacturing of commercial ROM media.04-22-2010
20090077673COPYRIGHT DETECTION AND PROTECTION SYSTEM AND METHOD - A method and system for a website to detect unauthorized transmission of digital works. In one embodiment, the method includes obtaining data pertaining to content transmitted during a data transmission transaction, sending the data pertaining to the transmitted content to a copyright detection system, and receiving, from the copyright detection system, information indicating that at least a portion of the transmitted content corresponds to at least a portion of one of multiple registered works. The information also specifies one or more business rules associated with this registered work. The method further includes performing one or more actions with respect to the transmitted content, where the actions are defined by the business rules associated with the above registered work.03-19-2009
20090276861System and method for effectively performing data restore/migration procedures - A system and method for effectively supporting data transfer procedures includes a source device that registers with an account server to participate in a data backup service. The source device then encrypts and stores user data onto a datacenter. The source device later may request a data transfer task from a vendor. The datacenter responsively transfers the encrypted user data to a vendor server, and an escrow server generates and sends a temporary key to the vendor server. A destination device may then utilize the temporary key to decrypt and securely store the user data onto the destination device.11-05-2009
20090276860METHOD OF PROTECTING CONFIDENTIAL FILE AND CONFIDENTIAL FILE PROTECTING SYSTEM - There is provided a method of protecting confidential files to securely protect business confidential files in accordance with a security policy. In the method of protecting confidential files according to the present invention, information of a business application which is allowed to access confidential files is registered in a management server in advance and the registered application information is distributed to each client as needed. When the business application references confidential files, it is judged (application is authenticated) at the time of starting up the business application whether the business application is the application registered in advance in the server. Only when the application authentication is allowed, process information of the business application is registered in an I/O acquisition module. The I/O acquisition module allows only the process which is consistent with the registered process information to access confidential information, and rejects other processes.11-05-2009
20080209578Protecting system management mode (SMM) spaces against cache attacks - A computing system may comprise a processor and a memory controller hub coupled by an external bus such as the front side bus. The processor may also comprise a cache. The processor may operate in SMM and the memory coupled to the memory controller hub may comprise SMM spaces such as compatible, HSEG, and TSEG areas. A software-based attack may write malicious instructions into the cache at an address corresponding to the SMM spaces. The illegal processor memory accesses that occur entirely inside the processor caches due to the cache attack may be forced to occur on the external bus. The memory controller hub may be capable of handling the memory accesses occurring on the external bus thus, protecting the SMM spaces against cache attack.08-28-2008
20100138933DATA MANAGEMENT DEVICE, STORED DATA MANAGEMENT METHOD AND COMPUTER PROGRAM - Provided is a data management device for managing data recorded onto a readable and writable recording medium by an application that is verified based on a digital certificate. The recording medium has a plurality of areas and access to each area is restricted to a different application. The data management device includes an application authentication module, a mapping module, and a local storage display module. The application authentication module verifies that an application is an authentic application based on a digital certificate attached to the application. The mapping module associates, if the application is verified, an area accessible by the application with a subject name described in the digital certificate used for the verification. The local storage display module displays information regarding the area accessible by the application, with the use of the subject name associated with the area.06-03-2010
20090288174SOFTWARE CONTROL FLOW WATERMARKING - The present invention is a system and method of software control flow watermarking including the steps of obtaining a program for protection, generating at least one watermark value using a formula or process from an external file, and placing the at least one watermark value in CASE values of the program. The system and method may further include determining the at least one watermark value by a formula with at least one variable. The formula may also contain a variable from outside of the program. The system may also stop the program if the variable from outside of the program is incorrect.11-19-2009
20080263679STORING INFORMATION IN CLOSED COMPUTING DEVICES - Mechanisms for securely storing unsigned information in closed computing devices are disclosed. Unsigned media entities, such as independently developed games, can be stored in a closed computing device, such as a gaming console. The storing of media entities can include preventing any content, whether residing on the closed console or remotely, from accessing the unsigned media entities. In this aspect, unsigned media entities can be isolated from such content on a per unsigned media entity basis (the media entity being the unit of isolation). Moreover, the media entities can be stored in directory structures that logically isolate the unsigned media entities from any other content. The closed computing device can also use a directory structure to guarantee that a specified signed loader can load unsigned media entities. Once stored, the media entities can also be secured from tampering by using a unique hardware key associated with the closed computing device.10-23-2008
20100275272METHOD AND SYSTEM FOR PROVIDING LOCATION-OBSCURED MEDIA DELIVERY - One embodiment of the present invention enables delivery of “on-demand” high fidelity media content to computers via the Internet while restricting unauthorized users from directly retrieving media content from its source database. Once the computer receives the media, it is stored using hidden directories so that it may not be easily shared with others. Within the present embodiment, there are different functionality that are implemented in order to protect and monitor the media content source. For example, the actual address location of the media database is hidden from content recipients while its address directory is periodically change making past addresses obsolete. Additionally, an access key procedure and rate control restrictor may also be implemented to monitor and restrict suspicious media content requests. By implementing these and other functionality, the present embodiment restricts redistribution of delivered media content and provides a means for compensating owners of copyrighted media content.10-28-2010
20100287623METHOD FOR DISTRIBUTING A COMPUTER DATA STRUCTURE TO NODES OF A NETWORK - A method for spreading a computer data structure to nodes of a network is provided. The computer data structure has at least one interface for the interaction with the nodes of the network and useful data. After integrating the computer data structure into a first node, the useful data is installed on the first node of the network via the interface. The first node then detects at least one second node of the network. The computer data structure is then transmitted from the first node to the at least one second node. The useful data is then installed on the at least one second node via the interface. The above-mentioned steps carried out for the second node are repeated for a third, fourth etc. node; the third, fourth etc. node correspond to the second node, and the second node corresponds to the first node.11-11-2010
20090265794METHOD AND APPARATUS FOR ENABLING ACCESS TO CONTACT INFORMATION - A method, an apparatus and a processor readable medium for enabling access to contact information. The contact information for contacting a recipient may be accessed in accordance with a rights object.10-22-2009
20080282360ACTIVATION CODE SYSTEM AND METHOD FOR PREVENTING SOFTWARE PIRACY - A system and method for preventing piracy of a given software application limits the number of times that such software application is activated. A given software application must be activated in order to become fully functional. The user must provide a unique software identification code, relating to the specific software which the user is attempting to activate, to a remote provider. The remote provider determines the number of times that such specific software has already been activated, and provides an activation code to the user unless the number of activations exceeds a predetermined threshold. Once activated, the software becomes fully operational, and the user is allowed complete access to its functions.11-13-2008
20080235812Method for Licensing and/or Authorizing Access to Software Modules in a Switching Device - The invention relates to a switching device for which a license database is used in which the software modules and respective license information associated therewith are stored, and wherein a configuration of at least one of these software modules triggers an interaction between the license database and a computer-readable data carrier, thereby generating hardware characteristic information. Said hardware characteristic information and the license information of the at least one software module are transmitted by the switchboard computer via a communication link to a license manager. Said license manager generates a license confirmation information and retransmits the same to the switchboard computer. The license confirmation information in the switchboard computer decides on the authorization of the at least one software module.09-25-2008
20090328236COPYRIGHT DETECTION AND PROTECTION SYSTEM AND METHOD - A method for detecting against unauthorized transmission of digital works comprises the steps of maintaining a registry of information permitting identification of digital copyrighted works, monitoring a network for transmission of at least one packet-based digital signal, extracting at least one feature from the at least one digital signal, comparing the extracted at least one feature with registry information and applying business rules based on the comparison result.12-31-2009
20100275271Form Production System - The present invention relates to an on-line system for facilitating the production of forms, such as business cards, stationery, catalogues and generally any printed matter. Relatively permanent material for the production of forms is stored as a form structure in a computing system repository. The system receives copy information input by a user and combines it with the form structure to produce a finished artwork which is transmitted to a printery.10-28-2010
20120144502DIRECTORY SERVICE DISTRIBUTED PRODUCT ACTIVATION - In some embodiments, an activation object used to activate a software product is stored in a directory service. The activation object may, for example, comprise a proof of purchase token and/or information about the directory service, and may be communicated from the directory service to a client computer after the directory service authenticates a request from a client computer for access to the activation object. In some embodiments, a directory service is interrogated for an activation object used to activate software on a client computer. A client computer may, for example, receive an activation object from the interrogated directory service, and use the received activation to object to activate a software product on the client computer. In some embodiments, a non-transitory computer-readable medium has instructions stored thereon that, when executed by a computer, cause the computer to interrogate a directory service for an activation object used to activate software on the computer. The computer may, for example, receive the activation object from the directory service, and use the received activation object to activate a software product.06-07-2012
20080271163ACTIVE VERIFICATION OF BOOT FIRMWARE - Techniques are described for generating and actively verifying a boot code associated with a peripheral device of a computer system to prevent potential security threats the boot code may introduce into the computer system. The techniques for generating boot code entail generating the boot code from a high-level programming language using a verification application program interface (API). The API aids in generating a certificate, which is associated with the boot code in that the certificate describes operation of the boot code. After generating the boot code and associated certificate, the two are loaded onto a memory module of the peripheral device. Once the peripheral device is connected to the computer system, the computer system may retrieve the boot code and certificate. The computer system utilizes techniques to actively verify the boot code by performing a security check on the boot code in accordance with the associated certificate. Finally, the computer system executes the boot code based on a result of the security check.10-30-2008
20080271165PARAMETER-BASED INTERPRETATION OF DRM LICENSE POLICY - To enforce content access restrictions, a license associated with protected content is generated. This license may have at least one evolving parameter. That is, the parameter value may change; e.g., depending upon content access, copying, etc. For example, each successive generation of a license may have an incremented value in an evolving “generation” parameter. The license may also have evolving rules that describe different content access rules for different values in the evolving parameter10-30-2008
20080271164METHOD AND SYSTEM FOR ALLOWING NO CODE DOWNLOAD IN A CODE DOWNLOAD SCHEME - Aspects of a method and system for allowing no code download in a code download scheme are provided. A system-on-a-chip (SoC) may comprise a security processor, a ROM, and a one-time-programmable (OTP) memory. The security processor may enable fetching code from a restricted function portion of the ROM. The restricted functions may comprise code for booting up the SoC and code that prevents enabling security algorithms within the SoC. The security processor may then enable booting up of at least a portion of the SoC based on the fetched code. The remaining portion of the ROM may comprise code for downloading security code from an external memory, such as a FLASH memory, to an internal memory, such as a RAM, to boot up the SoC. Access to the restricted function portion or the remaining portion of the ROM is based on at least one bit from the OTP memory.10-30-2008
20120198569ASSOCIATED WITH ABNORMAL APPLICATION-SPECIFIC ACTIVITY MONITORING IN A COMPUTING NETWORK - Embodiments herein disclosed provide for computer network security and, more specifically, monitoring application-based access to secure data and monitoring predetermined actions conducted on applications to determine abnormal access or abnormal actions. Specific embodiments of the invention provide for improved database which implements time period-structured tables and file directories. Such structuring of the database provides for automated data purging, backing-up of data and data recovery. Additional embodiments provide for tracking data attributes related to the monitored data, such as the quality of the monitored data, the quality of the monitored data and the origin of the monitored data. In addition, embodiments provide for validating the source of the monitored data to assure that data is received from a valid application.08-02-2012
20130219522DATA PROCESSING METHOD AND DEVICE - A data processing method pertains to a step (E08-22-2013
20130219521MUSIC-CONTENT USING APPARATUS CAPABLE OF MANAGING COPYING OF MUSIC CONTENT, AND PROGRAM THEREFOR - When new music content is generated on the basis of replication of original music content, additional information including information indicating that the generated new music content is based on replication and replication source information identifying a replicated-from source of the replicated content is generated and added to the new music content based on the replication. When the new (i.e., replicated) music content is to be used, a search is made for original music content on the basis of information identifying a replicated-from source and use of the new (replicated) music content is permitted only when the c original music content has been successfully found. Such arrangements reliably allow the replicated content to be used by a given person only when the person possesses the original music content.08-22-2013
20090165148METHOD FOR AUTHENTICATING APPLICATIONS OF A COMPUTER SYSTEM - The invention relates to a method for authenticating applications of a computer system including: a microprocessor, a plurality of applications, a general operating system (OS2) which can execute and manage the applications and which can associate each application identifier (06-25-2009
20090144836DECODING/DECRYPTING BASED ON SECURITY SCORE - A security system provides a security score (06-04-2009
