Entries |
Document | Title | Date |
20080201781 | Tool Pack Structure and Contents Execution Device - A tool pack structure includes: a signature value for guaranteeing authenticity of a tool pack; a tool pack identifier for identifying the tool pack; each unit tool pack provided according to a hardware platform; and tool pack data containing initial values assigned when each unit tool pack is used. Each tool pack includes platform information indicating information about hardware in which the tool pack may be used; a tool agent that is a program activated for content execution; and a tool group including at least one tool program activated by the tool pack agent for processing content according to a predetermined rule. A tool agent leaves operation of a protection tool group used by a specific service provider entirely to a tool agent (execution code) provided together with the tool group by service providers. Accordingly, information about the used tools does not have to be disclosed to the public. Since a user terminal simply calls each tool agent, it can support interoperability with other DRM techniques. | 08-21-2008 |
20080209568 | PRESERVING PRIVACY OF DATA STREAMS USING DYNAMIC CORRELATIONS - Disclosed is a method, information processing system, and computer readable medium for preserving privacy of nonstationary data streams. The method includes receiving at least one nonstationary data stream with time dependent data. Calculating, for a given instant of sub-space of time, A set of first-moment statistical values is calculated, for a given instant of sub-space of time, for the data. The first moment statistical values include a principal component for the sub-space of time. The data is perturbed with noise along the principal component in proportion to the first-moment of statistical values so that at least part of a set of second-moment statistical values for the data is perturbed by the noise only within a predetermined variance. | 08-28-2008 |
20080209569 | INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSOR, IMAGE FORMING APPARATUS, AND INFORMATION PROCESSING METHOD - An information processing system including multiple apparatuses capable of executing one or more applications and an information processor connected to the apparatuses through a first network is disclosed. The information processing system includes a license status information obtaining part configured to obtain the license status information of the applications installed in each of the apparatuses from the corresponding apparatuses through the first network, a license data obtaining part configured to obtain license data authorizing usage of the applications from a computer connected through a second network based on the license status information, and a license data delivery part configured to deliver the license data to each of the apparatuses. | 08-28-2008 |
20080216177 | Contents Distribution System - When the DRM mode indicated by a client terminal | 09-04-2008 |
20080222732 | Computer manufacturer and software installation detection - Detailed herein is a technology which, among other things, allows the manufacturer of a computer system to be identified. In one approach to the technology, a method of determining the manufacturer of a computer is described. The method involves accessing a collection of manufacturer identification code information. The method also involves reading a specific manufacturer identification code from the computer. The method calls for comparing the specific manufacturer identification code with the collection of manufacturer identification code information, to determine the manufacturer of the computer. | 09-11-2008 |
20080222733 | Anti-pirate memory card - An anti-pirate memory card is provided for preventing unauthorized reproduction, wherein the addresses of all bad blocks of each memory unit of the memory card are recorded during manufacturing process, and are converted into an identification code by a secret algorithm, and finally the identification code is written into a control chip and the memory unit. The memory card is effective in preventing software capture and hardware capture. | 09-11-2008 |
20080222734 | Security System with Extraction, Reconstruction and Secure Recovery and Storage of Data - The method for securing data includes establishing a group of security sensitive items, filtering data and extracting and separating the security items from remainder data. The filtered data are separately stored (locally on a PC or on another computer in a LAN or WAN or on the Internet.) A map may be generated. The filter and/or map may be destroyed or stored. The data input, extracted data and remainder data may be deleted from the originating computer. Encryption may be utilized to enhance security (including transfers of data, filter and map). Reconstruction of the data is permitted only in the presence of a predetermined security clearance. A plurality of security clearances may be used to enable a corresponding plurality of partial, reconstructed views of the plaintext (omitting higher security words). | 09-11-2008 |
20080229424 | Dispute resolution in a geo-spatial environment - A method, apparatus and system of dispute resolution in a geo-spatial environment are disclosed. In one embodiment, a method includes providing a wiki interface such that users modify and add profiles of others prior to the profiles being claimed, permitting an initial claimant to control editability of a wiki portion of a selected profile when the initial claimant claims the selected profile, capturing what personally identifiable information the initial claimant is willing to submit if the selected profile is disputed, placing the selected profile in dispute when a disputing claimant challenges an ownership of the selected profile by the initial claimant, electing a dispute resolution process that communication a code through a direct mail mechanism to a physical address associated with the selected profile, and allocating the selected profile to one of the initial claimant and the disputing claimant based on entry of the code in the selected profile. | 09-18-2008 |
20080229425 | Secure Terminal, a Routine and a Method of Protecting a Secret Key - The method of protecting a secret key from being read by a non-secure software application, comprises a step ( | 09-18-2008 |
20080229426 | INFORMATION PROCESSING APPARATUS, SOFTWARE VERIFICATION METHOD, AND SOFTWARE VERIFICATION PROGRAM - An information processing apparatus is disclosed that includes an expiration detection unit that detects expiration of a certificate used for verifying the validity of software; a software verification unit that verifies the validity of the software using the certificate; and a storage unit in which the certificate is stored. In the apparatus, the software verification unit previously stores a value uniquely calculated from the software in the storage unit when the certificate has not expired and the software is valid, and verifies the validity of the software using the value uniquely calculated from the software where the certificate has expired or the software is invalid. | 09-18-2008 |
20080229427 | Method and apparatus for secure web browsing - The invention includes a method and apparatus for protecting a user device from web attacks using a proxy server. In one embodiment, a method includes receiving a web page comprising web page content and code, generating an image-based representation of the web page that includes the web page content and excludes the code, and propagating the image-based representation of the web page toward the user device. In one embodiment, a method includes receiving an interaction with an image-based representation of a web page, generating a web page interaction from the interaction with the image-based representation of the web page, implementing the web page interaction, generating an instruction using the implemented web page interaction, and propagating the instruction toward a web server. | 09-18-2008 |
20080235802 | Software Tamper Resistance Via Integrity-Checking Expressions - Implementation of software tamper resistance via integrity checks is described. In one implementation, a tamper resistance tool receives an input program code and generates a tamper-resistant program code using integrity checks. The integrity checks are generated by processing the input program code, and the integrity checks are inserted in various locations in the input program code. Values of the integrity checks are computed during program execution to determine whether a section of the program has been tampered with. Values of the integrity checks may be stored and accessed at any point during execution of the program. | 09-25-2008 |
20080235803 | Server apparatus and installation information making method - A license server generates USB serial IDs for USB memory secured in a multi-function machine and then makes electronic signature files using the USB serial IDs and firmware that is the target of installation at the multi-function machine. The license server further makes electronic signature files using the firmware installer and SD card serial IDs. The license server then stores data for installation use including the electronic signature files in an SD card inserted in a client device connected to the license server. | 09-25-2008 |
20080235804 | Dynamic Creation and Hierarchical Organization of Trusted Platform Modules - A trusted platform module is presented that is capable of creating, dynamically, multiple virtual trusted platform modules in a hierarchical organization. A trusted platform module domain is created. The trusted platform module creates virtual trusted platform modules, as needed, in the trusted platform module domain. The virtual trusted platform modules can inherit the permissions of a parent trusted platform module to have the ability to create virtual trusted platform modules themselves. Each virtual trusted platform module is associated with a specific partition. Each partition is associated with an individual operating system. The hierarchy of created operating systems and their privilege of spawning new operating systems is reflected in the hierarchy of trusted platform modules and the privileges each of the trusted platform modules has. | 09-25-2008 |
20080244750 | Method and Apparatus Regarding Attachments to E-mails - A computer processor is programmed by computer software so that the computer processor scans text of a first e-mail for any one of a set of matching words and if any one of the set of matching words is found in the text of the first e-mail, the computer processor is programmed by the computer software to alert a user that an e-mail attachment is missing. The set of matching words may include “attach”. The computer processor may alert a user than an e-mail attachment is missing by causing a message to be displayed on a computer monitor concerning whether an attachment should have been included with the first e-mail. The message may provide a prompt to the user which can be selected by the user to start the process of including an attachment with the first e-mail. | 10-02-2008 |
20080244751 | Binding A Digital License To A Portable Device Or The Like In A Digital Rights Management (DRM) System And Checking Out/Checking In The Digital License To/From The Portable Device Or The Like - To render digital content encrypted according to a content key (KD) on a first device having a public key (PU | 10-02-2008 |
20080250504 | DIGITAL RIGHTS MANAGEMENT METHOD AND APPARATUS - A digital rights management (DRM) method and apparatus are provided. The DRM method includes transmitting a rights object request message; receiving a rights object response message based on a Universal Plug and Play (UPnP) contents directory service; and acquiring a rights object using the rights object response message. Another DRM method includes receiving a rights object request message; and transmitting a rights object response message based on a Universal Plug and Play (UPnP) contents directory service. The DRM apparatus includes a transmitting unit which transmits a rights object request message to a media server of a DRM domain; a receiving unit which receives a rights object response message based on a Universal Plug and Play (UPnP) contents directory service from the media server; and a playback unit which plays back a contents object on a basis of a rights object acquired using the rights object response message. | 10-09-2008 |
20080256639 | Verification Method, Information Processing Device, Recording Medium, Verification System, Certification Program, and Verification Program - A virtual machine can be implemented by anyone because the interface and other information necessary for implementation are publicly available. Hence, if virtual machine is implemented maliciously, a program operating thereon can be made to operate maliciously instead of operating legitimately. | 10-16-2008 |
20080256640 | PLAYBACK APPARATUS AND PLAYBACK METHOD - According to one embodiment, a playback apparatus includes a data read-out unit which reads out digital content from a storage medium, a copy control information update process unit which executes, if a second copy control information is defined in a file stored in the storage medium, a process of replacing a first copy control information which is embedded in the digital content that is read out of the storage medium, with the second copy control information, and a copy restriction process unit which analyzes the digital content that is output from the copy control information update process unit and executes a copy restriction process for restricting copy of the digital content, in accordance with one of the first copy control information and the second copy control information, which is embedded in the digital content. | 10-16-2008 |
20080256641 | MOBILE UNIT PARENTAL CONTROL - Parents can desire to limit content viewable upon a mobile device and a universal integrated circuit card can be programmed to limit viewing upon the mobile device. A user completes a service request form that includes an allowable view threshold for content upon the mobile device. The request can transfer to a service provider, sometimes via a base station. A subscription manager can forward the threshold back to the mobile device and the mobile device can program the threshold upon secure storage. When content is received, it can be compared against the threshold and a determination can be made on if the content is allowable to view in light of the threshold. | 10-16-2008 |
20080263672 | Protecting sensitive data intended for a remote application - A method and apparatus is provided of protecting sensitive data input via an input device of a processing platform from a data logger, the sensitive data being user account data intended for a remote application. To protect the sensitive data, the data is used as a password in a secure, password-authenticated key agreement protocol executed between a security entity and the remote application, the security entity being installed in the input device or in secure communication therewith. In one preferred embodiment the input device is a keyboard and the security entity is a unit installed in the keyboard and selectively operable in a pass-through mode and a security mode. | 10-23-2008 |
20080263673 | System and method for delivering promotional and information content during a computer-based application and collecting impression metrics - The present invention includes a system and method for displaying information content, such as advertisements, during a computer-based application, for example, an online video game or any Internet-enabled application, and for collecting user impression metrics associated with the information content, even if the application is not connected to the Internet or an associated application server. The system and method include a campaign management system for receiving information content to be displayed during a computer-based application, including a pack manager application for creating an information content pack containing the information content in content sets, a content delivery network to distribute the information content pack, and a client software development kit that downloads the information content pack to display the information content during the computer-based application, and collects and sends user impression metrics associated with the information content back to the campaign management system for reporting. | 10-23-2008 |
20080263674 | Wireless network system, information providing apparatus and wireless terminal - A wireless network system, information providing apparatus and wireless terminal that can prevent the leak of information such as an address of the wireless terminal. A wireless network system includes an information providing apparatus that provides service information over a wireless network, and multiple wireless terminals each of which receives the service information provided from the information providing apparatus. In this case, the information providing apparatus includes destination possibility data in the service information, and each of the wireless terminals determines the destination possibility that the destination of the provided service information is the wireless terminal based on the destination possibility data included in the provided service information accepts the provided service information only if it is determined that there is the destination possibility. | 10-23-2008 |
20080271152 | PROTECTED INTRA-SYSTEM INTERCONNECT FOR DIGITAL RIGHTS MANAGEMENT IN ELECTRICAL COMPUTERS AND DIGITAL DATA PROCESSING SYSTEMS - Embodiments including protected paths for digital rights management of digital objects are disclosed. Some embodiments disclosed herein may comprise processes or apparatus for transferring data from one or more peripherals to one or more computers or digital data processing systems for the latter to process, store, and/or further transfer and/or for transferring data from the computers or digital data processing systems to the peripherals. Some embodiments disclosed herein may comprise processes or apparatus for interconnecting or communicating between two or more components connected to an interconnection medium a within a single computer or digital data processing system. | 10-30-2008 |
20080271153 | Method and Apparatus for Handling of Content that includes a Mix of CCI Segments - A process is provided. The process stores, on a first device, each segment of a set of content having corresponding copy control information. Further, the process receives, from a second device, a request for a copy of the set of content. In addition, the process analyzes a list of the copy control information associated with each segment of the set of content. The process also establishes a restriction indicator, based on the request for the copy of the set of content, for one or more segments of the set of content having a corresponding copy control information value. Finally, the process provides to the second device, the content, the list of copy control information, and the restriction indicator for the one or more segments. | 10-30-2008 |
20080271154 | Apparatus, method and computer readable storage medium with recorded program for managing files with alteration preventing/detecting functions - By storing an authenticator created from a data file in a secure area usually unaccessible, the alteration of the data file can be detected. Furthermore, by designating the data file as a main-file and creating authenticators from various kinds of sub-files related to the main-file, the size of the secure area where the authenticators are stored, can be reduced. | 10-30-2008 |
20080271155 | METHOD AND APPARATUS FOR OBTAINING DRM CONTENT PACKETS - A method for obtaining DRM content packets is provided. The method enables a terminal to obtain another DCF when the terminal is unable to use a downloaded DCF. The method includes receiving the first content packet, which includes media content types and corresponding URLs, and resolving the first content packet; selecting a media content type and the corresponding URL in the first content packet; downloading the second content packet from the selected URL. | 10-30-2008 |
20080276321 | Secure Transfer Of Product-Activated Software To A New Machine Using A Genuine Server - Systems and methods for secure transfer of product-activated software are disclosed. A user may request a license transfer from an original machine to a new machine. The request cause the machine identity and proof of purchase from the original machine to be sent to an activation service. The activation service may add the proof of purchase to a transfer list and mark as invalid the existing association between the original machine identity and the proof of purchase. The activation service may push the transfer list to a genuine service, which may issue a revocation certificate to the original machine. The proof of purchase may then be applied to the new machine. The activation service may create a new association between the identity of the new machine and the proof of purchase, and deliver a perpetual license certificate to the new machine. | 11-06-2008 |
20080276322 | INFORMATION PROCESSING METHOD, INTER-TASK COMMUNICATION METHOD, AND COMPUTER-EXECUTABLE PROGRAM FOR THE SAME - An information processing method has a mechanism wherein mutual verification is performed between tasks and a computer operating system at the time of activating tasks, thereby judging the validity of tasks. The operating system evaluates a key which the task holds at the time of requesting service of the operating system, and permits execution of services only in the event that the operating system itself has the same key. | 11-06-2008 |
20080276323 | METHOD FOR MANAGING RECORDED STREAMS IN A REWRITABLE RECORDING MEDIUM - A method and apparatus for managing digital content are discussed. According to an embodiment, the method includes receiving digital content and protection information for protecting the digital content; obtaining at least one of user interface application data and marker private data; and managing the digital content according to the at least one of user interface application data and marker private data, wherein the managing step prevents a user from performing an action related with unauthorized usage of the digital content. | 11-06-2008 |
20080282353 | Securely Linked Media Carrying Different Versions of the Same Computer Code - A means of delivering software comprises at least two storage media comprising at least two different versions of a software program. A first version of the software program comprises a full version of the program and a second version comprises a limited version of the program. Due to the presence of identification means, such as a security tag, the first version of the software program can only be executed in the presence of to second storage medium, or vice versa. The security tag may be an RF-ID dongle. Also, a system and a method is provided, for executing data stored on a data carrier, and wherein related data are stored on two separate data carriers. At least one of the data carriers comprises identification means, and the presence of this identification means authorizes the use of one of the data carriers in one of the devices. | 11-13-2008 |
20080282354 | ACCESS CONTROL BASED ON PROGRAM PROPERTIES - A pattern matching access control system determines whether a principal should be granted access to use a resource based on properties of applications comprised by the principal. The principal name may be created when an application is loaded, invokes other applications (or programs) and/or assumes a new role context. Access is provided based on whether, for each application, the publisher is authorized by system policy to grant privilege as requested by the application. When a resource which requires the privilege is requested by a principal, an access control list (ACL) for the resource is expanded with a list of applications that have been authorized through their publisher to assert the privilege. The expanded ACL is compared to the principal name to determine resource access. | 11-13-2008 |
20080282355 | DOCUMENT CONTAINER DATA STRUCTURE AND METHODS THEREOF - Several embodiments of the present invention take the form of a file-container data structure encoded in a computer readable medium for storing files and associated metadata in a manner so that the integrity of such files are maintained and verifiable. Some embodiments take the form of a method for forming a file-container data structure. Several embodiments take the form of a method for viewing file-container data structures Some embodiments take the form of a method for authenticating a file-container data structure. | 11-13-2008 |
20080282356 | METHODS AND ARRANGEMENTS FOR DETECTING AND MANAGING VIEWABILITY OF SCREENS, WINDOWS AND LIKE MEDIA - In the context of screens, windows and like media, arrangements for automatically detecting when a recipient has entered or left a public setting so that privacy configuration changes can be automatically invoked. Also broadly contemplated herein is an arrangement for selectively displaying messages on the recipient's screen but deferring the messages from being visible on a remote hardware device or software display which is publicly visible. Furthermore, there is broadly contemplated herein a secure arrangement for revealing and responding to deferred messages. More generally, there is broadly contemplated herein a new approach to the provision of application notifications and to alarm control during a desktop screen sharing mode, based on the automatic detection of a screen sharing state and on notifying registered applications of the screen sharing in a unified, consistent manner. | 11-13-2008 |
20080289044 | Apparatus, system, and method for storing DRM licenses - An apparatus, system and method for storing licenses of digital rights management (DRM) contents are disclosed. The DRM license storing apparatus, system and method save DRM licenses in a separate location of a mobile terminal or an external server, and enable license restoration even in the case of loss or replacement of the mobile terminal. The apparatus includes a memory unit for storing DRM contents; a user identification module for storing licenses of DRM contents; and a control unit for verifying, in response to a play request for a DRM content, validity of a license associated with the play-requested DRM content through communication with the user identification module. | 11-20-2008 |
20080289045 | Method and device for encoding software to prevent reverse engineering, tampering or modifying software code, and masking the logical function of software execution - This invention prevents software from being reverse engineered. The random nature and multiple uses of atoms prevent the analysis of key processes within the software. If an attempt is made to try and duplicate or bypass the program and/or key processes, then this invention will cause the failure of the execution of the software code thereby preventing unauthorized release and/or execution of the code. | 11-20-2008 |
20080289046 | Method and device for the prevention of piracy, copying and unauthorized execution of computer-readable media - Piracy is a growing concern for digital content and intellectual property holders. Prior art technology and Digital Rights Management (DRM) have failed to provide content holders with an effective solution. Too often, DRM is compromised within days of release offering little or no protection to content owners. This invention offers a unique process and/or method for protecting computer-readable media that is fast, efficient, and economical to implement, and can be implemented with all types of content. This invention provides the means to prevent piracy, copying, and unauthorized use of content on all computer-readable media (physical or memory-based). | 11-20-2008 |
20080295179 | APPARATUS AND METHOD FOR SCREENING NEW DATA WITHOUT IMPACTING DOWNLOAD SPEED | 11-27-2008 |
20080301815 | Detecting Unauthorized Changes to Printed Documents - Systems and methods to detect unauthorized changes to a printed document are described. In one aspect, a digital signature of original content associated with electronic document is embedded into the original content to create a content signed document. The systems and methods use the embedded digital signature to automatically determine whether text-based content associated with a printout of the content signed document was changed from the original content associated with the electronic document. | 12-04-2008 |
20080301816 | Method and system for handling keystroke commands - Keystroke commands are safeguarded from keyboard logging malware based on a destination application's memory address. | 12-04-2008 |
20080301817 | MEMORY CARD - In order to protect the user security data, provided is a memory card capable of preventing the data leakage to a third party not having the access authority by imposing the limitation on the number of password authentications and automatically erasing the data. In a system comprised of a multimedia card and a host machine electrically connected to the multimedia card and controlling the operations of the multimedia card, a retry counter for storing the number of password authentication failures is provided and the upper limit of the number of failures is registered in a register. When passwords are repeatedly entered once, twice, . . . and n times and the retry counter which counts the entries reaches the upper limit of the number of failures, the data is automatically erased so as not to leave the data in the flash memory. | 12-04-2008 |
20080307528 | Protection of Data Delivered Out-of-Order - A basic idea of the invention is to separate ordered delivery data and unordered delivery data in a security protocol running on top of a reliable transport protocol, and perform a first type of security processing for ordered delivery data and a second different type of security processing for unordered delivery data in the security protocol. Preferably, data messages using ordered delivery and data messages using unordered delivery within a secure data stream are separated into two message sequence spaces on the security protocol layer, and data security processing is then performed differently in these two spaces. The invention is particularly suitable for a reliable transport protocol such as SCTP (Stream Control Transmission Protocol). The security protocol running on top of the transport protocol is preferably based on the TLS (Transport Layer Security) or a TLS-like protocol with a security processing extension for unordered delivery. | 12-11-2008 |
20080307529 | Method and Apparatus for Protecting Internet Privacy - A method of protecting personal information on the Internet, and an apparatus thereof are provided. The method includes: sensing transmission through the Internet of personal information of a user; detecting information on a website that is the destination of the sensed transmission of the personal information; comparing information on the detected website with a personal information protection policy; and permitting or blocking the transmission of the personal information according to the comparison result. According to the method, in order to minimize leakage of personal information from a website, when user information is input to the website, providing of the personal information is controlled based on information on whether or not the website is reliable in terms of personal information protection such that providing of the personal information to a dangerous website can be prevented, and possible damage by leakage of personal information can be prevented in advance. Also, in order to prevent phishing, that is, obtaining user's personal information through a fake website having an appearance similar to a famous website, the method helps the user identify a fake website such that possibility of phishing can be minimized. | 12-11-2008 |
20080307530 | Right object acquisition method and system - A batch rights objects (ROs) acquisition method and system is provided to enable a mobile terminal to acquire multiple rights objects in a batch processing manner. A rights object acquisition method according to an embodiment of the present invention includes transmitting a rights object request message requesting one or more rights objects of content objects from a mobile terminal to a rights issuer; creating, at the rights issuer, a rights object response message containing at least one of rights objects indicated by the rights object request message and at least one signature in response to the rights object request message; and transmitting the rights object response message from the rights issuer to the mobile terminal. | 12-11-2008 |
20080313740 | DOCUMENT VERIFICATION METHOD, DOCUMENT VERIFICATION APPARATUS AND STORAGE MEDIUM - If the signatures of all documents in a binder document are verified when the binder document is verified, some types of documents stored in the binder document may affect the result of the verification of the binder document. When verification of a binder is performed, it is determined, for each document in the binder document, whether the document is a verification target document or not. On the basis of the result of verification of a document determined as a verification target, the result of verification of the binder document is outputted. | 12-18-2008 |
20080313741 | SYSTEM AND METHOD FOR CONTROLLED COPYING AND MOVING OF CONTENT BETWEEN DEVICES AND DOMAINS BASED ON CONDITIONAL ENCRYPTION OF CONTENT KEY DEPENDING ON USAGE STATE - A system and method is disclosed for allowing content providers to protect against widespread copying of their content, while enabling them to give their customers more freedom in the way they use the content. In accordance with one embodiment, content providers identify their content as protected by watermarking the content. Consumers use compliant devices to access protected content. All of a user's compliant devices, or all of a family's devices, can be organized into an authorized domain. This authorized domain is used by content providers to create a logical boundary in which they can allow users increased freedom to use their content. | 12-18-2008 |
20080320596 | Distributed digital rights management system and methods for use therewith - A digital rights management (DRM) node module for use in a node of a public data includes a node data module that stores DRM data associated with a plurality of digital files, the DRM data including a plurality of DRM identifiers. A packet monitoring module receives the plurality of DRM identifiers from the node data module, that receives packets containing incoming content and compares the incoming content to the DRM identifier, and generates event data when the incoming content matches at least one of the DRM identifiers. A node reporting module receives the event data, and generates node report data based on the event data. | 12-25-2008 |
20080320597 | Smartcard System - A programmable smartcard device ( | 12-25-2008 |
20080320598 | METHOD AND SYSTEM FOR TRACKING AND MANAGING RIGHTS FOR DIGITAL MUSIC - A method for digital rights management for a copyright work that is copied from device to device from among a plurality of devices, some of which are parent devices and some of which are child devices, and wherein a child device may be registered with a parent device, including copying a digital work from a parent device, P | 12-25-2008 |
20080320599 | RIGHTS EXPRESSION PROFILE SYSTEM AND METHOD USING TEMPLATES - A system and method for creating a rights expression for association with an item for use in a system for controlling use of the item in accordance with the rights expression, including specifying rights expression information indicating a manner of use of an item, the rights expression information including at least one element, the element having a variable and corresponding value for the variable; and performing an encoding process, including determining an identifier associated with a template corresponding to the rights expression information, extracting from the rights expression information the value for the variable corresponding to the element, and encoding a license adapted to be enforced on a device based on the variable and the identifier, the license including an identification of the template and the value for the variable. | 12-25-2008 |
20090007271 | Identifying attributes of aggregated data - A method for identifying a portion of aggregated software security data is described. The method includes accessing aggregated data associated with software vulnerabilities retrieved from a plurality of on-line sources. The method further includes searching a portion of the aggregated data for an exact match to a particular attribute of the data and searching the portion of the aggregated data for one or more partial matches associated with the particular attribute. The method also includes associating the portion of the data with the particular attribute based on the exact match of one or more of the partial matches. | 01-01-2009 |
20090007272 | Identifying data associated with security issue attributes - A method for identifying data related to a software security issue is provided. The method includes accessing a software security issue and determining one or more attributes associated with the software security issue. The method also includes accessing aggregated software security data retrieved from a plurality of on-line sources and searching the aggregated software security data for the attributes associated with the security issue. The method further includes associating a portion of the aggregated data with the security issue based on matching the attributes associated with the security issue with contents of the portion of the aggregated data. | 01-01-2009 |
20090007273 | METHOD AND SYSTEM FOR PREVENTING COPYING OF INFORMATION FROM PREVIEWS OF WEBPAGES - A copy prohibition method and system is disclosed, which can provide a preview page with copy prohibition means inserted thereinto, so as to prohibit a copy of information displayed on the preview page, the method comprising receiving a selection request for a preview page of a predetermined webpage from a user; inserting copy prohibition means into the preview page; and providing the preview page with the copy prohibition means inserted thereinto to the user. When providing the preview page to the user, the user is notified that the corresponding preview page has the copy prohibition function. Thus, the user becomes easily aware of that the copy is prohibited in the corresponding preview page. | 01-01-2009 |
20090013411 | Contents Rights Protecting Method - A method for protecting a rights object for a content, wherein when a discard of a rights object with respect to a certain content is requested due to a missing of a terminal which stores the rights object with respect to the content, a rights issuer (RI) receives a confirmation request for whether a certificate has been discarded from the terminal, confirms the certificate discard through an Online Certificate Status Protocol (OCSP) responder, and then notifies the terminal of the certificate discard, and accordingly the terminal confirms the discard of the certificate of the terminal and removes the rights object with respect thereto. In addition, a user who has removed the rights object with respect to the content can continuously use the corresponding content by entirely or partially re-obtaining the rights object with respect to the content from which the rights object has been discarded. | 01-08-2009 |
20090025085 | METHOD AND SYSTEM FOR DOWNLOADING DRM CONTENT - A method and system for downloading DRM contnt are provided. The method includes a first device supporting DRM technology and acquiring content information from a download descriptor downloaded from a content provider system, the first device transmitting the acquired content information to a second device not supporting DRM technology, and the second device downloading the DRM content from the content provider system using the downloaded content information. | 01-22-2009 |
20090031424 | Incomplete data in a distributed environment - Techniques for seeding data among client machines, also referred to as boxes herein, are disclosed. To prevent the data distributed among the boxes from being illegitimately accessed or possessed, according to one aspect of the present invention, at least one of the data segments for a title cached locally in the boxes is made to miss some data portions that are stored separately. Essentially, the data segments are unusable without these data portions. When the title is ordered and an ordering box is authenticated, these data portions are then provided to complement the data segments so that a playback of the title becomes possible. | 01-29-2009 |
20090031425 | METHODS, SYSTEMS, AND COMPUTER PROGRAM PRODUCTS FOR DETECTING ALTERATION OF AUDIO OR IMAGE DATA - Using metadata to detect alteration of data. A first set of metadata characteristics including at least one respective semantic description are recorded for a first set of data representing original data. A second set of metadata characteristics including at least one corresponding semantic description are recorded for a second set of data representing data under test. The first and second sets of metadata characteristics are compared. If the first and second sets of metadata characteristics are not identical, these sets are processed to identify locations in the first set of data that have been altered. Using the at least one semantic description for the first set of data and the at least one corresponding semantic description for the second set of data, one or more metadata characteristics that have changed from the first set of data to the second set of data are identified. | 01-29-2009 |
20090031426 | Method and System for Protected Distribution of Digitalized Sensitive Information - A method of protecting sensitive information in an information exchange between a first data processing system suitable to supply sensitive information and a second data processing system suitable to use sensitive information includes: selecting in the first data processing system a sub-set of sensitive information elements from a collection of digital sensitive information elements; storing the selected sub-set of sensitive information elements in a responsive software agent suitable to automatically react to information queries; submitting the responsive software agent to an information query generated by the second data processing system; and reacting or responding to the information query by the software agent based on the sub-set of sensitive information. The responsive software agent is advantageously generated in the first data processing system and transferred to the second data processing system to locally respond to the queries. | 01-29-2009 |
20090031427 | DEVICE, SYSTEM, AND METHOD OF DIGITAL RIGHTS MANAGEMENT UTILIZING SUPPLEMENTAL CONTENT - Device, system, and method of digital-rights-management (DRM). In some embodiments, a device may include a DRM agent to manage the utilizing of a content object including secured digital content based on a rights object related to the content object, wherein based on at least one restriction defined in the rights object, the agent is to cause the device to present supplemental content of at least one supplemental content object when the content object is utilized. Other embodiments are described and claimed. | 01-29-2009 |
20090044278 | METHOD OF TRANSMITTING DRM CONTENT - Disclosed herein is a method of transmitting DRM content, stored in a device, to another external device. A rights object is embedded in a mutable information box of a Digital rights management Content Format (DCF), thus integrating the rights object and the DCF into a single object. The DCF, in which the rights object is embedded, is transmitted with a message authentication code. The message authentication code is embedded in the mutable information box of the DCF so as to enable integrity validation for the DCF, in which the rights object is embedded. The rights object is a domain rights object capable of being shared by one or more devices. The DCF, in which the rights object is embedded, is transmitted to the external device via mobile storage in which no security function exists or no security function is set. | 02-12-2009 |
20090044279 | Systems and methods for fraud detection via interactive link analysis - Fraud detection is facilitated by developing account cluster membership rules and converting them to database queries via an examination of clusters of linked accounts abstracted from the customer database. The cluster membership rules are based upon certain observed data patterns associated with potentially fraudulent activity. In one embodiment, account clusters are grouped around behavior patterns exhibited by imposters. The system then identifies those clusters exhibiting a high probability of fraud and builds cluster membership rules for identifying subsequent accounts that match those rules. The rules are designed to define the parameters of the identified clusters. When the rules are deployed in a transaction blocking system, when a rule pertaining to an identified fraudulent cluster is triggered, the transaction blocking system blocks the transaction with respect to new users who enter the website. | 02-12-2009 |
20090044280 | PROXY SERVER, METHOD FOR REALIZING PROXY, AND SECURE COMMUNICATION SYSTEM AND METHOD THEREOF - A proxy server having proxy server address information is provided to serve as an agent for at least one base station to perform secure communication. A method for realizing proxy and secure communication system are also provided to prevent the change of network address allocation from interfering main services of a base station. In addition, a secure communication method between license-exempt devices is provided to ensure the license-exempt devices not to be attacked and to remain at normal work. In the present invention, the network address of a base station is only restricted in a trusted range instead of being broadcasted in a public network, thus reducing the probability of attack to the base station in a wired network. | 02-12-2009 |
20090049554 | SYSTEM AND METHOD FOR MANAGING DOCKING APPLICATIONS FOR A PORTABLE ELECTRONIC DEVICE - A system and method is provided for managing one or more docking applications running on a wireless device. The method displays to a user at least one docking application while the wireless device is coupled to another device. The method comprising the steps of: executing a docking application control module when the wireless device is first coupled with the other device; retrieving user preferences associated with the docking application control module; executing, based on the retrieved user preferences, at least one docking application for use on the wireless device while the wireless device remains coupled to the other device; and terminating the docking application when the wireless device ceases to be coupled to the other device. | 02-19-2009 |
20090049555 | METHOD AND SYSTEM OF DETECTING ACCOUNT SHARING BASED ON BEHAVIOR PATTERNS - A system of detecting account sharing, based on analysis of users' behavior patterns is provided. In the present invention, the system comprises: a user authentication information database storing keystroke dynamics patterns related to a particular account in association with the account; and a sharing detection analyzer to analyze a cluster distribution of the keystroke dynamics patterns stored in the user authentication information database to determine whether the account is shared. | 02-19-2009 |
20090049556 | METHOD FOR REDISTRIBUTING DRM PROTECTED CONTENT - The present invention relates to a method and a device ( | 02-19-2009 |
20090055932 | INFORMATION DISTRIBUTING APPARATUS AND METHOD, RECEIVING APPARATUS AND METHOD, DISTRIBUTION SYSTEM, AND COMPUTER PROGRAM - A distribution system is provided with: a distributing apparatus being provided with: a first compressing device ( | 02-26-2009 |
20090055933 | System, Method and Machine-Readable Medium for Periodic Software Licensing - A system and method for periodically licensing a software having a server configured to receive a first request code for a term extension of a software license, the request code being initiated by a user of an application unit, the term extension allows the software to operate within a predetermined period of time, provide advertising information to the application unit, and provide the term extension for the software license. | 02-26-2009 |
20090055934 | METHOD AND APPARATUS FOR SIMULTANEOUS VIEWING OF TWO ISOLATED DATA SOURCES - A method and apparatus for simultaneously displaying data from different sources. A data processing system includes a display unit, data processing units, and data diodes. The display unit has controls that are capable of generating control signals and the display unit is capable of simultaneously displaying the data from the different sources. The data processing units are arranged in a hierarchy of rankings. Each data processing unit is capable of accessing one of the sources. The data diodes are in the connections carrying control signals from the controls to data processing units and are in connections from one data processing unit to another data processing unit. Data is capable of moving only from a lower ranked data processing unit to a higher ranked data processing unit. Data is prevented from moving from a higher ranked data processing unit from a lower ranked data processing unit. | 02-26-2009 |
20090055935 | Data delivery system, issuance apparatus, terminal apparatus, and intermediate node - A license delivery system | 02-26-2009 |
20090064338 | PROXIMITY SENSITIVE BLADE SERVER SECURITY - Embodiments of the present invention address deficiencies of the art in respect to blade server security and provide a method, system and computer program product for proximity sensitive blade server security. In one embodiment of the invention, a method for proximity sensitive blade server security can be provided. The method can include sensing proximity of a systems administrator relative to a blade center, detecting a loss of proximity of the systems administrator, and triggering automated securing of at least one blade server in the blade server in response to detecting the loss of proximity. For example, sensing proximity of a systems administrator relative to a blade center can include establishing a wireless radio connection with a personal article associated with the systems administrator, and determining a loss of proximity when the connection is lost. | 03-05-2009 |
20090064339 | SYSTEM AND METHOD FOR AUDIT GOVERNANCE IN EMAIL - A system and method, where messages which are exchanged in email, provide recipients (and originators) with the capability to confirm authenticity. A substring of a message is examined, is validated and, if any modifications have been made, the modifications are highlighted to the originator and the receivers so that the originator and the receivers know that the original message has been modified. Also, the system and method of the present invention preserve the time, date and identity of the maker of the modifications. | 03-05-2009 |
20090064340 | Apparatus and Method to Prevent the Illegal Reading of Smart Cards - An apparatus to prevent smart cards from being read illegally is provided, wherein the apparatus is installed in a smart card reader comprises a CPU and a socket with a plurality of fingers, and the apparatus comprises: an electric circuits board (ECB), an inner circuit and a supplementary circuit. The ECB is disposed to cover the fingers and wired with an inner circuit electrically connected to a power supply. The supplementary circuit has an input terminal and an output terminal, wherein the input terminal is electrically connected to the power supply through the inner circuit of the ECB, and the output terminal is electrically connected to the CPU of the smart card reader; when the inner circuit is interrupted, an alarm signal is outputted by the supplementary circuit to the CPU to terminate the reading of the smart card by the smart card reader. | 03-05-2009 |
20090070881 | METHOD AND APPARATUS FOR CONTROLLING THE PRESENTATION OF CONFIDENTIAL CONTENT - A computer implemented method and apparatus for controlling the presentation of information. In response to receiving a request to present the information, a process confirms that conditions for presentation of the information are satisfied using a set of presentation policies, wherein the conditions are specified in the set of presentation policies, and wherein the conditions comprise a status of a user and a setting of the user. The process then determines whether confidential content is present in the information. Responsive to the confidential content being present, the process redacts the confidential content before presenting the information to a user, and then updates a presentation history with metadata describing the presentation of the information comprising the confidential content. | 03-12-2009 |
20090070882 | METHOD FOR TRANSMITTING USER DATA BETWEEN SUBSCRIBERS AND SUBSCRIBER DEVICES THEREFOR - A method for transmitting user data (D) between subscribers in a network (N) by means of data messages ( | 03-12-2009 |
20090070883 | SYSTEM RENEWABILITY MESSAGE TRANSPORT - System renewability message data is transmitted to set top boxes, or other devices, using a transport protocol such as, for example, an Internet protocol-type data stream. In accordance with one embodiment, an Extensible Markup Language-type file is received via an Internet protocol-type transport stream. Data, which corresponds to the identities of devices that are unauthorized for the use of certain content, is selected from the Extensible Markup Language-type file. This data from the file is processed whereupon use of the content is prevented in accordance with the data. | 03-12-2009 |
20090077667 | METHOD AND DEVICE FOR HANDLING DIGITAL LICENSES - A device and a corresponding method for handling digital licenses, each digital license being associated with one or more content items, said device comprising a processing unit adapted to: check whether a number of licenses, being associated with a single content item or copies thereof, are designated as a stray license, where the number of licenses are present on at least one device of a group of devices, and merge the license(s) designated as stray licenses into a merged single license if the number of stray licenses is larger than 1. | 03-19-2009 |
20090077668 | NETWORK SECURITY DEVICES AND METHODS - An OSI layer 2 network device on the edge of a network such as a SAN is configured to replace the original source address of traffic entering the network with a known identifier or address, which is used to signify that entry point as the traffic source to the other nodes of the network. Nodes of the network recognize the new source address as a valid source address. The network device also maintains state (e.g., association of original source address with new source address/identifier) so as to translate addresses to enable reply traffic to be sent back to the original sender. | 03-19-2009 |
20090077669 | Mesh Grid Protection - A mesh grid protection system is provided. The protection system includes a plurality of grid lines forming a mesh grid proximate to operational logic. The protection system also includes tamper-detection logic coupled to the plurality of grid lines and configured to toggle a polarity of a signal on at least one grid line at each clock cycle and to detect attempts to access the operational logic by comparing a reference signal driving a first end of a grid line to a signal at the opposite end of the grid line. | 03-19-2009 |
20090083856 | APPARATUS AND METHOD FOR PLAYBACK OF DIGITAL CONTENT - There is provided with a digital content playback apparatus which generates new digital content by replacing a content part in digital content by an other content parts, including: a storage to store license conditions defined for the content parts in the digital content, each of which includes at least a replacement permission condition and a replacement target specification condition, a specifying unit configured to allow a user to specify a replacement source content part as a content part to be replaced, and a replacement target content part as a content part for adding to the digital content for replacing the replacement source content part, and a verifying unit to verify whether license conditions of content parts in the digital content and the replacement target content part would be satisfied when replacing the replacement source content part in the digital content by the replacement target content part. | 03-26-2009 |
20090083857 | DIGITAL RIGHT MANAGEMENT SYSTEM, CONTENT SERVER, AND MOBILE TERMINAL - A digital rights management system ( | 03-26-2009 |
20090089881 | METHODS OF LICENSING SOFTWARE PROGRAMS AND PROTECTING THEM FROM UNAUTHORIZED USE - In one embodiment, a method for controlling use of a software licensed product is provided. The method comprises tracking a usage of the software licensed product by a plurality of user computers within an intranet; and for all but one instance of the usage of the software licensed product, terminating the usage of the software license product. | 04-02-2009 |
20090094700 | INFORMATION PROCESSING APPARATUS - An information processing apparatus includes a housing that accommodates electronic components for processing security information, a power source that supplies power to the electronic components, a detection circuit that is connected in parallel to the power source with respect to the electronic components and detects an abnormality when a physical opening action affects the housing, a memory processing section that deletes the security information or makes it impossible to read out the security information from a memory in the electronic components when the abnormality is detected, and a notifying section that notifies the abnormality when the abnormality is detected. When the abnormality is detected, power is supplied from the power source to the memory. | 04-09-2009 |
20090100523 | SPAM DETECTION WITHIN IMAGES OF A COMMUNICATION - Determining undesirable, or “spam” communication, by reviewing and recognizing portions within the communications that are things other than ASCII or text. Images are analyzed to determine whether the content of the images is likely to represent undesired content. The images can be classified as to type, can be OCRed, and the contents of the recognition used for analysis, and can be compared against similar images in a database. | 04-16-2009 |
20090100524 | COMMUNICATION TERMINAL APPARATUS, SERVER TERMINAL APPARATUS, AND COMMUNICATION SYSTEM USING THE SAME - A communication terminal apparatus includes a storage section configured to store a library function in which a first specific instruction is executed a process to be executed prior to a communication with a communication target and a second specific instruction is executed before returning to a call source, a client application, an attribute value group of the client application, and an permissible address range of the first specific instruction. A communication instruction execution control section controls execution of a communication instruction based on the attribute value group of the client application, when the client application executes the communication instruction to generate an internal interruption. A security gate entering section checks whether or not an address of the first specific instruction is within a permissible address range when the client application executes the first specific instruction to generate the internal interrupt, and changes the attribute value group of the client application when the address of the first specific instruction is within the permissible address range. A security gate exiting section returns the attribute value group of the client application to an original state when the client application executes the second specific instruction to generate the internal interrupt. | 04-16-2009 |
20090100525 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND INFORMATION PROCESSING PROGRAM - An information processing apparatus capable of permitting electronic data with an access authority to be available at a transfer destination, without the access authority being lost. In a case where a received electronic document is set with access authority management information, it is determined, referring to transfer means ( | 04-16-2009 |
20090100526 | PORTABLE COMPUTER AND SECURITY OPERATING METHOD THEREOF - A portable computer and security operating method thereof are provided to secure the portable computer in a power-off mode. The portable mainly includes a computer host, a system BIOS (Basic Input/Output System), an EC (Embedded Controller), an EC BIOS, one or more input device and a power device, all of which are in bus connection or circuit connection with each other. The EC includes a KBC (Keyboard Controller) and remains activated when the portable computer is in the power-off mode. Meanwhile, the EC is adapted so that in the power-off mode of the portable computer and upon receipt of a security signal, the EC executes a power-off-mode security routine of the EC BIOS to lock the portable computer in the power-off mode. | 04-16-2009 |
20090106845 | SYSTEMS AND METHODS FOR SECURING DATA IN AN ELECTRONIC APPARATUS - A method for securing data for an electronic apparatus includes flagging data stored in the electronic apparatus, setting a plurality of security functions corresponding to the flagged data, defining a plurality of hotkeys corresponding to the security functions, and defining a hold-down time for each of the hotkeys. In operation, a user may have to input one or more hotkeys in order to access various functions of the electronic apparatus. | 04-23-2009 |
20090106846 | SYSTEM AND METHOD FOR DETECTION AND MITIGATION OF IDENTITY THEFT - An identity theft and identity repair system and method is disclosed that uses public access databases to identify changes in the records of a person to detect and mitigate attempts of identity theft against the person. Unidentified data or changes in the person's name, address, social security number or phone number are used to determine possible attempts of identity theft against the person. Once a correct baseline of a person's publicly available personal information has been established, this information baseline is used to automatically monitor the person's public records on a periodic basis, notify the person of any detected changes which may be caused by the person or an imposter in an attempted identity theft. If identity theft is suspected, the system and method initiates a detailed analysis of the person's publicly available personal information to determine the extent of the (any) identity theft. A further option of the present system and method is to initiate needed corrective repairs. | 04-23-2009 |
20090106847 | System and Method for Media Rights Transfer - Systems and methods for facilitating the playback, viewing, exchange and transfer of media are disclosed. Media, either hard physical media or soft media, are provided to a depository/rights manager that associates the rights to the content of the media with the entity that provided it. Media provided to the depository/rights manager may be digitized, and the rights of the entity to that content may be verified. Once the media is stored by the depository/rights manager, entities, such as individual users, may use it, exchange it, or transfer it using, for example, computers connected to a communication network. In some embodiments, the depository/rights manager may provide an interface, such as an application programming interface (API) that allows the depository/rights manager to handle back-end legal compliance and rights tracking for third-party services and systems. | 04-23-2009 |
20090106848 | System and method for Time Sensitive Scheduling Data privacy protection - Providing privacy protection to an entity related to the passive delivery of time sensitive scheduling data via a Time Sensitive Scheduling Data Delivery Network is described. A communications network based passive delivery of privacy protected time sensitive scheduling data is accommodated to an entity. Specific privacy protected time sensitive scheduling data from sources including originating organizations, affiliated groups of individuals, and individuals are aggregated into time sensitive scheduling data streams. Then the specific privacy protected time sensitive scheduling data streams aggregated from sources including multiple originating organizations, affiliated groups of individuals, and individuals are transmitted via the communications network to the entity. Finally the time sensitive scheduling data is presented in a manner affording privacy based on content privacy states which determine the representation of a time sensitive scheduling data item being presented. | 04-23-2009 |
20090113553 | METHOD AND SYSTEM FOR HIDING INFORMATION IN THE INSTRUCTION PROCESSING PIPELINE - A system, article of manufacture and method is provided for transferring secret information from a first location to a second location. The secret information is encoded and stalls in executable code are located. The executable code is configured to perform a predetermined function when executed on a pipeline processor. The encoded information is inserted into a plurality of instructions and the instructions are inserted into the executable code at the stalls. There is no net effect of all of the inserted instructions on the predetermined function of the executable code. The executable code is transferred to the second location. The location of the stalls in the transferred code is identified. The encoded information is extracted from the instructions located at the stalls. The encoded information may then be decoding information to generate the information at the second location. | 04-30-2009 |
20090113554 | MODERATION OF CHEATING IN ON-LINE GAMING SESSIONS - Methods, apparatuses, and techniques for detecting and discouraging cheating in an online game session are described. Aspects include playing an online game. During play of the game one of the players detects suspected cheating behavior by another online game player. Game information is collected about the activity of all players in the online game, the game information includes a period of the game during which the suspected cheating behavior occurred. The game information is communicated to a game cheat monitoring entity that evaluates the game information to determine if there was cheating activity, and if there was cheating activity appropriate action is taken. | 04-30-2009 |
20090113555 | DVD Replications System and Method - A system and method for replicating protected content on media includes a controller for enabling replicating of media content from partial encoded content received at a location of the controller. A media recorder is coupled to the controller and including a modulation process ( | 04-30-2009 |
20090113556 | Disk Protection System - A method for protecting content on a medium ( | 04-30-2009 |
20090119779 | LICENSE ACTIVATION AND MANAGEMENT - A software license management system may include an activation server that provides permission to activate a software product. The activation server may receive receiving a request to validate activation of the software and refreshing license information for the software in response to the request to validate. The server may additionally receive a request to re-designate the license information for the software product and may update license information for the software in response to the request to re-designate the software product. | 05-07-2009 |
20090119780 | RIGHTS SHARING SYSTEM AND METHOD FOR DIGITAL RIGHTS MANAGEMENT - A rights sharing system and method for digital rights management (DRM) is provided. The system and method allow an inaccessible terminal, which cannot directly access a content providing server that provides a license, to receive only a key value for playing back DRM content from a terminal having a license and to play back the DRM content. Therefore, the system and method enable the inaccessible terminal to play back a DRM content, without mounting a DRM agent to acquire a license thereto. | 05-07-2009 |
20090119781 | DIGITAL DATA REPRODUCING DEVICE - The present invention provides a digital data reproducing device having a simple configuration and being capable of protecting copyright of digital data such as video or audio. Content provider side embeds copyright management information (cumulative number of reproduction times, permissible number of reproduction times, etc.) into digital data that has been degraded by scrambling, and provides it to a content user. A reproducing device of the content user side causes copyright management information detection unit to detect the copyright management information, decreases the data degradation depending on result of the detection, and reproduces by data reproducing unit. | 05-07-2009 |
20090126024 | METHOD AND SYSTEM FOR MANAGING SOFTWARE LICENSES AND STORAGE APPARATUS - The management of software licenses becomes easy without incurring an increase in costs to effectively prevent software applications from unauthorized use. The software license managing method including: judging, when a software program installed in a computer is executed, whether or not a memory card having a predetermined ID is connected to said computer by an ID extracting and verifying program; permitting execution of said software program if the ID extracting and verifying program judges that said memory card is connected to said computer; inhibiting execution of said software program if the ID extracting and verifying program judges that said memory card is not connected to said computer. | 05-14-2009 |
20090138973 | Method for transferring digital content licenses and device for receiving such licenses - A method of transferring a content license to a first device from a second device. The second device renders the license unusable to itself and sends this license to the first device that verifies that it may import the license which is the case if it has rendered one of its own licenses unusable to it, but has not exported this license. If so, it updates its license information so that it may import one license less and makes the received license usable. The first device also receives a content file that corresponds to the received license. The invention enables flexible transfer of licenses, as e.g. the second device may export the license to the first device without receiving anything in return, but the exportation does provide it with the right to import a further license. Also provided is a device. | 05-28-2009 |
20090144829 | METHOD AND APPARATUS TO PROTECT SENSITIVE CONTENT FOR HUMAN-ONLY CONSUMPTION - A computer implemented method, apparatus, and computer usable program product for protecting sensitive content. In response to receiving a selection of content, the process determines whether the content is of a sensitive content type based on a policy. The process then designates the content as the sensitive content in response to the content being of a sensitive content type. Thereafter, the process generates a sensitive content reference for publication and stores the sensitive content in a data structure, wherein the data structure associates the sensitive content with the sensitive content reference. Subsequently, in response to receiving a request from a requester for the sensitive content reference, the process obfuscates the sensitive content using a selected obfuscation algorithm to form obfuscated content, and returns the obfuscated content to the requester. | 06-04-2009 |
20090144830 | SECURE DIGITAL CONTENT DELIVERY SYSTEM AND METHOD - A secure digital content delivery system comprising a storage medium | 06-04-2009 |
20090144831 | FORGERY-PROOF DIGITAL SOUND RECORDING DEVICE - The present invention provides a digital sound recording device that prevents data stored as digital sound data from being forged. A digital sound recording device according to the present invention includes an input unit, a storage unit, a data communication unit, a processor, and a write protection unit that is provided between the storage unit and the data communication unit, thereby preventing the write control from being performed on the storage unit by the external unit. | 06-04-2009 |
20090144832 | METHOD FOR PROTECTING CONTENT AND METHOD FOR PROCESSING INFORMATION - Disclosed are a method of protecting content and a method of processing information. The method of protecting content can include service related information including revocation application information of content from the outside by employing a content management and protection system, and apply or not apply a content revocation process on the content according to the revocation application information. Accordingly, whether to apply a content revocation process can be controlled according to revocation application information. | 06-04-2009 |
20090151000 | LICENSE MANAGEMENT DEVICE AND METHOD - Security is secured according to the type of a license so that unnecessary processing load is reduced. A license accumulation control unit ( | 06-11-2009 |
20090151001 | METHOD AND APPARATUS FOR OPERATING RIGHTS - A method for operating a Right For Contents (R4C) includes: obtaining, by a terminal, a hybrid RO generated by the RI server, with the R4C items and the operation Rights For Rights (R4Rs) carried in the hybrid RO; operating the R4C items in the hybrid RO according to the R4R. A method for adding an R4R includes: a terminal receives a hybrid RO that includes the existing rights of the terminal and the newly added R4R; the terminal operates the R4C in the hybrid RO according to the new R4R. The present invention also discloses a terminal and a server. The present invention enables the RI to control the rights at a finer granularity, intensifies the RI's control on the rights, and provides a mechanism of purchasing an R4R after an RO is purchased. | 06-11-2009 |
20090158436 | Method for Exporting Use Rights for Electronic Data Objects - There currently exists a plurality of digital rights management (DRM) systems on the market, each with its own rights expression language. As a result, when an electronic data object is exported from one DRM system to another DRM system, translation errors are generated, which can cause the irretrievable loss of individual rights granted by the copyright holder. To export rights to use electronic data objects and ensure interoperability between different DRM systems, the original rights to use that can be associated with the electronic data object are exported from data source to the data sink. In this way, the original license is advantageously kept when the rights to use are exported from one DRM system to another DRM system. | 06-18-2009 |
20090158437 | METHOD AND SYSTEM FOR DIGITAL RIGHTS MANAGEMENT AMONG APPARATUSES - A digital rights management (DRM) method and system between devices are disclosed. In order to allow a first device connected with a second device to use a rights object (RO) bound to the second device, the second device decodes the particular content or the RO and transmits the decoded particular content or the decoded RO to the first device. State information of the RO according to a usage amount of the particular content used by the first device is managed by the second device. | 06-18-2009 |
20090158438 | SOFTWARE LICENSE RECONCILIATION FACILITY - A method is presented for monitoring software product usage in a data processing system. The method may include installing an instance of a software product on a target entity of a data processing system. A usage condition applicable to the instance may be identified. Reconciliation information may be generated upon installation of the instance. This reconciliation information may correlate the usage condition with the instance to facilitate later determining compliance of the software product with applicable usage conditions. | 06-18-2009 |
20090158439 | METHOD FOR PROTECTING UNPROTECTED CONTENT IN DRM AND DEVICE THEREOF - A method for protecting unprotected content in digital rights management (DRM) and a device thereof. When non-protected content stored in a non-DRM device is to be transferred to a DRM device, the non-protected content are converted into protected content and then are transferred to other user's device. | 06-18-2009 |
20090158440 | SYSTEM AND METHOD FOR EXPORTING LICENSE - A method for exporting permission is provided to solves the problem that the permission can not be exported multiple times among several DRM systems in the prior art; the method includes that: determining that a license is permitted to be exported to a system that a target device belongs to; determining whether an export permission in the license is permitted to be exported; and exporting the export permission in the license to the target device if the export permission in the license is permitted to be exported, which enables the target device to export the license to another device. A terminal apparatus, a server and a communication network are also disclosed. | 06-18-2009 |
20090165139 | Secure Computer System and Method - An apparatus is configured to perform secure processing of confidential information. The apparatus comprises a secure disk configured to store confidential information arranged inside a lockable container; a processor configured to process the confidential information arranged inside the lockable container; an insecure network arranged outside the lockable container; and means for connecting the processor only to the secure disk or alternatively to the insecure network at any one time, but not to both the secure disk and the insecure network at the same time. | 06-25-2009 |
20090165140 | System for inserting/overlaying markers, data packets and objects relative to viewable content and enabling live social networking, n-dimensional virtual environments and/or other value derivable from the content - A system by which a User can associate selectable Markers, Data Packets and/or Objects with Content. The Content may generally be distributed electronically, and the Markers allow for insertion and/or overlay of Objects when the Content is selected for viewing by a Viewer. Objects and Data Packets are generally provided by a User, Promoter, Host, Service, or other entity to convey information to a Viewer. A Service provides tools and capabilities to both the User and the Promoter to facilitate their respective actions according to embodiments of the invention, including enabling the creation of live social networks (such as those linked to a specific Service provider, a specific User group, activities by a specific Promoter, and/or to specific Data Packets) and the creation of n-dimensional Virtual Environments. | 06-25-2009 |
20090165141 | INFORMATION USAGE CONTROL SYSTEM AND INFORMATION USAGE CONTROL DEVICE - A system includes: first and second devices that each register, in response to a request from a user, control information for target information in a memory, and provide, upon receipt of a request for usage information concerning the target information from the user, the user with the usage information, based on the control information in the memory, wherein the first device includes a first unit that provides, in response to the request from the user, the user with a list of the control information for the second device, and upon receipt of selection of the information from the list, sends the selected information to the second device so as to be associated with target information, and the second device includes a second unit that receives the control information associated with the target information and registers the control information in the memory so as to be associated with the target information. | 06-25-2009 |
20090165142 | EXTENSIBLE SOFTWARE TOOL FOR INVESTIGATING PEER-TO-PEER USAGE ON A TARGET DEVICE - In general, the invention provides for analyzing a target computer for computer crimes such as illegal sharing of files or sharing of illegal files on peer-to-peer clients. The target computer may have software for a plurality of peer-to-peer clients. Only one extensible forensic device may be necessary to analyze the plurality of peer-to-peer clients for downloaded or shared files. For example, the invention may provide for a method comprising determining whether one or more peer-to-peer clients are or have been installed on a target device by identifying information associated with one or more peer-to-peer modules, wherein each module is associated with a different one of the one or more peer-to-peer clients. The method further includes, gathering usage information for the one or more peer-to-peer clients that had been determined to be installed on the target computer, analyzing the usage information, and automatically generating a report of the analyzed usage information. | 06-25-2009 |
20090165143 | METHOD FOR MOVING RIGHTS OBJECT AND METHOD FOR MANAGING RIGHTS OF ISSUING RIGHTS OBJECT AND SYSTEM THEREOF - Disclosed is a method for managing rights of issuing a Rights Object (RO), and a method for moving an RO created by a Local Rights Manager (LRM) between Digital Rights Management (DRM) Agents. A Right Issuer (RI) permits an LRM to move an RO created (or issued) by the LRM to move via the RI, and a first DRM Agent moves the RO to a second DRM Agent via the RI. | 06-25-2009 |
20090165144 | CONTRACTED PRODUCT SUPPLY METHOD, CLIENT DEVICE, SERVER AND RECORDING MEDIUM HAVING PROGRAM RECORDED THEREIN - A contracted product supply method includes a notifying step of sending identification information to a server, an extracting step of extracting contract information, a transmitting step of transmitting the contract information, a certifying step of certifying permission and a setting step of setting a license of the contracted software products certified in the certifying step. | 06-25-2009 |
20090172819 | Method and Apparatus for Implementing Logic Security Feature for Disabling Integrated Circuit Test Ports Ability to Scanout Data - A method and apparatus for implementing integrated circuit security features are provided to selectively disable testability features on an integrated circuit chip. A test disable logic circuit receives a test enable signal and responsive to the test enable signal set for a test mode, establishes a test mode and disables ASIC signals. Responsive to the test enable signal not being set, the ASIC signals are enabled for a functional mode and the testability features on the integrated circuit chip are disabled. When the functional mode is enabled, the test disable logic circuit prevents the test mode from being established while the integrated circuit chip is powered up. | 07-02-2009 |
20090172820 | Multi virtual machine architecture for media devices - A software computing based environment for providing secured authentication of media downloaded from a network or loaded from a media player includes two peer-mode operating virtual machines. The low-level virtual machine provides decoding and decryption functions whereas the high-level virtual machine provides application level functions such as user interface, input/output. | 07-02-2009 |
20090178143 | Method and System for Embedding Information in Computer Data - Provided is a system for embedding traits in data wherein the data is stored within one or more data storage system(s), comprising: a code generator, the code generator generating a code describing the traits of the data; a rules engine, the rules engine classifying the traits into codes; an encoder coupled to the code generator, wherein the encoder encodes the data with the code describing the traits of the data, to generate encoded data; and a storage unit coupled to the encoder, the storage unit storing the encoded data; wherein the data storage systems are selected from the group consisting of: Microsoft SQL servers, IBM DB2 servers, Oracle servers, and Sybase servers. | 07-09-2009 |
20090187993 | PROCESSOR HARDWARE AND SOFTWARE - A system and method for detecting the use of pirated software on a processor device ( | 07-23-2009 |
20090193523 | PIRACY PREVENTION IN DIGITAL RIGHTS MANAGEMENT SYSTEMS - A method in a multimedia device ( | 07-30-2009 |
20090199299 | INTEGRATED USER EXPERIENCE WHILE ALLOCATING LICENSES WITHIN VOLUME LICENSING SYSTEMS - This description provides tools for providing integrated user experiences while allocating licenses within volume licensing systems. These tools may provide methods that include sending information for presenting licensing portals at recipient organizations. The licensing portals may include representations of properties licensed by the organizations, and may include indications of how many licenses remain available for allocation. The methods may include receiving and validating licensing requests. The tools may provide other methods that include requesting and receiving information for presenting the licensing portals, as well as requesting and receiving licensing-related actions from the licensing systems. The tools may provide still other methods that include receiving requests for information to present launch portals, with these requests incorporating user identifiers for particular end-users. These methods may also populate the launch portals with representations of properties for which the end-users are licensed, and may send the information for the launch portals to licensee organizations. | 08-06-2009 |
20090199300 | WIRELESS COMMUNICATION APPARATUS AND CONFIGURING METHOD FOR WIRELESS COMMUNICATION APPARATUS - According to one embodiment, a wireless communication apparatus comprises a wireless communication module configured to carry out wireless communication, a first storage module configured to store information unique to the wireless communication apparatus, a configuration generator module configured to generate configuration information for the wireless communication module to connect to a given network based on the information stored in the first storage module, a second storage module configured to store the configuration information generated by the configuration generator module and a first display control module configured to control display of the configuration information stored in the second storage module so that a user cannot recognize the information unique to the wireless communication apparatus. | 08-06-2009 |
20090205048 | VALIDATION OF PROTECTED INTRA-SYSTEM INTERCONNECTS FOR DIGITAL RIGHTS MANAGEMENT IN ELECTRICAL COMPUTERS AND DIGITAL DATA PROCESSING SYSTEMS - Embodiments for validating protected data paths for digital rights management of digital objects are disclosed. Some embodiments disclosed herein may comprise processes or apparatus for transferring data from one or more peripherals to one or more computers or digital data processing systems for the latter to process, store, and/or further transfer and/or for transferring data from the computers or digital data processing systems to the peripherals. Some embodiments disclosed herein may comprise processes or apparatus for interconnecting or communicating between two or more components connected to an interconnection medium a within a single computer or digital data processing system. | 08-13-2009 |
20090205049 | SECTION BASED SECURITY FOR A SECTIONED SURFACE-BASED COMPUTING DEVICE - The present invention discloses a method, a computer program product, a system, and a device for securing content of a surface-based computing device. In the invention, a delineated region of a surface of a surface-based computing device referred to as a section can be identified. The section can be a computing space owned by at least one user referred to as a section owner. Other regions of the surface exist that are computing spaces distinct from the section. A set of section specific settings can be established that are configurable by the section owner. An attempt to convey at least one software object across a section boundary separating the section from one of the other regions can be identified. The section specific settings can be applied to the attempt. Appropriate programmatic actions can be taken based upon the section specific settings. | 08-13-2009 |
20090205050 | METHOD AND APPARATUS FOR HARDWARE RESET PROTECTION - A method and apparatus for protecting access to sensitive information stored in vulnerable storage areas (e.g., public memory, registers, cache) of a microprocessor. A microprocessor having a reset port to receive external reset commands may have a reset diversion circuit that may be selectively enabled. The microprocessor may operate in an open mode or a secure mode, indicating the absence or the potential presence, respectively, of sensitive information in the vulnerable storage areas. In open mode, the reset diversion circuit may be disabled such that external reset requests triggers a hardware reset. In secure mode, sensitive information may be recorded on vulnerable storage areas. The reset diversion circuit may be enabled to divert external reset requests to an interrupt which may trigger execution of a software code. The software code, when executed, may perform a secured system clean-up routine to erase the vulnerable storage areas prior to reset. | 08-13-2009 |
20090205051 | SYSTEMS AND METHODS FOR SECURING DATA IN ELECTRONIC COMMUNICATIONS - Systems and methods are provided for providing data security. Credit-related data provided by a credit database can be received. The credit-related data can include records. Each record can include a social security number and a name associated with the social security number. Each record can be transformed to generate transformed data using a hashing algorithm. An electronic communication comprising content can be received. Transformed content can be generated by transforming the content. The transformed content can be compared to the transformed data. The transformed content can be determined to match at least one of the transformed records. The electronic communication can be prevented from being transmitted to a network. | 08-13-2009 |
20090210945 | Personal Information/Confidential Information Managing System And Personal Information/Confidential Information Managing Method - A personal information/confidential information managing system and a personal information/confidential information managing method are provided for managing personal information/confidential information in a proper form in accordance with a variable protective level subjected to change of protective levels to comply with necessity of secrecy management in keeping personal information/confidential information in the custody. A personal information/confidential information managing device keeps personal information/confidential information in the custody with a different state for every protective level in accordance with protective levels set in compliance with the degree of confidentiality of the personal information/confidential information. Although this protective level is described in a data property definition file and is read in a computer program, it can be changed appropriately. A protective level after the change and its changing time to be designated are described in the data property definition file, so that the computer program installed in the personal information/confidential information managing device changes a keeping form of the personal information/confidential information in compliance with the protective level after the change when the changing time arrives. | 08-20-2009 |
20090217382 | METHOD AND PROCEDURE TO AUTOMATICALLY DETECT ROUTER SECURITY CONFIGURATION CHANGES AND OPTIONALLY APPLY CORRECTIONS BASED ON A TARGET CONFIGURATION - A method for maintaining router security configuration files, a method for detecting unauthorized changes to router security configurations and a network controller. In one embodiment, the method for maintaining includes: (1) generating a target-delta file having commands needed to make identified data blocks of a baseline file functionally equivalent to corresponding data blocks of a target file, wherein the identified data blocks are functionally different from the corresponding data blocks of the target file and (2) changing a router security configuration field file by applying the target-delta file thereto. | 08-27-2009 |
20090217383 | LOW-COST SECURITY USING WELL-DEFINED MESSAGES - Well-defined messages may be transmitted from a sending device to a recipient device in order to reduce the processing and resource requirements imposed by the security semantics of general message standards. The well-defined messages may include an expression of a collective intent of the security semantics included in the message. The expression of the security semantics within the message simplifies the discovery process for devices processing the message. The well-defined message may also require that any intermediary devices that process the well-defined message as it is transmitted from the sender device to the receiver device follow the expressed collective intent of the security semantics. If an intermediary device cannot understand or adhere to the expressed intent, the well-defined message must be rejected. | 08-27-2009 |
20090217384 | License Auditing for Distributed Applications - The provided software application includes a module that determines a machine fingerprint of a client device at an appropriate time, such as during initial software load on the client. The fingerprint may comprise various machine-determinable measures of system configuration for the client. Each application copy may be associated with a serial number. A license host may collect serial number, fingerprint and/or IP address information from clients on which the application is installed. The host may generate a map of application installations, including geographic locations of installations and number of unique serial numbers per client in specified regions. | 08-27-2009 |
20090222926 | SOFTWARE LICENSE MANAGEMENT SYSTEM THAT FUNCTIONS IN A DISCONNECTED OR INTERMITTENTLY CONNECTED MODE - A software license management system for a computer network is disclosed that is capable of operating in a disconnected or intermittently connected mode. The system is capable of borrowing software licenses from computer nodes in one of three modes. The three modes include a fault tolerance mode, a service licensing mode, and a normal online mode. When network instability occurs, an executive logic layer software module consults a set of rules to determine whether to automatically initiate short term software license borrowing using the fault tolerance mode or using the service licensing mode. The automatic short term software license borrowing continues as long as needed and then the normal online mode of software license borrowing is resumed. | 09-03-2009 |
20090222927 | Concealment of Information in Electronic Design Automation - In one exemplary embodiment disclosed herein, an electronic design automation tool may receive information related to electronic design automation that contains secured information, such as physically secured information, and annotations to indicate the secured portions of the information. Upon receiving such information, the electronic design automation tool may identify those portions of the information comprising secured information related to electronic design automation, and unlock the secured information for processing. The electronic design automation tool may process at least some of the secured electronic design automation information without revealing that secured information to unauthorized persons, tools, systems, or otherwise compromising the protection of that secured information. That is, the design automation tool may process the secured electronic design automation information so that the secured information is concealed both while it is being processed and by the output information generated from processing the secured information. | 09-03-2009 |
20090222928 | IMAGE PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND COMPUTER PROGRAM PRODUCT - An identification-information obtaining unit obtains identification information for identifying a module to be customized. A validating unit validates, based on validation information including information indicating whether to allow a customization for a module identified by the identification information, whether the module identified by the identification information is customizable. When the validating unit validates that the module identified by the identification information is customizable, a control unit performs the customization of the module identified by the identification information. | 09-03-2009 |
20090235360 | DETECTING A PHISHING ENTITY IN A VIRTUAL UNIVERSE - An invention for detecting a phishing virtual entity in a virtual universe is disclosed. A virtual entity may be registered as authentic and be identified with multiple physical characteristics thereof. Another virtual entity will be monitored to detect whether it includes a physical characteristic that is sufficiently similar to that of a registered virtual entity to cause confusion. A phishing virtual entity is detected based on the monitoring and phishing prevention processes may be implemented on the phishing virtual entity. | 09-17-2009 |
20090235361 | SEGMENT BASED DIGITAL CONTENT PROTECTION - Techniques are disclosed herein for applying different content protection schemes to different segments of digital content. A method for protecting digital content includes determining segments within digital content that is organized to allow presentation in a certain order. Each of the segments is assigned to a category of a group of categories. Each of the categories has a different content protection scheme associated therewith. One of the protection schemes is applied to each segment based on the category associated with the segment. | 09-17-2009 |
20090235362 | DATA TRANSMISSION APPARATUS AND METHOD, DATA RECEIVING APPARATUS AND METHOD, AND DATA TRANSMISSION AND RECEPTION SYSTEM AND METHOD - The protection of data against illicit transfer with respect to specific data can be ensured. An integrated receiver decoder determines whether or not ATRAC (Adaptive Transform Acoustic Coding) data requiring authentication is contained in selected piece-of-music data in accordance with determination data added into transmitted data. When ATRAC data requiring authentication is contained, the integrated receiver decoder performs an authentication process between it and a storage which is a transfer destination of the ATRAC data, and performs downloading of the ATRAC data after confirming that the storage is a valid apparatus to which the downloading may be performed. | 09-17-2009 |
20090241197 | SYSTEM AND METHOD FOR ANALYSIS OF ELECTRONIC INFORMATION DISSEMINATION EVENTS - A system and method for determining an intent of a sender in transmitting electronic information in order to prevent unauthorized dissemination of electronic information is disclosed. The system and method facilitate cost-effective handling of dissemination events and comprise a traffic analyzer configured to analyze descriptors of the electronic information and parameters of the transmission of the electronic information in order to determine the intent of the sender. By determining the intent of the sender, it is possible to effectively quarantine the electronic information before it is disseminated. | 09-24-2009 |
20090241198 | INAPPROPRIATE CONTENT DETERMINATION APPARATUS, CONTENT PROVISION SYSTEM, INAPPROPRIATE CONTENT DETERMINATION METHOD, AND COMPUTER PROGRAM - An SNS system | 09-24-2009 |
20090241199 | SYSTEMS AND METHODS FOR CREATING, MANIPULATING AND PROCESSING RIGHTS AND CONTRACT EXPRESSIONS USING TOKENIZED TEMPLATES - System and methods for manipulating rights expressions for use in connection with a rights management system include one or more tokenized templates. Each tokenized template includes one or more rights expression language statements and one or more tokens associated with at least one of the rights expression language statements. Further, the tokens can be place holders for data items or rights expression elements. The system further includes a license template module that creates the tokenized templates, and a license instance creation module that replaces at least one of the tokens in one or more selected license templates with one or more of the data items or rights expression elements to generate a license instance. Additionally, the system includes a license instance analysis module having sub-modules for validating and interpreting license instances, and a data parsing module for extracting data from created license instances. | 09-24-2009 |
