| Patent application number | Description | Published |
|---|
| 20090175442 | Digital Rights Management System Protecting Consumer Privacy - Technologies for a Consumer Privacy Digital Rights Management system based on stable partially blind signatures that enable a license server to provide licenses for delivery to users without knowing the corresponding digital contents that users access with the license. Therefore consumer privacy is protected during license acquisition. Further, if the client DRM module in the DRM system does not disclose any information about a user's digital content access, and the messages that the client DRM module sends out are in plain text enabling verification that the client DRM module is not disclosing such information, then consumer privacy is fully protected by the DRM system. | 07-09-2009 |
| 20090260077 | SECURITY-ENHANCED LOG IN - A security-enhanced login technique that provides a convenient and easy-to-use two factor technique to enhance the security of passwords without requiring any changes on the server side of a client-server network. The technique employs a convenient and easy-to-use two-factor technique to generate strong passwords for Web and other applications. In this technique, a convenient or personal device such as a mouse is used as the other factor besides a user password. A secret stored in the mouse or other personal device is hashed together with the password entered by a user and the server ID, to generate a strong, server-specific password which is used to authenticate the user to the server. This password enhancement operation is carried out inside the personal device. | 10-15-2009 |
| 20090265760 | COMPONENT-ORIENTED ARCHITECTURE FOR WEB MASHUPS - A component-oriented web mashup system and method for communicating between component-oriented Web gadgets to facilitate secure Web mashups. Embodiments of the system and method redefine the traditional definition of gadget to mean a Web component having a verifiable controlled communication channel (a CompoWeb gadget). A CompoWeb gadget is created and defined using new HTML tags and global script objects and functions that extend the functions of the browser. CompoWeb gadget content is treated as a component that is isolated from other gadgets and frames by a browser, and only those allowed access can view data and code therein. Called functions of a CompoWeb gadget are run in the callee's environment instead of the caller's environment. This adds security, because all the requesting CompoWeb gadget receives is the run result. Embodiments of the system and method also include delayed binding of CompoWeb gadgets, such that binding is performed at run time. | 10-22-2009 |
| 20090320021 | DIAGNOSIS OF APPLICATION PERFORMANCE PROBLEMS VIA ANALYSIS OF THREAD DEPENDENCIES - A “Performance Evaluator” provides various techniques for tracking system events to diagnose root causes of application performance anomalies. In general, traces of system events involved in inter-thread interactions are collected at application runtime. These traces are then used to construct inter-thread dependency patterns termed “control patterns.” Control patterns are then evaluated to determine root causes of performance anomalies. Where an application terminates abnormally or full traces cannot be collected for some reason, partial control patterns are constructed for that application. In various embodiments, “fingerprints” are then generated from full or partial control patterns and are matched to fingerprints corresponding to operations in other control patterns extracted from reference traces collected on the same or similar systems. Matched fingerprints or control patterns are then used to deduce the root cause of application performance anomalies associated with full or partial traces. | 12-24-2009 |
| 20090320129 | SECURE CONTROL FLOWS BY MONITORING CONTROL TRANSFERS - A cross-module detection system and method for detecting and monitoring control flow transfers between software modules in a computer system. The system and method detect and monitor control flows entering and exiting the software modules. For a particular module, a checking model is extracted from the binary file of that module. In addition, a relaxed shadow stack is generated. If the module is an original module, meaning that the control flow originated from that module, then the checking model is used to check the validity of the control flow transfer. Otherwise, the relaxed shadow stack is used. An interception module is used to intercept and terminate invalid control flow transfers. If an invalid control flow transfer is detected, then the transfer is terminated. Otherwise, the control flow transfer is allowed to continue. | 12-24-2009 |
| 20090327735 | UNIDIRECTIONAL MULTI-USE PROXY RE-SIGNATURE PROCESS - A “proxy re-signature system” provides various techniques for transforming a delegatee's signature on a message m into a delegator's on the same message m. Various embodiments of non-interactive re-signature generation processes are described. Various embodiments to aggregate part of signatures to reduce the size of re-signed signatures are also described. Various combinations of the proxy re-signature process and the re-signature conversion process result in an overall process that is unidirectional, multi-use, private, and non-interactive. As such, the proxy re-signature system is applicable for use with a wide range of applications. | 12-31-2009 |
| 20100106671 | Comprehensive Human Computation Framework - Technologies for a human computation framework suitable for answering common sense questions that are difficult for computers to answer but easy for humans to answer. The technologies support solving general common sense problems without a priori knowledge of the problems; support for determining whether an answer is from a bot or human so as to screen out spurious answers from bots; support for distilling answers collected from human users to ensure high quality solutions to the questions asked; and support for preventing malicious elements in or out of the system from attacking other system elements or contaminating the solutions produced by the system, and preventing users from being compensated without contributing answers. | 04-29-2010 |
| 20100131755 | DISTRIBUTED SINGLE SIGN ON TECHNOLOGIES INCLUDING PRIVACY PROTECTION AND PROACTIVE UPDATING - Technologies for distributed single sign-on operable to provide user access to a plurality of services via authentication to a single entity. The distributed single sign-on technologies provide a set of authentication servers and methods for privacy protection based on splitting secret keys and user profiles into secure shares and periodically updating shares among the authentication servers without affecting the underlying secrets. The correctness of the received partial token or partial profiles can be verified with non-interactive zero-knowledge proofs. | 05-27-2010 |
| 20110072498 | TEARING AND CONFORMAL TRANSFORMATION HUMAN INTERACTIVE PROOF - The HIP creation technique described herein pertains to a technique for creating a human interactive proof (HIP) by applying tearing and/or a conformal transformation to a string of characters while maintaining readability of text. In one embodiment, the technique tears a character string into two or more pieces and applies conformal transformation to warp the pieces in order to create a HIP. The transformation changes the shape and orientation of the characters but preserves angles of the characters which makes it easy for humans to recognize the characters after the transformation. Other embodiments of the technique create HIPs by applying tearing only to a string of characters, or by applying conformal transformation only to the character string. | 03-24-2011 |