20090144837SYSTEMS AND METHODS FOR SOFTWARE APPLICATION CERTIFICATION SERVICE - An embodiment relates to a method of providing certification. The method includes providing for a software application and applying a set of certification metatags to the software application. The set of certification metatags configured to provide at least one parameter to become certified with the software application. The method also includes querying the set of certification metatags by a second application to determine whether the second application can be certified with the software application.06-04-2009
20090199304METHOD OF GENERATING VERIFICATION DATA - To prevent dissemination of content stored on a DVD-RW disc, CPRM is provided. However, this does not provide a watertight system. The invention proposes to arrange a stream to be recorded such that the input for verification data and therefore verification data is different for different authorisation levels. Various embodiments for implementing the invention are disclosed and comprise re-arranging data packs to be recorded and/or modifying data in data packets.08-06-2009
20120079609METHOD FOR ESTABLISHING A PLURALITY OF MODES OF OPERATION ON A MOBILE DEVICE - A method, device and system for establishing plural modes of operation on a mobile device, including: associating each application on the mobile device with one of a plurality of modes; and restricting access to data on the mobile device to only a subset of applications based on the mode associated for the each application. A system includes connection of an untrusted device to a trusted device and restricting data access for restricted data to a subset of trusted applications on the untrusted device.03-29-2012
20120079608SYSTEMS AND METHODS TO PROVIDE A SOFTWARE BENEFIT WHEN A CONSUMER OBJECT IS RECOGNIZED IN AN IMAGE - According to some embodiments, it may be recognized that a consumer has placed a consumer object, such as a toy or action figure, into a field of view of a camera (e.g., a video camera incorporated into a portable computer). A software benefit associated with the consumer object may then be automatically determined, and, responsive to the recognition and determination, it may be arranged for the consumer to receive that software benefit (e.g., in a virtual world).03-29-2012
20080263680Portable Electronic Entity Capable of Receiving Broadcast Multimedia Data Flow - A portable electronic entity includes a communication interface (10-23-2008
20090100531Latches-Links as Virtual Attachments in Documents - A system and method are disclosed for managing target documents referred to by referring documents. A user sends a delete request for a referring document from a user client computer to a master server computer. Next, the master server computer accesses and deletes the referring document, updates a counter for a target document hypertext linked to the referring document, and updates a database, which contained the deleted referring document. The master server computer then determines whether the count for the counter of the target document equals zero. If the counter for the referring document is not equal to zero, the master server computer sends a message to the user indicating that the referring document has been deleted and sends a message to the user asking whether the user wants to delete another referring document. If the user wants to delete another referring document the process goes back to the initial process step, and the user sends another delete request for a referring document. However, if the counter for the referring document equals zero, the master server computer sends a message to the user indicating that the referring document has been deleted and then sends a message to an author of the target document (author client) asking whether the author client wants to delete the target document. Automatic deletion of target documents is also disclosed. Further disclosed are systems and methods for viewing, creating, and providing security for target documents referred to in referring documents.04-16-2009
20120198571DIGITAL WORKS HAVING USAGE RIGHTS AND METHOD FOR CREATING THE SAME - Digital work adapted to be distributed within a system for controlling at least one of the distribution and use of digital works. The digital work includes digital content representing a portion of a digital work suitable for being rendered by a rendering device and usage rights associated with the digital content. The usage rights specify a manner of use indicating one or more stated purposes for which the digital work can be at least one of used and distributed by an authorized party.08-02-2012
20120198568Security Classification Applying Social Norming - An embodiment of the invention provides a method for security classification applying social norming. More specifically, content is received from a user via an interface; and, a data repository connected to the interface stores the content. A portal connected to the data repository identifies an attempt to access the content from a non-user. A program processor connected to the portal determines whether the content includes a security classification. When the content does not include a security classification, a communications module connected to the program processor sends an alert to the user. The alert includes a request to assign a security classification to the content. When the content includes a security classification, the communications module sends a message to the user, wherein the message includes a request to verify the security classification.08-02-2012
20100180349SYSTEM AND METHOD OF POLICY DRIVEN CONTENT DEVELOPMENT - A system and method for implementing a policy driven environment for the development of electronic content is provided. Such a policy driven system and method controlling the introduction of digital content into electronic content under development by monitoring the development environment for file alteration events and analyzing the file alteration event and associated metadata of the electronic content and externally introduced digital content with policy engines that address aspects such as copyright, licensing, source, file type, file length etc according to the policies established by the development organization. The system and method helping to protect the development organization by detecting policy breaches, determining the appropriate course of action, and implementing corrective actions.07-15-2010
20120131685Mobile Posture-based Policy, Remediation and Access Control for Enterprise Resources - A mobile device management system that monitors the security state of one or more mobile devices and sets indicators related to such security state. Enterprise network applications, such as an email application, can access the security state information when making access control decisions with respect to a given mobile device.05-24-2012
20110145934AUTONOMOUS DISTRIBUTED PROGRAMMABLE LOGIC FOR MONITORING AND SECURING ELECTRONIC SYSTEMS - Methods and apparatuses are described herein for securing a mission logic system using one or more distributed, independent programmable security logic blocks. The security logic blocks may monitor subsystems of the mission logic system and/or communication between subsystems. If the security logic blocks determine that the mission logic system is operating in an unauthorized manner, the security logic blocks may enforce a protection mechanism. The security logic blocks may include an interface for receiving communications from the subsystems, an analysis instrument for analyzing the communications, a transport instrument for routing communications from the interface to the analysis instrument, and a control instrument for enforcing the protection mechanism on the basis on an analysis performed by the analysis instrument.06-16-2011
20110145935INTERCONNECT DEVICE TO ENABLE COMPLIANCE WITH RIGHTS MANAGEMENT RESTRICTIONS - To help ensure that only authorized media content that is associated with rights management (RM) restrictions is delivered from a compliant RM interface of a source device to a non-compliant RM interface of a destination device, an interconnect device provides a compliant RM interface to connect to the source device and monitors media content received from the source device to detect an embedded digital watermark. The interconnect device takes the necessary steps to determine if the watermark is authentic and control delivery of the media content to the destination device accordingly. The interconnect device may go back to the source device or to a remote service to authenticate the watermark. If the watermark is authentic, the media content is passed by the interconnect device to the non-compliant interface of the destination device outside of normal RM restrictions. Otherwise, the delivery of the media content is restricted by the interconnect device.06-16-2011
20110145933SYSTEMS AND METHODS FOR SITUATIONAL APPLICATION DEVELOPMENT IN THE ENTERPRISE ENVIRONMENT - Embodiments of the invention broadly contemplate a situational application development framework that provides consumable software components that are accessed as services and monitored in a standardized fashion through a mediator service and thus suitable for use in a controlled development environment. At least one embodiment of the invention thus facilitates on the fly application creation using mashup makers in an enterprise setup.06-16-2011
20090276862CONTENT PROVIDING SYSTEM - When the portable reproduction device 11-05-2009
20080307533Content Distribution System, Distribution Server, Receiving Terminal, and Computer Readable Medium - A system and method for distributing content data and license information. A distribution server includes a transmitting section for transmitting the content data and the license information, including information regarding a time limit that indicates a period for reproducing the content data, to the one or more receiving terminals. The distribution server also includes a request receiving section for receiving, from the one or more receiving terminals, a request for the content data and a request for the license information a second time without the content data, wherein the request for the license information a second time is transmitted in response to a notice indicating the status of the license information.12-11-2008
20100162413Two Part Code - A graphically representable, machine readable code having first and second parts wherein the first part may be associated with data and a second part may be associated with the first part, such that a relationship between the parts, or lack thereof may be discerned by reading both parts of the code, in order to verify the authenticity of the code.06-24-2010
20100192234ACCESS RESTRICTED FILE AND ACCESS RESTRICTED FILE CREATING APPARATUS - Disclosed are an access restricted file and an restricted file creating apparatus for creating the access restricted file concerned, which makes it possible for an information processing apparatus to request a management server to determine whether the access right is present or absent. The apparatus includes a creating section to create the access restricted file that includes data, an accessing operation for which is restricted, and confirming destination information that represents the management server that confirms a presence or absence of the access right in regard to the operation for accessing the data. On the other hand, the access restricted file includes a program, being executable by a CPU of the information processing apparatus provided with a communicating function, to cause the CPU to perform a processing for requesting the management server, represented by the confirming destination information, to confirm the presence or absence of the access right.07-29-2010
20090205054PROCESS FOR PROTECTING STORED OPERATING DATA OF MACHINERY OR SIMILAR EQUIPMENT - A process is provided for protecting stored operating data of machinery or similar equipment. The operating data are stored by means of a computer system belonging to a control system or by means of a similar computer system belonging to the equipment and wherein the operating data are acquired continuously in the form of data sets and stored in a data storage medium for later analysis. A security code is generated with the storage of a data set from the currently stored operating data on the basis of parameters (k, l, m, n) of a preset determination rule and stored in the computer system. A comparison code is determined in at preset time intervals on the basis of the same determination rule from the operating data currently recorded in the data storage medium for verifying the operating data currently present in the data storage medium. The comparison code is compared with the security code generated originally, and a warning signal is generated or a protective action is triggered in a fourth step in case of a deviation between the comparison code and the security code generated originally.08-13-2009
20120198570Geo-Enabled Access Control - Aspects described herein provide methods and systems that monitor mobile data processing devices used for remote access to a computer network or system, and allowing or preventing access to the computer system or network based at least in part on a determined geographical location of the mobile device. Different datasets stored on the network or system might have different geographical limitations associated with each. Different users also might have different geographic access limitations for the same dataset. User location may be based on GPS information associated with the device from which the user is attempting access, based on Wi-Fi, triangulation, or the like, or may be based on a photograph taken by the remote access device contemporaneously with the access request.08-02-2012
20100235925METHOD FOR EXECUTING DIGITAL RIGHT MANAGEMENT AND TRACKING USING CHARACTERISTIC OF VIRUS AND SYSTEM FOR EXECUTING THE METHOD - A method of performing Digital Rights Management (DRM) and tracking using a virus characteristic and a system for executing the method are provided. The method of performing DRM and tracking with respect to a digital content, includes the steps of: providing a DRM code to the digital content in a DRM system, wherein the DRM code includes a virus characteristic; and performing the DRM and tracking with respect to the digital content, based on DRM information, wherein the DRM information is generated based on the DRM code.09-16-2010
20100251389LICENSE REGISTRATION DEVICE THAT REGISTERS LICENSE FOR USE OF PROGRAM ON DATA PROCESSING DEVICE - A storage medium storing a set of program instructions that becomes executable on a data processing device if license information is input to the data processing device within a limiting period set for the license information. The license information is provided by a license registration device after registration of a license for use of the program instructions on the data processing device. The instructions includes storing time information in association with the license information, the time information indicating a cancelable time that arrives at or after an expiration time of the limiting period, accepting input of a disabling command, disabling use of the program instructions, and providing, if the cancelable time has arrived and if the disabling command has been accepted, license cancel information necessary for canceling the license.09-30-2010
20100138934INFORMATION PROCESSOR - An information processor for controlling a storage device for storing content information, includes: a controller for receiving content information from the exterior and storing the content information in the storage device; and a generator for generating unique information that is unique to combination of the content information and the information processor through an operation of identification information of the content information and the information processor; wherein when the controller receives content information, the controller checks whether the content information includes information matching with the unique information and upon confirmation of both the information allows the content information to be stored in the storage device.06-03-2010
20130219520SYSTEMS AND METHODS FOR CONTROLLING RIGHTS ASSOCIATED WITH A PRODUCT - Controlling rights associated with a product is described, including receiving, from a source, a first code of a media product, the first code is unique to the media product; authorizing the media product based on the first code and information about the source; receiving, from another source, the first code and a second code of media the product, the second code is unique to the media product; determining whether the first code is authorized; if the first code is authorized, identifying an encryption key for the media product based on the second code, and transmitting the encryption key to the second source, the encryption key enables access to content of the media product08-22-2013
20130219524System and/or Method for Distributing Media Content - The subject matter disclosed herein relates to distribution of media content.08-22-2013
20110067117EQUIPMENT MANAGING SYSTEM, EQUIPMENT MANAGING METHOD, AND COMPUTER-READABLE STORAGE MEDIUM - An equipment managing system includes an intermediating apparatus and an equipment managing apparatus. The intermediating apparatus is connected to a license management apparatus and a program management apparatus via a network. The equipment managing apparatus is connected to an electronic equipment via a network. The intermediating apparatus stores a program acquired from the program management apparatus and a license file acquired from the license management apparatus to an external storage medium. The equipment managing apparatus sends the program and the license file recorded in the external storage medium to the electronic equipment.03-17-2011