20090249485 | Techniques for Capturing Identifying Information on a Device User - A technique for identifying a user of a device includes receiving a tracking mechanism trigger and capturing (e.g., periodically) identifying information on the user of the device in response to the trigger. | 10-01-2009 |
20090249486 | SYSTEM AND METHOD FOR DIGITAL RIGHTS MANAGEMENT CONTROL USING VIDEO ANALYTICS - Digital rights management (DRM) of video data is selectively applied to video data by a video processing system that receives a video, comprising a number of frames, and processes at least one frame from the video to determine the contents of the video. The digital rights management for the video is then configured based on the contents of the video. | 10-01-2009 |
20090249487 | METHOD AND ARRANGEMENT RELATING TO A COMMUNICATION DEVICE - The present invention relates to a novel method for handling applications in a device by associating an application signed by a domain certificate to a pre-defined entity in a device, said device comprising: a module reader for reading subscriber identity, a virtual machine for running at least one application, a memory containing a root certificate, the method comprising: using a data set for aggregating a sub set of data, modifying portion of said data set such that said portion includes reference to said entity. The invention also relates to a device for implementing the method. | 10-01-2009 |
20090249488 | FLEXIBLE APPLIANCE HOSTING WITH COORDINATION OF DEPLOYMENT, LICENSING AND CONFIGURATION - Operating parameters of one or more software appliances may be set at a configuration manager. Compliance of the one or more software appliances with license terms may be maintained at a license manager. Communications may be executed between the license manager and the configuration manager to maintain compliance of the operating parameters with the license terms. A user interface may be provided for administration of the one or more software appliances therewith, the administration including deployment of the one or more software appliances, the license manager, the configuration manager, and a deployment manager within a system landscape. Communication may be executed between the license manager and the deployment manager to maintain compliance of the administration of the one or more software appliances with the license terms. Communication may be executed between the deployment manager and the configuration manager to manage the deployment relative to the operating parameters. | 10-01-2009 |
20090249489 | SECURITY BY CONSTRUCTION FOR WEB APPLICATIONS - Secure distributed Web applications are produced by default upon construction. Mechanisms are provided to address distributed application vulnerabilities (e.g., cross-site scripting, cross-site request forgery, replay attacks . . . automatically. These mechanisms are provided in conjunction with a tier-splitting component that breaks up an application for execution across multiple contexts or tiers. As a result, any application that is tier split is protected from security vulnerabilities by default without any intervention on the part of a developer. | 10-01-2009 |
20090249490 | COMMUNICATION APPARATUS, COMMUNICATION SYSTEM, TRANSMISSION METHOD, AND COMPUTER PROGRAM PRODUCT - A communication apparatus stores encrypted pieces having plural pieces as a part of a content encrypted, and number of transmission times. At least one first piece is encrypted by plural different encryption keys. The communication apparatus selects as priority pieces plural encrypted pieces corresponding to at least one first piece among the first pieces, based on number of untransmitted encrypted pieces of which number of transmission times is zero among plural encrypted pieces of which first piece is encrypted, and stores priority piece information specifying the priority piece. When a piece request is received from other communication apparatus, the communication apparatus determines an encrypted piece to be transmitted, based on priority piece information, and transmits the encrypted piece to the other communication apparatus. | 10-01-2009 |
20090249491 | Contents Data, and Program, Apparatus and Method for Detecting and Controlling Unauthorized Contents - The problem to be solved is to allow anyone other than the contents license owner to acquire a right usage opportunity of contents while the fraud in the contents can be detected. To solve this problem, a contents ID, distribution media information specifying the distribution media of the contents, and identification information containing distribution period information specifying the distribution period of the contents are attached to the contents body When a contents acceptance module | 10-01-2009 |
20090254994 | Security methods and systems - A system/method for preventing a computer virus from accessing message addresses is described. The system comprises an interception component or client plug-in that communicates with a messaging client and a messaging server. The interception component alters messages from the server and destined for the client. The interception component replaces message addresses in incoming messages with a unique identifier. The interception component also alters messages from the client destined for the server. The interception component replaces a unique identifier with a message addresses. A system/method for preventing keyboard sniffer programs from intercepting input, a system for preventing a computer virus from activating a send confirmation of a messaging client and a method for altering displayed objects to show encrypted data in decrypted form are also described and claimed. A system/method for reducing the impact of keyboard sniffer programs by altering keyboard input. | 10-08-2009 |
20090260088 | System and Method for Data Destruction - A system and method for self-activated or remote-controlled data destruction for mobile devices. In an embodiment, when the user is unable to find their mobile device, they can log onto a web-base/software application through the computer or other communication device such as a telephone or mobile devices to request a data destruction command to be sent to the lost mobile device. If the lost mobile device, after a specified time duration, does not have any reception to receive any signals nor has any battery-power, the self-destruction application embedded in the mobile device will automatically activate itself during the next reset procedure or power up or shut down process. This application will perform a memory erase procedure for all selected data on the mobile device. To increase the area of service the embedded application can scan and connect to other available networks such as Wi-Fi to extend the coverage area. | 10-15-2009 |
20090265788 | METHOD AND DEVICE FOR THE PSEUDONYMIZATION OF DIGITAL DATA - A system and method for pseudonymizing digital data records sent from a source system to a destination system, using an identity protector client system and an identity protector master system, includes the steps of receiving, at the identity protector client, person-specific data from a source system provided with a source identifier. The digital data records are pre-pseudonymized by the identity protector client, and the processed digital data records are marked with a source identifier which references the source file in the source system. The pre-pseudonymized digital data records are transmitted to the identity protector master. For every data record, a pseudonym is created by the identity protector master from the pre-pseudonym, the source identifier, and at least one other value generated from an erratic value and a time value. The pseudonym is transmitted to the destination system. | 10-22-2009 |
20090265789 | PREVENTING UNAUTHORIZED DISTRIBUTION OF MEDIA CONTENT WITHIN A GLOBAL NETWORK - One embodiment of the invention is a method for providing media content while preventing its unauthorized distribution. The method includes transmitting from a client to an administrative node a request for delivery of an instance of media content (IMC); determining which content source (CS) of a plurality of CSs to provide delivery of the IMC, provided the client is authorized to receive the IMC; transmitting to the client an access key and a location of the IMC; transmitting from the client to the CS a second request and the access key; in response to receiving the second request and the access key, transferring the IMC from the CS to the client; transmitting from the client to the administrative node an indicator indicating a successful transfer of the IMC; and generating a transaction applicable to the client and associated with the transfer of the IMC to the client. | 10-22-2009 |
20090265790 | CONTENT PROVIDING SYSTEM, CONTENT PROVIDING SERVER, INFORMATION PROCESSING APPARATUS, AND COMPUTER PROGRAM - A content providing system is disclosed, which includes: a content providing server that is capable of delivering content data and information related thereto through a communication network; and a client that is capable of downloading the content data and the information related thereto through the communication network, wherein a management unit manages meta information of the respective content data as content item information, manages one or plural pieces of content item information as content program information in association with one another, and manages one or plural pieces of content program information as a content program catalogue, one content data and meta information thereof can be referred to in plural pieces of content item information, one piece of content item information can be referred to in plural pieces of content program information, and one piece of content program information can be referred to in plural content program catalogues, and when a term of availability of the content program catalogue has expired, the management unit deletes content program information included in the content program catalogue and/or content item information included in the content program information and/or content data included in the content item information. | 10-22-2009 |
20090271868 | SITE DETERMINING METHOD - A site check method is provided that enables a user to check, when the user accesses a predetermined site, whether the site is legitimate or not. The method includes a first display step in which, when the user accesses a first server managing the site from a first information terminal, the first server has the first information terminal display predetermined check information. The method further includes a second display step in which, when the user accesses a second server from a second information terminal, the second server has the second information terminal display the check information. | 10-29-2009 |
20090271869 | Process for Establishing a System Licensing Internal Code Table - A process for establishing a system licensing internal code table used in a basic input/output system is disclosed, in which the basic input/output system includes a system control module. According to the process, the system-locked pre-installation location of the system control module is determined whether it stores the identifying data. If the identifying data is stored in the system-locked pre-installation location, the identifying data is determined whether it is the pre-determined data. The system licensing internal code table is established if the identifying data is not the pre-determined data. | 10-29-2009 |
20090276854 | Administration of Computer Telephony Applications That Are Connected to a Private Branch Exchange Via a Local Network - An administration of telephony applications conventionally using domain controller-based access authorization methods is provided such to eliminate the need for these methods. In a network where terminal devices are connected to time division multiplexed or packet-oriented network components, a terminal device establishes a communication link to a terminal device-specific adaptation for telephony applications via an interface for telephony applications, and the authorization for importing data is verified. Data is imported via the communication link to affected applications or affected services of the network. Any terminal device can be used to import the data and that no special authorizations are required for access as the proprietary/license keys that are exchanged between the terminal device and the exchange and the domain controller provide protection from unauthorized access to the exchange and to the local network connected thereto. For accessing the exchange and the domain controller, only one authorization check method is required. | 11-05-2009 |
20090276855 | Method, apparatus, and computer program product that provide for presentation of event items - An apparatus that provides for presentation of event items may include a processor. The processor may be configured to receive mobile event items from a mobile terminal. In this regard, the mobile event items may be determined based on a context of the mobile terminal. The processor may be further configured to receive service event items, and provide for presentation of the mobile event items and the service event items in an event item object. The processor may also be configured to provide for presentation of the mobile event items and the service event items, where the mobile event items are filtered based upon the content of the mobile event items or security attributes. Associated methods and computer program products may also be provided. | 11-05-2009 |
20090276856 | LICENSE MANAGEMENT FACILITY - A method is presented for managing resource licensing. The method may include detecting an installed web server and/or application server to identify a container installation path, and identifying a resource associated with the container installation path. A resource installation path and a licensing structure may be determined for the resource. The method may further include building an application representation associating the resource installation path with the licensing structure, and determining the instances of resource use. The instances of resource use may be compared to the application representation to determine a licensing state for the resource. | 11-05-2009 |
20090276857 | ANTI-TAMPER TECHNIQUES - Anti-tamper techniques for protecting a program code portion against tampering provide for defining a sequence of code segments having a root-code segment and a plurality of sub-code segment. Each sub-code segment is provided with an integrity checking portion for checking the integrity of a target code segment. At runtime, the integrity checking portion of a given sub-code segment carries out a checking procedure on the respective target code segment to obtain a runtime result which is compared with a reference result to verify that the target portion of the program has not been tampered with. | 11-05-2009 |
20090282488 | METHODS AND APPARATUS FOR A DOWNLOADABLE FINANCIAL TRANSACTION PRINTER - Method and apparatus for a downloadable financial transaction printer supporting multiple interfaces and single encoding for worldwide languages configuration. The financial transaction printer interfaces with multiple host systems and multiple gaming machine protocols, downloads application code or code patches, receives printer maintenance instructions, arbitrates print jobs received from various communication interfaces, supports worldwide languages, and utilizes firmware version consolidation whereby fewer firmware versions are required to support worldwide requirements, such as regional and jurisdictional requirements. The financial transaction printer further includes security features for gaming regulatory requirements, memory protection, and preventing the execution of downloaded code on unauthorized hardware. The financial transaction printer further includes segmented memory for content related to each communication interface, gaming machine, or host system, among others. Additionally, the financial transaction printer supports Unicode, configuration to worldwide languages, configuration to multiple protocols, and configuration to prior firmware versions for backward compatibility, among others. | 11-12-2009 |
20090282489 | PROCESS VERIFICATION - A disclosed gaming machine provides methods and apparatus of verifying the authenticity of gaming software stored in and executed from RAM on the gaming machine. When presenting a game on the gaming machine, a master gaming controller may dynamically load gaming software applications into RAM and dynamically unload gaming software applications from RAM. The authenticity of the gaming software applications temporarily stored in RAM may be verified by using methods to compare it with certified gaming software stored on one or more local or remote file storage devices accessible to the master gaming controller on the gaming machine. The verification process may be used to satisfy gaming regulatory entities within various gaming jurisdictions that require certified gaming software to be operating on the gaming machine at all times as well as to prevent tampering with the gaming machine. | 11-12-2009 |
20090282490 | SYSTEM, MOBILE INFORMATION TERMINAL, EXTERNAL DEVICE, METHOD AND PROGRAM FOR EXECUTING CONTENT - A system that executes content like music and moving pictures, and protects rights like copyright, working on a configuration of a mobile information terminal and an external device is provided. A mobile information terminal acquires a right (ticket) to execute content. An external device of higher performance, compared with a mobile information terminal, executes content after receiving the ticket from a mobile information terminal. Though content and ticket can move freely in a system, once the content is executed, an identifier for identifying the mobile information terminal that demanded the execution of content is liked with the ticket. It is this mobile information terminal that can use the same ticket again. | 11-12-2009 |
20090288169 | Systems and Methods to Control Web Scraping - Systems and methods to control web scraping through a plurality of web servers using real time access statistics are described. | 11-19-2009 |
20090288170 | SYSTEM AND METHOD FOR OBJECT ORIENTED FINGERPRINTING OF DIGITAL VIDEOS - A system and method for object oriented fingerprinting of digital videos and motion pictures are provided. The system and method enables a user to embed various ‘natural objects’ as watermarks that match well with a particular scene in a movie or to modify existing objects in the scene during a digital editing stage. The system and method provides for determining a number of unique copies of the motion picture needed, determining a number of watermarks and variations of the watermarks based on the number of unique copies, selecting at least one object occurring in at least one scene of the motion picture equal to the determined number of watermarks, creating the determined number of variations for the object, and creating a unique combination of the created variations of the object for each copy. Each unique combination is encoded into a value for identifying each of the plurality of copies. | 11-19-2009 |
20090288171 | Method for Transmitting an Information Flow Upon Request From a Receiving Site - The present invention provides a communications channel to transmit a selected information flow, to select the desired information flow and transmit said stream to a predefinable receiving site. The invention makes it possible for the first time to predefine at the receiving site the communications channel for transmitting the selected information flow. The method is no longer tied to only a single communications channel, or to a set type of communications channels, but can cross different technologies and be applied to almost any type of communications channels. The communications channel can be a satellite channel or a cable channel, for example, it can also be a telephone line, a connection in a cellular phone network, a wireless link, a visual communications link or similar. The actual selection of the communications channel can be made by the recipient contacting the transmitting site over a communications channel that he specifies so that the transmission of the information flow can be initiated. The transmitting site can then commence with the transmission of the information flow over the communications channel selected by the receiving site. | 11-19-2009 |
20090288172 | MEDIA PLAYBACK DECODER TRACING - A method of identifying a traced media playback decoder embedded in a device, wherein data representative of a trace message is included in the content field of a media content file and a trigger string ( | 11-19-2009 |
20090293129 | TERMINATION OF SECURE EXECUTION MODE IN A MICROPROCESSOR PROVIDING FOR EXECUTION OF SECURE CODE - An apparatus providing for a secure execution environment including a microprocessor and a secure non-volatile memory. The microprocessor is configured to execute non-secure application programs and a secure application program, where the non-secure application programs are accessed from a system memory via a system bus. The microprocessor has secure execution mode logic that is configured to detect execution of a secure execution mode return event, and that is configured to terminate a secure execution mode within the microprocessor, where the secure execution mode exclusively supports execution of the secure application program. The secure non-volatile memory is coupled to the microprocessor via a private bus and is configured to store the secure application program prior to termination of the secure execution mode, where transactions over the private bus between the microprocessor and the secure non-volatile memory are isolated from the system bus and corresponding system bus resources within the microprocessor. | 11-26-2009 |
20090293130 | MICROPROCESSOR HAVING A SECURE EXECUTION MODE WITH PROVISIONS FOR MONITORING, INDICATING, AND MANAGING SECURITY LEVELS - An apparatus providing for a secure execution environment including a microprocessor and a secure non-volatile memory. The microprocessor executes non-secure application programs and a secure application program. The non-secure application programs are accessed from a system memory via a system bus, and the secure application program is executed in a secure execution mode. The microprocessor has a watchdog manager that monitors environments of the microprocessor by noting and evaluating data communicated by a plurality of monitors, and that classifies the data to indicate a security level associated with execution of the secure application program, and that directs secure execution mode logic to perform responsive actions in accordance with the security level. The secure non-volatile memory is coupled to the microprocessor via a private bus, and stores the secure application program. Transactions over the private bus are isolated from the system bus and corresponding system bus resources within the microprocessor. | 11-26-2009 |
20090293131 | METHOD AND SYSTEM FOR PROCESSING CONTENT - A method and system for processing content are provided. The method of processing content includes: receiving source data from a first system; interoperable-processing the source data and generating a target data; and transmitting the target data to a second system, the first system or the second system include at least one of access control system, copy protection system and use control system. Accordingly, it is possible to easily process non-compliant content in the DRM interoperable system. | 11-26-2009 |
20090300766 | BLOCKING AND BOUNDING WRAPPER FOR THREAD-SAFE DATA COLLECTIONS - A membership interface provides procedure headings to add and remove elements of a data collection, without specifying the organizational structure of the data collection. A membership implementation associated with the membership interface provides thread-safe operations to implement the interface procedures. A blocking-bounding wrapper on the membership implementation provides blocking and bounding support separately from the thread-safety mechanism. | 12-03-2009 |
20090300767 | METHOD FOR OUT OF BAND LICENSE ACQUISITION ASSOCIATED WITH CONTENT REDISTRIBUTED USING LINK PROTECTION - Particular embodiments generally relate to transferring data with first usage rights to a device and presenting the data by a receiving device by using different usage rights. The receiving device contacts one or more services that can determine what rights are available and can issue those rights to the receiving device. The receiving device can update the state across devices and services that maintain compliance with the usage rights. | 12-03-2009 |
20090300768 | Method and apparatus for identifying phishing websites in network traffic using generated regular expressions - According to an aspect of this invention, a method to detect phishing URLs involves: creating a whitelist of URLs using a first regular expression; creating a blacklist of URLs using a second regular expression; comparing a URL to the whitelist; and if the URL is not on the whitelist, comparing the URL to the blacklist. False negatives and positives may be avoided by classifying Internet domain names for the target organization as “legitimate”. This classification leaves a filtered set of URLs with unknown domain names which may be more closely examined to detect a potential phishing URL. Valid domain names may be classified without end-user participation. | 12-03-2009 |
20090300769 | DETECTING GLOBAL ANOMALIES - Systems and methods of detecting distributed attacks that pose a threat affecting more than one node in the network. The distributed attacks include events that appear normal or innocuous when viewed locally at any node. The systems and methods include reference global profiles and detection global profiles corresponding to activities or events of interest on the network. | 12-03-2009 |
20090300770 | MECHANISM TO SEARCH INFORMATION CONTENT FOR PRESELECTED DATA - A method and apparatus for detecting preselected data embedded in information content is described. In one embodiment, the method comprises receiving information content and detecting in the information content a sequence of content fragments that may contain a portion of preselected data. The method further comprises determining whether a sub-set of these content fragments matches any sub-set of the preselected data using an abstract data structure that defines a tabular structure of the preselected data. | 12-03-2009 |
20090300771 | Electronic Device With Protection From Unauthorized Utilization - An electronic device has software for protecting the electronic device from unauthorized utilization. When executed, the software causes the electronic device to execute an application component, wherein the application component is configured to automatically ascertain whether the electronic device has been reported stolen, based on information received from a server system. The electronic device also automatically determines whether the application component is operating correctly, and if so, automatically provides a basic input/output system (BIOS) component of the electronic device with information indicating that the application component is operating correctly. During a subsequent boot process for the electronic device, the software automatically prevents the electronic device from completing the boot process if the BIOS component does not find the information from the application component indicating that the application component was operating correctly. Other embodiments are described and claimed. | 12-03-2009 |
20090300772 | METHODS FOR PREVENTING SOFTWARE PIRACY - A method for preventing unauthorized installation of application software is disclosed wherein application software is distributed with a user-readable permanent password, one or more user-readable one-time disposable password, and a hidden password (hidden from users but accessible by the setup program). When the setup program is run, the user must enter the permanent password and disposable password(s). The setup program sends these passwords and the target computer serial number to a remote server which verifies their validity, stores the serial number, and returns a complex password and a new disposable password from a remote passwords folder stored on the remote server. The setup program displays the new disposable password to the user who records it for use in future installations. The complex password is used to enable installation of the software, and it is deleted after installation is complete. Subsequent installation or re-installations, if authorized by the terms of the software license agreement, are performed using the same procedure, except that for each such installation, a new disposable password must be used. | 12-03-2009 |
20090307778 | Mobile User Identify And Risk/Fraud Model Service - Transactions using, for example, Near Field Communication (NFC), Bluetooth, online, or other applications, may pose a risk of fraud or identity theft. According to an embodiment, a method of evaluating transaction information in view of potential fraud and/or risk includes receiving transaction information at a remote location. The method also includes correlating the received transaction information with user data maintained at the remote location. The method further includes generating a score and/or risk or fraud data based on the correlating. Such transactions may be facilitated by a payment service provider. Related methods, devices, and systems are also disclosed. | 12-10-2009 |
20090307779 | Selective Security Masking within Recorded Speech - A marker is derived from an interaction between a person and an agent of a business and the agent's user interface. A part of a speech signal that corresponds to a portion of the person's special information is located with the marker. The speech signal results from the interaction between the person and the agent. The part of the speech signal that corresponds to the portion of the person's special information is rendered unintelligible. | 12-10-2009 |
20090313701 | SECURE SYSTEM AND METHOD FOR PROCESSING DATA BETWEEN A FIRST DEVICE AND AT LEAST ONE SECOND DEVICE PROVIDED WITH MONITORING MEANS - A secure system ( | 12-17-2009 |
20090320139 | TRANSPONDER INCORPORATED INTO AN ELECTRONIC DEVICE - An electronic device. The device comprises a metalization layer and an integrated circuit chip incorporated into the device wherein the integrated circuit chip is capacitively coupled to the metalization layer. The device comprises a first substrate having the metalization layer formed on the substrate, a cap layer covering at least the entire metalization layer and at least a portion of the first substrate not covered by the metalization layer. The integrated circuit chip is coupled to the first substrate, and is placed in proximity and in non-physical contact with the metalization layer. A conductive layer is attached to the integrated circuit chip. The conductive layer has at least a portion placed in a non-physical contact with the metalization layer. The integrated circuit chip is capacitively coupled to the metalization layer through the conductive layer and the metalization layer. | 12-24-2009 |
20090320140 | Piracy Prevention Using Unique Module Translation - A method for providing solidified software in a computing environment includes creating a new reference for a function in a function table; copying an address of the function and associating the address with the new reference; replacing the address associated with an old reference of the function with a dummy address; and substituting each old reference in normal code with the new reference, where injected code is not able to execute in the computing environment. The function table entries can be further randomized by reordering the entries, introducing intermediate mappings, or providing non-operative entries. Alternatively, all or part of the code of the function can be copied and moved to a different storage location and associated with the new reference. The copied code can be further randomized by the insertion of dummy code, utilizing reverse peephole techniques, varying the size of the copied portion, or interleaving non-operative code. | 12-24-2009 |
20090328225 | System and Methods for Enforcing Software License Compliance with Virtual Machines - A virtualization system supports secure, controlled execution of application programs within virtual machines. The virtual machine encapsulates a virtual hardware platform and guest operating system executable with respect to the virtual hardware platform to provide a program execution space within the virtual machine. An application program, requiring license control data to enable execution of the application program, is provided within the program execution space for execution within the virtual machine. A data store providing storage of encrypted policy control information and the license control data is provided external to the virtual machine. The data store is accessed through a virtualization system including a policy controller that is selectively responsive to a request received from the virtual machine to retrieve the license control data dependent on an evaluation of the encrypted policy control information. | 12-31-2009 |
20090328226 | Vector Space Method for Secure Information Sharing - Presented are systems and methods for securely sharing confidential information. In such a method, term vectors corresponding to ones of a plurality of confidential terms included in a plurality of confidential documents is received. Each of the received term vectors is mapped into a vector space. Non-confidential documents are mapped into the vector space to generate a document vector corresponding to each non-confidential document, wherein the generation of each document vector is based on a subset of the received term vectors. At least one of the non-confidential documents is identified in response to a query mapped into the vector space. | 12-31-2009 |
20090328227 | ANTI-PIRACY MEASURES FOR A VIDEO GAME USING HIDDEN SECRETS - Embodiments are directed towards employing hidden secrets on a client device to detect and deter piracy of a computer application. The computer application is partitioned into components, where a subset of the components is initially provided to the client device. In one embodiment, the computer application is unable to execute properly within the removed or other set of components. The removed components not provided to the client device may then be modified based on hidden secrets information and a verification component and provided over a network to the client device. If the verification component is unable to locate an armed secret, or detects that an armed secret is modified, the computer application may be inhibited from installation and/or execution. In one embodiment, a secret might be unarmed, such that its presence, absence, and/or modification might be ignored. | 12-31-2009 |
20090328228 | Segmented Media Content Rights Management - Segmented media content rights management is described. In embodiment(s), a media device can receive segments of protected media content from media content streams that each include a different version of the protected media content. A media content file can be generated to include the segments of the protected media content that are sequenced to render the protected media content for viewing. A file header object can be instantiated in a file header of the media content file, where the file header object includes DRM-associated features, such as one or more DRM licenses, properties, and/or attributes that correspond to the media content file to provision all of the segments of the protected media content together. | 12-31-2009 |
20090328229 | SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR PERFORMING A DATA PROTECTION OPERATION - A system, method and computer program product for performing a data protection operation is provided. The method includes receiving a write instruction that is associated with a writable entity, the write instruction includes a writable entity identifier, and data protection metadata indicative of a relevancy of at least one data protection operation to be applied in relation to the write instruction, and participating in an execution of a relevant data protection operation, if such a relevant data protection operation exists. | 12-31-2009 |
20090328230 | METHOD AND APPARATUS FOR PLAYING DIGITAL CONTENTS PROCESSED WITH DRM TOOLS - Provided is a terminal in support of compatibility for Digital Rights Management (DRM) technology. According to the present invention, a method of reproducing digital contents with DRM tool at a user terminal includes the steps of: obtaining information about a DRM processor from the digital contents, selecting a DRM processor according to the obtained information, and installing the selected DRM processor; initializing the DRM processor through exchanging messages between the user terminal and the DRM processor; and transforming the digital contents with the DRM tool to original digital contents by activating a DRM tool using the initialized DRM processor and reproducing the original digital contents. | 12-31-2009 |
20090328231 | METHOD OF DYNAMIC PROTECTION OF DATA DURING THE EXECUTION OF A SOFTWARE CODE IN INTERMEDIATE LANGUAGE IN A DIGITAL APPARATUS - The invention concerns a method for protecting the data of an application compiled in intermediate for execution executed on a digital apparatus equipped with a virtual machine managing the execution of the code via a execution stack defining at least one stack frame corresponding to a method called during the execution of the code. A secured execution mode of the code involves the determination of at least one global checksum associated with each stack frame and, each time that a datum of the code is manipulated, the calculation of a local checksum associated with that datum. The calculation is on one hand, on the global checksum associated with the stack frame corresponding to the manipulated datum and, on the other hand, on at least one part of the other data constituting the stack frame. | 12-31-2009 |
20090328232 | Systems, Methods, and Program Products For Secure Code Execution - Methods, program product, and systems for providing tamper-resistant executable software code are provided to enable software code transport, storage, and execution security by formatting all instructions to use operand indirect addressing, resulting in an indirect table for each operand position, or field, in the instruction set. That is, rather than each instruction including an operand, each instruction includes an index to the location of the value of the operand in an indirect table. The methods, program product, and systems can also implement a non-typical instruction fetch associated with a program counter and a sequentially stored vector table, or jump table, to retrieve the next sequential instruction (“NSI”). Following rearranging or scrambling or encoding of the executable code, the code can be loaded and executed directly in scrambled form using the jump table, but cannot be meaningfully disassembled, nor executed properly, without the jump table to resolve the NSI. | 12-31-2009 |
20100011444 | Systems and Methods for Detecting A Security Breach in a Computer System - The present invention provides systems and methods for applying hard-real-time capabilities in software to software security. For example, the systems and methods of the present invention allow a programmer to attach a periodic integrity check to an application so that an attack on the application would need to succeed completely within a narrow and unpredictable time window in order to remain undetected. | 01-14-2010 |
20100011445 | TRANSMITTER, SIGNAL TRANSFER METHOD, DATA DISTRIBUTION SYSTEM AND METHOD OF SAME, DATA RECEIVER, DATA PROVIDER AND METHOD OF SAME, AND DATA TRANSFERER - To enable usage of content at a receiver which does not have a copying function even if copyright protection is provided. Model names of receivers not having a function enabling copying of content are held in an authentication processing circuit ( | 01-14-2010 |
20100017882 | METHOD AND SYSTEM FOR LOCALLY ACTIVATING A DRM ENGINE - A method for locally activating a DRM engine is disclosed. A preprocessing operation is performed, wherein rights objects are bound with digital content files with a first format. The digital content files with the first format are converted to the digital content files with a second format. The digital content files with the second format file are encrypted and a corresponding decryption key is generated. The encrypted digital content files and the decryption key are stored in a memory device. An application is designed and installed on the electronic device and the memory device is installed to the electronic device. The application is authorized according to the rights objects bound in the digital content files, decrypts the encrypted digital content files using the decryption key, wherein the digital content files with the second format can be recovered from the third format, and activates a DRM engine of the electronic device. The DRM engine binds an IMEI code of the electronic device with the digital content files, enabling the digital content files to only be accessed by the specific electronic device. | 01-21-2010 |
20100017883 | LOCKBOX FOR MITIGATING SAME ORIGIN POLICY FAILURES - Systems and methods to manage same-origin-policy (SOP) failures that occur in a computing environment are provided. In an illustrative implementation, an exemplary computing environment comprises a lockbox module, and an instruction set comprising at least one instruction directing the lockbox module to process data and/or computing application execution commands representative of and a request for a selected operation/feature according to a selected SOP management paradigm. In the illustrative implementation, the SOP management paradigm comprises one or more instructions to deploy a “lockbox” computing application element allowing for the management, monitoring, and control of computing application features/operations operable under a same origin policy. | 01-21-2010 |
20100017884 | METHOD FOR ALLOWING FULL VERSION CONTENT EMBEDDED IN MOBILE DEVICE AND SYSTEM THEREOF - A method for unlocking full version contents embedded in a mobile device comprises receiving a first signal for requesting the unlocking of full version contents embedded in a mobile device, the full version contents of which permitted usage is initially limited, and sending an unlocking message having an unlocking code for permitting a user to use the full version contents. According to the method and system for unlocking the full version contents, the full version contents are unlocked only after requesting the unlocking, and costs for the full version contents are charged to the user only when the request is allowed. Thus, costs may be saved. | 01-21-2010 |
20100017885 | Media markup identifier for alterable promotional segments - A classification method and system for possible content alteration of a media work may include criteria regarding content that is feasible for alteration. Such criteria may be maintained in records that are accessible to an interested party. Some embodiments may include a record of primary authorization rights applicable to a possible content alteration. A further embodiment feature may include a record of secondary authorization rights applicable to substitute altered content incorporated in a derivative version. Various exemplary identifier markup schemes indicative of a location or topic or category of an alterable media content component may be implemented to enable selective audio, visual, and audio/video content alteration. | 01-21-2010 |
20100017886 | SYSTEM AND METHOD FOR REMOTELY TRACKING AN ACTIVATION OF PROTECTED SOFTWARE - The invention is related to a system ( | 01-21-2010 |
20100017887 | RIGHTS OBJECT MOVING METHOD, CONTENT PLAYER, AND SEMICONDUCTOR DEVICE - A method of moving a rights object according to the present invention includes the following steps. First, a rights object in the memory card is disabled. Then, the rights object is copied from the memory card in response to a retrieval request and installed to a content player. After the installation, a removal request is transmitted to the memory card and the rights object in the memory card is removed (deleted). After transmitting the removal request, second state information is generated and held in the content player to indicate that the removal of the rights object in the memory card has not yet been completed and that the rights object installed in the content player is conditionally enabled. When the memory card receives the removal request, the memory card removes the rights object from the memory card and transmits a removal response for notifying completion of the removal to the content player. | 01-21-2010 |
20100017888 | METHOD, DEVICE AND SYSTEM FOR TRANSFERRING LICENSE - The present invention discloses a method for transferring licenses, a device for issuing licenses, and a communication system, and relates to the Digital Rights Management (DRM) technology. The method includes: the first issuing device receives a request of transferring a license issued by the second issuing device; the first issuing device transfers the license after determining that a relationship is set up with the second issuing device. The license issuing device includes: a receiving module, a setup module, a determining module, and a sending module. The communication system includes: a first issuing device, a second issuing device, and a device requesting to transfer a license. Through the present invention, an issuing device may transfer the licenses issued by other issuing devices, thus improving the flexibility of transferring the licenses. | 01-21-2010 |
20100024036 | System and Methods Providing Secure Workspace Sessions - System and methods providing secure workspace sessions is described. In one embodiment a method for providing multiple workspace sessions for securely running applications comprises steps of: initiating a first workspace session on an existing operating system instance running on the computer system, the first workspace session having a first set of privileges for running applications under that session; while the first workspace session remains active, initiating a second workspace session on the existing operating system instance running on the computer system, the second workspace session having a second set of privileges for running applications under the second workplace session; and securing the second workspace session so that applications running under the second workplace session are protected from applications running outside the second workspace session. | 01-28-2010 |
20100024037 | SYSTEM AND METHOD FOR PROVIDING IDENTITY THEFT SECURITY - A system and method of providing identity theft security is provided. The system and method utilizes a computer program that identifies, locates, secures, and/or removes from computers, computer systems and/or computer networks personally identifying and/or other sensitive information in different data formats. The computer program utilizes a multi-tiered escalation model of searching/identifying sensitive information. The computer program of the instant invention utilizes a self-learning process for fine-tuning a level of scrutiny for identifying potentially sensitive information. | 01-28-2010 |
20100024038 | AUTOMATIC AND ADJUSTABLE SYSTEM AND METHOD FOR SYNCHRONIZING SECURITY MECHANISMS IN DATABASE DRIVERS WITH DATABASE SERVERS - A system and method for database security provides multiple choices of security mechanisms for enabling access to a database through a database driver. A security mechanism that is compatible with a database is selected and the security mechanisms between an application and a database server are automatically determined using the selected security mechanism. | 01-28-2010 |
20100024039 | LICENSE SPECIFIC AUTHORIZED DOMAINS - The enforcement of the distribution of content information is carried out in a way similar to that wherein the content rights are enforced. This is accomplished by means of making the description of the domain policy and configuration a functional part of the license under which content information is made available to a user. | 01-28-2010 |
20100024040 | COMMUNICATION CONTROL DEVICE, DATA SECURITY SYSTEM, COMMUNICATION CONTROL METHOD, AND COMPUTER PRODUCT - A communication control device configured to access an information processing apparatus in which data is stored. The device and method acquires an operational condition of an information processing apparatus, and notifies the information processing apparatus of a security command for causing the information processing apparatus to execute a security process on the data in an event that an operational condition is activated and, in an event that the operational condition is a standby mode, a hibernate mode, or a shutdown mode, notifies the information processing apparatus of an activation command for activating the information processing apparatus, and notifies of a security command for causing the information processing apparatus to execute a security process on the data. | 01-28-2010 |
20100024041 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD AND COMPUTER READABLE MEDIUM HAVING A PROGRAM - An information processing apparatus and method configured to access multiple external storage medium. The apparatus and method detect theft or loss (or otherwise unauthorized use) of the information processing apparatus with respect to data stored in multiple storage areas, back up the data to the storage medium, and record, in association with each of the storage medium, an easiness degree indicating how easily a user accesses the storage medium. The apparatus and method calculate erasure priority rankings of the data stored in a manner that an erasure priority ranking is higher as an easiness degree is higher, record the calculated erasure priority rankings in association with each of the multiple storage areas, and erases the data stored in the multiple storage areas in accordance with the erasure priority rankings when detecting theft or loss of the information processing apparatus. | 01-28-2010 |
20100024042 | System and Method for Protecting User Privacy Using Social Inference Protection Techniques - A system and method for protecting user privacy using social inference protection techniques is provided. The system executes a plurality of software modules which model of background knowledge associated with one or more users of the mobile computing devices; estimate information entropy of a user attribute which could include identity, location, profile information, etc.; utilize the information entropy models to predict the social inference risk; and minimize privacy risks by taking a protective action after detecting a high risk. | 01-28-2010 |
20100031363 | METHOD AND SYSTEM FOR USER DEFINED LOCAL STORAGE OF INFORMATION AND OBJECTS IN A VIRTUAL WORLD - The invention provides a method and system for securing information for a virtual world environment. The method includes creating information for a virtual world environment, transmitting the information to the virtual world environment from the memory, selectively removing the information from the virtual world environment, and selectively storing the information on a memory external to the server to prevent access from the server. | 02-04-2010 |
20100031364 | METHOD FOR CREATING A VERIFIABLE MEDIA OBJECT, A CORRESPONDING SYSTEM THEREOF, AND A VERIFICATION PACKAGE FOR A MEDIA OBJECT - In a first aspect, there is provided a method for creating a verifiable media object using a handheld device that includes a plurality of sensors. In a second aspect, there is provided a system for creating a verifiable media object using a handheld device that includes a plurality of sensors. Finally, in a third aspect, there is provided a verification package for a media object. | 02-04-2010 |
20100031365 | Method and apparatus for providing network access privacy - A method for providing network access privacy by classifying filter parameters of a group of users who are accessing one or more network destinations. The system includes a means for collecting information from both users, and about network destinations, generating suggestions for a user regarding filter parameters, and filtering network communications of users going to network destinations. In operation, users who are accessing network destinations are prompted to choose from a selection of filter parameters. The information provided by these users is then analyzed and used to generate suggested filter parameters for other users. As users provide more information to the system about various network destinations the system is able to provide more information to users about more network destinations and thus generate more accurate filter parameter suggestions. After a user selects their filter parameters the system filters a range of information coming from the user and going out to the network destination. | 02-04-2010 |
20100031366 | Method of Providing Digital Rights Management for Music Content by Means of a Flat-Rate Subscription - The invention enables digital music content to be downloaded to and used on a portable wireless computing device. An application running on the wireless device has been automatically adapted to parameters associated with the wireless device without end-user input (e.g. the application has been configured in dependence on the device OS and firmware, related bugs, screen size, pixel number, security models, connection handling, memory etc. This application enables an end-user to browse and search music content on a remote server using a wireless network; to download music content from that remote server using the wireless network and to playback and manage that downloaded music content. The application also includes a digital rights management system that enables unlimited legal downloads of different music tracks to the device and also enables any of those tracks stored on the device to be played so long as a subscription service has not terminated. | 02-04-2010 |
20100031367 | Single File Rich Media Package Portable Across Multiple Devices - A process, format, and computer software for collecting a broad range of digital media objects, and storing them in a single, rich media container file, for simplified distribution and integrated playback. The resulting file can take on the dynamics of its intended use, so the music-oriented file may be album-centric, track oriented, and contain integrated cover art and links to the artist website, while a movie-oriented file may be video-centric, scene oriented, and contain integrated promotional art and links to actor biographies and photographs. Regardless of the usage, the resulting file provides an end user with an integrated, rich media viewing and listening experience, all in one place, and portable across multiple computers, mobile devices, and other platforms. The process and computer program for creating the rich media file also embeds digital rights management of the underlying content, and can enable both the publishers and users of the rich media file to customize their respective files with additional or unique content. | 02-04-2010 |
20100031368 | TAMPER DETECTION METHOD AND DATA STORAGE DEVICE USING THE SAME - A tamper detection method and a data storage device using the same are provided. The tamper detection method includes sensing a value of pressure applied to a data storage device using a pressure sensor, comparing the sensed pressure value with an initial pressure value sensed at an initial operation time of the data storage device, and detecting malicious tamper by comparing a threshold pressure value varying with the number of loads applied to the data storage device when the sensed pressure value is smaller than the initial pressure value. | 02-04-2010 |
20100037322 | METHOD FOR SECURING A TRANSACTION PERFORMED WITH A PROGRAMMABLE PORTABLE DEVICE - A method for securing a transaction between a transaction device and an external device is described. The transaction device includes a communication controller, an application processor, and an input device. The method includes requiring the user to enter agreed transaction data via the input device, monitoring the transaction data designated to be sent to the external device or received from the external device, and preventing the transaction data designated to be sent from being sent to the external device if the transaction data designated to be sent is different from the agreed transaction data, or rejecting the received transaction data if the received transaction data is different from the agreed transaction data. | 02-11-2010 |
20100037323 | RECEIVING POLICY DATA FROM A SERVER TO ADDRESS THEFT AND UNAUTHORIZED ACCESS OF A CLIENT - Techniques for securing a client. When a client, such as a portable computer, undergoes a change in operational state, an operating system agent sends a state message to a server. The state message describes the change in the operational state of the client. The operating system agent is one or more software modules that execute in an operating system of the client. The client receives a policy message from the server. The policy message contains policy data, which a BIOS agent stores in the BIOS of the client. The policy data identifies one or more security policies which the client should follow. | 02-11-2010 |
20100043075 | LICENSING MANAGEMENT UTILITY - A computer implemented method, apparatus, and article of manufacture are used to activate multiple computer applications on a computer. A computer application is installed. Further, a single licensing management utility (LMU) that is shared by multiple computer applications is installed on the computer. The LMU determines if a license for the installed computer application exists and obtains the license if it does not. | 02-18-2010 |
20100043076 | System and Method for Encoding and Authentication - A system and method for encoding documents and data storage discs uniquely is described which can provide a means to authenticate a document such as a passport or identification document or driving licence or contract or a music compact disc (CD) or data CD or DVD or holographic DVD or credit card. The method makes possible the encoding of a unique number or pattern or datagram image in or into the surface of the document or CD or upon a label or foil or hologram associated with and firmly adhered to the document or CD during the manufacturing process of the document or CD itself. The encoding may be made with a laser device which cuts the unique number or pattern or datagram image into a hologram foil which is firmly attached to the document or CD. Alternatively, in the case of documents, the encoding may comprise a unique number or pattern or datagram image which is cut by laser to create a perforation into the document thereby leaving the unique number or pattern or datagram as a matrix of small holes or perforations in the document through which light may pass. To authenticate the document or compact disc or credit card, the unique encoding is read by a suitable device and processed to extract data from it and to generate a dataset which is compared with a number or pattern or character string printed on the document or CD, or stored as a data set on the CD to determine the authenticity of the said document or CD or credit card. | 02-18-2010 |
20100050265 | Method and Apparatus for Enhancing Security Between a Web Server and a PSTN-based Voice Portal - A security regimen is provided for implementing transaction security between a Web server and data and a voice portal system accessible through a telephony network on the user end and through an XML gateway on the data source end. The regimen includes one of a private connection, a virtual private network, or a secure socket layer, set-up between the Web server and the Voice Portal system through the XML gateway. Transactions carried on between the portal and the server enjoy the same security that is available between nodes on the data network. In one embodiment, the regimen further includes a voice translation system distributed at the outlet of the portal and at the telephone of the end user wherein the voice dialog is translated to an obscure language not that of the users language and then retranslated to the users language at the telephone of the user. | 02-25-2010 |
20100050266 | Providing Extended Memory Protection - In one embodiment, the present invention provides for extended memory protection for memory of a system. The embodiment includes a method for associating a protection indicator of a protection record maintained outside of an application's data space with a memory location, and preventing access to the memory location based on the status of the protection indicator. In such manner, more secure operation is provided, as malicious code or other malware is prevented from accessing protected memory locations. Other embodiments are described and claimed. | 02-25-2010 |
20100058476 | Electronic information retention method/system, electronic information split retention method/system, electronic information split restoration processing method/system, and programs for the same - The invention aims to provide an electronic information split restoration processing method/system capable of processing massive electronic information at high speed while preventing leakage of the electronic information with reliability, and without causing deterioration in immediacy, centrally controlling electronic information to be processed by information processing units that are distributed geographically in a wide area, and connected via network. When electronic information is to be retained, a reversible split process and a reversible conversion process are applied to the electronic information (step S | 03-04-2010 |
20100058477 | SYSTEM AND METHOD FOR REVISING BOOLEAN AND ARITHMETIC OPERATIONS - Disclosed herein are systems, methods, computer readable media and special purpose processors for obfuscating code. The method includes extracting an operation within program code, selecting a formula to perform the equivalent computation as the extracted operation, and replacing the extracted operation with the selected formula. The formula can be selected randomly or deterministically. The extracted operation can be an arithmetic operation or a Boolean operation. | 03-04-2010 |
20100058478 | SOFTWARE ANTI-PIRACY PROTECTION - Licensing aspects of vendor software packages can be protected with reduced user interaction and effort by automating licensing exploit identification, and if allowed, exploit correction. Automating licensing exploit detection ensures that known exploits are more quickly and efficiently discovered to help maintain genuine software status. Minimizing user interaction in licensing exploit detection and correction involves less disruption to users and generally supports increased user satisfaction with vendor software package usage. | 03-04-2010 |
20100058479 | Method and system for combating malware with keystroke logging functionality - A method is carried out by a computer system for combating malicious keystroke-logging activities thereon. An operation is performed for generating a plurality of fake keystroke datasets that are each configured to resemble a keystroke dataset generated by keystrokes made on an input device of the computer system while entering sensitive information of a prescribed configuration. An operation is performed for receiving an instance of the sensitive information instance of the prescribed configuration concurrently with generating the fake keystroke datasets. Receiving the sensitive information instance includes a user of the computer system entering the sensitive information instance by performing keystrokes on the input device of the computer system such that a real keystroke dataset corresponding to the sensitive information instance is generated. An operation is performed for embedding the real keystroke dataset within at least a portion of the fake keystroke datasets after receiving the sensitive information instance. | 03-04-2010 |
20100058480 | INFORMATION MANAGEMENT IN DEVICES WORN BY A USER - An implantable medical device that is physically connectable to the body of a user has an information manager that manages sensitive information associated with the user or the device. A sensor is connected to the device that senses whether the device is physically connected to the body of the user, and generates a signal indicating whether the device is actually connected to the body of the user. The information manager is connected to the sensor, and is responsive to the sensor signal so as to perform information managing functions based on the signal. Among other things, fraudulent retrieval of sensitive data from the device is prevented if the device is not connected to or implanted in the body of the user. | 03-04-2010 |
20100058481 | NON-DISPLAYING METHOD OF SECRET INFORMATION AND INFORMATION PROCESSING DEVICE - A screen based on display information is displayed on a display device, secret information in the display information is discriminated based on a predetermined condition, the secret information is non-displayed by replacing the secret information with specified characters or images, and the display information other than the secret information and the post-converting secret information are transmitted to another device. | 03-04-2010 |
20100058482 | IMAGE FORMING APPARATUS, LICENSE DETERMINING METHOD, RECORDING MEDIUM - An image forming apparatus for executing an application constituted by one or more program modules, includes a license target identification information generating unit configured to generate license target identification information used for identifying which of the program modules are targets of license management, and to store the license target identification information in a storage device, wherein the license target identification information is generated based on one or more program module information items each being associated with one of the program modules to indicate whether the corresponding program module is a target of license management; and a license determination unit configured to determine, in response to an input of a usage request to use the application, whether a license is present, wherein the determination is made only for one or more of the program modules identified as being the targets of license management based on the license target identification information. | 03-04-2010 |
20100064371 | METHOD AND APPARATUS FOR PREVENTION OF TAMPERING, UNAUTHORIZED USE, AND UNAUTHORIZED EXTRACTION OF INFORMATION FROM MICRODEVICES - The present invention considers a method and an apparatus where a secure stand-alone microdevice or a microdevice as part of a larger processing device is arranged for prevention of tampering, unauthorized use, and unauthorized extraction of information from one or more information containing regions of the secured microdevice by controlled obliteration of the information in the information containing region. The method implements control protocols and hardware which monitor the conditions of secured microdevices and generate commands to trigger said controlled obliteration of information; establishes a local energy storage device which stores energy to be used to perform said controlled obliteration of information; establishes localized controlled release of the stored energy from the local energy storage device and at least partial deposition of the stored energy in the proximity of the information containing regions of the secured microdevices upon generation of a command to trigger said controlled obliteration of information; and maintains conditions for controlled release of the energy stored in the local energy storage upon generation of a command to trigger said controlled obliteration of information for the duration of time necessary to achieve desired controlled obliteration of said information. | 03-11-2010 |
20100064372 | METHODS AND SYSTEMS TO IMPLEMENT FINGERPRINT LOOKUPS ACROSS REMOTE AGENTS - The present invention provides methods and systems to protect an organization's secure information from unauthorized disclosure. The present system uses protect agents installed across various egress points (e.g., email server, user's computer, etc.) to monitor information disclosed by a user. The present system also provides the use of fingerprint servers to remotely maintain a database of fingerprints associated with the organization's secure data. In one embodiment, the protect agents transmit fingerprints associated with the user's information to the fingerprint server utilizing a local network or the public internet. The protect agents then receive a comparison analysis from the fingerprint servers and execute appropriate security action based on the analysis. In one embodiment, a combination of the local network and public internet is utilized to achieve remote agent lookups. | 03-11-2010 |
20100064373 | CLOAKING WITH FOOTPRINTS TO PROVIDE LOCATION PRIVACY PROTECTION IN LOCATION-BASED SERVICES - A method for using a location-based service while preserving anonymity includes receiving a location associated with a mobile node, receiving an anonymity level associated with the mobile node, computing a region containing the location of the mobile node and a number of footprints based on the anonymity level, wherein each of the footprints from a different user, and providing the region to a location-based service to thereby preserve anonymity of the mobile node. A method also allow a mobile device or its user to specify the anonymity level by selecting a public region consistent with a user's feelings towards desired privacy. | 03-11-2010 |
20100071067 | PROGRAM FOR RESOURCE SECURITY IN A DATABASE MANAGEMENT SYSTEM - An inventive method is presented for resource security in a database management system having a plurality of resources, the method comprising creating a macro and a corresponding data section definition (DSECT) defining security for each resource, assembling all of the DSECTs into a load module, processing the load module to obtain source code, and assembling the source code, such that changing the source code of one resource modifies the defined security of the resource and adding new source code to the source code adds a new resource having security to the plurality of resources. The processing step can comprise loading the load module, reading a DSECT having a total number of resources, and, for each resource of the total number of resources, reading a next DSECT, finding the defined security in the next DSECT, and obtaining the source code associated with the defined security. | 03-18-2010 |
20100071068 | METHOD AND COMMUNICATION SYSTEM FOR THE COMPUTER-AIDED DETECTION AND IDENTIFICATION OF COPYRIGHTED CONTENTS - Disclosed is a method for the computer-aided detection and identification of copyrighted contents that are exchanged between at least two computers in a communication network, especially in peer-to-peer networks. Said method comprises the following steps: —first data packets that arc specified according to an execute command and are analyzed regarding at least one first criterion are fed to a first computer (PAT), first and second parameters being determined from the data packets meeting the at least one first criterion; —the first computer (PMT) determines the first data packets encompassing the second parameter from all first data packets that are fed to the first computer (PAT) and transmits said data packets to a second computer (FP); —a third computer (CRAW) sends at least one inquiry message for detecting data with copyrighted contents to the communication network, said third computer (CRAW) receives reply messages in reaction to the at least one inquiry message and requests second data packets meeting at least one second criterion from the communication network and analyzes the same, third and fourth parameters being determined from the data packets meeting the at least one second criterion; —the third computer (CRAW) determines the second data packets encompassing the fourth parameter from all second data packets that are fed to the third computer (CRAW) and transmits said data packets to the second computer (FP); —the first computer (PAT) transmits the first parameters to the third computer (CRAW) in order for said first parameters to be used in the second criteria; and—the computer (CRAW) transmits the third parameters to the second computer (PAT) in order for said third parameters to be used in the first criteria. | 03-18-2010 |
20100071069 | IMAGE FORMING APPARATUS, LICENSE DETERMINATION METHOD, AND COMPUTER-READABLE RECORDING MEDIUM THEREOF - An image forming apparatus capable of executing an application formed by a plurality of program modules is disclosed, including: a correspondence information storing part, a determination part, and a boot control part. A correspondence information storing part stores correspondence information corresponding to the plurality of program modules and a plurality of sets of license data for the application. A determination part determines whether to permit or deny activation based on the license data corresponded to the correspondence information for each of the program modules included in the application. A boot control part activates one or more program modules which are permitted to be activated by the determination part. | 03-18-2010 |
20100071070 | Managing Sharing of Media Content From a Server Computer to One or More of a Plurality of Client Computers Across the Computer Network - Improved techniques to manage or restrict sharing of media assets over a network are disclosed. A server computer having media assets can permit one or more clients to receive access to such media assets over a computer network. However, the access to such media assets can be restricted based on numerical limits as well as temporal limits. The media assets can, for example, be digital media assets, such as audio items (e.g., audio files, including music or songs), videos (e.g., movies) or images (e.g., photos). | 03-18-2010 |
20100071071 | SECURE MEDIA PATH SYSTEM AND METHOD - A secure media path system and method are provided herein. | 03-18-2010 |
20100077484 | LOCATION TRACKING PERMISSIONS AND PRIVACY - A location tracking privacy engine is described herein that is configured to allow users to define privacy policies that govern how location information about each user is provided to context-aware applications and services. Privacy policies can be defined in a highly flexible and context-specific manner such that the execution of a given privacy policy by the location tracking privacy engine is dependent on the existence of one or more social, topical, temporal or spatial conditions. Privacy policies are then executed automatically by the location tracking privacy engine when the conditions associated with the policies are determined to be satisfied. | 03-25-2010 |
20100083383 | PHISHING SHIELD - A mechanism for notifying a user of an internet browser that a requested web page is undesirable, and for protecting the user from the web page by disabling it. An internet browser detects a load request for a web page and retrieves the Uniform Resource Locator (URL) for the webpage. The internet browser displays the webpage associated with the URL and, upon determination that the URL matches a URL from a list of undesirable URLs, alters the appearance of the webpage and disables the web page from receiving input or taking action. | 04-01-2010 |
20100088768 | INDUSTRIAL PROCESS VISUALIZATION APPLICATION HAVING AN OPERATING SYSTEM LOCALE-BASED REGIONALLY LIMITED LICENSE - A computer system and method are described for enforcing a locale-based license restriction by a process visualization application program. A locale-based license configuration is read from a license file associated with the process visualization application program. An operating system application program interface is called to identify a current locale of the operating system. The current locale affects a language utilized to present text via a graphical user interface display. Thereafter, a locale specified by the locale-based license configuration is compared to the current locale of the operating system. Thereafter, a licensing result is generated representing success or failure based upon whether the locale specified by the locale-based license configuration matches the current locale of the operating system. The aforementioned steps are carried out in a computer system including a computer-readable medium having computer-executable instructions for carrying out the above-described steps. | 04-08-2010 |
20100088769 | PREVENTING EXECUTION OF TAMPERED APPLICATION CODE IN A COMPUTER SYSTEM - Methods and systems for preventing an application which has been maliciously or inadvertently tampered with from causing harm to a computer system are described. Application code of the tampered application is inputted into a code analyzer. The code is analyzed and functions within the application code are identified and examined. Multiple profiles are created and each identified function is assigned a profile. A profile may be a description of how a function is intended to operate, that is, the function's expected behavior. Multiple replacement functions are created using a first set of functions, where each function is called by the identified functions and a second set of functions where each function in the second set calls the identified function. Calls between functions are examined and a called function is replaced with a replacement function, such that a call to an original function results in a call to the replacement function. The original function is unaware that it is not getting function calls or that such calls are being directed to a replacement function or stub. A replacement function contains code to ensure that the user space maintains its original appearance. | 04-08-2010 |
20100088770 | DEVICE AND METHOD FOR DISJOINTED COMPUTING - A method and system are described for processing an extended information element, the extended information element being composed of a word component and a stamp component, by a computing system that can transfer the extended information element but cannot manipulate the stamp component of the extended information element. The method includes: providing a stamp processing system for manipulating the stamp component, processing a value of the stamp component by the stamp processing system, and controlling an operation on the word component based on the value of the stamp component. | 04-08-2010 |
20100095382 | Real Invention - For this patent there is blocking of illegal theft sites at the search engine website address. Regularly updated theft sites are blocked and the website address search engine is updated with new program. Also covered under this patent although don't know if every claim is used or a few, is tagging of files (songs, movies, etc.). What this is, is every song downloaded on the internet comes with a tag and when synced to audio of movie device, if the song or movie is not tagged or certified not to be from a theft site than the song is not allowed on the sync page. Also covered (although don't know if going to be used) is the device whether it be a ipod, itv or something else, the device recognizes a tagged or untagged music, movie, etc. file. Don't know if this is going to be used. There is either universal tag or a tag strictly for one such device. For example just itunes songs for ipod. | 04-15-2010 |
20100095383 | Protection of Digital Data Content - Various embodiments include an apparatus, system, and method to control the distribution and usage of copyrighted digital content. The processing of a data file received over a communications network such as the Internet occurs both in a host digital appliance, such as a personal computer, notebook computer, audio player, video player, and the like, and in a very small digital rights management (DRM) module that is removably connected with the host. The processing makes it extremely difficult for the content of the data file to be obtained by an unauthorized person and/or utilized with an unauthorized DRM module. | 04-15-2010 |
20100100966 | METHOD AND SYSTEM FOR BLOCKING INSTALLATION OF SOME PROCESSES - A method includes providing a processor comprising memory for storing of blacklist data therein and memory for storing of programming data therein for execution on the processor. Version data indicative of a version of first programming data is retrieved from memory external to the processor. The version data is compared with blacklist data stored within the processor. When the blacklist data is indicative of the version data indicating a version of the programming data that is blacklisted, then the processor other than executes the first programming data. | 04-22-2010 |
20100107258 | METHOD AND APPARATUS FOR MANAGING CONTENTS IN MOBILE DEVICE - A method and an apparatus which permits intuitive management of a variety of digital contents stored in a mobile device. In a method for managing the contents, the mobile device determines a type of the content when a play of the content is ended. If the content is digital rights management (DRM) content, the mobile device checks a license count for authorized access to the DRM content and then determines whether or the license has expired or will expire shortly. If the license has expired, the mobile device removes the license-expired DRM content, or alternatively transfers the license-expired DRM content to a specified folder. | 04-29-2010 |
20100107259 | Authentication of HTTP Applications - An apparatus such as an HTTP proxy server compares information of a request by HTTP client logic with a known pattern of information for the client logic. When the information of the request matches the known pattern, the HTTP proxy server causes content and/or software to be communicated to the client in response to the request. Depending upon the results of the comparison, the HTTP proxy may also validate or invalidate the request before communicating it to the server. | 04-29-2010 |
20100122347 | AUTHENTICITY RATINGS BASED AT LEAST IN PART UPON INPUT FROM A COMMUNITY OF RATERS - A rating option can be provided within a user interface. The rating option can permit an interface user to provide a quantitative indication regarding an option of whether a profile detailing identification data for an on-line entity is accurate. Rating input can be received using the rating option from a set of raters. An identity score that indicates a confidence level that the profile data of an on-line entity is accurate can be calculated based at least in part upon the rating input from the set of raters. In various embodiments, the identity score can also be based at least in part upon self-verification information provided by the on-line entity and information provided by one or more identity authorities. An authenticity rating based upon the calculated identity score can be presented to communicators able to interact on-line with the on-line entity. | 05-13-2010 |
20100122348 | ORIGIN AND CUSTODY OF COPIES FROM A STORED ELECTRONIC RECORD VERIFIED PAGE BY PAGE - A method of authenticating a copy of a multi-page document, which includes digitizing a said multi-page document to generate one or more digitized files that together comprise a digitized transcript. A mark that is unique to the preparer of the document, such as a signature, is prepared and digitized. The preparer of the document is allowed to deposit the digitized transcript on an online repository. The operator of the online repository immediately establishes a verification process for the deposited digitized transcript. This verification process includes associating the digitized preparer mark with the deposited digitized transcript, and freezing the transcript, by encrypting it and deriving a checksum. The verification process also include associating a repository mark with the transcript. The operator of the online repository defines, under the direction of at least the preparer of the document, security rights to limit or otherwise control access to the deposited digitized transcript. The digitized preparer mark and the digitized repository mark are allowed to appear on substantially all copies of the pages of the document only if the pages have not been altered. If carrying out the verification process verifies that the deposited digitized transcript has not been changed since the verification process was established the marks are displayed with the unaltered page. This display whether the pages are displayed on a monitor or printed in paper form. Each page with this display is thus authenticated as to origin and custody apart from the other pages or the transcript as a whole. | 05-13-2010 |
20100125914 | PROTECTED INFORMATION STREAM ALLOCATION USING A VIRTUALIZED PLATFORM - A protected stream manager includes one or more subsystems to receive a content stream in a virtual environment, obfuscate the content stream, and prioritize use of a processor to process the content stream. | 05-20-2010 |
20100125915 | Secure Computer Architecture - A secure computer architecture is provided. With this architecture, data is received, in a component of an integrated circuit chip implementing the secure computer architecture, for transmission across a data communication link. The data is converted, by the component, to one or more first fixed length frames. The one or more first fixed length frames are then transmitted, by the component, on the data communication link in a continuous stream of frames. The continuous stream of frames includes one or more second fixed length frames generated when no data is available for inclusion in the frames of the continuous stream. | 05-20-2010 |
20100132044 | Computer Method and Apparatus Providing Brokered Privacy of User Data During Searches - Computer method and apparatus brokers and provides user data in a computer network of users. The invention system stores user data of the users. A search engine enables a searching user to query the stored user data and maintain anonymity of the users. The invention system brokers the query/search results. Each user whose stored user data matches the query maintains stewardship or control over the exposure of her/his user data. An output unit displays to the searching user the matching user data as brokered through (approved and optionally edited by) the respective user. | 05-27-2010 |
20100132045 | APPARATUS AND METHOD FOR RIGHT MANAGEMENT OF DIGITAL CONTENTS - Disclosed is an apparatus for right management of digital contents includes: a digital right manager that creates a usage right of digital contents on the basis of received right information; and a contents manager that provides the digital contents in accordance with the created usage right, wherein the contents manager includes a contents packing unit that receives the usage right created from the digital right manager, and extracts and packages components of the digital contents in accordance with the usage right, and a contents providing unit that receives packaged digital contents created from the contents packaging unit and provides the digital contents to a contents using device. | 05-27-2010 |
20100132046 | Electronic Circuit for Securing Data Interchanges Between a Computer Station and a Network - The present invention relates to an electronic circuit for securing data interchanges between a computer station and a network, said circuit comprising a first network interface connected to said network, said circuit comprising at least a second network interface connected to a network interface of said computer station, a unit for processing data passing between the first network interface and the second network interface, an interface for connection to an internal bus of the computer station suitable for electrically connecting the power supply, said electronic circuit not comprising any means of transferring processed data with the bus of said station. The invention applies in particular to the protection of personal computers handling confidential data. | 05-27-2010 |
20100138927 | Apparatus and Method for Preventing Unauthorized Access to Secure Information - A computer readable storage medium includes executable instructions to process a duress command to invoke a system termination operation. The duress command may be a pass phrase with an added prefix or suffix. The duress command may be received from a menu, a dedicated key or a key sequence. The system termination operation may result in whole disk encryption. Alternately, the system termination operation may result in permanent destruction of data. | 06-03-2010 |
20100138928 | APPARATUS AND METHOD FOR SHARING CONTENT BETWEEN DEVICES BY USING DOMAIN DRM - An apparatus for sharing content between devices by using a domain digital rights management (DRM) includes: a domain management unit for performing management of a domain within a specific area and registration of users and user devices; a user management unit for managing information about the users of the domain registered by the domain management unit; and a device management unit for managing domain clients of the domain registered by the domain management unit. The apparatus further includes a DRM management unit that has DRM information that supports the domain created through the domain management unit and update information about each DRM, and relays such that DRM content stored in each domain client is converted into domain DRM content and domain DRM license. | 06-03-2010 |
20100138929 | CONDITIONALLY TRACEABLE ANONYMOUS SERVICE SYSTEM - Conditionally traceable anonymous service system is provided. The system respectively separates subject conforming real name, subject conforming anonymity, subject requesting verification for an anonymity certification means, so that privacy of a user is hardly violated, the present invention can acquire real name information for the user only when a trace for a user is surely requested. | 06-03-2010 |
20100138930 | System and Method of Secure Garbage Collection on a Mobile Device - A method and system for performing garbage collection involving sensitive information on a mobile device. Secure information is received at a mobile device over a wireless network. The sensitive information is extracted from the secure information. A software program operating on the mobile device uses an object to access the sensitive information. Secure garbage collection is performed upon the object after the object becomes unreachable. | 06-03-2010 |
20100146628 | Combating Fraud in Telecommunication Systems - A method and apparatus for combating fraudulent use of a telecommunication system by subscribers who terminate calls improperly without allowing the termination of the call to be recorded, and thereby attempt to avoid correct payment for the call. The apparatus comprises a record means for creating a call detail record (CDR) of certain events for each call on which billing for each call can be based. A modified Call Agent ( | 06-10-2010 |
20100146629 | CONTENT PROTECTION SYSTEM COMPATIBILITY IN HOME NETWORKS - In a first embodiment of the present invention, a method for performing digital rights management (DRM) for a media item in a device in a home network is provided, the method comprising: retrieving a content directory service (CDS) item for the media item, wherein the CDS item includes a pointer to a rights token and metadata regarding a DRM Interoperability Solution (DIS); determining if the rights token must be downloaded by examining the metadata regarding the DIS; and downloading the rights token by following the pointer if it is determined that the rights token must be downloaded. | 06-10-2010 |
20100146630 | METHOD AND DEVICE FOR EXCHANGING DIGITAL CONTENT LICENSES - Exchange of Digital Rights Management protected content between two devices without the need for a third party. Each user marks a license as unusable and the devices the trade licenses. A user then instructs the device to import the received license. The device verifies that a license has been rendered unusable and only then erases the unusable license and enables the device to use the new license. The content associated with a license may be traded before or after the license exchange, and may also be downloaded from a third party. Also provided is a device for exchanging licenses. | 06-10-2010 |
20100146631 | METHOD AND SYSTEM FOR THE SECURE DISTRIBUTION OF DIGITAL DATA - The application relates to a method for the secure distribution of digital data transmitted to a client station, said digital data being in a first digital format of a non audiovisual nature, said method implementing a protection device able to protect data in a second digital format and to transmit them to said client station. According to the invention, said second format is of an audiovisual nature and the method includes a step of converting digital data in said first digital format, into said second format. | 06-10-2010 |
20100146632 | REPRODUCTION RULE EVALUATION DEVICE, REPRODUCTION RULE EVALUATION METHOD, RECORDING MEDIUM AND PROGRAM - When a viewer views content, it is reproduced by a reproduction procedure depending on a dynamic condition set in the content. Here, a content object data input unit obtains an externally-input content object. The content object is stored in a content object data retention unit, if necessary. The content object includes a reproduction rule and a content data. A reproduction rule evaluation and execution unit obtains the reproduction rule in the content object and performs processing in accordance with the reproduction rule. The reproduction unit reproduces a reproducible data specified by the reproduction rule evaluation and execution unit. An identifier management unit retains an identifier of a content object reproduction device and provides the identifier upon request. It is thus possible to reproduce in accordance with the reproduction rule set in the content object data and to control the reproduction procedure depending on the dynamic condition. | 06-10-2010 |
20100146633 | Memory Controller,Non-Volatile Storage Device, Non-Volatile Storage System,Access Device, and Data Management Method - In a memory controller according to the present invention, an external I/F unit receives ID information associated with data from the outside of a non-volatile memory, and a recording controller manages a recording position of the data in the non-volatile memory based on the ID information, so that an amount of time necessary for the retrieval of rights information based on the ID information is reduced. | 06-10-2010 |
20100146634 | DATA PROTECTION DEVICE AND METHOD - Provided is a data protecting device and method. When a specific application requests an access to sealed data, an operating system generates application identity information without interruption by the corresponding application, and writes the generated application identity information in a platform configuration register that can be reset in a trusted platform module. Upon having received the unsealing request, the trusted platform module transmits data to the application when the unsealing condition included in the sealed data block corresponds to the state value of the currently operated platform written in a platform configuration register in the trusted platform module. | 06-10-2010 |
20100146635 | METHOD OF IMPROVING SYSTEM PERFORMANCE AND SURVIVABILITY THROUGH SELF-SACRIFICE - A biologically-inspired system and method is provided for self-adapting behavior of swarm-based exploration missions, whereby individual components, for example, spacecraft, in the system can sacrifice themselves for the greater good of the entire system. The swarm-based system can exhibit emergent self-adapting behavior. Each component can be configured to exhibit self-sacrifice behavior based on Autonomic System Specification Language (ASSL). | 06-10-2010 |
20100146636 | APPARATUS AND METHOD FOR RECORDING AND REPRODUCING IMAGES - Provided is imparting authentication codes to image data photographed by a camera connected to the apparatus for recording and reproducing images to generate encryption data and monitors control instructions input from the outside to the apparatus for recording and reproducing images, thereby interrupting the control instructions that store or cancel the image data stored in the apparatus for recording and reproducing images. As a result, the integrity of the image data cannot be questioned. Further, when the image data stored in the apparatus for recording and reproducing images are submitted as evidence, the integrity of the image data and the information on the corresponding image data submitted as evidence can be verified by using the authentication data generated for the original image data. | 06-10-2010 |
20100146637 | METHOD FOR MOVING RIGHTS OBJECT IN DIGITAL RIGHTS MANAGEMENT - A method for moving Rights Object (RO) in a Digital Rights Management (DRM). RO for content is partially or entirely moved between Devices in the same group, so that the RO can be shared between the Devices and a utility thereof can be enhanced. | 06-10-2010 |
20100162402 | DATA ANONYMIZATION BASED ON GUESSING ANONYMITY - Privacy is defined in the context of a guessing game based on the so-called guessing inequality. The privacy of a sanitized record, i.e., guessing anonymity, is defined by the number of guesses an attacker needs to correctly guess an original record used to generate a sanitized record. Using this definition, optimization problems are formulated that optimize a second anonymization parameter (privacy or data distortion) given constraints on a first anonymization parameter (data distortion or privacy, respectively). Optimization is performed across a spectrum of possible values for at least one noise parameter within a noise model. Noise is then generated based on the noise parameter value(s) and applied to the data, which may comprise real and/or categorical data. Prior to anonymization, the data may have identifiers suppressed, whereas outlier data values in the noise perturbed data may be likewise modified to further ensure privacy. | 06-24-2010 |
20100162403 | SYSTEM AND METHOD IN A VIRTUAL UNIVERSE FOR IDENTIFYING SPAM AVATARS BASED UPON AVATAR MULTIMEDIA CHARACTERISTICS - A system and method in a virtual universe (VU) system for identifying spam avatars based upon the avatars' multimedia characteristics may have a table that stores multimedia characteristics of known spam avatars. It further may have an analysis unit that compares the multimedia characteristics of avatars against the multimedia characteristics of known spam avatars to determine if the avatar has known spam avatar characteristics. It may further have a scoring system to calculate a spam score based upon the similarities of the comparison and identifying the avatar as a spam avatar based upon the calculated spam score. It may further compare the calculated spam score with a spam score threshold wherein the avatar is identified as a spam avatar if the calculated spam score is equal to or greater than the calculated spam score. Multimedia characteristics include graphics, audio, movement, interactivity, voice, etc. | 06-24-2010 |
20100162404 | IDENTIFYING SPAM AVATARS IN A VIRTUAL UNIVERSE (VU) BASED UPON TURING TESTS - A virtual universe system has a system and method for identifying spam avatars based upon the avatar's behavior characteristics through the use of Turing tests. The system may provide a Turing test unit for performing Turing tests and an analysis unit that compares the behavior characteristics of new or newly changed avatars against the behavior characteristics of known spam avatars to determine if the avatar has known spam avatar characteristics. It may further have a scoring system to calculate a spam score based upon similarities of the comparison and identifying the avatar as a spam avatar based upon the calculated spam score. It may further compare the calculated spam score with a spam score threshold wherein the avatar is identified as a spam avatar if the calculated spam score is equal to or greater than the calculated spam score. | 06-24-2010 |