20090307783DATA PROCESSING DEVICE, METHOD, PROGRAM, INTEGRATED CIRCUIT, AND PROGRAM GENERATING DEVICE - A data processing apparatus controls execution of debugging of a program performed by a debugger. The program includes a verification value used for judgment on whether to permit the debugging, and an access control list that shows whether to permit an access to each of parts constituting the program. The data processing apparatus acquires a debugger ID of the debugger from the debugger, and the verification value and the access control list included in the program. The data processing apparatus judges whether to permit the debugging, according to the result of comparison between the debugger ID and the verification value. The data processing apparatus permits an access to a part of the program to be debugged when the access control list shows that the access is permitted. The data processing apparatus does not permit the access to the part when the access control list shows that the access is not permitted.12-10-2009
20100223676Device And Method For Publishing Multimedia Contents By Rendering Them Accessible To The Public - The device for publishing multimedia contents by rendering them accessibility to the public comprises an electronic processor connected to publication units for multimedia contents. The electronic processor carries stored in its memory the multimedia contents to be published, and information relative to the dates and times of publication. The processor supports control software for controlling the publication of the multimedia contents via the publication unit on the set dates and times; first communication software for downloading online the information relative to the dates and times of publication; and second communication software for downloading online said multimedia contents to be published and/or their updating. The method enables publication of the multimedia contents via the publication unit on the set dates and times to be automatically commanded.09-02-2010
20100223675CERTIFICATE BASED DISTRIBUTED POLICY ENFORCEMENT - An apparatus and a method for a certificate-based distributed policy system is described. A policy server receives over a communication channel a data structure associated with an object to be managed across a communication boundary between a client and the policy server. The policy server generates an object certificate upon validation of the object and validation of an initiator of the object. The data structure includes a serialized representation of public properties of the object, a hash of the object in a canonical serialized form, and a signature of the public properties and hash using the initiator's private key.09-02-2010
20080263678Path Protection - A software configuration management system receives a request to prevent code change to code within a filesystem path. The system also receives parameters for a trigger-based rule to protect code within the filesystem path against changes. Metadata for the trigger-based rule is extracted and dumped into a file. The file is replicated to a server. When the server receives a submission to change code within the filesystem path, the server compares the submission against the metadata in the replicated file. The submission is denied based at least in part on the trigger-based rule with which the metadata in the replicated file is associated.10-23-2008
20100293621METHOD AND APPARATUS FOR IDENTIFYING AND CHARACTERIZING ERRANT ELECTRONIC FILES - A computer system includes a server having a memory connected thereto. The server is adapted to be connected to a network to permit remote storage and retrieval of data files from the memory. A file identification application is operative with the server to identify errant files stored in the memory. The file identification application provides the functions of: (1) selecting a file stored in said memory; (2) generating a unique checksum corresponding to the stored fire; (3) comparing said unique checksum to each of a plurality of previously generated checksums, wherein the plurality of previously generated checksums correspond to known errant files; and (4) marking the file for deletion from the memory if the unique checksum matches one of the plurality of previously generated checksums.11-18-2010
20110113493SOFTWARE LICENSE MANAGEMENT IMPACT ANALYSIS - A computer implemented method, program product, and system for managing software licenses is presented. A licensing management logic executes an initial reconciliation run for an initial system. The licensing management logic detects a change to an initial subunit to create a changed subunit, and executes an impact analysis for the changed subunit. The licensing management logic identifies a subunit reconciliation section from the initial reconciliation run, and executes a subunit reconciliation run for the changed subunit to create a changed subunit reconciliation report. The licensing management logic replaces the initial subunit reconciliation report with the changed subunit reconciliation report to create an updated reconciliation report for a changed system.05-12-2011
20100313277METHOD FOR MANAGING ACCESS RIGHTS IN A SMART CARD - A method of managing access rights in a smart card, to subordinating execution of a command (Cmd12-09-2010
20110010779INFORMATION PROCESSING APPARATUS, SYSTEM MANAGEMENT METHOD, AND RECORDING MEDIUM - In an information processing apparatus, software is installed to build a system providing a predetermined function. The information processing apparatus includes a generating unit configured to generate system identification information for identifying the system built by installing the software, the system identification information being generated from authentication information obtained by performing license authentication on the software; and a registering unit configured to send the system identification information generated by the generating unit to a management device that manages a plurality of the systems via a predetermined data transmission line, to register the system identification information in the management device as management information.01-13-2011
20110010778STANDALONE SOLUTION FOR SERIAL COPY MANAGEMENT SYSTEM (SCMS) COMPLIANCE - Standalone serial copy management system (SCMS) compliance with respect to distributing and receiving protected digital media is disclosed. In general, when a digital media file is selected for transfer or reception between a computing system and another device, serial copy management system copy/playback information for the digital media file is accessed. If the serial copy management system copy/playback information comprises unrestricted copy/playback information the SCMS may utilize a common transfer pathway for the transfer or reception. However, if the serial copy management system copy/playback information comprises controlled copy/playback information the SCMS utilizes a new pathway distinct from said common transfer pathway for the transfer or reception of digital media, providing complete copyright protection from point of entry. In so doing, standalone SCMS compliance uses technological measures that effectively control access to the copyright protected work, as described in 17 U.S.C. sections 1201, 1202 and 1001.01-13-2011
20110041189SYSTEM AND METHOD TO PROVIDE A USER-GENERATED IMAGE GALLERY - In various exemplary embodiments, a system and an associated method to provide a user-generated image gallery is provided. Initially, a product category of a product infrastructure associated with an item represented by an image is determined. A new product category may be generated based on a determination that the product category is not adequately associated with the item represented by the image. Subsequently, an upload of the image is received from the user. The uploaded image may then be stored whereby the uploaded image is associated with the user and the product category or the new product category is based on the determination.02-17-2011
20110131666VEHICLE DATA STORAGE SYSTEM, VEHICLE DATA STORAGE APPARATUS, VEHICLE DATA STORAGE SERVER, AND VEHICLE DATA STORAGE METHOD - A vehicle data storage system, in which vehicle data obtained from a vehicle-mounted device is stored, includes a vehicle data storage portion in which the vehicle data is stored; a country determination portion that determines a country in which a vehicle exists, based on position data of the vehicle; a selection table storage portion in which a type of the vehicle data that should be stored in the vehicle data storage portion is stored in association with country data; a data determination portion that determines the type of the vehicle data that should be stored in the vehicle data storage portion, based on the country determined by the country determination portion, by referring to the selection table storage portion; and a data processing portion that stores, in the vehicle data storage portion, the vehicle data determined by the data determination portion.06-02-2011
20110247085ELECTRONIC DEVICE AND METHOD OF PROTECTING SOFTWARE - In an electronic device and method of protecting software, a software program of the electronic device is invoked. The media access control (MAC) address of the electronic device and a serial number of a hard disk drive that stores the software program in the electronic device are searched. The MAC address and the serial number are compared with MAC addresses and serial numbers included in the software program, to determinate whether it is licensed to run the software program in the electronic device. Usage logs of the software program are further obtained to determine whether running of the software program in the electronic device is expired.10-06-2011
20110247084METHOD AND APPARATUS FOR AUTHORIZING DELIVERY OF STREAMING VIDEO TO LICENSED VIEWERS - Licensed access to selected videos is provided by a licensing service organization that obtains licenses from video content providers and combines these licenses into a new license for selected videos for a licensee organization. Administrators at the licensee organization then obtain a video authorization key for each video selection from the licensing service organization and embed those keys into web pages that are accessible via an intranet. Navigating to a web page for that selection from a computer connected to the intranet causes a viewing request that includes the embedded video authorization key and an IP address of the computer to be sent to a server at the licensing service organization. The server uses the incoming information to determine whether the request is from a predetermined intranet computer and if so to determine whether the request can be granted based on the new license conditions.10-06-2011
20100223677DIGITAL CONTENT LICENSING METHOD - Disclosed herein is a method of licensing the use of digital content on a digital content execution device including providing a total number of licensed tokens from a licensed token pool for executing digital executable content on the digital content execution device, assigning a number of tokens to each distinct digital executable content, controlling use of the total licensed tokens provided to the digital content execution device by a license manager separate from and in communication with the digital content execution device and in response to a request to execute digital content on the digital content execution device, the license manager allowing execution of the requested digital content on the digital content execution device through the allocation of the number of tokens assigned to the digital content from the licensed token pool.09-02-2010
20090313706METHOD AND SYSTEM FOR DETECTING WHEN AN OUTGOING COMMUNICATION CONTAINS CERTAIN CONTENT - A method and system for detecting whether an outgoing communication contains confidential information or other target information is provided. The detection system is provided with a collection of documents that contain confidential information, referred to as “confidential documents.” When the detection system is provided with an outgoing communication, it compares the content of the outgoing communication to the content of the confidential documents. If the outgoing communication contains confidential information, then the detection system may prevent the outgoing communication from being sent outside the organization. The detection system detects confidential information based on the similarity between the content of an outgoing communication and the content of confidential documents that are known to contain confidential information.12-17-2009
20100132053INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD AND PROGRAM - An illegal use of a privileged instruction and a library function by an application process is prevented. A concept of “security gate” is provided, and an instruction is located at a head of the library function in a high-reliability memory area which is not easy changed such as a ROM, to request a security gate entry to an OS. An instruction is located at the last of the library function to request a security gate exit to the OS. The security level is changed to a higher level and a privileged instruction is allowed to be executed, only when the application process in a security gate entry state.05-27-2010
20120036585METHOD AND SYSTEM OF DETERRING UNAUTHORIZED USE OF MEDIA CONTENT BY DEGRADING THE CONTENTS WAVEFORM - In one embodiment, the present invention pertains to a method and system for deterring unauthorized use of media content in a computing system and network. In one embodiment, the invention comprises detecting an unauthorized use of the media content in a computing system or network, the media content having a characteristic digital waveform format and an associated indicator for indicating to a compliance mechanism an unauthorized use of the media content. On detecting an unauthorized use of the media content, the media content characteristic digital waveform format is degraded. In this embodiment of the invention, unauthorized use is non-compliance with a use restriction applicable to the presentation of the media content in the computing system or network. In accordance with this embodiment of the invention, the media content is rendered incomprehensible to an unauthorized user experiencing the media content, thereby likely deterring further unauthorized use of the media.02-09-2012
20090031431DYNAMIC MEDIA ZONES SYSTEMS AND METHODS - Systems and methods are described for applying digital rights management techniques to manage zones in electronic content. In one embodiment, zones are defined in a piece of electronic content, and a license is associated with the electronic content that indicates how the zones are to be accessed or otherwise used. A digital rights management engine governs access to or other use of the zoned content in accordance with the license.01-29-2009
20100263060Method and System for Generating Trusted Security Labels for Electronic Documents - A method and system for generating trusted security labels in electronic documents is disclosed. The method comprises determining parts of the document to be cryptographically bound to the security label and hashing them; hashing the security label; specifying any necessary policies as signable signature properties; and digitally signing the collection of these items. The resulting security label is trusted, because it is digitally signed and its digital signature also covers the parts of the document to be protected, thus allowing any tampering of the security label or the covered parts of the document to be detectable. A corresponding system for generating trusted security labels is also provided.10-14-2010
20090199305CONTROLLING DISTRIBUTION OF DIGITAL CONTENT - A method of controlling distribution of digital content (08-06-2009
20090222930SYSTEM AND METHOD FOR MULTIMEDIA DATA VALIDATION - There is disclosed a media file distribution system and method. An asset management and delivery system and method for the distribution of digital files and data is provided. There are two major functions, with sub-functions within each. The system first serves as a fully automated management system for a company involved in video/file distribution, such as in video on demand (VOD) or other digital file industries. The system can ingest, prepare, schedule, transmit, track and report on any aspect of the business chain. Secondly, it also serves as a product for both content providers and recipients to be able to view, manage and run their entire content offering remotely from anywhere through the Internet.09-03-2009
20090313705SECURITY MEASURES FOR COUNTERING UNAUTHORIZED DECRYPTION - After a predetermined limit for decryption attempts has been exceeded by a user attempting to decrypt an encrypted electronic message or attempting to decrypt a encrypted electronic certificate associated with an electronic message, access to the electronic message may be restricted.12-17-2009
20090217386Stateless challenge-response broadcast protocol - A broadcast stateless protocol by which a client broadcasts a request to a server group is described. In one embodiment, the client broadcasts the request to a server group. A tamper-evident challenge including the request is received from any one server of the server group. A response to the tamper-evident challenge is broadcast to any one server of the server group, the response including the request. A result to the request is received upon any one server of the server group verifying the response being valid and the request being unmodified.08-27-2009
20100058487COPYRIGHT PROTECTION DATA PROCESSING SYSTEM AND REPRODUCTION DEVICE - If playback devices are prohibited from playing back contents recorded in R media, there occurs a problem that it takes more time to manufacture commercial ROM media. Conversely, if playback devices are permitted to play back contents recorded in R media, there occurs a problem that copyrights might be infringed. In view of these, the aim of the present invention is to provide a content protection data processing system and a playback device capable of determine whether to permit playback of a content recorded in a recording medium, based on a medium type of the recording medium and a signature type of a signature attached to a program. This enables both the protection of the copyright of the content and the efficient manufacturing of commercial ROM media.03-04-2010
20110078802DISPLAY DEVICE, DRIVE RECORDER, DISPLAY METHOD AND COMPUTER-READABLE MEDIUM - A display device displays data recorded in a portable recording medium by a drive recorder on a display unit. A code recording unit records a security code in the recording medium in which data is recorded by the drive recorder. A nonvolatile storage device stores a security code which is the same as the security code for use at the time of recording in the recording medium. A code acquisition unit acquires the security code from recorded contents of the recording medium in which the data is recorded by the drive recorder. A code authentication unit enables the display unit to display the data recorded in the recording medium when the security code acquired from the recording medium coincides with the security code stored in the storage device.03-31-2011
20110099643Automated Privacy Enforcement - A system and method of protecting the privacy of data is presented. The system and method may include receiving data from a data warehouse and determining an access level for each data element received. The access value may be based on the assigned business purpose of the user attempting to access the data. If a user with an assigned business purpose is authorized to access the data then access will be given, if not, access to the data will be denied. In some examples, the requesting user may request to override the security settings in order to obtain access to the data.04-28-2011
20120304316Validating Access to a Group of Related Elements - A method and system for validating access to a group of related elements are described. The elements within the group access a security context associated with a markup domain when a call is made to an element. An authorized call to an element is enabled such that the markup domain is navigated to a new web page. However, an unauthorized call is prevented so that the navigation to the new web page is not permitted. After the markup domain has been navigated, the security context associated with the markup domain is invalidated. A new security context is generated and associated with the markup domain. The elements associated with the web page navigated from are inaccessible after navigation of the markup domain to the new page. The association of the new security context with the markup domain prevents an unauthorized user from accessing any element that references the previous security context.11-29-2012
20120304315METHOD AND APPARATUS FOR MANAGING DIGITAL RIGHTS OF SECURE REMOVABLE MEDIA - A terminal for managing digital rights of a memory card inserted into the terminal and has a processor and a memory, the digital rights allowing the terminal to access digital contents. The terminal includes a processor configured to manage a digital rights and to exchange information with the memory card, the information including a terminal ID and a memory card ID; perform a mutual authentication procedure with the memory card; receive, from a contents provider, a trigger message which indicates to the terminal that a digital rights for the memory card is prepared in the contents provider; if a parameter included in the trigger message does not indicate the memory card, perform a procedure for obtaining a digital rights for the terminal; and if a parameter included in the trigger message indicates the memory card, perform a procedure for requesting a digital rights for the memory card.11-29-2012
20110258709METHOD, SYSTEM AND SIMULATION ANALYSIS MODEL FOR DATA PROCESSING - The method of the invention for preprocessing data before providing the data to a user of the data for further processing the data at the user of the data, comprising the steps of (a) selecting, by the data provider, at least one part of the data from the entire data to be provided to the user for further processing, depending on at least one give criterion which the user fulfils; (b) hiding the selected data such that despite being hidden from the user, the selected data can be further processed and/or executed after the provision.10-20-2011
20110061112SYSTEM AND METHOD FOR ENFORCING DATA ENCRYPTION ON REMOVABLE MEDIA DEVICES - A system and method of enforcing encryption of information is provided. An information or content parameters list may be associated with a repository of information and may be updated to reflect information stored in said repository. A hash parameter may be computed and may further be used to validate integrity of information stored in the repository. At least one parameter identifying an entity storing information from said repository on a designated device may be used in order to determine that the entity is storing information obtained from said repository. Other embodiments are described and claimed.03-10-2011
20100077488DATA TRANSMISSION APPARATUS, DATA RECEPTION APPARATUS, AND DATA TRANSMISSION AND RECEPTION SYSTEM - A data transmission and reception system and the like are provided, which are capable of preventing: unauthorized copying between a server and a client; and unnecessary use limit when a copyright constraint is conformed. A server generates and manages overall use permission information indicating that the overall data accumulated in the server can be used and distributes the overall use permission information together with copied data to the client determined to exist within a private use range. The client manages the overall use permission information and the data received from the server in such a manner associated with each other and enables use of the data received from the server only when the overall use permission information is valid. When the client moves only within the private use range, the server continuously manages the overall use permission information so as to enables use of the copied data. Meanwhile, use of the copied data in the client which has moved out of the private use range is inhibited.03-25-2010
20110162089Method and System for Policy Driven Data Disclosure - A method, system and computer-usable medium are disclosed for controlling access to attribute information. A request is received from an application for attribute information. An attribute release policy associated with the requesting application is used to filter attributes stored in a datastore. The filtered attributes are then provided to the requesting application.06-30-2011
20110162090APPARATUS, METHOD AND SYSTEM FOR BROADCAST CONTENT EXPIRATION - An apparatus, method, and system for a Media Expiration System (MES) that improves upon current content control systems by better managing media recordings. The MES enables media owners to disable recordings of their broadcast content and/or advertising, locally, after the content has been recorded by a consumer. In one embodiment, the MES places expiration stamps into broadcast media as it is recorded by a consumer electronics device. The MES tracks viewing habits, enables the purchasing of extended views of programs, and removes expired media programming content. The manner and way in which this is achieved results in the expiration of stale media content.06-30-2011
20090151008Media markup system for content alteration in derivative works - A classification method and system for possible content alteration of a media work may include criteria regarding content that is feasible for alteration. Such criteria may be maintained in records that are accessible to an interested party. Some embodiments may include a record of primary authorization rights applicable to a possible content alteration. A further embodiment feature may include a record of secondary authorization rights applicable to substitute altered content incorporated in a derivative version. Various exemplary identifier markup schemes indicative of a location or category of an alterable media content component may be implemented for audio, visual, and audio/video alterable content.06-11-2009
20090126028Securing electronic control unit code - Methods and systems are provided for securing electronic control unit code. In one implementation, a method is provided. According to the method, an order for the program code may be transmitted to a developer. The order may include specifications and an authentication key. The method may further include receiving the program code and the authentication certification from the developer and verifying the authentication certificate to determine whether the developer was an authorized source of the program code. The method may generate metadata identifying the authorized source of the program code and embed the metadata in the program code.05-14-2009
20120311727SYSTEM AND METHOD FOR CONTROLLING THE USE OF A DIGITAL WORK IN ACCORDANCE WITH USAGE RIGHTS ASSOCIATED WITH THE DIGITAL WORK - Methods, apparatus, and media for controlling the use of a digital work in accordance with usage rights associated with the digital work. An exemplary server-side method comprises storing a description file associated with a content file of a digital work, the description file including usage rights for the content file, the usage rights indicating a permitted use for the content file of the digital work, communicating with a rendering device, receiving a request to render the content of the digital work originating from the rendering device, processing the request to render including enforcing the usage rights by granting or rejecting the request to render in accordance with the usage rights, and performing closing transaction steps upon detecting that the rendering device has finished rendering the content of the digital work.12-06-2012
20100251390ELECTRONIC CAMERA, STORAGE MEDIUM, AND DATA TRANSFER METHOD - Image data obtained by photographing an object using a camera is stored in a storage medium that can be attached to and detached from the camera. The camera includes a device program storage unit and an information writing unit. A device program that can be executed by an information processing device, which is different to the camera, is stored in the device program storage unit. The information writing unit is constituted to be capable of writing the device program to the storage medium attached to the camera. While writing the device program to the storage medium, the information writing unit writes the device program in a format enabling the information processing device to read and execute the device program automatically when the storage medium is attached to the information processing device.09-30-2010
20110138486Methods and Apparatus for Secure Distribution of Protected Content - Systems and techniques for protection and delivery of content. Upon initiation of a user account for use in conducting transactions involving delivery of content to a user, digital rights management (DRM) information is created and stored in association with user information. A copy of the DRM information is provided to or made accessible to the user in such a way that the DRM information can made accessible to a suitable playback device to allow playing of content protected with the DRM information. When a user enters into a transaction to receive content, the DRM information associated with the user is used to protect the content before delivery to the user. When the user wishes to play the content, the removable media device storing the user's DRM information must be present in order to allow playing of the content.06-09-2011
20110138485MONITOR METHOD AND MONITOR APPARATUS FOR MONITORING DATA OF HARDWARE - A monitor method and a monitor apparatus for monitoring a data of hardware are provided. The data has private information, identification information and at least one first network transmission address. The monitor apparatus comprises a storage unit and a processing unit. The data is stored in the storage unit according to the identification information. The processing unit is configured to record the identification information and the at least one first network transmission address of the data in a mark information table. In response to a sending system call, when a transmission is arranged to transmit the private information of the data to a second network transmission address which is different from the at least one first network transmission address, the processing unit will output a signal to cease the transmission.06-09-2011
20100115631SYSTEM AND METHOD FOR PLAYING CONTENT ON CERTIFIED DEVICES - Systems and methods of ensuring a predetermined quality of playback of media content are provided. The predetermined quality is determined by an encoder placing a passive flag or data field within a media file having a predetermined quality. The contents of the media file in which the passive flag or data field is located is not encrypted or designated within a particular standard. A decoder plays the media content within the media file upon detection of the passive flag or data field or in accordance with a value within the passive flag or data field and the certification of the device.05-06-2010
20100115629METHOD FOR OPERATING A NETWORK AS WELL AS A LOCAL NETWORK AND NETWORK COMPONENT - The invention relates to a method for operating a network as well as a local network comprising network components and to network components, in particular of a home network, where a functional command is generated, which is configured to execute an assigned function in a network station, wherein a user identification, which is derived from the collected user data, is assigned to the functional command, the assigned user identification is evaluated in the network station in response to executing the functional command and the functional command is executed when, in response to the evaluation of the corresponding user identification, it is established that the functional command is approved in connection with the assigned user identification.05-06-2010
20110185438REGULATOR OF COMMANDS WHICH ARE DESTINED FOR A SENSITIVE APPLICATION - The present invention describes a method and a software module making it possible to secure communications with a sensitive application, for which exchanges with the outside have been delegated to a so-called interfacing application. Accordingly, the present invention describes the application of security rules to all or some of the commands destined for this sensitive application.07-28-2011
20090205053Confidential information protection system and method - Efficient and effective permission confidential information protection systems and methods are described. The secure information protection systems and methods facilitate storage of confidential information in a manner safe from rogue software access. In one embodiment, a confidential information protection method is implemented in hardware and facilitates protection against software and/or Operating System hacks. In one exemplary implementation, a confidential information protection method includes setting a permission sticky bit flag to a default state upon system set up. The permission sticky bit flag access permission indication is adjusted at system reset in accordance with an initial application instruction. Access to the confidential information is restricted in accordance with the permission sticky bit and the permission sticky bit is protected from adjustments attempting to violate the permission indication. For example, another software application can not access or alter confidential information (e.g., an encryption key, initialization vector, etc.) if a permission sticky bit is designated as the highest security rating (e.g., disabling read permission and write permission until system reset).08-13-2009
20110265190SYSTEM AND METHOD FOR PROCESSING SIGNATURE-VERIFICATION OPERATION - A system and method for processing a signature-verification operation, includes storing configured categories of signature-verification files and elements with respect thereto, wherein the elements each include at least a signature-verification level and relevant data corresponding thereto; retrieving from the stored signature-verification files and elements a signature-verification file and element corresponding to a request for a signature-verification operation; and executing the signature-verification operation on the signature-verification file according to the retrieved element.10-27-2011
20120042396Methods and Systems for Mobile Device Security - A method of securing a mobile wireless telecommunication device to restrict access to data stored in the device. The method including registering the device with a network-based server associated with a given user. In the event that the user wishes to restrict access to data stored on the device when the user does not have access to the device, but has access to an alternative communication device, the user is authenticated, via said alternative communication device, to an IP Multimedia Subsystem (IMS) network and, on the basis of such authentication, the user is allowed to access the server and send to the server an instruction to lock the mobile wireless telecommunication device.02-16-2012