20100162405 | PROTECTING AGAINST POLYMORPHIC CHEAT CODES IN A VIDEO GAME - Embodiments are directed towards protecting against polymorphic cheat codes in a video game environment. A detour analyzer analyzes game code in client memory for possible hooks to parasite code. For each detected hook to parasite code, hook and/or parasite information is determined to generate a hook/parasite signatures, which are sent to a remote network device. Based on the hook/parasite signatures a weighted combination of scores are generated that is useable to determine a probability value that the parasite code is cheat code. If the determined probability value indicates cheat code, the user of the client device may be banned from future game play. Additionally, the hook/parasite signature information may be used to update the data store to detect polymorphic changes in the cheat code. | 06-24-2010 |
20100162406 | SECURITY ASPECTS OF SOA - The present description refers in particular to a computer implemented method, computer program product, and computer system for dynamic separation of duties (SoD) during workflow execution. Based on at least one policy file, at a monitoring module, at least one node to be logged from a message in a message pipe of one or more messages exchanged when executing a workflow instance may be specified. Information on the at least one logged node may be passed to an enforcer. SoD violation for the at least one logged node may be checked at the enforcer. If, for the at least one logged node, SoD is violated, action may be taken based on the at least one policy file. | 06-24-2010 |
20100162407 | APPARATUS, METHOD, AND RECORDING MEDIUM - It requires a lot of money to newly develop a management application operating on an apparatus or an information device for managing the function of the multifunction peripheral from a remote place. To a management apparatus already existing in the market, information including function information which is not an object of management of the management apparatus requested by the management apparatus is returned in a format interpretable for the management apparatus. Further, a function of an apparatus which is not an object of management of the management apparatus is managed by carrying out processing which is not a processing requested by the management apparatus. | 06-24-2010 |
20100162408 | METHODS AND APPARATUS FOR TITLE STRUCTURE AND MANAGEMENT - A title management apparatus resident on a first computer including a memory for storing a control program and data, and a processor for executing the control program and for managing the data. The apparatus includes user data resident in the memory including a set of user security indicia. The apparatus also includes a first title object resident in the memory including a title structure, the title structure further comprising a content element, a set of attributes, and a set of title object security indicia. The apparatus further includes a set of stub objects coupled to the title object, wherein the set of stub objects can further optimize the title structure; an authorization structure configured to selectively redeem the content element based at least in part of the user security indicia; and, a title management structure configured to associate a user with the first title object based at least in part of the user data and the title attributes. | 06-24-2010 |
20100162409 | METHOD FOR MOVING RIGHTS OBJECT AND METHOD FOR MANAGING RIGHTS OF ISSUING RIGHTS OBJECT AND SYSTEM THEREOF - A method for managing rights of issuing a Rights Object (RO), and a method for moving an RO created by a Local Rights Manager (LRM) between Digital Rights Management (DRM) Agents, are discussed. A Right Issuer (RI) permits an LRM to move an RO created (or issued) by the LRM to move via the RI, and a first DRM Agent moves the RO to a second DRM Agent via the RI. | 06-24-2010 |
20100169976 | EXTENSIBLE ACTIVATION EXPLOIT SCANNER - An extensible activation exploit scanner may have a modular structure, such that capabilities of the activation exploit scanner may be updated easily. The extensible activation exploit scanner may include an exploit data file, at least one detection module, at least one response module, and a base scanner. The exploit data file may have a number of entries, each of which may include information about a respective activation exploit or a respective class of activation exploit, as well as information about a detection module and a response module. The activation exploit scanner may read an entry of the exploit data file, may execute a detection module, corresponding to the entry, to detect a respective activation exploit or class of activation exploit, and may execute a response module, corresponding to the entry, to perform an action when the respective activation exploit or the class of activation exploit is detected. | 07-01-2010 |
20100169977 | SYSTEMS AND METHODS FOR PROVIDING A LICENSE FOR MEDIA CONTENT OVER A NETWORK - Various embodiments of the present invention provide systems, methods, and apparatus for tagging a segment of media content. In various embodiments, a beginning location and an ending location indicating the segment are recorded and are used to retrieve the segment from the media content. Various embodiments provide systems and methods for communicating the segment with a user. In various embodiments, the user requests the segment and the position of the segment in the media content and the storage location of the media content are used to extract the segment from the media content. In addition, various embodiments provide systems and methods for providing a license to the user to observe the segment. In various embodiments, a request for the license includes a player identifier and a user identifier that are used to verified the player is associated with the user and the user has rights to observe the segment. | 07-01-2010 |
20100169978 | Content usage managing apparatus, content usage managing method and program - There is provided a content usage managing apparatus including a memory unit to store the first relation between a POP and one or more contents included in the POP and the second relation between the POPs linked via a content in a package which includes two or more POPs, a selection unit to select the first content out of contents included in the first POP of the package, a specifying unit to specify the first webpage including the first content, and an examination unit to examine whether the first POP and one or more contents included in the first POP satisfy the first relation and to examine whether the first POP and the second POP linked to the first POP via the second content satisfy the second relation on at least any one of the first webpage or one or more webpages linked to the first webpage. | 07-01-2010 |
20100169979 | System and Method for Handling Restoration Operations on Mobile Devices - Systems and methods for handling restoration operations for a mobile device. A mobile device receives a kill pill command, wherein the command causes some or all data on the mobile device to be wiped. An indicator is stored to indicate that the kill pill command was sent to the mobile device. The indicator is used to determine whether a program should be wiped from the mobile device. | 07-01-2010 |
20100175136 | SYSTEM AND METHOD FOR SECURITY OF SENSITIVE INFORMATION THROUGH A NETWORK CONNECTION - A system and method for preventing phishing attacks by comparing the address of a Web site to which a user wishes to enter sensitive information (or indeed any type of user information) to at least one previous address to which the user already submitted at least a portion of this information. If the current address and the previous address are not identical, the user is preferably at least alerted; more preferably transmission of the information is blocked. The present invention may also optionally operate even if only a portion of the sensitive information is submitted, such as only the password for example. | 07-08-2010 |
20100175137 | DOMAIN NAME HIJACK PROTECTION - A domain name registering entity (such as a domain registry, registrar, or reseller) or an independent proxy registration service may offer a domain name hijack protection to their actual or potential customers. When a domain name transfer request or notice is received in a proxy email address listed in the domain name's WHOIS records, the domain name registering entity or the proxy registration service may ignore or decline it. Customers may be given an ability to turn the domain name hijack protection service on and off, as well as an ability to adjust a variety of settings associated with the service. | 07-08-2010 |
20100180345 | METHOD FOR DOCUMENT PROCESSING - A method and system process a document having attached thereto a set of digital rights specifications, the digital rights specifications specifying constraints on the processing of the document. A workflow controller selects candidate devices, for processing the document, from a plurality of devices and determines, for each candidate device, that the device meets the digital rights specifications requirements. A set of devices are assigned to process the document from the set of devices that meet the digital rights specifications constraints. The workflow controller detects a failed device included in the assigned set of devices to process the document and determines potential candidate devices to replace the failed device. For each potential candidate device, it is determined if the potential candidate device meets the digital rights specifications requirements. A device that meets the digital rights specifications constraints is assigned to replace the failed device. | 07-15-2010 |
20100180346 | OBFUSCATION ASSISTING APARATUS - To provide, in order that proper obfuscation of a source code ( | 07-15-2010 |
20100180347 | PLUGGABLE FILE-BASED DIGITAL RIGHTS MANAGEMENT API LAYER FOR APPLICATIONS AND ENGINES - A pluggable file-based DRM (digital rights management) API (application program interface) layer for applications and engines. The invention defines a pluggable file-based DRM API layer such that mobile operators can choose to use any file-based DRM (FDRM) engine in their final product. An FDRM engine can be content agnostic (e.g., can range from an executable to a media file or ring-tone). In accordance with the invention, an application can become DRM aware by calling the novel file-based DRM APIs. Any FDRM engine can be plugged into the novel API layer such that applications can use the protected content. The API layer of the subject invention can be designed such that applications that are DRM aware by using the file-based DRM API layer can be DRM engine agnostic. | 07-15-2010 |
20100186090 | METHOD, APPARATUS AND COMPUTER PROGRAM PRODUCT FOR A CONTENT PROTECTION SYSTEM FOR PROTECTING PERSONAL CONTENT - An apparatus for providing a content protection system for protecting personal content may include a processor configured to receive an indication of personal content submitted for inclusion in a content protection system, and determine admissibility of the personal content to the content protection system based at least in part on indicia associated with a source device from which the personal content originated. A corresponding method and computer program product are also provided. | 07-22-2010 |
20100186091 | Methods to dynamically establish overall national security or sensitivity classification for information contained in electronic documents; to provide control for electronic document/information access and cross domain document movement; to establish virtual security perimeters within or among computer networks for electronic documents/information; to enforce physical security perimeters for electronic documents between or among networks by means of a perimeter breach alert system - The invention is an a document classification and marking engine/method that functions in a real-time compatible mode with off-the-shelf word processors, e-mail programs and presentation or other document development software applications. The software engine is used for the security classification of sensitive or national security classified information in electronic format and is enhanced by methods and processes that ensure that the software classification engine considers all document informational elements regardless of attributes assigned to the text that may hide text from the user. The software engine provides a complete and reliable document classification determination interface method based on user selections and uniquely codes the full text classification determination in a persistent manner within the electronic shell of the document in real-time and dynamically displays the text based full classification determination in the banner of the host document development application. The unique codes of the full classification embedded in the electronic shell of the document enable effective and reliable software processes and methods that establish controls for access, movement, storage etc. for electronic documents, as well as virtual electronic security perimeters, on a computer, networks of computers and/or among computer networks and domains of networks. The full or complete and persistent classification codes embedded in the document shell also enables reliable software processes and methods that immediately warn or alert security personnel of a beach of a physical security perimeter between or among computers networks or domains of networks established to protect the information contained in electronic document format. | 07-22-2010 |
20100186092 | NETWORK AUDIO-VIDEO CONTENTS PLAYBACK TERMINAL, SERVER, AND SYSTEM - Methods to set a viewing and/or listening term are classified into two types, which are a fixed-time-length type to limit time length and a fixed-expiration-time type to limit expiration time. And the timings of license acquisition are classified into two types which are an immediate-acquisition type and a point-of-use type. The type of the timing of license acquisition is written to a meta data which is to be sent to a terminal before initiating download. The terminal determines the timing of license acquisition according to the meta data. When contents are point-of-use type, the terminal doesn't acquire a key and an expiration time information until a time of initiating playback. On the other hand, when contents are immediate-acquisition type, the terminal acquires the key and the expiration time information at any point of time. Since the key is acquired at the early timing such as download completion timing, a reaction velocity in response to a playback instruction can be heighten. | 07-22-2010 |
20100186093 | PORTABLE MASS STORAGE DEVICE WITH HOOKING PROCESS - The invention relates to a portable mass storage device ( | 07-22-2010 |
20100186094 | EMBEDDED SYSTEM ADMINISTRATION AND METHOD THEREFOR - An administration system for use within a server system is provided. The server system having a server that provides host management functions and the server system being able to accept computer cards inserted therein. The administration system comprises a computing system that is inserted in the server system, the computing system having a controller that assumes control over the communications bus. | 07-22-2010 |
20100192230 | PROTECTING TRANSACTIONS - Technology is described for protecting transactions. The technology may include a switching component that a user can employ to switch an associated mobile device into a secure mode so that a user can confirm the transaction. After initiating a transaction request, the user can confirm the transaction request by activating the switching component, which can cause the mobile device to switch into a secure mode. In the secure mode, the mobile device may prevent the mobile device from conducting various normal activities, such as executing applications, receiving input, providing output, and so forth. The switching component may disable other processing temporarily. Upon receiving the confirmation from the user, the switching component may send a confirmation communication to complete the transaction. | 07-29-2010 |
20100192231 | MEDIA PACKAGE, SYSTEM COMPRISING A MEDIA PACKAGE AND METHOD OF EXECUTING PROGRAM CODE - A media package storing program code, the media package comprising a medium storing a first part of the program code intended to be executed on a processor external to the media package, and a processing device storing a state and a second part of the program code, the first and the second parts of the program code being adapted to interact when executed so as to execute the program code. The processing device comprises a processor for verifying the state and for executing the second part of the program code if the verification of the state indicates that this is authorised; and a first interface for communication with the processor external to the media package. The processing device further comprises a second interface adapted to interact with a state change device in order to set the state from a first state not authorising execution of second part of the program code to a second state authorising execution of second part of the program code. The second interface is a Radio Frequency interface adapted to, when the media package is in the first state, interact with at least one anti-theft portal. Also provided is a system. | 07-29-2010 |
20100192232 | METHOD FOR MOVING RIGHTS OBJECT IN DIGITAL RIGHTS MANAGEMENT - A method for moving Rights Object (RO) in a Digital Rights Management (DRM). RO for content is partially or entirely moved between Devices in the same group, so that the RO can be shared between the Devices and a utility thereof can be enhanced. | 07-29-2010 |
20100199354 | Obfuscating Computer Program Code - A computer-implemented method of tamper-protecting computer program code. The method comprises: obtaining an input representation of the computer program code; identifying a conditional program statement for causing a data processing system to selectively execute one of at least a first and a second sets of program statements when said computer program is executed by a data processing system; replacing said identified conditional program statement and the first and second sets of program statements with a set of transformed program statements to obtain obfuscated program code, wherein the set of transformed program statements is adapted to cause the data processing system to execute at least a part of each of the transformed program statements when said computer program is executed by the data processing system. | 08-05-2010 |
20100199355 | METHOD OF PROTECTING DIGITAL DOCUMENTS AGAINST UNAUTHORIZED USES - The method comprises: taking a digital document for protection that constitutes a piece of source code, and identifying therein a programming language L defined by a grammar G | 08-05-2010 |
20100199356 | METHOD AND APPARATUS FOR PROVIDING WEB PRIVACY - A method and an apparatus for providing privacy in a network are disclosed. For example, the method receives a request, e.g., an HTTP request, from a user for information, wherein the information includes at least a Uniform Resource Locator (URL) of at least an aggregator. The method identifies all personally identifiable information of the user. The method then masks the personally identifiable information from the browser in the endpoint device of the user, while responding to the request. | 08-05-2010 |
20100205676 | PROCESSING OF DATA INFORMATION IN A SYSTEM - Data information, represented by electric or wave signals, or data information within the artificial or natural databases and storage media, such as for example DNA, encoded as a sequence of symbols, is, for the purpose of its concealing and simultaneously preserving its select local data information segments, partitioned within a physical medium, such as especially computer hardware, physical communication channel, physical storage medium or biological material, into short overlapping data segments. The studied local data information segments are contained within the short segments in their entirety. These partitioned short segments constitute the first group and to at least one short segment of the first group, data, encoded as selected symbols, are pre-pended or appended, to the symbols of the short segments of the first group. The resulting mixture of segments is interconnected into a sequence of data. The entire process may be repeated multiple times. | 08-12-2010 |
20100205677 | CONTENT INFORMATION PROVIDING SYSTEM, CONTENT INFORMATION PROVIDING SERVER, CONTENT REPRODUCTION APPARATUS, CONTENT INFORMATION PROVIDING METHOD, CONTENT REPRODUCTION METHOD AND COMPUTER PROGRAM - A content information providing system is disclosed which can protect the copyrights of contents while permitting users who do not purchase the contents to utilize the contents. A content information providing server includes a user information storage section for storing a user key unique to each user, a content key storage section for storing content keys unique to individual contents, a recommendation section for selecting a content to be recommended to the user, a content key encryption section for encrypting the selected content key with a user key of the user of a target of the recommendation, and a content information sender section for transmitting the encrypted content key to a content reproduction apparatus used by the user. The content reproduction apparatus includes a content information receiver section for receiving the content key, and a content key decryption section for decrypting the encrypted content key. | 08-12-2010 |
20100212015 | METHOD AND SYSTEM FOR PRODUCING MULTIMEDIA FINGERPRINT BASED ON QUANTUM HASHING - Disclosed are a method and system for producing a multimedia fingerprint based on quantum hashing. The method includes receiving an input of a multimedia file, extracting a quantum hash type fingerprint from the input multimedia file, calculating similarity between the extracted quantum hash type fingerprint and a binary fingerprint stored in a database, and selecting, as a calculation result, data having a fingerprint calculated as having the highest similarity. | 08-19-2010 |
20100212016 | CONTENT PROTECTION INTEROPERRABILITY - Various embodiments provide content protection interoperability techniques which support secure distribution of content for multiple content protection technologies. In one or more embodiments a source digital rights management (DRM) system can associate trust data with content to be exported to a target digital rights management (DRM) system. The trust data describes a trust state for the content to enable the target DRM system to maintain the trust state for the exported content. In at least some embodiments, the source DRM system can also associate tracing data with the content to, in the event of a breach in the chain of trust, enable an identification to be made of a source of the exported content and/or a party responsible for exporting the content. | 08-19-2010 |
20100212017 | SYSTEM AND METHOD FOR EFFICIENT TRUST PRESERVATION IN DATA STORES - The invention provides a method and system for preserving trustworthiness of data, the method includes storing data on an untrusted system, and committing the data to a trusted computing base (TCB). The committing includes upon an end of a predetermined time interval, transmitting a constant size authentication data from the untrusted system to the TCB, and the TCB preserving trustworthiness of the authentication data based on performing a single hash operation of a first root and a second root of a general hash tree representing authenticated data. | 08-19-2010 |
20100212018 | GENERATING HUMAN INTERACTIVE PROOFS - A method for generating one or more human interactive proofs (HIPs) is described herein. A HIP request may be received. One of a plurality of HIP engines may be selected using a randomization algorithm. Each HIP engine may have a distinct algorithm for generating the one or more HIPs. The one or more HIPs may be generated using the one of the plurality of HIP engines. | 08-19-2010 |
20100212019 | Method and Apparatus for Protecting Information and Privacy - A system for protecting software against piracy while protecting a user's privacy enables enhancements to the protection software in a user device and extended protections against piracy. The protection system allows the user device to postpone validation of purchased tags stored in a tag table for installed software and to re-establish ownership of a tag table to recover from invalidation of a tag table identifier value resulting from revelation of a tag table identifier value. Continued use of the tag table is provided by the use of credits associated with a tag table. A protection center is protected against denial of service attacks by making calls to the protection center cost time or money to the attackers. | 08-19-2010 |
20100212020 | PRE-PROCESSED INFORMATION EMBEDDING SYSTEM - Auxiliary information ( | 08-19-2010 |
20100218257 | PROGRAM OBFUSCATION APPARATUS, PROGRAM OBFUSCATION METHOD AND COMPUTER READABLE MEDIUM - A program obfuscation method includes: detecting a loop from an obfuscation target program; adding a conditional expression to the obfuscation target program at a preceding stage of the loop, wherein the conditional expression is neither permanently invalid nor permanently valid and adding a flow in which (a) when a logical value of the conditional expression is false, processing of the obfuscation target program proceeds to a start of the loop, and (b) when the logical value of the conditional expression is true, the processing executes a set of executable statements equivalent to a set of executable statements which are ones from the first executable statement to a middle executable statement among a plurality of executable statements in the loop, and then the processing proceeds to an executable statement subsequent to the middle executable statement in the loop. | 08-26-2010 |
20100218258 | CONTENTS PROTECTION PROVIDING METHOD AND PROTECTED CONTENTS CONSUMING METHOD AND APPARATUS THEREOF - Provided is a contents protection providing method, a protected contents consuming method and an apparatus thereof. The contents protection providing method includes: creating protected scheme information; and transmitting the protected scheme information to a terminal, wherein the protected scheme information includes: scheme type information including identification (ID) information of a protection scheme; and scheme information including detailed information of the protection scheme. | 08-26-2010 |
20100218259 | METHOD, APPARATUS AND COMPUTER PROGRAM FOR SUPPORTING DETERMINATION ON DEGREE OF CONFIDENTIALITY OF DOCUMENT - Determining confidentiality of an office document shared by multiple organizations. Each block of a document data set is stored in association with confidentiality information indicating whether the block is confidential. The document data set is dividable into blocks each being a unit including properties evaluated as having a certain characteristic. A document data set targeted for the confidentiality determination is acquired, and it is determined whether a document data set, including a block similar to each block of the acquired document data set, is stored. If the document data set including the similar block is stored, it is determined whether the confidentiality information indicating that the block is confidential is assigned to the block of the acquired document data corresponding to the similar block. If the confidentiality information indicating that the block is confidential is assigned, the acquired document data set is determined as confidential. | 08-26-2010 |
20100218260 | Provisions for Validating Content Using a Content Registration Authority - Strategies are described for validating content transferred over a communication channel using a more effective approach than heretofore provided in the art. A content registration authority is provided which registers the content disseminated by one or more content providers to one or more client devices. A client device which receives content that has been registered can securely consume the content, based on an assumption that a content provider which furnishes the content is entrusted by the content registration authority to provide the content, and without prompting a user of the client device to expressly approve the content provider. In a first solution, the content registration authority registers the content by issuing a certification stamp; in a second solution, the content registration authority registers the content by storing registration information in a central repository. The content may contain instructions which perform operations in the context of an instant messenger application. | 08-26-2010 |
20100223671 | Document checking apparatus, computer-readable recording medium, and document checking method - A document checking apparatus includes a keyword appearance position extracting unit that extracts keywords and the appearance positions of the keywords from a target document including a confidential document; a keyword pair extracting unit that treats each keyword of the appearance positions of the extracted keywords as a target and determines whether there is another extracted keyword within a predetermined range before and after the target keyword; a feature element matrix creating unit that generates, when it is determined that there is the another keyword, combination information obtained by combining the determination target keyword and the another keyword in association with anteroposterior information of the appearance positions of the keywords; and a computing unit that determines whether the number of combination information, among the plurality of combination information of the generated target document, identical to the combination information of the confidential document is not less than a predetermined value. | 09-02-2010 |
20100223672 | Systems and Methods for Managing and Protecting Electronic Content and Applications - Systems and methods are disclosed for managing and protecting electronic content and applications. Applications, content, and/or users can be given credentials by one or more credentialing authorities upon satisfaction of a set of requirements. Rights management software/hardware is used to attach and detect these credentials, and to enforce rules that indicate how content and applications may be used if certain credentials are present or absent. In one embodiment an application may condition access to a piece of electronic content upon the content's possession of a credential from a first entity, while the content may condition access upon the application's possession of a credential from a second entity and/or the user's possession of a credential from a third entity. Use of credentials in this manner enables a wide variety of relatively complex and flexible control arrangements to be put in place and enforced with relatively simple rights management technology. | 09-02-2010 |
20100229240 | LICENSE MANAGEMENT DEVICE AND CONTROL METHOD AND CONTROL PROGRAM OF LICENSE MANAGEMENT DEVICE - A total time for license check communication processings can be reduced. A cellular phone | 09-09-2010 |
20100229241 | METHOD OF ACCESSING SERVICE, DEVICE AND SYSTEM THEREOF - A method of service access, a device, and a system are provided in an embodiment of the present disclosure. A service requestor identity generating method includes the request for generating the anonymous identity that is adapted to hide the real identity of the client. A method of generating the identity of the service requestor, an access method, a method of tracing the real identity of the service requestor, a device for managing the identity of the service requestor, a service requestor device, an identity management system, a service provider device, an access system, an identity tracing requesting device, and an identity tracing system are provided in an embodiment of the present disclosure. The methods provided in an embodiment of the present disclosure may be used to protect the privacy of the service requestor while obtaining the real identity of the service requestor when necessary. The methods are easy to implement. | 09-09-2010 |
20100235921 | License Scheme for Use with Stackable Devices | 09-16-2010 |
20100235922 | PERSONAL INFORMATION MANAGEMENT DEVICE - A personal information management apparatus acquires associated information that is associated with target information for which transmission has been requested, and if the acquired associated information includes personal information, transmits the target information after modifying the associated portions of the target information. This structure enables improving protection of personal information by protecting not only personal information but also information that cannot be used independently to identify a person but can be easily correlated with other information and used to identify a specific individual with reference to the other information. | 09-16-2010 |
20100235923 | Methods and Systems for Applying Parental-Control Policies to Media Files - A computer-implemented method may intercept a file-system call associated with a media file. The computer-implemented method may determine an attribute of the media file. The computer-implemented method may also identify a parental-control policy associated with the attribute of the media file. The computer-implemented method may further apply the parental-control policy to the media file. Various other methods, systems, and computer-readable media are also disclosed. | 09-16-2010 |
20100242115 | SECURITY COVER - The present invention is available for the field of electronic circuit protection, and provides a security cover for enclosing a protective area on the protected PCB and protecting the components in this area. The security cover comprises a flexible PCB that is folded with a receiving space and an opening in a side in the space. The flexible PCB is covered on the protective area of the protected PCB and encloses the components in the protective area. The flexible PCB triggers the related circuits to remove or destroy the information on the components in this protective area in case of physical attack. The present invention is to enclose the key components on PCB via the flexible PCB with the receiving space so as to prevent the key components from being attacked. | 09-23-2010 |
20100242116 | INTEROPERABLE DIGITAL RIGHTS MANAGEMENT DEVICE AND METHOD THEREOF - Provided are an interoperable DRM device and method thereof. The interoperable DRM device includes: an interface for communicating with a terminal that performs predetermined operations for reproducing contents; and a DRM processor for managing digital rights of the contents. The DRM processor exchanges messages with the terminal for interoperably managing the digital rights. | 09-23-2010 |
20100242117 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD AND PROGRAM, AND STORAGE MEDIUM STORING THE SAME - An information processing apparatus in which a part of a plurality of different programs included in an application package is validated includes an invalidation command input unit configured to input a command to invalidate a license of the application package, a generation unit configured to generate invalidation verification data by invalidating the license of the program which is included in the application package, is already installed in the information processing apparatus, and has a validated license, and to generate invalidation verification data of the license of the program without installing the program which is included in the application package and is not installed in the information processing apparatus, and an output unit configured to output the invalidation verification data generated by the generation unit. | 09-23-2010 |
20100242118 | SECURITY MANAGEMENT DEVICE AND SECURITY MANAGEMENT METHOD - To provide a security management device, a security management method, a security management program and a security management system that are capable of ensuring a desired security while scheming to save a labor for the security management by the security management device performing access control of a terminal in accordance with a security level of the terminal and prompting it to do security setting. Whether or not a security level reaches a predetermined level is judged by detecting the security level of a terminal from an access pattern, and, in the case of judging that the security level of the terminal does not reach the predetermined level, an access permission range of the terminal is changed. | 09-23-2010 |
20100242119 | ELECTRONIC DOCUMENT RIGHTS AND TRACKING SYSTEM - Method and system to identify document rights by use of the Internet or other networking system and then perform action(s) based on the rights identified in the document. A log may be created where predefined information will be populated and that log will be viewable by the document owner or other person who has access to the log. | 09-23-2010 |
20100251378 | Obfuscating Computer Program Code - A computer-implemented method of tamper-protecting a computer program, the method comprising: processing an input representation of the computer program to identify a function call for causing a data processing system to continue execution of the computer program at a predetermined entry point memory address when said computer program is executed by a data processing system; replacing the identified function call with a modified function call, wherein the modified function call includes an algebraic expression for causing the data processing system to compute the entry point memory address when said computer program is executed by the data processing system. | 09-30-2010 |
20100251379 | Method and System for Configuration Management Database Software License Compliance - A software license engine allows an enterprise to model software license contracts and evaluate deployment of software for compliance with the software license contracts. Deployment of software products in the enterprise is modeled in a configuration management database. The software license engine maintains a license database for connecting software license contracts with software deployment modeled by the configuration management database. Users of the software license engine may use license types that are predefined in the software license engine or may define custom license types. The software license engine may indicate compliance or non-compliance with the software license contracts. | 09-30-2010 |
20100251380 | Method and system for identifying suspected phishing websites - Identifying suspected phishing websites includes: obtaining an address of a website to be identified; determining, according to the address of the website to be identified, that the website to be identified is neither a legal website to be protected nor a phishing website; applying a suspected phishing website rule by matching a regular expression with the address of the website to be identified; and in the event that the matching is successful, determining that the website to be identified is a suspected phishing website. | 09-30-2010 |
20100251381 | SYSTEM RENEWABILITY MESSAGE PROVIDING METHOD AND SYSTEM RENEWABILITY MESSAGE USING METHOD AND APPARATUS THEREOF - Provided are a system renewability message providing method, a system renewability message using method and an apparatus thereof. The system renewability message providing method, includes: creating system renewability message container information including revocation list information for contents protection; and defining the system renewability message container information as an International Organization for Standardization (ISO) base media file format and distributing the system renewability message container information to a terminal. | 09-30-2010 |
20100251382 | CONTENT REPRODUCING DEVICE AND CONTENT REPRODUCING METHOD - A content reproducing device including a communication section configured to receive license information corresponding to content data, a recording management section configured to record the license information, reproduction history of the content data, and identification information of the license information in a storage medium, a reproduction section, and a license evaluation section configured to allow the reproduction section to reproduce the content data when the reproduction history satisfies a reproduction condition specified in the license information and the identification information of the license information is recorded in the storage medium, and not to allow the reproduction section to reproduce the content data when the identification information of the license information is not recorded in the storage medium. | 09-30-2010 |
20100251383 | DATA CLOAKING METHOD AND APPARATUS - A method of cloaking data including the steps of recognizing a combination of unclassified information becoming classified as a result of the combination of the information; and cloaking of a portion of the information responsive to a classified authorization of at least one of receiving equipment and users. The recognizing step and the cloaking step being carried out by a data handling machine. | 09-30-2010 |
20100263051 | SOFTWARE APPLICATION SECURITY METHOD AND SYSTEM - A method for verifying a software application to a user of a device such as a mobile phone. The device receives ( | 10-14-2010 |
20100263052 | Arbitrary Code Execution System For Preventing Concoction And Analysis Of Computer Execution Codes - Disclosed is an analysis of computer execution codes in that an arbitrary code selected from a plurality of codes of various shapes periodically or frequently during execution of a computer program is stored in a memory of the computer to be executed, so that it can be very difficulty in concocting and analyzing the computer program, whereby securely protecting the computer execution codes. The arbitrary code execution system for preventing the concoction and the analysis of computer execution codes includes: a code pool management module for managing a plurality of codes for storing in a memory of a computer in stead of computer programs; a code control module for selecting and transmitting a specific code among the plurality of codes stored in the code pool management module; and a code execution module for storing the specific code transmitted from the code control module in the memory and executing it as a part of the existing programs. | 10-14-2010 |
20100263053 | CONTROLLING A USAGE OF DIGITAL DATA BETWEEN TERMINALS OF A TELECOMMUNICATIONS NETWORK - A method and control of using a content data object associated to a content controlling terminal of a communications network, and receiving a request from a content receiving terminal to get a digital rights data object, associated to the content data object required to use the content data object, and initiating a transmission of the digital rights data object from the content controlling terminal to the content receiving terminal, and a control supporting server thereto. Also generating the digital rights data object, receiving a notification to send the digital rights data object to the content receiving terminal, and sending the digital rights data object to the content receiving terminal, and a content controlling terminal thereto. | 10-14-2010 |
20100263054 | INFORMATION PROCESSING APPARATUS AND METHOD AND STORAGE MEDIUM - An information processing apparatus capable of preventing user's personal information from leaking even when transmission destination information managed in a user-specific address book is transferred to an apparatus users' shared address book. The apparatus is equipped with a function for managing destination information n on a destination indicative of an external apparatus to which data is to be transmitted. An apparatus users' shared address book area stored destination information available to any user. A user-specific address book area stores destination information which can be accessed only by a specific user. When the destination information stored in the user-specific address book is transferred to the apparatus users' shared address book in response to a user's operation, user's personal information included in the destination information is deleted before the transfer. | 10-14-2010 |
20100275264 | COMPUTER FOR CONTROLLING STORAGE SYSTEM PROVIDED WITH ENCRYPTION/DECRYPTION FUNCTION - A computer is coupled to at least one E/D storage (a storage system provided with an encryption/decryption function). A computer determines whether or not a security policy related to a copy destination VOL is equal to a security policy related to a copy source VOL based on the control information that includes information associated with a security policy related to a copy source VOL and a copy destination VOL. In the case in which a result of the determination is positive, the computer specifies an encryption key/decryption key related to a copy source VOL as an encryption key/decryption key related to a copy destination VOL to an E/D storage provided with a copy destination VOL (a copy destination storage). The computer then indicates a read and an undecryption of data that has been stored into a copy source VOL to an E/D storage provided with a copy source VOL, and indicates a write and an unencryption of the read data to a copy destination storage. | 10-28-2010 |
20100275265 | System for securing transactions across insecure networks - A new system is presented here that can effectively protect users' identities, their sensitive data and help secure transactions. The security of this system does not depend on the integrity of the host personal computer nor on the security of the network computers that execute network traffic. Furthermore, the system is designed to help prevent identity theft. This system can be implemented for governments, financial exchanges and health care systems where security is a primary concern. | 10-28-2010 |
20100275266 | Automatically enhancing computing privacy by affecting the screen of a computing device - A method of providing visual security enhancements to electronic data displayed on a display associated with an electronic device, comprising: defining privacy criteria; defining two physical states for operation of the display, wherein the first physical state includes displaying graphical output from the electronic device in a manner that is highly discernible to a viewer; and wherein the second physical state includes displaying the graphical output in a manner that is not highly discernable to the viewer; | 10-28-2010 |
20100275267 | SOCIAL AND RETAIL HOTSPOTS - Systems, methods, and apparatus for social and retail hotspots are provided. | 10-28-2010 |
20100281544 | METHOD AND SYSTEM FOR PREVENTING UNAUTHORIZED RECORDING OF MEDIA CONTENT ON A MACINTOSH OPERATING SYSTEM - A method for preventing unauthorized recording of media content on a Macintosh operating system. The present method registers a compliance mechanism on a client system having the Macintosh operating system operating thereon. The compliance mechanism comprises a framework for validating the compliance mechanism on the client system, and a multimedia component opened by the framework. The present method uses the multimedia component for decrypting the media content on the client system. The present method also prevents decryption of the media content on the client system having the Macintosh operating system operating thereon if a portion of the compliance mechanism is invalidated. | 11-04-2010 |
20100287618 | Executing Native-Code Applications in a Browser - Techniques for leveraging legacy code to deploy native-code desktop applications over a network (e.g., the Web) are described herein. These techniques include executing an application written in native code within a memory region that hardware of a computing device enforces. For instance, page-protection hardware (e.g., a memory management unit) or segmentation hardware may protect this region of memory in which the application executes. The techniques may also provide a narrow system call interface out of this memory region by dynamically enforcing system calls made by the application. Furthermore, these techniques may enable a browser of the computing device to function as an operating system for the native-code application. These techniques thus allow for execution of native-code applications on a browser of a computing device and, hence, over the Web in a resource-efficient manner and without sacrificing security of the computing device. | 11-11-2010 |
20100287619 | DISCRIMINATING DATA PROTECTION SYSTEM - A data protection system selectively deletes data from an electronic device when the device is reported as lost or stolen, or when another data protection triggering event occurs. Different data files may, for example, be treated differently depending on when such files were created. For example, data files that were created while the computing device was known to be in the owner's possession may be deleted, while data files created after the electronic device left the owner's possession may be left intact (since they may have been created by an innocent user). Data files created between these two points in time may be quarantined so that they later be restored, if appropriate. | 11-11-2010 |
20100293618 | RUNTIME ANALYSIS OF SOFTWARE PRIVACY ISSUES - An application may watch to see if information passes a defined trust barrier. If defined information passes a defined trust barrier, an alert may be issued. The alert may include informing a developer of the specific code section that triggered the alert. | 11-18-2010 |
20100299756 | SENSOR WITH A CIRCUIT ARRANGEMENT - The invention relates to a sensor, in particular for detecting attacks on at least one signal-carrying line ( | 11-25-2010 |
20100299757 | MOBILE TERMINAL FOR INFORMATION SECURITY AND INFORMATION SECURITY METHOD OF MOBILE TERMINAL - A mobile terminal to secure information stored therein is provided. The mobile terminal may perform an algorithm to perform information security without remote control. The mobile terminal may detect a characteristic behavior pattern of a user of the mobile terminal, compare the characteristic behavior pattern with a behavior pattern of a current user, and thereby may determine whether a current user is an authorized user. Also, the mobile terminal may perform processing to protect data stored in the mobile terminal based on a result of the determination. | 11-25-2010 |
20100306853 | PROVIDING NOTIFICATION OF SPAM AVATARS - The system monitors activities, movements, and other behavior patterns necessary to determine whether an avatar is a spam advertisement. A storing mechanism stores a “black list” and a black list score consisting of a list of spam avatar identifications (UUIDs) matching avatars that have been flagged as confirmed or suspected spam advertisers. Another mechanism allows the owner to redraw or otherwise re-render a distinguishing mark or other audible signature when an avatar has been detected as being a spam advertiser. Yet another mechanism signals to the owner an offending avatar that they have been added to the black list or had a report filed against them, and a reason as to why (the methods used to identify them). Another mechanism allows for a black listed avatar to be removed from the black list, and scores to be decreased and for the virtual universe and users to utilize the black list and score. | 12-02-2010 |
20100306854 | Generating Obfuscated Data - A method for obfuscating data includes: reading values occurring in one or more fields of multiple records from a data source; storing a key value; for each of multiple of the records, generating an obfuscated value to replace an original value in a given field of the record using the key value such that the obfuscated value depends on the key value and is deterministically related to the original value; and storing the collection of obfuscated data including records that include obfuscated values in a data storage system. | 12-02-2010 |
20100306855 | Content Processing Apparatus and Content Processing Method - Having received an addition notification of a piece of download content, a content processing apparatus registers the notified content as a piece of download-scheduled content. The apparatus recalculates the priority rank of the download execution by taking into consideration a change in the license information on each piece of content, including a piece of already-preregistered download-scheduled content and a piece of content whose download is underway at present. If the download-execution target content specified by the recalculated priority rank is different from the content whose download is underway at present, the apparatus changes the download-execution target to the content specified by the priority rank. | 12-02-2010 |
20100313273 | Securing or Protecting from Theft, Social Security or Other Sensitive Numbers in a Computerized Environment - Use of a database/website or similar system, to store identification or other sensitive numbers, together with email addresses or other contact data in a linked association, for remote access by an organization to initiate usage notification to the true owner of the number collected, and to check a Fraud Alert status or similar setting for the number, and to compare the email address or other contact data obtained from a customer, not to include a PIN, to data stored in the database with the number collected, all of which, depending on the data components entered, will achieve deterrence of identity theft, rapid notification of number usage, rapid communication of a fraud alert or similar status, success or failure in obtaining or establishing an acceptable level of certainty that the customer is the true owner of the number, and a locking/unlocking capability for the number owners within the system domain. | 12-09-2010 |
20100313274 | IMAGE SERVER WITH MULTIPLE IMAGE CONFIDENTIALITY PORTS - Image servers, methods, software applications, and computer readable medium for retrieving images of various levels of patient anonymity via multiple image confidentiality software ports. In an image server, at least two image confidentiality software ports are provided, where each of the image confidentiality software ports is capable of providing images at a predetermined level of patient anonymity, and where the predetermined level of patient anonymity is different for each of the image confidentiality software ports. | 12-09-2010 |
20100325732 | Managing Keys for Encrypted Shared Documents - A system administrator, while logged into a system-administrator account, creates and configures a key-administrator account and a member account. A key administrator, while logged into said key-administrator account, creates a group private key, a group public key, and a group symmetric key, a member private key, and a member public key. The key administrator encrypts the group private key with the group symmetric key, and encrypts said group symmetric key with the member public key. A publisher encrypts a document using the group public key. The publisher distributes the resulting encrypted group document so that it is accessible via said member account but not through said key-administrator account. | 12-23-2010 |
20100325733 | INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD AND PROGRAM - Hindrance of normal execution of a process caused by unexpected processing of a signal handler can be prevented. | 12-23-2010 |
20100325734 | Modular Software Protection - A method for modular software protection includes steps for receiving, at a server, a license key registered for a software executable installed on a client device and machine fingerprint data generated at the client device, accessing, using the server, stored usage rights data indicated by the license key, the usage rights data specifying a number of client devices on which the software executable is licensed to operate and which features of the software executable are enabled, determining, using the machine fingerprint data received by the server, whether operation of the software executable on the client device would cause the number of client devices on which the software executable is licensed to operate to be exceeded, and creating, in response to the determining step, an encrypted license file for transmission to the client device that defines separate features of the software executable to be enabled on the client device. | 12-23-2010 |
20100325735 | System and Method for Software Activation - A system and related method for activating use of software on a computing device utilizes a license server configured so that, responsive to a communication link being available between the license server and the computing device, the license server receives from the computing device, via the communication link, an activation request including (a) a software identifier identifying the software, (b) a device identifier identifying the computer, and (c) a license key for the software, accesses a database storing previously received software identifiers, device identifiers, and license keys, determines an activation instruction through application of a usage policy that compares the activation request to records within the database, and sends the activation instruction to the computing device. | 12-23-2010 |
20100333206 | Protecting a software component using a transition point wrapper - Embodiments of apparatuses, articles, methods, and systems for protecting software components using transition point wrappers are generally described herein. In one embodiment, an apparatus includes a first component, a wrapper component, and a management module. The wrapper component is to transform a transition point between the first component and a second component. The management module is to control access to the first component through the transformed transition point. Other embodiments may be described and claimed. | 12-30-2010 |
20100333207 | Systems and Methods for Auditing Software Usage Using a Covert Key - System and method for auditing for usage of licensed software in which a client executing the software generates and transmits a license key and a covert key to a server via network connection. The license key is transmitted to the server upon activation of the licensed software at the client. The covert key is generated based on at least a portion of the software code activated at the client and is transmitted to the server at random or at predetermined time intervals after transmission of the licensed key so as to avoid detection by a user. The license and covert keys are each associated with a device fingerprint that uniquely identifies the device transmitting each one of the respective keys. Unauthorized software usage at a client is determined at least when a covert key does not correspond to a device fingerprint having an associated license key. | 12-30-2010 |
20100333208 | SYSTEMS AND METHODS FOR RESOLVING CONFLICTS AND MANAGING SYSTEM RESOURCES IN MULTIMEDIA DELIVERY SYSTEMS - The invention manages resources and resolve conflicts when locally recording multimedia assets from a variety of sources in multimedia delivery systems. Local and system resources such as storage, tuners, and bandwidth are considered when alternative sources for assets are available (e.g., VOD). Rather than record assets locally, if equivalent assets are available via alternative sources, the recordings are deferred and a pointer to the equivalent asset is stored in lieu of the asset itself. When a user selects a multimedia asset for playback, an “on demand” or alternative source session is started for the asset associated with the pointer. Before the expiration date of the alternative source equivalent of the multimedia asset, it may be downloaded and recorded locally. The system may automatically determine based on various factors, such as transmission bandwidth, latency, and DRM, whether to store assets or pointers. | 12-30-2010 |
20100333209 | METHOD, APPARATUS AND COMPUTER PROGRAM PRODUCT FOR PROVIDING PROTECTED CONTENT TO ONE OR MORE DEVICES BY REACQUIRING THE CONTENT FROM A SERVICE - An apparatus for providing protected content to a device(s) by reacquisition of the content from an entity of a service may include a processor and a memory storing executable computer program code that causes the apparatus to at least perform operations including determining one or more Digital Rights Management (DRM) formats that one or more devices support in response to receipt of an indication(s). The computer program code may cause the apparatus to arrange data identifying the devices based at least in part on the DRM formats that correspond to the devices. The computer program code may cause the apparatus to facilitate receipt of content in at least one DRM format that at least one of the devices supports in response to a determination that a first device was selected to provide the content to a device for rendering. Corresponding computer program products and methods are also provided. | 12-30-2010 |
20100333210 | METHODS AND APPARATUSES FOR SEQUESTERING CONTENT - In one embodiment, the methods and apparatuses sequester content receiving content for use in an application; review the content; automatically sequester the content from the application based on the reviewing; and form a reason associated with the sequestering the content. In another embodiment, the methods and apparatuses receive content for use with an application; determine whether the content is one of acceptable content and unacceptable content; remove the unacceptable content from the application; form an explanation for the unacceptable content; and store the unacceptable content and the explanation in an off-line storage device. | 12-30-2010 |
20110004938 | Method and Apparatus for Erasure of Data from a Data Storage Device Located on a Vehicle - A method and system for destroying information stored on a data storage device located onboard a vehicle in order to prevent unfriendly forces from obtaining the information is described. The method and system are initiated when the operator of the vehicle activates a triggering mechanism. The information may be destroyed by physically damaging the data storage device on which the information is stored or by releasing a software virus into the device on which the sensitive information is stored. A software virus may also be transmitted to a computer of an unfriendly force attempting to access the sensitive information. | 01-06-2011 |
20110004939 | Obfuscating identity of a source entity affiliated with a communique in accordance with conditional directive provided by a receiving entity - A computationally implemented method includes, but is not limited to: receiving a first communiqué that is affiliated with a source entity and that is directed to a receiving entity; and transmitting to the receiving entity, in lieu of the first communiqué, a second communiqué that is provided in accordance with one or more conditional directives to conditionally obfuscate identity of the source entity, the one or more conditional directives provided by the receiving entity. In addition to the foregoing, other method aspects are described in the claims, drawings, and text forming a part of the present disclosure. | 01-06-2011 |
20110004940 | Obfuscating identity of a source entity affiliated with a communique in accordance with conditional directive provided by a receiving entity - A computationally implemented method includes, but is not limited to: receiving a first communiqué that is affiliated with a source entity and that is directed to a receiving entity; and transmitting to the receiving entity, in lieu of the first communiqué, a second communiqué that is provided in accordance with one or more conditional directives to conditionally obfuscate identity of the source entity, the one or more conditional directives provided by the receiving entity. In addition to the foregoing, other method aspects are described in the claims, drawings, and text forming a part of the present disclosure. | 01-06-2011 |
20110004941 | SYSTEM AND METHOD FOR PREVENTING ACCESS TO DATA ON A COMPROMISED REMOTE DEVICE - This invention discloses a system and method for selective erasure, encryption and or copying of data on a remote device if the remote device has been compromised or the level of authorization of a roaming user in charge of the remote device has been modified. | 01-06-2011 |
20110010775 | PROTECTION OF INFORMATION CONTAINED IN AN ELECTRONIC CIRCUIT - A method and a circuit for protecting data contained in an electronic circuit against a disturbance of its operation, in which a detection of a disturbance conditions the incrementing or the decrementing of a counter over at least one bit, the counter being automatically reset at the end of a time period independent from the fact that the circuit is or not powered. | 01-13-2011 |
20110016533 | Web Page Privacy Risk Detection - Various embodiments enable detection of third party content sources that may pose a privacy risk to a user. In at least some embodiments, webpages navigated to via a browser can be processed to identify third party content sources that provide content for the webpages. Data may be stored to relate the third party content sources to webpages in which the third party content is encountered. The data may then be analyzed to determine when a particular third party is in a position to observe browsing habits of a user. Responsive to determining a privacy risk, notification may be output in a variety of ways to inform a user of potentially risky content. In at least some other embodiments, notification can be made by way of a user interface instrumentality that is automatically presented to a user to inform the user of a potentially risky third party content source. | 01-20-2011 |
20110023123 | LICENSED FEATURE ENABLEMENT MANAGER - Systems and methods provide for licensed feature enablement management for deploying software to be used in conformance with a software license agreement. The system includes a software application provider server that deploys a software application and a role hierarchy enumerating a list of roles and features of the software application that each role in the list of roles is licensed to use in accordance with a license agreement. The software application provider server further comprises a role examiner server that determines whether the deployed software application is being used in compliance with the software license. The system also includes a customer enterprise application server that receives the deployed application and role hierarchy and enables use of the application to customer employees based on their assigned roles. The customer enterprise application server comprises a role directory server that responds to queries from the role examiner to maintain conformance with the software license. | 01-27-2011 |
20110023124 | DRM Scheme Extension - A method for achieving a secure recording and storing of a recorded activity is based on an extended Digital Rights Management (DRM) system. A recording and storing procedure is initiated, in response to recognising one or more triggers at a device hosted by a user equipment. On the basis of the one or more triggers a Rights Issuer is located, and a Recording and Storing Instruction (RSI) is retrieved from the RI, using an existing DRM standard. Based on the RSI, a trusted storage for storing the recorded activity is located, and one or more recording procedures, involving one or more recording equipments, are activated and managed by the device. Before the recorded content is forwarded to the trusted storage, a protected content is generated from the recorded content, according to content of the RSI. | 01-27-2011 |
20110023125 | METHOD AND SYSTEM FOR INTEGRATING REMOTE DEVICES INTO A DOMESTIC VLAN - A gateway network device may establish secure connections to a plurality of remote network devices using tunneling protocols to distribute to the remote network devices multimedia content received from one or more content providers. The consumption of the multimedia content may originally be restricted to local network associated with the gateway network device. The secure connections may be set up using L2TP protocol, and the L2TP tunneling connections may be secured using IPSec protocol. Use of multimedia content may be restricted based on DRM policies of the content provider. DRM policies may be implemented using DTCP protocol, which may restrict use of the multimedia content based on roundtrip times and/or IP subnetting. Each content provider may use one or more VLAN identifiers during communication of the multimedia content to the gateway network device, and the gateway network device may associate an additional VLAN identifier with each secure connection. | 01-27-2011 |
20110023126 | LICENSE MANAGEMENT SYSTEM AND AUTHENTICATION METHOD FOR THE SAME - In a license management system, a terminal apparatus and a server apparatus are connected via a network, and the server apparatus manages licenses of software in the terminal apparatus. In this license management system, when the server apparatus receives a request to re-authenticate a license that has previously be authenticated from the terminal apparatus, the server performs re-authentication of the license based on different pieces of terminal identification information and a plurality of pieces of device information that have been transmitted from the terminal apparatus, and a plurality of pieces of device information that have been stored due to authentication processing. | 01-27-2011 |
20110023127 | INTERNET SYSTEM FOR FACILITATING HUMAN USER ADVISEMENT AND LICENSING OF COPYRIGHTED WORKS OF AUTHORSHIP - An Internet system for disseminating information regarding works or authorship, including a server and a client device connected to the Internet and wherein when any one web page out of a set of web pages is displayed on the client device and when a work of authorship is displayed as part of the web page, an image is also displayed near the work of authorship, as part of the webpage and when a user clicks on the image, copyright information concerning the work of authorship is presented in a user-perceivable manner. | 01-27-2011 |
20110023128 | INFORMATION PROCESSING DEVICE, LOCK CONTROLLING METHOD, AND LOCK CONTROLLING PROGRAM - In order to solve a problem in which the operation becomes complex when the user wants to view the data to which the lock is set, an information processing device includes lock temporal control means for bringing data which is locked into a lock canceled state based on a result of comparison between authentication request information input following a request for viewing the data and authentication information for canceling the lock, and display information creation means for creating display information to display the data brought into the lock canceled state, wherein the lock temporal control means locks the data brought into the lock canceled state again after the display information is displayed. | 01-27-2011 |
20110030062 | VERSION-BASED SOFTWARE PRODUCT ACTIVATION - A software license for a particular version of a software product on a computing device includes both a branding identifier that identifies the particular version of the software product and component dependency information that identifies one or more aspects of the particular version of the software product. To activate a software product on the computing device, the branding identifier is compared to a portion of the software product on the computing device. If the branding identifier matches the portion of the software product, then the component dependency information is compared to one or more aspects of the software product on the computing device. If the component dependency information matches the one or more aspects of the software product then the software product is activated. Otherwise, the a license state of the software product is kept unchanged. | 02-03-2011 |
20110030063 | APPARATUS FOR SETTING AN EMAIL SECURITY AND METHOD THEREOF - An apparatus for setting an email security and method thereof are displayed. The present invention includes receiving an email from a email server, deleting partial information of the email according to a security level of the email, and displaying the partial information deleted email. | 02-03-2011 |
20110030064 | DATA MASK SYSTEM AND DATA MASK METHOD - A data mask system includes a processor providing control signals including a command signal, an address signal, and a data signal, a data mask processor receiving the control signals and providing either write data or masked data in response to the control signals, and generating data mask information and a data mask selection signal from at least one of the control signals, and a data mask register unit receiving the data mask selection signal, storing the data mask information, selecting a subset of the stored data mask information in response to the data mask selection signal, and returning selected data mask information to the data mask processor. The data mask processor receives the selected data mask information from the data mask register unit and provides the masked data as a result of performing a data mask operation on the data signal according to the selected data mask information. | 02-03-2011 |
20110030065 | SYSTEMS AND METHODS FOR DETECTING CLONE PLAYBACK DEVICES - Systems and methods are described for aggregating information obtained from messages between playback devices and content protection systems, including but not limited to conditional access systems, downloadable conditional access systems, and digital rights management systems, that include a unique identifier and applying user modifiable rules to the aggregated information to identify abnormal behavior associated with the unique identifier including but not limited to one or more clone playback devices utilizing the unique identifier or a rogue playback device utilizing a unique identifier. One embodiment includes a plurality of playback devices connected to a headend via a network, where the headend includes at least one content protection system, and a clone monitor configured to register playback devices based upon a unique identification supplied by each playback device, when communicating with the at least one content protection system. In addition, the clone monitor is configured to aggregate information associated with each playback device over time, where the information is obtained from messages that are transmitted between the playback device and the headend and that include a unique identifier, and the clone monitor is configured to apply rules to the aggregated information to identify at least one pattern of abnormal behavior in the aggregated information associated with a specific unique identifier. | 02-03-2011 |
20110030066 | METHOD OF MANAGING SOFTWARE LICENSE CONTRACTS, SYSTEM AND INFORMATION PROCESSING APPARATUS THEREFOR, AND TARGET SOFTWARE FOR LICENSE CONTRACTS - A URL, to launch a license contract registration process, in software which requires license registration is informed to a license contract information input server which executes a process of inputting information necessary for license registration. After input of the necessary information, the license contract information input server transfers a request for license registration to the informed URL. The information necessary for license registration is inputted in accordance with a format arbitrarily created by the license contract information input server. A Web browser used by a user to operate a license contract registration process and license management target software can run on different hosts. After distribution of the target software for a license contract, information to be input by the user at the time of license contract can be changed. | 02-03-2011 |
20110035804 | Appliance-based parallelized analytics of data auditing events - Data auditing involves capturing, filtering, processing and analytics of real-time data transactions. As such, data auditing imposes a heavy burden of processing in the fast path, which cannot afford to slow down. Unfortunately, most processing incurred in traditional data auditing fast paths has been serial, leading to bottlenecks or scaling issues. This disclosure addresses this problem by developing a fast path where both lower and upper stacks of data auditing are analyzed and exploited for potential parallelism. A fully-parallelized analytics fast path could deliver 25-200% speed-up of throughput relative to a serial fast path, depending on the specific conditions. | 02-10-2011 |
20110035805 | SYSTEMS AND METHODS FOR EFFICIENT DETECTION OF FINGERPRINTED DATA AND INFORMATION - The disclosed embodiments provide systems, methods, and apparatus for efficient detection of fingerprinted content and relate generally to the field of information (or data) leak prevention. Particularly, a compact and efficient repository of fingerprint ingredients is used to analyze content and determine the content's similarity to previously fingerprinted content. Some embodiments employ probabilistic indications regarding the existence of fingerprint ingredients in the repository. | 02-10-2011 |
20110035806 | TIME BASED CONTENT MANAGEMENT FOR DISCONNECTED DEVICES - Systems and methods for time based management of digital content used with electronic devices lacking a connection to a common reference time keeping device are provided. Timing calibrations are used that, when applied to times measured by such disconnected electronic devices, allow the devices to calculate modified time measurements that are approximately equal to that of the reference time keeping device. The calibration time and other calibration information for the disconnected electronic devices may be stored by a digital content service and conveyed with digital content transferred from the digital content service to the disconnected electronic devices via portable data storage devices. In this manner, digital content may be consumed by a user on a plurality of disconnected electronic devices without violating license agreements associated with the digital content. | 02-10-2011 |
20110041183 | SYSTEM AND METHOD FOR CALL REPLACEMENT - Disclosed herein are systems, computer-implemented methods, and computer-readable storage media for obfuscating a function call. The method receives a computer program having an annotated function and determines prolog instructions for setting up a stack frame of the annotated function and epilog instructions for tearing down the stack frame. The method places a first portion of the prolog instructions in the computer program preceding a jump to the annotated function and a second portion of the prolog instructions at a beginning of the annotated function. The method places a first portion of the epilog instructions at an end of the annotated function and a second portion of the epilog instructions in the computer program after the jump. Executing the first and second portions of the prolog instructions together sets up the stack frame. Executing the first and the second portions of the epilog instructions together tears down the stack frame. | 02-17-2011 |
20110041184 | METHOD AND APPARATUS FOR PROVIDING ANONYMIZATION OF DATA - A method and apparatus for providing an anonymization of data are disclosed. For example, the method receives a request for anonymizing, wherein the request comprises a bipartite graph for a plurality of associations or a table that encodes the plurality of associations for the bipartite graph. The method places each node in the bipartite graph in a safe group and provides an anonymized graph that encodes the plurality of associations of the bipartite graph, if a safe group for all nodes of the bipartite graph is found. | 02-17-2011 |
20110041185 | Obfuscating identity of a source entity affiliated with a communique directed to a receiving user and in accordance with conditional directive provided by the receiving user - A computationally implemented method includes, but is not limited to: receiving one or more conditional directives from a receiving user, the one or more conditional directives delineating one or more conditions for obfuscating identity of a source entity affiliated with one or more communiqués directed to the receiving user; and presenting at least a second communiqué in response to at least a reception of a first communiqué affiliated with the source entity and in accordance with the one or more conditional directives, the second communiqué being presented in lieu of presenting the first communiqué. In addition to the foregoing, other method aspects are described in the claims, drawings, and text forming a part of the present disclosure. | 02-17-2011 |
20110041186 | DIGITAL RIGHTS MANAGEMENT USING TRUSTED TIME - A method for monitoring time so that the use of protected content can be controlled includes receiving a trusted time value from a trusted authority external to a client device. When the client is no longer in communication with the trusted authority, the previously-received trusted time value is updated by use of the client's operating system counter so that a calculated trusted time value is derived for content license evaluation purposes. | 02-17-2011 |
20110041187 | INFORMATION PROCESSING DEVICE - It is possible to reduce the danger of information leak caused by remaining cache data. An information processing device ( | 02-17-2011 |
20110041188 | METHOD AND SYSTEM FOR PROTECTION OF COMPUTER APPLICATIONS AND SOFTWARE PRODUCTS AGAINST UNAUTHORIZED COPYING - A method, system, and computer program product for protection of an application or program, including making secret a command or commands that are normally fixed in an operating system (OS) and/or a Basic Input/Output System (BIOS); generating values or names for the command or commands; providing legitimate users and/or devices with the generated values or names for the command or commands for enabling receiving services from the kernel, OS, and/or the BIOS; translating the generated values or names for the command or commands via a translation mechanism provided between an application or program and the kernel, OS, and/or BIOS for enabling receiving services from the kernel, OS, and/SEND or the BIOS; and modifying, changing, and/or replacing the generated values or names employed for the command or commands in the kernel, OS, and/or BIOS. | 02-17-2011 |
20110047622 | SYSTEM AND METHOD FOR CALL PATH ENFORCEMENT - Disclosed herein are systems, computer-implemented methods, and computer-readable storage media for call path enforcement. The method includes tracking, during run-time, a run-time call order for a series of function calls in a software program, and when executing a protected function call during run-time, allowing or causing proper execution of a protected function call only if the run-time call order matches a predetermined order. The predetermined order can be an expected run-time call order based on a programmed order of function calls in the software program. The method can include maintaining an evolving value associated with the run-time call order and calling the protected function by passing the evolving value and function parameters corrupted based on the evolving value. The protected function uncorrupts the corrupted parameters based on the passed evolving value and an expected predetermined call order. A buffer containing the uncorrupted parameters can replace the corrupted parameters. | 02-24-2011 |
20110047623 | APPARATUS AND METHOD FOR TRACING WEB USER USING SIGNED CODE - Provided are an apparatus and method for tracing web user using signed code. The apparatus for tracing web user includes at least one access terminal, a web server, and a monitoring server. The at least one access terminal requests a web page. The web server provides the web page including a signed code to the each access terminal according to the request. The monitoring server receives and analyzes access information which is extracted from the each access terminal according to execution of the signed code. | 02-24-2011 |
20110047624 | Method and System for Software Licensing Under Machine Virtualization - A method and system implementing software licensing management under machine virtualization are disclosed. According to one embodiment, a system comprises a virtual platform running on a physical machine; a binding agent running on a host operating system of the virtual platform; a license enforcement module running on a virtual machine instance of the virtual platform. The license enforcement module is in communication with the binding agent. The binding agent enforces a mutex lock to ensure that only a specified number of license enforcement modules are running on the physical machine. | 02-24-2011 |
20110047625 | System and method for secure sharing of creatives - A method of creating and securely sharing creatives is described. The method includes the steps of accessing a central processing environment, requesting at least one recording of at least a portion of an audio transmission generated from a communication device, generating at least one audio asset, adding the audio asset to a pool of related assets stored in a vault connected to the central processing environment, selecting the generated audio asset and at least one other related asset from the pool of related assets to form a creative, then requesting delivery of the creative to another communication device, and finally delivering the creative to the other communication device. The method is performed in part by a creative composition engine, which is also described. The engine includes a central processing environment having a processor, a digital recorder and a digital asset storage vault. | 02-24-2011 |
20110047626 | DIGITAL CONTENT MANAGEMENT SYSTEM AND APPARATUS - There are provided a digital content management apparatus which further embodies a digital content management apparatus used with a user terminal, and a system which protects the secrets of a digital content. The system and the apparatus are a real time operating system using a micro-kernel, which is incorporated in the digital content management apparatus as an interruption process having high priority. When a user uses the digital content, whether there is an illegitimate usage or not, is watched by interrupting the usage process. In the case where illegitimate usage is carried out, a warning is given or the usage is stopped. The decryption/re-encryption functions of the digital content management apparatus having the decryption/re-encryption functions are not restricted to the inside of the user apparatus. By providing the decryption/re-encryption functions between the networks, the exchange of secret information between different networks is secured. By using this apparatus for converting a crypt algorithm, information exchange is made possible between systems which adopt different algorithms. | 02-24-2011 |
20110047627 | METHOD AND SYSTEM FOR SECURE DATA EXFILTRATION FROM A CLOSED NETWORK OR SYSTEM - A method, system, and device for secure data exfiltration from a closed communications network or system, including at least one of means for data exfiltration from one or more of computers or computing devices of a closed communications network or system to one or more of computers or computing devices on another communications network or system; and means for internal or external secure data storage coupled to the exfiltration means and the other communications network or system and configured to receive the data for exfiltration based on control from the exfiltration means. | 02-24-2011 |
20110055926 | FLEXIBLY ASSIGNING SECURITY CONFIGURATIONS TO APPLICATIONS - A method, system, and computer usable program product for flexibly assigning security configurations to applications are provided in the illustrative embodiments. An embodiment determines, forming a first determination, whether a first identifier identifying the application is mapped to the security configuration. The embodiment determines, forming a second determination, whether the application participates in a group by determining whether a second identifier identifying the group is mapped to the security configuration. The embodiment assigns, forming a first assignment, the security configuration to the application if either of the first and the second determinations is true. The embodiment assigns, forming a second assignment, the security configuration to the application using a determination by a first policy if the first and the second determinations are false. | 03-03-2011 |
20110055927 | UPDATING ASSETS RENDERED IN A VIRTUAL WORLD ENVIRONMENT BASED ON DETECTED USER INTERACTIONS IN ANOTHER WORLD - A virtual world controller receives an identifier of a detected interaction by a user within another world, separate from a particular virtual world environment accessible by the user, from a device that detects and reports user interactions within the other world. The virtual world controller identifies at least one particular trigger tag name assigned to the identifier of the detected interaction from among a plurality of separate detectable user interactions in a trigger tag database. The virtual world controller identifies at least one particular asset class from among a plurality of asset classes specified with the particular trigger tag name within a particular trigger asset coupling from among at least one trigger asset coupling in a trigger asset coupling database. The virtual world controller accesses at least one particular asset assigned to the at least one particular asset class in an asset class database. The virtual world controller renders the at least one particular asset within the particular virtual world environment in a virtual location within the particular virtual world triggered by the particular trigger asset coupling. | 03-03-2011 |
20110055928 | METHOD AND SYSTEM FOR DETECTING UNAUTHORIZED WIRELESS DEVICES - An approach is provided for detecting unauthorized wireless devices in a network. A platform retrieves an identifier of a device from a log of devices connected to a network, determines whether the device is a wireless device by applying a plurality of criteria to the identifier, retrieving a list of wireless devices authorized to connect to the network if the device is determined to be a wireless device, and compares the identifier with the list to determine whether the device is authorized to connect to the network. | 03-03-2011 |
20110055929 | METHOD FOR PRODUCING AN IMAGE INTENDED FOR AN OPERATING SYSTEM CALLED OS IMAGE AND CORRESPONDING DEVICE - A method for producing a standard OS image, intended for an operating system, including a compilation of at least one source file into at least one executable file. The method also including forming (form) an intermediate standard OS image (IM | 03-03-2011 |
20110061105 | PROTECTION OF A PRIME NUMBER GENERATION AGAINST SIDE-CHANNEL ATTACKS - A method for protecting the generation, by an electronic circuit, of at least one prime number by testing the primality of successive candidate numbers, including for each candidate number tests of primality with respect to prime numbers of at least one set of consecutive prime numbers, wherein the order of application of the tests is modified at least from one prime number generation to another. | 03-10-2011 |
20110061106 | METHOD AND COMMUNICATION DEVICE FOR PROTECTING A USER'S PRIVACY - A method for protecting a user's privacy, wherein the user operates a communication device capable of processing context and wherein the user provides context information—real context—related to one or more reference context variables to a third party, is characterized in the steps of faking at least one of the one or more reference context variables, on the basis of the faked reference context variable, gathering real context information—decoy context—related to reference context variables other than the faked reference context variable, publishing the thus generated decoy context instead of the user's real context. In addition, a corresponding communication device is disclosed. | 03-10-2011 |
20110061107 | METHOD AND APPARATUS FOR IMPLEMENTING DIGITAL RIGHTS MANAGEMENT - A method and apparatus is provided for providing digital content to a client. The method begins by receiving a request from the client to receive digital content. The client is authorized to receive the digital content and the DRM implementation employed by the client is determined. The digital content is then provided to the client in conformance with the DRM implementation employed by the client. | 03-10-2011 |
20110067110 | METHOD AND SYSTEM FOR HARDWARE ENFORCED VIRTUALIZATION IN AN INTEGRATED CIRCUIT - Aspects of a method and system for hardware enforced virtualization in an integrated circuit are provided. In this regard, a mode of operation of an integrated circuit may be controlled such that the integrated circuit alternates between a secure mode of operation and an open mode of operation. Various resources of the integrated circuit may be designated as open or secure, and secure resources may be made inaccessible while the integrated circuit operates in the open mode. Access to the secure resources may be controlled based on a configuration of one or more registers and/or switching elements. Resources designated as secure may comprise, for example, a one-time-programmable memory. The integrated circuit may comprise ROM and/or one-time-programmable memory that stores one or more instructions, wherein execution of the one or more instructions may control transitions between the secure mode and the open mode. | 03-17-2011 |
20110067111 | CONTENT RECEIVER, CONTENT REPRODUCER, CONTENT REPRODUCING SYSTEM, CONTENT WRITING-OUT METHOD, VIEWING EXPIRATION TIME DETERMINING METHOD, AND PROGRAM - A content receiver writes out, together with content received from a content server, time supply source designation information indicating a second time supply source designated by a copyright protection system (DRM) to an exchangeable medium in association with the content. When the time supply source designation information is recorded in the exchangeable medium, a content reproducer performs viewing expiration time determination for the content recorded in the exchangeable medium referring time obtained on the basis of the second time supply source indicated by the time supply source designation information instead of a first time supply source referred to in order to specify present time used in determining a viewing expiration time in a content protection system (CPS). | 03-17-2011 |
20110067112 | METHOD AND APPARATUS FOR IMPORTING CONTENT - A method and apparatus for protecting digital content in a digital rights management (DRM) system are provided. The method includes: determining a usage rule for content included in a first content file based on usage constraint information included in the first content file; and generating a second content file complying with this usage rule. According to the method and apparatus, the security requirement of content creators and content providers can be satisfied and at the same time the requirement of content consumers for freer usage can be satisfied. | 03-17-2011 |
20110072518 | AUTOMATED SCREENING OF CONTENT BASED ON INTELLECTUAL PROPERTY RIGHTS - Systems and methods automatically scan content, such as advertisements, for a list of terms and/or phrases that may not be allowed in the content. In one implementation, the terms and/or phrases include trademarks. In this implementation, incoming advertisements may be automatically scanned for the presence of trademarks. | 03-24-2011 |
20110078799 | Computer system and method with anti-malware - In some embodiments, approaches may provide an out-of-band (OOB) agent to protect a platform. The OOB agent may be able to use non-TRS methods to measure and protect an in-band security agent. In some embodiments, a manageability engine can provide out of band connectivity to the in-band and out-of-band security agents and provide access to the system memory resources without having to rely on OS services. This can be used for a trusted anti-malware and remediation service. | 03-31-2011 |
20110078800 | DIGITAL CONTENT MANAGEMENT METHODS AND SYSTEMS - Digital content management methods and systems are provided. First, device ID of a first electronic device is received, and a data license including at least the device ID of the first electronic device, and a control license including at least a read authorization for a digital content are generated. Then, the digital content and the control license are packed as a content package, and the content package and the data license are respectively transmitted to the first electronic device. An electronic device determines whether the device ID of the electronic device conforms to the device ID recorded in the data license. If so, the digital content in the content package is allowed to be read according to the control license. A new data license is generated for the digital content according to the device ID of a second electronic device. The new data license is stored to the second electronic device, and the data license in the first electronic device is abrogated. Then, the content package is transmitted from the first electronic device to the second electronic device. | 03-31-2011 |
20110083189 | SYSTEM AND METHOD FOR ENFORCING DIGITAL RIGHTS MANAGEMENT RULES - A method for enforcing digital rights management (DRM) rules in a first device is disclosed. In the method the first device receives a message that includes a rights object (RO) having a digital signature, directly from a source device. The first device determines an identity of a signing entity from the message including the RO having the digital signature. The signing entity is an entity that digitally signed the RO. The first device processes the message including the RO having the digital signature using the identity of the signing entity and an information state to enforce DRM rules in the first device. | 04-07-2011 |
20110083190 | SYSTEM AND METHOD FOR DATA LEAKAGE PREVENTION - According to one embodiment, a method for securing information includes detecting an access to sensitive data and determining user information associated with the access to sensitive data. The method also includes determining a unique user identifier associated with the user information. In addition, the method includes comparing the access to sensitive data to a policy utilizing the unique user identifier. Further, the method includes determining that the access to sensitive data violates the policy in response to comparing the access to the policy. The method also includes recording an entry in response to determining that the access to sensitive data violates the policy. | 04-07-2011 |
20110083191 | Author Signatures for Legal Purposes - Methods and apparatus, including computer program products, implementing and using techniques for establishing trust in an electronic document. An electronic document is received. State dependent content in the electronic document is identified. The state dependent content is content that is renderable to have a several appearances. The electronic document is presented to a user, which includes disclosing the presence of any identified state dependent content in the electronic document. | 04-07-2011 |
20110083192 | IMAGE PROCESSING APPARATUS, CONTROL METHOD THEREOF, AND COMPUTER-READABLE STORAGE MEDIUM - An apparatus includes a data reception unit configured to receive print data containing a first password including a password corresponding to at least a printing request of the print data and store the print data; an encryption determination unit configured to determine, when an external apparatus makes a printing request of the print data, whether the print data has been encrypted; a password request unit configured to make, when the print data is determined to have been encrypted, an input request of a second password to the external apparatus; a password collation unit configured to collate the password corresponding to the printing request of the print data with the second password input by the external apparatus; and a data analysis unit configured to analyze the print data based on a result of the collation of the password corresponding to the printing request of the print data with the second password. | 04-07-2011 |