20120042395SYSTEMS AND METHODS FOR SECURE AGENT INFORMATION - Semantic information may be secured by an agent using one or more semantic security labels (e.g., security predicates). The agent may be configured to allow other agents to access the semantic information according to a set of semantically expressed policies, strategies, and/or rules. A request to receive information may be mapped to a negotiation policy of the agent. The agent may evaluate the request against a semantic information sharing policy. If the information is accessible under the information sharing policy, the information may be provided. If not, the agent may negotiate information sharing terms using the negotiation ontology, strategy, and rules. Similarly, the agent may request information from other entities. Terms of the information requests may be negotiated using the negotiation ontology, strategy, and rules.02-16-2012
20120005762SYSTEM AND METHOD FOR RENDERING CONTENT ASSOCIATED WITH A DIGITAL WORK - A method, system and software for permitting use of digital works having rights associated therewith in a system having repositories configured to enable use of the digital work in accordance with the rights, including associating a transfer right with a digital work, the transfer right specifying that the digital work is transferred from a first repository to a second repository; transferring the digital work from the first repository to the second repository in accordance with the transfer right; and in response to the transferring, step updating transfer right information in respect of the digital work.01-05-2012
20120011596SYSTEM AND METHOD OF PROTECTING DIGITAL MEDIA CONTENTS - A system and method of protecting digital media contents, which maintain compatibility with an existing system and block any attempt to illegally use the digital media contents having various formats, and which reduce a system load and maximize a possibility of reusing the digital media contents. The system includes a packager for analyzing a format of contents and encoding at least a portion of a data region located in a payload of the contents, and for generating encoded contents by inserting encoding information including at least one of an encoding key value and contents information into the contents; and a digital rights management (DRM) server for receiving a request for a license and the encoding information from an external device which receives the encoded contents, for confirming the encoding information and then generating a license which is used to decode the encoded contents, and for providing the generated license to the external device.01-12-2012
20120017287SYSTEM AND METHOD FOR PROVIDING INFORMATION ACCESS ON A PORTABLE DEVICE - A system and method of providing information stored in a memory is provided. The system comprises an information repository for storing information and an access module for providing access to the information in response to a predetermined operation performed on a man-machine interface. The method includes the steps of storing information in a memory and providing access to the information in dependence upon at least one predetermined operation.01-19-2012
20120023597MAGNETICALLY-IMPLEMENTED SECURITY DEVICES - Security devices and methods of securely coupling electronic devices and peripherals are provided. In one embodiment, a peripheral has a first coded magnet on a first surface of a first device. The first coded magnet has at least two different polarity regions on the first surface. A second coded magnet on a second surface of a second device is also provided. The first coded magnet is configured to securely provide data to a device associated with the second coded magnet, if the first and second coded magnets' patterns are keyed to one another.01-26-2012
20120072998Electronic Meeting Management System For Mobile Wireless Devices - A device management system includes a meeting support system that is configured to generate and transmit a plurality of electronic meeting invitations to a plurality of mobile wireless devices that correspond to a plurality of meeting participants and receive responses indicating whether the plurality of participants will attend the electronic meeting. The device management system receives identification data that identifies one or more documents or information that will be made available to the plurality of participants. The meeting support system determines whether the plurality of participants is authorized to access the one or more electronic documents or information. If any of the participants are not authorized to access any of the electronic documents or information, the meeting support system notifies the meeting organizer. The device management system may also include a meeting session management system that is configured to share information among the plurality of mobile wireless devices.03-22-2012
20120072999SYSTEM AND METHOD OF PROCESSING DOCUMENTS PROTECTED UNDER A DIGITAL RIGHTS MANAGEMENT SCHEME - A method of processing a document having digital rights management privileges may include receiving a document to be processed according a workflow. The received document may be associated with a license including one or more digital rights management (DRM) privileges. The method may include identifying one or more document production operations associated with the workflow and for each document production operation, determining whether the document production operation violates any of the DRM privileges associated with the document, in response to the document production operation violating one or more of the DRM privileges, assigning a first status to the document production operation, and in response to the document production operation not violating one or more of the DRM privileges, assigning a second status to the document production operation. The method may include automatically causing only document production operations to which the second status is assigned to be performed on the document.03-22-2012
20120079610CONTENT MANAGEMENT PROGRAM, METHOD AND DEVICE - An encrypted content and its encryption key under a copy right use condition of prohibiting a copy by the device having received a content are stored, and the encrypted content is copy-transferred with another device through the network, and at the same time, the encryption key is transferred through the network, so that it is stored in either one of the devices.03-29-2012
20110107437SYSTEM FOR PROVIDING MOBILE DATA SECURITY - A system transfers applications and datasets (files) from a server to a client device and assigns to each file a lease key that will expire at a specified time. A file cannot be accessed unless its lease key is validated. Upon expiration of a lease key, the client device will connect to the server to determine if the lease key may be renewed. If the lease key may be renewed, a new lease key is created and access to the associated application or dataset is restored. If the lease key may not be renewed, the file may be deleted or rendered inaccessible. If rendered inaccessible, the file may be restored in the future without having to re-transmit it from the server to the client device. The server may also revoke a lease key before it expires.05-05-2011
20100095384Realest Invention - The new process (invention) named the realest invention is a new process in which information is stored on the computer. Information is stored in bulk at a policing agency. What this policing agency does is store drivers license, birth certificate and social security and others of this like. This enables for added security to the theft of music and movies on the internet. What the policing agency does is check to make sure that every thing is legate on the website individual is putting on the internet. Majority of times people use credit card and check and a thorough check can be done to make sure every thing matches on the website that they are putting on the internet.04-15-2010
20090133132Secure Authoring and Execution of User-Entered Database Programming - A secure framework for authoring and execution of user-entered database scripts, rules, procedures and other forms of programming is provided. A performance management application is used as an interface between a client data modeling, manipulation or analysis application and one or more data sources or analysis services to prevent malicious or inadvertent implementation of harmful, damaging and/or unauthorized new or modified scripts, rules, procedures or other forms of programming to one or more data sources or data analysis/manipulation services that may be used for retrieving, storing, modifying or using data contained in or affected by the one or more data sources or data analysis/manipulation services.05-21-2009
20120222138Methods, Systems & Products for Distributing Digital Content - Methods, systems, and products distribute digital content based on digital rights license. A digital file may be fragmented into a plurality of unusable fragments. Each unusable fragment is separately unusable. Each unusable fragment may be tagged with a tag to generate tagged unusable fragments. The digital rights license is generated based on the tag, such that the tagged unusable fragments may be reassembled into the digital file.08-30-2012
20120222137Validating the Origin of Web Content - Described herein is a technique of protecting users against certain types of Internet attacks. The technique involves obtaining certificates from visited web sites and qualifying communications with those web sites based on the content of the certificates.08-30-2012
20120216300METHOD AND CLIENT AGENT FOR MONITORING THE USE OF PROTECTED CONTENT - A method and apparatus are provided for controlling use of content protected with a digital rights management license which contains conditions for the use. When a request to use the content is received by a client agent controlling the use of the content, the conditions of use are checked. Within this check, a determination is made that the use of the content is conditional upon an obligation to perform a parental control operation on the content. A request for authorization to use the content is then transmitted from the controlling client agent to a parental control management module. After a parental control operation has been performed on the content by the parental control management module, the agent receives a result of the parental control operation. If the result is negative, a denial of use of the content is notified in response to the request to use the content.08-23-2012
20100077489METHOD, APPARATUS, AND COMPUTER PROGRAM PRODUCT FOR ISOLATING PERSONAL DATA - A method, user equipment, network device, and software product that protects data confidentiality where data transmission is required between distant systems. The invention comprises splitting data into confidential and non-confidential data. The invention further includes an isolating indexation responsible for data transmission, processing and reconciliation. Also, the invention comprises data confidentiality protection where multiple systems are involves.03-25-2010
20100071074APPARATUS FOR EXECUTING INTEROPERABLE DIGITAL RIGHTS MANAGEMENT USING CONTENTS DEVICE AND METHOD OF PERFORMING OPERATIONS BETWEEN CONTENTS DEVICE AND DIGITAL RIGHTS MANAGEMENT TOOL FOR INTEROPERABLE DIGITAL RIGHTS MANAGEMENT - Provided are an apparatus for executing interoperable digital rights management (DRM) using a contents device and a method of performing an operation between the contents device and a DRM tool for interoperable DRM, and more particularly, a method and apparatus for executing a DRM tool in various environments, regardless of the type of device or type of DRM tool, using an interfaced DRM executing apparatus including a DRM processor or a DRM tool agent.03-18-2010
20120137377METHOD AND SYSTEM FOR SAFEGUARDING DIGITAL OBJECTS CONSISTING OF DIGITAL ASSETS - Provided is a system and method for safeguarding digital objects consisting of digital assets. The system includes a unique identifier in each digital asset and a database with a record of each unique identifier, the database further structured and arranged to correlate at least two digital assets as distinctly related. A client is in communication with the database. The client is adapted to receive a subset of the digital assets and analyze each digital asset to determine the unique identifier embedded therein. The client is further adapted to query the database with the determined unique identifier to validate each digital asset, the validation further including confirmation of distinctly related digital asset received. An associated method is also provided.05-31-2012
20100175138SYSTEM AND METHOD FOR PROVIDING CONTENT FOR DIGITAL RIGHTS MANAGEMENT - A method of providing DRM content, including transmitting, by a content issuer, when a request for a specific main content of a communication terminal is input, a DRM content including the main content and a preset sub-content corresponding to the main content to the communication terminal; transmitting, by a rights issuer, a rights object having constraint condition information for securing reproduction of the sub-content to the communication terminal; and reproducing, by the communication terminal, when the DRM content and the rights object are received, the sub-content by analyzing the rights object and reproducing, when reproduction of the sub-content is complete, the main content. Reproduction of a sub-content in a communication terminal can be secured through constraint condition information of a rights object, and waste of resources required for providing a sub-content can be suppressed.07-08-2010
20100299764System for dynamically encrypting information for secure internet commerce and providing embedded fulfillment software - A data distribution system is provided which supplies customers with an executable for requested secured data files to provide the customer with fulfillment software, obviating the need for the customer to download fulfillment software prior to requesting secure data. The data distribution system is characterized by server technology which can dynamically encrypt secured data files just prior to a customer request to download the data file. A framework for building a universal data distribution infrastructure is provided which employs Requesters.11-25-2010
20100299763Secure Workflow and Data Management Facility - Disclosed is a computer program that provides a secure workflow environment through a cloud computing facility, wherein the secure workflow environment may be adapted to (1) provide a plurality of users with a workspace adaptable to provide secure document management and secure communications management, wherein the users comprise at least two classes of user, including a participant and a subscriber, the subscriber having control authority within the workspace that exceeds that of the participant and the participant having control over at least some of the participants own interactions with the workspace, (2) maintain a secure instance of each communication provided by each of the users such that each communication can be managed, (3) maintain a secure instance of each document interaction provided by each user such that each interaction can be managed; and extending the secure workflow environment to the users through a secure network connection.11-25-2010
20130174281MESSAGING STAMP AUTHORITY - Electronic messages may be processed using a stamp authority by receiving an electronic message, identifying a stamp associated the message, determining if the stamp is valid, and, if the stamp is determined to be valid, distinguishing the message from messages with which a valid stamp is not identified.07-04-2013
20130174280DOCUMENT CONTROL BASED ON COPYRIGHT PERMISSION WHEN PRINTING COMPILATION OF WORKS - A method for controlling copyright permissions when assembling multiple copyrighted works into a compiled file. The copyright permission level of each file is analyzed, either based on the copyright permission information present in metadata associated with the file or based on the digital file format of the file which reflects the permission level. The compiled file is assigned a permission level which is the same as or more restrictive than all of the permission level of the files in the compilation, and is generated in a format that enforces the assigned permission level. A notification may be displayed to the user to notify the use of the permission level assigned to the compiled file.07-04-2013
20120185952CONTEXT AWARE DATA PROTECTION - A method, for context aware data protection is provided. Information about an access context is received in a data processing system. A resource affected by the access context is identified. The identification of the resource may include deriving knowledge about resource by making an inference from a portion of contents of the resource that the access context affects the resource, making an inference that the access context affects a second resource thereby inferring that the resource has to be modified, determining that the access context is relevant to the resource, or a combination thereof. The resource is received. A policy that is applicable to the access context is identified. A part of the resource to modify according to the policy is determined. The part is modified according to the policy and the access context to form a modified resource. The modified resource is transmitted.07-19-2012