20110088096 | SYSTEMS AND METHODS FOR LICENSE ENTITLEMENT KEY DISTRIBUTION - The present disclosure relates to systems and methods for the distribution of license entitlement keys utilizing a small form-factor pluggable (SFP) transceiver. An SFP transceiver may be utilized in connection with a communication device that transmits data according to a variety of communication protocols. In various embodiments, the license entitlement keys may be generated using an SFP configuration value stored in machine-readable storage medium in the SFP transceiver. The SFP configuration value may be an input, together with other values associated with the SFP transceiver and a secret key in order to generate a license entitlement key. The secret key may be stored in the communication device, and may be stored in such a manner so to not be externally readable. In certain embodiments, configuration settings may be tied to the license entitlement key. | 04-14-2011 |
20110088097 | SYSTEM AND METHOD FOR PREVENTING DELIVERY OF UNSOLICITED AND UNDESIRED ELECTRONIC MESSAGES BY KEY GENERATION AND COMPARISON - A sending device prepares a key for each electronic message sent by the device by applying an algorithm to specified data in the message and then incorporates the key in the message. A receiving device, upon receipt of an electronic message, locates the incorporated key and the data from which a sending device practicing the invention would have prepared it. The receiving device communicates a confirmation request to the purported sending device which contains the key and the data for its preparation. The sending device receives the confirmation messages and prepares a comparison key by applying the algorithm to the data in the confirmation request. The sending device replies to the confirmation request confirming that the sending device sent the message if the comparison key matches the key in the confirmation request and otherwise responds with a denial. | 04-14-2011 |
20110088098 | ELECTRONIC DEVICE AND COPYRIGHT PROTECTION METHOD OF AUDIO DATA THEREOF - An electronic device stores audio data and digital right information, determines zero crossing rate of the audio data store in the memory module. The zero crossing rate is embedded in the audio data and indicates a rate at which the voltage of the audio data changes from positive to negative or back during a time period, the electronic device then reads the audio data, and searches special audio data in the audio data. The audio data with the zero crossing rate more than a constant is defined as the special audio data. The electronic device reads the digital copyright information, and writes the digital copyright information into the special audio data. | 04-14-2011 |
20110093957 | METHOD AND SYSTEM FOR ADMINISTERING A SECURE DATA REPOSITORY - A method, system and computer program product for administering a secure data repository. Rather than using a specific database, an application may use an existing hierarchical file structure, such as provided by conventional operating systems, to store structured data in a number of files. To detect unauthorized, malicious or inadvertent changes to these files, either within one or more files, or by deletion, replacement or movement of files in their entirety, each file incorporates a last change timestamp and the contents of the file are digitally signed. Furthermore, every file in the secure repository is logged in an index file together with its respective change date stamp, and the index file as a whole is also digitally signed. Unauthorized changes can be identified by comparison of the file date stamps with the content of the index as well as verifying the validity of each digital signature. | 04-21-2011 |
20110093958 | Secure Data Storage Apparatus and Method - More and more personal or confidential information is stored in storage devices such as but not limited to, laptops, cell phones or USB keys, which are mobile per essence. Due to their mobility, such devices tend to be left unattended or even be lost, compromising the security of the data. This invention is a method to prevent access to the data on a mobile storage device when the intended recipient or user is not in closed range. The invention relies on the use of wireless communication protocol such as but not limited to RF, Bluetooth or Wi-fi to pair a security device with the storage device to enable its functionality. When the security device is not in communication range of the storage device, the data is made inaccessible. A data storage device may include a wireless communication interface used to secure the data, wherein the data storage is partitioned, with each partition having a different security profile. | 04-21-2011 |
20110099637 | SECURITY DISPOSING METHOD AND DEVICE FOR INPUT DATA - A security disposing method and device for the input data involves generating an interference data according to a predefined rule when inputting the data, and mixing the input data with the interference data and sending the mixed data, and parsing out the interference data according to the predefined rule after receiving the mixed data, and separating the input data according to the parsed interference data. | 04-28-2011 |
20110099638 | METHOD AND APPARATUS TO REPORT POLICY VIOLATIONS IN MESSAGES - A method and apparatus for reporting policy violations in messages is described. A violation is identified by detecting fragments in a message that match information from any one or more rows within a tabular structure of source data. The fragments that match this information are then specified as part of reporting the violation. | 04-28-2011 |
20110107426 | COMPUTING SYSTEM USING SINGLE OPERATING SYSTEM TO PROVIDE NORMAL SECURITY SERVICES AND HIGH SECURITY SERVICES, AND METHODS THEREOF - A method of providing normal security services and high security services with a single operating system in a computing system is disclosed. A secure thread is only accessible while the computing system is in a high security environment, and relates to one of the high security services. A pseudo normal thread is to be executed while the computing system in a normal security environment, and it works as a temporary of the secure thread, and is forwarded to a thread ordering service to gain access to resources of the computing system. When the pseudo normal thread gains access to the computing system resources, the computing system is changed to the high security environment to execute the secure thread. | 05-05-2011 |
20110107427 | Obfuscating reception of communique affiliated with a source entity in response to receiving information indicating reception of the communique - A computationally implemented method includes, but is not limited to: receiving communiqué reception information that indicates reception of a communiqué that is affiliated with a source entity and that is directed to an end user; and presenting, in response to receiving the communiqué reception information and in lieu of presenting direct indication of reception of the communiqué, a covert indicator that covertly indicates reception of the communiqué, the presenting of the covert indicator being in accordance with one or more conditional directives of the end user to conditionally obfuscate the reception of the communiqué affiliated with the source entity. In addition to the foregoing, other method aspects are described in the claims, drawings, and text forming a part of the present disclosure. | 05-05-2011 |
20110107428 | METHOD AND SYSTEM FOR ENABLING TRANSMISSION OF A PROTECTED DOCUMENT FROM AN ELECTRONIC DEVICE TO A HOST DEVICE - A method and a system for enabling transmission of a protected document from an electronic device to a host device are provided. The method includes: establishing a connection with between the electronic device by and the host device to communicate with the electronic device using a document viewer protocol; receiving a request by the electronic device from the host device for performing at least one operation on the protected document, wherein the protection of the protected document is specific to the electronic device; decoding the protected document by the electronic device on receiving the request; arranging the decoded protected document in accordance with the received request and the document viewer protocol; and transmitting the arranged protected document to the host device via a transport medium using the document viewer protocol. | 05-05-2011 |
20110107429 | SYSTEM AND METHOD FOR MANAGING ACCESSIBILITY TO REAL OR VIRTUAL OBJECTS IN DIFFERENT LOCATIONS - A system (S), dedicated to managing accessibility to objects in different locations (L | 05-05-2011 |
20110119766 | METHOD, DEVICE AND SYSTEM FOR PROTECTING SOFTWARE - The invention, related to information security field, discloses a method for protecting software, and device and system thereof. The method includes that a security device is connected with a terminal device; the security device receives service instruction, determines whether the clock inside the security device is activated, reads the current time of the clock and determines whether the current time is valid; if so, the security device executes the service instruction and returns the executing result to the terminal device; otherwise, the security device returns false result to the terminal device. The invention provides more secure service to the protected software, meanwhile, extends lifetime of the security device. | 05-19-2011 |
20110126289 | CLIENT SIDE USERNAME/PASSWORD CREDENTIAL PROTECTION - A method of protecting username/password (U/P) credentials operates on a client computer that cooperates with an anti-phishing scheme that generates a client warning at the client computer when a suspected phishing website issues a U/P request. At the client computer, a set of S fake U/P credentials is generated when the client warning is heeded, or a set of (S−1) fake U/P credentials are derived from a client-supplied U/P credential provided after the client warning is ignored. The client computer then transmits to the suspected phishing website one of (i) the set of S fake U/P credentials, and (ii) the client-supplied U/P credential along with the set of (S−1) fake U/P credentials. | 05-26-2011 |
20110126290 | Tailored Protection of Personally Identifiable Information - The disclosed technology provides a negotiation-based mechanism for a user to share personally identifiable information with a requesting website, for example, a third party website such as an aggregator website that might be gathering information about the user. The user, rather than being limited to a pre-set collection of privacy options, is free to agree to share more or less of their privacy with any website or subset of websites based on the user's trust of the requesting website. | 05-26-2011 |
20110126291 | SECRET INFORMATION DISTRIBUTION SYSTEM, METHOD, PROGRAM, AND TRANSMISSION SYSTEM - A secret reconstruction method comprises: receiving (k+α) pairs out of n pairs (r | 05-26-2011 |
20110126292 | Method and System for Providing Security Seals on Web Pages - A method of providing web site verification information to a user includes receiving a DNS query including a host name and a seal verification site name, parsing the DNS query, and extracting the host name from the DNS query. The method also includes accessing a DNS zone file including a list of Trust Services customers and determining if the host name is associated with a Trust Services customer in the list of Trust Services customers. The method further includes transmitting a positive identifier to the requester if the host name is associated with a Trust Services customer and transmitting a negative identifier to the requester if the host name is not associated with a Trust Services customer. In a specific embodiment, the Trust Services include issuance of digital certificates. | 05-26-2011 |
20110126293 | SYSTEM AND METHOD FOR CONTEXTUAL AND BEHAVIORAL BASED DATA ACCESS CONTROL - A system and method of controlling access to information. An encrypted version of the information is stored. An attempt to access encrypted information may be intercepted and an access authorization rank may be computed. If computed access authorization rank is above a predefined level then a decrypted version of the information may be provided. Other embodiments are described and claimed. | 05-26-2011 |
20110126294 | METHODS, SYSTEMS, AND COMPUTER PROGRAM PRODUCTS FOR CONTROLLING DISTRIBUTION OF DIGITAL CONTENT IN A FILE SHARING SYSTEM USING LICENSE-BASED VERIFICATION, ENCODED TAGGING, AND TIME-LIMITED FRAGMENT VALIDITY - A method for controlling distribution of digital content includes fragmenting a digital content file into fragments and tagging at least some of the fragments with corresponding tags to provide tagged fragments for distribution. The tags may be generated using a pseudo-random number (PRN) bit sequence. A digital rights license is generated for the digital content file based on the tags and/or fragments. The digital rights license is configured to allow reassembly of the tagged fragments to provide the digital content file. Later, the fragments may be re-tagged with corresponding second tags to provide second tagged fragments for distribution that are different from the first tagged fragments. Related systems and computer program products are also discussed. | 05-26-2011 |
20110131660 | Methods and Apparatus for Transfer of Content to a Self Contained Wireless Media Device - Systems and techniques for transferring data to a storage device. A storage device includes storage, a processor, and a wireless transceiver, as well as a connector allowing the storage device to operate according to an appropriate standard when connected to a playback or data device. The storage device can communicate with a data transfer station to wirelessly receive data from the station. A user may select data to be transferred to a removable media device, and the station transfers the data over a wireless connection. The removable media device stores the data in memory as it is received. Once the data has been received, the data can be played or otherwise used in any playback or data device to which the storage device may be connected for use as a memory device. | 06-02-2011 |
20110131661 | METHOD AND SYSTEM FOR PROTECTION OFUSER INFORMATION REGISTRATIONS APPLICABLE IN ELECTORAL PROCESSES - The present invention describes a method and system for protecting the integrity and authorship of a piece of registration information of the user, applicable in voter information registration, by means of biometric techniques. To that end, after a first stage of entering a piece of registration information, a second stage of protecting the integrity of the registration information is implemented. In this second stage, an item of integrity proof of said information is generated and said item of integrity proof is displayed to the user who wishes to protect it. In a third stage of generating an item of non-repudiation proof of the registration information, an item of biometric proof of the user which contains the item of integrity proof displayed is obtained, an item of non-repudiation proof is constructed from said item of biometric proof, and finally the item of non-repudiation proof is stored. | 06-02-2011 |
20110131662 | INFORMATION PROCESSOR AND LOCK SETTING METHOD - According to one embodiment, an information processor includes a checker and a lock enabling module. The checker checks whether each of different types of lock mechanisms is enabled. When the lock mechanisms include an enabled lock mechanism, the lock enabling module enables a lock mechanism other than the enabled lock mechanism. | 06-02-2011 |
20110138472 | USER-ADMINISTERED LICENSE STATE VERIFICATION - The product keys of software applications that can be utilized to identify, and activate to a higher functional state, legitimate copies of such software applications can be asymmetrically encrypted. Such encrypted product keys can be provided to potential purchasers without fear of theft of the original product keys. The encrypted product keys can be provided to an independent, trusted third-party validation authority that can decrypt such encrypted product keys and can, such as in conjunction with the software application manufacturer, verify the validity of the software applications associated with such product keys. For software applications bundled on a computing device, a tool can be executed by either the seller or potential purchaser to collect and display encrypted product keys for verification purposes. For software applications sold in an online environment, an escrow service can be utilized to keep, and provide when requested, product keys of software applications offered for sale. | 06-09-2011 |
20110138473 | DYNAMIC CODE INSERTION AND REMOVAL FOR STATIC ANALYSIS BASED SANDBOXES - Methods and apparatus for dynamically adding and deleting new code to previously validated application executing in a secured runtime. New code is written to a portion of secured memory not executable by application. New code is validated to ensure it cannot directly call operating system, address memory outside of secured memory, or modify secured memory state. Indirect branch instructions may only target addresses aligned on fixed size boundaries within the secured memory. Validated code is copied to portion of secured memory executable by application in two stage process that ensures partially copied segments cannot be executed. Validated new code can be deleted once all threads reach safe execution point, provided code was previously inserted as unit or contains no internal targets that can be called by code not also being deleted. | 06-09-2011 |
20110138474 | DYNAMIC CODE INSERTION AND REMOVAL FOR STATIC ANALYSIS BASED SANDBOXES - Methods and apparatus for dynamically adding and deleting new code to previously validated application executing in a secured runtime. New code is written to a portion of secured memory not executable by application. New code is validated to ensure it cannot directly call operating system, address memory outside of secured memory, or modify secured memory state. Indirect branch instructions may only target addresses aligned on fixed size boundaries within the secured memory. Validated code is copied to portion of secured memory executable by application in two stage process that ensures partially copied segments cannot be executed. Validated new code can be deleted once all threads reach safe execution point, provided code was previously inserted as unit or contains no internal targets that can be called by code not also being deleted. | 06-09-2011 |
20110138475 | SYSTEMS AND METHOD FOR PROVIDING TRUSTED SYSTEM FUNCTIONALITIES IN A CLUSTER BASED SYSTEM - A framework for providing cluster-wide cryptographic operations, including: signing, sealing, binding, unsealing, and unbinding. The framework includes an interface module (a.k.a., HAT agent) on each of a plurality of nodes in the cluster. Each HAT agent is configured to respond to an application's request for a cluster crypto operation by communication with other HAT agents in the cluster and utilizing a trusted platform module local to the node where the HAT agent resides. | 06-09-2011 |
20110145925 | SECURE PROGRAMMING OF VEHICLE MODULES - A method for programming a vehicle module via a secure programming system. The method carried out by the system involves generating a credentials media containing one or more secure credentials. Then, a credentials programmer programs one or more vehicle modules using the credentials media. During each stage of the vehicle module programming, the programming status is securely updated in the credential media. In case of a programming failure, the credentials media is used in a secondary credentials programmer to program the vehicle modules. | 06-16-2011 |
20110145926 | SYSTEMS AND METHODS FOR BEHAVIORAL SANDBOXING - Methods and system for behavioral sandboxing are described. In one example embodiment, a system for behavioral sandboxing can include a network and a computer. The network communicatively coupled to a source of an executable application. The computer communicatively couple to the network and including a behavioral analysis module and a plurality of execution environments. The behavioral analysis module is configured to perform behavioral analysis on the executable application downloaded over the network. The plurality of execution environments including a standard execution environment and a protected execution environment. The behavioral analysis module is configured to evaluate a plurality of behavioral characteristics of the executable application to determine whether the executable application should be executed within the protected execution environment prior to execution of the executable application. The behavioral analysis module also monitors execution of the executable application to determine whether the execution environment can be changed. | 06-16-2011 |
20110145927 | METHOD AND SYSTEM FOR PROVIDING REMOTE CONFIGURATION OF MISSING MOBILE DEVICES - An approach is provided for remotely configuring a mobile device designated as missing. A request to remotely configure the mobile device is received. In response to the request, at least one setting parameter specifying at least one action to be performed by the mobile device is retrieved. A control message specifying the at least one setting parameter is generated. It is determined whether the mobile device is network inaccessible. The control message is queued for transmission over a data channel to the mobile device when the mobile device is determined to be network inaccessible. | 06-16-2011 |
20110145928 | IMAGE FORMING APPARATUS AND METHOD THEREFOR - A multifunction peripheral is disclosed as an example of an image forming apparatus. The multifunction peripheral determines whether a license corresponding to a license identifier is present inside the image forming apparatus through a license management unit based on the license identifier corresponding to input license information. If the license is present inside the image forming apparatus, the license management unit as an example of the history determination unit determines whether there is any installation history of the license whose presence has been determined, on the image forming apparatus. | 06-16-2011 |
20110145929 | APPARATUS AND METHOD FOR PRIVACY PROTECTION IN ASSOCIATION RULE MINING - There are provided an apparatus and a method for privacy protection in association rule mining among data mining technologies. An apparatus for privacy protection in association rule mining according to an embodiment of the present invention comprises: a fake transaction inserter that generates fake transactions of a predetermined number each having a predetermined length and inserts the fake transactions between a plurality of transactions comprised in an original data set to generate a first virtual data set; and a distortion transaction generator that generates a second virtual data set by converting data of the transaction of the first virtual data set with a predetermined probability. | 06-16-2011 |
20110154499 | Methods and Apparatus for Selecting and Delivering Content - Systems and techniques for selecting and delivering entertainment content. User preference information for entertainment content to accompany user activities is collected and associated with a user. Upon indication by a user of a desire to receive content and designation of an activity to be accompanied by the content, content items are selected and assembled into a package so that the content items may be played in sequence using a user device. The content items comprising the package are delivered to the user device. | 06-23-2011 |
20110154500 | Executing Trusted Applications with Reduced Trusted Computing Base - A system for executing trusted applications with a reduced trusted computing base. In one embodiment, the system includes a processor to dynamically instantiate an application protection module in response to a request by a program to be executed under a trusted mode. The system further includes memory to store the program which is capable of interacting with a remote service for security verification. In one embodiment, the application protection module includes a processor-measured application protection service (P-MAPS) operable to measure and to provide protection to the application. | 06-23-2011 |
20110154501 | HARDWARE ATTESTATION TECHNIQUES - Hardware attestation techniques are described. An apparatus may comprise a platform comprising a processor capable of operating in an isolated execution mode and persistent storage having entity information associated with an entity having control of a software application. The platform may include a security controller communicatively coupled to the platform, the security controller having a signature generator operative to generate a platform signature for the software application executing on the platform, the platform signature comprising a cryptographic hash of entity information, and an attest module operative to provide the platform signature to the software application with the platform signature to attest that that the platform is associated with the software application. Other embodiments are described and claimed. | 06-23-2011 |
20110154502 | Data Protection - A method to manage data access in an electronic device comprising a housing having a lid comprises receiving, from a remote server, a data protection policy, storing the data protection policy in a memory location on the electronic device, detecting a transition from a lid open status to a lid closed status, and in response to the transition, implementing the data protection policy on the electronic device. Other embodiments may be described. | 06-23-2011 |
20110154503 | METHOD OF PROTECTING COMPUTER PROGRAM CODE - Program code is modified to execute correctly only when code and data memory accesses/fetches are synchronised, i.e. data and code accesses/fetches are routed to identical physical addresses in computer memory. This indirectly defeats the MMU attack, in which code and data memory accesses/fetches to the same logical address are routed to different physical addresses. The program code is modified such that one or more sections of the code (“repair targets”) are deliberately broken so that the program code will not execute correctly, the repair targets being replaced at run time with correct code before the repair targets are executed. | 06-23-2011 |
20110154504 | MANAGEMENT SERVER DEVICE, CONTENT REPRODUCTION DEVICE, AND RECORDING MEDIUM - When a technique for specifying an unauthorized terminal based on a combination of watermarks embedded in content distributed without authorization is applied to content distributed on recording media, recording capacity limits of the recording media lead to a limit on the number of combinations of watermarks that can be embedded in the content, and only a limited number of terminals can be specified. In the present invention, all terminals are sorted into the same number of groups as there are combinations of watermarks, and a group that includes an unauthorized terminal can be specified based on the combination of watermarks embedded in the content. When the group including the unauthorized terminal is specified, this group is divided into groups, and a plurality of groups that do not include the unauthorized terminal are integrated. This enables the unauthorized terminal to be specified while keeping within the capacity of the recording medium. | 06-23-2011 |
20110162074 | APPARATUS AND METHOD FOR REMOTE PROCESSING WHILE SECURING CLASSIFIED DATA - A method and apparatus for providing an on-demand service to an organization by a hosting center, without having classified data leave the organization network, comprising: receiving a message sent from a first computing platform of the organization to an on-premise connectivity agent, the message comprising classified data; generating a code in accordance with the classified data, by a credential hiding component associated with the on-premise connectivity agent; sending the code to the hosting center; receiving a second message from the hosting center, the second message comprising the code; retrieving the classified data using the code by a credential retrieval component associated with the on-premise connectivity agent; and sending a third message to a second computing platform, the third message comprising the classified data. | 06-30-2011 |
20110162075 | Storage Device and Method for Providing a Scalable Content Protection System - A storage device and method for providing a scalable content protection system are disclosed. In one embodiment, a storage device is provided comprising a memory operative to store a plurality of versions of content, wherein each version of the content is of a different quality and is associated with a different level of content protection. The storage device receives information from the host identifying a level of content protection supported by the host. The storage device sends, to the host, a version of the content that is associated with the level of content protection supported by the host, wherein the version of the content is sent to the host using the level of content protection that is supported by the host. In another embodiment, different levels of content protection are applied to different types of content. | 06-30-2011 |
20110162076 | DATA PROTECTING DEVICE - An event condition is checked, using a computer and data content of the computer is additionally protected in relation to a normal data protection according to the event condition. The event condition is detecting by the computer a remote command and/or detecting a state according to a policy. | 06-30-2011 |
20110162077 | Protecting persistent secondary platform storage against attack from malicious or unauthorized programs - A high integrity storage manager protects critical system files by maintaining a list of protected disk blocks in hardware, such as in a memory of a microcontroller. The memory is inaccessible to software running on a host system comprising the microcontroller. This list of protected disk blocks is protected as “read only” by the hardware so that no write operation issued by software running on the host platform can overwrite a protected disk block. The high integrity storage manager intercepts write operations issued by applications via the operating system and file system running on the host processor and compares the disk blocks targeted by those write operations to the list of protected disk blocks. A write operation that would overwrite a disk block in the list of protected disk blocks is prevented from completion. Other embodiments are described and claimed. | 06-30-2011 |
20110162078 | DYNAMIC PATTERN INSERTION LAYER - Various methods and systems are provided for inserting a user-selected pattern below a main application display when sensitive information is being requested or to be communicated. The border of the main application layer may also be modified at this time, either with or without the underlying pattern. This visual change provides the user an assurance that the application or site is authentic and not a phishing attack. The user-selected patterns are stored in secure areas, such as a secure element on the user device or in a cloud accessible by the application or site. | 06-30-2011 |
20110162079 | OPTION MANAGEMENT SYSTEM, METHOD AND RECORDING MEDIUM FOR DIGITAL DEVICE - This invention provides an option management system, an option management method and a recording medium for a digital device which can charge expenses when an optional function is added, and is superior in the convenience and security. The option management system comprises a user terminal, a client terminal, and a digital device connected via a network to the user terminal and the client terminal, which performs a control process for validation or invalidation if a license key purchased by the user for an optional function of each software for monitoring, controlling and maintaining the device itself is inputted from the user terminal. | 06-30-2011 |
20110162080 | INFORMATION PROCESSING APPARATUS AND CONTROL METHOD FOR INFORMATION PROCESSING APPARATUS - A license management shared module, which is shared by a plurality of software, carries out use management of software by obtaining licenses from a license server. A deletion module determines whether or not this software is using licenses when the software is to be deleted, and returns the license to the license server based on the result of the determination. In addition, a deletion module determines whether or not software other than the software to be deleted is subject to use management, and in the case in which it has been determined that software other than the software to be deleted is not subject to use management, deletes the license management shared module. | 06-30-2011 |
20110162081 | METHOD AND DEVICE FOR PROTECTING THE INTEGRITY OF DATA TRANSMITTED OVER A NETWORK - A method of transmitting data over a network, from a sending application to a receiving application, including: coding the data, by the sending application, by implementing a predefined rule; detecting alteration of at least one item of data transmitted, by the receiving application, by implementing the predefined rule; and in case an alteration of a data item is detected, restoring the altered data item. In the course of the coding, in the course of the alteration detection, and in the course of the restoration, a cyclic redundancy check or an encryption can be implemented. | 06-30-2011 |
20110162082 | METHODS AND APPARATUS FOR PROVIDING DATA SECURITY - An electronic circuit includes a more-secure processor having hardware based security for storing data. A less-secure processor eventually utilizes the data. By a data transfer request-response arrangement between the more-secure processor and the less-secure processor, the more-secure processor confers greater security of the data on the less-secure processor. A manufacturing process makes a handheld device having a storage space, a less-secure processor for executing modem software and a more-secure processor having a protected application and a secure storage. A manufacturing process involves generating a per-device private key and public key pair, storing the private key in a secure storage where it can be accessed by the protected application, combining the public key with the modem software to produce a combined software, signing the combined software; and storing the signed combined software into the storage space. Other processes of manufacture, processes of operation, circuits, devices, wireless and wireline communications products, wireless handsets and systems are disclosed and claimed. | 06-30-2011 |
20110173701 | METHOD AND APPARATUS FOR PROVIDING A SPECIFIC USER INTERFACE IN A SYSTEM FOR MANAGING CONTENT - A method and apparatus for managing use of protected content by providing a specific user interface to an application program used to render the content. The method includes identifying a user interface description associated with content, building a specific user interface based on the user interface description, and replacing the standard user interface of an application program used to render the content with the specific user interface. The specific user interface can be unique to the user, unique to a Web site, or otherwise customized. | 07-14-2011 |
20110173702 | CIRCUIT WITH TESTABLE CIRCUIT COUPLED TO PRIVILEGED INFORMATION SUPPLY CIRCUIT - A circuit is operable in a normal operating mode and a test mode. The circuit contains a privileged information supply circuit ( | 07-14-2011 |
20110173703 | DEVICE AND METHOD FOR OUTPUTTING A PRIVATE IMAGE USING A PUBLIC DISPLAY - Disclosed are a device and a method for displaying a private image on a public display device. Image sequence pattern is generated for the private image and the corresponding masking image. The masking image is made from the dynamic inverse image of the private image, based on the refresh rate of the display device and the image sequence pattern. The masking image can screen the private image more effectively. The private image and the masking image is displayed on the display device according to the image sequence pattern. | 07-14-2011 |
20110179494 | PROTECTING DATA STORED IN A CHIP CARD INTERFACE DEVICE IN THE EVENT OF COMPROMISE - A chip card interface device (CCID) is configured for protecting data stored at the CCID in the event of a compromise. The CCID has a housing and a compromise detection system including one or more detection devices configured for detecting a compromise of the housing. The compromise detection system is configured for generating a detection signal indicating the detected compromise. A data protection system is coupled with the compromise detection system and includes a memory device and a processing device coupled with the compromise detection system. The processing device is for receiving the detection signal and erasing data stored on the memory device based on the detection signal in some embodiments. In some embodiments, the processing device also activates a locking function for rendering itself inoperable based on the detection signal. | 07-21-2011 |
20110179495 | Method of execution of a software application and a storage device for storing the software application - A method of execution of a software application. A storage device stores the software application in a first memory. The software application comprises code that, when executed by a computing device authenticates the storage device. The storage device verifies an integrity of the software application and transfers the software application to the computing device upon successful verification. The computing device executes the software application, which authenticates the storage device. If the storage device is successfully authenticated, the computing device accesses data in a second memory of the storage device, the data being susceptible to be used by the software application during execution. Also provided is the storage device. | 07-21-2011 |
20110179496 | DATA PROCESSING SYSTEM, AND DATA PROCESSING APPARATUS AND USER TERMINAL EQUIPMENT THEREFOR, AND COMPUTER PROGRAM AND DATA PROCESSING METHOD THEREOF - User activity data to be provided to a predetermined data service system is generated reflecting a current status of a general user, and the generated current user activity data is acquired. The current user activity data is stored and then provided to the data service system. Here, it is judged whether to keep the to-be-provided current user activity data confidential, in accordance with a predetermined condition. Upon judgment to keep the current user activity data confidential, pseudo activity data different from but not contradictory with the current user activity data to be stored is generated from the stored past user activity data. The generated pseudo activity data is added to the current user activity data to be stored. Thus, a data processing system is provided that allows the user activity data of the general user to be kept confidential if necessary, for protection of privacy. | 07-21-2011 |
20110179497 | DATA TRANSMISSION AND RECEPTION CONTROL APPARATUS, AND DATA TRANSMISSION AND RECEPTION SYSTEM, METHOD, AND PROGRAM - A portable terminal ( | 07-21-2011 |
20110185434 | WEB INFORMATION SCRAPING PROTECTION - A method and a filter element for preventing scraping/clipping of the information content of a database used for providing a website with data information. When a data record set from the database has been received, the filter splits all elements/fields of the data record set in a predetermined way into cells and a sortid is provided. Each cell is encoded into a markup language, wherein location information in the cell is used for generating a location value. The encoded cells are sorted into a file to establish a file, e.g. web page, wherein the encoded data cells are distributed in an arbitrary order. | 07-28-2011 |
20110191856 | RECEIVING INPUT DATA - A method of securing the inputting of sensitive information by a user, the method comprising: generating a mapping that associates each symbol of a plurality of symbols with a respective location at which to display that symbol on a display; displaying the plurality of symbols to the user, each symbol being displayed at the associated location on the display according to the generated mapping; the user providing a sequence of selections, each selection being a selection of a respective one of the locations; and converting the sequence of selections into a corresponding sequence of input symbols representing the input from user, each input symbol being the symbol associated with the respective selected location in the sequence of selections according to the generated mapping. | 08-04-2011 |
20110191857 | METHOD FOR MASKING DATA - A method for masking data in communications comprising: assigning a user identifier and a tag to private data associated with a user, wherein the user identifier and the tag is associated with the private data in a data structure associated with a second data processing node; receiving a request for a first list from a first data processing node; sending to a second request for a second list of user identifiers associated with a corresponding one or more users and sending a third request for one or more tags assigned to private data of the one or more users. The second list is merged with the one or more tags in order to generate the first list which is sent to the first data processing node. The first list can be used to initiate a communication request without requiring private data to be stored on the first data processing node. | 08-04-2011 |
20110197283 | SECURITY AND TICKETING SYSTEM CONTROL AND MANAGEMENT - A security device of this invention includes a nonvolatile storage unit | 08-11-2011 |
20110197284 | ATTRIBUTES OF CAPTURED OBJECTS IN A CAPTURE SYSTEM - A system and method for capturing objects and balancing systems resources in a capture system are described. An object is captured, metadata associated with the objected generated, and the object and metadata stored. | 08-11-2011 |
20110202999 | SYSTEM AND METHOD FOR CONTROLLING EVENT ENTRIES - To address situations wherein details and information stored in an electronic device, for example event entries, are sensitive in nature, a system and method are provided wherein such details and information are protected from inadvertent or malicious access and exposure. A flag or option is provided when creating an event entry that flags or marks the entry as sensitive. The details associated with the entry can be suppressed until a specified time before the event occurs and can be deleted or hidden after the event occurs. Access to the details at other times can be permitted through re-authentication of the user, for example using a password. In addition, data storage recovery can be effected by removing old entries irrespective of the sensitivity of the event or its details. | 08-18-2011 |
20110203000 | PREVENTING UNAUTHORIZED FONT LINKING - Methods, computer readable media, and apparatuses for preventing unauthorized font linking are presented. A request for a font file may be received. It may be determined whether the request is valid, and this determination may be based on a security token and/or a referrer string. If the request is determined to be valid, a first watermark may be embedded in the font file, and the first watermark may be based on the security token. The first watermark may include at least one point in at least one glyph contained in the font file. A second watermark may be embedded in the font file, and the second watermark may include at least one table that identifies a customer. The font file then may be served to the requestor. | 08-18-2011 |
20110203001 | NETWORK NODE, INFORMATION PROCESSING SYSTEM, AND METHOD - The consistency between an application output destination and a permitted user for an I/O device section is ensured when a user deploys an application for processing and outputting input data onto an entrance node. The entrance node includes an output destination/user table that manages correspondence between an application output destination and a user. The output destination/user table stores information about the output destination used for each user who uses the entrance node. An application deployment management function of a processing section in the entrance node determines whether application deployment can be accepted from a user. To do this, the application deployment management function specifies a user corresponding to the output destination for the application from the output destination/user table and verifies that the user is consistent with a user permitted for an I/O device in the I/O device section used by the application. | 08-18-2011 |
20110203002 | METHOD FOR PROTECTING PERSONAL INFORMATION IN AUDIENCE MEASUREMENT OF DIGITAL BROADCASTING SYSTEM - A method for protecting personal information in Audience Measurement (AM) of a digital broadcasting system is provided, including inserting an indicator, which notifies whether a consumption pattern of a service or content provided by a service provider can be measured, into a service guide, to which the information of the service or content is provided by a service provider; and determining whether the AM can be executed for the service or content in accordance with the indicator when the AM function is implemented in a terminal. | 08-18-2011 |
20110203003 | VERIFICATION OF PROCESS INTEGRITY - A system implements a secure transaction of data between a server and a remote device. The remote device comprises: processing means adapted to process input data according to a security process; data storage means adapted to store verification information derived from the input data according to an encryption algorithm; and communication means for communicating the input data which has been processed by the security process to the server. The server is adapted to transmit a verification request to the remote device, and to verify the integrity of the security process based on verification information received from the communication means of the remote device in response to the verification request. | 08-18-2011 |
20110209221 | Proximity Based Networked Media File Sharing - Among other things, methods, systems and computer program products are disclosed for manipulating media. In one aspect, one or more processes executing on a host computer system detect that a portable electronic device is within a predefined communications proximity relative to the host computer system, establish wireless communications and exchange information with the portable electronic device sufficient to determine that metadata relating to one or more items of visual media content reside on the portable electronic device. The metadata is used to retrieve the one or more items of visual media content from a storage location separate from the portable electronic device. The retrieved one or more items of visual media content are added to a list of visual media content available for presentation on a presentation device associated with the host computer system. | 08-25-2011 |
20110209222 | SYSTEM AND METHOD FOR PROVIDING TRANSACTIONAL SECURITY FOR AN END-USER DEVICE - A network system comprises a transaction network operative to provide a transaction with an end user; a trusted source of a security mechanism (e.g., a start/stop trigger module, an application lockout module, a network/file I/O control module, a trusted driver manager, a keystrokes generator driver, a keystrokes deletion hook, and/or a transaction network VPN manager) for at least partially protecting an end-user device from malicious code operative thereon that attempts to capture confidential data presented during the transaction, the security mechanism being maintained by a party other than the end user; and an agent for providing the security mechanism to the end-user device to protect the end-user device during the transaction | 08-25-2011 |
20110209223 | EXTENSIBLE RIGHTS EXPRESSION PROCESSING SYSTEM - Extensible grammar-based rights expression system for processing rights expressions including an interpreter with plug-in subcomponents, a validator, and a framework. In another embodiment, system includes a framework having an extensible architecture with extensibility points for adding extensions to the grammar, and an interpreter, the extensions defining semantics and syntax of new rights expressions. A method for processing rights expressions is also provided having the steps of registering plug-in components, making a programmatic call, finding and invoking appropriate plug-in components, evaluating the request against the grant, and returning an authorization result. In another embodiment, method includes the steps of providing an extensible grammar-based rights expression system having an extensible architecture with an interpreter, evaluating the request against the grant using the interpreter, and returning an authorization result. The method may include the step of adding new extensions to the rights expression system to allow processing of new rights expressions. | 08-25-2011 |
20110214188 | SOFTWARE WATERMARKING TECHNIQUES - A method and system for watermarking software is disclosed. In one aspect, the method and system include providing an input sequence and storing a watermark in the state of a software object as the software object is being run with the input sequence. In another aspect, the method and system verify the integrity or origin of a program by watermarking the program. The watermark is stored as described above. In this aspect, the method and system also include building a recognizer concurrently with the input sequence and the watermark. The recognizer can extract the watermark from other dynamically allocated data and is kept separately from the program. The recognizer is adapted to check for a number. In another aspect, the software is watermarked by embedding a watermark in a static string and applying an obfuscation technique to convert the static string into executable code. In another aspect, the watermark is chosen from a class of graphs having a plurality of members and applied to the software. Each member of the class of graphs has at least one property that is capable of being tested by integrity-testing software. | 09-01-2011 |
20110219455 | RANDOM INJECTION-BASED DEACTIVATION OF WEB-SCRAPERS - A computer-implemented method and system for disabling scraping of electronic data. The method includes receiving an encoding of electronic data to be protected from scraping and adding random redundant code around the encoding of the electronic data upon each request for the electronic data. The electronic data having the redundant code added around the encoding thereof being rendered the same on a display as the encoding without the redundant code added. | 09-08-2011 |
20110219456 | WEBLOG FOR SUPPLY CHAIN MANAGEMENT - Disclosed are methods and systems for accessing a supply chain process through a weblog. The methods and systems involves receiving data from a one or more machines associated with a supply chain process, the supply chain process comprising a plurality of data publishing stages, updating the weblog with the data received from each of the data publishing stage of the one or more machines, retrieving access rights for accessing the data updated to the weblog and displaying the data in the weblog based on the access rights. | 09-08-2011 |
20110219457 | SYSTEM AND METHOD FOR INCAPACITATING A HARDWARE KEYLOGGER - A system, device and method for incapacitating a keylogger. An inactivity of an input device may be detected. A flow of information from an input device to a computing device may be manipulated. A keylogger may be caused to store redundant information by causing the input device to produce redundant input. Other embodiments are described and claimed. | 09-08-2011 |
20110219458 | SECURE AVIONICS EQUIPMENT AND ASSOCIATED METHOD OF MAKING SECURE - The invention relates, according to a first aspect, to electronic equipment comprising a processor ( | 09-08-2011 |
20110225657 | METHOD AND APPARATUS FOR PREVENTING ILLEGAL SOFTWARE DOWNLOAD OF PORTABLE TERMINAL IN COMPUTER SYSTEM - A method and an apparatus for preventing an illegal SoftWare (SW) download of a portable terminal in a computer system are provided. The method includes receiving an input of an SW binary, acquiring an encryption result value by applying a predefined encryption algorithm to the SW binary, mapping and storing the SW binary and the encryption result value, and, when receiving a request for transmission of an SW binary for a Mobile Station (MS) from a computer, transmitting a corresponding SW binary and an encryption result value to the computer. | 09-15-2011 |
20110231938 | APPLICATION SOFTWARE PROTECTING METHOD AND STREAM TRANSMITTING/RECEIVING SYSTEM - A protection method of application software is executed by initiating the first program transmitted from a server via a network on a client, and the method divides an execution result of the application software executed on the client into a plurality of pieces of intermediate data in accordance with distribution arrangement information reported by the server, distributes and arranges the plurality of pieces of intermediate data in the server and the client, transmits to the server notice information including a data length and arranged location information of each piece of the distributed and arranged plurality of pieces of intermediate data, rearranges the distributed and arranged plurality of pieces of intermediate data in the original order of the execution result of the application software on the basis of the notice information, generates in the server a second program for generating the execution result, and transmits the second program to the client. | 09-22-2011 |
20110239304 | MANAGING INFORMATION RELATING TO SECURE MODULE APPLICATIONS - An apparatus capable of hosting a secure module, which secure module comprises at least one secure module application. The apparatus is configured to provide connectivity to the secure module. A processing module is configured to obtain from the secure module information concerning the at least one secure module application. The processing module is, based on the obtained information, configured to check whether a compatible counterpart application is present in the apparatus. A communication module is configured to obtain the compatible counterpart application from an outside source in case no compatible counterpart application is present in the apparatus. | 09-29-2011 |
20110239305 | WIRELESS COMMUNICATION DEVICE, INFORMATION DISTRIBUTION SYSTEM, PROGRAM - There is provided a wireless communication device including a communication section which receives, from an information distribution device that distributes distribution information or another wireless communication device that has received the distribution information, the distribution information using ad hoc wireless communication, a position information acquisition section which acquires position information indicating a current position, a movement amount calculation section which calculates a movement amount from the information distribution device based on a change in the position information acquired by the position information acquisition section, and a distribution information management section which manages availability of the distribution information based on the movement amount and a predetermined limited area-radius that defines a limited area in which the distribution information is distributed. | 09-29-2011 |
20110239306 | DATA LEAK PROTECTION APPLICATION - A data leak protection method for managing user interaction with a computing device, the computing device comprising a kernel mode of operation and a user mode of operation, the method comprising: monitoring the kernel mode of the computing device in order to detect user-initiated events; determining whether a given user-initiated event has a forbidden status or an allowed status; performing an action in dependence on the status of the given user-initiated event. | 09-29-2011 |
20110239307 | METHOD FOR SECURING JAVA BYTECODE - The invention relates to a virtual machine. The virtual machine is set to recognize, in addition to a set of conventional bytecodes, at least one secure bytecode functionally equivalent to one of the conventional bytecodes. It is set to process secure bytecodes with increased security, while it is set to process conventional bytecodes with increased speed. The invention also relates to a computing device comprising such a virtual machine, to a procedure for generating bytecode executable by such a virtual machine, and to an applet development tool comprising such procedure. | 09-29-2011 |
20110247074 | METADATA-BASED ACCESS, SECURITY, AND COMPLIANCE CONTROL OF SOFTWARE GENERATED FILES - In embodiments of the present invention improved capabilities are described for an extensible, file-based, security system that may be used for recording, analyzing, storing, updating and evaluating metadata, such as file reputation metadata, in order to determine an appropriate access control or security control measure to implement in association with a file. In response to the generation of a file from a software program, metadata that defines access, security, and compliance reporting parameters of the generated file may be created that conform to and/or implement a corporate policy. The metadata may be used to control the access, security, and/or compliance reporting settings of the file and to require that only an approved method of using the file, or any of the file's contents, is used, and that the method and use of the file is in accord with the access, security, and/or compliance reporting parameter definitions in the metadata which embody the corporate policy. | 10-06-2011 |
20110247075 | METHOD AND APPARATUS FOR ENABLING SECURE DISTRIBUTION OF DIGITAL CONTENT - A digital content management system includes a host machine and a delivery machine remote from the host machine. The host machine sends validation agent software to the delivery machine, which executes the validation agent. The validation agent performs one or more tests or observations to determine whether the delivery machine has been compromised, and communicates the results of the tests or observations to the host machine. If the host machine determines that the delivery machine has not been compromised, the host machine sends digital content to the delivery machine, and a player module at the delivery machine delivers the content to the user according to an appropriate set of access rights. After delivering the content, the delivery machine deletes the content to prevent unwanted access to the content. The content can contain signals indicative that the content is legitimate, such as watermarks or bad code segments or sectors. | 10-06-2011 |
20110247076 | METHOD AND SYSTEM FOR RANDOM DATA ACCESS FOR SECURITY APPLICATIONS - A method for securely handling processing of information includes, in a chip, selecting one of a plurality of data processes based on a random index. After a randomly allocated time interval has elapsed, the selected one of the plurality of data processes may be initiated. The selected one of the plurality of data processes may include accessing data and/or acquiring the data. Burstiness of the data may be approximately equal to burstiness of data acquired by at least one of a plurality of clients on the chip. Data may be verified by the selected one of the plurality of data processes prior to the processing of the data. | 10-06-2011 |
20110247077 | System and Method for Rights Offering and Granting Using Shared State Variables - A method, system and device for sharing rights adapted to be associated with items, the method and system including generating at least one of usage rights and meta-rights for the items; defining, via the usage rights, a manner of use for the items; and defining, via the meta-rights, a manner of rights transfer for the items. The device including receiving at least one of usage rights and meta-rights for the items; interpreting, via the usage rights, a manner of use for the items; and interpreting, via the meta-rights, a manner of rights transfer for the items. The usage rights or the meta-rights include at least one state variable that is shared by one or more rights. | 10-06-2011 |
20110252480 | SECURE STORAGE AND RETRIEVAL OF CONFIDENTIAL INFORMATION - A secure information storage management system may securely manage the storage of confidential information. A randomizer module may randomly generate a schema that specifies a random number of pieces, a random size for each piece, a random sequence for the pieces, and/or a random location where each piece is to be stored. The randomizer module may divide the confidential information into pieces that collectively constitute the confidential information in conformance with the schema. A storage management module may cause each piece of confidential information to be stored at a different, non-contiguous storage location. When present, the storage management module may cause each piece to be stored at the location for it that is specified in the schema. | 10-13-2011 |
20110252481 | METHOD AND DEVICE FOR SECURELY TRANSFERRING DIGITAL DATA - A device is provided for securely transferring digital data between at least one first computer system and at least one second computer system, including a controller that connects to at least one data store, a first transfer device connected to the controller and that receives the digital data from the first computer system and sends the data to the controller, a second transfer device connected to the controller and that receives the digital data from the controller and sends the data to the second computer system, and which is managed independently from the first transfer device. A corresponding transfer method and media containing a computer program are also provided. | 10-13-2011 |
20110252482 | TIERED OBJECT-RELATED TRUST DECISIONS - Adware and viruses are examples of objects that may be embedded in a web page or linked to a web page. When such an object is detected to be associated with a web page loading on a browser, an analysis may be performed to determine a trust level for the object. The object is suppressed based on the trust level. A prompt is displayed to advise a user that the object has been suppressed, and to provide an opportunity to interactively accept or decline activation of an action for the object. | 10-13-2011 |
20110258704 | STREAMING INSERTION OF TOKENS INTO CONTENT TO PROTECT AGAINST CSRF - Methods and apparatus are provided for protecting against cross-site request forgeries (CSRFs) by requiring certain requests submitted to a computer server to include specific tokens. The requests involve modification of or access to protected data, and the tokens are inserted by a state machine into content from which the requests are initiated. For example, content that includes a form, a hyperlink, a scripted request or other control for initiating a follow-on request to the server is modified to include tokens. The state machine may scan the content in real time (e.g., as it is served) to identify these controls and to insert the tokens. Using a state machine allows the content to be streamed even as it is scanned, does not require construction of a representation of the content (e.g., a DOM tree), and avoids modifying any of the content other than to insert one or more tokens. | 10-20-2011 |
20110258705 | METHODS FOR WATERMARKING MEDIA DATA - Methods are provided for encoding watermark information into media data containing a series of digital samples in a sample domain. The method involves: dividing the series of digital samples into a plurality of sections in the sample domain, each section comprising a corresponding plurality of samples; processing the corresponding plurality of samples in each section to obtain a single energy value associated with each section; grouping the sections into groups, each group containing three or more sections; assigning a nominal bit value to each group according to a bit assignment rule, the bit assignment rule based on the energy values of the sections in the group; and assigning a watermark bit value to each group. The methods also involve, for each group, comparing the watermark bit value to the nominal bit value and, if the nominal bit value and the watermark bit value of the watermark information bit do not match, modifying one or more energy values of one or more corresponding sections in the group such that re-application of the bit assignment rule would assign the watermark bit value to the group. The bit assignment rule may comprise: a categorization rule for categorizing each group into one of a plurality of categories; and for each category, a unique category bit assignment rule for assigning a nominal zero bit value or a nominal one bit value to each group. | 10-20-2011 |
20110265185 | METHOD ENABLING A USER TO KEEP PERMANENTLY THEIR FAVOURITE MEDIA FILES - This invention enables a user to convert their favourite DRM protected media files, which would otherwise have significant use restrictions, to media files that can be played without limitation of time. This is especially useful where the DRM protected files are supplied as part of a subscription service and the ability to playback those files ends when the subscription ends. This approach relies on the ability to gather playback metrics for the DRM protected media files, to analyse them to determine the user's favourites, and then to provide the user with non-time limited versions of those favourite digital media files. In one implementation, a user's favourite music tracks can still be played, even though a music subscription service has ended. | 10-27-2011 |
20110265186 | METHOD FOR PROTECTING A SOFTWARE LICENSE, SYSTEM FOR SAME, SERVER, TERMINAL, AND COMPUTER-READABLE RECORDING MEDIUM - The present disclosure relates to software license protection method, system, and medium readable by server, terminal, and computer. The present disclosure provides a software license protection terminal comprising: a terminal communicator operated in association with a coupled dongle type token; a terminal controller for operating and controlling certain software by checking whether the token has the requisite seculet to run the software and if so, transmitting to the token an executive instruction to run the seculet, and receiving the executive result from the token to activate the specific software; and a terminal storage for storing the software. The disclosure achieves overcoming software vulnerabilities to reverse engineering to keep the customers from inconveniences of authentication inconveniences with typical online dependency. | 10-27-2011 |
20110271349 | SENDER AUTHENTICATION FOR DIFFICULT TO CLASSIFY EMAIL - The portion of email traffic that cannot be definitively determined to be spam or definitively determined to be ham (non-spam) is processed by sending a bounceback email to the sender, requiring the sender to reply using a sub-address created by the bounceback generator. The type of bounceback email depends on whether the domain of the received email indicates that the sender is or is not likely to be a spammer. When the sender is not likely to be a spammer, the bounceback email includes a sub-address in computer readable form. When the sender is likely to be a spammer, the bounceback email includes a test that must be solved to yield the sub-address; preferably, the test is very difficult for a computer to solve but reasonably easy for a human to solve. When a reply email to the bounceback email (“reply bounceback”) is received, the presence of the sub-address indicates that the sender is not a spammer, so the reply bounceback is determined to be ham and delivered to the destination mailbox. The bounceback can have the sub-address encoded in such a way that a human must be involved in decoding, which is appropriate for situations where the envelope sender domain of the original email is considered suspicious. The bounceback can have the sub-address presented in a computer readable format when the envelope sender domain of the original email is more trustworthy, if authenticated. Authentication information can be retained in a local private Sender Policy Framework (SPF) database, or shared in a centralized private SPF database. | 11-03-2011 |
20110271350 | METHOD FOR PROTECTING SOFTWARE - A method for protecting software is disclosed in the invention, including steps of analyzing the software or obtaining source codes of the software, and modifying the instructions obtained from analyzing the software or source codes of the software, and programming the modified instructions or compiling the modified source codes to obtain new software and ending or going on running the rest of instructions according to the result of executing the new instructions. By executing this method, the software is protected. | 11-03-2011 |
20110271351 | Method and System for Site Based Information Distribution - A method and a system include an account site for establishing at least one information account. The information account is established by supplying at least a secret transfer key where the information account is associated with an account identifier. Information is entered into the information account, where the information is encoded before storage into the information account and is viewable only by an owner of the information account. Access permission is entered for at least one requester to enable transfer of the information to an account of the requester. The requester is contacted for at least making available the information. The secret transfer key is communicated to the requester where the secret transfer key is used by the requester to retrieve the information. The information is decoded, transferred to an account of the requester and a log entry of the transfer is made into the information account. | 11-03-2011 |
20110271352 | DEVICE AND METHOD FOR ANONYMISING SMART METERING DATA - A device comprising an input for obtaining consumption data relating to the consumption of a utility provided by a utility provider, an output for outputting modified consumption data and a processor arranged to generate the modified consumption data based on obtained consumption data so that the modified consumption data starts to converge with the obtained consumption data if a deviation of the obtained consumption data from the modified consumption data exceeds a predetermined threshold. | 11-03-2011 |
20110271353 | PERFORMING AUTHORIZATION CONTROL IN A CLOUD STORAGE SYSTEM - A method, apparatus and computer program product for performing authorization control in a cloud storage system. The method comprises: receiving an access request to a file block, wherein the file block is embedded with tag data comprising at least file block authorization information; retrieving the file block; extracting the file block authorization information from the tag data; determining whether the access request matches the file block authorization information; and performing the access request if the access request matches the file block authorization information. Effective authorization control may be performed in a cloud storage system. | 11-03-2011 |
20110271354 | APPARATUS, SYSTEM AND METHOD FOR SECURING DIGITAL DOCUMENTS IN A DIGITAL APPLIANCE - Various embodiments include an apparatus and a method to secure protected digital document content from tampering by their user, such as unauthenticated use or use violating a policy of the digital document. The digital document file can be transferred from a network node such as a web site server to a digital appliance, such as a computer, in encrypted form. The digital document file can be resident already on a device, and/or be transferred into a device that is connected to the digital appliance. The device (hereafter a DRM device) can internally store the digital document or part of the document. The DRM device may decrypt the digital document when requested to do so. The device may further format the content for usage, for example, convert text into its graphic bitmap representation. Device formatting can include sending plain text data to the digital appliance. The device may further process degradation to the resulted file, for example, reduce the resolution of the graphic representation. The digital appliance uploads the result of the processing or sections of the result of the processing for user access via the digital appliance. | 11-03-2011 |
20110271355 | DOCUMENT ACCESS MANAGEMENT METHOD AND SYSTEM - This disclosure provides a document access method and system. The document access method and system are based on a social network model which interconnects members of the social network as a function of trust. This framework provides a basis for documents to be accessed by members which are not directly specified by a document's owner, while providing a certain degree of document security. | 11-03-2011 |
20110277036 | Policy Determined Accuracy of Transmitted Information - Systems and methods for controlling accuracy of transmitted information are described. A package is assembled based on a numerical value, such as a measurement, and one or more policies associated with the sender. When the package is received by a receiver, it is unpacked to yield a second value representing the numerical value and having a reduced accuracy with respect to the first value. The accuracy reduction depends on policies associated with the receiver and/or the sender. Examples of numerical values in different applications include geo-location data, medical data, and financial data. | 11-10-2011 |
20110277037 | Enforcement Of Data Privacy To Maintain Obfuscation Of Certain Data - A computer-readable medium is disclosed that tangibly embodies a program of machine-readable instructions executable by a digital processing apparatus to perform operations including determining whether data to be released from a database is associated with one or more confidential mappings between sets of data in the database. The operations also include, in response to the data being associated with the one or more confidential mappings, determining whether release of the data meets one or more predetermined anonymity requirements of an anonymity policy. Methods and apparatus are also disclosed. | 11-10-2011 |
20110283362 | DATA STORAGE DEVICE AND METHOD - An entertainment device, comprises a communication arrangement operable to receive audio segment data from an audio segment data source and to receive audio segment selection data from an audio segment selection data source in connection with an interactive audio segment data selection session as between the entertainment device and the audio segment selection data source; an audio segment selector operable to generate audio segment selection data in response to selections made by a user interacting with a user interface of the entertainment device; and a storage arrangement operable to store the received audio segment data; in which: the storage arrangement is operable to limit the duration of storage of audio segment data which was received from the audio segment data source and which was selected according to either the received audio segment selection data or the generated audio segment selection data. | 11-17-2011 |
20110283363 | BROWSER WITH DUAL SCRIPTING ENGINE FOR PRIVACY PROTECTION - A data processing system has a browser with scripting engine means for executing a script. The scripting engine means implements a public scripting engine and a private scripting engine. The browser is configured to have the script executed by the public scripting engine if the script does not require access to a pre-determined resource at the system. The browser is configured to have the script executed by the private scripting engine if the script requires access to the pre-determined resource. Only the private scripting engine has an interface for enabling the script to access the predetermined resource. The scripting engine means is configured to prevent the private scripting engine from communicating data to the public scripting engine or to a non-approved server external to the data processing system. | 11-17-2011 |
20110289589 | UNAUTHORIZED OPERATION DETECTION SYSTEM AND UNAUTHORIZED OPERATION DETECTION METHOD - The content of operations is identified and an alert is generated to an operation having a high risk of information leakage. | 11-24-2011 |
20110289590 | PRIVACY MANAGEMENT OF DATA - The invention relates to receiving data originating from multiple users, identifying data item combinations occurring within said data, determining privacy sensitivity measures to said data item combinations, and communicating privacy sensitivity measure(s) to user(s) concerned. The privacy sensitivity measures can be used to protect user privacy. | 11-24-2011 |
20110289591 | Software Validity Period Changing Apparatus, Method,and Installation Package - A software validity period changing apparatus includes a password information storage unit, an input device, an authentication unit, and a validity period changing unit. The authentication unit calculates a first hash value of the password stored in the password information storage unit, calculates a second hash value of a password input via the input device, and determines whether the first hash value matches the second hash value. The validity period changing unit decompresses an installation package into components, the installation package including a validity period and version information on each of the components, detects a position of the validity period if it is determined that the first hash value matches the second hash value, changes the validity period identified by the position to a validity period input through the input device, changes the version information, and combines the components to reproduce the installation package. | 11-24-2011 |
20110289592 | DIGITAL RIGHTS MANAGEMENT WITH IRREGULAR NETWORK ACCESS - There is a performing of digital rights management (DRM), operable in an offline mode with respect to a communications network. The performing includes identifying a stored rights object associated with a stored asset. The stored rights object includes reporting duration information associated with the stored asset. The performing also includes determining, utilizing a processor, whether a transmission of an early status message is a successful communication based on an early status message determination. If a failure in communicating the early status message is determined, utilizing the stored asset. The performing may also include transmitting an early status message and/or later status message after identifying the stored rights object. There is also a performing of digital rights management (DRM) associated with a DRM system and operable in an offline mode with respect to a communications network. There are also client devices, communicating systems, computer readable mediums and protocols. | 11-24-2011 |
20110289593 | MEANS TO ENHANCE THE SECURITY OF DATA IN A COMMUNICATIONS CHANNEL - A technique and method for creating a provably secure communications channel between two devices making the observation, recovery and modification of the data within the communications channel difficult. Specifically, the present invention compromises a technique and method for protecting the data within a data channel where security must be assured. | 11-24-2011 |
20110289594 | CONTENT RECEIVER, CONTENT UTILIZATION SYSTEM, VIEWING TIME LIMIT DETERMINATION METHOD, PROGRAM, AND RECORDING MEDIUM - When a control unit of a content receiver causes to write out content to an exchangeable medium, causes to also write out a viewing license of the content to the exchangeable medium, and further causes an invalidating/validating unit to invalidate a viewing license of related content belonging to a same predetermined content group as the content if a viewing time limit of the content is not determined. When a content reproducer reproduces the content recorded in the exchangeable medium, determines the viewing time limit of the content and records it to the exchangeable medium. When the exchangeable medium which is reproduced by the content reproducer is installed, the control unit causes to set a viewing time limit of the related content to the same time limit as the viewing time limit of the content on the exchangeable medium and causes to validate the viewing license of the related content. | 11-24-2011 |
20110289595 | INFORMATION PROCESSING DEVICE, INFORMATION RECORDING MEDIUM MANUFACTURING DEVICE, INFORMATION RECORDING MEDIUM, METHODS THEREFORE, AND COMPUTER PROGRAM - An information processing device for executing content reproduction processing includes: a content reproduction processing unit for executing data transformation processing for replacing a part of configuration data of input content to be reproduced with transformation data, and executing processing for reproducing the reproduction content; and a parameter generating unit for providing the content reproduction processing unit with a parameter to be applied in the data transformation processing; wherein the content reproduction processing unit has a configuration for obtaining a parameter identifier that is different for each segment set as a sectioning region of reproduction content, and outputting a parameter calculation request accompanied by the parameter identifier to the parameter generating unit; and wherein the parameter generating unit has a configuration for providing the content reproducing unit with a parameter corresponding to a segment, in response to the parameter calculation request from the content reproducing unit. | 11-24-2011 |
20110296529 | SYSTEMS AND METHODS FOR USING A DOMAIN-SPECIFIC SECURITY SANDBOX TO FACILITATE SECURE TRANSACTIONS - Computer systems, methods, and computer readable media for facilitating a secure transaction are provided in which a client application is executed on a client computer. The client application initiates a request to a first domain comprising (i) a credential for the client application, (ii) a transaction identifier that uniquely identifies the request, and (iii) optionally, an identification of a user of the client application. Responsive to this request, the client receives a validated transaction module from the first domain. The client application loads the validated transaction module into a separate domain security sandbox that is segregated from memory space in which the client application is run. The validated transaction module conducts a validated transaction between the second domain and the validated transaction module. Separately, through the client application, a determination is made as to whether the transaction is complete by querying the first domain. | 12-01-2011 |
20110296530 | ELECTRONIC READING APPARATUS AND THE DATA SECURITY METHOD THEREOF - Present invention relates to an electronic reading apparatus with data security and anti-theft functions. The electronic reader apparatus has a code input unit for receiving a security code, and a code determining unit for determining an authenticity of the security code. When no security code, no authentic security code or even no operational signal has been received during the predetermined periods of time, a central control unit may stop a power supply unit from outputting power in order to turn off the electronic reader apparatus and clear the image shown on a display unit. As such, a content of sensitive or confidential data stored in the electronic reading apparatus may not be intruded. | 12-01-2011 |
20110296531 | TECHNIQUES FOR DETECTING AND PREVENTING UNINTENTIONAL DISCLOSURES OF SENSITIVE DATA - Protection is provided to prevent a computer user from unintentionally giving away sensitive data (e.g., security credentials, credit card number, PINs, personal data, or bank account number) to an illegitimate or unintended entity by means of a client application capable of communicating the sensitive data across a network to other computer users. To provide the protection, user input is monitored to detect a user entry of the sensitive data into the client application for communication to other users. When such an entry occurs, action is taken to reduce the likelihood of an unintentional giveaway of the sensitive data or to reduce the effects of an unintentional giveaway. | 12-01-2011 |
20110296532 | SECURE SERIAL NUMBER - A serial number for a software product is secured with an authenticator value. The authenticator value and the serial number are evaluated entirely by a remote authentication server such that no cryptographic authentication occurs on a local computer on which the software product is being installed. An abbreviated portion of the authenticator value is used for offline authentication. | 12-01-2011 |
20110302659 | DATA SECURITY IN A MULTI-NODAL ENVIRONMENT - A data security manager in a multi-nodal environment enforces processing constraints stored as security relationships that control how different pieces of a multi-nodal application (called execution units) are allowed to execute to insure data security. The security manager preferably checks the security relationships for security violations when new execution units start execution, when data moves to or from an execution unit, and when an execution unit requests external services. Where the security manager determines there is a security violation based on the security relationships, the security manager may move, delay or kill an execution unit to maintain data security. | 12-08-2011 |
20110307958 | SOFTWARE LICENSE AND INSTALLATION PROCESS MANAGEMENT WITHIN AN ORGANIZATION - A software license and a software installation process are managed. A status of the license can be one of at least a third party reserved status, a requester reserved status, a requester allocated status, and an available status. A first module can be operative to change the status of the license from the third party reserved status to the requester allocated status in response to receiving a mode selection. The mode selection can correspond to one of one or more modes. The modes can comprise a reserve license mode, a remove reserve mode, a request license allocation mode, a return excess license to inventory mode, an ordering mode, and an add license to inventory mode. The first module can be operative in at least one of the modes. | 12-15-2011 |
20110307959 | SELECTIVELY EXPOSING BASE CLASS LIBRARIES BASED ON APPLICATION EXECUTION CONTEXT - Allowing access to APIs based on application context. A method includes determining an application context for an application. A layer is determined for a base class library. Layers of the base class library are defined by one or more developer defined attributes associated with an API, where the API is included in the base class library. The base class library is divided into layers based on the developer defined attributes. The one or more attributes define which application contexts can access the API. If the layer matches the application context then access by the application to the API is allowed. | 12-15-2011 |
20110307960 | SYSTEMS, METHODS, AND APPARATUS FOR SECURING USER DOCUMENTS - The invention is directed to systems, methods and apparatus for securing documents. The system comprises a server having a processor and a data storage device for storing documents, at least one document provider connected to the server, the at least one document provider operable to provide user documents to the server for storage in the data storage device, the user documents containing at least one object of security concern, and at least one document consumer connected to the server, the at least one document consumer operable to receive the user documents containing the at least one object of security concern from the server. The processor in the server is operable to determine whether to provide the at least one object of security concern to the at least one document consumer based on at least one security setting, and based on the decision either provide the documents with the at least one object of security concern or provide a replacement documents without the security of concern and an indication on each replacement document that that the at least one object of security concern has been excluded. | 12-15-2011 |
20110307961 | SOFTWARE PROTECTION - A program (MC), which can be executed by a programmable circuit, is protected in the following manner. An instruction block (IB) is provided on the basis of at least a portion (MC-P) of the program. A protective code (DS) is generated that has a predefined relationship with the instruction block (IB). The instruction block (IB) is analyzed (ANL) so as to identify free ranges (FI) within the instruction block that are neutral with respect to an execution of the instruction block. The free ranges comprise at least one of the following types: bit ranges and value ranges. The free ranges that have been identified are used for embedding (SEB) the protective code (DS) within the instruction block (IB). | 12-15-2011 |
20110307962 | CONTENT SERVER DEVICE AND CONTENT DELIVERY METHOD - A content server device includes a request section for requesting a key server to transmit key data for decrypting encrypted content data to a client side in response to the content distribution request from the client side and a control unit which prohibits the transmission of the encrypted content data in response to the content distribution request when the reception number of notification received from the client side and indicating the reception of the key data from the key server is not less than the transmission number of key data to the client side by the key server and which transmits the encrypted content data in response to the content distribution request when the number of reception is not more than the number of transmission. | 12-15-2011 |
20110307963 | SYSTEMS AND METHODS FOR THE SECURE CONTROL OF DATA WITHIN HETEROGENEOUS SYSTEMS AND NETWORKS - Systems and methods for managing data rights are provided. A first label associated with a first data object may be received, and the first label may be converted into a first universal label based at least in part upon one or more predefined rules for the conversion of the first label into the first universal label. Additionally, a second label associated with a second data object may be received, and the second label may be converted into a second universal label based at least in part upon one or more predefined rules for the conversion of the second label into the second universal label. A combined universal label applicable to both the first data object and the second data object may be generated from the first universal label and the second universal label. | 12-15-2011 |
20110314550 | WATERMARK TO IDENTIFY LEAK SOURCE - Watermarks may be used to deter certain types of information leaks. In one example, leaks occur in the form of posting, in public forums, screen shots of private pages. To deter this example kind of leak, private web pages within an organization may be watermarked with an experience identifier that identifies the session in which the screen shot is captured. Other information may also be included in the watermark. The watermark may be designed to survive image compression, so that it can be recovered from either a compressed or uncompressed image of the web page. By using an experience identifier recovered from the watermark, and logs that describe activity associated with that experience identifier, it may be possible to identify the source of the information leak. | 12-22-2011 |
20110314551 | System or method to assist and automate an information security classification and marking process for government and non-government organizations for information of an electronic document - A software engine runs in a compatible mode with offthe-shelf word processors, e-mail programs and presentation development software and other document development software. The software engine is used for the security classification of sensitive or national security classified information in electronic and resultant hard copy document formats. The software engine ensures that the individual considers all informational portions of a document, that appropriate document marks are employed, that document marks in their electronic format are persistent and that all necessary information, such as classification guides, standards and security regulations, provided by the organization to classify information is at hand and immediately available. In addition to the document sensitivity or classification determination and marking support, the software engine tracks and controls documents and the electronic media storing documents. It also provides warnings and alarms, ad hoc document security analysis and reporting capability to system security administrators with respect to document or network events or captured information that may be indicative of risk to the information requiring protection. The software also provides the ability for an organization to centrally establish and control a security classification or sensitivity marking hierarchy for automated security classification support. | 12-22-2011 |
20110314552 | Remote Display Tamper Detection Using Data Integrity Operations - Methods and systems for detecting tampering of a remote display. According to one method, a first data integrity result is generated by performing a first data integrity operation on display data to be displayed on the remote display at a secure module. The display data is transmitted from the secure module to the remote display security module. The remote display security module receives the display data. A second data integrity result is generated by performing the first data integrity operation on the display data received at the remote display security module. A determination is made as to whether the remote display has been tampered with at the secure module if the first data integrity result does not match the second data integrity result. | 12-22-2011 |
20110314553 | LOCATION ENABLED BOOKMARK AND PROFILE - Location based profiles are used to modify the configuration of a computing device based on a detected location. The location based profiles allow features such as cameras to be enabled and disabled. Physical and logical data storage partitions can also be mounted and unmounted, and the home screen displayed by a device can be modified. Location bookmarks can be used to further customize the appearance and function of a computing device. | 12-22-2011 |
20110321167 | AD PRIVACY MANAGEMENT - In general, this specification relates to content presentation. In general, one aspect of the subject matter described in this specification can be embodied in methods that include the actions of receiving a privacy request from a mobile device, the privacy request including an encoded device identifier; authenticating the request; decoding the device identifier; retrieving mobile device advertising data associated with the decoded device identifier; and applying the privacy request to the mobile device advertising data. Other embodiments of this aspect include corresponding systems, apparatus, and computer program products. | 12-29-2011 |
20110321168 | THWARTING CROSS-SITE REQUEST FORGERY (CSRF) AND CLICKJACKING ATTACKS - Embodiments of the invention generally relate to thwarting fraud perpetrated with a computer by receiving a request from a computer to perform a transaction. Embodiments of the invention may include receiving the request together with transaction data and a cookie, where the transaction data are separate from the cookie; determining in accordance with predefined validation criteria whether the cookie includes a valid representation of the transaction data; and performing the transaction only if the cookie includes a valid representation of the transaction data. | 12-29-2011 |
20110321169 | Generating Minimality-Attack-Resistant Data - The present disclosure is directed to systems, methods, and computer-readable storage media for generating data and data sets that are resistant to minimality attacks. Data sets having a number of tuples are received, and the tuples are ordered according to an aspect of the tuples. The tuples can be split into groups of tuples, and each of the groups may be analyzed to determine if the group complies with a privacy requirement. Groups that satisfy the privacy requirement may be output as new data sets that are resistant to minimality attacks. | 12-29-2011 |
20110321170 | FRAUDULENT MANIPULATION DETECTION METHOD AND COMPUTER FOR DETECTING FRAUDULENT MANIPULATION - A client computer detects a user operation for transmitting data to a server or a storage device, determines whether the detected user operation is a fraudulent manipulation, and, if the determination is a positive result, performs security processing which is processing related to security of data to be transmitted. If the data is data within a group to which the user belongs and a destination of the data is a server or a storage device outside the group, the determination is a positive result. | 12-29-2011 |
20110321171 | Deleting Confidential Information Used to Secure a Communication Link - A system includes a first wireless-enabled device that transparently stores confidential information and a second wireless-enabled device that stores the same confidential information. The confidential information is to be used to secure a wireless communication link between the first device and the second device. One or both of the first device and the second device is to delete the confidential information upon fulfillment of one or more conditions related to the communication link. | 12-29-2011 |
20120005757 | COMPUTER ENABLED METHODS TO INHIBIT FILE AND VOLUME NAME COPYING AND TO CIRCUMVENT SAME - Provided here is a copy protection method and apparatus to confuse currently available personal computer software (and other content) copying packages by use of unexpected (“illegal”) special characters in the volume (or directory) name for the software or other content or data subject to being copied. This method can be used alone or with a broad range of other known copy protection technologies such as RipGuard (available from Macrovision Corp.). Also provided here is a method and apparatus to defeat the confusion method, thereby allowing copying of such copy protected software. | 01-05-2012 |
20120005758 | METHOD AND DEVICE FOR SELECTIVELY PROTECTING ONE OF A PLURALITY OF METHODS OF A CLASS OF AN APPLICATION WRITTEN IN AN OBJECT-ORIENTATED LANGUAGE - There is provided a method for selectively protecting one of a plurality of methods of a class of an application written in an object-orientated language, in particular Java, wherein a protected application is created by adding a protection module to the application, analyzing a first method to be protected of a plurality of methods of a first class of the application and determining first parameters needed for executing the first method, generating first gate code depending on the determined first parameters, replacing the first code of the first method by said first gate code and storing the replaced first code such that it can be accessed by the protection module during execution of the protected application, wherein, when the first method is called during execution of the protected application, the first gate code collects first data based on the determined first parameters and transmits the collected first data to the protection module, the protection module accesses the stored first code and generates a new class including a first substitution method based on the stored first code, instantiates the new class, invokes the first substitution method and passes at least a part of the collected first data to the invoked first substitution method so that the executed first substitution method provides the functionality of the first method, and returns execution to the first gate code after execution of the first substitution method. | 01-05-2012 |
20120005759 | IMAGE DISPLAY DEVICE, IMAGE DISPLAY METHOD, AND RECORDING MEDIUM - When a screen capture operation is monitored and a screen capture operation for instructing acquisition of an image displayed on a display device ( | 01-05-2012 |
20120011591 | Anonymization of Data Over Multiple Temporal Releases - The present disclosure is directed to systems, methods, and computer-readable storage media for anonymizing data over multiple temporal releases. Data is received, and nodes and connections in the data are identified. The data also is analyzed to identify predicted connections. The nodes, the connections, and the predicted connections are analyzed to determine how to group the nodes in the data. The data is published, and the grouping of the nodes is extended to subsequent temporal releases of the data, the nodes of which are grouped in accordance with the grouping used with the data. | 01-12-2012 |
20120011592 | METHOD AND SYSTEM EMBEDDING A NON-DETECTABLE FINGERPRINT IN A DIGITAL MEDIA FILE - The invention relates to a method and system for embedding in a digital media file user fingerprint which the user cannot detect when using the digital media file. In the method, a user-detectable watermark is first embedded in the digital media file. This watermark can be transformed in a client device to a non-detectable fingerprint of the user by utilizing digital media file-specific information issued by a digital media rights owner when the user has bought a user license. Afterwards the digital media rights owner can read the embedded user fingerprint from the digital media file if it is illegally distributed between other users. | 01-12-2012 |
20120017282 | METHOD AND APPARATUS FOR PROVIDING DRM SERVICE - A method and apparatus are provided for providing a DRM service in a user terminal apparatus providing an adaptive streaming service. Content protection information is received that includes information about multiple DRM systems applied to specific content provided using the adaptive streaming service. A specific DRM system is selected from among the multiple DRM systems. A license corresponding to the specific DRM system is acquired. The license includes an encryption key capable of decrypting the specific content. The specific content is decrypted using the acquired license. | 01-19-2012 |
20120017283 | INFORMATION PROCESSING DEVICE, INFORMATION RECORDING MEDIUM, INFORMATION PROCESSING METHOD, AND COMPUTER PROGRAM - An information processing device, for executing content reproduction processing from an information recording medium, includes a security information processing unit for determining output messages based on security check information in a content reproduction sequence, and outputting a message output command accompanied by selection information of the output message to a user interface processing unit; and a user information processing unit for obtaining message information based on the selection information input from said security information processing unit and outputting to a display unit. | 01-19-2012 |
20120017284 | METHOD AND SYSTEM FOR PREVENTING COPYING OF INFORMATION FROM PREVIEWS OF WEBPAGES - A touch screen device may include: a touch panel receiving a touch signal; a noise measurement unit measuring a noise value input to the touch panel; a determination unit determining whether or not the measured noise value exceeds a threshold; and a control unit controlling an operation mode to be maintained or switched according to a determination result of the determination unit. | 01-19-2012 |
20120023587 | SECURE KIOSK BASED DIGITAL CONTENT DELIVERY - Methods, systems, and apparatus for digital content management and distribution are provided. In an example, a method includes providing a memory device having digital content thereon; receiving an indication of a dock to which the memory device is to be coupled; and protecting the memory device with a unique key corresponding to the dock. | 01-26-2012 |
20120023588 | FILTERING METHOD, SYSTEM, AND NETWORK EQUIPMENT - A filtering method, a filtering system, and network equipment are provided by the present invention. The method includes: intercepting a request packet sent by a user terminal to an Internet server and extracting Uniform Resources Locator (URL) information from the request packet; determining a security level corresponding to the URL information according to the URL information; and processing the request packet according to the security level. Therefore, the problem that the installation of antivirus softwares in the user terminal occupies memory space and CUP resources and the problem of the risk of being bypassed by malwares are solved, which effectively prevents malwares from spreading and attacking, reduces the threat to user terminals from malwares, and improves the network security and user experience. | 01-26-2012 |
20120023589 | Recovering Data In A Storage Medium Of An Electronic Device That Has Been Tampered With - To recover data, tampering of an electronic device that stores data in a storage medium of the electronic device is detected. A recovery procedure receives information relating to prioritizing of types of the data, and the recovery procedure detects a communication link. The recovery procedure sends the data over the communication link for transfer to a recovery destination, wherein the data is sent in an order according to the information relating to prioritizing of the types of the data. | 01-26-2012 |
20120030768 | RUGGEDIZED, COMPACT AND INTEGRATED ONE-WAY CONTROLLED INTERFACE TO ENFORCE CONFIDENTIALITY OF A SECURE ENCLAVE - A rugged, integrated network interface appliance for ensuring secure data transfer comprising send-only network interface circuitry comprising a microprocessor, a program memory, a first host interface, and a first serial interface; receive-only network interface circuitry comprising a microprocessor, a program memory, a second host interface, and a second serial interface; a single data link connecting the first serial interface of the send-only network interface circuitry to the second serial interface of the receive-only network interface circuitry that is configured such that the send-only network interface circuitry is configured not to receive any data from said data link, and the receive-only network interface circuitry is configured not to send any data to said data link. | 02-02-2012 |
20120030769 | System and Method for Securely Transmitting Video Data - Exemplary embodiments provide a system and method for securely transmitting video data to an electronic display. The video data may be transmitted using a wired or wireless application. Raw video data is encoded as a plurality of JPEG frames. A plurality of primary packets are created which may contain one frame or a portion of a frame of video. Each primary packet contains a unique header with information about the packet and a unique security key. A redundant packet and header are created for each primary packet and header. After transmission each packet and header may be analyzed to determine if it was transmitted properly. If the primary packet was not transmitted properly or was an unintended transmission, the system may discard the primary packet and proceed with the redundant packet. If the redundant packet was not transmitted properly or was an unintended transmission, the entire frame may be discarded and the previously accepted frame may be repeated within the video decoder. If multiple frames are discarded, the system may display a default image. The packets are re-assembled and displayed if they are the intended transmission. | 02-02-2012 |
20120030770 | Assisted tuning of capacitive monitoring components - Assisted tuning of a capacitive monitoring component via a system, method, and a computer program product. Via a system, a software program can be adapted to execute on a computer communicatively connected to the capacitive monitoring component, with the program being further adapted to allow a user to selectively manipulate configuration parameters of the capacitive monitoring component as the user tests operation of the capacitive monitoring component to determine and select a plurality of desired parameters. A parameter data set can include the plurality of desired parameters, and be stored on a tangible medium of expression. | 02-02-2012 |
20120030771 | NETWORK SECURITY AND FRAUD DETECTION SYSTEM AND METHOD - A system and method to detect and prevent fraud in a system is provided. The system may uniquely identify physical devices connecting to a network, register unique devices, track end-user logins, associate end-user accounts with specific devices, and share information with multiple network service providers is described. | 02-02-2012 |
20120030772 | Method of Removing Metadata from Email Attachments - A method and system for removing metadata from email attachments sent from mobile devices includes receiving an email with an attached document. The attached document has metadata removed to create a cleansed version of the attached document. The attached document is replaced by the cleansed version of the attached document, and the email is sent according to the address or addresses included in the email. | 02-02-2012 |
20120036581 | SECURITY APPARATUS - A security apparatus positioned between at least one domain having a level of trust or of sensitivity A and at least one domain having a level of trust or sensitivity B, bearing in mind that the level A is different from the level B, comprises a virtualization software layer V implemented on the physical layer H and positioned between said physical layer H and at least one set consisting of at least three different compartmentalized blocks having different sensitivity levels, BLA, BLB, MDS. The compartmentalized blocks rest on the physical layer H and the virtualization layer and the blocks include at least one of: a network block A, BLA, comprising all the network functions used to process data of security level A, a network block B, BLB, comprising all the network functions used to process data of security level B, and a security module software block, MDS, or airlock positioned between at least one block of BLA type and at least one block of BLB type, said security module being designed to monitor the exchanges of data between said blocks BLA and BLB, said security module comprising all the security, filtering or cryptographic function transformations. | 02-09-2012 |
20120036582 | SYSTEM AND METHOD TO FORCE A MOBILE DEVICE INTO A SECURE STATE - Embodiments relate to systems and methods for implementation on a mobile device to force the mobile device into a secure state upon detection or determination of a triggering event. Once it is determined that a triggering event has occurred, each application operating on the mobile device is caused to immediately unreference sensitive objects and a secure garbage collection operation is performed upon the unreferenced sensitive objects to render data associated therewith unreadable. The mobile device is then caused to enter a secure state, in which the mobile device cannot be accessed without authorization. A microprocessor within the mobile device is configured to determine the existence of the triggering event according to a configuration data structure and to perform the secure garbage collection. | 02-09-2012 |
20120042385 | PROTECTING COPYRIGHTED MEDIA WITH MONITORING LOGIC - Methods and systems for protecting copyrighted media with monitoring logic are provided. In one embodiment, monitoring logic is installed on a client device associated with a user. The monitoring logic detects whether the media is present on the client device. If the media is present, the media is analyzed to determine if it is copyrighted. | 02-16-2012 |
20120042386 | REPUTATION SYSTEM FOR WEB PAGES AND ONLINE ENTITIES - A method for providing a measure of trust for each participant in a network is disclosed, together with a method to calculate it automatically. In particular, a method for rating online entities, such as online identities is provided, which also takes into account the reputation of the raters. | 02-16-2012 |
20120042387 | LIMITED-USE BROWSER AND SECURITY SYSTEM - A limited-use browser and related security system control access to content stored on a server computer linked to a network. The security system secures the content on the server and only permits it to be downloaded to a client computer running the limited-use browser or a general purpose browser executing an add-in security module providing the same functions as the limited-user browser. The limited-use browser or module secures the downloaded content on the client computer and displays it in a “view-only” mode. While the secured content is being displayed, menu selections, key combination, or pointing device commands initiated on the client computer that would modify the content or create a copy of another medium are either disabled as a default or monitored to determine if the action is permitted. | 02-16-2012 |
20120042388 | Method of managing a software item on a managed computer system - A method and system is provided of managing a current software item on a managed computer system connectable to a management computer system via a computer network. The method includes identifying, using an agent application, the current software item on the managed computer system, identifying if the current software item is an unauthorized software item; and selectively disabling the unauthorized software item. | 02-16-2012 |
20120042389 | Interoperable Systems and Methods for Peer-to-Peer Service Orchestration - Systems and methods are described for performing policy-managed, peer-to-peer service orchestration in a manner that supports the formation of self-organizing service networks that enable rich media experiences. In one embodiment, services are distributed across peer-to-peer communicating nodes, and each node provides message routing and orchestration using a message pump and workflow collator. Distributed policy management of service interfaces helps to provide trust and security, supporting commercial exchange of value. Peer-to-peer messaging and workflow collation allow services to be dynamically created from a heterogeneous set of primitive services. The shared resources are services of many different types, using different service interface bindings beyond those typically supported in a web service deployments built on UDDI, SOAP, and WSDL. In a preferred embodiment, a media services framework is provided that enables nodes to find one another, interact, exchange value, and cooperate across tiers of networks from WANs to PANs. | 02-16-2012 |
20120047582 | DATA DELETING METHOD FOR COMPUTER STORAGE DEVICE - A data deleting method for a computer storage device is implemented by first setting a default status of a delete-able status for a deletion record file in the storage device when the storage device is powered on, where the default status can be enable or disable. If the delete-able status of the deletion record file is kept in an enable state before the storage device is powered off, the whole data stored in the storage device is deleted automatically when the storage device is powered on next time. This is because the enable state of the delete-able status of the deletion record file is detected by a control unit of the storage device. Therefore, the method can prevent the data in the storage device from any theft or unauthorized usage. | 02-23-2012 |
20120047583 | CABLE FRAUD DETECTION SYSTEM - Embodiments of the present disclosure provide constant support against fraudulent cable devices maintaining unauthorized connectivity and utilizing data lines illegally within an entire network regardless of the number of DHCP servers. Embodiments maintain an updated database which is mined for duplicate MAC (Media Access Control) addresses and utilizes the assigned IPs to communicate with the devices via Simple Network Management Protocol (SNMP) comparing their system description Object Identifier (OID) value with the stored value located in the device Management Information (MI) database. When a fraudulent device is found, a series of events is triggered which discontinues service as well as bans the fraudulent device from reconnecting to the network. | 02-23-2012 |
20120060223 | TRAITOR TRACING IN A CONTENT PROTECTION SYSTEM - A method for detecting at least one traitor computer system among a plurality of receiver computer systems including: assigning a version of protected content to each of the plurality of receiver computer systems that are currently identified as innocent by a content protection system that monitors distribution of protected content to the plurality of receiver computer systems; recovering at least one unauthorized rebroadcast of the content; generating a score for each of the plurality of receiver computer systems with respect to the recovered unauthorized rebroadcast; calculating a threshold independent of an estimation of maximum traitor computer systems; checking a highest score against the threshold; incriminating a receiver computer system having the highest score above the threshold as a traitor computer system; and removing any unauthorized rebroadcasts overlapping with the traitor computer system. The process may be repeated from generating scores until all traitors are identified. | 03-08-2012 |
20120060224 | Wireless Device Content Information Theft Protection System - A wireless device, such as a laptop computer or a cellular phone, may contain confidential information which may be secured by an internal security system. When the device is stolen, the user can provide a portion of a kill code to a wireless service provider. The wireless service provider provides its own portion of the kill code and combines it with the user's supplied code. Then, the service provider may transmit the combined kill code to the wireless device. Upon receipt, the wireless device may erase all confidential information on the device. In other embodiments, it may erase any unlocked block of memory. As still another alternative, the system may also, upon receipt of the combined kill code, disable the operating system. | 03-08-2012 |
20120060225 | METHOD AND DEVICE FOR UPGRADING RIGHTS OBJECT THAT WAS STORED IN MEMORY CARD - Disclosed herein relates to a digital rights management, and more particularly, to a method for upgrading digital rights and a device for providing the same. A method of allowing a terminal to upgrade a rights object installed in a memory card according to an embodiment of the present invention may include allowing the terminal to receive a trigger message comprising a rights object identifier, upgrade information, and AssetID (Asset Identifier) to contents from a Rights Issuer, transmitting an asset identifier message comprising the AssetID to the memory card, receiving a rights information message comprising rights information selected based on the AssetID from the memory card, checking whether the rights information corresponds to the rights object identifier, and generating a rights object based on the rights information to upgrade the rights object. | 03-08-2012 |
20120066767 | METHOD AND APPARATUS FOR PROVIDING COMMUNICATION WITH A SERVICE USING A RECIPIENT IDENTIFIER - An approach is presented for providing communication with a service using a recipient identifier. The data communication platform receives a request to generate a recipient identifier for indicating data exchanged between a service and an application on a device. Further, the data communication platform determines user identifier, one or more device identifiers associated with the device, one or more application identifiers associated with the application, or a combination thereof. Then, the data communication platform determines to generate the recipient identifier by encoding, at least in part, the user identifier, the one or more device identifiers, the one or more application identifiers, or a combination thereof in the recipient identifier. In one embodiment, the recipient identifier may be encrypted. The user identifier, the one or more device identifiers, the one or more application identifiers, or a combination thereof are decodable directly from the recipient identifier. | 03-15-2012 |
20120066768 | PROTECTION OF INTERNET DELIVERED MEDIA - Program code in a Web page hosted by a server and/or in server side code executed by the server is specially configured so that a modified media file whose source is embedded in the Web page and which is streamed by the server is properly playable only in browsers of media devices accessing the Web page. Thus, if a copy of the modified media file is downloaded to the media device or otherwise procured, the user of the media device is unable to properly play the downloaded copy by using a conventional media player. Further, if the downloaded copy is shared on a file sharing network, users of the file sharing network that download copies from the media device are also unable to properly play their downloaded copies by using conventional media players. | 03-15-2012 |
20120066769 | DATA SECURITY IN A CLOUD COMPUTING ENVIRONMENT - Methods and apparatus for providing data security, in particular for cloud computing environments, are described. In an embodiment, a software component monitors events at a node in a computing system and on detection of an event of a particular type, interrupts a message associated with the event. Before the message is allowed to continue towards its intended destination, a security template is selected based on the message (e.g. the data in the message and identifiers within the message) and this template is used to determine what data protection methods are applied to each data element in the message. A modified data packet is created by applying the security template and then this modified data packet is inserted into the message in place of the data packet in the interrupted message. | 03-15-2012 |
20120066770 | INFORMATION PROCESSING APPARATUS AND INFORMATION PROCESSING PROGRAM - According to one embodiment, there is provided a an information processing apparatus, including: a program acceptance portion; a program storage portion; a first function type storage portion; a function type extraction portion; a second function type storage portion; a first alternate function type storage portion; an alternate function type extraction portion; a second alternate function type storage portion; a selection portion; a judging portion; an updating portion; and a protection attribute determination portion. | 03-15-2012 |
20120066771 | SYSTEMS AND METHODS FOR DETECTING SUBSTITUTION OF HIGH-VALUE ELECTRONIC DOCUMENTS - Embodiments are described of systems and methods for prevention, detection, mitigation of risk, and such, of unauthorized manipulation, e.g., substitution, of high-value data files (including electronic document files). | 03-15-2012 |
20120066772 | Scalable Anti-Replay Windowing - The present disclosure provides a method for scalable anti-replay windowing. According to one exemplary embodiment, the method may include receiving at least one data packet having at least one new sequence number. The method may also include comparing the at least one new sequence number to an anti-replay window configured to prevent packet replay, the anti-replay window having at least one existing sequence number. The method may further include shifting the contents of the anti-replay window by varying the location of a starting index and an ending index. Of course, additional embodiments, variations and modifications are possible without departing from this embodiment. | 03-15-2012 |
20120072992 | SECURING SENSITIVE DATA FOR CLOUD COMPUTING - A system and associated method for securing sensitive data in a cloud computing environment. A customer system has proprietary data as a record stored in a database. The customer system associates a hashing directive with the record prior to sending the data out to a cloud for computing services. The hashing directive classifies each data field of the record into sensitive and transactional. The hashing directive controls a mode of hashing, either one-way hashing or two-way hashing for each sensitive data field associated with the hashing directive. A cloud receives the record secured according to the hashing directive and process the record to generate a result value for a cloud process result field of the record. The customer system reconstitutes the record the record according to the mode of hashing indicated in the hashing directive. | 03-22-2012 |
20120072993 | APPARATUS AND METHOD FOR MUTATING SENSITIVE DATA - A computer readable storage medium includes executable instructions to receive data from a data source. Data mutation criteria is applied to designated data elements to produce mutated data that preserves an identifiable relationship between an original designated data element and a corresponding mutated data element. The data mutation criteria also produces mutated data with an identifiable relationship between related mutated data elements. The mutated data is loaded into a report and the report is displayed. | 03-22-2012 |
20120072994 | METHOD TO PRODUCE SECURING DATA, CORRESPONDING DEVICE AND COMPUTER PROGRAM - A method and apparatus are provided for generating security data for implementing a secure session between a first and at least a second entity according to a secure session establishment protocol. Such a method includes: initializing a third secure entity connected to the first entity; generating at least a portion of the security data within the third entity; transmitting the generated security data from the secure third entity to the first entity; and transmitting at least a portion of the security data generated in the third secure entity to at least a previously initialized fourth secure entity connected to the third secure entity. | 03-22-2012 |
20120072995 | SYSTEMS AND METHODS FOR MANAGING SOFTWARE LICENSES - In one embodiment, an apparatus for managing software licenses comprises: a plurality of computers connected together in a peer to peer computer network wherein each computer is a computer node of the network; wherein each computer node comprises a software license management controller that operates in one of: a disconnected mode of operation of distributed license management without network connectivity and a normal online mode of operation of distributed license management. | 03-22-2012 |
20120079599 | Non-transitory computer readable storage medium, access filtering device, and access filtering method - An access filtering device includes a receiving unit that receives a URL of a prohibited site or a prohibited page; an executing unit that accesses the page by using the URL; an acquiring unit that acquires page information corresponding to the URL; a prohibited site list that includes character strings of prohibited sites and prohibited pages; a determining unit that determines whether the URL is a character string of a prohibited site or a prohibited page; a display control unit that, when the URL is a character string of a prohibited site or a prohibited page, displays the page in a decreased page-readability state, i.e., in a transparent state. | 03-29-2012 |
20120079600 | MEDIA PROCESSING SYSTEM SUPPORTING DIFFERENT MEDIA FORMATS VIA SERVER-BASED TRANSCODING - A method for processing media content includes receiving, at a second communications device communicatively coupled to a network at a first geographic location, from a first wireless mobile communications device communicatively coupled to the second communications device at the first geographic location, a device profile of the first wireless mobile communications device. The device profile received from the first wireless mobile communications device and media content may be sent to a server communicatively coupled to the network at a second geographic location. Media content may be received from the server, where the media content has been reformatted based on the device profile. The reformatted media content may be transmitted to the first wireless mobile communications device. The received device profile of the first wireless mobile communication device may be stored. | 03-29-2012 |
20120079601 | PORTABLE LICENSE SERVER - A portable license for licensed content is obtained by a user along with a regular license in a local network, such as a home network or other private network. The portable license may be stored in a license server on a portable device, such as a smart phone or a tablet, which functions as a portable license server. The user may take the portable device to another location where it joins another local network. A device in the second network, which does not have a license to play the licensed content, may use the portable license on the portable device to execute the content, enabling the user to enjoy it in multiple environments. The device (e.g., a TV) in the second network may continue to play the content as long as the portable license or another valid license is present in the network. | 03-29-2012 |
20120079602 | Garbled Circuit Generation in a Leakage-Resilient Manner - Methods and apparatus are provided for generating a garbled circuit for a client in a leakage-resilient manner, for use in secure function evaluation between the client and a server. The garbled circuit is generated by obtaining a token from the server, wherein said token comprises a leakage-protected area; querying the token gate-by-gate, wherein for each gate of said garbled circuit, the token interacts with the leakage-protected area to generate a garbled table for the gate; and receiving the garbled circuit from the token. The client can interact with the server to obtain garbled inputs; and then evaluate the garbled circuit on the garbled inputs to obtain a garbled output. A final output can be obtained by matching the garbled output with an output table in the garbled circuit. | 03-29-2012 |
20120079603 | SELECTIVELY WIPING A REMOTE DEVICE - A system and method for selectively securing data from unauthorized access on a client device storing a plurality of data types with reference to an authorization level indicated in a command. A command is received at a client device comprising an authorization level indicator. Based on at least one predefined rule, which may be implemented in an IT policy stored at the client device, each of the plurality of data types to be secured is determined, and then the data corresponding to those types is secured. The data may be secured by encrypting and/or deleting the data at the client device. The predefined rules associated with each authorization level may be configured by a user or administrator having an authorization level that exceeds the associated authorization level. | 03-29-2012 |
20120079604 | INFORMATION TRANSMISSION APPARATUS, DATA TRANSMISSION APPARATUS, INFORMATION TRANSMISSION DESTINATION DESIGNATING METHOD, DATA TRANSMITTING METHOD, PROGRAM AND STORAGE MEDIUM - In order to enable utilization of a personal address book by another person while maintaining security, in case display of information on an information destination registered in the address book is requested from an unauthenticated user, a display is executed in a state where address information (fax number, e-mail address etc.) is concealed (for example by a mosaic pattern), and information on the information destination, displayed with the address information in such concealed state, can be designated as the information designation. | 03-29-2012 |
20120084868 | LOCATING DOCUMENTS FOR PROVIDING DATA LEAKAGE PREVENTION WITHIN AN INFORMATION SECURITY MANAGEMENT SYSTEM - A method for locating documents has a step of, on each entity of the plurality of document-storing entities, calculating a respective fingerprint for each document of the documents stored on the entity, a step of transferring the calculated fingerprints by the entities to a data localization server having a fingerprint database for storing the transferred fingerprints, and a step of, at the data localization server, locating copies of a specimen document by calculating a fingerprint of the specimen document and comparing the calculated fingerprint of the specimen document with the fingerprints stored in the fingerprint database. | 04-05-2012 |
20120090032 | Webtextbooks - A distribution system for viewing an electronic book may include A content provider to obtain and provide the electronic book, a distribution center to distribute the electronic book from the content provider, and a predetermined number of home centers to view the electronic book by a predetermined number of users. N may be the number of simultaneous users viewing a single electronic book; and no more than n is the number of purchased electronic books from the content provider. The number of users registered to view the electronic book may be greater than n, and if the user view the electronic book for more than a predetermined period of time than that user may be inactivated from viewing the electronic book. The user may view the electronic book at the content provider, and the electronic book may be downloaded to a server of the distribution center or a viewership account may be created to be viewed by the user. | 04-12-2012 |
20120090033 | SYSTEMS AND METHODS FOR IMPLEMENTING APPLICATION CONTROL SECURITY - Systems and methods for implementing application control security are disclosed. In one embodiment, a system includes a first device, a decrypted white-list, and an executable program. The first device may be in electrical communication with a memory containing an encrypted white-list. The encrypted white-list may be decrypted using an identifier of a second device. The executable program may be referenced in the decrypted white-list. | 04-12-2012 |
20120090034 | METHOD AND APPARATUS FOR DOWNLOADING DRM MODULE - A Digital Rights Management (DRM) service system providing digital content to which DRM technology is applied, when one or more DRM content is provided to a client device, download information for a DRM module capable of installing a DRM agent corresponding to a DRM system applied to the DRM content is provided together, making it possible for the client device to download the DRM module based on the download information, install the DRM agent, and use the DRM content. | 04-12-2012 |
20120090035 | System and Tool for Logistics Data Management on Secured Smart Mobile Devices - A unique computer implemented logistics data management tool/technique for secure resident operation on a mobile computerized device—and associated system and computer-readable storage medium having stored thereon, executable program code and instructions—encompassing certain cornerstone modules: product generation module; data update module; and secure services module. Features of the three modules interoperate for secure downloading to the mobile computerized device for resident operation thereon whether in any of the following categories of wireless communication: Connected, Disconnected, and Occasionally Connected. | 04-12-2012 |
20120096559 | CANCELLING DIGITAL SIGNATURES FOR FORM FILES - The embodiments described herein generally relate to methods and systems for enabling a client to request a server to cancel the digital signing of a form file associated with a form. Successful cancellation of the digital signing process results in a return of the form file to its initial state, in which data are not lost, and the form can be resubmitted and/or the application of the digital signature can be retried. Request and response messages, communicated between a protocol client and a protocol server, cause the performance of protocol functions for applying a digital signature to a form file and for cancelling the signature thereof where errors in the signing process are detected. A versioning mechanism enabling the detection of version differences and resulting upgrades to the digital signature control allows for robust communications between a client and a server operating under different product versions. | 04-19-2012 |
20120096560 | Method and a Device for Protecting Private Content - In a method of enabling Digital Rights Management (DRM) of content in a communications network supporting a DRM system a first user equipment (RMUE), is registering with a first rights issuer of the DRM system from which a delegation assertion, authorizing the RMUE to become a private rights issuer, is retrieved. RMUE retrieves a first, signed rights object from the first rights issuer, that contains a first set of rights for the RMUE to DRM protect private content and to issue at least one second rights object, associated with the private content. DRM protection is then applied on private content, obtained by the RMUE, according to at least the first set of rights. RMUE issues a second rights object, defining a second set of rights for rendering the private content, according to the first set of rights. RMUE may then distribute the second rights object to a second user equipment which is able to render the private content on the basis of at least said second rights object, upon having acquired the private content and the delegate assertion. | 04-19-2012 |
20120096561 | IC CHIP, INFORMATION PROCESSING APPARATUS, SOFTWARE MODULE CONTROL METHOD, INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING METHOD, AND PROGRAM - An IC chip, an information processing apparatus, a software module control method, an information processing system, an information processing method, and a program for ensuring security before booting a software module reliably are provided. A reader/writer and a mobile phone terminal to be accessed by the reader/writer through proximity communication are provided. In the mobile phone terminal, a first software module transmits commands to second and third software modules. The first software module manages states of the second and third software modules. If during boot-up of the third software module, the processing of the second software module is started and completed, then the first software module resumes the boot-up of the third software module. | 04-19-2012 |
20120096562 | METHOD FOR PROTECTING THE SOURCE CODE OF A COMPUTER PROGRAM - The invention relates to a method for protection of a computer program source code comprising the following steps: | 04-19-2012 |
20120096563 | System and Method for Providing Access to Verified Personal Background Data - Access to verified personal background data is provided in the form of an electronic document that includes a data record having personal background data and corresponding verification information as well as an electronic authentication of the contents of the data record. The data record is associated with a unique identifier. The electronic document may be distributed over a communication network to a person providing the identifier. | 04-19-2012 |
20120096564 | DATA INTEGRITY PROTECTING AND VERIFYING METHODS, APPARATUSES AND SYSTEMS - The disclosure provides data integrity protecting and verifying methods, apparatuses and systems. A data integrity protecting method include: calculating a Hash value of each of the data blocks by using a first Hash function, to obtain a plurality of block Hash values which form a first series of Hash values; calculating a second series of Hash values based on the first series of Hash values, the second series of Hash values comprising a plurality of chain Hash values, each of which being associated with a corresponding block Hash value in the first series of Hash values and being associated with a neighbor chain Hash value in the second series of Hash values, wherein the first series of Hash values and the second series of Hash values used as integrity information of the data; and generating verification information of the data by using a last chain Hash value. | 04-19-2012 |
20120096565 | DEVICE, METHOD AND SYSTEM TO PREVENT TAMPERING WITH NETWORK CONTENT - The present invention discloses a system for preventing network content of one or more network servers from being tampered with. The system comprises a content caching and providing device to cache network content of the one or more network servers; and a content monitoring sub-system with one or more content monitoring client incorporated in the network servers respectively and a content monitoring server part incorporated in the content caching and providing device. The present invention further discloses a content caching and providing device, a network content providing system and a corresponding method. With the system, device and method according to the present invention, we can improve the speed and security of accessing network content while effectively preventing the network content from being tampered with. | 04-19-2012 |
20120102571 | SYSTEM AND METHOD FOR DIGITAL FORENSIC TRIAGE - A digital forensic system for performing forensics on a target device comprises a control pod and a collection device. The control pod, which has a unique identity in order to enable accurate audit, is arranged to register and allocated a unique identity to the collection device and to clean, load a profile onto the collection device, the profile defining a subset of data. The collection device is connected to the target device and copies data from the target device to the collection device according to the profile. The control pod is then arranged to create a report on the collection device, the report derived from the copied data. Once a user input has been received, indicating that the collection device be marked as evidence, then the control pod is arranged to lock the collection device in response to the user input. | 04-26-2012 |
20120110675 | RESTRICTIONS TO DATA TRANSMISSION - Data received at, or created on, a device may be tagged as corporate dependent upon a service over which the data is received or an application in which the data is created. When a user attempts to insert tagged data into a data item that is to be transmitted by the device, the insertion may be prevented. Similarly, the transmission of tagged data may be restricted to only occur on a secure service. | 05-03-2012 |
20120110676 | PROTECTION OF SECRET VALUE USING HARDWARE INSTABILITY - A method for data security, comprising providing an electronic circuit, which has a first, stable operating mode under a first operating condition and a second, unstable operating mode under a second operating condition, different from the first operating condition, and which is configured to output a secret value in the first operating mode; maintaining the electronic circuit initially in the second operating condition; transferring the electronic circuit to the first operating condition and, while in the first operating condition, reading out the secret value; and returning the electronic circuit to the second operating condition after reading out the secret value. | 05-03-2012 |
20120110677 | SYSTEM FOR PROTECTING PERSONAL DATA - A method of providing data in response to a search request comprises the steps of a social networking website receiving the search request to provide a pseudonym associated with the real name; the social networking website determining that the search request is for a pseudonym which, within its database, is not associated with the real name; the social networking website referring the search request to a identity management server which contains an association between the pseudonym and the real name; the identity management server determining the pseudonym which is associated with the real name; and the identity management server providing an information item which is related to the pseudonym. | 05-03-2012 |
20120117656 | Security Validation of Business Processes - Implementations of methods of the present disclosure include providing a process model based on the process, the process model comprising a plurality of tasks, receiving user input at a computing device, the user input specifying one or more security requirements, the user input relating each of the one or more security requirements to at least one task of the plurality of tasks, generating, using the computing device, a formal model of the process based on the process model and the one or more security requirements, the formal model being based on a specification meta-language, processing the formal model using a model checker that is executed on the computing device to determine whether violation of at least one of the one or more security requirements occurs in the process, generating an analysis result based on the processing, and displaying the analysis result on a display. | 05-10-2012 |
20120117657 | ATTRIBUTE INFORMATION PROVIDING SYSTEM - A system which implements a method for providing attribute data. A request is received from a user device via a network for a virtual ID token relating to attribute information pertaining to a subscriber associated with the user device. A data record including L attributes of the subscriber is read from a database, L being at least 2. The data record is provided to the user device via the network. A selection of M attributes of the L attributes is received from the user device via the network, M being less than L. A virtual record including the M attributes selected from the data record is generated, the virtual record including a virtual ID (VID) for identifying the virtual record. The generated virtual record is stored in the database. The virtual ID token is provided to the user device via the network, wherein the virtual ID token includes the VID. | 05-10-2012 |
20120117658 | INFORMATION PROCESSING APPARATUS AND INFORMATION PROCESSING METHOD - The information processing apparatus includes: a tampering determination unit ( | 05-10-2012 |
20120124671 | SYSTEMS AND METHODS FOR IDENTIFYING AND MITIGATING INFORMATION SECURITY RISKS - Methods and systems for Sustained Testing and Awareness Refresh against Phishing threats (STAR*Phish™) are disclosed. In an embodiment, a method assigns schemes and unique identifiers to target e-mail addresses associated with a user accounts. The method delivers e-mail messages to the targeted e-mail addresses, the e-mail messages comprising an HTTP request and a unique identifier associated with each of the user accounts. The method then receives, at a Phishing Metric Tool (PMT), a response including the unique identifier. The PMT logs training requirements for the user accounts, tracks response metrics for the training requirements, and redirects the respective HTTP requests to a phishing training tool (PTT). The PTT sends a notification of the user account identities and the unique identifiers to the PMT and returns a status for the training requirements for the user accounts. Upon completion of the training, the PMT sends completion notifications for the user accounts. | 05-17-2012 |
20120131679 | METHOD FOR PROTECTING SOFTWARE BASED ON CLOCK OF SECURITY DEVICE AND SECURITY DEVICE THEREOF - The invention discloses a software protecting method based on clock of a security device and a security device thereof. The method includes connecting to a terminal device to the security device, receiving the service instruction sent from protected software of the terminal device, protecting the protected software of the terminal device by the security device via the preset time protecting function. The security device includes an interface module and a control module. Thereby, the control module includes a communicating unit and a software protecting unit. The security device of the invention binds with functions such as time and date easily according to the time limit information which limits the time of using the security device and controls the start time and expiring time of using the security device accurately which provides safer service for protecting the software. | 05-24-2012 |
20120131680 | DETECTION METHOD FOR DETECTING FRAUD - A detection method for detecting fraud with respect to a card reader. The card reader includes a removal detection switch for detecting a removal from a housing of a user operation terminal, a first RAM that can erase removal detection recognition data being stored therein, according to an output signal from the detection switch, a second RAM being independent of the first RAM and storing authentication key data. The method includes erasing the removal detection recognition data is erased when the card reader is removed from the housing of the user operation terminal. Afterwards, the authentication key data is changed after completion of predetermined authentication procedures when the card reader is mounted into the housing of the user operation terminal. Then, the changed authentication key data is stored in the second RAM, while the removal detection recognition data is stored in the first RAM. | 05-24-2012 |
20120137371 | AUTOMATICALLY CLASSIFYING AN INPUT FROM FIELD WITH RESPECT TO SENSITIVITY OF INFORMATION IT IS DESIGNED TO HOLD - A method and system for automatically classifying an input form field as designed to hold sensitive information. The method may include selecting an input characteristic associated with the input form field. The method may also include classifying the input form field as designed to hold sensitive information by considering classifying information of other input form fields having the same input characteristic. The method may further include statistically determining whether a similar input form field is indicated as designed to hold sensitive information by at least a predetermined threshold value of the other input fields. A computer program product is also disclosed. | 05-31-2012 |
20120137372 | APPARATUS AND METHOD FOR PROTECTING CONFIDENTIAL INFORMATION OF MOBILE TERMINAL - Disclosed herein is an apparatus for protecting the confidential information of a mobile terminal. The apparatus for protecting the confidential information of a mobile terminal includes a storage unit and a confidential information management unit. The storage unit stores at least one piece of confidential information which requires security. The confidential information management unit moves the confidential information from the preset unsecured initial storage area of the storage unit, to the preset secured storage area of the storage unit and stores the confidential data in the preset secured storage area, in order to protect the confidential data, and exclusively manages the secured storage area. The secured storage area is set by the confidential information management unit. | 05-31-2012 |
20120144495 | SECURING MIXED-MODE APPLICATIONS - Embodiments are directed to securing mixed-mode applications in a semi-trusted environment. In an embodiment, a computer system securely loads native data files associated with a mixed-mode application. The secure loading ensures that the native components upon which the managed component depends are authentic. The computer system implements a securely stored handle associated with the loaded native data files to provide secure communications between the managed component and the loaded native data files. The handle provides a trusted function pointer to an associated mixed-mode application function. The computer system also initiates a security permission request for each resource that is passed to the native components during execution of the mixed-mode application, so that each resource is verified before execution. | 06-07-2012 |
20120144496 | ELECTRONIC DEVICE WITH DATA PROTECTION FUNCTION AND METHOD THEREOF - The present disclosure provides an electronic device with a data protection function. The device includes a display, an input unit, and a processor. The display displays content of a document and a cursor. The input unit generates mode switching signals in response to a user input. The mode switching signals is for switching operational modes of the electronic device between a normal mode and a data protection mode. The processor switches the device to the data protection mode upon receiving the mode switching signals when in the normal mode, and displays a color layer on the display to cause content selected through the cursor to be visible and unselected content to be invisible when in the data protection mode. A related method is also provided. | 06-07-2012 |
20120144497 | ELECTRONIC COPYRIGHT LICENSE REPOSITORY - A content distribution system for transporting audio or video licenses between content players that use digital rights management (DRM) is disclosed. The content distribution system includes at least a second license repository and an authentication engine. The second license repository receives second information describing a second plurality of content licenses. A first license repository stores a first plurality of content licenses. The first plurality of content licenses enable use of a plurality of content objects with a first content player within confines of DRM. The second license repository is geographically distant from the first license repository. The authentication engine authorizes the second plurality of content licenses of the second license repository. The second plurality of content licenses enable use of the plurality of content objects with the second content player within the confines of DRM. | 06-07-2012 |
20120144498 | System And Method For Mobile Identity Protection of a User of Multiple Computer Applications, Networks or Devices - An automated system and method for authenticating entities or individuals engaging in automated or electronic transactions or activities such as financial transactions, accessing computer applications, computer software, data networks or other automated or electronic devices requiring identity verification is provided. A unique Personal Identity Value is computed and stored in an Identity Register for the entity or individual and may be used for a variety of applications including recognizing incidents of identity theft. This Personal Identity Value is based on one or more computer logic resources that incorporate the relationship among a variety of identification information elements and parameters associated with the entity or individual, such as the entity's or individual's wireless device location, the entity's or individual's home location, other associated locations, automated activities engaged in and applications accessed. | 06-07-2012 |
20120144499 | SYSTEM TO INFORM ABOUT TRADEMARKS SIMILAR TO PROVIDED INPUT - Various embodiments of the present invention generally relate to trademark searching and notification systems. More specifically, various embodiments of the present invention relate to systems and methods for informing requesters about trademarks similar to a provided input. Some embodiments of the present invention provide for a proactive system in which users are notified of similar trademarks before using specific term(s) and users proceed after understanding which trademarks actually exist and what areas those trademarks actually entail, and possibly being notified of newly applied trademarks and modified trademarks at later times that are similar to the specific term(s) being used. | 06-07-2012 |
20120144500 | METHOD AND APPARATUS FOR PROTECTING DATA USING A VIRTUAL ENVIRONMENT - The present invention relates to a method and apparatus for protecting data using a virtual environment, which creates a safe virtual environment that supports the execution of application programs being operated on a computer and which enables important data to be inputted or outputted only within the virtual environment, such that access to the important data is prevented in a general local environment. According to the present invention, data leakage is initially prevented to protect data, and convenience is provided in that a user may use the computer in a general manner while performing desired work. | 06-07-2012 |
20120151597 | De-Identification of Data - The present invention relates to a method, computer program product and system for de-identifying data, wherein a de-identification protocol is selectively mapped to a business rule at runtime via an ETL tool. | 06-14-2012 |
20120151598 | APPARATUS AND METHOD FOR FORENSIC MARKING OF DIGITAL CONTENT - Provided are an apparatus and method for forensic marking of digital content. The apparatus includes a forensic marker configured to generate first content by inserting a first binary forensic mark in original content and second content by inserting a second binary forensic mark in the original content, and when a content service request is generated, combine the first content and the second content on the basis of information about a user who has requested the content service and thereby generate third content in which a forensic mark corresponding to the user information is inserted, a content database configured to store the first and second content, and a transceiver configured to transmit the third content. | 06-14-2012 |
20120151599 | ELECTRONIC SYSTEM FOR THE PROTECTION AND CONTROL OF LICENSE TRANSACTIONS ASSOCIATED WITH THE DISABLEMENT OF REPLICATED READ ONLY MEDIA AND ITS BOUND LICENSED CONTENT - Distribution of content stored on read only media, and a system and method by which a consumer who purchased content stored on read only media implements a process in the field by which they alter the storage media and verifiably disable at least a portion of the stored content in support of a transaction. A system and tools are used by the consumer to identify, authenticate, disable, and confirm disablement in exchange for compensation, the acquisition of new usage rights to content, or the ability to restore access to or copy content to new media. The process may be conducted by the consumer in the field without assistance and or visual inspection, or be partially conducted in conjunction with an authorized intermediary. Furthermore, the process may restore access to content stored on new media without the need to transfer copies of content. | 06-14-2012 |
20120151600 | METHOD AND SYSTEM FOR PROTECTING INTELLECTUAL PROPERTY IN SOFTWARE - A system and method for modifying material related to computer software. The system receives an original disclosure for a software system. A masquerading algorithm is applied to the original disclosure to generate a new disclosure. The subject matter of the new disclosure is different from the original disclosure but has the same functionality. The system also receives original source code for the software system and applies a camouflaging algorithm to the original source code to generate modified source code and conversion data for converting between the modified source code and the original source code. | 06-14-2012 |
20120151601 | IMAGE DISTRIBUTION APPARATUS - An image distribution apparatus that ensures both privacy protection and security is provided. A private area storage section stores private areas relating to the privacy of users. A cutout area storage section stores, as a cutout area, an area requested by an identified user to be distributed. An image processing level storage section stores an image processing rule that defines an image processing level for each of areas having different levels of privacy. An image processing area generation section acquires the cutout area of the identified user from the cutout area storage section, acquires, from the private area storage section, a private area of the identified user and a private area of a person other than the identified user, which private areas are contained in an image of the acquired cutout area, acquires the image processing rule from the image processing level storage section, and then determines an image processing method for each area in the cutout area in accordance with the acquired image processing rule. | 06-14-2012 |
20120159635 | Comment Plug-In for Third Party System - In one embodiment, a user comment system receives a user comment associated with a content object, assigns one or more privacy settings to the user comment, and stores the user comment in a data store in association with an identifier unique to the content object. | 06-21-2012 |
20120159636 | DNS-BASED DETERMINING WHETHER A DEVICE IS INSIDE A NETWORK - In a computing device a domain name system (DNS) query is generated and sent, and a check is made as to whether a verified DNS response to the DNS query is received. The computing device is determined to be inside a particular network if a verified DNS response is received, and is determined to be outside that particular network if a verified DNS response is not received. A DNS response can be determined to be verified if both the DNS response has an expected value and the DNS response is digitally signed by a trusted authority, and otherwise can be determined to be not verified. | 06-21-2012 |
20120159637 | FUNCTIONALITY FOR PROVIDING DE-IDENTIFIED DATA - A de-identification system is described herein for converting original messages into de-identified messages. The de-identification system leverages original message-inception-functionality which operates as a gateway for providing original messages for use by a production environment. Namely, the de-identification system includes a transformation module that receives the original messages from the original message-inception functionality. The transformation module then converts instances of sensitive information contained in the original messages into non-sensitive information, to produce the de-identified messages. A de-identified environment can consume the de-identified messages with high confidence that the messages have been properly sanitized. This is because the de-identification work has been performed at a well-contained quarantine level of the message processing functionality. | 06-21-2012 |
20120159638 | METHOD AND APPARATUS FOR ACCESSING CONTENT PROTECTED MEDIA STREAMS - A method and apparatus for recovering a content signal from media stream protected by a digital rights management (DRM) system. A content access device includes a network interface configured to receive the protected media stream from a remote content provider via a network and a plurality of distinct DRM components corresponding to DRM systems supported by the content access device. A content extraction unit is operable to select a DRM component of the plurality of DRM components and execute the selected DRM component to recover a content signal from the protected media stream. When a search engine is used to discover available content, a list of references to available content is presented to the user, the presentation being dependent upon whether or not the content is protected by a DRM system supported by the content access device. | 06-21-2012 |
20120159639 | METHOD OF PROVIDING CUSTOMIZED SERVICE WITH PRIVACY SECURITY - A method of providing customized service with privacy security includes: requesting service information provided from a smart environment to a smart environment control system; once the service information is transmitted from the smart environment control system, generating schedule information by using the service information, user personal information, and schedule generation information; and transmitting a service command to the smart environment control system according to the schedule information. | 06-21-2012 |
20120167224 | PROTECTED AND VIRTUAL INTERFACES FOR COM AGGREGATION - An outer COM object can be provided with privileged access to protected functionality in an inner COM object. An inner COM object can offer a custom protected interface to an outer COM object by creating a new inner internals COM object that is not available to a calling application or by creating a new extension IUnknown interface that can be used to access the protected content. An outer COM object can override behavior in an inner COM object. An inner COM object can offer access to custom behavior to an outer COM object by creating a new inner internals COM object that is not available to a calling application. The new inner internals COM object can implement a new interface that provides access to the customized (override) content or can create a new extension IUnknown interface that can be used to provide access to the customized (override) content. | 06-28-2012 |
20120167225 | PASSWORD PROTECTION USING PERSONAL INFORMATION - Provided personal information from a user may be determined, the provided personal information being associated with network publication thereof. A comparison of the provided personal information with password-related information may be performed. Based on the comparison, it may be determined that a risk level associated with the network publication relative to password security of at least one password associated with the password-related information exceeds a predetermined risk level. The user may be notified that the network publication of the provided personal information is associated with potential compromise of the password security of the at least one password. | 06-28-2012 |
20120167226 | METHOD AND SYSTEM FOR RESTORING DOMAIN MANAGEMENT - The invention relates to a method and a system for restoring domain management for a domain ( | 06-28-2012 |
20120167227 | OBSCURING INFORMATION IN MESSAGES USING COMPRESSION WITH SITE-SPECIFIC PREBUILT DICTIONARY - Obscuring information in messages to be exchanged over a communications network. In one aspect, the information comprises path name information and parameters for use in a Uniform Resource Locator (“URL”). In another aspect, the information comprises links and parameters used in forms, where hidden parameters are removed from a form and used as URL parameters. A compression dictionary is used to create a compressed form of the information. An identifier of the dictionary and an error detection code (such as a checksum) computed over the compressed information are concatenated with the compressed information, and this is encoded for sending on an outbound message. The original information is then recovered from an inbound message which contains the obscured information by reversing the processing used for the obscuring. | 06-28-2012 |
20120167228 | METHOD AND SYSTEM FOR SUBSCRIPTION DIGITAL RIGHTS MANAGEMENT - A system and method for managing use of items having usage rights associated therewith. The system includes an activation device adapted to issue a software package having a public and private key pair, the public key being associated with a user, a license device adapted to issue a license, a usage device adapted to receive the software package, receive the license and allow the user to access the item in accordance with the license, and a subscription managing device adapted to maintain a subscription list including the public key associated with the user. License's is issued by the license device upon verifying presence of the public key in the subscription list corresponding to requested content. | 06-28-2012 |
20120167229 | METHOD AND SYSTEM FOR SUBSCRIPTION DIGITAL RIGHTS MANAGEMENT - A system and method for managing use of items having usage rights associated therewith. The system includes an activation device adapted to issue a software package having a public and private key pair, the public key being associated with a user, a license device adapted to issue a license, a usage device adapted to receive the software package, receive the license and allow the user to access the item in accordance with the license, and a subscription managing device adapted to maintain a subscription list including the public key associated with the user. License's is issued by the license device upon verifying presence of the public key in the subscription list corresponding to requested content. | 06-28-2012 |
20120167230 | DIGITAL RIGHTS MANAGEMENT OF CONTENT WHEN CONTENT IS A FUTURE LIVE EVENT - A method and system for managing use of items having usage rights associated therewith including a point of capture system adapted to generate content of a future event when the event occurs, a content distributor adapted to generate a rights label having usage rights associated with content of the future event before the content is created, the rights label having a distribution key for encrypting the content as the content is generated, the distribution key being encrypted with a public key. The system also includes a license server adapted to generate a license associate with the content from the rights label before the content is generated, the license including the distribution key encrypted with the public key, and a content distributor adapted to distribute the license before the content is generated. | 06-28-2012 |
20120174232 | MECHANISM FOR EMBEDDING DEVICE IDENTIFICATION INFORMATION INTO GRAPHICAL USER INTERFACE OBJECTS - A mechanism for protecting software and computing devices from unintentional pre-release disclosure (“leak”) is provided that includes applying a security enhancement to an object on the graphical user interface of the computing device such that the object can be used to visually determine the origin of the leak without obstructing the user's experience or being easily detected or defeated. | 07-05-2012 |
20120174233 | SECURITY METHODS AND SYSTEMS - A system/method for preventing a computer virus from accessing message addresses is described. The system comprises an interception component or client plug-in that communicates with a messaging client and a messaging server. The interception component alters messages from the server and destined for the client. The interception component replaces message addresses in incoming messages with a unique identifier. The interception component also alters messages from the client destined for the server. The interception component replaces a unique identifier with a message addresses. A system/method for preventing keyboard sniffer programs from intercepting input, a system for preventing a computer virus from activating a send confirmation of a messaging client and a method for altering displayed objects to show encrypted data in decrypted form are also described and claimed. A system/method for reducing the impact of keyboard sniffer programs by altering keyboard input. | 07-05-2012 |
20120174234 | COUNTERMEASURE METHOD AND DEVICE FOR PORTECTING DATA CIRCULATING IN AN ELECTRONIC COMPONENT - The disclosure relates to a countermeasure method in an electronic component, wherein binary data are transmitted between binary data storage units, binary data being transmitted in several transmission cycles comprising a first cycle comprising: randomly selecting bits of the data, transmitting the selected bits and transmitting bits, each having a randomly chosen value, instead of transmitting non-selected bits of the data. A last transmission cycle comprises transmitting bits of the data that have not been transmitted during a previous cycle. | 07-05-2012 |
20120174235 | DETECTING A PHISHING ENTITY IN A VIRTUAL UNIVERSE - An invention for detecting a phishing virtual entity in a virtual universe is disclosed. A virtual entity may be registered as authentic and be identified with multiple physical characteristics thereof. Another virtual entity will be monitored to detect whether it includes a physical characteristic that is sufficiently similar to that of a registered virtual entity to cause confusion. A phishing virtual entity is detected based on the monitoring and phishing prevention processes may be implemented on the phishing virtual entity. | 07-05-2012 |
20120180134 | Personal Information Guard - A user equipment (UE) having a processor configured to scan a message content for personal information and indicate any detected personal information before sending the message from the UE. Also disclosed is a method implemented on a UE comprising scanning a message content for personal information, and indicating any detected personal information before sending the message from the UE. | 07-12-2012 |
20120180135 | SYSTEM AND METHOD FOR IMPROVED DETECTION AND MONITORING OF ONLINE ACCOUNTS - A computer-implemented monitoring and reporting method is provided. Identifying information is received corresponding to a user of a social networking application enabled by a social networking system. The social networking system is queried via a network for information corresponding to the user. The queried information is compared with predetermined criteria to determine a content category corresponding to the identifying information, and a report is provided including an indication of the determined content category. | 07-12-2012 |
20120180136 | CONTENT MANAGEMENT METHOD AND APPARATUS OF MOBILE TERMINAL - A contents management method and apparatus of a mobile terminal provides improved security of private contents. A contents management method of a mobile terminal includes establishing a connection to at least one external terminal. The method also includes segmenting a content stored in the mobile terminal into segments and sharing the content by distributing the segments to the terminals. The method further includes integrating the segments distributed to the terminals into the content when a content execution command is input. The method still further includes storing the integrated content and deleting the integrated content in the mobile terminal when at least one of the terminals is disconnected. | 07-12-2012 |
20120180137 | SYSTEM AND METHOD FOR DATA MINING AND SECURITY POLICY MANAGEMENT - A system and method to generate and maintain controlled growth DAG are described. The controlled growth DAG conveys information about objects captured by a capture system. | 07-12-2012 |
20120180138 | TRUST BASED MODERATION - A network device, system, and method are directed towards detecting trusted reporters and/or abusive users in an online community using reputation event inputs, such as abuse reports. When an abuse report is received for a content item, the combined trust (reputation) of previous reporters on the reported content item and the trust (reputation) of the content author are compared to determine whether to trust the content item. If the content item is un-trusted, the content item may be hidden from public view. In one embodiment, the content item might still be visible to the content author, and/or members in the author's contact list, or the like, while being hidden from another user in the community. In one embodiment, the author may appeal the determined trust, and results of the appeal may be used to modify a trust of at least one reporter. | 07-12-2012 |
20120185946 | SECURE COMPUTING IN MULTI-TENANT DATA CENTERS - This document describes techniques and apparatuses for secure computing in multi-tenant data centers. These techniques permit a client to delegate computation of a function to multiple physical computing devices without the client's information being vulnerable to exposure. The techniques prevent discovery of the client's information by a malicious entity even if that entity is a co-tenant on many of the same physical computing devices as the client. | 07-19-2012 |
20120185947 | TRIGGERING A PRIVATE BROWSING FUNCTION OF A WEB BROWSER APPLICATION PROGRAM - A private browsing function of a web browser application program may be triggered for a browser by a browser or by a URL provider. Upon receipt of the URI by a web browser, the URI is inspected for the presence of a private browsing indicator. When the URI is found to contain a private browsing indicator, operation of the private browsing function for the web browser application program is triggered. | 07-19-2012 |
20120185948 | SYSTEMS AND METHODS FOR THE PREVENTION OF UNAUTHORIZED USE AND MANIPULATION OF DIGITAL CONTENT - A number of systems and methods, alone, or in combination, achieve various levels of protection against unauthorized modification and distribution of digital content. This encompasses at least unauthorized study, modification, monitoring, reconstruction, and any other means for subversion from the originally intended purpose and license model of the digital content. The invention combines a number of techniques that in whole, or in part, serve to protect such content from unauthorized modification, reconstructive engineering, or monitoring by third parties. This is accomplished by means of methods which protect against subversion by specific tools operating on specific platforms as well as general tools operating on general platforms. Specific time domain attacks are identified, code modification can be identified and reversed, and virtual and emulated systems are identified. In addition, identification of in-circuit emulator tools (both software and hardware), debuggers, and security threats to running programs can be achieved. | 07-19-2012 |
20120185949 | TRIGGERING A PRIVATE BROWSING FUNCTION OF A WEB BROWSER APPLICATION PROGRAM - A private browsing function of a web browser application program may be triggered for a browser by a browser or by a URL provider. Upon receipt of the URI by a web browser, the URI is inspected for the presence of a private browsing indicator. When the URI is found to contain a private browsing indicator, operation of the private browsing function for the web browser application program is triggered. | 07-19-2012 |
20120192282 | SEMICONDUCTOR DEVICE - A semiconductor device includes a nonvolatile memory, and an interface configured to transfer data to and from the nonvolatile memory. The interface includes a security logic unit which controls a security level for the data written to the nonvolatile memory, in accordance with a plurality of preset security codes and a lock code that is written to a specific area in the nonvolatile memory. | 07-26-2012 |
20120192283 | Interlocked Binary Protection Using Whitebox Cryptography - A system and method for transforming a software application comprising binary code and optionally associated data, from an original form to a more secure form. The method includes performing a combination of binary transmutations to the application, and interlocking the transmutations by generating and placing interdependencies between the transmutations, wherein a transmutation is an irreversible change to the application. Different types of the transmutations are applied at varied granularities of the application. The transmutations are applied to the application code and the implanted code as well. The result is a transformed software application which is semantically equivalent to the original software application but is resistant to static and/or dynamic attacks. | 07-26-2012 |
20120192284 | METHOD FOR ACQUISITION OF SOFTWARE APPLICATIONS - A method for acquisition of a software application stored on a software application distribution unit and intended to be supplied to a user computer unit is disclosed wherein, the user computer unit communicates an item of identification information identifying the software application to be acquired to an electronic security module connected to the user computer unit. The module generates, using a secret and identification information, an item of user information and transmits it with the identification information to the unit. The unit protects with the user information the software application identified by the identification information and the protected software application is transmitted to the user computer unit. Thus, the software application is protected with an item of information from the electronic security module of the user. The protected software application then has its protection removed on an electronic security unit equipped with an electronic security module. | 07-26-2012 |
20120192285 | Software License Serving In A Massively Parallel Processing Environment - Techniques for implementing software licensing in a massive parallel processing environment on the basis of the actual use of licensed software instances are disclosed. In one embodiment, rather than using a license server or a node-locked license strategy, each use of a licensed software instance is monitored and correlated with a token. A store of tokens is maintained within the licensing system and a token is consumed after each instance successfully executes. Further, a disclosed embodiment also allows jobs that execute multiple software instances to complete execution, even if an adequate number of tokens does not exist for each remaining software instance. Once the license tokens are repurchased and replenished, any overage consumed from previous job executions may be reconciled. In this way, token-based licensing can be adapted to large scale computing environments that execute jobs of large and unpredictable sizes, while the cancellation of executing jobs may be avoided. | 07-26-2012 |
20120198559 | POLICY BASED MANAGEMENT OF CONTENT RIGHTS IN ENTERPRISE/CROSS ENTERPRISE COLLABORATION - Systems, methods and apparatuses (i.e., utilities) for use in managing access to and use of artifacts (e.g., word or pdf documents, jpegs, and the like) and any copies thereof in an enterprise/cross-enterprise environment. The utility may include a content management system for storing the artifacts and managing use of the artifacts and an information rights management system for use in sealing the artifacts, validating users and granting licenses for use of the artifacts at the directive of the content management system. | 08-02-2012 |
20120198560 | Secure active element machine - Based upon the principle of Turing incomputability, and novel properties of the Active Element Machine, a malware-resistant computing machine is constructed. This new computing machine is a non-Turing, non-register machine (non von-Neumann), called an Active Element Machine (AEM). AEM programs are designed so that the purpose of the computation is difficult to apprehend by an adversary and hijack with malware. These methods can help hinder reverse engineering of proprietary algorithms and hardware design. | 08-02-2012 |
20120198561 | DATA TRANSMISSION APPARATUS, CONTROL METHOD THEREFOR, AND IMAGE INPUT/OUTPUT APPARATUS - According to the present invention, a data transmission apparatus capable of transmitting data by using a plurality of transmission media, comprises an authority storage unit, adapted to store authority information representing use authority to use each transmission medium by each user; and a transmission control unit, adapted to, in transmitting data, restrict data transmission to a destination corresponding to a transmission medium for which a current user does not have the use authority. | 08-02-2012 |
20120204268 | METHOD AND APPARATUS FOR PROTECTING INFORMATION BASED ON DATA CARD - The present invention discloses a method and apparatus for protecting information based on a data card, and the method comprises: selecting information which needs to be hidden in a terminal device; and storing said information which needs to be hidden in a hidden partition of the data card. The present invention makes attackers not perceive the existence of the information and increases the security of the information in the data card, so as to protect the user's private information better. | 08-09-2012 |
20120204269 | SECURE AUTOMATED FEATURE LICENSE UPDATE SYSTEM AND METHODS - A method for providing a secure automated feature license update is disclosed. This method may be performed at a central license server. A license template including features for enablement on a device is generated. The license template is sent to an authorized user. A license update request is received from an entity. An updated license is generated by the central license server. A response is sent to the entity. | 08-09-2012 |
20120210435 | Web content ratings - A method of performing a security check at a user computer on web page content downloaded to the user computer over the Internet. The method includes retrieving rating information for the web page from a web service over the Internet, the rating information including one or more content ratings and a first signature generated from the content, using a specified algorithm, at substantially the same time as the or each content rating was determined. The downloaded web page content is then processed using said specified algorithm to generate a second signature, and said first and second signatures are compared and the differences therebetween quantified. It is then determined if the quantified difference exceeds a threshold value. If not, then the received content rating(s) is(are) trusted. If yes, then the result is reported to said web service. | 08-16-2012 |
20120210436 | SYSTEM AND METHOD FOR FINGERPRINTING IN A CLOUD-COMPUTING ENVIRONMENT - A system and method for uniquely fingerprinting an execution environment instance in a cloud-computing environment in which an application is assigned to the execution environment instance, and a license key is required for the application to access a desired licensed feature. The application requests a fingerprint certificate from a cloud infrastructure management unit via the application's execution environment instance. The management unit identifies the fingerprint assigned to the execution environment instance, digitally signs a fingerprint certificate, and assigns an expiration timestamp. An application programming interface (API) sends the signed certificate and timestamp back to the application. The application verifies the digital signature and the timestamp and utilizes the fingerprint certificate to request a license key from a licensing system. The licensing system verifies the fingerprint certificate before generating the license key, and the application verifies that the license key matches the fingerprint before accessing the licensed feature. | 08-16-2012 |
20120210437 | Method and system to enhance accuracy of a data leak prevention (DLP) system - A Data Loss Prevention (DLP) system is enhanced according to this disclosure by augmenting the information obtained from OS API hooking with “context” information obtained from other sources, such as by monitoring an endpoint's user interface (UI). In one embodiment, the additional “context” information is obtained from one or more user interface hooks that provide the DLP system with additional information, such as the contents of one or more application windows, the UI elements contained in a particular display window, window activation or deactivation, window resizing, user input, pointer operations, and the like. This UI information defines a “context” of the application, namely, its operating state (including, without limitation, its display state), and associated user actions that define that state. When a particular OS API hook is invoked by the application, the DLP solution uses the context information to make a more accurate enforcement decision, preferably based on the UI context. | 08-16-2012 |
20120210438 | Secure Three-Dimensional Mask-Programmed Read-Only Memory - Among all classes of three-dimensional read-only memory (3D-ROM), mask-programmed 3D-ROM (3Dm-ROM) is suitable for mass information dissemination. A secure 3Dm-ROM (3Dm-ROMS) comprises a 3Dm-ROM for storing mass information, a non-mask-programmed memory (NMP) for storing at least a key and an encryption logic. It provides strong copyright protection by writing different keys into different NMPs and encrypting the 3Dm-ROM contents with these different keys. | 08-16-2012 |
20120210439 | METHOD AND DEVICE FOR EXCERPT LICENSING - There are times when a first user may wish to distribute an excerpt of a protected digital content to a second user, for example for criticism. The protected digital content is divided into a plurality of parts, each part being encrypted using a control word specific for the part, wherein each control word can be generated from a master control word for the protected digital content. A device belonging to the first user selects the parts of the excerpt; generates the control words for the selected parts from the master control word; generates a license for the selected parts, the license comprising the control words for the selected parts; and transmits the selected parts and the license to the receiver of the second user. Also provided is the device of the first user. | 08-16-2012 |
20120210440 | INFORMATION PROCESSING DEVICE, INFORMATION RECORD MEDIUM MANUFACTURING DEVICE, INFORMATION RECORD MEDIUM, METHOD THEREFORE, AND COMPUTER PROGRAM - An information processing device for executing content reproduction processing includes: a content reproduction processing unit for executing data transformation processing for replacing a part of configuration data of input content to be reproduced with transformation data, and executing processing for reproducing the reproduction content; and a parameter generating unit for providing the content reproduction processing unit with a parameter to be applied in the data transformation processing; wherein the content reproduction processing unit has a configuration for obtaining a parameter identifier that is different for each segment set as a sectioning region of reproduction content, and outputting a parameter calculation request accompanied by the parameter identifier to the parameter generating unit; and wherein the parameter generating unit has a configuration for providing the content reproducing unit with a parameter corresponding to a segment, in response to the parameter calculation request from the content reproducing unit. | 08-16-2012 |
20120210441 | Software Protection Using an Installation Product Having an Entitlement File - Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product. Also, techniques for facilitating security compliance of a computer program product include providing an encoded version of a computer program product, and providing an installation product builder for the computer program product, wherein the installation product builder creates an installation product in a computer storage medium using a client identity and the encoded version of the computer program product during a registration process, and wherein the created installation product comprises an entitlement file to facilitate security compliance of the computer program product. | 08-16-2012 |
20120210442 | LICENSE MANAGEMENT SYSTEM, LICENSE MANAGEMENT DEVICE, AND COMPUTER-READABLE RECORDING MEDIUM HAVING LICENSE MANAGEMENT PROGRAM - A license management device includes a license identifier generator unit generating a license identifier and license information corresponding to a group of application programs, the license identifier associated with a group identifier of the group and the license information on the group, a group information storage unit storing the group identifier with a product identifier of each application program, a license information storage unit recording the license identifier corresponding to the group identifier with the product identifier of the application program, a determination unit determining, on receiving the license identifier associated with the application program, whether the received license identifier is recorded in the license information storage unit, and a sending unit sending via a network, if the received license identifier is recorded in the license information storage unit, a license file corresponding to the recorded license identifier to provide a permission to use the application program of the group. | 08-16-2012 |
20120216285 | SYSTEMS AND METHODS FOR INHIBITNG DENIAL-OF-SERVICE ATTACKS USING GROUP CONTROLS - A sandbox tool can cooperate with components of a secure operating system (OS) to create an isolated execution environment for accessing content without exposing other processes and resources of the computing system to the untrusted content. The sandbox tool can utilize task control groups (cgroups) of the secure OS with the isolated execution environment. A cgroup defines the hardware resources that can be accessed and utilized by the isolated execution environment. The cgroups can define accessible hardware resources by particular hardware resources, amount of hardware resources, and/or components of the hardware resources. Once a cgroup is applied to the isolated execution environment, any processes running in the isolated execution environment will be confined to the hardware resources defined by the applied cgroup. If a process running in the isolated execution environment attempts to utilize hardware resources outside the definition of the cgroup, the secure OS can block the usage. | 08-23-2012 |
20120216286 | METHODS AND SYSTEMS FOR SECURELY UPLOADING FILES ONTO AIRCRAFT - Methods and systems for securely uploading files onto a vehicle such as an aircraft are provided. In one embodiment, a system for transmitting files to a remote vehicle comprises: a communication system onboard the remote vehicle; at least one processor onboard the remote vehicle coupled to the communication system; and at least one storage device comprising a database, the at least one storage device further comprising computer executable instructions which when executed by the at least one processor implement a data checking functionality process comprising: generating a security file at the remote vehicle from an uplinked file received by a communication system; verifying integrity of the uplinked file using the security file; when integrity of the uplinked file is confirmed, accepting the uplinked file; and when integrity of the uplinked file is not confirmed, rejecting the uplinked file. | 08-23-2012 |
20120216287 | SOCIAL NETWORK PRIVACY USING MORPHED COMMUNITIES - A system, method and program product for morphing social network data. A system is disclosed that includes: a system for splitting up M communities within a set of social network data into N split communities; a system for morphing the N split communities into P morphed communities using a cardinality key, wherein the cardinality key causes subsets of split communities to be unioned together; and a system for adding phony members into the P morphed communities. | 08-23-2012 |
20120216288 | METHOD AND SYSTEMS FOR SECURE DISTRIBUTION OF CONTENT OVER AN INSECURE MEDIUM - A method, system, and computer program product for secure distribution of content over an insecure medium, including a recipient device configured to receive content; and a sender device configured to request from the recipient device a unique identification associated with the recipient device, before sending to the recipient device, the content and a unique key associated with the content for use of the content by the recipient device. The sender device is configured to request the unique identification associated with the recipient device from the recipient device during a predetermined time interval after sending the key, and after verification of the unique identification, send a new key associated with the content to the recipient device for further use of the content by the recipient device. | 08-23-2012 |
20120216289 | CONTENT PROVISION SYSTEM - The second content provision system determines, in response to a request by a user from a second terminal belonging to a second network, a second content being a same content as a first content, which is provided to the first terminal belonging to a first network or an alternative content for the first content and matching rights of the user. The second content is provided from the second network to the second terminal and can be used by the second terminal. The second content is determined by using content information specifying the first content which is in-use or which the use has interrupted and ownership information indicating the rights of the user and the content provision system acquires the content information and the ownership information from the first content provision system in response to the request from the second terminal. | 08-23-2012 |
20120222124 | SYSTEM AND METHOD FOR FACILITATING UNLOCKING A DEVICE CONNECTED LOCALLY TO A CLIENT - Systems and methods for facilitating unlocking a device connected locally to a client, utilizing a server located remotely from the client and the device, are provided in accordance with various aspects of the subject technology. In one aspect, a system includes a proxy configured to receive, at the client, at least one string descriptor request from the server over a network, where the at least one string descriptor request is associated with switching an interface of the device from a first interface type to a second interface type. The system further includes a stub driver configured to receive the at least one string descriptor request from the proxy, and to direct the at least one string descriptor request to the device. | 08-30-2012 |
20120222125 | THRESHOLD REPORTING PLATFORM APPARATUSES, METHODS AND SYSTEMS - The THRESHOLD REPORTING PLATFORM APPARATUSES, METHODS AND SYSTEMS (“TRP”) transform content seed selections and recommendations via TRP components such as discovery and social influence into events and discovery of other contents for users and revenue for right-holders. The TRP detects user initiation of a universally resolvable media content (“URMC”) event in a client and obtains the URMC event identifying information. The TRP may record the URMC event identifying information in association with the event in an event log in the client. The TRM may obtain reporting frequency preference setting, at least one URMC user activity upload rule, and may determine activation of a URMC upload threshold trigger by evaluating the URMC user activity upload rule. The TRP may initiate reporting of the logged URMC event identifying information based on the trigger activation and update the client upon successful acknowledgement of said reporting by a server. | 08-30-2012 |
20120222126 | CHECKING DESTINATION EMAIL ADDRESSES AGAINST HISTORICAL ADDRESS INFORMATION - An email, which includes a header and historical information, is created. The header comprises a destination email address, which comprises a name of an addressed recipient of the email and a domain name of the destination email address. The historical information in the email comprises an approved address for a previously exchanged email with the addressed recipient. The first approved address is compared to a corresponding portion of the first destination email address. In response to the corresponding portion of the first destination email address being different from the first approved address as stored in the storage unit, a warning is outputted. The warning comprises both the approved address, and an unapproved address list that comprises the first destination email address. | 08-30-2012 |
20120222127 | AUTHENTICATING A WEB PAGE WITH EMBEDDED JAVASCRIPT - A method for detecting if a digital document (e.g. an HTML document) is changed by others than authenticated script code (e.g. JavaScript code) is presented. The method includes loading the authenticated script code into a trusted computer application and storing a snapshot of the digital document in the trusted computer application. Before the authenticated script code is executed, the snapshot of the digital document is compared with the document to verify if the digital document is still authentic. After executing the authenticated script code, the snapshot of the digital document is replaced with an up-to-date copy reflecting eventual changes made to the digital document by the executed script code. The digital document can then at any time be compared with the most recent snapshot to verify if it is authentic. | 08-30-2012 |
20120222128 | DISTRIBUTION OF CONTENT DOCUMENT WITH SECURITY, CUSTOMIZATION AND SCALABILITY - A computer-implemented system and method to distribute a content document with security, customization, and scalability is provided. One or more servers provides a customizable content document associated with a first entity, enables a second entity to specify content to be included for users associated with the entity in the customizable content document, and delivers the customized content document incorporating the specified content in a secure manner to users associated with the second entity. | 08-30-2012 |
20120227111 | Method and system of organizing credentials data online - A system and method of disseminating information about an individual's achievements allows the individual to create a web portal within a social network web site and display the data about individual's credentials, awards, trophies and the like in a separate distinct modules. The system provides hyperlinks to the institutions that store authenticating data about the individual's achievements. When the web portal of the individual is linked via the Internet to the institution's database, a visitor to the web portal can connect to the institution's web site and verify the credentials posted on the web portal. | 09-06-2012 |
20120233701 | CONTENT LICENSE ACQUISITION PLATFORM APPARATUSES, METHODS AND SYSTEMS - The CONTENT LICENSE ACQUISITION PLATFORM APPARATUSES, METHODS AND SYSTEMS (“CLAP”) transform content seed selections and recommendations via CLAP components such as discovery and social influence into events and discovery of other contents for users and revenue for right-holders. The CLAP may identify an unlicensed content item and uniquely resolve it within a universally resolvable media content (“URMC”) service. The CLAP may obtain aggregate URMC service user engagement metric associated with the uniquely resolved content item during a predefined period of time and an aggregate URMC service user engagement metric associated with a plurality of URMC items during the predefined period of time. The aggregate URMC service user engagement metrics may be evaluated using at least one URMC license request threshold rule. A target for a license request for the uniquely resolved content item may be identified and the license request may be sent to the identified target. | 09-13-2012 |