20120185951METHOD AND APPARATUS FOR MEDICAL INFORMATION ENCRYPTION - Provided is an apparatus, system and method for protecting medical output to be stored on a portable computer-readable medium. Access to the medical output is restricted and a key is established to grant access to the medical output stored on the portable computer-readable medium. An identifier is assigned to the portable computer-readable medium and stored on both the portable computer-readable medium and a computer memory. The medical output is stored on the portable computer-readable memory, and access to the medical output on the portable computer-readable medium is restricted, requiring the key for accessing and viewing the medical output. The key is also stored in the computer memory and a relationship associating the identifier with the key is established to enable identification of the key with knowledge of the identifier. A security utility and a medical presentation utility can also be stored on the portable computer-readable medium. The security utility and medical presentation utility can be executable by the user computer to grant access to, and present the medical output on the portable computer-readable medium to the intended recipient in response to entry of the key.07-19-2012
20120227116IMPLEMENTING BROWSER BASED HYPERTEXT TRANSFER PROTOCOL SESSION STORAGE - A computer implemented method, apparatus, and computer usable program product for managing session data. The process determines whether preexisting session data associated with a request for content is present in response to receiving the request. Responsive to an absence of the preexisting session data being associated with the request, the process generates session data associated with the request. The process then generates a response page having a set of forms including a set of hidden fields. The set of hidden fields include the session data. Thereafter, the process sends the response page to a client browser.09-06-2012
20120084870APPARATUS AND METHOD FOR EMBEDDING AND EXTRACTING INFORMATION IN ANALOG SIGNALS USING DISTRIBUTED SIGNAL FEATURES AND REPLICA MODULATION - Apparatus and methods are provided for embedding or embedding digital data into an analog host or cover signal. A distributed signal feature of the cover signal in a particular domain (time, frequency or space) is calculated and compared with a set of predefined quantization values corresponding to an information symbol to be encoded. The amount of change required to modify the signal feature to the determined target quantization value is calculated and the cover signal is modified accordingly to so change the feature value over a predefined interval. Information symbols are extracted by the opposite process. In one embodiment, the predefined value is a short term auto correlation value of the cover signal.04-05-2012
20120222136ACCESS MANAGEMENT SYSTEM AND ACCESS MANAGEMENT METHOD - An SE unit holding service data used by an application is provided in a UIM card. Thus, when the UIM card is transferred between portable terminals, service data and accompanying information of the application can be moved together with the UIM card to another portable terminal. In addition, an access management unit included in a portable terminal compares UIM information of a UIM information storage unit with UIM information, held by an authority information holding unit, of a UIM card of which use authority is possessed by an application. If they do not agree, access to service data stored in the SE unit is restricted.08-30-2012
20120233712Method and Device for Accessing Control Data According to Provided Permission Information - A method and device for accessing control data SD according to provided permission information RI, wherein a virtual engine VM is generated according to the provided permission information RI that serves to access the control data SD. As a result, a user can access control data SD solely via the virtual engine VM, thus ensuring that the user does not receive any access permission to the control data SD that are not described in the permission information RI.09-13-2012
20120233710DIGITAL WORKS HAVING USAGE RIGHTS AND METHOD FOR CREATING THE SAME - Digital work adapted to be distributed within a system for controlling at least one of the distribution and use of digital works. The digital work includes digital content representing a portion of a digital work suitable for being rendered by a rendering device and usage rights associated with the digital content. The usage rights specify a manner of use indicating one or more stated purposes for which the digital work can be at least one of used and distributed by an authorized party.09-13-2012
20120233709DIGITAL WORKS HAVING USAGE RIGHTS AND METHODFOR CREATING THE SAME - Digital work adapted to be distributed within a system for controlling at least one of the distribution and use of digital works. The digital work includes digital content representing a portion of a digital work suitable for being rendered by a rendering device and usage rights associated with the digital content. The usage rights specify a manner of use indicating one or more stated purposes for which the digital work can be at least one of used and distributed by an authorized party.09-13-2012
20120233708System and Method for Unlocking Content Associated with Media - There is presented a system and method for unlocking a content associated with media. In one aspect, the method comprises identifying the media, generating an authentication key using at least one key data from a set of key data contained in the media, determining an address in the media of at least one content unit corresponding respectively to each of the at least one key data used to generate the authentication key; requesting the at least one content unit by providing the address; receiving user data in response to the requesting; comparing the user data with the at least one key data used to generate the authentication key; and unlocking the content associated with the media if the user data matches the authentication key.09-13-2012
20110004946TEXT-BASED COMMUNICATION CONTROL FOR PERSONAL COMMUNICATION DEVICES - Systems, devices, and methods are provided for enabling a user to control the content of text-based messages sent to or received from an administered device. In some embodiments, a message will be blocked (incoming or outgoing) if the message includes forbidden content. In other embodiments, the objectionable content is removed from the message prior to transmission or as part of the receiving process. The content of such a message is controlled by filtering the message based on defined criteria. The criteria may be defined according to a parental control application. These techniques also may be used, in accordance with instructional embodiments, to require the administered devices to include certain text in messages. These embodiments might, for example, require that a certain number of Spanish words per day be included in e-mails for a child learning Spanish.01-06-2011
20110004945DEVICE MANAGING APPARATUS, DEVICE MANAGING SYSTEM, AND RECORDING MEDIUM STORING A SOFTWARE MANAGEMENT PROGRAM - A device managing apparatus for managing software installed in at least one device includes a determination unit configured to determine whether a software item to be installed in the device requires license validation; a validation unit configured to perform a license validation operation on the software item for which the determination unit determines that license validation is required, depending on an available license for the software item; and a setting unit configured to set a license issued by the validation unit in the device in which the software item is installed.01-06-2011
20110004944METHODS AND SYSTEMS FOR FINGERPRINT-BASED COPYRIGHT PROTECTION OF REAL-TIME CONTENT - The present invention provides methods and systems for fingerprint-based copyright protection of real-time content. A first fingerprint is provided for content from a fingerprint ingesting device to a central server. The first fingerprint is associated with one or more business rules for the content at the central server. At least one of (a) a second fingerprint is provided for the content from a broadcast device to the central server, and (b) a third fingerprint is provided for the content from a receiving device to the central server. The first fingerprint is then compared with the at least one of the second and third fingerprints at the central server. One or more corresponding business rules may then be determined for the content based on the comparing.01-06-2011
20120266259APPROACHES FOR FIRMWARE TO TRUST AN APPLICATION - Techniques for determining whether firmware should trust an application sufficiently so as to provide a service to the application. Firmware, executing on a device, receives an indication that an application, also executing on the device, is requesting a service provided by the firmware. The firmware obtains (a) an operating system signature associated with the application and (b) a firmware signature associated with the application. The operating system signature is a signature that is used by the operating system, executing on the device, to authenticate the application, while the firmware signature is a signature that is used by the firmware to authenticate the application. If the firmware determines that the operating system signature matches the firmware signature, then the firmware storing trust data that permits the application to access the service provided by the firmware. The firmware need not calculate a signature based on the in-memory image of the application.10-18-2012
20120324592SYSTEM AND METHOD FOR FLEXIBLE SECURITY ACCESS MANAGEMENT IN AN ENTERPRISE - Some embodiments provide a method and system for flexibly managing access to enterprise resources. To flexibly manage security, some embodiments secure the enterprise resources and provide a security access manager (SAM) to control access to the secured resources. The SAM controls access to the enterprise and the secure resources through one or more configurable management modules of the SAM. Each management module of the SAM is configurable to facilitate control over different security services of an enterprise security hierarchy (e.g., authentication, authorization, role mapping, etc.). Specifically, each management module is configurable to leverage security services that are provided by different security systems. In some embodiments, the management module is configured to interface with one or more adapters in order to establish the interfaces, logic, and protocols necessary to leverage the security functionality of such security systems.12-20-2012
20120324591SYSTEM AND METHOD TO PROTECT A RESOURCE USING AN ACTIVE AVATAR - A data source owner in a computing system protects that source via a “virtual” or surrogate entity or “avatar.” The entity is an object whose presence in the system is human-like, and it is given the specific task of protecting the data source for the owner. The avatar is associated with (or defined by) a non-human userid that has the same accesses and privileges of all (or defined) users, user groups and other resources that have access to the data source to be protected. During an initial setup, one or more actions to be performed by the non-human userid upon an occurrence of an actionable event with respect to the data source are specified, and a “baseline” associated with the data source is determined. Following setup, a monitor process is executed under the non-human userid, and this process records one or more accesses to the data source. Periodically, or upon a given occurrence, the monitor process spawns one or more ancillary processes to determine whether an actionable event has been triggered. If the avatar's monitoring efforts indicate an actionable event (such as an access violation), an action as defined in an action matrix is taken. The action typically includes reporting to the data source owner and, optionally, a security administrator, and restricting access to the data source.12-20-2012
20120272338UNIFIED TRACKING DATA MANAGEMENT - Methods and apparatuses that collect tracking data items into a plurality of data stores for one or more domain in response to resources received from the domains are described. Each tracking data item may be accessible for one of the domains. Relationships of the domains may be identified among the tracking data items across multiple data stores according to the resources received. One or more of the domains may be selected according to the identified relationships to control accessibility of the tracking data items for the domains. The data stores may be updated to prohibit accessing at least a portion of the tracking data items for the selected domains.10-25-2012
20120272339METHOD AND SYSTEM FOR ACCESSING PASSWORD-PROTECTED DATA ON A DEVICE - A password is stored to be associated with a sender sending data for exploitation on a network-connected device associated with a user. Password-protected data is received from the sender via a network connection. The password-protected data is automatically retrieved to access the password-protected data and the accessed data is sent via network connection to a device associated with the user.10-25-2012
20090055938SYSTEM, METHOD AND MACHINE-READABLE MEDIUM FOR PERIODIC SOFTWARE LICENSING - A system and method for periodically licensing a software having a server configured to receive a first request code for a term extension of a software license, the request code being initiated by a user of an application unit, the term extension allows the software to operate within a predetermined period of time, provide adverting information to the application unit, and provide the term extension for the software license.02-26-2009
20110239309DATA DEPENDENCE ANALYZER, INFORMATION PROCESSOR, DATA DEPENDENCE ANALYSIS METHOD AND PROGRAM - A data dependence analyzer includes: inter-process communication detection means which, on the basis of a processing content of inter-process communication performed for transferring data to be copied between resources, detects the inter-process communication; access detection means which successively detects an access event to the data in the resource due to the process; recording means which, for each of the access events detected by the access detection means, records the access target data in the access event; and analysis means which, among the access target data recorded by the recording means, searches data respectively corresponding to the copy source and the copy destination of the data transferred through the inter-process communication detected by the inter-process communication detection means and imparts a dependence relationship between the searched data.09-29-2011
20110239308SYSTEM AND METHOD OF VETTING DATA - Systems and methods for vetting data include receiving a notification at a second processor that a first processor has written first output data to an output data buffer in an output device. A hardware-implemented buffer access flag controls a permission for the first processor to write data to the output data buffer. The second processor sets the hardware-implemented buffer access flag to a first setting that prevents the first processor from writing additional output data to the output data buffer while the first output data in the output data buffer is being inspected. The second processor has a read-write permission to the hardware-implemented buffer access flag. The first processor has a read-only permission to the hardware-implemented buffer access flag.09-29-2011
20110277041CIRCUIT CARD DATA PROTECTION - The present invention provides for a method data of achieving protection in a circuit card such as a UICC arranged for storage of a plurality of data elements and providing protection on the basis of a domain protection-element serving to define operations that can be permitted on a data element, and on the basis of a password protection-element serving to control access to a data element and wherein at least one of the plurality of data elements is associated with both a domain protection-element and a password-protection element, and the invention further provides for a circuit card arranged for the secure storage of such data elements and for a ME arranged to employ such a circuit card.11-10-2011
20120331572METHOD AND APPARATUS FOR IDENTIFYING AND CHARACTERIZING ERRANT ELECTRONIC FILES - A computer system includes a server having a memory connected thereto. The server is adapted to be connected to a network to permit remote storage and retrieval of data files from the memory. A file identification application is operative with the server to identify errant files stored in the memory. The file identification application provides the functions of: (1) selecting a file stored in said memory; (2) generating a unique checksum corresponding to the stored fire; (3) comparing said unique checksum to each of a plurality of previously generated checksums, wherein the plurality of previously generated checksums correspond to known errant files; and (4) marking the file for deletion from the memory if the unique checksum matches one of the plurality of previously generated checksums.12-27-2012
20120331571SYSTEM AND METHOD OF MANAGING MULTIPLE LEVELS OF PRIVACY IN DOCUMENTS - There is provided a method and system to manage multiple levels of privacy in a document having a plurality of elements. In accordance with the method, a selection of a first element in the document is received. The first element is tagged with a selected first privacy level of a hierarchical privacy level list. The list includes a plurality of hierarchical levels of privacy associated with a controlling authority. A selection of a second element in the document is received. The selected second element is tagged with a selected second privacy level of the hierarchical privacy level list.12-27-2012