20120233702 | COMMUNICATION APPARATUS THAT COMMUNICATE IN DIFFERENT SECURITY LEVELS AND COMPUTER-READABLE MEDIA FOR CONTROLLING SUCH APPARATUS - A communication apparatus may include a reception portion, a decision portion, and a transmission portion. The reception portion may receive a first data request transmitted through a first security level communication, and a second data request transmitted through a second security level communication, the second security level being more secure than the first security level. The decision portion may decide whether a specific data request is the first data request or the second data request. The transmission portion may transmit a specific data to an apparatus that is a transmission source of the specific data request if the specific data request is the second data request, and may transmit different data to the apparatus if the specific data request is the first data request. The different data contains display information for causing the apparatus to retransmit the specific data request through the second security level communication. | 09-13-2012 |
20120233703 | TECHNIQUES TO POLLUTE ELECTRONIC PROFILING - Techniques to pollute electronic profiling are provided. A cloned identity is created for a principal. Areas of interest are assigned to the cloned identity, where a number of the areas of interest are divergent from true interests of the principal. One or more actions are automatically processed in response to the assigned areas of interest. The actions appear to network eavesdroppers to be associated with the principal and not with the cloned identity. | 09-13-2012 |
20120233704 | INFORMATION PROCESSING APPARATUS, KEY GENERATION APPARATUS, SIGNATURE VERIFICATION APPARATUS, INFORMATION PROCESSING METHOD, SIGNATURE GENERATION METHOD, AND PROGRAM - Provided is an information processing apparatus for realizing an electronic signature system of the MPKC signature method capable of safety certification with respect to chosen-message attack. An information processing apparatus including a first inverse transformation unit that transforms an element y of a finite ring K | 09-13-2012 |
20120240237 | SYSTEM AND METHOD FOR IN-PRIVATE BROWSING - A method, system, and computer program product for operating a web browser in an open browsing mode and a private browsing mode. The method may include calculating, by a computer processor, a privacy probability that a website contains information sensitive to the user. The privacy probability may be based, at least in part, on historical use of the private browsing mode by the user. The method may also include comparing the privacy probability to a privacy threshold and automatically switching the browser from the open browsing mode to the private browsing mode for the website if the privacy probability is greater than the privacy threshold. | 09-20-2012 |
20120240238 | System and Method to Govern Data Exchange with Mobile Devices - Techniques for limiting the risk of loss of sensitive data from a mobile device are provided. In one aspect, a method for managing sensitive data on a mobile device is provided. The method includes the following steps. A sensitivity of a data item to be transferred to the mobile device is determined. It is determined whether an aggregate sensitivity of data items already present on the mobile device plus the data item to be transferred exceeds a current threshold sensitivity value for the mobile device. If the aggregate sensitivity exceeds the current threshold sensitivity value, measures are employed to ensure the aggregate sensitivity remains below the current threshold sensitivity value for the mobile device. Otherwise the data item is transferred to the mobile device. | 09-20-2012 |
20120240239 | WIRELESS AD HOC NETWORK SECURITY - Providing network security includes detecting network traffic associated with an ad hoc network that includes a first station and a second station, and preventing data sent by the first station from reaching the second station. | 09-20-2012 |
20120240240 | MONITORING OF DIGITAL CONTENT - The invention refers to monitoring usage of digital content provided from a content provider over a network to a client system. In the client system, a logging agent generates and stores information concerning usage of the digital content individually for each usage to be monitored. The generated information is entered in a usage log, either stored in the client system or at a trusted party. The logged usage information is also authenticated allowing identification of the client using the associated digital content. The entries of the log may include a representation of the content, information about usage quality and/or usage time. The logging agent is preferably implemented in a portable tamper-resistant module, e.g. a network subscriber identity module. The module may be pre-manufactured with the logging agent, or the agent can be downloaded thereto. | 09-20-2012 |
20120240241 | METHOD FOR IDENTITY SELF-VALIDATION, SUITABLE FOR USE IN COMPUTER ENVIRONMENTS OR IN REAL LIFE - A process for validating the identity of individuals and the individuals' belonging to a group, organization or large community of millions of people, as well as within computer environments and in real life, wherein an individual concerned requests the validation of an individual's identity; the individual concerned chooses the validation level wherein he or she seeks to be validated; the requirements are consulted for the individual to validate his or her own identity at the chosen validation level; the individual concerned is informed about the requirements to validate the user's identity; the individual concerned decides whether to continue with the validation process at the chosen level of validation or chooses to change the level of validation; the individual concerned enters data of the individual who will validate his or her own data and data from the individuals, or the verifiers who will validate his or her identity; the verifiers receive a set of validation questions that has to be answered in order to validate the identity of the individual; and the answers from the verifiers are compared with data of the individual who will validate his or her own identity to determine if such answers are satisfactory. | 09-20-2012 |
20120246731 | SECURE EXECUTION OF UNSECURED APPS ON A DEVICE - Devices are pre-deployed with an app security mechanism to ensure that apps that are downloaded onto the device do not cause data loss, data leakage, or other harm to the device. A user can start using the device and downloading apps in a conventional or typical manner and be assured that security measures are being taken to minimize potential harm for unsecured and secured apps. An app security enforcement layer or engine operates with, for example, a Type 2 hypervisor on the device, and ensures that any calls by the apps to the operating system of the device are generally safe. Measures such as enhancing or modifying the call, obfuscating the call, or terminating the app may be taken to protect the operating system. These actions are taken based on a policy that may be either interpreted or compiled by the enforcement engine with respect to app execution. The security measures are generally transparent to the user of the device. | 09-27-2012 |
20120246732 | APPARATUS, SYSTEMS AND METHODS FOR CONTROL OF INAPPROPRIATE MEDIA CONTENT EVENTS - Systems and methods are operable to prevent presentation of inappropriate media content. An exemplary embodiment receives a media content event; identifies at least one characteristic of the media content event; compares the identified characteristic with a plurality of predefined content characteristics, wherein each of the predefined content characteristics are associated with at least one type of inappropriate media content event; and defines the media content event as an inappropriate media content event in response to the identified characteristic corresponding to at least one of the plurality of predefined content characteristics. | 09-27-2012 |
20120246733 | COMPUTER-IMPLEMENTED METHOD FOR ENSURING THE PRIVACY OF A USER, COMPUTER PROGRAM PRODUCT, DEVICE - The present description refers in particular to a computer-implemented method, a computer program product and a device for ensuring the privacy of a user and the utility of data communicated by a device, such as a vehicle telematics device, to a server, the method comprising: moving the device during a time period; receiving data at the device during the time period; processing, by the device, the received data; summarizing, by the device, the processed data in a matrix, wherein the rows and columns of the matrix define circumstances of movement of the device, wherein the matrix includes a plurality matrix-entries, and wherein each matrix-entry includes a distance covered by the device during the time period under a pair of said predefined circumstances of movement; and transmitting the summarized data from the device to the server. | 09-27-2012 |
20120246734 | End-To-End Licensing Of Digital Media Assets - Brokering use of media assets based on rights provided by rights holders and licensing terms requested by potential licensees. Rights include use attributes, geographic attributes, and time attributes. Use attributes include one or more parent categories of uses, such as print advertising, web promotion, etc. Each parent category includes one or more specific uses, such as magazine advertisement, newspaper advertisement, etc. Rights are obtained from rights holders and stored in a data structure that is searchable according to various rights attributes. A licensing request includes desired licensing terms, such as a specific use, time period, and geographic location. The licensing request may also reserve use for a later time and/or impose an embargo on use for a period after use. The data structure is searched for media assets whose rights encompass the desired licensing terms, such as media assets with a parent use that includes a desired specific use. | 09-27-2012 |
20120246735 | DATA PROCESSING APPARATUS - A data processing apparatus ( | 09-27-2012 |
20120246736 | SYSTEM AND METHODS FOR PROTECTING THE PRIVACY OF USER INFORMATION IN A RECOMMENDATION SYSTEM - The invention provides an improved recommender system that includes a client device or service provider server, a trusted function handler module and a recommender module. The recommender system functions to protect the privacy of user rating information maintained by the node (i.e., client device/server) by having the node transform the user rating information using a specific function selected by the function handler and then provide the transformed user rating information to the recommender module. In this way, privacy of the user rating information is maintained because the original user rating information will be unknown to a recommender module. | 09-27-2012 |
20120255025 | Automatic Analysis of Software License Usage in a Computer Network - Apparatus and method for analyzing usage of a software license. A computer system is configured to execute a software product that is activated, subject to a software license, by a first license key. The computer system includes a license use determining module that is adapted to communicate with a group of other computer systems on the same computer network, store first license key-related information that is derived from the first license key, send the first license key-related information to be received by each computer system of the group, and receive any messages sent by responders of the group in response to reception of the first license key-related information. Each of the messages is indicative of a corresponding responder having a copy of the software product that is activated by the first license key. | 10-04-2012 |
20120255026 | METHOD AND DEVICE FOR MANAGING DIGITAL USAGE RIGHTS OF DOCUMENTS - A method, device, and system for managing digital usage rights of documents includes a mobile computing device having a digital rights management (DRM) enforcement engine included therein. The mobile computing device may communicate with a server, such as an enterprise digital rights management (EDRM) server, to retrieve a secured document and an associated document usage rights policy. The document and usage rights policy are stored in a secured storage of the mobile computing device. The DRM enforcement engine of the mobile computing device provides access to the requested document while locally enforcing the associated document usage rights policy. In some embodiments, the mobile computing device may act as a proxy for other computing devices communicatively coupled to the mobile computing device and/or act as a local EDRM to such computing devices. | 10-04-2012 |
20120255027 | DETECTING CODE INJECTIONS THROUGH CRYPTOGRAPHIC METHODS - Code injection is detected based on code digests associated with hashes of selected portions of content supplied to clients by a server. A client receives the content and generates a corresponding code digest, and based upon a comparison with the code digest received from the server, determines if the received content has been corrupted. The code digest can be signed or supplied with a digital certification for verification that the code digest originated from the server providing the content. | 10-04-2012 |
20120255028 | Providing Trusted Services Management Using a Hybrid Service Model - Methods, computer readable media, and apparatuses for providing trusted services management using a hybrid service model are presented. According to one or more aspects, a first transaction log of a first secure element included in a mobile computing device may be received. The first secure element may be provisioned with first secure information provided to a user of the computing device by a first entity, such as a first financial institution. Subsequently, a second transaction log of a second secure element included in the mobile computing device may be received. The second secure element may be provisioned with second secure information provided to the user of the computing device by a second entity different from the first entity, such as a second financial institution, for instance. In some arrangements, incentive offers may thereafter be provided to the user based on the first transaction log and the second transaction log. | 10-04-2012 |
20120255029 | SYSTEM AND METHOD FOR PREVENTING THE LEAKING OF DIGITAL CONTENT - There are disclosed a system and method for preventing the leaking of digital content. The system for preventing the leaking of digital content may include a digital content layer generation unit for generating a digital content layer displaying digital content, a security layer generation unit for generating a security layer including security information based on information about a user terminal, and an information display unit for displaying the security layer generated by the security layer generation unit and the digital content layer generated by the digital content layer generation unit in the display device of the user terminal in an overlapping form so that the security information looks like overlapping with the digital content. Accordingly, the illegal leaking of digital content through photographing or screen capture can be prevented. | 10-04-2012 |
20120255030 | SECRET SHARING APPARATUS, SHARING APPARATUS AND SECRET SHARING METHOD - A secret sharing apparatus generates, from secret data, a plurality of pieces of shared data from which the secret data is able to be restored. The secret data includes a plurality of pieces of divided data which does not include a random number. The secret sharing apparatus includes a shared data generating section which performs an XOR operation between the pieces of divided data and generates the plurality of pieces of shared data which includes the result of the XOR operation between the pieces of divided data. | 10-04-2012 |
20120260345 | TRUST VERIFICATION OF A COMPUTING PLATFORM USING A PERIPHERAL DEVICE - Verification of trustworthiness of a computing platform is provided. The trustworthiness of the computing platform is dynamically assessed to determine whether a root of trust exists on the computing platform. Responsive to determining existence of the root of trust, data is unsealed from a sealed storage facility. The sealed storage facility is unsealed responsive to a root of trust being determined to exist on the computing platform. The data can be used to attest to the trustworthiness of the computing platform to other device on a network. | 10-11-2012 |
20120260346 | INFORMATION SECURITY SYSTEMS AND METHODS - Systems and methods for governing derived electronic resources are provided. In one embodiment, a digital resource is associated with one or more rules and a set of one or more computations, wherein the rules correspond to one or more conditions for accessing the digital resource and the computations operate upon the digital resource in order to provide a specific view of the digital resource that differs from the digital resource. | 10-11-2012 |
20120260347 | Methods, Systems, and Devices for Securing Content - Methods, systems, and devices secure content in memory. The content includes a lock that prohibits reading the content from memory. Prior to expiration of the lock the content cannot be read from memory. At expiration, however, the content is readable. | 10-11-2012 |
20120266249 | Automatic Selection of Routines for Protection - An apparatus, computer readable medium, and method of protecting an application, the method including responding to receiving a level of security for the application by evaluating each of a plurality of routines of the application to generate an evaluation for each of the plurality of routines of the application; selecting a number of the plurality of routines to protect based on the evaluation for each of the plurality of routines and the received level of security; and protecting the selected number of the plurality of routines. | 10-18-2012 |
20120266250 | Selective Masking Of Identity-Indicating Information In Messages For An Online Community - A method and apparatus is described for protecting a user's identity by automatically replacing all identity-indicating information in messages with aliases. Users may input real name/alias pairs into a web form to be stored in a database. Any content that USER-A posts will appear unmodified to users to which USER-A has granted permission. When a user who has not been granted permission views USER-A's content, the user will see a modified version of the content. In this case, any and all instances of USER-A's stored real names in USER-A's content will be replaced with USER-A's corresponding aliases. | 10-18-2012 |
20120266251 | SYSTEMS AND METHODS FOR DISEASE MANAGEMENT - A computer-implemented diabetes management system is provided that supports enhanced security between a diabetes care manager in data communication with a medical device. The diabetes care manager includes: a first application that operates to request access to a first security role supported by the medical device, where the first security role is associated with a first set of commands for accessing data on the medical device that are defined as a private extension of the communication protocol; and a second application that operates to request access to a second security role supported by the medical device, where the second security role is associated with a second set of commands for accessing data on the medical device that are defined as a private extension of the communication protocol. The second set of commands has one or more commands that are mutually exclusive from the first set of commands. | 10-18-2012 |
20120266252 | HARDWARE-BASED ROOT OF TRUST FOR CLOUD ENVIRONMENTS - Apparatuses, computer readable media, methods, and systems are described for generating and communicating a create measured virtual machine (VM) request, the request comprising a network address of a boot server, initiating establishment of a secure tunnel with a measured VM, receiving a quote from the measured VM, and determining, by a processor, whether the measured VM is authentic based on the quote. | 10-18-2012 |
20120266253 | GROUPING COOPERATION SYSTEM, GROUPING COOPERATION METHOD, AND GROUPING PROCESSING FLOW MANAGEMENT PROGRAM - A grouping apparatus manages user information, and executes grouping processing for extracting a subset which matches a predetermined condition from a set of users. A flow control apparatus transmits a set of users to one of a plurality of grouping apparatuses, and transmits a condition used in grouping processing to each of the plurality of grouping apparatuses. One of the grouping apparatuses transmits, to another grouping apparatus, a first subset which is extracted by executing grouping processing on the set transmitted from the flow control apparatus. The other grouping apparatus extracts a second subset by executing grouping processing on the first subset transmitted from the one of the grouping apparatuses. | 10-18-2012 |
20120266254 | De-Identification of Data - The present invention relates to a method, computer program product and system for de-identifying data, wherein a de-identification protocol is selectively mapped to a business rule at runtime via an ETL tool. | 10-18-2012 |
20120266255 | Dynamic De-Identification of Data - The present invention relates to a method, computer program product and system for masking sensitive data and, more particularly, to dynamically de-identifying sensitive data from a data source for a target application, including enabling a user to selectively alter an initial de-identification protocol for the sensitive data elements via an interface. | 10-18-2012 |
20120266256 | DETERMINING WHETHER OBJECT IS GENUINE OR FAKE IN METAVERSE - A server computer is connected to a plurality of client computers through a network, and controls objects in a Metaverse accessed by the client computers. The server computer includes a storage unit for storing an object ID specifying an object accessible in the Metaverse by the plurality of client computers and authenticity information associated with the object ID. The authenticity information indicates that the object is genuine. The server computer also includes a communication unit for communicating with each of the client computers. The server computer also includes an enquiry unit for causing the communication unit to transmit the authenticity information corresponding to the object ID to at least one of the plurality of client computers upon receipt of an enquiry request to enquire about the object ID of the object from one of the plurality of client computers. | 10-18-2012 |
20120272323 | ORIGINATION VERIFICATION USING EXECUTION TRANSPARENT MARKER CONTEXT - The use of a marker in a file to assist in the signing and/or verification of the file. The marker is recognized by the signing authority. The marker has a certain execution transparent context that reduces or eliminates the impact of the marker on execution. A signing authority accesses the file, finds the marker within the file, and identifies the execution transparent context system. The signing authority then uses the execution transparent context system to insert a signature with the same execution transparent context. A verification system finds the marker, identifies the execution transparent context of the marker, identify the execution transparent signature, and uses the execution transparent context system to then extract the signature from the execution transparent signature. That signature may then be used to verify that the file has not changed since it was signed. | 10-25-2012 |
20120272324 | ELECTRONIC DEVICE AND COPYRIGHT PROTECTION METHOD OF AUDIO FILE THEREOF - A copyright protection method is applied to an electronic device. The method includes: obtaining digital data of an audio file via Video on Demand (VOD); determining whether or not the audio file is free to use; determining whether or not the accessing of the audio file is legal if the audio file is not free. Upon a condition that the audio file is free, or the accessing of the audio file is legal and not free, decoding the audio file into analog signals. Upon a condition that digital copyright information is not included in the audio file, inserting into the analog signals the digital copyright information; outputting the analog signals of the audio file along with digital copyright information of the audio file. Upon a condition that the audio file is not free and not legally permitted, indicating the accessing of the audio file is illegal. The electronic device is also provided. | 10-25-2012 |
20120272325 | DIGITAL CONTENT MANAGEMENT SYSTEM AND METHODS - Systems and methods for locating network sites using a target digital object in a networked environment are presented. In operation, a request to locate network sites using the target digital object is received. In response to the request, identification information corresponding to the target digital object is obtained. Content of a plurality of network sites on a network is also obtained. For each network site of the obtained plurality of network sites, a determination is made as to whether a digital object on the network site matches the target digital object according to the identification information corresponding to the target digital object. A report indicating the network sites that include a digital object that matches the target digital object is then generated and returned in response to the request. | 10-25-2012 |
20120272326 | TOKENIZATION SYSTEM - A tokenization unit that tokenizes a real name ID to a different tokenized ID according to a user's service usage situation, a service history analyzing unit that analyzes service history data, a tokenized ID checking unit that determines whether different tokenized IDs are the same in analyzing a plurality of items of service history data including the different tokenized IDs, and a tokenization change management unit that manages a service usage situation the same as that of tokenization by the tokenization unit. The service history analyzing unit performs: a predetermined service history analysis if a target is a service usage situation in which the same tokenized ID appears; and a predetermined service history analysis as different tokenized IDs are considered to be the same user by the tokenized ID checking unit if a target is a service usage situation in which a different tokenized ID appears. | 10-25-2012 |
20120272327 | WATERMARKING METHOD AND APPARATUS FOR TRACKING HACKED CONTENT AND METHOD AND APPARATUS FOR BLOCKING HACKING OF CONTENT USING THE SAME - Watermarking method and apparatus for tracking hacking and method and apparatus for blocking hacking of content are provided. The watermarking method includes: obtaining device information from a reception device, with which content is shared, through a determined network channel; generating watermark data based on the obtained device information; and generating watermarked multimedia content by inserting the generated watermark data into content. The method of blocking hacking of content includes: if hacked content is found, detecting watermark data from the hacked content; detecting transmission and reception device information from the detected watermark data; and extracting a progress route of the content based on the detected transmission and reception device information and performing revocation on a hacked device. | 10-25-2012 |
20120272328 | METHOD, SYSTEM AND APPARATUS FOR SECURE DATA EDITING - A system, method, and apparatus for secure data editing is disclosed. A data field receives focus to accept a data entry from a user. The user inputs a data entry into the data field via a user interface. A determination is made of whether a manual lock event, a change focus event, or a time out event has triggered based on the user's action or inaction with the user interface. Upon the triggering of a manual lock event, a change focus event, or a time out event, the data entry in the data field is obscured. The user interface may display a data entry with a validation character which provides a reference point within the data entry while the data entry is displayed and while the data entry is obscured. The system may allow a user to have a specified function set based on his user access level. | 10-25-2012 |
20120272329 | OBFUSCATING SENSITIVE DATA WHILE PRESERVING DATA USABILITY - An approach for obfuscating sensitive data while preserving data usability is presented. The in-scope data files of an application are identified. The in-scope data files include sensitive data that must be masked to preserve its confidentiality. Data definitions are collected. Primary sensitive data fields are identified. Data names for the primary sensitive data fields are normalized. The primary sensitive data fields are classified according to sensitivity. Appropriate masking methods are selected from a pre-defined set to be applied to each data element based on rules exercised on the data. The data being masked is profiled to detect invalid data. Masking software is developed and input considerations are applied. The selected masking method is executed and operational and functional validation is performed. | 10-25-2012 |
20120272330 | Anti-Phishing System and Method - Systems and methods for anti-phishing are disclosed. At a computing device: identifying, from a user input data stream, a first set of one or more characters, and a second set of one or more characters. The first set of characters represents a portion of first private information, and the second set of characters represents a portion of second private information. In accordance with a determination that the first set of characters and second set of characters are identified in accordance with a predefined sequential relationship, taking a protective action, prior to transmitting at least a subset of the characters of the first or second private information to a server remotely located from the computing device, to protect the first or second private information. In some implementations, the first private information includes a username, and the second private information includes a password corresponding to the username. | 10-25-2012 |
20120278897 | SYSTEM AND METHOD OF SORT-ORDER PRESERVING TOKENIZATION - An intercepting proxy server processes traffic between an enterprise user and a cloud application. The intercepting proxy server provides interception of real data elements in communications from the enterprise to the cloud and replacing them with obfuscating tokens. Tokens included in results returned from the cloud, are intercepted by the intercepting proxy server, and replaced with the corresponding real data elements. In order for the sort order of the tokens to correspond to the sort order of the corresponding real data elements, a sort order preserving data compression is performed on parts of the real data elements, and the compressed values concatenated with the obfuscated tokens, thus producing sortable tokens which, even though they are obfuscated, appear in the correct sort order in the cloud application. | 11-01-2012 |
20120284797 | DRM SERVICE PROVIDING METHOD, APPARATUS AND DRM SERVICE RECEIVING METHOD IN USER TERMINAL - Disclosed is a DRM Proxy Server Agent (DRM PSA), which converts a format of a DRM system into a format recognizable in a user terminal when the user terminal and a service provider do not use the same type of DRM system. The user terminal downloads the DRM PSA from the service provider and installs the DRM PSA in the user terminal. Through the download and installation of the DRM PSA, the user terminal can use various DRM systems provided by the service provider regardless of the type of DRM system installed in the user terminal. | 11-08-2012 |
20120284798 | CONFIDENTIAL COMMON SUBJECT IDENTIFICATION SYSTEM - A computerized method and apparatus are established to identify a subject of common interest among multiple parties without releasing the true identity of any subject. Furthermore, a computerized network provides different parties at different locations with a mechanism to conduct cooperative activities concerning such a subject of common interest without exposing that subject to possible identity theft. | 11-08-2012 |
20120284799 | VISUAL CRYPTOGRAPHY AND VOTING TECHNOLOGY - In some embodiments, techniques for voting and visual cryptography may include various enhancements. | 11-08-2012 |
20120284800 | Method and Apparatus for Synchronizing an Adaptable Security Level in an Electronic Communication - A method of communicating in a secure communication system, comprises the steps of assembling as message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient. | 11-08-2012 |
20120284801 | Online Privacy Management - A privacy management system (PMS) is disclosed for a Chief Privacy Officer (CPO) or other user to use in monitoring and/or controlling in realtime the flow of data (e.g., outflow) about the user and his/her online experience. The PMS may provide a dashboard displaying a whitelist and/or blacklist indicating what destinations/sources are blocked or allowed. The PMS includes browser-client scripting code and may also include a PMS-certified verification icon for display on webpages being monitored/controlled in realtime by the PMS. | 11-08-2012 |
20120291133 | SECURITY COMPLIANT DATA STORAGE MANAGEMENT - An embodiment of the invention is a program for dynamically managing files to comply with security requirements. In one embodiment, changing security requirements require that the computer system identifies the current storage locations of files along with the files' respective security levels. Files containing changed security levels due to the changed security requirements are relocated to storage locations clustered with storage locations containing files of the same security level. In another embodiment, the computer system receives a file having a certain security level, identifies current storage locations of files with the files' respective security levels, and finally allocates the new file to a storage location clustered with storage locations containing files of the same security level. | 11-15-2012 |
20120291134 | NAVIGATION SYSTEM - At the first data access by a navigation unit to a recording medium that records updating right information necessary for updating map data in a rewritable data area in which map data are recorded, the updating right information is read from the data area and is deleted from the data area, and a map updating due date created based on the read updating right information is written in a memory of the navigation unit together with the medium identification information read from a non-rewritable management area. | 11-15-2012 |
20120291135 | METHOD AND APPLICATION FOR A REACTIVE DEFENSE AGAINST ILLEGAL DISTRIBUTION OF MULTIMEDIA CONTENT IN FILE SHARING NETWORKS - A system for external monitoring of networked digital file sharing to track predetermined data content, the system comprising: at least one surveillance element for deployment over said network, said surveillance elements comprising: surveillance functionality for searching said digital file sharing and identification functionality associated with said search functionality for identification of said predetermined data content, therewith to determine whether a given file sharing system is distributing said predetermined data content. | 11-15-2012 |
20120291136 | PREVENTING TRANSFER AND DUPLICATION OF REDUNDANTLY REFERENCED OBJECTS ACROSS NODES OF AN APPLICATION SYSTEM - Unique identifiers referred to as “keys” are generated for objects stored on each node. When a container object including at least one embedded object is transferred from a sending node to a receiving node, the sending node sends the key uniquely identifying the embedded object to the receiving node to determine whether the embedded object is already stored on the receiving node. If the receiving node indicates that the embedded object is already stored at the receiving node, then the sending node determines that the embedded object does not need to be sent to the receiving node. In that case, if the embedded object has not been sent, the sending node does not send the embedded object. If the sending node has already started sending the embedded object, then the sending node terminates sending of the embedded object. | 11-15-2012 |
20120291137 | SYSTEM AND METHOD FOR SOCIAL NETWORK TRUST ASSESSMENT - A first user's trust level with regard to a second user can be determined by providing questions to the second user, with the questions based on a previously-collected knowledge base including information about the first user. The information about the first user may be partitioned into levels of trust, and the second user's responses to the questions may be evaluated to determine which level of trust the second user is entitled to. The knowledge base may be assembled by prompting the first user for information and/or by scanning or otherwise collecting already-existing data about the first user. The knowledge base and/or trust assessment may be distributed across a network, and in some embodiments the knowledge base or parts thereof is distributed to other users according to the trust level of those users. | 11-15-2012 |
20120297490 | MEDIA CONTENT DEVICE, SYSTEM AND METHOD - Media content is provided using metric-apportioning. In accordance with one or more embodiments, remote-user interface circuits are authenticated and remote access is provided to different sets of media content via the interface. For each authenticated interface and a time-based period during which the interface accesses the media content, time-stamped usage data that characterizes use of the media content at the interface is communicated therewith. A usage metric characterizing usage of the media content is apportioned based upon the time-stamped usage data and stored weighting factor data for the media content. | 11-22-2012 |
20120297491 | NETWORK SECURITY SMART LOAD BALANCING - A system and method for protecting data communications in a system including a toad-balancer connected to a cluster of security network components, e.g. firewall node. The load-balancer transfers one or more of the data streams respectively to the security components. The security network components transmit control information to the load-balancer and the control information includes an instruction regarding balancing load of the data streams between said components; The load-balancer balances load based on the control information. Preferably, network address translation (NAT) is performed by the load-balancer based on the control information or NAT is performed by the security network component and the control information includes information regarding an expected connection based on NAT. Preferably, when the data communications includes an encrypted session, an encrypted connection of the encrypted session is identified based on the control information and the balancing of the load maintains stickiness of said encrypted connection. | 11-22-2012 |
20120304302 | PREVENTING PASSWORD PRESENTATION BY A COMPUTER SYSTEM - A method, system or computer usable program product for preventing a password from being presented in a data entry field on a computer display including, responsive to user entry of a character set in the data entry field, comparing the character set to a securely stored password set for a potential match of the character set with leading characters of a password in the password set, responsive to detecting a match, inhibiting presentation of at least one character of the character set in the data entry field, and responsive to detecting a lack of a match, presenting the character set in the data entry field. | 11-29-2012 |
20120304303 | SECURITY MODEL FOR A LAYOUT ENGINE AND SCRIPTING ENGINE - Various embodiments provide an interface between a Web browser's layout engine and a scripting engine. The interface enables objects from the layout engine to be recognized by a memory manager in the scripting engine and interact in a streamlined, efficient manner. In accordance with one or more embodiments, the interface allows browser layout engine objects to be created as objects that are native to the scripting engine. Alternately or additionally, in some embodiments, the native objects are further configured to proxy functionality between the layout engine and the scripting engine. | 11-29-2012 |
20120311716 | SIMULTANEOUS MIXED PROTECTION MODES OVER A VIRTUALIZED HOST ADAPTER - A method for supporting simultaneous mixed protection modes for a write operation. The method includes receiving a write request that includes write data, and is received from one of a plurality of requestors. At least one of the requestors does not support data integrity protection. It is determined if data integrity protection is required for the write operation. It is additionally determined if the data integrity protection is supported by the requestor. Once the determination is made, the data integrity protection value is calculated if data integrity protection is required and is not supported by the requestor. The write data is encoded with the data integrity protection value prior to being written. If the requestor supports data integrity protection, then data integrity protection values are applied to the write data prior to writing the data to the external storage. | 12-06-2012 |
20120311717 | SYSTEM AND METHOD FOR SYSTEMATICALLY REMOVING CUSTOMER PERSONAL INFORMATION FROM AN ELECTRONIC DEVICE - A system and method for flashing one or more electronic devices. A flashing program executed by a server is accessed from a computing device. The one or more electronic devices are received for communication with the computing device. The one or more electronic devices are identified in response to receiving the one or more electronic devices. The one or more electronic devices are flashed to remove the customer private information through the computing device as instructed through the server. | 12-06-2012 |
20120311718 | SYSTEM AND METHOD FOR PERFORMING A SOFTWARE COMPARISON - A system and method for performing software verification for one or more electronic devices. A memory of an electronic device is scanned for electronic references. The electronic references of the electronic device are determined in response to the scanning. The electronic references of the electronic device are compared against standard electronic references to determine results. The electronic device is processed in response to the results. | 12-06-2012 |
20120317648 | SOFTWARE UTILIZATION PRIVILEGE BROKERING IN A NETWORKED COMPUTING ENVIRONMENT - Embodiments of the present invention provide a subscription service for documenting, verifying, administering, and auditing use of entitled software products in third-party networked computing environments (e.g., a cloud computing environment). Specifically, aspects of the invention provide an Entitlement Brokering System (EBS) (also referred to as an entitlement broker) that reduces the risk associated with clients improperly running licensed software products on their computing infrastructure, thus increasing the reliability and auditability of the software product's entitlement status and accelerating intake of new or existing clients through automation of the entitlement verification process. | 12-13-2012 |
20120317649 | SYSTEM AND METHOD FOR REMOTELY FLASHING A WIRELESS DEVICE - A system and method for flashing an electronic device. An electronic device is received for remote flashing. The electronic device is in direct communication with a remote device. The identifying information is received for the electronic device. User instructions associated with the electronic device are displayed for flashing the electronic device. The electronic device is flashed in response to the identifying information. | 12-13-2012 |
20120317650 | SYSTEM AND METHODS FOR FACILITATING SECURE COMMUNICATIONS ON A WEBSITE - A system and methods for facilitating secure communications on a website are presented. The system comprising a security server configured to receive a secure message from a creator device is disclosed. The security server encodes the received message and sends the encoded message or a representation of the encoded message for posting on the website so that one or more users of the website have the ability to request that the security server make the message available after the encoded message has been decoded. | 12-13-2012 |
20120324583 | System and Method for Processing and Protecting Content - Systems and methods that process and protect content are provided. In one example, a system may include, for example, a first device coupled to a second device. The first device may include, for example, an integrated circuit that may include a content processing system and a security system. The security system may include, for example, a digital rights manager. The first device and the second device may be part of a network. The network receives content and control information via the first device. The content processing system processes incoming content based upon at least the control information. The integrated circuit protects the content before placing the content on the network. | 12-20-2012 |
20120324584 | SYSTEM AND METHOD FOR MANAGING AND/OR RENDERING INTERNET MULTIMEDIA CONTENT IN A NETWORK - A system and a method render internet multimedia content in a network using an application to render the internet multimedia content and/or locally stored multimedia content on one or more rendering devices in the network. The application may provide web browser functions, such as, for example, receiving, processing, decoding and/or rendering the internet multimedia content. The application may have an enhanced user interface which may enable a user to select the internet multimedia content and a rendering device in the network, send the internet multimedia content to the rendering device and/or control rendering of the internet multimedia content on the rendering device. | 12-20-2012 |
20120324585 | Methods, Devices and Computer Program Products for Regulating Network Activity Using a Subscriber Scoring System - Network activity in a network is regulated. Network activity scores that correspond to network usage patterns for respective network users are calculated. A network user is assigned into one of multiple risk classes responsive to a respective one of the network activity scores. A subsequent action is selected responsive to which of the risk classes the network user is assigned. | 12-20-2012 |
20120324586 | SYSTEM AND METHOD FOR CONTROLLING UTILIZATION OF CONTENT - Apparatus, method, and media for controlling utilization of content. An exemplary method comprises associating one or more usage rights with content, wherein the usage rights are based at least in part on a usage rights grammar, and wherein each of the usage rights corresponds to a permitted utilization of the content and one or more conditions which must be satisfied in order for the respective usage right to be exercised, receiving from an external computing device external, a request to access the content, the request corresponding to a utilization of the content, determining whether the requested utilization corresponds to at least one of the usage rights associated with the content, and transmitting to an external a computing device, at least one of the usage rights based at least in part on a determination that the requested utilization corresponds to at least one of the usage rights. | 12-20-2012 |
20120324587 | SYSTEM AND METHOD FOR PERMITTING USE OF CONTENT USING TRANSFER RIGHTS - Apparatus, method, and media for permitting use of content. An exemplary method comprises associating a transfer right with content, the transfer right specifying that the content is permitted to be transferred from a first computing device to a second computing device, transferring the content from the first computing device to the second computing device in accordance with the transfer right, updating information associated with the transfer right based on the transfer of the content from the first computing device to the second computing device, and associating a usage right with the content, the usage right corresponding to a utilization of the content, wherein the first computing device includes at least a server mode of operation, and wherein the second computing device includes both a requester mode of operation and a server mode of operation. | 12-20-2012 |
20120331557 | Global identity protector E-commerce payment code certified processing system - An identity theft protection system and method which employs several security features to prevent identity theft on all levels. The protection system database employs a member's address and telephone number as a numeric identity protector, security code and lock for Social Security numbers. Preventing the issuing of identity theft credit cards, and e-commerce address billing payment code numbers, and e-commerce telephone number billing payment code numbers. The locking address also prevents account hijacking, preventing checks from being mailed to identity thieves. The system employs a computer generated photo copy of the member's ID or drivers license, to prevent fraud on all big ticket items, and preventing identity theft bank fraud on checking accounts and medical records providing photo match and verify, identity theft prevention verification. The system protects its members against stolen and counterfeit checks. The G.I.P. computer database will ID the owner of the checking account at the cash register. The ID can also prevent cyber identity theft, also known as account hijacking. | 12-27-2012 |
20120331558 | Methods, Systems, & Products for Managing Digital Content - A dynamic repository (either storing digital data content or pointers to stored digital data content) works in conjunction with a plurality of interfaces to manage digital content and digital rights policies associated with one or more users. Digital rights policies are unique to each user and such policies define access to digital content in the repository. The user's digital rights policy indicates the level of access a user has to digital content in the repository (e.g., the policy could indicate that the user has authorized access to a particular file for a period of seven days). The interfaces linked with the content repository are used to access and manipulate the digital data content (based upon each user's digital rights policy) and the digital rights policies stored in the content repository. The interfaces include: (a) one or more authentication interfaces for authenticating users, (b) one or more digital rights management (DRM) interfaces allowing users to add, delete, or edit the digital rights policies, (c) one or more data access interfaces allowing users to selectively access digital data content as defined by their individual digital rights policy, (d) one or more browsing interfaces allowing users to selectively browse said digital data content, or a (e) one or more content manipulation interfaces allowing said users to add, delete, or edit said digital data content. | 12-27-2012 |
20120331559 | RESOURCE MANAGEMENT SYSTEM AND CORRESPONDING METHOD - The invention provides a secure and efficient resource management system and a corresponding method for managing resources of a product that is put on the market by a licensor via a distribution chain. In particular, the number of keys needed for managing said resources can be reduced. At the time that the product is released to the market the exact licensing conditions of the product need not be known yet. The licensing conditions and the associated configuration of resources of the product are managed via a second key which is provided to a licensee. The licensee, however, has no knowledge of the first key and the derivation function which generates said second key based on the first key. Therefore, it is ensured that the licensee cannot claim more resources of the product than the licensor allows. | 12-27-2012 |
20120331560 | Microcontroller with Secure Feature for Multiple Party Code Development - Multiple secure environments are established within a system on a chip (SoC) by defining a first secure region within a non-volatile memory in the SoC with a first set of parameters written into a predefined parameter region of the non-volatile memory. A second secure region within the non-volatile memory may be defined at a later time by a second set of parameters written into another predefined parameter region of the non-volatile memory. A security module is initialized each time the SoC is powered on by transferring the first set of parameters and the second set of parameters from the parameter region to the security module in a manner that does not expose the first set of parameters or the second set of parameters to a program being executed by the processor. The multiple secure regions of the SoC are enforced by the security module according to the parameter data. | 12-27-2012 |
20120331561 | Method of and Systems for Privacy Preserving Mobile Demographic Measurement of Individuals, Groups and Locations Over Time and Space - Disclosed are techniques for privacy preserving mobile demographic measurement of individuals, groups, and locations over time and space. A method of estimating demographic information associated with a user of a mobile device and/or a location while preserving the privacy of the user based at least in part on a location estimate of the mobile device of the user includes receiving an estimated geographical location of the mobile device of the user and receiving a time at which the mobile device was at the estimated geographical location. The method includes assigning substitute identifiers for the geographical location and the time at which the mobile device was at the estimated geographical location. The method includes associating the geographical areas substitute identifiers with demographic information and estimating demographic information associated with the user of the mobile device based on the substitute identifiers and based on the demographic information associated with substitute identifiers. | 12-27-2012 |
20120331562 | METHOD, APPARATUS AND COMPUTER PROGRAM FOR SUPPORTING DETERMINATION ON DEGREE OF CONFIDENTIALITY OF DOCUMENT - Determining confidentiality of an office document shared by multiple organizations. Each block of a document data set is stored in association with confidentiality information indicating whether the block is confidential. The document data set is dividable into blocks each being a unit including properties evaluated as having a certain characteristic. A document data set targeted for the confidentiality determination is acquired, and it is determined whether a document data set, including a block similar to each block of the acquired document data set, is stored. If the document data set including the similar block is stored, it is determined whether the confidentiality information indicating that the block is confidential is assigned to the block of the acquired document data corresponding to the similar block. If the confidentiality information indicating that the block is confidential is assigned, the acquired document data set is determined as confidential. | 12-27-2012 |
20130007888 | SYSTEM AND METHOD FOR PRIVATE INFORMATION COMMUNICATION FROM A BROWSER TO A DRIVER - Systems and methods for communicating private information from a browser to a driver are presented. The private information communication method can comprise: performing a private information communication process in which private information is communicated through a private information communication plug-in of a browser to a driver; and performing a driver process based upon the private communication information communicated in the private information communication process. The private information communication process can comprise determining private information content; communicating the private information to the private information communication plug-in coupled to a private communication channel; calling a graphics driver from the private information communication plug-in using the private communication channel; and forwarding the private information from the private information communication plug to the driver via the private communication channel. The driver process can comprise: determining if there is an association between normal information and the private information, and processing the normal information in accordance with associated private. The private information can be associated with stereoscopic | 01-03-2013 |
20130007889 | TRUSTED COMPUTING SOURCE CODE ESCROW AND OPTIMIZATION - A software installation package includes encrypted source code. An installer receives an encryption key for decrypting the encrypted source code. The installer further causes the establishment of a temporary virtual machine. The encrypted source code is decrypted, using the encryption key, on the temporary virtual machine. A compiler executing on the temporary virtual machine compiles the source code into an application. The application is transferred from the temporary virtual machine to an operating environment. The temporary virtual machine is then destroyed, thereby also destroying any decrypted copies of the source code. | 01-03-2013 |
20130007890 | METHOD AND SYSTEM FOR DETECTING VIOLATION OF INTELLECTUAL PROPERTY RIGHTS OF A DIGITAL FILE - A computer-based method and system for detecting violation of intellectual property rights of a digital file, comprising, in a distribution channel, digitally sending or streaming the file from a sending party to a receiving party, adding a watermark to the digital file at the sending party prior to sending or streaming the file, wherein the watermark comprises an identifier of the sending and receiving party(s), as well as a unique file ID. In one embodiment, the party is informed about user and/or customer behavior, and can take precautions. | 01-03-2013 |
20130014266 | Collaboration privacy - Generally described, the present disclosure relates to conferences. More specifically, this disclosure relates to collaboration privacy. In one illustrative embodiment, a system is described for conference and other collaborations in which trusted and untrusted parties are present. To retain information privacy within the collaboration, the system determines a context for the conference. From the context, information privacy related groupings can be identified. The system can then determine information privacy measures for those privacy related groupings. The information privacy measures for the groupings can be actuated for the parties within the conference. These measures can include, but are not limited to, visual or audio announcements to trusted parties within the conference. Other information privacy measures can include privacy enabled features such as sidebar conferences between the trusted parties. | 01-10-2013 |
20130014267 | COMPUTER PROTOCOL GENERATION AND OBFUSCATION - In the field of computer science, communications protocols (such as computer network protocols) are hardened (secured) against reverse engineering attacks by hackers using a software tool which is applied to a high level definition of the protocol. The tool converts the definition to executable form, such as computer source code, and also applies reverse-engineering countermeasures to the protocol definition as now expressed in source code, to prevent hackers from recovering useful details of the protocol. This conversion process also allows preservation of backwards version compatibility of the protocol definition. | 01-10-2013 |
20130014268 | STORAGE DEVICE AND STORAGE METHOD - According to one embodiment, a storage device includes a connector configured to be connected to an equipment; a wireless communication unit configured to transmit and receive data through wireless communication; an identification unit configured to identify the equipment connected to the connector; a storage unit configured to include, for each identified equipment, a restricted area accessible only by the identified equipment; and a controller configured to control the storage unit such that the data, which is received by the wireless communication unit when the equipment is connected to the connector, is written in the restricted area for the connected equipment. | 01-10-2013 |
20130014269 | NONVOLATILE MEMORY DEVICE AND MEMORY SYSTEM INCLUDING THE SAME - A nonvolatile memory device includes a memory cell array configured to store an authentication key and authentication key configuration information in first and second pluralities of nonvolatile memory cells, along with data whose security is to be protected, and a control circuit controlling an operation of the memory cell array. | 01-10-2013 |
20130014270 | METHOD OF COMPARING PRIVATE DATA WITHOUT REVEALING THE DATA - Disclosed in this specification is a method and program storage device for comparing two sets of private data without revealing those private data. If the comparison deems the two data sets sufficiently similar, helper data may be provided to permit reconstruction of one of the private data sets without transmission of that private data set. | 01-10-2013 |
20130014271 | Data protection method and device - An apparatus and method for encoding and decoding additional information into a digital information in an integral manner. More particularly, the invention relates to a method and device for data protection. | 01-10-2013 |
20130014272 | SYSTEM AND METHOD OF PROVIDING INFORMATION ACCESS ON A PORTABLE DEVICE - A system and method of providing information stored in a memory is provided. The system comprises an information repository for storing information and an access module for providing access to the information in response to a predetermined operation performed on a man-machine interface. The method includes the steps of storing information in a memory and providing access to the information in dependence upon at least one predetermined operation. | 01-10-2013 |
20130014273 | VALIDATION OF PROTECTED INTRA-SYSTEM INTERCONNECTS FOR DIGITAL RIGHTS MANAGEMENT IN ELECTRICAL COMPUTERS AND DIGITAL DATA PROCESSING SYSTEMS - Embodiments for validating protected data paths for digital rights management of digital objects are disclosed. Some embodiments disclosed herein may comprise processes or apparatus for transferring data from one or more peripherals to one or more computers or digital data processing systems for the latter to process, store, and/or further transfer and/or for transferring data from the computers or digital data processing systems to the peripherals. Some embodiments disclosed herein may comprise processes or apparatus for interconnecting or communicating between two or more components connected to an interconnection medium a within a single computer or digital data processing system. | 01-10-2013 |
20130014274 | System and Method for Encapsulating and Enabling Protection Through Diverse Variations in Software Libraries - A flexible software library in which the software modules are defined as an abstract intermediate representation. The flexible library allows security transformation and performance attribute selections to be made by the end-user, rather than the library creator. Furthermore, since the flexible library contains an abstract representation of the software modules, the library can also be provisioned to contain an arbitrary number of named instances, representing specific sets of values for security and performance decisions, along with the corresponding native object-code resulting from those decisions. This permits distribution of software modules in a completely platform-independent manner while avoiding the disclosure of proprietary information, such as source-files. | 01-10-2013 |
20130014275 | Method For Linking and Loading to Protect Applications - A linker or loader, and associated method, is described, whereby the application of security transformations to object-code modules can be deferred until link or load-time, through, for example, memory relocation, selection from diverse instances of a module, and late-binding of constants. This provides several benefits over conventional source-to-source security transformations. These deferred security transformations can be applied in a very light-weight manner and create many opportunities for diversity in the resulting executable program, enhancing security, while at the same time minimizing the impact on execution performance and correctness, and reducing the complexity of debugging. | 01-10-2013 |
20130019316 | Mini Appliance Ensuring Software License ComplianceAANM Kacin; MartinAACI Palo AltoAAST CAAACO USAAGP Kacin; Martin Palo Alto CA USAANM Kloba; David DouglasAACI SunnyvaleAAST CAAACO USAAGP Kloba; David Douglas Sunnyvale CA US - In one embodiment, a method comprises: collecting software information from one or more network devices; and analyzing the software information to ensure software license compliance for the one or more network devices. | 01-17-2013 |
20130019317 | SECURE ROUTING BASED ON DEGREE OF TRUST - A system, method, and apparatus for secure routing based on a degree of trust are disclosed herein. The disclosed method involves assigning a level of trust to at least one network node, and utilizing the level of trust to determine a degree of security of the network node(s). The level of trust of the network node(s) is related to an amount of certainty of the physical location of the network node(s). The amount of certainty is attained from the network node(s) being located in a known secure location, and/or from verification of the physical location of the network node(s) by using satellite geolocation techniques or by using network ping ranging measurements. The method further involves utilizing the level of trust of the network node(s) to determine a degree of trust of at least one path for routing the data, where the path(s) includes at least one of the network nodes. | 01-17-2013 |
20130024943 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR SECURING DATA ON A SERVER BASED ON A HEURISTIC ANALYSIS - A system, method, and computer program product are provided for securing data on a server based on a heuristic analysis. In use, information associated with attempts to access data on a server is recorded. Additionally, the information is heuristically analyzed. Further, the data is secured on the server based on the heuristic analysis. | 01-24-2013 |
20130031636 | SECURE GAME SCRAMBLER - A computer-implemented method is disclosed for providing content protection to a data file displayed on a webpage. The method includes scrambling, by a scrambling module, data in the data file to produce a scrambled data file. The scrambled data file is stored in a storage module. A computing device embeds a wrapper file associated with the scrambled data file into the webpage that, upon loading, retrieves the scrambled data file from the storage module and descrambles data in the scrambled data file. | 01-31-2013 |
20130031637 | SYSTEM AND METHOD FOR AUTOMATED PROCESSING AND PUBLICATION OF CONTENT - The disclosed embodiments relate to a method, an apparatus, and computer-readable medium storing computer-readable instructions for managing publications. | 01-31-2013 |
20130036473 | SYSTEM AND METHOD FOR BRANCH FUNCTION BASED OBFUSCATION - Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating branches in computer code. A compiler or a post-compilation tool can obfuscate branches by receiving source code, and compiling the source code to yield computer-executable code. The compiler identifies branches in the computer-executable code, and determines a return address and a destination value for each branch. Then, based on the return address and the destination value for each branch, the compiler constructs a binary tree with nodes and leaf nodes, each node storing a balanced value, and each leaf node storing a destination value. The non-leaf nodes are arranged such that searching the binary tree by return address leads to a corresponding destination value. Then the compiler inserts the binary tree in the computer-executable code and replaces each branch with instructions in the computer-executable code for performing a branching operation based on the binary tree. | 02-07-2013 |
20130036474 | Method and Apparatus for Secure Data Representation Allowing Efficient Collection, Search and Retrieval - A system and method for secure representation of data is presented. The method comprises setting a number of components, dividing original data into the set number of components using a function, storing the set number of components of divided data, determining a number of retrieved components, and using the function to retrieve the data from the retrieved components and to determine retrieved data. In one aspect, the function is XOR. In one aspect, when the number of retrieved components is less than the set number of components, the retrieved data is redacted data, and when the number of retrieved components is equal to the set number of components, the retrieved data is the original data. | 02-07-2013 |
20130042325 | PROCEDURE FOR THE PREPARATION AND PERFORMING OF A POST ISSUANCE PROCESS ON A SECURE ELEMENT - The invention relates to a method for enabling post issuance operation on a secure element connectable to a communication device. The method allows an SE controlling party to perform remotely operations such as creation of new security domains for an external party, loading, and installation of applications of an external party and management functions including personalization and activation of applications loaded on the SE for an external party. The method includes the steps of:
| 02-14-2013 |
20130047258 | Security Model for a Layout Engine and Scripting Engine - Various embodiments provide an interface between a Web browser's layout engine and a scripting engine. The interface enables objects from the layout engine to be recognized by a memory manager in the scripting engine and interact in a streamlined, efficient manner. In accordance with one or more embodiments, the interface allows browser layout engine objects to be created as objects that are native to the scripting engine. Alternately or additionally, in some embodiments, the native objects are further configured to proxy functionality between the layout engine and the scripting engine. | 02-21-2013 |
20130055405 | METHOD AND SYSTEM FOR MOBILE INFORMATION SECURITY PROTECTION - A method and system for mobile information security protection are disclosed. According to an embodiment, the method comprises extracting, by a first processor, identification information corresponding to a plurality of applications installed on a mobile device, sending the extracted identification information to a server, matching, by a second processor, the identification information to information stored in a database storage, receiving matched information from the database storage as a result of matching the identification information, sending the matched information to the mobile device, and presenting the matched information to a user of the mobile device. | 02-28-2013 |
20130055406 | TECHNIQUES FOR THIRD-PARTY CONTENT DELIVERY VIA A UNIQUE MOBILE APPLICATION ADDRESS - Techniques for third-party content delivery via a unique mobile application address are presented. A mobile application on a mobile device of a consumer generates or is assigned a unique address. The consumer uses the mobile application to communicate with an enterprise over a network. The enterprise delegates delivery of content to the mobile application to a third-party service and provides the unique address. The third-party service directly sends the content over the network to the mobile application of the mobile device on behalf of the enterprise. | 02-28-2013 |
20130055407 | ELECTRONIC DEVICE AND METHOD OF TRANSMITTING CONTENT ITEM - According to one embodiment, an electronic device includes a content transmitter. The content transmitter is configured to output a content item including first data and second data to one transmission path, by applying a first copyright protection system to copyright protection of the first data and applying a second copyright protection system to copyright protection of the second data. The first copyright protection system involves encryption of data to be copyright-protected. The second copyright protection system involves no encryption of data to be copyright-protected. | 02-28-2013 |
20130061329 | Method Of Decrypting An Electronic Document For The Safety Management Of The Electronic Document - A method of encrypting/decrypting the document and a safety management storage device and system method of its safety management, using for the safety management of electronic documents, the said system comprising a PC or mainframe installed with common reading software and a storage device of safety management connected to the said PC/mainframe through hot-plug; when connected to the mainframe, the said storage device is enumerated as a USB CDROM device at least. The user owns the said storage device can encrypt the electronic documents by using the encryption keys to generate an encrypted document with the same file type, also can open the encrypted document by using common reading software, and then use the document according to the predetermined operation authority. | 03-07-2013 |
20130067585 | SEPARATE SCRIPT CONTEXT TO ISOLATE MALICIOUS SCRIPT - Various embodiments provide an ability to isolate execution of trusted content and/or script from execution of untrusted content and/or script. Separate contexts and/or execution environments can be used for the trusted content and untrusted content, respectively. A trusted context and/or execution environment associated with execution of trusted content can be configured to enable access to sensitive resources associated with a computing device. An untrusted context and/or execution environment associated with execution of untrusted content can be configured with limited and/or no access to the sensitive resources. Alternately or additionally, data generated within the untrusted context can be transferred to the trusted context in a benign manner. | 03-14-2013 |
20130067586 | Anti-counterfeit System using product authentication and rewards points - A authentication system to avoid the consumption of counterfeit products comprising a method using the World Wide Web to verify each individual merchandise using a unique identification number and verifying the unique number against a database online. Further the authentication system comprises a loyalty program in order to encourage customers to use and to denounce counterfeit product sellers. | 03-14-2013 |
20130067587 | PROTECTING ARCHIVE STRUCTURE WITH DIRECTORY VERIFIERS - An archive of an object set may include various security features that enable a detection of alterations of the contents of the objects. However, the security measures of an archive may fail to detect an inadvertent or intentional alteration of the structure of the object set, including the addition of new objects, changes to the metadata (e.g., the name, position within the object set, and location and size within the archive) of respective objects of the object set, and the deletion of directory entries for the objects. Therefore, an archive may be generated with verifiers (e.g., hashcodes) calculated not only for the contents of objects, but for the directory of the archive, and may be included in the signature of the archive. This verification may extend the detecting of alteration of the archive to include the structure of the archive as well as the contents of the objects contained therein. | 03-14-2013 |
20130067588 | Method for Enhancing Privacy of Internet Browser Users - A method for enhancing the privacy of individuals who may be tracked while visiting different sites on the Internet using conventional browsers is disclosed. The method is based on randomizing the information collected in cookies that are used for tracking by different websites. | 03-14-2013 |
20130067589 | DYNAMIC COMMUNITY GENERATOR - Embodiments of the invention are directed to systems, methods, and computer program products configured to determine communities within an organization dynamically based on the distribution of entitlements within the organization. | 03-14-2013 |
20130074189 | SOFTWARE LICENSE RECONCILIATION WITHIN A CLOUD COMPUTING INFRASTRUCTURE - A method, system, and computer program product for managing software program installations in a cloud computing environment. An example method includes calculating, by a computer processor, a maximum number of software licenses that could be required according to a software license rule from a software license agreement to run a set of software program instances on a set of servers configured as a computing cloud. Each software program instance is an installation of the software program on a different logical partition, and at least two of the servers from the set of servers are capable of requiring a different number of software licenses according to the software license rule. The method also includes determining if the maximum number of software licenses exceeds an allowed number of software licenses granted in the software license agreement. | 03-21-2013 |
20130074190 | APPARATUS AND METHOD FOR PROVIDING SECURITY FUNCTIONS IN COMPUTING SYSTEM - An apparatus for providing security functions in a computing system includes: at least one normal service domain executing service; a secure service domain performing integrity verification on a service execution environment of at least one normal service domain, and performing the security service function for the service in accordance with the result of the integrity verification; and a virtual machine monitor separating service execution environments of at least one normal service domain and the secure service domain, respectively, based on the same hardware device. According to the present invention, it is possible to enhance the security for execution environments of the computing system and the data stored in the system, by allowing the corresponding services, which need security service functions in the normal service domain, to be executed necessarily only when integrity verification of the execution environment succeeds by linking the secure service domain. | 03-21-2013 |
20130074191 | METHOD FOR CONTROLLING CONTENT UPLOADED TO A PUBLIC CONTENT SITE - A method allowing members of an organization to share content on a public content site without violating the organization's security policy. Instead of sharing an original content at a public content site in violation of the security policy, the originator shares a shared content which is included in a document provided at the public content site. The receiver's client transforms the document received from the public content site and replaces the shared content with a representation of the original content. | 03-21-2013 |
20130074192 | DATA SECURITY IN A MULTI-NODAL ENVIRONMENT - A data security manager in a multi-nodal environment enforces processing constraints stored as security relationships that control how different pieces of a multi-nodal application (called execution units) are allowed to execute to insure data security. The security manager preferably checks the security relationships for security violations when new execution units start execution, when data moves to or from an execution unit, and when an execution unit requests external services. Where the security manager determines there is a security violation based on the security relationships, the security manager may move, delay or kill an execution unit to maintain data security. | 03-21-2013 |
20130081143 | INFORMATION STORING DEVICE, INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING METHOD, AND PROGRAM - An information storing device includes a storage section configured to store revocation information that is a list of an identifier of an unauthorized device, and a data processor configured to execute determination processing of unauthorized equipment in accordance with the revocation information. The data processor extracts version information enabling identification of the issue order of the revocation information from the revocation information and transmits the extracted version information to a communication counterpart device. If the data processor receives the revocation information of a new version of the issue order held by the communication counterpart device from the communication counterpart device, the data processor executes revocation information synchronization processing of substituting the received revocation information of the new version for the revocation information of an old version stored in the storage section to store the revocation information of the new version. | 03-28-2013 |
20130086691 | SECURE ISLAND COMPUTING SYSTEM AND METHOD - A method for generating an n-bit result includes a secured containment device (SCD) receiving a request to generate the n-bit result. The request includes an n-bit generator input and a master secret identifier. The request is sent from an application executing on a host system using an input/output (I/O) interface. The SCD disables all I/O interfaces on the SCD between the host system and the SCD. After disabling all the I/O interfaces on the SCD between the host system and the SCD, the SCD provides the n-bit generator input and the master secret identifier to a secured hardware token over a second I/O interface, receives the n-bit result from the secured hardware token over the second I/O interface, enables at least the first I/O interface after the n-bit result is generated, and provides, after enabling the first I/O interface, the n-bit result to the application using the first I/O interface. | 04-04-2013 |
20130086692 | Method of Removing Metadata From Email Attachments - A method and system for removing metadata from email attachments sent from mobile devices includes receiving an email with an attached document. The attached document has metadata removed to create a cleansed version of the attached document. The attached document is replaced by the cleansed version of the attached document, and the email is sent according to the address or addresses included in the email. | 04-04-2013 |
20130091580 | Detect and Prevent Illegal Consumption of Content on the Internet - Disclosed are systems and methods for preventing (or at least deterring) a user from inadvertently or directly consuming illegal content on the Internet. For example, determine when a user might visit a site distributing illegal content (i.e., material in violation of a copyright or otherwise inappropriately distributed) and presenting a warning to the user prior to navigating to the identified inappropriate distribution site. Optionally, alternative distribution sites (i.e., an authorized distribution site) for the same or similar material can be presented to the user. For example, a user might be likely to visit an inappropriate distribution site when sent a message containing a link or when search results from a search engine query identify a plurality of distributors for a requested movie, song, book, etc. By informing a user of illegal sources and possible alternatives, a user can obtain the desired electronic distribution without violating an author's intellectual property rights. | 04-11-2013 |
20130091581 | Methods and Systems for Establishing and Maintaining Verified Anonymity in Online Environments - In online communities and e-commerce sites that desire identity verification of individuals, a verified user is restricted to a single user identity, typically the user's real name. The use of one's real name in the context of online transactions and communication, however, is often not ideal, and in some instances, may present a safety risk for the individual. Further, specific transactions may require privacy. This invention provides methods and systems that allow an online user to establish and maintain verified anonymity. To accomplish this, a user's real identity is first verified, after which s/he establishes one or more pseudonyms each associated with the user's account, which the user may select to for use in the online environment, for example, an online social network. | 04-11-2013 |
20130091582 | CONTENT SECURITY IN A SOCIAL NETWORK - Members of a social network (SNET) circle can share content with other members of SNET circle, members of the same SNET that are not members of the same circle, or send content to people or devices outside of SNET. Different levels of content security can be applied to the shared content, depending on who requests the content, the destination of the content, user preferences, content type, SNET, SNET circle, or other security parameters. Content can be tagged to limit the number of times it can be accessed, the length of time access is allowed, and to otherwise control redistribution. Content can also be protected by limiting host network access to the content, implementing SNET circle firewalls and virtual private networks, or transcoding content before allowing transmission to non-SNET circle or SNET members. Docking of devices into an SNET security circle can be restricted to properly secured devices. | 04-11-2013 |
20130091583 | METHOD AND DEVICE FOR SECURED ENTRY OF PERSONAL DATA - A method for secured entry of personal data is disclosed. This method comprises for each item of personal data a first step of presentation of a virtual keyboard comprising keys and a first cursor, followed by a step of selection of a key corresponding to the item of personal data wherein the virtual keyboard also comprises at least one dummy cursor and wherein the position on the virtual keyboard of the at least one dummy cursor depends on the position of the first cursor. A device for secured entry of personal data configured to implement the method is further disclosed. | 04-11-2013 |
20130097712 | SOFTWARE LICENSE INCOMPATIBILITY DETERMINATION - A non-transitory storage device stores instructions that, when executed by a hardware processor, causes the hardware processor to receive from an input device. The input identifies software licenses for software components to be included in an application. The instructions also cause the hardware processor to receive usage information identifying how the application is to be used and to determine whether an incompatibility exists between any of the software licenses for the software components and the usage information. Based on a determination of the existence of an incompatibility, the instructions cause the hardware processor to display a recommendation as to how to avoid the incompatibility. | 04-18-2013 |
20130097713 | GENERATION OF A HUMAN READABLE OUTPUT MESSAGE IN A FORMAT THAT IS UNREADABLE BY A COMPUTER-BASED DEVICE - This disclosure relates to a system and related operating methods for generating a message intended for display at a computer-implemented client device. The method receives, from the client device, a request to perform an operation. In response to receiving the request, the operation is executed at a computer-implemented server device to obtain a result. An alphanumeric message associated with the result is obtained, and an image is generated. The image contains a visually obfuscated representation of the alphanumeric message, wherein the visually obfuscated representation of the alphanumeric message is human readable and resistant to computer-based reading techniques. The method continues by providing the image for rendering at a display element of the client device. | 04-18-2013 |
20130097714 | APPARATUS AND METHOD FOR PROTECTING PRIVATE INFORMATION - An apparatus and method for protecting private information displayed in protective content while displaying content on an external device, the apparatus including an external device for transmitting display information displayed content to a wireless terminal and temporarily freezing a screen of the external device, and the wireless terminal for displaying the same displayed content based on the display information of the content received from the external device, and transmitting processing-completed data and display information of subsequent content to the external device when protective content processing is completed. | 04-18-2013 |
20130097715 | CONTENT DELIVERY SYSTEM AND METHOD OF DELIVERING - A content delivery system ( | 04-18-2013 |
20130104238 | METHOD AND APPARATUS FOR VERIFYING PROOF OF PRESENCE - An approach is provided for facilitating a verification of proof of presence of a user device that can be unspoofable and/or encrypted. A tag verification platform processes information associated with one or more memory tags, one or more vendors, one or more service providers and one or more user device, or a combination thereof related to a verification of proof of presence wherein the verification can be utilized by one or more vendors and/or service providers to provide one or more products and/or one or more services to one or more users. | 04-25-2013 |
20130104239 | SYSTEM AND METHOD FOR OBFUSCATING DATA USING INSTRUCTIONS AS A SOURCE OF PSEUDORANDOM VALUES - Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating data using instructions as a source of pseudorandom values. Obfuscation is performed by receiving instructions and data and compiling the instructions and the data into an executable file having a text section and a data section. The text section can include instructions and the data section can include data segments. The system obfuscates the data section iteratively by generating a hash of an address for a respective data segment, and based on the hash, identifying a corresponding address in the text section that includes at least one instruction. The system retrieves a mask key from the corresponding address and applies the mask key to the respective data segment, yielding a masked data segment. In one embodiment, integrity verification of obfuscated data is performed without exposing the data in an unprotected state by utilizing multiple mask keys. | 04-25-2013 |
20130104240 | CENTRALIZED ADMINISTRATION-BASED LICENSING SYSTEM - Methods and systems for providing a centralized management system with an integrated license server and pluggable license features are provided. More particularly, the administration of application instances or other assets through the centralized management system results in the initiation of a license validation process by the central management system in cooperation with a license server. The system management application providing centralized asset management and the license server performing license validation are co-resident on a central management server. The availability of assets requiring a license is implemented through asset administration data maintained by the central management server, to indicate the existence of a required license, where the license server indicates that the required license is available. Access to an asset is denied where the license server indicates the absence of a required license to the system management server. | 04-25-2013 |
20130104241 | Devices for Controlling Rendering Protected Content and Related Methods - Devices for providing flexible control of rendering of protected media comprising first and second content objects are provided. An instruction database combines with traditional use of digital rights objects for determining, at rights parsing and instruction handler, conditions for rendering of first content object. Conditions may force the user to render second content objects or to input requested data and may adapt to environmental conditions exemplary relating to user profile, location, or time of day. A set of second content objects may be pre-determined and specified in provided instructions. User selection, from a list of second content objects, of a specified number of second content objects, provides for generation of a key enabling successful rendering of first content object. | 04-25-2013 |
20130104242 | METHOD AND SYSTEM FOR FORENSIC MARKING OF DIGITAL CONTENTS - Disclosed are a forensic marking method and a forensic marking system capable of inserting in real-time a forensic mark for user information in digital contents provided online. The forensic marking method of the digital content according to an exemplary embodiment of the present disclosure includes generating a first content created by inserting a first forensic mark in an original content and a second content created by inserting a second forensic mark in the original content by a content server; transmitting the first and second contents to a client terminal by the content server; and combining fragments of the first and second contents in a combination order corresponding to user information to generate a third content by the client terminal | 04-25-2013 |
20130104243 | PROTECTING PRIVACY WHEN COMMUNICATING WITH A WEB SERVER - Protecting privacy when communicating with a web server via a communication network, includes receiving by a first privacy agent a request from an application program of a client system for a connection to a web server having a target web server address, sending the request together with a first identification from the first privacy agent to the second privacy agent, forwarding the request together with a second identification from the second privacy agent to the third privacy agent. Further processing is performed responsive to determining that the target web server address matches a defined web server address which is accessible by the third privacy agent. | 04-25-2013 |
20130104244 | INTEROPERABILITY BETWEEN A PLURALITY OF DATA PROTECTION SYSTEMS - A system is disclosed for providing interoperability between a plurality of data protection systems. The system includes an ontology ( | 04-25-2013 |
20130111596 | DATA PRIVACY FOR SMART SERVICES | 05-02-2013 |
20130111597 | OBSCURING AN ACCELEROMETER SIGNAL | 05-02-2013 |
20130111598 | MOBILE COMMUNICATIONS DEVICE PROVIDING SECURE ELEMENT DATA WIPING FEATURES AND RELATED METHODS | 05-02-2013 |
20130111599 | SYSTEMS, METHODS, AND COMPUTER PROGRAM PRODUCTS FOR INTERFACING MULTIPLE SERVICE PROVIDER TRUSTED SERVICE MANAGERS AND SECURE ELEMENTS | 05-02-2013 |
20130111600 | METHOD AND DEVICE FOR SENSING AND RESPONDING TO AN UNAUTHORIZED OPENING OF A BIOMETRIC TRAIT CAPTURE DEVICE | 05-02-2013 |
20130111601 | APPARATUS AND METHOD FOR USING CONTENTS INFORMATION IN DIGITAL RIGHTS MANAGEMENT | 05-02-2013 |
20130117856 | WAN TRANSPORT OF FRAMES WITH MAC SECURITY - A physical layer device provides security processing on communication frames that may include tags or headers that are for use in a wide area network. As frames pass through the physical layer device, the frames are classified for a type of security processing. Depending on the classification a cipher is applied to the frames for integrity checking of data in the frames. Some frames are also encrypted. The security processing may exclude some of the tags or headers. The frames may also be filtered and buffered. | 05-09-2013 |
20130125240 | Method and apparatus for facilitating the transfer of a software license between computer systems - One embodiment of the present invention provides a system that facilitates the transfer of a software license from a first client to a second client. The system operates by receiving a request at the first client to deactivate the software license for an associated application installed on the first client. The system then receives a deactivation request that includes an identifier for the license at a license activation server from the first client. Next, the system validates the identifier on the license activation server to determine if the identifier is a valid identifier. If so, the system sends a deactivation message to the first client, receives a deactivation response from the first client, and increments a count of license instances available for the identifier on the license activation server. | 05-16-2013 |
20130125241 | System and/or method relating to a license manager - Embodiments of methods, apparatuses, and/or systems relating to a license manager are disclosed. | 05-16-2013 |
20130125242 | CLIENT-SERVER VERSION CONTROL SYSTEM FOR SOFTWARE APPLICATIONS - A software version control system manages versioned applications in a client-server computing system environment. Thereby this is a management system for computer application (software) distribution where a number of client devices coupled to a server may be executing different versions of a particular computing application. The system manages updates to the applications and enforces rules or policies to use the most recent version whenever possible. | 05-16-2013 |
20130125243 | METHOD FOR PREVENTING SOFTWARE REVERSE ENGINEERING, UNAUTHORIZED MODIFICATION, AND RUNTIME DATA INTERCEPTION - A method for preventing the unauthorized modification of a software or unauthorized modification of runtime data. According to this method, a converter, which is capable of converting the software into a generalized machine code is provided. The converter is designed such that it cannot he reverse engineered, by using a conversion process that causes data loss. An interpreter, which the knowledge of its process method is kept restricted, is also provided. The interpreter interprets the general machine code into a specific machine code, while reconstructing the lost data during the interpretation process. | 05-16-2013 |
20130125244 | PLATFORM INTEGRITY VERIFICATION SYSTEM AND INFORMATION PROCESSING DEVICE - A platform integrity verification system capable of executing platform integrity verification by a trusted boot without causing a delay of system startup time. The platform integrity verification system has an information processing device and an integrity verification computer that is communicably connected to each other. The information processing device comprises an acquisition section acquires a unique value from each of a plurality of programs executed by the information processing device when the information processing device is shut down; and a storage section configured to store the unique value acquired by the acquisition section in a storage device. The integrity verification computer comprises a comparison section configured to acquire the unique value stored in the storage device through communication with the information processing device and compares the acquired unique value with a predetermined value held in advance for each program. | 05-16-2013 |
20130133077 | SYSTEM AND METHOD FOR PREVENTING ILLEGAL COPY - Disclosed herein is an illegal copy prevention system and method. In short, an anti-copy prevention system of the present invention includes, a chipless RFID disk having a print layer distributed with metal fibers; an Optical Disk Drive (ODD) reading, recorded information when mounted with the chipless RFID disk; and a reader installed in the disk drive to sense whether metal fibers distributed at the printed layer exists and a unique ID contained in the metal fiber. | 05-23-2013 |
20130133078 | SYSTEM AND METHOD FOR PERMITTING USE OF CONTENT - Apparatus, method, and computer-readable media for permitting use of content. An exemplary method comprises transmitting, while in a requester mode of operation, a transfer request message to at least one external computing devices, wherein the transfer request message indicates content to be transferred; receiving the content in accordance with a transfer right that indicates that the content is permitted to be transferred from at least one of the external computing devices, wherein the transfer right is updated based at least in part on the transfer of the content, and wherein the content is associated with a usage right, the usage right corresponding to a utilization of the content; and processing, while in a server mode of operation, a utilization request message for utilizing the content in accordance with the usage right associated with the content. | 05-23-2013 |
20130133079 | Systems and Methods for Data Protection - A data protection method includes identifying data indicative of a software element parameter of a software element to be protected, which may be a hash of the software element image or carrier medium image area. The method includes identifying data indicative of a medium parameter of a medium authorized to carry the software element, which may be a unique identifier embedded in a non-image area of the medium. A validation token is defined based on a predefined protocol and written to a non-image area of the medium, which token is a function of the software element parameter and medium parameter. A device for executing the software element uses the same predefined protocol to verify the token prior to allowing execution of the software element. If the software element is copied to another medium, the token is not verifiable for the copied software, thereby restricting execution of the copied software element. | 05-23-2013 |
20130139268 | AGENT APPARATUS AND METHOD FOR SHARING ANONYMOUS IDENTIFIER-BASED SECURITY INFORMATION AMONG SECURITY MANAGEMENT DOMAINS - The present invention relates to an agent apparatus and method for sharing anonymous identifier-based security information among security management domains. A plurality of security information sharing agent apparatuses respectively located in a plurality of security management domains and configured to collect security information and transmit collected security information to outside of the security management domains. Each security information sharing agent apparatus includes an identifier conversion unit for converting real name identifier-based security information into anonymous identifier-based security information by converting a real name identifier included in the security information into an anonymous identifier, and a security information communication unit for transmitting the anonymous identifier-based security information obtained by the identifier conversion unit to outside of a corresponding security management domain so that security information is shared among the plurality of security management domains. | 05-30-2013 |
20130139269 | CONTEXTUAL USE AND EXPIRATION OF DIGITAL CONTENT - Technologies related to contextual use and expiration of digital content are generally described. In some examples, a receiving device may connect with a sponsoring device having the digital content. A relationship property defines a relationship context between the receiving device and the sponsoring device. The receiving device may receive the digital content from the sponsoring device and use the digital content so long as allowed, as determined with reference to the relationship property. | 05-30-2013 |
20130139270 | INFORMATION PROCESSING APPARATUS AND INFORMATION PROCESSING APPARATUS STARTUP CONTROL METHOD - An information processing apparatus includes a first processor that is connected to an input/output device and is configured to execute a program for controlling an apparatus including the input/output device, and a second processor that is connected to an external network and is configured to execute a program for establishing communication via the external network, wherein when starting the information processing apparatus, the second processor verifies an integrity of the program to be executed by the first processor and starts the first processor when the integrity of the program to be executed by the first processor is verified, and when the integrity of the program to be executed by the first processor is not verified, the second processor issues a problem notification without using a user interface of the first processor. | 05-30-2013 |
20130145473 | METHODS AND APPARATUS TO ANONYMIZE A DATASET OF SPATIAL DATA - Methods and apparatus are disclosed to anonymize a dataset of spatial data. An example method includes generating a spatial indexing structure with spatial data, establishing a height value associated with the spatial indexing structure to generate a plurality of tree nodes, each of the plurality of tree nodes associated with spatial data counts, calculating a localized noise budget value for respective ones of the tree nodes based on the height value and an overall noise budget, and anonymizing the plurality of tree nodes with a anonymization process, the anonymization process using the localized noise budget value for respective ones of the tree nodes. | 06-06-2013 |
20130145474 | CONCEALING AND REVEALING MESSAGE DATA - Systems, methods, computer program products, and networks for messaging. In some examples the identity of a sending user of a message and/or other data is initially concealed when the (manipulated) message or an associated created message is sent to an intended receiving user. In these examples, revealing data which enables determination of at least some data which the sent message concealed is only provided upon request, and in some of these examples, only after a user has been authenticated as being an intended receiving user. | 06-06-2013 |
20130145475 | METHOD AND APPARATUS FOR SECURING TOUCH INPUT - A method and apparatus for securing touch input are provided. The method includes rendering a first screen in a secure world; rendering a second screen in a non-secure world; and outputting a secured input screen by displaying the first screen as an overlay above the second screen. | 06-06-2013 |
20130145476 | Managing A Software Item On A Managed Computer System - A method and system is provided of managing a current software item on a managed computer system connectable to a management computer system via a computer network. The method includes identifying, using an agent application, the current software item on the managed computer system, identifying if the current software item is an unauthorized software item; and selectively disabling the unauthorized software item. | 06-06-2013 |
20130145477 | CONTENT REPRODUCTION SYSTEM, INFORMATION PROCESSING TERMINAL, MEDIA SERVER, SECURE DEVICE, AND SERVER SECURE DEVICE - A content reproduction system includes an information processing terminal and a secure device. The information processing terminal receives a copyright protection application program from an application distribution server. The copyright protection application program includes a first program having a first execution format executable in the information processing terminal and a second program having a second execution format different from the first execution format and executable in the secure device. The second program is encrypted with a program key held in the secure device. By extracting and executing the first program, the information processing terminal extracts the second program and transmits the second program to the secure device. The secure device receives the second program from the information processing terminal, decrypts the second program using a program key stored in a key storing unit, and executes the second program. | 06-06-2013 |
20130152206 | METHOD AND APPARATUS FOR PREVENTING UNAUTHORIZED ACCESS TO INFORMATION STORED IN A NON-VOLATILE MEMORY - A communications device for ensuring secure data transfer provided having an interface device for controlling data transfer, an integrated circuit coupled to the interface device and having a processor, a non-volatile memory for storing at least program code for the processor, a volatile memory, an input pin and an output pin; and an electrical conductor which electrically connects the input pin and the output pin. The electrical conductor passes through an external portion of the enclosure, e.g., a slot, which allows a user to easily sever the electrical conductor. In operation, a portion of the program code detects when the electrical conductor is severed and causes the program code in the non-volatile memory to be erased, data transfer via the interface device to be disabled, and power to the integrated circuit cut off to ensure that all information in volatile memory is erased. | 06-13-2013 |
20130152207 | DATA ACCESS REPORTING PLATFORM FOR SECURE ACTIVE MONITORING - Technologies pertaining to detecting accesses to monitored regions of memory and transmitting data to a protection system responsive to the detecting are described herein. A region of memory that includes objects in an object graph utilized by an operating system to determine which processes to execute and an order to execute such processes is monitored. If a process executing on a processor attempts to write to an object in the object graph, a field that is being written to is identified, and a determination is made regarding whether the field includes a pointer. Based upon whether the field includes a pointer, a type of write desirably undertaken by the object is ascertained, and an object event is transmitted to the protection system that informs the protection system of the type of write. | 06-13-2013 |
20130152208 | SECURITY KEY MANAGEMENT BASED ON SERVICE PACKAGING - A device receives application information associated with applications provided by a network, and determines service package identifiers for one or more applications identified in the application information. The device also receives information associated with devices and subscribers of the network, and determines security key parameters based on the information associated with the devices and the subscribers of the network. The device further generates, based on the security key parameters, a security key for each of the service package identifiers. | 06-13-2013 |
20130152209 | Facilitating System Service Request Interactions for Hardware-Protected Applications - Described herein are implementations for providing a platform adaptation layer that enables applications to execute inside a user-mode hardware-protected isolation container while utilizing host platform resources that reside outside of the isolation container. The platform adaptation layer facilitates a system service request interaction between the application and the host platform. As part of the facilitating, a secure services component of the platform adaptation layer performs a security-relevant action. | 06-13-2013 |
20130152210 | COORDINATED WATERMARKING - Methods, devices and computer program products enable embedding and extraction of multiple watermark messages in a coordinated fashion to improve watermark transparency, robustness against impairments, security, and computational complexity of embedding and extraction of watermarks. Coordinated watermark embedding and extraction operations take advantage of a pre-defined relationship between the symbols of two watermark messages. The improved aspects of the watermarking system provide significant value to content owners, content distributors, and consumers at a small incremental cost. | 06-13-2013 |
20130152211 | USING SOCIAL SIGNALS TO IDENTIFY UNAUTHORIZED CONTENT ON A SOCIAL NETWORKING SYSTEM - A prediction is calculated to determine whether a content item posted on a social networking system infringes on copyrights or otherwise violates the system's terms of use. The predictions are generated using social signals that are based on social information surrounding the content item, such as the density of connections between the posting user and the viewing users, the profile information of the users, and the geographical separation between the users. The content item is disabled if the prediction indicates a violation and the violation can be verified. | 06-13-2013 |
20130152212 | DEPERSONALIZED SEARCH - Methods and systems for managing a search process are provided. One method includes receiving user information from a user application, the user information associated with a search provider maintaining search services and non-search services. The method further includes transmitting the user information to the search provider, and receiving one or more cookies from the search provider. The method also includes receiving a user request from a user application, the user request addressed to the search provider, comparing the user request to a list of non-search services maintained by the search provider, and, upon determining that the user request is associated with a search service, transmitting the user request to the search service without transmitting the one or more cookies. | 06-13-2013 |
20130152213 | APPARATUS, SYSTEM AND METHOD FOR PREVENTING DATA LOSS - A device and method are provided for a device that communicates security information to a user entering content into the device. In an aspect, the device may access content from a server over a connection through the network. The device displays the content on a user interface of the device. The device detects information entered into a field of the displayed content and evaluates a security state of the device. If the security state is below a security threshold and, if the entered information is identified as protected information based on stored criteria, the device displaying a visual indication on the user interface. | 06-13-2013 |
20130152214 | METHODS AND APPARATUS TO MITIGATE A DENIAL-OF-SERVICE ATTACK IN A VOICE OVER INTERNET PROTOCOL NETWORK - Methods and apparatus to mitigate a Denial-of-Service (DoS) attack in a voice over Internet protocol (VoIP) network are disclosed. An example method comprises receiving a communication session initiation message from a communication session endpoint, determining whether the communication session endpoint is associated with a probable DoS attack, and sending to the communication session endpoint a communication session initiation response message comprising a DoS header when the communication session endpoint is associated with the probable DoS attack. | 06-13-2013 |
20130160132 | CROSS-SITE REQUEST FORGERY PROTECTION - Various embodiments of systems and methods for Cross-Site Request Forgery (XSRF) protection are described herein. An XSRF protection framework provides rich configuration possibilities for protection using an XSRF token. In one aspect—XSRF encoding is performed for a set of URLs according to a configuration and then a token validation is performed for incoming requests to protected resources. In another aspect—XSRF token leakage via the referrer header to external URLs is prevented. | 06-20-2013 |
20130160133 | Code Base Partitioning System - The subject disclosure is directed towards partitioning a code base of a program into a trusted portion and an untrusted portion. After identifying sensitive data within the code base using annotation information, one or more program elements that correspond to the sensitive data are automatically transformed into secure program elements that can be retained in the untrusted portion of the code base. Cryptographic techniques are used to minimize a potential size of the trusted portion of the code base. Source files for the trusted portion and the untrusted portion are generated. | 06-20-2013 |
20130160134 | METHOD AND DEVICE FOR MANAGING A SECURE ELEMENT - A method and system for managing, from a communication device, a secure element for contactless transactions such as mobile payment applications. The communication device includes a memory for storing one or more device applications. The method includes determining that an application stored on the secure element does not have an association with any of the device applications, and in response to the determining, sending a communication to a server to delete the application from the secure element. | 06-20-2013 |
20130160135 | METHOD AND APPARATUS FOR PERFORMING DOWNLOADABLE DIGITAL RIGHTS MANAGEMENT FOR A CONTENT SERVICE - A method and system are provided for performing downloadable Digital Rights Management (DRM) for a content service. The method includes receiving, from a service provider, a Content Access Token (CAT) issuance request for specific content, wherein the CAT issuance request includes information about devices mapped to account information of a user that has purchased the specific content; issuing a CAT; and delivering the CAT to the devices mapped to the account information. | 06-20-2013 |
20130160136 | DATA SECURITY IN A MULTI-NODAL ENVIRONMENT - A data security manager in a multi-nodal environment enforces processing constraints stored as security relationships that control how different pieces of a multi-nodal application (called execution units) are allowed to execute to insure data security. The security manager preferably checks the security relationships for security violations when new execution units start execution, when data moves to or from an execution unit, and when an execution unit requests external services. Where the security manager determines there is a security violation based on the security relationships, the security manager may move, delay or kill an execution unit to maintain data security. | 06-20-2013 |
20130160137 | ENVIRONMENTAL CONDITION IDENTIFYING TYPE LICENSE CONSUMPTION SYSTEM AND METHOD, AND FUNCTION PROVIDING SERVER AND PROGRAM - A license consumption system includes an information device on which application software operates based on a given license; and a function providing server which grants the license to the information device. The function providing server stores the license and an operating condition for granting the license, when attempting to start the application software, the information device transmits to the function providing server a licensing request of the application software and an operating environment of the information device, and the function providing server compares an operating condition of the application software corresponding to the requested license with the operating environment of the information device, and grants the license to the information device when the operating environment satisfies the operating condition. | 06-20-2013 |
20130167242 | Software Application Operational Transfer - Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, enable software application transfer among connected computing devices. In one aspect, a method includes receiving a request, corresponding to an application running on a first computer, to operate the application on a second computer; initiating a communication session between the first computer and the second computer over a network; disabling the application on the first computer with respect to one or more operational parameters; and enabling the application on the second computer with respect to the one or more operational parameters. The one or more operational parameters can include a software licensing state of the application, current application data of the application running on the first computer, or both. | 06-27-2013 |
20130167243 | Secure User Interface Content - Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for handing secure user interface content. In one aspect, a method includes receiving, at a data processing apparatus, content over a communication network from a computing system separate from the data processing apparatus; determining that the received content is authentic secure content; retrieving information stored at the data processing apparatus and previously selected by a user for purposes of securing user interface content; rendering the received content, to a display of the data processing apparatus, as a user interface with a visual wrapper, where the visual wrapper includes the retrieved information, visually separates the user interface from other visual elements on the display, and includes an indication that the user interface is secure; and processing input received through the user interface. | 06-27-2013 |
20130167244 | System for Managing Risk in Employee Travel - A system for managing risk in employee travel may control access by users to the travel risk management system. The travel risk management system may receive and store company information for a client company subscribing to the travel risk management system, and allow activation code packages to be defined for allowing a specified number of activation codes to be generated for the subscribing client company. Once the activation code packages are defined, the specified number of activation codes may be generated and assigned to employee's of the subscribing client company. The system may provide for defining super admin users authorized to input client company information and define activation code packages, and client admin users authorized to select activation code packages, and generate and assign the activation codes to users. | 06-27-2013 |
20130167245 | CUSTOMER ERROR SCREEN CAPTURE - A method for capturing a user's view of an electronic screen having an error message in a health management application without showing private information of the user includes receiving an error message from a web service responding to a request for a web page by the user. The method includes receiving an electronic file of the web page with the error message, redacting private information of the user from the electronic file to create a redacted electronic file, and storing the redacted electronic file in a support log module. | 06-27-2013 |
20130167246 | RESTRICTING OPERATION RESULTS FROM BEING TRANSFERRED TO COUPLED EXTERNAL DEVICE - Described embodiments provide a method and user equipment for restricting transferring of image data produced by a predetermined application to a coupled external device. The method may include detecting an activation of an application in a user equipment while the user equipment is coupled to an external device and determining whether image data produced by the activated application is transferred to the coupled external device. The determining may include restricting the produced image data of the activated application from being transferred to the coupled external device when an application control type of the activated application is a restricted application, otherwise, transferring the produced image data of the activated application to the coupled external device. | 06-27-2013 |
20130167247 | SELECTIVELY WIPING A REMOTE DEVICE - A system and method for selectively securing data from unauthorized access on a client device storing a plurality of data types with reference to an authorization level indicated in a command. A command is received at a client device comprising an authorization level indicator. Based on at least one predefined rule, which may be implemented in an IT policy stored at the client device, each of the plurality of data types to be secured is determined, and then the data corresponding to those types is secured. The data may be secured by encrypting and/or deleting the data at the client device. The predefined rules associated with each authorization level may be configured by a user or administrator having an authorization level that exceeds the associated authorization level. | 06-27-2013 |
20130174264 | SYSTEM AND METHOD FOR PROTECTING DATA STORED ON A REMOVABLE DATA STORAGE DEVICE - A system for protecting data stored in a memory of a removable data storage device is provided. The system includes a personal electronic device, a removable solid state data storage device operatively coupled to the personal electronic device, and a circuit configured to protect data stored in a memory of the data storage device in response to detecting impending removal of the data storage device from the personal electronic device. | 07-04-2013 |
20130174265 | SYSTEM AND METHOD FOR PROTECTING DATA STORED ON A REMOVABLE DATA STORAGE DEVICE - A system for protecting data stored in a memory of a removable data storage device is provided. The system includes a personal electronic device, a removable solid state data storage device operatively coupled to the personal electronic device, and a circuit configured to alter data stored in the memory of the data storage device in response to detecting that the data storage device has been removed from the personal electronic device. | 07-04-2013 |
20130174266 | DATA EXCHANGE BETWEEN A SECURE ELEMENT AND A TERMINAL - A method for data exchange between a secure element and a terminal, the secure element including a CRS (Contactless Registry Service) application, a CREL (Contactless Registry Event Listener), and at least one service application, the terminal including a SEUI (Secure Element User Interface) configured to interact with at least one out of the CRS application, the CREL application, or the service application, includes exchanging, between the secure element and the terminal, an STID (Service Type Identification) information relating to the at least one service application. The STID information indicates the service type of the at least one service application of a predetermined set of different service types. | 07-04-2013 |
20130174267 | Method for Secure Web Browsing - The invention relates to a computer-implemented method for secure web browsing. The method includes:
| 07-04-2013 |
20130174268 | METHOD AND SYSTEM FOR DOCUMENT DATA SECURITY MANAGEMENT - The present invention discloses a system for document security control to improve the security of document data, and the system comprises: an application, embedded in a machine readable medium, which performs a security control operation on abstract unstructured information by issuing an instruction to a platform software; the platform software, embedded in a machine readable medium, which accepts the instruction from the application and performs the security control operation on storage data corresponding to the abstract unstructured information; wherein, said abstract unstructured information are independent of a way in which said storage data are stored. | 07-04-2013 |
20130174269 | MANAGING LICENSE KEYS - For managing license keys, a license key service module creates a license key service object of a license key service class. The license key service object includes a plurality of management operations including a get all license keys operation that acquires a license key for licensing services. A hosted license key service module creates a hosted license key service object of a hosted license key service class that includes the license key service object. A license key module creates a license key object of a license key class. The license key object includes the license key and employs the plurality of management operations. A management module manages the license key using the license key object, license key service object, and hosted license key service object. | 07-04-2013 |
20130174270 | LICENSE INSTALL SUPPORT SYSTEM, LICENSE INSTALL SUPPORT METHOD - A license install support method includes receiving input of a first license identifier used for receiving license data, the license data being used by an electronic device for determining whether activation of a program is allowable; sending, to a license source determining device connected via a network, an acquisition request specifying the first license identifier for acquiring issuing source information including issuing source identification information of the license data; receiving the issuing source information returned from the license source determining device; and using a license install processing unit to acquire the license data corresponding to the first license identifier from a license management device relevant to the issuing source information included among plural license management devices connected via the network, and to send the license data to the electronic device. | 07-04-2013 |
20130179980 | SYSTEMS AND/OR METHODS FOR MONITORING AUDIO INPUTS TO JUKEBOX DEVICES - Certain exemplary embodiments relate to techniques for detecting unlicensed music on a digital jukebox device. A monitoring module, system, subsystem or the like determines whether audio is being provided to the digital jukebox device from an external source for reproduction via a speaker system connected to the jukebox device in place of jukebox media available directly to the jukebox device. When audio is being provided from the external source: at least a portion of the audio being provided to the digital jukebox device from the external source for reproduction via the jukebox device is captured; it is detected whether the captured portion corresponds to audio content that should be licensed; and a log of possible license violations is updated as appropriate. A notification concerning the log of possible violations is generated when a number of possible violations meets or exceeds a predetermined threshold in a predetermined time period. | 07-11-2013 |
20130179981 | Computer Implemented Method, Computer System And Nontransitory Computer Readable Storage Medium Having HTTP Module - A computer implemented method, a computer system or a nontransitory computer readable storage medium having an HTTP module is provided. The method, system or medium may be configured for use with a device having one or more processors and a memory storing one or more programs for execution by the one or more processors, the one or more programs may include instructions for processing information from multiple web sites served up from a web application, binding multiple secure socket layer (SSL) certificates to a single site supported by the web application, hosting the SSL certificates using an SSL accelerator, and intercepting incoming requests relayed from the SSL accelerator to the web application with the HTTP module. The method, system or medium may be configured for use with an identity management system that uses human knowledge and experience and computer software programs and databases to anticipate forms of identity-related fraud. | 07-11-2013 |
20130179982 | Data Processing Engine System And Method - A computer implemented method for a data processing engine for an identity management system, can comprise: on a computer device having one or more processors and a memory storing one or more programs for execution by the one or more processors, the one or more programs including instructions for: configuring an inbound or outbound feed; executing the inbound feed; and executing the outbound feed. Also, a computer system and a non-transitory computer-readable storage medium for the same. | 07-11-2013 |
20130179983 | System and Method for Digital Rights Management of Digital Media - A system and accompanying method for Digital Rights Management (DRM) are disclosed that permit arbitrary forms of digital media to be vended in a networked environment. Special purpose renderers are distributed with each particular instance of digital media. Each renderer may include a tailored set of controls allowing the owner of the digital media to restrict the use thereof. | 07-11-2013 |
20130179984 | method for controlling the execution of an application on a computer system - A method for controlling the execution of a software application on a computer system. The method includes the steps of generating a license map based on a given license for the application, the license map including the information on which user is allowed to execute the application, providing a license client on the computer system and providing a license server delivering the license map to the license client. When a user requests execution of the application, the license client decides whether the user is allowed to execute the application based on the license map. | 07-11-2013 |
20130179985 | SECURING USER DATA IN CLOUD COMPUTING ENVIRONMENTS - Systems and methods for obfuscating user data in a remote web-based application are disclosed. According to one method, user inputs to a displayed web page of the remote web-based application are received at a first web browser that is used by the user, wherein at least a portion of the user inputs comprise user-inputted data intended to be stored at the web-based application. The user inputs are transmitted to a management component that is configured to interact with a second web browser that communicates with the web-based application. The management component obfuscates at least a portion of the user-inputted data and forwards the obfuscated and un-obfuscated portions of the user inputs to the second web browser, which correspondingly transmits the obfuscated and un-obfuscated portions of the user inputs to the remote web-based application. | 07-11-2013 |
20130179986 | Flash Memory Distribution of Digital Content - Methods, apparatuses, and computer-readable media for distributing digital content. One embodiment comprises an apparatus comprising: a device ( | 07-11-2013 |
20130179987 | SYSTEM FOR LICENSING MOBILE APPLICATIONS, FEATURES, AND DEVICES - A system for licensing an application or feature for use on a wireless mobile device is disclosed. The wireless mobile device is provided to a user with a licensable application or feature, but the application or feature has not been fully authorized for use. When the wireless device receives a request to use the application or feature, the wireless device operates the requested application or feature, and generates an irrevocable license request. The license request is transmitted to a license server at a time convenient for the wireless device. The license server generates a license certificate to the application or feature, and transmits the license certificate to the wireless mobile device. The wireless device receives the license certificate, which is stored in local memory. Accordingly, the application or feature is now fully licensed for future operation on the wireless mobile device. The license server operates accounting processes to generate license reports and license accounting information. | 07-11-2013 |
20130185801 | SECURE DATA STORAGE AND RETRIEVAL - A system for secure data processing can include an electronic data storage device and a field programmable gate array coupled to the electronic data storage device. The field programmable gate array can be configured to include a data storage section for performing a data storage operation and a data retrieval section for performing a data retrieval operation. The data storage operation can include obtaining a seed value and retrieving one or more algebraic operations based on the seed value. The storage operation can also include processing input data according to the one or more algebraic operations to generate pseudorandom output data, prepending the seed value to the output data and storing the output data in the electronic data storage device. | 07-18-2013 |
20130185802 | Online Fraud Detection Dynamic Scoring Aggregation Systems and Methods - In some embodiments, an online fraud prevention system combines the output of several distinct fraud filters, to produce an aggregate score indicative of the likelihood that a surveyed target document (e.g. webpage, email) is fraudulent. Newly implemented fraud filters can be incorporated and ageing fraud filters can be phased out without the need to recalculate individual scores or to renormalize the aggregate fraud score. Every time the output of an individual filter is calculated, the aggregate score is updated in a manner which ensures the aggregate score remains within predetermined bounds defined by a minimum allowable score and a maximum allowable score (e.g., 0 to 100). | 07-18-2013 |
20130185803 | MARKING AND OBSCURING SENSITIVE VALUES IN TRACES - In one embodiment, a method for processing trace data is provided. The method generates trace data during execution of the target application and obtains criteria for identifying whether a value in the trace data is sensitive. An initial occurrence of a sensitive value in the trace data is identified based on the obtained criteria. The method then stores the sensitive value in a data structure accessible by an obscuring process. The obscuring process receives the trace data and obscures occurrences of the sensitive value in the trace data prior to providing the trace data for display. | 07-18-2013 |
20130185804 | METHOD AND APPARATUS FOR GENERATING PRIVACY RATINGS FOR APPLICATIONS - An approach is provided for generating privacy ratings for applications. A privacy ratings platform determines use information associated with one or more applications executing on one or more devices. By way of example, the use information is determined based, at least in part, on usage data associated with one or more input sources, one or more components, one or more categories of personal information, or a combination thereof associated with the one or more devices. The privacy ratings platform then processes and/or facilitates a processing of the use information to determine one or more privacy ratings for the one or more applications. | 07-18-2013 |
20130191922 | USER PROMPTED METADATA REMOVAL - Methods and apparatuses for the removal of metadata include the removal of metadata from an artifact accompanying a message. In a mobile communication device, a method for removing metadata from an artifact accompanying a message includes displaying at least one prompt via a user interface of the mobile communication device. Further, the method includes receiving, from a user of the mobile communication device via the user interface in response to the at least one prompt, metadata removal preference data. Cleansing instructions based on the metadata removal preference data are created and the message, the cleansing instructions, and the artifact are sent to a delivery system. The delivery system removes metadata from the artifact based on the cleansing instructions. | 07-25-2013 |
20130191923 | SOFTWARE LICENSE MANAGEMENT IN A NETWORKED COMPUTING ENVIRONMENT - An approach for managing licenses for software installations on virtual machine (VM) instances in a networked computing environment (e.g., a cloud computing environment) is provided. Specifically, in one example, data (e.g., real-time and/or historical) pertaining to usage of a set of software installations on a set of (VM) instances in the networked computing environment is collected. When a request is received (e.g., from a requester) for a license for a particular software installation of the set of software installations, it is determined whether the license is available. If not, it is then determined whether the license is obtainable based on the collected data and a current configuration of the networked computing environment. Then, responsive to the license being obtainable, the requested license may be allocated. | 07-25-2013 |
20130191924 | Approaches for Protecting Sensitive Data Within a Guest Operating System - Approaches for preventing unauthorized access of sensitive data within an operating system (OS), e.g., a guest OS used by a virtual machine. Dummy data may be written over physical locations on disk where sensitive data is stored, thereby preventing a malicious program from accessing the sensitive data. Alternately, a delete operation may be performed on sensitive data within an OS, and thereafter the OS is converted into a serialized format to expunge the deleted data. The serialized OS is converted into a deserialized form to facilitate its use. Optionally, a data structure may be updated to identify where sensitive data is located within an OS. When a request to access a portion of the OS is received, the data structure is consulted to determine whether the requested portion contains sensitive data, and if so, dummy data is returned to the requestor without consulting the requested portion of the OS. | 07-25-2013 |
20130191925 | Integrated Secure And Non-Secure Display For A Handheld Communications Device - A handheld communications device is created with a touch sensitive display, a secure computing component, and a non-secure computing component. The secure component may comprise a secure CPU executing a secure operating system. The non-secure component may comprise a separate non-secure CPU executing a separate non-secure operating system. The touch sensitive display on the handheld communications device is divided into a secure portion and a non-secure portion such that information displayed in the secure portion is provided by the secure operating system, and information displayed in the non-secure portion is provided by the non-secure operating system. Similarly, data entered through the secure portion of the display is provided to the secure operating system, and data entered through the non-secure portion of the display is provided to the non-secure operating system. | 07-25-2013 |
20130191926 | Method and Apparatus for Streaming Rights-Managed Content Directly to a Target Device over a Network - A content server ( | 07-25-2013 |
20130191927 | CONTENT MANAGEMENT DEVICE AND CONTENT MANAGEMENT METHOD - Provided is a content management device for protecting a content of a provider. A content management device | 07-25-2013 |
20130198849 | Method And Apparatus Providing Privacy Benchmarking For Mobile Application Development - A method operates, during development of an application program intended to be run on a mobile user device, to perform a computer assisted analysis of the application program to determine at least one user privacy-related aspect of the application program; and to present the determined at least one user privacy-related aspect. The determined at least one user privacy-related aspect may be presented to a developer of the application program An apparatus and system for performing the method are also disclosed. | 08-01-2013 |
20130198850 | SECURING DISPLAYED INFORMATION - A method, system or computer usable program product for securing displayed information including establishing a session between a first data processing device including a first memory and a second data processing device including a second memory and a display, maintaining session awareness indicating that both the first and second devices are alive in the session, inputting information into the second data processing device during the session producing input information stored in the second memory, and responsive to a determination the session has ended between the first and second device, deleting the input information in the second memory. | 08-01-2013 |
20130198851 | SYSTEM FOR PROTECTING SENSITIVE DATA WITH DISTRIBUTED TOKENIZATION - A token generating organization may include distributed tokenization systems for generating tokens corresponding to sensitive information. Sensitive information may include sensitive numbers such as social security numbers, credit card numbers or other private numbers. A tokenization system may include multiple physically distinct hardware platforms each having a tokenization server and a database. A tokenization server may run portions of a sensitive number through a predetermined number of rounds of a Feistel network. Each round of the Feistel network may include tokenizing portions of the sensitive number using a fractional token table stored an associated database and modifying the tokenized portions by reversibly adding portions of the sensitive number to the tokenized portions. The fractional token table may include partial sensitive numbers and corresponding partial tokens. A sensitive-information-recovery request including the token may be directed to the token generating organization from the token requestor to recover sensitive information. | 08-01-2013 |
20130198852 | APPLICATION LICENSING USING MULTIPLE FORMS OF LICENSING - A method, system, and computer-readable storage media for licensing an application using multiple forms of licensing are provided herein. The method includes providing a first form of a license to a first computing device via a licensing service and providing a second form of the license to a second computing device via the licensing service. The method also includes determining a first state of the first form of the license and a second state of the second form of the license, synchronizing the first state and the second state to form a combined license state, and adjusting conditions of the license based on the combined license state. | 08-01-2013 |
20130198853 | METHOD AND APPARATUS TO PROVIDE SECURE APPLICATION EXECUTION - A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed. | 08-01-2013 |
20130205400 | PRIVACY-BASED IDENTITY - The present disclosure relates to a privacy-based representation of a user identity within an online system. A method for representing a user identity within an online system is provided, comprising: requesting a user identity of a user of the online system by a viewer; retrieving a status of the viewer with regard to the user; based on the status of the viewer, determining a representation of the user identity; and providing the representation of the user identity to the viewer. Furthermore, an online system and a data structure representing a user identity of a user of an online system are defined. | 08-08-2013 |
20130205401 | Apparatuses and methods for content protection using digital rights management (DRM) in webview or webkit - An electronic device for digital content protection using DRM is provided with a DRM agent, a plug-in, and a web browser. The DRM agent processes DRM-protected content associated with an electronic file or a web page. The plug-in enables access of the electronic file. The web browser comprises a WebView SDK installed with the DRM agent or a WebKit engine installed with the DRM agent. The WebView SDK activates the processing of the DRM-protected content of the DRM agent to obtain the web page portion-by-portion, and displays the web page with the obtained portions. The WebKit engine activates the processing of the DRM-protected content of the DRM agent to obtain the electronic file portion-by-portion, and uses the plug-in to execute the electronic file with the obtained portions, or displays the web page with the obtained portions. | 08-08-2013 |
20130205402 | Apparatuses and methods for content protection using Digital Rights Management (DRM) in WebView or WebKit - An electronic device is provided with a DRM agent, a plug-in, and a web browser. The DRM agent processes DRM-protected content associated with an electronic file or a web page. The plug-in enables access of the electronic file. The web browser comprises a WebView SDK installed with the DRM agent or a WebKit engine installed with the DRM agent. The WebView SDK activates the processing of the DRM-protected content of the DRM agent to obtain the web page portion-by-portion, and displays the web page with the obtained portions. The WebKit engine activates the processing of the DRM-protected content of the DRM agent to obtain the electronic file or web page portion-by-portion, and uses the plug-in or a native media player to access the electronic file with the obtained portions, or displays the web page with the obtained portions. | 08-08-2013 |
20130212686 | Electronic fulfillment system for distributing digital goods - Methods and apparatus for delivering digital goods using an electronic distribution system. Meta-information is generated for a digital product and stored at a fulfillment server. Upon completion of a transaction between a customer and the supplier of a digital product, a download manager installed at the customer's computer communicates with the fulfillment server using a protocol that ensures secure and reliable delivery of the digital product to the customer. In alternative implementations, the customer can be billed before or after successful delivery of the digital product to the customer. | 08-15-2013 |
20130212687 | BRIDGE FOR COMMUNICATING WITH A DYNAMIC COMPUTER NETWORK - Method for communicating data in a computer network involves dynamically modifying at a first location in the computer network a plurality of true values. The true values correctly represent the plurality of identify parameters. These true values are transformed to false values, which incorrectly represent the identity parameters. Subsequently, the identity parameters are modified at a second location to transform the false values back to the true values. The position of the first and/or second locations varies dynamically as part of this process. A bridge transforms identity parameter values when communicating outside the network. Dynamic modification of the identity parameters occurs in accordance with a mission plan that can be modified without interrupting communication of data in the network. | 08-15-2013 |
20130212688 | SYSTEM FOR SHARING A USERS PERSONAL DATA - One example embodiment includes a method for sharing a user's personal data. The method includes obtaining identifying information. The method also includes confirming a user's identify. The method further includes releasing the user's personal data. | 08-15-2013 |
20130212689 | MANAGING NETWORK DATA - A method, system or computer usable program product for masking communication data using context based rules including intercepting a communication between a server and a client by an intermediary, the communication having a recipient, parsing the communication by the intermediary to determine whether a context based alteration rule should be applied, responsive to an affirmative determination, applying the rule to the communication to produce an altered communication with altered data, and sending the altered communication to the recipient so that the altered data in the communication is utilized in a masked manner. | 08-15-2013 |
20130212690 | PRIVATE DECAYED SUM ESTIMATION UNDER CONTINUAL OBSERVATION - Described herein is a method and system for providing privacy guarantees with an improved privacy-accuracy trade-off. Dynamic data can be accessed from a database. A sum model is selected from window sum, exponential decay sum, and polynomial decay sum. An algorithm is initiated that produces polylogarithmic bounded error in the range of a sum function associated with the selected sum model and independent of time steps. The data can be assembled in a dyadic tree structure. A non-linearity component can be added to nodes of the dyadic tree structure. For example, this can be a noise components or a weight applied to the update. This can be done, for example, to different nodes differently. Differential private estimators can be constructed for fixed steps of time. The differential private estimators can be applied to a query means or filtering system to enhance privacy protection from potential adversaries. | 08-15-2013 |
20130212691 | ELECTRONIC SYSTEM FOR THE PROTECTION AND CONTROL OF LICENSE TRANSACTIONS ASSOCIATED WITH THE ALTERATION OF REPLICATED READ ONLY MEDIA AND ITS BOUND LICENSED CONTENT - Distribution of content stored on read only media, and a system and method by which a consumer who purchased content stored on read only media implements a process in the field by which they alter the storage media. A system and tools are used by the consumer to identify, authenticate, disable, and confirm alteration in exchange for compensation, the acquisition of new usage rights to content, or the ability to restore access to or copy content to new media. The process may be conducted by the consumer in the field without assistance and or visual inspection, or be partially conducted in conjunction with an authorized intermediary. Furthermore, the process may restore access to content stored on new media without the need to transfer copies of content. | 08-15-2013 |
20130212692 | Systems and Methods for Managing Data Incidents - Systems and methods for managing a data incident are provided herein. Exemplary methods may include receiving data breach data that comprises information corresponding to the data breach, automatically generating a risk assessment from a comparison of data breach data to privacy rules, the privacy rules comprising at least one federal rule and at least one state rule, each of the rules defining requirements associated with data breach notification laws, and providing the risk assessment to a display device that selectively couples with the risk assessment server. | 08-15-2013 |
20130212693 | ANONYMOUS WHISTLE BLOWER SYSTEM WITH REPUTATION REPORTING OF ANONYMOUS WHISTLE BLOWER - Reputations of anonymous sources of information are managed by associating the reputations with devices from which the information is received rather than from the human individuals using those devices. The devices are recognized using a one-way identifier, such as a digital fingerprint, such that the source device cannot be used to readily identify the source device or its user(s) but all items of information received from the same source device can be readily recognized. Feedback from other devices is accumulated and used to assess trustworthiness of the source device and reputation data representing such trustworthiness is published along with the information received from the source device. | 08-15-2013 |
20130212694 | METHOD AND APPARATUS FOR RF TRANSMITABLE DATA PROTECTION - A method for prevention of unauthorized acquisition and use of privileged information including steps of: generating a spoof signature and associating the signature with the privileged information such that the spoof signature can be acquired during the unauthorized acquisition of the privileged information; establishing an identifying processor arranged to identify the at least one spoof signature, to classify attempts of unauthorized use of the privileged information, and generates at least one authorization for at least one predetermined set of actions organized to prevent the unauthorized use of the privileged information; and communicating authorizations to a party proximal to the at least one unauthorized use of the privileged information in time sufficient for interruption of the unauthorized use of the privileged information. | 08-15-2013 |
20130212695 | SEGMENTED MEDIA CONTENT RIGHTS MANAGEMENT - Segmented media content rights management is described. A media device can receive segments of protected media content from media content streams that each include a different version of the protected media content. A media content file can be generated to include the segments of the protected media content that are sequenced to render the protected media content for viewing. A file header object can be instantiated in a file header of the media content file, where the file header object includes DRM-associated features, such as one or more DRM licenses, properties, and/or attributes that correspond to the media content file to provision all of the segments of the protected media content together. | 08-15-2013 |
20130212696 | APPARATUSES, SYSTEMS, AND METHODS FOR RENEWABILITY WITH DIGITAL CONTENT PROTECTION SYSTEMS - In one embodiment of the invention, a format for renewability content (e.g., a System Renewability Message (SRM)) corresponding to a content protection protocol (e.g., High-Bandwidth Digital Content Protection (HDCP)) may be interoperable with devices that are compliant with different versions of the standard (e.g., HDCP1.x and 2.x devices) and that include different amounts of storage for the renewability content (e.g., first and second generation devices). | 08-15-2013 |
20130212697 | SECURE DATA EXCHANGE TECHNIQUE - Techniques utilizing common encryption approaches for data from multiple parties enable those parties to discover information that is held in common by the parties without disclosing to any party information that is not held in common by the parties. Encrypted information for each party can be compared to determine which encrypted values match, and those encrypted values can be returned to any of the parties such that a party can determine which corresponding data the parties have in common without having access to any other data of any other parties. | 08-15-2013 |
20130212698 | METHOD AND DEVICE FOR THE SECURE TRANSFER OF DATA - A method for the secure transfer of a digital file from a first computerized system to one second computerized system, the method comprising the following steps: writing the digital file on a first file-management module of a secure transfer device, transferring the digital file to an internal verification module of the secure transfer device, verifying one portion of the transferred digital file in the verification module, and transferring the partially verified digital file to a second file-management module of the secure transfer device according to the result of the verification, in order to allow the file to be read by the one second computerized system according to the result of the verification. | 08-15-2013 |
20130219504 | Method, System and Program Product for Document Verification - A method, system and program product comprise processing a document using a key to generate a document identification. A matrix is generated using data from the document identification. The matrix comprises a scannable element. The matrix and the document are combined to form a second document in which a verification of an authenticity of the second document is performed using at least the matrix. | 08-22-2013 |
20130219505 | VALIDATING LICENSE SERVERS IN VIRTUALIZED ENVIRONMENTS - The present invention extends to methods, systems, and computer program products for validating license servers in virtualized environments. Embodiments of the invention leverage a set of features acquired or built in cloud computing environments to facilitate a software based solution providing uniqueness and immutability of a license server hosted in the cloud. Avoiding features of the underlying hardware systems results a much more flexible and reliable platform for hosting license servers. Features of a cloud storage service can be used to create a unique ID for a license server. Security and reliability of license servers hosted in a pubic cloud environment is also improved. | 08-22-2013 |
20130219506 | CONFIDENTIAL COMMON SUBJECT IDENTIFICATION SYSTEM - A computerized method and apparatus are established to identify a subject of common interest among multiple parties without releasing the true identity of any subject. Furthermore, a computerized network provides different parties at different locations with a mechanism to conduct cooperative activities concerning such a subject of common interest without exposing that subject to possible identity theft. | 08-22-2013 |
20130219507 | METHOD AND APPARATUS FOR PROTECTING DIGITAL CONTENT USING DEVICE AUTHENTICATION - A user device may strengthen the protection level of a digital content by dividing the security and normal modes and performing an operation. In order to further strengthen the protection level of the digital content, the user device may determine whether the main operating system is hacked or not, and blocks the operation in the secure mode. Otherwise, the device authorization information indicating the device security level of the user device is authorized by the content service server, and the user device blocks the operation in the secure mode according to the result. | 08-22-2013 |
20130219508 | METHOD AND APPARATUS FOR OUTPUTTING CONTENT IN PORTABLE TERMINAL SUPPORTING SECURE EXECUTION ENVIRONMENT - A method and an apparatus for supporting internal and external outputs by synchronizing a user interface such as caption with a protected image in a portable terminal supporting a secure execution environment are provided. The method includes detecting the output of the content, managing the output of the content in a secure area according to a type of the content, providing a user interface with respect to the content in a general area, synchronizing the user interface with the content, and composing and outputting the content and the user interface. | 08-22-2013 |
20130219509 | METHOD AND APPARATUS FOR EFFICIENTLY FIXING TRANSFORMED PART OF CONTENT - Provided are a method and apparatus for effectively fixing scrambled content. The method includes checking fixing information for a program map table (PMT) packet of packets constituting the content, the fixing information being used to fix a transformed part of the content; extracting location information of a next PMT packet containing fixing data for fixing the transformed part of the content from the fixing information of the PMT packet; and fixing the transformed part of the content by using the fixing data in the next PMT packet indicated by the extracted location information. Accordingly, it is possible to easily detect a location of the content, which stores the fixing information, thereby expediting fixing of the transformed content. | 08-22-2013 |
20130227699 | SYSTEM AND METHOD FOR VIRTUAL IMAGE SECURITY IN A CLOUD ENVIRONMENT - Provided herein are systems and method enabling secure virtual image access in a virtual or cloud computing environment. The systems and methods include assigning a status to indicator to guest virtual machines (virtual images) that provide applications and other services to cloud consumers in the cloud environment. A virtual appliance machine in the cloud environment maintains the status of the guest virtual machines and makes decisions based on the status as to whether to allow access to the guest virtual machines. These decisions are transmitted to local elements on the guest virtual machines, which enforce access control on a local level. In this manner, unauthorized virtual image access is prevented providing increased security and data integrity. | 08-29-2013 |
20130227700 | Dynamic Trust Score for Evaulating Ongoing Online Relationships - A method is provided for a dynamic trust score for evaluating ongoing online relationships. By considering a plurality of user data variables and using validation data from internal and external database sources, a trust score with a high degree of confidence may be provided for establishing and verifying online relationships. Since the trust score may be dynamically recalculated periodically or on demand, the trust score may also validate over continuing periods of time, as opposed to conventional verification systems that only validate at a single point in time. Thus, a higher degree of safety, reliability, and control is provided for online services directed towards children or other user classes that may require greater protection. | 08-29-2013 |
20130227701 | Masking Mobile Message Content - A method, an apparatus and an article of manufacture for masking a message on an electronic device. The method includes receiving a message on an electronic device, determining if a message category label is included in the message, mapping the message category to a corresponding masking format if a message category label is included in the message, extracting the content of the message to generate a message category if a message category label is not included in the message, wherein each message category generated corresponds to a masking format, and masking the message on the electronic device by transforming the message into the masking format that corresponds to the message category for the message. | 08-29-2013 |
20130227702 | SYSTEM AND METHOD FOR SYNTAGMATICALLY MANAGING AND OPERATING CERTIFICATION USING ANONYMITY CODE AND QUASI-PUBLIC SYNTAGMATIC CERTIFICATION CENTER - A method for syntagmatically managing and operating certification using an anonymity code is provided, which includes causing a quasi-public syntagmatic certification center to receive basic information including a terminal identification number when the terminal requests certification, causing the quasi-public syntagmatic certification center to detect whether there is an identity between a first resultant code and a preset corresponding anonymity code, causing the quasi-public syntagmatic certification center to determine whether to perform the certification with respect to the certification request depending on whether there is the identity between the first resultant code and the anonymity code, and causing the quasi-public syntagmatic certification center to send the certification result to the user terminal as a reply. | 08-29-2013 |
20130227703 | Device, Method, and System for Secure Mobile Data Storage - A device, method, and system for secure mobile data storage includes a mobile data storage device having a short-range communication circuit, a long-range communication circuit, and a data storage for storing data. The mobile data storage device is used to store data used by a paired mobile communication device. The mobile data storage device and the mobile communication device communicate control signals over a wireless control link established using the short-range communication circuit and data over a wireless data link, different from the wireless control link, established using the long-range communication circuit. The mobile data storage device and/or mobile communication device may monitor a distance between the devices and perform a security function in response the devices being separated from each other. The mobile data storage device may backup data on a remote data server and/or repopulate data from the remote data server using the mobile communication device. | 08-29-2013 |
20130232578 | METHOD AND APPARATUS FOR OBFUSCATING PROGRAM SOURCE CODES - First source code of a computer program having a plurality of lines of instructions is received. An obfuscation process is performed on the first source code, including at least two of a shuffling operation, a fertilizing operation, an aggregating operation, and a neutralizing operation. Second source code is generated based on the obfuscation process, where the second source code, when executed by a processor, produces an identical result as the first source code. | 09-05-2013 |
20130232579 | Personal Location Cone - Methods and apparatus, including computer program products, for receiving a request from a requestor to locate a user. The request identifies a personal location code (PLC) for the user. It is determined if the request is allowed based on the PLC. If the request is allowed, the current location of the user is obtained based on the location of one or more devices associated with the user. The current location of the device is then provided to the requestor. | 09-05-2013 |
20130239220 | Monitoring and Managing User Privacy Levels - Various embodiments pertain to techniques for measuring a user's privacy level as a user interacts with various web services. In various embodiments, entities with which the user interacts are detected and sensitive information shared by the user is logged to determine what a given entity knows about the user. In some embodiments, sensitive information that is shared by a user can be processed using a predictive algorithm to ascertain a user's level of privacy. When a user's identity is predicted by the algorithm, a user can be alerted to the loss of anonymity. In various embodiments, user-defined areas of anonymity can be used to measure a user's definition of privacy. In some embodiments, alerts can also be provided to the user when a new, previously undisclosed, piece of information is shared by the user. | 09-12-2013 |
20130239221 | RIGHTS MANAGEMENT MODULE - Assigning and managing rights to media content, including: receiving the media content along with a list of media rights definition from a content provider which describes what media availability rights apply to which media content; applying the defined media availability rights to the media content; and distributing the media content to a content consumer in accordance with the applied media availability rights. Keywords include media content and media availability rights. | 09-12-2013 |
20130239222 | METHODS, DEVICES AND DATA STRUCTURES FOR TRUSTED DATA - An apparatus includes a processor and a memory to implement a method to provide a proof that two or more instances of a data structure type are as trustworthy as each other. | 09-12-2013 |
20130239223 | METHOD AND APPARATUS FOR DETECTING LEAK OF INFORMATION RESOURCE OF DEVICE - A method and apparatus for detecting a leak of an information resource of a device. Source code is obtained from an application and is analyzed to determine whether at least one information resource from among information resources of a device is transmittable to outside the device by tracking a task performed on the at least one information resource, thereby detecting whether the application is externally leaking an information resource from the device. | 09-12-2013 |
20130239224 | METHOD OF LOCATING A COMPUTING DEVICE - The method of location tracking of a computing device (computer, notebook, mobile phone, etc.) that can be used to prevent unauthorized access and/or theft of the device. The essence of the invention is that special software is installed on the computing device that can obtain external and internal IP-addresses of the Internet enabled computing device. The special software then processes this information and forms an electronic massage that includes IP-addresses and an identifier of the computing device. Special software then sends this message to an electronic address preset by the user of the computing device. Only the user of the computing device and the special software installed on the computing device has access to such electronic address. | 09-12-2013 |
20130239225 | Deleting Confidential Information Used to Secure a Communication Link - A system includes a first wireless-enabled device that transparently stores confidential information and a second wireless-enabled device that stores the same confidential information. The confidential information is to be used to secure a wireless communication link between the first device and the second device. One or both of the first device and the second device is to delete the confidential information upon fulfillment of one or more conditions related to the communication link. The conditions include general timeout, device inactivity, loss of connection over the communication link, a decline in signal strength, and a predefined number of transactions having occurred between the first device and the second device. | 09-12-2013 |
20130239226 | INFORMATION PROCESSING SYSTEM, ANONYMIZATION METHOD, INFORMATION PROCESSING DEVICE, AND ITS CONTROL METHOD AND CONTROL PROGRAM - An information processing device for anonymizing personal information being linkable to an individual includes an anonymization policy providing unit which provides an anonymization policy in which priority is added to each of a plurality of kinds of anonymization processes to enhance anonymity for at least one item which can be related to said personal information; an anonymization process selecting unit which selects in sequence from an anonymization process of low priority to an anonymization process of high priority, in case said plurality of kinds of anonymization processes being contained in said anonymization policy which said anonymization policy providing unit provides is applied; an anonymization processing unit which applies said plurality of kinds of anonymization processes in said sequence selected by said anonymization process selecting unit to said personal information which an information user uses; and an anonymity evaluating unit which provides said personal information to which said anonymization process was applied up to the anonymization process concerned to said information user, in case it is judged that said personal information to which said anonymization process was applied had anonymity. | 09-12-2013 |
20130247208 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR PREVENTING DATA LEAKAGE UTILIZING A MAP OF DATA - A system, method, and computer program product are provided for preventing data leakage utilizing a map of data. In use, information describing data stored on at least one system is received. To this end, a map of the data is generated, utilizing the information. Further, data leakage is prevented, utilizing the map. | 09-19-2013 |
20130247209 | AUTOMATED LICENSE MANAGEMENT - Licenses to software services are assigned automatically to users as a function of one or more user attributes. An attribute can include membership in a group such as a license group or a security group, among other things such as location. License assignments can also be retracted automatically upon changes in one or more user attributes. | 09-19-2013 |
20130247210 | Method and System for Protecting Software Authorization - A method for protecting a software authorization utilized in a software installed in a hardware device, which includes a timer to utilize a system time, and including a plurality of functions is disclosed. The method includes setting an authorized time, an accumulated authorization time, an accumulated running time and a last recorded time when the software is initially installed in the hardware device, operating a time-out check for determining whether the software authorization is expired or not according to the system time, the authorized time, the accumulated authorization time, the accumulated running time and the last recorded time when the software is initiated or the plurality of functions are initiated or terminated, and stopping the software from running in the hardware device when the software authorization is expired. | 09-19-2013 |
20130247211 | AUTHORITY CHANGING DEVICE, GENERATING DEVICE, AND COMPUTER PROGRAM PRODUCT - According to an embodiment, an authority changing device includes a first determiner, a second determiner, and a changing unit. A first authority is defined by a first combination of first to third item values, and a second authority is defined by a second combination of the fourth to sixth item values. The first determiner uses a logical expression to determine whether the change from the first authority to the second authority is possible, not possible, or unknown. The second determiner uses a first table to determine the availability of change from the first authority to the second authority when the availability of the change is determined to be unknown. The changing unit changes the first authority to the second authority when the change is determined to be possible. | 09-19-2013 |
20130247212 | Providing User Confidence Information to Third-Party Systems - An online services system includes a mechanism for providing user confidence information to an external data consumer, and for determining user contribution quality. Using stored information about user actions and interactions, user confidence is evaluated for one or more parameters associated with the validity of the user's account and/or quality of the user's contributions to the online services system. Confidence values are assigned to each parameter, and the values are exposed to external data consumers. Using stored information, user actions and interactions are correlated with contribution quality to produce a metric indicative of user contribution quality. Users with low quality parameter metrics may have their contributions shown to a smaller audience or have a lower prominence in a news feed. | 09-19-2013 |
20130247213 | METHOD AND DEVICES TO SECURE THE ENTRY OF AN ALPHANUMERICAL CODE, CORRESPONDING COMPUTER PROGRAM PRODUCT AND STORAGE MEANS - A method and device are provided for securing entry of an alphanumerical code by a user. The method includes: obtaining, through a first device, information for converting at least one portion of the alphanumerical code into at least one portion of converted code, the information for converting being one-time converting means; a piece of information identifying the information for converting; entering, into a second device distinct from the first device, at least the portion of converted code, converted using the information for converting; and transmitting at least the portion of converted code and the piece of information identifying the information for converting towards a secured server. | 09-19-2013 |
20130247214 | Anonymization of Data Over Multiple Temporal Releases - The present disclosure is directed to systems, methods, and computer-readable storage media for anonymizing data over multiple temporal releases. Data is received, and nodes and connections in the data are identified. The data also is analyzed to identify predicted connections. The nodes, the connections, and the predicted connections are analyzed to determine how to group the nodes in the data. The data is published, and the grouping of the nodes is extended to subsequent temporal releases of the data, the nodes of which are grouped in accordance with the grouping used with the data. | 09-19-2013 |
20130254896 | Method to Detect Tampering of Data - A method to detect tampering includes constant acquiring of measurement raw data in a sensor unit; processing of measurement raw data of a defined time interval in a metrology unit, obtaining first measurement results; at least one of storing of the first measurement results and transmitting of the first measurement results to an authority at defined time instances via a communication channel; at least one of storing of a defined fraction of measurement raw data and transmitting of a defined fraction of measurement raw data to the authority in a random manner via the communication channel; processing of the measurement raw data of the defined time interval at the authority, obtaining second measurement results; and comparing the first and second measurement results of a time interval. | 09-26-2013 |
20130254897 | DIGITAL CONTENT DELIVERY - Methods, apparatus, systems and machine readable medium for the delivery of digital content are disclosed herein. An example method includes receiving a first document from a first document source, classifying the first document with a first tag based on a type of the document, classifying the first document with a second tag based on a first intended recipient, encrypting the first document, publishing the first document for receipt by the first intended recipient, verifying an identity of the first intended recipient and granting the first recipient access to the first document based on the verified identity. | 09-26-2013 |
20130254898 | TIERED OBJECT-RELATED TRUST DECISIONS - Adware and viruses are examples of objects that may be embedded in a web page or linked to a web page. When such an object is detected to be associated with a web page loading on a browser, an analysis may be performed to determine a trust level for the object. The object is suppressed based on the trust level. A prompt is displayed to advise a user that the object has been suppressed, and to provide an opportunity to interactively accept or decline activation of an action for the object. | 09-26-2013 |
20130263274 | Crowd Validated Internet Document Witnessing System - A system and method that accepts material from the Internet, computes and maintains a computationally unique representation of the received material in a database, computes a computationally unique representation of the updated database state as a whole, publishes material and database representations in various forms for the global Internet audience to witness, and returns a time stamped attestation to the submitter of material as proof of the material being witnessed on the Internet along with unique database state and revenue generating advertisements. Published representations may include pictures, common words, or hexadecimal character string to facilitate Internet searching mechanisms. | 10-03-2013 |
20130263275 | METHOD AND APPARATUS FOR REQUESTING ACCESS TO FILES - A method for requesting access rights for an object of a computerized system comprising installing in the computerized system a code that associates an object with an owner of the object, thereby enabling to automatically request access rights for the object from an owner of the object, and an apparatus for performing the same. | 10-03-2013 |
20130263276 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, INFORMATION PROCESSING SYSTEM, AND PROGRAM - Devices, methods, and programs for controlling disclosure of information or data. Disclosure to a first user of data provided by a third user may be controlled based, at least in part, on first information indicating a closeness of a relationship between the first user and a second user who is a subject of the data. | 10-03-2013 |
20130263277 | SECURE COMPUTING SYSTEM - A computer system with multiple security levels, the system comprising a high-power processing device ( | 10-03-2013 |
20130263278 | METHOD AND APPARATUS FOR CONTROLLING OPERATIONS PERFORMED BY A MOBILE CO - The huge success of mobile computing devices has fundamentally changed the corporate computing environment, with employees using corporate data on their own computing devices. Companies would still like to control their data, event when present on an employee's personal computing device, such as a Smartphone. | 10-03-2013 |
20130263279 | INFORMATION PROCESSING APPARATUS, STORAGE MEDIUM, AND CONTROL METHOD THEREFOR - Whether to perform processing is selected regardless of the presence or absence of a license in response to processing received from a user. | 10-03-2013 |
20130263280 | Secure Dynamic Page Content and Layouts Apparatuses, Methods and Systems - The SECURE DYNAMIC PAGE CONTENT AND LAYOUTS APPARATUSES, METHODS AND SYSTEMS (“DPCL”) transform dynamic layout template requests, device, user, and surroundings security profiles, and layout usage monitor packages using DPCL components into customized secure dynamic layouts. In some implementations, the disclosure provides a processor-implemented method of transforming the content of an electronically generated user facing page for displaying on a user display. | 10-03-2013 |
20130263281 | SYSTEM AND METHOD FOR PROTECTING DATA STORED ON A REMOVABLE DATA STORAGE DEVICE - A system for protecting data stored in a memory of a removable data storage device is provided. The system includes a personal electronic device, a removable solid state data storage device operatively coupled to the personal electronic device, and a circuit configured to alter data stored in the memory of the data storage device in response to detecting that the data storage device has been removed from the personal electronic device. | 10-03-2013 |
20130269035 | DATA PRIVACY ENGINE - A computer hardware-implemented method, system, and/or computer program product determines an applicability of a data privacy regulation when transmitting data used with an enterprise project. A data privacy regulation describes regulatory restrictions on data being transmitted from a first geopolitical entity to a second geopolitical entity. A set of categorized data is used by an enterprise project, and the data privacy regulation establishes limitations on a transmission of at least one category of data, from the set of categorized data, from the first geopolitical entity to the second geopolitical entity. A first set of binary data and a second set of binary data are processed to determine if transmission of said at least one category of data from the first geopolitical entity to the second geopolitical entity is regulated by the data privacy regulation. | 10-10-2013 |
20130269036 | METHOD FOR PROTECTING AN APPLICATION PROGRAM - An application program providing a task in an electronic device is protected. Information used for executing the task in the electronic device is stored in a smart object to be coupled thereto. The information is requested from the smart object at run time execution of the application program by the electronic device, and is returned to the application program to define at run time a correct semantic of the task. | 10-10-2013 |
20130269037 | SYSTEM AND APPARATUS FOR TRANSFERRING DATA BETWEEN COMMUNICATION ELEMENTS - A system and apparatus for transferring data between communication elements is disclosed. A system that incorporates teachings of the present disclosure may include, for example, a communication device having a controller element to receive data from a web server to update one or more entries of an identity module coupled to the controller element. The data can be retrieved by the web server from a second communication device. Additional embodiments are disclosed. | 10-10-2013 |
20130269038 | INFORMATION PROTECTION DEVICE AND INFORMATION PROTECTION METHOD - When position information is added in a real-time fashion, anonymity of movement trajectories is ensured and the degree of abstraction of positioning data included in the position information is prevented from becoming too high. A group of anonymous information with a second positioning time preceding a first positioning time is partitioned into two or more groups so that the anonymous information with the first positioning time satisfies a predetermined anonymity metric and so that a degree of abstraction of the abstracted positioning data in the anonymous information becomes lower than a predetermined standard value, anonymous information including positioning data with the first positioning time abstracted by the partitioned groups is generated, and the generated anonymous information is stored in an anonymous information storage unit in association with the anonymous information with the second positioning time. | 10-10-2013 |
20130276127 | MODEL-BASED SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR DETECTING AT LEAST POTENTIALLY UNWANTED ACTIVITY ASSOCIATED WITH CONFIDENTIAL DATA - A model-based system, method, and computer program product are provided for detecting at least potentially unwanted activity associated with confidential data. In use, behavior information associated with use of confidential data is identified, based on predetermined parameters. Additionally, a model is created utilizing the behavioral information. Furthermore, at least potentially unwanted activity associated with the confidential data is detected utilizing the model. | 10-17-2013 |
20130276128 | SECURE OPTION ROM FIRMWARE UPDATES - Option ROM updates are performed in a secure manner with centralized control through system initialization firmware, such as the system BIOS. An option ROM updater manages copying an option ROM update to an auxiliary subsystem if an update bit is set, such as by a secure system management interface with the BIOS. Upon detection of an update bit, the option ROM updater unlocks a write protect at the auxiliary subsystem firmware and copies an option ROM update to the auxiliary subsystem to update the option ROM. After completing the option ROM update, the option ROM updater locks write protection of the option ROM to maintain system security. | 10-17-2013 |
20130276129 | METHODS, APPARATUS, AND ARTICLES OF MANUFACTURE TO IDENTIFY MEDIA DELIVERY - Methods, apparatus, and articles of manufacture to identify media delivery are disclosed. An example method includes receiving a first log from a media provider, the first log comprising first source address information, first destination address information, first source port information, first destination port information, and media identification information; receiving a second log from a first receiver, the second log comprising second source address information, second destination address information, second source port information, and second destination port information; comparing information in the first log to information in the second log to attempt to identify a matching entry between the media provider and the receiver; and when a matching entry is identified, storing the media identification information from the first log in association with the receiver. | 10-17-2013 |
20130276130 | Secure Digital Card, and Secure Digital Card Operating System and Operating Method - A Secure Digital (SD) card, and an operating system and an operating method for the SD card are disclosed. The disclosed SD card has a Flash memory and a controller. The Flash memory contains a data storage space and a Content Protection Recorded Media (CPRM) support space. The controller executes a firmware of the SD card, such that read/write commands provided from a host for the CPRM support space are regarded and executed as security commands and a CPRM mechanism is operated over the data storage space. | 10-17-2013 |
20130276131 | PRIVACY FROM CLOUD OPERATORS - Aspects of the subject matter described herein relate to identity technology. In aspects, even though a cloud operator may control one or all of the entities with which a user device interacts, the employees and computers controlled by the cloud operator may still have insufficient data to determine a natural identity of the user based on interactions of the user device with the cloud operator's computers. Privacy boundaries on the user device control transmission of natural identity information to other entities such that, without user consent, computers outside of the user device have insufficient data singly or combined to determine a natural identity of the user. | 10-17-2013 |
20130283384 | ELECTRONIC BOOK CONTENT PROTECTION - A system and method are disclosed for protecting an electronic book from unauthorized access. HTML for the book is shredded by dividing it into portions, and a selection scheme is used to intersperse decoy data among the portions. Dynamically generated cascading style sheets are used to define a pattern for decoy and content data such that a browser on a client device correctly processes the HTML but an unauthorized program such as a web scraper cannot correctly process the HTML. | 10-24-2013 |
20130283385 | RESTRICTING COMMUNICATION OVER AN ENCRYPTED NETWORK CONNECTION TO INTERNET DOMAINS THAT SHARE COMMON IP ADDRESSES AND SHARED SSL CERTIFICATES - An apparatus prevents communication by a client device to a domain that cannot be uniquely identified by relocating the DNS mapping of the domain to a destination IP Address that is uniquely identifiable and that represents a location of an apparatus that provides a data path to the domain. | 10-24-2013 |
20130283386 | TAMPER RESPONDENT COVERING - Disclosed is a tamper respondent covering. The tamper respondent covering has a cover-shaped structure to cover an electronic part which is exposed. This covering protects electronic parts embedded inside or exposed outside a product, such as ICs that contains data concerning security and certification, communication connectors that transmit data, etc. from a tempering operation or an alternating operation. The tamper respondent covering protects data from a tampering operation or an altering operation by erasing the data or disabling operation of the electronic part containing the data in response to an act of attempting to remove the covering from a printed circuit board of the electronic part or to drill a hole in the covering. | 10-24-2013 |
20130283387 | METHOD FOR DATA SECURITY AND ELECTRONIC DEVICE HAVING DATA SECURITY FUNCTION - In a computerized icon management method for data security of an electronic device, target data of the electronic device is defined, and an activation message corresponding to the target data is set. The target data is hidden by changing a visible state of an icon of the target data on a display of the electronic device from visible to invisible. An input interface is displayed for receiving the activation message input by a user. The visible state of the icon of the target data is changed from invisible to visible, when the activation message corresponding to the target data is input by the user through the input interface. | 10-24-2013 |
20130283388 | METHOD AND SYSTEM FOR INFORMATION CONTENT VALIDATION IN ELECTRONIC DEVICES - Content validation on an electronic device comprises detecting information content on an electronic device and validating the information content in real time in the electronic device. Validating the information content includes analyzing the information content to detect selected content and preventing dissemination of the selected content via the electronic device. The information content comprises content originating and/or terminating on the electronic device. The electronic device may comprise a mobile electronic device. | 10-24-2013 |
20130283389 | Method And System For Distributing Restricted Media To Consumers - Techniques for distributing restricted media to consumers are disclosed. According to one aspect of the present invention, personalized settings (e.g., parameters or table) are managed in a primary client device associated with a user. A copy of the personalized settings is maintained in a server. When the primary box is replaced, a copy of the personalized settings is uploaded to a different client device that is configured to respond to the personalized settings. Data pertaining to titles in a personal vault is preloaded. When there is an order for a release that is restricted for distribution over an open network, data pertaining to such a release is also loaded. As a result, the subscriber sees the familiar settings on the different client device and would not miss any release while the primary box is being replaced or repaired. | 10-24-2013 |
20130283390 | SYSTEM, METHOD AND APPARATUS FOR CONTROLLING THE DISSEMINATION OF DIGITAL WORKS - A system, business methodology and apparatus for facilitating controlled dissemination of digital works is disclosed. An audio and video organizer, entertainment, and communication unit that plays back audio and video media content received from a central storage server. The unit relies on a smartcard, which has a personalized key that unlocks encrypted content. Using the unit, a user can purchase music or other types of media using a appropriate ordering method. The central storage server then transmits a double-encrypted, compressed audio file to the unit, where it is decrypted based on the smartcard key, and available for listening. | 10-24-2013 |
20130283391 | SECURE DIRECT MEMORY ACCESS - Examples are disclosed for establishing a secure destination address range responsive to initiation of a direct memory access (DMA) operation. The examples also include allowing decrypted content obtained as encrypted content from a source memory to be placed at a destination memory based on whether destination memory addresses for the destination memory fall within the secure destination address range. | 10-24-2013 |
20130283392 | METHOD AND APPARATUS FOR POLICY-BASED CONTENT SHARING IN A PEER TO PEER MANNER USING A HARDWARE BASED ROOT OF TRUST - Securely sharing content between a first system and a second system is provided. A hardware-based root of trust is established between the first system and a server. Content requested by a user and an encrypted license blob associated with the content is received by the first system from the server. A first agent on the first system connects with a second agent on the second system. The encrypted license blob and a sub-license request are sent from the first agent to a security processor on the first system. The first security processor decrypts the encrypted license blob, validates the sub-license request, and if allowed, creates a sub-license to allow the second system to play the content. The first security processor sends the sub-license to a security processor on the second system. The first system provides access to the content to the second system for future playback according to the sub-license. | 10-24-2013 |
20130291116 | Method for External Storage of Medical Device Program Design Parameters - Many electronic medical devices include program design features that direct the operation of the device. The program design features of most electronic medical devices reside in the device itself and therefore are easily discovered by reverse engineering. In most cases, however, these features can be introduced into the device from an external source for only so long as necessary for each operation of the device, thereby making the reverse engineering of these features more difficult (or even impossible) and preserving a greater degree of design secrecy. | 10-31-2013 |
20130291117 | PROTECTING ADDRESS RESOLUTION PROTOCOL NEIGHBOR DISCOVERY CACHE AGAINST DENIAL OF SERVICE ATTACKS - In one embodiment, a device (e.g., switch or registry) maintains a binding table for all internet protocol (IP) addresses in a particular subnet associated with the device, and in response to receiving a neighbor solicitation (NS) lookup message from a router for a particular address, determines whether the particular address is within the binding table. When the particular address is not within the binding table, the device causes the router to not store the particular address in a neighbor discovery (ND) cache at the router (e.g., by responding to clear the cache, or ignoring to prevent state from being created). In another embodiment, the ND-requesting router ensures that the particular address is not kept in an ND cache at the router in response to the device indicating that the particular address is not within its binding table (e.g., an explicit response to clear, or absence of instruction to store state). | 10-31-2013 |
20130291118 | PROTECTING PRIVACY DATA IN MAPREDUCE SYSTEM - A method for protecting privacy data in a MapReduce system comprising a private subsystem and a public subsystem includes receiving a MapReduce program to be executed in the MapReduce system, wherein the MapReduce program contains instructions that designate the privacy property of the input and output data of a Map function and the output data of a Reduce function; detecting the privacy property of the input and output data of the Map function and the output data of the Reduce function prior to execution of the MapReduce program; and assigning the data for processing by the private subsystem and the public subsystem based on the detected privacy property, wherein the data of which the privacy property is private are assigned to the private subsystem. | 10-31-2013 |
20130291119 | PACKAGED DIGITAL RIGHTS MESSAGING - A method for adding digital personalization to a digital asset is provided. The addition of digital personalization to a digital asset allows a distributor of digital assets to include packaged digital rights messaging to their products. A consumer's personal information is inserted into a scripted message which includes a reminder of their copyright obligation. The personalization can also include an encoded asset identification which is not visible to the casual consumer. The asset is provided without the usual rights management restrictions. | 10-31-2013 |
20130298246 | OBFUSCATING ENTRY OF SENSITIVE INFORMATION - A method, system, and computer program product for obfuscating entry of information are provided in the illustrative embodiments. A set of additional aspects to be applied to a part of an input is communicated to a provider of the input. The set of additional aspects is distinct from a second set of additional aspects to be applied to another input. An obfuscated input corresponding to the part of the input is received. A subset of the set of additional aspects is present in the obfuscated input. The part of the input from the obfuscated input is recovered by removing, using a processor and a memory, the subset of the set of additional aspects from the obfuscated input. An entry field input corresponding to the input is generated. The entry field input is sent to an application executing in a data processing system. | 11-07-2013 |
20130298247 | Method And Apparatus For User Information Exchange - Methods and apparatus for negotiation of data sharing arrangements. A user profile vector comprising user data is defined according to user selections and privacy and cost information relating to the user profile vector are computed. The user profile vector and service provider data requests by service providers are compared, and data sharing arrangements are entered into when a match is identified between the user profile vector and a provider data request. Data collection and sharing is conducted in accordance with the arrangements. | 11-07-2013 |
20130298248 | METHOD AND APPARATUS FOR PROVIDING LOCATION PRIVACY - An approach is provided for providing real-time controlled location privacy as the location evolves, and providing a user with alternate routes and applications depending on the level of desired location privacy. A location privacy platform determines at least one location associated with at least one device. The location privacy platform also processes and/or facilitates a processing of contextual information associated with the at least one location, the at least one device, one or more applications associated with the at least one device, or a combination thereof to determine one or more privacy metrics for the one or more applications with respect to the at least one location; wherein the one or more privacy metrics relate, at least in part, to an exposure of user data by the one or more applications at the at least one location. | 11-07-2013 |
20130298249 | STEGANOGRAPHIC TECHNIQUES FOR SECURELY DELIVERING ELECTRONIC DIGITAL RIGHTS MANAGEMENT CONTROL INFORMATION OVER INSECURE COMMUNICATION CHANNELS - Electronic steganographic techniques can be used to encode a rights management control signal onto an information signal carried over an insecure communications channel. Steganographic techniques ensure that the digital control information is substantially invisibly and substantially indelibly carried by the information signal. These techniques can provide end-to-end rights management protection of an information signal irrespective of transformations between analog and digital. An electronic appliance can recover the control information and use it for electronic rights management to provide compatibility with a Virtual Distribution Environment. In one example, the system encodes low data rate pointers within high bandwidth time periods of the content signal to improve overall control information read/seek times. | 11-07-2013 |