20120102578CONTROLLING INTERACTION BETWEEN PROTECTED MEDIA - A method, server system, and computer program storage product are disclosed. At least a first unique identifier from a first remote processing system is received. The first unique identifier is associated with a first remote software package that is on the first remote processing system. The first unique identifier and a second unique identifier are compared. The second unique identifier is associated with a second remote software package that is on a second remote processing system. The first unique identifier indicates that the first remote software package is one of a parent and a child copy of a software package executable. The second unique identifier indicates that the second remote software package is one of a parent and a child copy of the software package executable. An operation of at least one of the first remote software package and the second remote software package is authorized based upon the comparing.04-26-2012
20120102579METHOD FOR CONTROLLING UNAUTHORIZED SOFTWARE APPLICATION USAGE - According to the present invention there is provided a method to ensure authorized usage of software, by creating and then verifying and validating with the software's registered information in the vendor's online server, at frequent intervals, software activation file and computer's motherboard id.04-26-2012
20120102577INTEGRATING SECURITY PROTECTION TOOLS WITH COMPUTER DEVICE INTEGRITY AND PRIVACY POLICY - At computer device power on, the operating system of the computer device initiates a monitor. The monitor assigns a monitoring program to each program and object (collectively, “program”) running on the computer device to monitor the activities of the program. When the monitoring program is assigned to a program, the monitoring program is assigned an integrity and/or privacy label (collectively, “integrity label”) based on predetermined criteria applied to the monitored program. The monitoring program, in turn, assigns an integrity label to the program monitored by the monitoring program. The integrity label assigned to the monitored program is less than or equal to the integrity label of the monitoring program. The monitor enforces an integrity policy of the computer device based on the integrity label assigned to monitored programs and the integrity label associated with data, another program, or a remote network resource that the monitored program is seeking to access.04-26-2012
20120102576Scalable Memory Protection Mechanism - An apparatus to protect contents of a memory region is presented. In one embodiment, the apparatus includes a non-volatile memory, memory check logic to generate check values for protected memory regions, and comparison logic to compare stored check values from the non-volatile memory with generated check values from the memory check logic. The apparatus also includes security logic to prevent executing code in the protected memory regions if the comparison logic detects a mismatch between the stored check values and the generated check values.04-26-2012
20120291142METHOD AND APPARATUS FOR PROVIDING DRM SERVICE - Methods and apparatus are provided for providing a DRM service by a user terminal apparatus consuming DRM content in a service environment that provides the DRM content using a plurality of incompatible DRM systems. A license corresponding to the DRM content is acquired from a service providing apparatus that provides the DRM content. It is determined whether the license is a common license having a common DRM interface format. The common DRM interface format of the common license is converted to a format of a first DRM system installed in the user terminal apparatus, when the license is the common license. The license having the format of the first DRM system is applied in reproducing the DRM content. The common license is provided from the service providing apparatus to the user terminal apparatus through a common DRM interface when the service providing apparatus does not support the first DRM system.11-15-2012
20120291144SYSTEM AND METHOD FOR PRIVACY PROTECTION USING IDENTIFIABILITY RISK ASSESSMENT - A risk assessment system and method includes an information system configured to disclose information to a third party. A risk determination model is configured to compute identifiability risk for on one or more records in storage. The identifiability risk is compared to a threshold prior to being disclosed wherein the information system is informed of the identifiability risk exceeding the threshold prior to disclosure to the third party.11-15-2012
20120291143INFORMATION PROCESSING APPARATUS - According to an embodiment, an information processing apparatus stores user information including user attribute information and stores accessibility information indicating whether a use of the user attribute information is allowed, for each piece of user attribute information and each attribute value. The apparatus receives, from a server, a program for access to the user information, analyzes the program to extract the user attribute information to be used, and determines whether the use of the attribute value of the user attribute information is allowed by using the accessibility information of the extracted user attribute information. When the determination is negative, the apparatus does not execute the program to deny access to the attribute value of the user attribute information from the program, but when the determination is positive, the apparatus executes the program to allow access to the attribute value of the user attribute information from the program.11-15-2012
20100199359Operation apparatus, content parental lock setting method, and electronic apparatus - An operation apparatus includes a communication section to communicate with an electronic apparatus capable of communicating, through a first transmission medium, with an accumulation apparatus capable of accumulating contents, the communication section communicating with the electronic apparatus through a second transmission medium, a content selection section to select a content to which a parental lock is to be set from among the contents accumulated in the accumulation apparatus, a release key setting section to set a key for releasing the parental lock for the content selected, a storage section to associate identification information of the content selected with the key set by the release key setting section and stores the identification information and the key associated with each other, and a parental lock notification section to notify the accumulation apparatus in which the content is accumulated of the identification information of the content to which the parental lock is set.08-05-2010
20100186096IMAGE PROCESSING APPARATUS, IMAGE PROCESSING METHOD, COMPUTER PROGRAM AND COMPUTER-READABLE RECORDING MEDIUM - An image processing apparatus includes an alteration unit and a control unit. The alteration unit alters a first image file stored in a removable storage medium in order to generate a second image file. The control unit controls to store the second image file in the storage medium without deleting the first image file from the storage medium, if the first image file includes authentication data that is used to authenticate whether the first image file has been altered.07-22-2010
20130014286METHOD AND SYSTEM FOR MAKING EDRM-PROTECTED DATA OBJECTS AVAILABLE - A method and a system make EDRM-protected data objects available to users. Access rights to an EDRM-protected data object are produced depending on partial access rights to at least one or more data objects, which data objects are contained in the respective EDRM-protected data object. The access rights to the EDRM-protected data object are calculated by a client computer of the user using an access right differentiation function depending on the partial access rights which are made available by different EDRM servers. A data object key of the EDRM-protected data object is calculated by the client computer of the user using a key differentiation function depending on partial keys which are made available by the different EDRM servers.01-10-2013
20130014287MEASUREMENT DATA MANAGEMENT METHOD AND MEASUREMENT DATA MANAGEMENT SYSTEM - Remote meter reading terminal devices 01-10-2013
20130019323Methods, Secure Element, Server, Computer Programs and Computer Program Products for Improved Application ManagementAANM Arvidsson; PetterAACI BrommaAACO SEAAGP Arvidsson; Petter Bromma SEAANM Eld; MattiasAACI SpangaAACO SEAAGP Eld; Mattias Spanga SE - It presented a method, performed in a secure element, the secure element being arranged to enable user applications of the secure element to verify authenticity of incoming user application commands. The method comprises the steps of: receiving a command from a secure element reader for a user application on the secure element, the command comprising an application identifier of the user application; determining whether there is a matching user application in the secure element; invoking the matching user application; and establishing, when there is an absence of any matching user applications, a communication channel with a remote application manager server and sending an absent user application message to the application manager server indicating that the user application has been requested on the secure element. A corresponding secure element, method for an application manager server and application manager server are also presented.01-17-2013
20130024951Method and Device for Imposing Usage Constraints of Digital Content - A method for imposing one or more usage constraints on digital content, the method comprising communicating a digital content data item to a digital content receiver system; wherein the digital content data item includes the digital content and a usage constraint data item different from a digital license data item, or a reference to said usage constraint data item, the use case item being indicative of the one or more usage constraints.01-24-2013
20130179992SYSTEMS AND METHODS FOR ACCESSING DIGITAL CONTENT USING ELECTRONIC TICKETS AND TICKET TOKENS - Systems and methods for accessing digital content using electronic tickets and ticket tokens in accordance with embodiments of the invention are disclosed. In one embodiment, a user device includes a processor, a network interface, and memory configured to store an electronic ticket, and a ticket token, and the processor is configured by an application to send a request for digital content, receive a ticket token from a merchant server, wherein the ticket token is generated by a DRM server and associated with an electronic ticket that enables playback of the requested digital content, send the ticket token to a DRM server, receive an electronic ticket that enables playback of requested digital content, request the digital content associated with the electronic ticket, and play back the requested digital content using the electronic ticket.07-11-2013
20120255038Dual Trust Architecture - Mechanisms for executing a software routine in an application executing as a multi-user single address space subsystem in an operating environment having a trusted mode of operation for trusted routines and a reduced-trust mode of operation for untrusted routines. The application includes a control module for execution as a trusted routine and a trusted routine table including identifiers of trusted routines. The control module performs switches between a trusted mode of operation for execution and a reduced trust mode of operation based on various determinations regarding the nature of a calling routine being trusted or untrusted, a call stack, and whether the calling routine is being restored or not from the call stack.10-04-2012
20130091588METHOD AND APPARATUS FOR IMPROVED DIGITAL RIGHTS MANAGEMENT - A method and apparatus for improved digital rights management is provided.04-11-2013
20130179993System and Methods for Host Enabled Management in a Storage System - A storage system that includes a management communication interface coupled to a storage management layer and further includes a data communication interface. Upon receiving a request for accessing the storage management layer, from the host, via the data communication interface, the management layer sends to the host, access information necessary for allowing access of the host to the storage management layer via the management communication interface; and upon receiving a management command, from the host via the management communication interface, the host is provided with access to the storage management layer, in cases where the management command conforms to the access information.07-11-2013
20130179994Dual Trust Architecture - Mechanisms for executing a software routine in an application executing as a multi-user single address space subsystem in an operating environment having a trusted mode of operation for trusted routines and a reduced-trust mode of operation for untrusted routines. The application includes a control module for execution as a trusted routine and a trusted routine table including identifiers of trusted routines. The control module performs switches between a trusted mode of operation for execution and a reduced trust mode of operation based on various determinations regarding the nature of a calling routine being trusted or untrusted, a call stack, and whether the calling routine is being restored or not from the call stack.07-11-2013
20130104249Verification Of Integrity Of Peer-Received Content In A Peer-To-Peer Content Distribution System - Structures and methods are disclosed for verifying integrity of peer-supplied content in a peer-to-peer content distribution system, for example, to verify that content supplied from a sending peer node to a receiving peer node corresponds to the content that was requested by the receiving node.04-25-2013
20130104251SECURITY SYSTEMS AND METHODS FOR USE WITH STRUCTURED AND UNSTRUCTURED DATA - Disclosed herein are systems and methods including hardware, software and electronic service components and systems to provide large-scale, reliable, and secure foundations for distributed databases and content management systems combining unstructured and structured data, and allowing post-input reorganization to achieve a high degree of flexibility.04-25-2013
20130104250ELECTRONIC DEVICE FOR PROTECTING DATA - An electronic device generates an access signal according to user input. The electronic device includes a processor, a key circuit to generate a key signal according to press of the user, a storage unit to store data, a clock generator circuit to generate a clock signal, and a protection circuit. The protection circuit generates an enable signal or a disable signal according to the key signal and the clock signal to control the storage unit to unlock or lock, and transmits the access signal to the storage unit to access the data.04-25-2013
20130125249Remote Access Control Of Storage Devices - An access control device can be communicationally coupled to a storage device and can control access thereto. The access control device can comprise information, such as identities of authorized entities, to enable the access control device to independently determine whether to provide access to an associated storage device. Alternatively, the access control device can comprise information to establish a secure connection to an authorization computing device and the access control device can implement the decisions of the authorization computing device. The access control device can control access by instructing a storage device to execute specific firmware instructions to prevent meaningful responses to data storage related requests. The access control device can also comprise storage-related cryptographic information utilized by the storage device to encrypt and decrypt data. In such a case, the access control device can control access by not releasing the storage-related cryptographic information to the storage device.05-16-2013
20110219461NETWORK BASED DIGITAL RIGHTS MANAGEMENT SYSTEM - A network-based DRM system manages digital media assets stored in the network. The system provides consumers with access to the digital media from any device connected to an electronic network such as the internet, while enforcing the intended uses by the copyright owners.09-08-2011
20100281545Using Embedded Data with File Sharing - Peer-to-peer file sharing is increasing in popularity on the Internet, faster than any product known in history. Although file-sharing can enable massive piracy, it has many advantages for distribution of information including scalability. Alternatively, file-sharing can be sabotaged with falsified files and used to distribute viruses. To this end, a solution that maintains the scalability of file-sharing and promotes reliability is proposed. The solution involves embedding data within the file or content and using the data to identify the content, demonstrate its completeness and lack of viruses, and verify the file can be shared. The embedded data can be checked when the file is registered with the database for sharing, and before or while the file is being uploaded and/or downloaded. Ideally, the embedded data is added at the time of creation for the file. The embedded data may include a watermark and be linked to other copy management systems, such as those proposed in DVD and SDMI. Finally, the embedded data can be used to enable purchases of files that owners do not have rights to share.11-04-2010
20130152219ELECTRONIC DEVICE WITH FILE LOCKING FUNCTION AND METHOD THEREOF - An electronic device includes a data storage, a display unit, and a processing unit. The data storage stores a plurality of files. The display unit is operable to display drawing interfaces. The electronic device selects a file requiring locking, activates a drawing tool to generate the drawing interface in response to an file locking operation, records an image file drawn by the drawing tool as a locking password following a drawing operation on the drawing interface, and associates the file with the locking password to lock the file.06-13-2013
20130152220Method, Apparatus and System for Software Management - A method, apparatus and system are disclosed for software management, relating to the technical field of communications, and allowing software installed on a UPnP device by a service provider to be managed only by that service provider. The method comprises: receiving a software installation command sent by a first control device, installing software according to the software installation command and storing a first authentication information required during management of the software; receiving a software management command sent by a second control device, and acquiring a second authentication information corresponding to the software management command, which command is used in managing the software; when the second authentication information is consistent with the first authentication information, executing the software management command.06-13-2013
20100313278ASSOCIATING FIRST AND SECOND WATERMARKS WITH AUDIO OR VIDEO CONTENT - The present invention relates generally to processing audio or video content. One claim recites an apparatus comprising: electronic memory, and an electronic logic processor. The electronic memory is for storing data representing audio or video content, in which the data includes a protect watermark embedded therein, the protect watermark providing an indication that the data is protected, and in which the data further includes a rights watermark embedded in the data, the right watermark providing an indication of user rights associated with rendering the audio or video content, the protect watermark being more difficult to remove from the data relative to the rights watermark. The electronic logic processor is programmed for analyzing the data to retrieve the protect watermark only when the rights watermark does not exist in the data. Other claims are described and provided as well.12-09-2010
20120284807Method of Producing and Distributing Copyrighted Content - The present disclosure teaches methods for producing and distributing content through a network in a way that is practicable and economical for both the owners of the content and the delivery service providers. The present disclosure teaches methods of using content to drive multiple revenue streams from a website that distributes such content.11-08-2012
20130160146STARTUP TIMES OF STREAMING DIGITAL MEDIA PLAYBACK - Techniques are provided for streaming digital media content. In one embodiment, metadata associated with a digital media content title is retrieved prior to receiving any user request to play the digital media content title. Upon receiving a user request to play the digital media content title, a license is requested based on the retrieved metadata. Upon receiving the license, streaming playback of digital media content title begins.06-20-2013
20130160147PROTECTED APPLICATION PROGRAMMING INTERFACES - Mechanisms are provided to allow particular parties and applications access to protected application programming interfaces (APIs) without the use of security domains. Trusted parties and applications may have access to protected APIs while unfrosted parties and applications may be restricted to a more limited set of APIs. Public keys associated with individual applications that are used to enforce licensing policies can be repurposed for use in a verification process to prevent unauthorized access to APIs. A credential storage manager can be used to maintain permission and certificate information. An application authorization manager may access credential storage and maintain trusted application information.06-20-2013
20130160148SYSTEMS, METHODS, AND PROGRAM APPLICATIONS FOR SELECTIVELY RESTRICTING THE PLACESHIFTING OF COPY PROTECTED DIGITAL MEDIA CONTENT - Systems, methods, and program products are provided for selectively restricting the transmission of copy protected digital media content from a computer system, over a network, and to a remote display. In one embodiment, a method includes the steps of capturing digital media content rendered on the local display by a media player application executed by the computer system; determining whether the media player application is accessing copy protected digital media content; and, if the media player application is not accessing copy protected digital media content, converting the captured digital media content to a media stream and transmitting the media stream over a network for presentation on a remote display.06-20-2013
20130185815PASSWORD-LESS LOGIN - User profiles stored on a server control access to private data. Access control to the user profiles themselves is provided without a password. In more detail, the user profile is functionally handicapped by at least a portion of digital data (or a cryptographic key) associated with the user profile being removed and discarded after being sent to an enabling device. A human gesture from the user first provides a key to reconstitute the key or restore the missing data portion in the enabling device which is then transmitted to the server to reconstitute the key or restore the missing data portion in order to reconstitute the user profile for access.07-18-2013
20130185816INFORMATION PROCESSING APPARATUS, METHOD, PROGRAM, AND INTEGRATED CIRCUIT - A content display apparatus which processes protected information configured, with an aim to prevent access from any unauthorized program, to include: a process managing unit which manages a plurality of processes operable in the content display apparatus; and an access detecting unit configured to detect access to the protected-information access detecting unit which detects access to the protected information. The process managing unit includes an application execution control unit which temporarily stops the operation of each of at least one process other than a process which accesses the protected information among the plurality of processes when the access to the protected information is detected by the protected-information access detecting unit.07-18-2013
20110296536Processing of metadata content and digital content received by a media distribution system - The disclosed embodiments relate generally to the submission of metadata content and digital content, such as media content, to a media distribution system. The media content can include, for example, audio, video, image, or podcast data. In accordance with one embodiment, a client submitting metadata content can validate the metadata content prior to submission of the metadata content and/or associated media content. A media distribution system receiving metadata content can also validate the metadata content.12-01-2011
20110296535CHECKING DATA INTEGRITY - A network interface device for connection to a data processing device and to a data network so as to provide an interface between the data processing device and the network for supporting the network of packets of a transport protocol, the network interface device being configured to: identify within the payloads of such packets data of a further protocol, the data of the further protocol comprising payload data of the further protocol and framing data of the further protocol, and the framing data including verification data for permitting the integrity of the payload data to be verified; on so identifying data of the further protocol, process at least the payload data for determining the integrity thereof and transmit to the data processing device at least some of the framing data and an indication of the result of the said processing.12-01-2011
20110296533DYNAMIC ASSERTION PROVIDERS FOR LOGIC-BASED SECURITY POLICY LANGUAGES - Architecture that employs dynamic assertion providers in logic-based security policy languages. The dynamic assertion providers provide a mechanism by which data can be processed in an efficient, goal-directed manner. The application of dynamic assertion providers enables the inferencing over type hierarchies, including hierarchies of personally identifiable information and also for file systems which are hierarchal in nature. When searching for facts to bind against for a given subgoal, dynamic assertion providers are also queried. These objects follow an interface which can implement an arbitrary method to provide facts to the logic engine in a goal-directed, on-demand manner. Hierarchical types can be implemented using a hierarchy provider.12-01-2011
20110321178SYSTEM FOR AND METHOD OF DYNAMIC EXTENSION ASSIGNMENT - A system for and method of system for performing dynamic extension assignment is presented. In one exemplary embodiment, the method may comprise receiving, via a network, an extension assignment request associated with a network endpoint, identifying the network endpoint based on one or more properties of the network endpoint, applying one or more rules to identify an extension to be assigned to the network endpoint based on the one or more properties of the endpoint, and assigning the extension to the network endpoint.12-29-2011
20130191930SYSTEMS AND METHODS FOR GOVERNING CONTENT RENDERING, PROTECTION, AND MANAGEMENT APPLICATIONS - System and methods are disclosed for governing digital rights management systems and other applications through the use of supervisory governance applications and keying mechanisms. Governance is provided by enabling the supervisory applications to revoke access keys and/or to block certain file system calls, thus preventing governed applications from accessing protected electronic content.07-25-2013
20120005764Systems and Methods for Governing Content Rendering, Protection, and Management Applications - System and methods are disclosed for governing digital rights management systems and other applications through the use of supervisory governance applications and keying mechanisms. Governance is provided by enabling the supervisory applications to revoke access keys and/or to block certain file system calls, thus preventing governed applications from accessing protected electronic content.01-05-2012
20120030774Method For Encrypting And Embedding Information In A URL For Content Delivery - A method for accessing a remote network includes identifying a content server associated with the remote network, generating a uniform resource locator, embedding additional data in the uniform resource locator, encrypting the uniform resource locator, and accessing a server in the remote network identified by the uniform resource locator. The method further includes wherein the additional data comprises authentication data, a delivery session identification, a time stamp, or comprises subscriber identification data. The URL may provide access to the content server for a time period indicated by the time stamp. The method includes wherein at least the subscriber identification data prevents unauthorized sharing of the URL.02-02-2012
20130198872METHOD FOR COMPONENT ACCESS CONTROL AND ELECTRONIC DEVICE - Disclosed are a method for component access control and electronic device. The method comprises: acquiring a target component list corresponding to the first application, which list includes at least one target component required by the first application, with the at least one target component belonging to at least one basic component; after a component selection command is received, generating information about those basic components accessible by the first application from the target component list according to the component selection command; and storing the information about those basic components accessible by the first application. In the present solution, it is unnecessary to set access to all the component when applying for an application; rather, those component accessible by the application can be controlled during the installation or use of the application according to system or user requirements, thereby increasing the flexibility of the application in accessing components and reducing the probability of the user privacy being stolen.08-01-2013
20130198870SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR MESSAGING IN AN ON-DEMAND DATABASE SERVICE - In accordance with embodiments, there are provided mechanisms and methods for messaging in an on-demand database service. These mechanisms and methods for messaging in an on-demand database service can enable embodiments to more flexibly message in on-demand database environments. The ability of embodiments to provide such feature may lead to enhanced messaging features which may be used for providing more effective ways of messaging in the context of on-demand databases.08-01-2013
20130198871SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR MESSAGING IN AN ON-DEMAND DATABASE SERVICE - In accordance with embodiments, there are provided mechanisms and methods for messaging in an on-demand database service. These mechanisms and methods for messaging in an on-demand database service can enable embodiments to more flexibly message in on-demand database environments. The ability of embodiments to provide such feature may lead to enhanced messaging features which may be used for providing more effective ways of messaging in the context of on-demand databases.08-01-2013
20130198869SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR MESSAGING IN AN ON-DEMAND DATABASE SERVICE - In accordance with embodiments, there are provided mechanisms and methods for messaging in an on-demand database service. These mechanisms and methods for messaging in an on-demand database service can enable embodiments to more flexibly message in on-demand database environments. The ability of embodiments to provide such feature may lead to enhanced messaging features which may be used for providing more effective ways of messaging in the context of on-demand databases.08-01-2013
20130205415NETWORK LINKER FOR SECURE EXECUTION OF UNSECURED APPS ON A DEVICE - An app is made secure using an app wrapping security technique and a network linker that creates an executable binary file of the wrapped app that does not use custom dynamic libraries. The network linker includes a client-side linker component and a server-side linker component. When the app is created and the developer decides to have it security wrapped, an extra parameter is inserted in the client-side linker component for invoking the network linker of the present invention. If a call is being made from app security wrapping code, then the invocation resolves to normal system libraries and the call is not shimmed. Once all the symbols have been resolved on the server-side linker, the executable binary is transmitted back to the client-side linker component where it is digitally signed by the app developer and put in a suitable form for uploading to an app store or marketplace.08-08-2013
20130205413DATA PROCESSING APPARATUS AND METHOD USING SECURE DOMAIN AND LESS SECURE DOMAIN - A data processing apparatus 08-08-2013
20130205414METHOD FOR NEAR FIELD COMMUNICATION OPERATION, A DEVICE AND A SYSTEM THERETO - A method, a user terminal and a system for performing a NFC operation by a NFC equipped user terminal. According to a method a common application residing in a secure element of the user terminal can be authenticated by receiving, in the common application, an authentication request message including identification information on at least service provider of the NFC reader. Based on the identification information authentication related data on a service provider of NFC service is retrieved from a database. Furthermore, a data request message is received from the NFC reader. The data is retrieved, on the basis of identification information on at least service provider of the NFC reader and identification information for data, from the database residing in the secure element of the user terminal. The data requested is delivered to the NFC reader.08-08-2013
20120090038ELECTRONIC IDENTIFICATION - A method may include forwarding, by a mobile device, a request for identification information associated with a user of the mobile device. The method may also include receiving, from an identification provider, the identification information, and displaying, by the mobile device, at least some of the identification information.04-12-2012
20130212710Data Leakage Prevention for Cloud and Enterprise Networks - Apparatuses, methods and articles of manufacture for performing data leakage prevention are provided. Data leakage prevention may be performed by determining a signature of a transmitted document, the transmitted document being in transit to a location beyond a network boundary. The signature of the transmitted document is compared with one or more signatures of documents authorized to be transmitted beyond the network boundary. The transmitted document is prevented from being transmitted beyond the network boundary if the signature of the document does not correspond to a signature of a document authorized to be transmitted beyond the network boundary.08-15-2013
20130212711Solution for Continuous Control and Protection of Enterprise Data Based on Authorization Projection - Extracting data from a source system includes generating an authorization model of the data protection controls applied to the extracted data by the source system. The authorization model is used to map the data protection control applied to the extracted data to generate corresponding data protection controls provided in target system. The extracted data is imported to the target system including implementing the corresponding data protection controls.08-15-2013
20130212712SYSTEM AND METHOD FOR CREATING BOUNDED PACKETS OF PERSONALLY-IDENTIFIABLE INFORMATION (PII) - A system and method is disclosed, which allows registered visitors the opportunity to create bounded packets (QYouBs) containing a range of personally-identifiable information (PII) selected by the subscriber to meet a specific need, which can then be quickly transferred to a receiving party.08-15-2013

Patent applications in class By authorizing data