20130298250 | Systems, Methods, and Apparatus to Virtualize TPM Accesses - Embodiments of system, method, and apparatus for virtualizing TPM accesses is described. In some embodiments, an apparatus including a CPU core to execute a software program, a manageability engine coupled to the CPU core, the manageability engine to receive a trusted platform module (TPM) command requested by the software program and to process the TPM command utilizing a manageability firmware by at least creating a TPM network packet, and a network interface coupled to the manageability engine to transmit the TPM network packet to a remote TPM that is external to the apparatus for processing is utilized as a part of this virtualization process. | 11-07-2013 |
20130298251 | Method and Apparatus for Secure Execution Using a Secure Memory Partition - A processor capable of secure execution. The processor contains an execution unit and secure partition logic that secures a partition in memory. The processor also contains cryptographic logic coupled to the execution unit that encrypts and decrypts secure data and code. | 11-07-2013 |
20130298252 | SYSTEM FOR MECHANICAL AND ELECTRONIC PROTECTION OF SAFE EQUIPMENT - The present invention provides the mechanical positioning of electronic circuits, mounted on rigid printed circuit boards or flexible circuits, creating a protected region within a Safe Equipment, so that an action to attempt to invade or violate this area of the equipment will trigger an alarm that triggers the blocking of the equipment use, instantly erasing the safety keys of the safe equipment; to avoid this possibility, the invention provides a region completely surrounded by protection circuits and sensors surrounding the sensitive part of the device with alarm devices. | 11-07-2013 |
20130298253 | METHOD AND APPARATUS FOR TRANSMITTING AND RECEIVING MESSAGE FOR DOWNLOADABLE CAS OR DRM IN MMT - A method for transmitting and receiving a message for Downloadable-Conditional Access System (D-CAS) or Downloadable-Digital Rights Management (D-DRM) in Moving Picture Experts Group Media Transport (MMT) is provided. The method includes, upon receiving Composition Information (CI) from an MMT server, acquiring signaling information for D-CAS or D-DRM, which is included in the CI, acquiring, from the signaling information, an address of a server from which software of D-CAS or D-DRM is downloadable, generating a request for the software based on the signaling information, and sending the request for the software to the server address. | 11-07-2013 |
20130298254 | METHODS AND SYSTEMS FOR DETECTING SUSPECTED DATA LEAKAGE USING TRAFFIC SAMPLES - Methods and systems for detecting suspected data leakage in a network that includes a plurality of networked devices is described herein. A packet is received from a networked device of the plurality of networked devices. It is determined that the packet includes sampled traffic data. The sampled traffic data includes a sample of a packet constituting network traffic through the networked device, and the sample includes payload data from the packet constituting network traffic. The payload data of the sampled traffic data is analyzed. It is determined whether sensitive data is detected in the payload data of the sampled traffic data. | 11-07-2013 |
20130298255 | SYSTEM AND METHOD FOR DEFINING PROGRAMMABLE PROCESSING STEPS APPLIED WHEN PROTECTING THE DATA - Systems and methods for protecting data being sent between a client and a server include the capability of defining programmable processing steps that are applied by the server when protecting the data and the same steps are applied by the client when unprotecting the data. The programmable processing steps can be defined uniquely for each client, and the programmable processing steps are selected from a number of functions using sequencing data that defines the processing steps. The programmable processing steps allow for each client to process encrypted data in a different manner and the programmable processing steps are defined by what is called a digital rights management (DRM) Sequencing Key, and as such the system and method introduces a key-able DRM whereby each DRM message can be processed in a unique (or pseudo unique) manner. | 11-07-2013 |
20130298256 | SYSTEMS AND METHODS FOR MONITORING AND MITIGATING INFORMATION LEAKS - Systems and methods are disclosed for determining whether a third party observer could determine that an organization has an intent with respect to subject matter based on the organization's web activity. The determination that there is a risk of information leaks to the third party observer can be completed by analyzing the entropy of web usage information destined for the third party observer's servers. Systems and methods are also disclosed for mitigating the risk of information leaks by obscuring the organization's web activity. The web activity can be obscured by selecting candidate actions that can be used to generate neutralizing web traffic from the organization's network which will obscure an intent with respect to a particular subject matter. For example, the candidate actions can identify specific queries, links, or actions that the organization can take to neutralize their web activity to a less remarkable point in the search space. | 11-07-2013 |
20130305378 | METHOD AND SYSTEM FOR ESTABLISHING TRUST BETWEEN A SERVICE PROVIDER AND A CLIENT OF THE SERVICE PROVIDER - Trust is established between a service provider ( | 11-14-2013 |
20130305379 | Methods and Systems for Providing a Notification of a Compliance Level of an Application With Respect to a Privacy Profile Associated With a User - An exemplary method includes an application management system 1) detecting a request provided by a user to install an application on a user device, 2) identifying a plurality of privacy attributes of the application, 3) determining, based on the identified privacy attributes, a compliance level of the application with respect to a privacy profile associated with the user, the compliance level representing a degree to which the application complies with the privacy profile associated with the user, and 4) directing, prior to the installation of the application, the user device to present a graphic that represents the determined compliance level of the application. Corresponding methods and systems are also disclosed. | 11-14-2013 |
20130305380 | METHODS AND DEVICES FOR 3D OBJECT PROTECTION USING SURFACE SUBDIVISION - A method of protecting a graphical object represented by a list of vertices and a list of surfaces, each surface being defined by a number N vertices. A device selects a surface S with N vertices; computes a new vertex d using a random or pseudo-random function; inserts the new vertex d into the list of vertices; creates N new surfaces S | 11-14-2013 |
20130305381 | ELECTRONIC COPYRIGHT LICENSE REPOSITORY - A content distribution system for transporting audio or video licenses between content players that use digital rights management (DRM) is disclosed. The content distribution system includes at least a second license repository and an authentication engine. The second license repository receives second information describing a second plurality of content licenses. A first license repository stores a first plurality of content licenses. The first plurality of content licenses enables use of a plurality of content objects with a first content player within confines of DRM. The second license repository is geographically distant from the first license repository. The authentication engine authorizes the second plurality of content licenses of the second license repository. The second plurality of content licenses enables use of the plurality of content objects with the second content player within the confines of DRM. | 11-14-2013 |
20130305382 | SYSTEMS AND METHODS PROVIDING A SEPARABLE DIGITAL RIGHTS MANAGEMENT APPLICATION - Systems and methods providing content having digital rights management (DRM) applications separable from other authorization applications are provided. A system may include a distribution service provider system in communication with a content provider system and consumer premise equipment (CPE) for the transmission of content from the content provider system to the CPE device. The distribution service provider system may: receive A/V content provided by the content provider system, wherein the A/V content includes a DRM application; apply a conditional access system (CAS) application to the A/V content that is independent of the DRM application; and transmit the A/V content including the CAS and the DRM applications to the CPE for presentation. The CPE device can perform DRM authorizations with the content provider or a third-party DRM provider. | 11-14-2013 |
20130305383 | SYSTEM AND METHOD TO PROTECT USER PRIVACY IN MULTIMEDIA UPLOADED TO INTERNET SITES - A system and method for protecting user privacy in multimedia uploaded to Internet sites. Briefly stated, the method includes receiving, by a server hosting an Internet privacy protection service, a media item of a subscriber of the service from a social networking service. The media item is encrypted using Digital Rights Management techniques. Policy determining who can view the media item is generated. The encrypted media item is securely stored in a cloud storage network. Storage information, including a URL of the secure storage location for the encrypted media item, is received by the Internet privacy protection service from the cloud storage network. The Internet privacy protection service generates a proxy image by encoding the URL into the proxy image using a bar code. The Internet privacy protection service uploads the proxy image to the subscriber's social networking service account on the social networking service. | 11-14-2013 |
20130312105 | CLASSIFICATION OF AN ELECTRONIC DOCUMENT - A computer receives an electronic document that includes a group of terms. The computer sends the electronic document to an information extraction program that extracts specific terms from the group of terms. Each of the specific terms that match to a certain extent with one of the attribute values in an electronic dictionary is identified. A value associated with the electronic document is generated based on the specific terms that match, and on an end-user that is attempting to access the electronic document. | 11-21-2013 |
20130312106 | Selective Remote Wipe - Methods and devices for connecting a mobile device with different data storage devices located either locally or remotely are provided. The device may apply one or more rules to create a hierarchical virtualization of the several data storage devices. The virtualization may then be provided to the user as a single, hierarchical file system. Further, a monitoring system may monitor the file system to determine if any new applications have been installed or if applications are currently being executed. If a connection is made to a secure network, the system may provide the information derived from the monitoring to the secure network. The secure network can then analyze the information to determine if any of the applications should be uninstalled from the device or should be stopped while the device is connected to the network. | 11-21-2013 |
20130312107 | CLASSIFICATION OF AN ELECTRONIC DOCUMENT - A computer receives an electronic document that includes a group of terms. The computer sends the electronic document to an information extraction program that extracts specific terms from the group of terms. Each of the specific terms that match to a certain extent with one of the attribute values in an electronic dictionary is identified. A value associated with the electronic document is generated based on the specific terms that match, and on an end-user that is attempting to access the electronic document. | 11-21-2013 |
20130312108 | ANONYMOUS PERSONALIZED RECOMMENDATION METHOD - A computer-implemented method for an anonymous personalized recommendation is provided. The method includes receiving select server fingerprints selected from server fingerprints based on predetermined metrics. The server fingerprints correspond to a plurality of public entities and each server fingerprint includes encoded information about a corresponding public entity. The method also includes generating a user fingerprint based on user information associated with a user, the user fingerprint comprising encoded user information. The method further includes comparing the user fingerprint with the select server fingerprints to select a server fingerprint for recommendation, generating a recommendation of a public entity corresponding to the server fingerprint for recommendation, and displaying the recommendation. Systems and machine-readable media are also provided. | 11-21-2013 |
20130312109 | SECURING SENSITIVE DATA FOR CLOUD COMPUTING - A method and associated system for securing sensitive data in a cloud computing environment. A system has proprietary data as a record stored in a database. The system associates a hashing directive with the record prior to sending the data out to a cloud for computing services. The hashing directive classifies each data field of the record into sensitive and transactional. The hashing directive controls a mode of hashing, either one-way hashing or two-way hashing for each sensitive data field associated with the hashing directive. A cloud receives the record secured according to the hashing directive and process the record to generate a result value for a cloud process result field of the record. The system reconstitutes the record the record according to the mode of hashing indicated in the hashing directive. | 11-21-2013 |
20130312110 | PROTECTION OF APPLETS AGAINST HIDDEN-CHANNEL ANALYSES - The invention relates in particular to an electronic device equipped with a virtual machine for executing an applet. The virtual machine is arranged so as to recognize the instructions of the applet and to execute a code corresponding to each instruction. The virtual machine comprises an association module arranged so as to associate several distinct but operationally identical codes with one and the same instruction, and a selection module arranged so as to select the code to be executed for said instruction in a random manner. The invention also relates to a method of securing a counter-electronic device against hidden-channel attacks. | 11-21-2013 |
20130318618 | SYSTEMS AND METHODS FOR SECURING INFORMATION BY HIDING IDENTITY ON A COMPUTING DEVICE - A mechanism for securing information by hiding identity in a computing device is disclosed. A method includes generating, by a computing device, a dummy profile of the computing device. The dummy profile is a clone of a home profile stored in the computing device and the home profile is assigned to a user authorized to use the computing device. The method also includes altering, based on instructions from the user, the dummy profile to remove data that the user indicates is not to be included in the dummy profile. The method further includes switching a current operating profile of the computing device from the home profile to the dummy profile and executing the computing device in a normal operation mode using the dummy profile. | 11-28-2013 |
20130318619 | ENCAPSULATED SECURITY TOKENS FOR ELECTRONIC TRANSACTIONS - Functional data for use in one or more digital transactions is secured by using an encapsulated security token (EST). In certain embodiments, the EST is created by encapsulating digital data including the functional data using at least two digital signature systems of two parties. The encapsulation and subsequent de-encapsulation can utilize digital signature systems of the parties that involve a private key for encapsulation and a public key for de-encapsulation. If constructed carefully over a series of rigorous events, the resulting EST can be practically impossible to counterfeit. In addition, a propagation of rights can be tracked for auditing and rights can be easily terminated or modified. | 11-28-2013 |
20130318620 | LOCATION-BASED RECOVERY DEVICE AND RISK MANAGEMENT SYSTEM FOR PORTABLE COMPUTING DEVICES AND DATA - A device and software utilizing Global Positioning Satellite (GPS) technologies for monitoring and recovering portable computing devices and, a method and system for acquiring such devices, protecting data on such devices, and for compensating owners of devices. A GPS mechanism of the invention provides real time tracking of missing devices that may be coordinated with security agencies to intercept and recover missing computing devices. When a stolen device is unrecoverable, the invention may receive a signal to initiate data recovery where a wireless network is available to recover data for the owner. Alternatively, the GPS mechanism instructs the device to encrypt or destroy stored data files to prevent commercial espionage or privacy violations. The invention discloses a software system and method for computing a purchase price of the GPS mechanism, computing compensation for loss of the device and lost data. | 11-28-2013 |
20130318621 | System and Method for Providing Information Access on a Portable Device - A system and method of providing information stored in a memory is provided. The system comprises an information repository for storing information and an access module for providing access to the information in response to a predetermined operation performed on a man-machine interface. The method includes the steps of storing information in a memory and providing access to the information in dependence upon at least one predetermined operation. | 11-28-2013 |
20130318622 | PRIVATE INFORMATION SHARING SYSTEM - A computerized method and apparatus are established to identify a subject of common interest among multiple parties without releasing the true identity of any subject. Furthermore, a computerized network provides different parties at different locations with a mechanism to conduct cooperative activities concerning such a subject of common interest without exposing that subject to possible identity theft. | 11-28-2013 |
20130318623 | RISK-MANAGEMENT DEVICE - A risk management device includes a memory for storing actual total loss amounts of N periods, and a processor connected to this memory. The processor is programmed to determine whether actual levels showing confidence intervals of actual total loss amounts in a total loss amount distribution calculated by the risk weighing device follow a uniform distribution on an interval [0,1], by a goodness-of-fit test using order statistics for a uniform distribution. | 11-28-2013 |
20130318624 | METHOD AND DEVICE FOR CONTROLLING DISTRIBUTION OF LICENSES - A method for controlling distribution of licenses, a license being for an excerpt of a content item, the content item comprising a set of continuous units, each excerpt comprising a subset of the set of continuous units, A device receives an identifier of a receiver of a license, and the license or a request to generate the license, the license or the request to generate the license comprising a content identifier and at least one indicator of the units covered by the license; retrieves stored information regarding licenses previously delivered to the receiver; compares a limit value for the content item with the stored information combined with information from the license or the request to generate the license; and allows the receiver access to the license only if the limit value is not exceeded by the stored information combined with information from the license or the request to generate the license Also provided is the device. | 11-28-2013 |
20130326628 | ELECTRONIC DEVICE - According to one embodiment, an electronic device including, an acquiring module configured to acquire, via the external device, contents which are held in a contents holding medium and which are protected by the first contents protection scheme, and an output module configured to convert the acquired contents protected by the first contents protection scheme to the second contents protection scheme and then outputs the contents to the external device by the second contents protection scheme. | 12-05-2013 |
20130326629 | METHOD AND APPARATUS FOR MANAGING THE PRIVACY AND DISCLOSURE OF LOCATION INFORMATION - An approach for managing the privacy and disclosure of location information associated with a computer system. For one aspect, a request is received from a requestor for a location property associated with a location of a computer system. It is then determined whether a privacy preference associated with the requestor has been specified. If not, a user may be prompted to supply privacy preferences associated with the requestor. The privacy preferences are then applied to determine whether or not to provide the requested information. A user setting, such as a basic input-output system memory location setting, may also be implemented to enable and/or disable location-aware computing. | 12-05-2013 |
20130326630 | PRE-PROCESSOR FOR PHYSICAL LAYER SECURITY - Systems and methods of secure data exchange are disclosed. One such method includes obtaining user data at a physical layer of a transmitter and securing the user data at the physical layer. The user data is secured by processing the user data with a series of non-recursive convolutional encoders interspersed with one or more bit-level permuters. The secured user data is transmitted. | 12-05-2013 |
20130326631 | LAWFUL INTERCEPTION FOR LOCAL SELECTED IP TRAFFIC OFFLOAD AND LOCAL IP ACCESS PERFORMED AT A NON-CORE GATEWAY - Systems, methods, and instrumentalities are described to implement reporting of surveillance information associated with a device. A gateway device may intercept a communication associated with the device. The gateway device may route the communication such that the communication bypasses a core network. The gateway device may report information associated with the communication to a core network entity. The gateway device may receive a command message. The command message may include a request for a surveillance status of the device. The gateway device may send a response message. The response message may indicate a surveillance status of the device. The gateway device may receive an activate surveillance signal for the device. The gateway device may receive a deactivate surveillance signal for the device. Upon receiving the deactivate surveillance signal, the gateway device may stop further reporting. | 12-05-2013 |
20130326632 | Security Within Integrated Circuits - A method for hindering detection of information unintentionally leaked from a secret held in a memory unit is described, the method including receiving a triggering event waiting for at least a first amount of time to pass after the receipt of the triggering event, the memory unit being in a non-operational state during the at least a first amount of time after the at least a first amount of time has passed, changing at least one first condition under which the memory unit operates, thereby causing the memory unit to enter an operational state, waiting for a second amount of time to pass after the changing at least one first condition, and changing, after the second amount of time, at least one second condition under which the memory unit operates, thereby causing the memory unit to enter the non-operational state, wherein access to the secret information is enabled only during the second amount of time, and detection of secret information unintentionally leaked is limited during the first amount of time. Related apparatus and methods are also described. | 12-05-2013 |
20130326633 | LONG-TERM SIGNATURE TERMINAL, LONG-TERM SIGNATURE SERVER, LONG-TERM SIGNATURE TERMINAL PROGRAM, AND LONG-TERM SIGNATURE SERVER PROGRAM - A long-term signature system | 12-05-2013 |
20130333046 | SYSTEM AND METHOD OF AUTOMATICALLY DETECTING OUTLIERS IN USAGE PATTERNS - A system and method for detecting an outlier in a usage pattern comprises a computer accessible to perform an operation. The system includes an audit forensics engine having an outlier detection module. When an instance occurs where the operation is performed, audit trail data is captured related to the operation. The outlier detection module determines for the instance where the operation is performed whether the instance is an outlier in a usage pattern based on a comparison of the audit trail data to the usage pattern. | 12-12-2013 |
20130333047 | ELECTRONIC COMMUNICATION SECURITY SYSTEMS - Embodiments of the invention relate to methods increasing the security of electronic messages. | 12-12-2013 |
20130333048 | IDENTITY MANIPULATION DETECTION SYSTEM AND METHOD - The present invention provides, in at least one embodiment, a device, system, and method for resolving the identity of at least one person and listing their identity information attributes. The system detects intentional and improper falsifications of the person's personal identity information. The system calculates a manipulation score that indicates the likelihood that the person intentionally and improperly attempted to manipulate their identity information. The manipulation score can be based on the number, type, and systematic nature of the person's variations in their identity information. The system also calculates a collection of identity manipulation attributes that describe explicitly the manner of the improper manipulation, such as the number of Social Security numbers used. | 12-12-2013 |
20130333049 | DATA PROTECTION METHOD FOR PORTABLE ELECTRONIC DEVICE AND COMPUTER PROGRAM PRODUCT FOR THE SAME - A data protection method for a portable electronic device and a computer program product for the same are applicable to a portable electronic device operating on a Linux operating system. A storage region of the portable electronic device is partitioned to provide a specific partition for storing data to be protected. The specific partition will be mounted, and the data to be protected will be displayed, only if the data to be protected contains an execution command, otherwise the specific partition will be unmounted. Hence, the specific partition is only available when it is confirmed that the data to be protected contains an execution command. Accordingly, unspecific commands, such as file browsing, cannot enable the mounting of the specific partition, thereby hiding the specific partition and enhancing the security of the data to be protected. | 12-12-2013 |
20130333050 | METHOD FOR PRODUCING A SECURED DATA OBJECT AND SYSTEM - A method is provided for producing a secured data object by means of a data processing device. The method includes: generating a data representation value in each case at the end of an interval having a first interval length which is assigned to the data sets of the respective interval of first length, receiving a first time stamp assigned to the respective data representation value, storing the respective data representation value together with the assigned first time stamp, generating an interval representation value in each case at the end of an interval having a second interval length which is greater than the first interval length which is assigned to the data representation values of the respective interval of second length, receiving a second time stamp assigned to the respective interval representation value and storing the respective interval representation value together with the associated second time stamp. | 12-12-2013 |
20130333051 | RANDOM VALUE IDENTIFICATION DEVICE, RANDOM VALUE IDENTIFICATION SYSTEM, AND RANDOM VALUE IDENTIFICATION METHOD - When concealing the value of original data by adding a random value to the value of the original data, this random value identification device acquires a user identifier and an attribute name of an attribute of information relating to a user, identifies the correlation between the attributes indicated by the attribute name, acquires at least one attribute value of the attributes of the user identified by the user identifier, and generates a random number for each attribute within a random value range identified on the basis of the identified correlation and the acquired attribute value. | 12-12-2013 |
20130340085 | MIGRATION BETWEEN DIGITAL RIGHTS MANAGEMENT SYSTEMS WITHOUT CONTENT REPACKAGING - Methods, computer-implemented systems, and apparatus provide for a DRM Migrator that extracts embedded first license information that enables licensed access to content according to a first licensing system. The DRM Migrator sends the first license information to a server compatible with a second licensing system. After sending the first license information to the server, the DRM Migrator receives second license information that enables an end user to create a request for a license that provides access to the content according to the second licensing system. Another embodiment of the DRM Migrator also receives the first license information from a source and generates the second license information. After generating the second license information, the DRM Migrator sends the second license information to the source to enable creation of a request for a license that provides access to the content according to the second licensing system. | 12-19-2013 |
20130340086 | METHOD AND APPARATUS FOR PROVIDING CONTEXTUAL DATA PRIVACY - An approach is presented for providing privacy protection for data associated with a user and/or a user device. The approach includes aggregating data associated with one or more modalities of a user device; determining one or more categories of richness for the data associated with each one of the one or more modalities, wherein the richness is indicative of one or more parameters associated with the data user information, or a combination thereof; and determining a user privacy vulnerability level based, at least in part, on the one or more categories of richness. | 12-19-2013 |
20130340087 | Software License Management - A method of managing a software license comprises loading a software program into volatile memory, obtaining authorization data, modifying a portion of the volatile memory relied upon by the program in accordance with the authorization data, executing the program, and causing the modifications to be deleted from the volatile memory. In some embodiments, selection criteria compared with the authorization data does not contain information corresponding to all of the content of the authorization data, thereby denying a software attacker the benefit of identifying and exploiting the selection criteria. | 12-19-2013 |
20130340088 | ANTI-MALWARE PROTECTION OPERATION WITH INSTRUCTION INCLUDED IN AN OPERAND - Disclosed is a system and method for extending anti-malware protection to systems having multiple storage devices, such as RAID. In embodiments, a trusted connection may be established between a host and a controller of the multiple storage devices. The trusted connection may use various information encryption techniques to undermine attempts by malware to preserve malware-infected locations on the storage devices by redirecting anti-malware protection related operations by the host. Through an encrypted and trusted connection between the host and a controller of the multiple storage devices, anti-virus and/or anti-malware software (hereinafter, AVS) may transmit encrypted anti-malware protection related operations to the controller of the multiple storage devices, overcoming detection and/or diversion by the malware. Other embodiments may be described and claimed. | 12-19-2013 |
20130347117 | AUTOMATED ACCOUNTS FOR MEDIA PLAYBACK - Content stored on a server may be selected using a user device and enabled on a central device. The identity of the central device may be authenticated without transmitting user credentials corresponding to the user, user device, user account, etc. A central device identifier can be sent to the server via the user device. An encrypted version of the central device identifier may be returned to the user device and to the central device. The central device can send the encrypted and unencrypted version of the identifier to the server, and the server can transmit the desired content to the remote device based on a comparison of the encrypted and unencrypted identifier. | 12-26-2013 |
20130347118 | LICENSE VERIFICATION METHOD AND APPARATUS, AND COMPUTER READABLE STORAGE MEDIUM STORING PROGRAM THEREFOR - A method and apparatus for verifying licenses of binary files and to a computer readable storage medium storing a program realizing license verification is provided. The method includes obtaining a binary file, extracting a character string to be searched for from the obtained binary file, and comparing the extracted character string against a knowledge base created according to a license to be verified, an apparatus capable of executing the license verification method, and a computer readable storage medium storing a program realizing the license verification method. | 12-26-2013 |
20130347119 | DATA PROCESSOR, COMMUNICATION DEVICE, DATA TRANSMISSION METHOD - According to one embodiment, a data processor includes: an accepting module configured to accept selection of a transmission destination device to which data is transmitted through a public network line in accordance with a technical standard for transmitting data protected by copyright protection technology, the transmission destination device currently existing in a given environment around the data processor not through the public network line; a first transmission processor configured to transmit a request for transmission of a device registration request including identification information for identifying the transmission destination device based on the technical standard, to the transmission destination device; a receiving module configured to receive the device registration request including the identification information from the transmission destination device; and a second transmission processor configured to transmit the data protected by the copyright protection technology to the transmission destination device identified by the identification information, through the public network line. | 12-26-2013 |
20130347120 | SECURE DATA STORAGE AND RETRIEVAL - A system for secure data processing can include an electronic data storage device and a field programmable gate array coupled to the electronic data storage device. The field programmable gate array can be configured to include a data storage section for performing a data storage operation and a data retrieval section for performing a data retrieval operation. The data storage operation can include obtaining a seed value and retrieving one or more algebraic operations based on the seed value. The storage operation can also include processing input data according to the one or more algebraic operations to generate pseudorandom output data, prepending the seed value to the output data and storing the output data in the electronic data storage device. | 12-26-2013 |
20130347121 | System and Method For Providing Conditional access to Server-based Applications From Remote Access Devices - Systems and methods are provided for providing users at remote access devices with conditional access to server-based applications. Requests for access to server-based applications (e.g., requests to launch or obtain data associated with the server-based applications) by remote access devices may be prevented or allowed based on device compliance with one or more policies including whether data-retention prevention code can be downloaded to and operational on the remote access devices. The data-retention prevention code may be used to both determine whether data can be automatically deleted from a cache or file directory at the remote access device and to delete potentially retention-sensitive data once the data is downloaded to the remote access device from the server-based application. | 12-26-2013 |
20130347122 | METHOD AND ARRANGEMENT FOR PROVIDING SECURITY THROUGH NETWORK ADDRESS TRANSLATIONS USING TUNNELING AND COMPENSATIONS - This invention provides a method for providing network security services, such as those provided by the IPSEC protocol, through network address translation (NAT). The method is based on determining the transformations that occur on a packet and compensating for the transformations. Because only TCP and UDP protocols work through NATs, the IPSEC AH/ESP packets are encapsulated into UDP packets for transport. Special operations are performed to allow reliable communications in such environments. | 12-26-2013 |
20130347123 | MEDIA DATA PROCESSING METHOD AND APPARATUS - Embodiments of the present invention provide a media data processing method and apparatus. The media data processing method includes: obtaining each media segment in a coding representation; and performing content protection processing on at least a part of media segments in the coding representation. In the embodiments of the present invention, a media segment in a coding representation is used as a unit of content protection, and the content protection may be performed on at least a part of media segments in the coding representation, so that protection manners of media segments in the coding representation are differentiated, so as to improve reliability and flexibility of performing the content protection on an HTTP streaming media service. | 12-26-2013 |
20140007245 | ENFORCING E-MEETING ATTENDEE GUIDELINES | 01-02-2014 |
20140007246 | DATA LEAK PROTECTION | 01-02-2014 |
20140007247 | Dynamic Security Question Compromise Checking Based on Incoming Social Network Postings | 01-02-2014 |
20140007248 | TIMER FOR HARDWARE PROTECTION OF VIRTUAL MACHINE MONITOR RUNTIME INTEGRITY WATCHER | 01-02-2014 |
20140007249 | Privacy Control in a Social Network | 01-02-2014 |
20140007250 | CONCEALING ACCESS PATTERNS TO ELECTRONIC DATA STORAGE FOR PRIVACY | 01-02-2014 |
20140007251 | METHOD FOR INTERCHANGING DATA IN A SECURE RUNTIME ENVIRONMENT | 01-02-2014 |
20140007252 | Change-Tolerant Method of Generating an Identifier for a Collection of Assets in a Computing Environment Using a Secret Sharing Scheme | 01-02-2014 |
20140007253 | GRADUATED AUTHENTICATION IN AN IDENTITY MANAGEMENT SYSTEM | 01-02-2014 |
20140013437 | METHOD AND APPARATUS FOR SECURE DISPLAY OF VISUAL CONTENT - Methods and apparatus for displaying visual content on a display such that the content is comprehensible only to an authorized user for a visual display system such as a computer, a television, a video player, a public display system (including but not limited to a movie theater), a mobile phone, an automated teller machine (ATM), voting booths, kiosks, security screening workstations, tactical displays and other systems where information is displayed for viewing. | 01-09-2014 |
20140013438 | PERMIT ISSUANCE APPARATUS AND PERMIT ISSUANCE METHOD - The present invention provides a permit issuance apparatus and a permit issuance method and program that enable a guarantee of the quality of mining results with respect to users in a case where a mining business uses disturbance attribute values to conduct data mining. The permit issuance apparatus and permit issuance method and program are configured so that in a case where a permit issuance request is received that requests the issuance of an acquisition certificate that indicates the granting of permission to acquire attributes, including at least attribute identification information for one or more attributes and disturbance information for those attributes, disturbance information corresponding to the attributes, which is a condition for granting permission to acquire those attributes, is generated on the basis of the received permit issuance request, and an acquisition certificate is transmitted that associates the attribute identification information and the disturbance information and includes the same. | 01-09-2014 |
20140013439 | SECRET SHARING SYSTEM, APPARATUS, AND STORAGE MEDIUM - According to one embodiment, a secret sharing system of an embodiment includes a secret sharing apparatus, a plurality of first storage server apparatuses, and at least one second storage server apparatus. Upon reception of a delete request transmitted from the secret sharing apparatus, each first storage server apparatus reads out, based on name information in the received delete request, storage position information associated with the name information from storage position information storing unit. Each first storage server apparatus deletes all of share information and copy information indicated by name information in the received delete request based on the readout storage position information. | 01-09-2014 |
20140020105 | Distributing Software Images with Mixed Licensing - A system, method, and computer-readable medium are disclosed for managing the licensing of digital assets associated with a system image. A system image is processed to identify digital asset identification information, which in turn is processed to determine whether its associated digital asset is available for licensing from a system manufacturer. If the digital asset could not be identified, or if it is unavailable for licensing from the system manufacturer, then it is marked as “custom.” Otherwise, it is marked as “available” and presented to a system purchaser. Any digital assets that the system purchaser elects to license are marked as “license” and all other digital assets are marked as “custom.” Digital assets marked as “license” are then licensed from the system manufacturer. Both licensed and “custom” digital assets are installed and their corresponding licenses are applied to the system image, which in turn is applied to the target system. | 01-16-2014 |
20140020106 | LINK ANALYSIS TOOL FOR SECURITY INFORMATION HANDLING SYSTEM - A security information handling system (IHS) receives a request to navigate to a webpage, such as a link, from a user IHS. A security IHS link analysis tool analyzes the link and determines if the link contains sensitive content. The security IHS link analysis tool transmits a network selection message to the user IHS indicating which network the user IHS should utilize based upon the content of the link. | 01-16-2014 |
20140020107 | DYNAMIC LICENSING - Dynamic licensing improves the utilization of licenses available within a computer network. License sinks, such as gateways, within a computer network may request licenses from a license source. The license source may be provisioned with a number of licenses from a secure fob plugged into the license source. If the license source has the number of licenses requested from the license sink, the license source may assign the licenses to the license sink. After a certain period of time, the license sink may renew the licenses or let the licenses return to the license source to be assigned to another license sink. The license requests may be passed through the network, including through a proxy and/or a relay, to a license server provisioned with licenses. Dynamic licensing software may execute as a service on each of the license sources and license sinks to pass dynamic licensing messages between devices. | 01-16-2014 |
20140020108 | SAFETY PROTOCOLS FOR MESSAGING SERVICE-ENABLED CLOUD SERVICES - In one embodiment, a cloud service interface | 01-16-2014 |
20140020109 | FILE MANIFEST FILTER FOR UNIDIRECTIONAL TRANSFER OF FILES - A manifest transfer engine for a one-way file transfer system is disclosed. The manifest transfer engine comprises a send side, a receive side, and a one-way data link enforcing unidirectional data flow from the send side to the receive side. The send side receives and stores a file manifest table from an administrator server. The send side also receives a file from a user and compares it with the file manifest table. Transfer of the file to the receive side via the one-way data link is allowed only when there is a match between the file and the file manifest table. In an alternative embodiment, the receive side instead receives and stores the file manifest table from the administrator server and compares it with the file received from the send side via the one-way data link to determine whether to allow transfer of the file. | 01-16-2014 |
20140020110 | LINK ANALYSIS TOOL FOR SECURITY INFORMATION HANDLING SYSTEM - A security information handling system (IHS) receives a request to navigate to a webpage, such as a link, from a user IHS. A security IHS link analysis tool analyzes the link and determines if the link contains sensitive content. The security IHS link analysis tool transmits a network selection message to the user IHS indicating which network the user IHS should utilize based upon the content of the link. | 01-16-2014 |
20140020111 | Signaling and Handling Content Encryption and Rights Management in Content Transport and Delivery - An apparatus comprising a memory, a processor coupled to the memory and configured to obtain a protection description for media content comprising a plurality of content items, wherein the protection description comprises data signaling at least two protection mechanisms for at least two content items in a media content, wherein each of the at least two content items is protected by one or more of the at least two protection mechanisms, and wherein the protection mechanisms for the at least two content items are different, determine the protection mechanisms for the at least two content items from the data, and process the at least two content items according to their associated protection mechanisms. | 01-16-2014 |
20140020112 | Method of Securing Memory Against Malicious Attack - A method and system for secure dynamic memory management using heap memory, or analogous dynamic memory allocation, that includes initializing a heap memory segment, having a plurality of buffers, within a random access memory. When an allocation request to store data in the heap memory segment is received, one of the buffers is randomly selected. Metadata, containing details of allocated and unallocated buffers of the heap memory segment, is then maintained in a portion of the memory separate from the heap object. According to certain embodiments, the secure heap of the present disclosure can securely implement the functions of those portions of the C/C++ stdlib library related to dynamic memory management, specifically malloc ( ) free ( ) and their variants. | 01-16-2014 |
20140026221 | DEFENSE AGAINST SEARCH ENGINE TRACKING - Techniques for enhancing electronic privacy utilize noise to prevent third parties from determining certain information based on search queries. Users submit search queries as part of their normal activities. For a user, the search queries submitted and information regarding search results used to generate additional search queries on different, but related topics. The generated additional search queries are submitted automatically on behalf of the user at a sufficient frequency to prevent high accuracy data analysis on search queries. | 01-23-2014 |
20140026222 | FRAMEWORK FOR PROVIDING ELECTRONIC LICENSES AND LICENSING PROGRAMS - Methods and system for providing licensing programs are provided. The electronic license may specify a number of available licenses based on the count property, a license model for calculating a number of used licenses based on the count type property, a number of available overdraft licenses based on the overdraft property, and an interval of available time within which return of a used license is accepted, based on the return interval property. The electronic license may then be distributed together with the licensing program to the licensee. A new electronic license can be deployed by the licensee without a need to update previously installed licensing program. The combination of count-related license properties may be applicable to a great variety of license models and deployments. | 01-23-2014 |
20140026223 | MOBILE DEVICE RECORDING - A method for recording between a first device and a second device includes, prior to establishing a connection for recording between the first and second devices, creating a list of trusted devices. Presence of the second device on the list indicates permission to record a communication between the first and second devices. The method further includes storing the list of trusted devices, wherein the list is accessible by the first device, establishing the connection for recording between the first and second devices, verifying by the first device that the second device is on the list of trusted second devices, and recording at least a portion of the communication between the first and second devices if indicated by a user of the first device without further input from a user of the second device. | 01-23-2014 |
20140026224 | ELECTRONIC DEVICE - An electronic device comprises an outer case, a wireless card reader and a signal processing device. The outer case comprises a door and a metal wall. The metal wall is disposed on a lateral side of the outer case and has an opening. The door is disposed on the metal wall and capable of covering the opening. The wireless card reader is inside the door and capable of transmitting wireless signals. The signal processing device has a case, a data storage device and a safety mechanism. The signal processing device is inside the outer case and is electrically connected to the wireless card reader. The signal processing device is capable of processing the data of wireless signals from the wireless card reader. When the case is dissembled, the safety mechanism destroys at least part of the data stored in the data storage device. | 01-23-2014 |
20140026225 | ELECTRONIC STORAGE DEVICE AND DATA PROTECTION METHOD THEREOF - An electronic storage device and a data protection method are provided. The electronic storage device is electrically connected to a host, and stores data of the host. The data protection method includes the following steps: providing a backup battery where the backup battery is configured inside the electronic storage device to provide electric power for an operation of the electronic storage device when the host does not provide electricity to the electronic storage device; setting a time setting value; transmitting a login event to the electronic storage device; and the electronic storage device determines whether to protect stored data in the electronic storage device according to the time setting value and the login event, wherein if a determination result is affirmative, the electronic storage device protects the stored data. | 01-23-2014 |
20140026226 | DEVICE, METHOD AND PROGRAM FOR PREVENTING INFORMATION LEAKAGE - Provided is a device for preventing information leakage including: a storage unit that stores message time, request source information, and request destination information in relation to each information requesting message; a unit that suspends a response message containing personal information in response messages in response to the information requesting messages, for a predetermined suspended time from a message time of the corresponding information requesting message; a unit that counts the number of information requesting messages transmitted from the same request source to the same destination and corresponding to the suspended response message on the basis of information stored in the storage unit; and a unit that, in the case where the counted number of the information requesting messages exceeds a predetermined threshold value, applies a protection process to the suspended response message so that the personal information contained in the suspended response message is not received by the request source. | 01-23-2014 |
20140026227 | METHOD FOR GENERATING A SECURE COPY OF MEDIA DATA - A system for transferring verified media data. The system comprising: an item of content storing the media data, and having an associated serial number; a computing device including a first storage device and a network interface; a secure copying application program; a secure copy of the media data generated by the secure copying application program and stored on the first storage device; a verification server including a serial number database and having a network connection to the computing device through the network interface, wherein the secure copying application program generates the secure copy after verifying the serial number is valid and active by communicating with the verification server; and a portable copy of the media data, including license information, generated from the secure copy by the secure copying application program. | 01-23-2014 |
20140033312 | METHODS AND SYSTEMS FOR DISTRIBUTING RIGHT-PROTECTED ASSET - A method includes allowing a right-protected asset to be shared by a first device with a second device while they are within a determinable proximity of one another. Subsequent to the sharing, an option to acquire the right-protected asset is presented to the second device when the first device and the second device are not within the determinable proximity of one another. | 01-30-2014 |
20140033313 | SOFTWARE SUITE ACTIVATION - A method and a system perform software suite activation. In some embodiments, a method includes installing a software suite having a number of software products onto a computer device. If a copy of one of the number of software products is already activated on the computer device, the installing includes deactivating a license of the copy of the one of the number of software products. Additionally, if a copy of one of the number of software products is already activated on the computer device, the installing includes adopting, by the software suite, the copy of the one of the number of software products. | 01-30-2014 |
20140033314 | VALIDATION OF FUNCTION CALL PARAMETERS - In one embodiment, a method of validating an input parameter to a function call is provided. In this method, the function call for a function is received, and this function call includes an input parameter. A validation rule associated with the function is accessed from a file that is located separately from the function itself. The input parameter then is validated based on the validation rule associated with the function, and the function may then be called based on the validation of the input parameter. | 01-30-2014 |
20140033315 | METHOD AND SYSTEM FOR ENFORCING A LICENSE DEPENDENCY RULE FOR A SOFTWARE APPLICATION - Methods and systems for enabling a software application that does not have independent licensing information are described. Consistent with some embodiments, a first software application is associated with a license dependency rule that indicates one or more other software applications that must be installed and activated in order for the first software application to be fully executed and used on the target computer system. A license manager module evaluates the license dependency rule, for example, by making remote license calls to verify the license status of the software applications identified in the license dependency rule. | 01-30-2014 |
20140033316 | TRUSTED SECURITY ZONE ACCESS TO PERIPHERAL DEVICES - A method of trusted data communication. The method comprises executing a data communication application in a trusted security zone of a processor, wherein the processor is a component of a computer, commanding a controller of a peripheral device to execute a control application in a trusted security zone of the controller, wherein the controller is a component of the computer, commanding at least one of another peripheral device or a user interface device to not access a data bus of the computer, verifying that the controller is executing the control application in the trusted security zone of the controller, sending data from the processor to the controller over the data bus of the computer, and the controller one of transmitting the data sent by the processor on an external communication link, reading a memory storage disk, or writing to a memory storage disk. | 01-30-2014 |
20140033317 | Authenticating Users For Accurate Online Audience Measurement - Online entities oftentimes desire to ascertain information about their audience members. To determine information about audience members and their activities, online transactions including information about transactions performed by audience members are collected. One or more audience analysis processes are applied to the online transactions to determine the collection of online transactions performed by a given audience member. With an accurate assignment of online transaction to the audience member, the audience member and associated transactions may be classified as a legitimate or illegitimate. | 01-30-2014 |
20140033318 | APPARATUS AND METHOD FOR MANAGING USIM DATA USING MOBILE TRUSTED MODULE - An apparatus manages universal subscriber identity module (USIM) data in a terminal using a mobile trusted module (MTM). The apparatus includes a mobile information storage unit configured to store at least one key and the USIM data in a protection region, an information security unit configured to protect information stored in a USIM and the terminal using at least one of the USIM data and the key stored in the mobile information storage unit, and a USIM data manager configured to restore at least one of the USIM data and the key stored in the mobile information storage unit to the USIM, and store at least one of USIM data and the key provided from the USIM in the mobile information storage unit. | 01-30-2014 |
20140033319 | Collecting Data from Processor-Based Devices - In accordance with some embodiments, information may be collected from processor-based devices after the processor-based devices have already been deployed. Moreover, in some cases, the information that is to be collected, the collection sources, and the handling of the data may be specified after the processor-based devices have already been deployed. | 01-30-2014 |
20140033320 | DOCUMENT ORIGIN DESIGNATOR - A document rights management system (DRM) defines an unrenderable origin designator in a media item that does not display or alter the physically rendered version of an instantiation of the media item. The unrenderable designator does not appear as an obscured or occluded feature in a printed or displayed versions. The rendered version is unaffected by the unrenderable designator because it does not result in any displayable features. The unrenderable designator is stored in a display list of the media item and appears as an attribute of objects such that the function to cause the display object to be undisplayable, or unrenderable, are not immediately apparent. The DRM system encodes a designator in an attribute of a display object for rendering according to a media rendering format such as PDF, such that the designator causes the display object to be unrenderable and indicates the origin of the media item. | 01-30-2014 |
20140041037 | DETECTING PIRATED APPLICATIONS - A method includes receiving a plurality of trusted assets, generating a first signature set for a known software application, and generating a second signature set for a subject software application. Each trusted asset is associated with at least a threshold number of trusted authors. Each signature in the first signature set corresponds to a known asset that is associated with the known software application. Each signature in the second signature set corresponds to a subject asset that is associated with the subject software application. The method further includes generating first and second filtered signature set based on the first and second signature sets, respectively, by excluding signatures corresponding to the trusted assets. The method also includes generating a similarity rating for the subject application based on a comparison of the first filtered signature set and the second filtered signature set. | 02-06-2014 |
20140041038 | RECEIVING INFORMATION ABOUT A USER FROM A THIRD PARTY APPLICATION BASED ON ACTION TYPES - A social networking system enables a third party application to request user data based on action types and aggregations of a user's data corresponding to an action type with respect to multiple objects. Users of the social networking system may provide privacy or accessibility of their information based on the action type associated with the information (e.g., a user may allow a particular application to access all actions of a certain type, regardless of the source of those actions). The third party application may use this accessed information to generate personalized content for a user based on aggregations of the user's data and then publish the personalized content back to the social networking system. | 02-06-2014 |
20140041039 | VECTORIAL PRIVATE EQUALITY TESTING - A system for equality testing, the system comprising a first client device including a first private data unit, a second client device including a second private data unit, and a server. The server receives a first obfuscated data unit corresponding to the first private data unit from the first client device, and a second obfuscated data unit corresponding to the second private data unit from the second client device. The server performs a vector calculation based on the first and second obfuscated data units to generate a combination of the first and second obfuscated data units. The server sends the combination to the first client device. The first client device is configured to determine whether the first private data unit is equal to the second private data unit based on the combination. | 02-06-2014 |
20140041040 | CREATING SECURE MULTIPARTY COMMUNICATION PRIMITIVES USING TRANSISTOR DELAY QUANTIZATION IN PUBLIC PHYSICALLY UNCLONABLE FUNCTIONS - A security method includes securely exchanging information related to delays of logic gates of a plurality of security primitives, and configuring a first and a second security primitive such that the delays associated with a subset of logic gates of the first and second security primitives match, for secure communication between the first and second security primitive. The security method may further include configuring the first security primitive and a third security primitive such that the delays associated with a subset of logic gates of the first and third security primitives match, for secure communication between the first and third security primitive. The security method may further include switching the configuration of the first security primitive in one clock cycle between the configuration for secure communication with the second security primitive and configuration for secure communication with the third security primitive. | 02-06-2014 |
20140041041 | METEOROLOGY AND OCEANOGRAPHY GEOSPATIAL ANALYSIS TOOLSET - System and method for providing access to ArcMap netCDF utilities and adding support for observational data to ArcMap including, but not limited to, comparing observational data to model data in a graphical manner, and maintaining the security classifications for each layer in ArcMap so that the highest security classification of the data being viewed is known at all times. | 02-06-2014 |
20140041042 | OBSTRUCTING USER CONTENT BASED ON LOCATION - Example embodiments disclosed herein relate to displaying private user content ( | 02-06-2014 |
20140047548 | Systems and Methods for Provisioning and Using Multiple Trusted Security Zones on an Electronic Device - A method of provisioning a subordinate trusted security zone in a processor having a trusted security zone. The method comprises receiving by a master trusted application executing in a master trusted security zone of the processor a request to provision a subordinate trusted security zone in the processor, wherein the request comprises a master trusted security zone key, wherein the request designates the subordinate trusted security zone, and wherein the request defines an independent key. The method further comprises provisioning by the master trusted application the subordinate trusted security zone to be accessible based on the independent key. | 02-13-2014 |
20140047549 | METHOD AND DEVICES FOR SELECTIVE RAM SCRAMBLING - A method for selectively scrambling data within a memory associated with a computing device based on data tagging. The computing device may define security domains that are protected. Data generated by an application may be packaged as a data bus transaction having tagging information describing the application and/or the data. The data bus transaction may be transmitted over a bus of the computing device to a memory, such as internal memory, where the computing device may compare the tagging information to stored information describing security domains. When the data is determined to be protected based on the tagging information, the computing device may perform scrambling operations on the data. In an aspect, the tagging information may describe a virtual machine used to execute various applications on a processor. In another aspect, the tagging information may define destination memory addresses or content protection bit values. | 02-13-2014 |
20140047550 | DISCRIMINATING DATA PROTECTION SYSTEM - A data protection system selectively deletes data from an electronic device when the device is reported as lost or stolen, or when another data protection triggering event occurs. Different data files may, for example, be treated differently depending on when such files were created. For example, data files that were created while the computing device was known to be in the owner's possession may be deleted, while data files created after the electronic device left the owner's possession may be left intact (since they may have been created by an innocent user). Data files created between these two points in time may be quarantined so that they later be restored, if appropriate. | 02-13-2014 |
20140047551 | PRIVACY FIREWALL - Embodiments of the invention relate to systems and methods for providing an anonymization engine. One embodiment of the present invention relates to a method comprising receiving a message directed at a recipient computer located outside a secure area by a privacy computer located within a secure area. The privacy computer may identify private information using a plurality of privacy rules and anonymize the message according to the plurality of privacy rules. Another embodiment may be directed to a method comprising receiving a request for sensitive data from a requesting computer. An anonymization computer may determine a sensitive data record associated with the request and may anonymize the sensitive data record by performing at least two of: removing unnecessary sensitive data entries from the sensitive data record, masking the sensitive data entries to maintain format, separating the sensitive data entries into associated data groupings, and de-contexting the data. | 02-13-2014 |
20140047552 | Methods, Systems, and Devices for Securing Content - Methods, systems, and devices secure content in memory. The content includes a lock that prohibits reading the content from memory until a date and time of expiration. However, early access to the content is available for a payment. | 02-13-2014 |
20140047553 | METHOD AND APPARATUS FOR DATA SECURITY READING - A method for data security reading includes steps of: receiving a hardware instruction; analyzing said hardware instruction; if said hardware instruction is a reading instruction, obtaining the source address in the reading instruction; searching a mapping bitmap and modifying the reading address in the reading instruction according to the data of the mapping bitmap, wherein the mapping bitmap is used to indicate whether the data stored in a local storage address is dumped to said security storage device; transmitting the modified reading instruction to a hardware layer. An apparatus for data security reading includes a receiving unit, an instruction analyzing unit, an instruction modifying unit and a transmitting unit. The Trojan horse or malicious tools cannot store or transmit the acquired information even if the secret information has been obtained, so that the data always exists in controllable security range. | 02-13-2014 |
20140053275 | System and Method for Secure File Transmission - Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for file transmission. In one aspect, a system includes at least one machine control system, having access to a first data storage; at least one service computer, having access to a second data storage; and a central computer having at least one virtual machine. The machine control system is connectable to the virtual machine via a first communication connection in a manner that files between the first data storage and a data storage, to which the virtual machine has access, are transmissible. The service computer is connectable to the virtual machine via a second communication connection, in a manner that the virtual machine can access the second data storage and can store there files of a transmission via the first communication connection or can read files for a transmission via the first communication connection. | 02-20-2014 |
20140053276 | SAFE DATA STORAGE METHOD AND DEVICE - A safe data storage method is disclosed, the method comprises the following steps: hardware instructions are received; the hardware instructions are analyzed; and if the hardware instructions are storage instructions, a target address in the storage instructions is modified to be the corresponding storage address in a storage apparatus; the modified storage instructions are sent to a hardware layer. A safe data storage device is also disclosed, the device comprises the following units: a receiving unit adapted for receiving hardware instructions; an instruction analyzing unit adapted for analyzing the hardware instructions and judging whether the hardware instructions are storage instructions; an instruction modifying unit adapted for modifying a target address in the storage instructions to be the corresponding storage address in a safe storage apparatus; a sending unit adapted for sending the modified storage instructions to a hardware layer. The technical scheme is able to implement the information persistence operation on the hardware layer i.e., instruction level data dump, trojans or malicious tools can not save the obtained information even if they obtain the secret related information so that the data is always within a controllable safety range. | 02-20-2014 |
20140059692 | SYSTEM AND METHOD FOR CROSS DOMAIN FLIGHT DATA IMPORT AND EXPORT - A computer system and method for automated export of classified flight data. The computer system can include a processor and a memory coupled to the processor. The memory can store software instructions that, when executed by the processor, cause the processor to perform operations. The operations can include receiving, in a classified security domain, a request for a dataset to be transmitted to an unclassified transponder device. A first subset and a second subset of the requested dataset can be determined such that the first subset contains classified data and the second subset contains unclassified data. An unclassified version of the first subset can be calculated by redacting non-geographic position (GPS) data and calculating a lower precision GPS value for GPS data. The unclassified version of the first subset can be combined with the unclassified second subset to create a downgraded dataset that can be transmitted to the transponder device. | 02-27-2014 |
20140059693 | ANONYMOUS SHIPMENT BROKERING - A request is received for a brokered shipment from a particular entity to an anonymous user. A shipping identifier is obtained from a shipping entity, on behalf of the particular entity, for the shipment from the particular entity to the anonymous user. The shipping identifier is communicated to the particular entity and the shipping identifier is associated with a unique user identifier unique, within a system, to a pairing of the anonymous user with the particular entity. Address information of the anonymous user is unknown to the particular entity, and address information is obtained from the shipping entity for the anonymous user. In some aspects, address information of the particular user is received from a second entity and applied to the shipment identifier in connection with delivery of the shipment to the particular user. | 02-27-2014 |
20140059694 | Privacy-Enhanced Car Data Distribution - In accordance with some embodiments, data may be collected from vehicles, and then reported to various subscribers with different levels of access privileges and pursuant different levels of security. In some embodiments, the data may be authenticated by a cloud service without revealing the identity of vehicle owner. This may provide enhanced privacy. At the same time, some types of the data may be encrypted for security and privacy reasons. Different information may be provided under different circumstances to different subscribers, such as the government, family members, location based services providers, etc. | 02-27-2014 |
20140059695 | SYSTEMS AND METHODS FOR MANAGING LOCATION DATA AND PROVIDING A PRIVACY FRAMEWORK - A computer-implemented method includes providing a user interface on an internet-protocol (IP) connected mobile device, the user interface configured to receive a user input corresponding to one or more data privacy parameters for geo-location data, and controlling a transferring of geo-location data to and from each of a plurality of mobile applications on the mobile device based on the user input. A change in one or more of the data privacy parameters can change how geo-location data is provided to each of the plurality of applications and can affect location data accuracy, location data reporting frequency, geo-functions, and more. The user interface can be configured to allow a user to view, manage, and delete a personal location history. Furthermore, one or more profiles can be associated with one or more of the plurality of mobile applications, where each of the one or more profiles is assigned individual data privacy parameters. | 02-27-2014 |
20140059696 | METHOD FOR REMOVING CUSTOMER PERSONAL INFORMATION FROM AN ELECTRONIC DEVICE - A system and method for processing electronic devices to determine removal of customer personal information (CPI). An electronic device is connected to a test device. A number of electronic devices including the electronic device are received for determining that the CPI is removed from a number of sources. The number of electronic devices include a number of makes and models of electronic devices. A determination of whether CPI is included on the electronic device is made. An identification of the electronic device is recorded in response to determining that CPI is included on the electronic device. The CPI is cleared form the electronic device in response to determining that the CPI is included on the electronic device. The identification of the electronic devices and metadata is reported in response to determining the CPI was included on the electronic device. | 02-27-2014 |
20140059697 | TESTING DEVICE FOR REMOVING CUSTOMER PERSONAL INFORMATION FROM AN ELECTRONIC DEVICE - A testing device, system, and method for removing customer personal information (CPI). The testing device includes a user interface for communicating information and receiving user input. The testing device also includes interfaces operable to communicate with the one or more electronic devices. The testing device also includes a memory configured to store a libraries providing information for removing CPI from electronic devices including a number of makes, models, and configurations. The testing device also includes logic operable to utilize the libraries to analyze CPI included on the one or more electronic devices, record an identification of the one or more electronic devices in response to determining the CPI is present on the one or more electronic devices, remove the CPI from the one or more electronic devices in response to determining the CPI is present on the one or more electronic devices, and report the identification and CPI information of the one or more electronic devices in response to determining the CPI was present on the one or more electronic devices. | 02-27-2014 |
20140059698 | INFORMATION PROCESSING DEVICE, LOCK CONTROLLING METHOD, AND LOCK CONTROLLING PROGRAM - In order to solve a problem in which the operation becomes complex when the user wants to view the data to which the lock is set, an information processing device includes lock temporal control means for bringing data which is locked into a lock canceled state based on a result of comparison between authentication request information input following a request for viewing the data and authentication information for canceling the lock, and display information creation means for creating display information to display the data brought into the lock canceled state, wherein the lock temporal control means locks the data brought into the lock canceled state again after the display information is displayed. | 02-27-2014 |
20140068777 | METHOD AND SYSTEM FOR DETECTING ANAMOLIES WITHIN VOLUMINOUS PRIVATE DATA - A method and a system for detecting anomalies within a voluminous private data are provided. The voluminous private data, including sensitive information corresponding to one or more objects within the voluminous private data is received. The sensitive information within the voluminous private data is identified, and identified sensitive information is modified to generate a modified voluminous private data. The sensitive information is marked in the modified voluminous private data to generate a marked voluminous private data. The anomaly within the marked voluminous private data is detected. | 03-06-2014 |
20140068778 | SECURING DATABASES AGAINST PIRACY ATTACKS - A database for location or geographic based services is secured by requiring location based requests to include a unique identifier that identifies the location as well as an authorization identifier associated with the location. The authorization identifier is information that is obtained by being physically present at the location, such as information from access points that are at the location or a position fix when present at the location. The authorization identifier may be non-unique but relatively time-invariant, making such information easily crowdsourced, but difficult to obtain unless physically present at the location. For example, the authorization identifier may be an SSID or a Beacon Frame, or a hash thereof from one or more devices at the location or a position fix. | 03-06-2014 |
20140068779 | SYSTEM AND METHOD FOR CREATING A SECURE CHANNEL FOR INTER-APPLICATION COMMUNICATION BASED ON INTENTS - System and method for creating a secure channel for inter-application communication based on the messaging system called Intents in the Android OS are disclosed. In one embodiment, an application for accessing a cloud-based storage platform triggers the broadcast of a custom Intent to all applications on a mobile device to detect an authorized application that is capable of interacting with the application. Once an authorized application is chosen, the application opens a secure channel for communication with the authorized application and passes encrypted data stream to the to the secure channel for access by the authorized application. | 03-06-2014 |
20140068780 | APPARATUS AND METHOD FOR REMOTELY DELETING CRITICAL INFORMATION - An apparatus and method for remotely deleting critical information is provided. The apparatus includes a storage unit, an identity determination unit, and a broadcast unit. The storage unit stores an input value and an output value for the input value with respect to a physically unclonable function (PUF) of each of a plurality of mobile terminals. The identity determination unit determines the identity of a corresponding mobile terminal based on received information about the loss of the mobile terminal. The broadcast unit extracts the input and output values of the PUF of the corresponding mobile terminal from the storage unit based on information transferred from the identity determination unit, and broadcasts the extracted input and output values to all the mobile terminals. | 03-06-2014 |
20140068781 | LOCATION-BASED RECOVERY DEVICE AND RISK MANAGEMENT SYSTEM FOR PORTABLE COMPUTING DEVICES AND DATA - A device and software utilizing Global Positioning Satellite (GPS) technologies for monitoring and recovering portable computing devices and, a method and system for acquiring such devices, protecting data on such devices, and for compensating owners of devices. A GPS mechanism of the invention provides real time tracking of missing devices that may be coordinated with security agencies to intercept and recover missing computing devices. When a stolen device is unrecoverable, the invention may receive a signal to initiate data recovery where a wireless network is available to recover data for the owner. Alternatively, the GPS mechanism instructs the device to encrypt or destroy stored data files to prevent commercial espionage or privacy violations. The invention discloses a software system and method for computing a purchase price of the GPS mechanism, computing compensation for loss of the device and lost data. | 03-06-2014 |
20140068782 | Persona-Notitia Intellection Codifier - A persona-notitia intellection codifier (P-NIC) server intelligently codifies and disburses personal user information from a user device (smartphone, laptop, etc.) to a multiplicity of designee devices. Masking Persona-Notitia Intellection Codes (a.k.a. PICs) are created that each stipulate control(s) and parametric limitation(s) for the associated one of a variety of personal user information. The Persona-Notitia Intellection Codifier (P-NIC) server rapidly produces a mask comprising a multiple bit “key” value (i.e., a persona-notitia intellection code (PIC)) that is uniquely distinguishable from every other PIC that's ever been generated for a given user. The value of the PIC is typically many bytes in length, and associates attributes to a unique key value that describes a desired subset of all the user's available personal user information to be unlocked by the key value (i.e., by the PIC). | 03-06-2014 |
20140068783 | DYNAMIC SELECTION OF AUTHORIZATION PROCESSES - Systems, methods, and software are disclosed herein for licensing applications using a preferred authorization process dynamically identified based on conditions associated with an initiation of an application. Authorization is then attempted using the preferred authorization process. In some examples, the preferred authorization process is selected from at least a keyless authorization process and a key-based authorization process. | 03-06-2014 |
20140068784 | SYSTEM AND METHOD FOR DYNAMIC SECURITY PROVISIONING OF COMPUTING RESOURCES - The present invention facilitates the dynamic provisioning of computing and data assets in a commodity computing environment. The invention provides a system and method for dynamically provisioning and de-provisioning computing resources based on multi-dimensional decision criteria. By employing specialized computing components configured to assess an asset and requestor of an asset, a provisioning engine is able to transform the input from the computing components into a specific configuration of computing resource provisioning and security controls. According to the rules and policies applying to a security domain, the provisioning engine may dynamically allocate computing resources in a manner that is both safe and efficient for the asset. | 03-06-2014 |
20140068785 | AUDITING ELECTRONIC DEVICES FOR CUSTOMER PERSONAL INFORMATION - A system, method, and auditing device for processing electronic devices to detect CPI. The auditing device may include a user interface for communicating information and receiving user input. The auditing device may also include a number of interfaces operable to communicate with the one or more electronic devices. The auditing device may also include a memory operable to store a plurality of libraries providing information for detecting CPI on a number of electronic devices including a number of makes, models, and configurations. The auditing device may also include logic operable to utilize the plurality of libraries to detect CPI included on the one or more electronic devices communicating with the testing device, record an identification of an electronic device in response to detecting the CPI is present on the electronic device, and store an alert associated with the identification indicating that CPI is present on the electronic device. | 03-06-2014 |
20140075565 | MULTI-TENANCY IDENTITY MANAGEMENT SYSTEM - A multi-tenant identity management (IDM) system enables IDM functions to be performed relative to various different customers' domains within a shared cloud computing environment and without replicating a separate IDM system for each separate domain. The IDM system can provide IDM functionality to service instances located within various different customers' domains while enforcing isolation between those domains. A cloud-wide identity store can contain identity information for multiple customers' domains, and a cloud-wide policy store can contain security policy information for multiple customers' domains. The multi-tenant IDM system can provide a delegation model in which a domain administrator can be appointed for each domain, and in which each domain administrator can delegate certain roles to other user identities belong to his domain. Service instance-specific administrators can be appointed by a domain administrator to administer to specific service instances within a domain. | 03-13-2014 |
20140075566 | Computer-Implemented Method and Apparatus for Encoding Natural-Language Text Content And/Or Detecting Plagiarism - A computer-implemented letter-based method of encoding a length-significant portion of natural language text to generate a letter-based fingerprint of the text portion, the method including detecting letter-based locations of occurrences of pre-determined single-letter and/or multi-letter pattern(s) within the length-significant portion, the detecting being carried out such that at least some occurrences are detected in a word-boundary independent manner that does not depend on locations of word-word boundaries, for a pattern occurrence letter-position signal which describes letter positions of the occurrences of the patterns within the text portion, computing frequency-dependent absolute or relative magnitudes of signal strength for a plurality of frequencies, the computed magnitudes representing letter-based frequencies of the pattern occurrences within the natural language text portion, and storing the computed signal strength magnitudes at the plurality of frequencies, the generated fingerprint comprising the stored signal strength magnitudes. Related apparatus and methods are also described. | 03-13-2014 |
20140075567 | Service Processor Configurations for Enhancing or Augmenting System Software of a Mobile Communications Device - A device comprising non-volatile memory capable of being partitioned into first and second partitions, the first partition for storing device system software, the second partition for storing a service processor and having one or more system execution properties for enhancing or augmenting the device system software, and comprising one or more processors for verifying integrity of the device system software using a first security element, verifying integrity of the service processor using a second security element, obtaining the service processor from the non-volatile memory, executing the obtained service processor, and updating, installing, removing, or modifying the service processor in the second partition of the non-volatile memory without affecting the device system software in the first partition. | 03-13-2014 |
20140082740 | COMPUTING SYSTEM WITH PRIVACY MECHANISM AND METHOD OF OPERATION THEREOF - A computing system includes: an initialization module configured to generate initial sharing options; a rating analysis module, coupled to the initialization module, configured to generate a privacy score and a benefit score with a control unit for one or more of the initial sharing options; a mapping module, coupled to the rating analysis module, configured to generate a map based on the initial sharing options, the privacy score, and the benefit score; and a tuning module, coupled to the mapping module, configured to: analyze an initial distribution of the map, and generate the tuned sharing options based on the initial distribution for displaying on a device. | 03-20-2014 |
20140082741 | DATA PROTECTION SYSTEMS AND METHODS - Systems and methods are provided for protecting electronic content from the time it is packaged through the time it is experienced by an end user. Protection against content misuse is accomplished using a combination of encryption, watermark screening, detection of invalid content processing software and hardware, and/or detection of invalid content flows. Encryption protects the secrecy of content while it is being transferred or stored. Watermark screening protects against the unauthorized use of content. Watermark screening is provided by invoking a filter module to examine content for the presence of a watermark before the content is delivered to output hardware or software. The filter module is operable to prevent delivery of the content to the output hardware or software if it detects a predefined protection mark. Invalid content processing software is detected by a monitoring mechanism that validates the software involved in processing protected electronic content. Invalid content flows can be detected by scanning the information passed across system interfaces for the attempted transfer of bit patterns that were released from an application and/or a piece of content management software. | 03-20-2014 |
20140082742 | Message Filtering System - A message filtering system is provided including a message management unit and a message monitoring unit in communication with the message management unit. The message management unit is configured to send and receive message over a network and to route messages to the message monitoring unit based on a message source, and the message monitoring unit is configured to parse the message and locate identifiers in the message and to re-route the message based on the identifier located in the message. | 03-20-2014 |
20140082743 | PRIVACY OF LOCATION INFORMATION - An arrangement for providing privacy settings for determining whether location information for a subscriber can be provided to a requesting party is described. The privacy settings are at least partially based on presence information for the subscriber. A gateway mobile location centre (GMLC) selectively provides the location information regarding subscribers on request, in accordance with the privacy settings. | 03-20-2014 |
20140090072 | System, Method, and Computer Program Product for Isolating a Device Associated with At Least Potential Data Leakage Activity, Based on User Input - A system, method, and computer program product are provided for isolating a device associated with at least potential data leakage activity, based on user input. In operation, at least potential data leakage activity associated with a device is identified. Furthermore, at least one action is performed to isolate the device, based on user input received utilizing a user interface. | 03-27-2014 |
20140090073 | Obscuring Sensitive Portions of Universal Resource Locator - Portions of a URL such as the query string are obscured or otherwise removed from view in the address bar of a browser or other application automatically by the receiving device employing obscuration rules, or upon command from an originating device sourcing the resource. | 03-27-2014 |
20140090074 | ENHANCED PRIVACY FOR PROVISION OF COMPUTER VISION - Methods, apparatuses and storage medium associated with providing enhanced privacy during usage of computer vision are disclosed. In embodiments, an apparatus may include one or more privacy indicators to indicate one or more privacy conditions of the apparatus in association with provision of computer vision on the apparatus. The apparatus may further include a privacy engine coupled with the one or more privacy indicators, and configured to pre-process images from an image source of the apparatus associated with the provision of computer vision to the apparatus, to increase privacy for a user of the apparatus, and to control the one or more privacy indicators. In embodiments, the apparatus may include means for blanking out one or more pixels with depth values identified as greater than a threshold. Other embodiments may be described and claimed. | 03-27-2014 |
20140090075 | FLEXIBLE CONTENT PROTECTION SYSTEM USING DOWNLOADABLE DRM MODULE - A secure platform is enabled in which DRM modules can be downloaded and securely installed onto a consumer electronic device, such as a TV. Downloadable DRM solutions are supported for CE manufacturers. The problem of making downloadable DRM modules operate securely on a trusted generic hardware platform without compromising the security of DRM systems is addressed. The downloadable DRM solution uses secure trusted computing-based mechanisms thereby enabling a service provider to perform remote static and dynamic (run-time) attestation of the downloaded DRM module and DRM license in the media device and of content protection application (CPA). | 03-27-2014 |
20140090076 | METHOD FOR DETECTING A POSSIBILITY OF AN UNAUTHORIZED TRANSMISSION OF A SPECIFIC DATUM - A tracing device for detecting whether a specific attribute datum has a possibility of being stolen is provided. The tracing device includes a label map and a first processing device, wherein the label map has a specific label attached on the specific attribute datum and a buffer region, and the first processing device is coupled to the label map and determines whether there is the specific label in the buffer region. | 03-27-2014 |
20140090077 | METHOD AND APPARATUS FOR APPLICATION MANAGEMENT IN USER DEVICE - The method and apparatus support signature-based application management that examines credibility of an application to be installed or executed and controls installation and execution accordingly. The application management method for a user device includes: receiving user input for installing an application; comparing signature information of the application with an authentication list stored in a signature information storage; preventing, when the signature information is present in a blacklist of the authentication list, installation of the application; initiating, when the signature information is present in a whitelist of the authentication list, installation of the application; and selectively performing, when the signature information is not present in either the blacklist or the whitelist, installation of the application according to user consent. | 03-27-2014 |
20140090078 | Generating Secure Device Secret Key - Methods, devices, systems and computer program products are provided to facilitate cryptographically secure retrieval of secret information that is embedded in a device. The embedded secret information can include a random number that is not custom-designed for any specific requestor of the secret information. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded secret information by only the requestor. Moreover, a need for maintenance of a database of the embedded secret information and the associated requestors is eliminated. | 03-27-2014 |
20140096259 | SECURE TRANSPORT OF WEB FORM SUBMISSIONS - Methods and systems for secure web form submission may implement one or more operations including, but not limited to: receiving web content including at least one web form from a web server at a client; determining a value of at least one web form submission security attribute of the at least one web form; and transmitting submission data associated with the at least one web form from the client to the web server according to the value of the web form submission security attribute. | 04-03-2014 |
20140096260 | SYSTEMS AND METHODS TO PROVIDE SECURE STORAGE - Systems and method to provide secure storage are disclosed. An example method includes establishing a secure tunnel between a storage device and an agent, transferring first data from the storage device to the agent via the secure tunnel, the secure tunnel to prevent software executing in an operating system from modifying the data, and identifying a data modification by comparing the first data to second data. | 04-03-2014 |
20140096261 | METHOD AND APPARATUS FOR PROVIDING PRIVACY POLICY FOR DATA STREAM - An approach for providing a privacy policy for a data stream is described. A privacy policy determination platform causes, at least in part, an interception of at least one data stream accessible to at least one processing element of a stream processing framework. The privacy policy determination platform also causes, at least in part, a parsing of the at least one data stream to determine privacy sensitive data associated with at least one user. The privacy policy determination platform further determines at least one privacy policy for the at least one user, the at least one processing element, the at least one data stream, or a combination thereof based, at least in part, on the privacy sensitive data. | 04-03-2014 |
20140096262 | METHODS, SYSTEMS, AND COMPUTER READABLE MEDIA FOR SECURELY COLLECTING, SAFEGUARDING, AND DISSEMINATING ELECTRONICALLY STORED INFORMATION - Applicant has created methods, systems, and computer readable media for securely collecting, safeguarding, and disseminating electronically stored information to facilitate an account owner's management of her personal, private, business, and legal documents. The method for safeguarding can include a double authentication process that only grants exclusive access to an account owner's encrypted information through the use of a uniquely generated security key. The method for collecting information can include a real-time encryption process to permit an account holder to securely upload and store electronic media in category-based compartmentalized locations. Further, the method can include a process for generating category-based advertisements through an integrated marketing platform with geo-fencing capabilities to facilitate the account owner's selection of a variety of services related to the stored information. Finally, the method for disseminating information can include authenticating a request to disseminate the stored information to one or more trustees. | 04-03-2014 |
20140101771 | FIELD DEVICE HAVING TAMPER ATTEMPT REPORTING - A method of tamper attempt reporting includes receiving a write attempt to configuration data stored within a field device in an industrial plant configured to run a process involving a plurality of physical process parameters including a network server, a plurality of processing units, and a plurality of field devices. The plurality of field devices include (i) a sensor for measuring at least one of the plurality of physical process parameters or (ii) an instrument for performing control output actions for at least one of the plurality of processing units. The plurality of field devices are in communication with at least one remote host system or device. The write attempt is automatically detected. An alert of the write attempt is automatically sent to at least the remote host system or device. | 04-10-2014 |
20140101772 | INPUT METHOD, INPUT APPARATUS, AND INPUT PROGRAM - An input apparatus includes an information storage unit which stores identification information of an application or a service and user information such that the identification information and the user information are correlated with each other, an input manipulation detecting unit which detects an input manipulation on an editable region in an image area of the application, a region detecting unit which detects editable regions included in the image area of the application, and a control unit which, if at least one of the detected editable regions includes a first region having a prescribed input attribute for input of first information in the user information, performs a control so that at least part of the user information is input using, as a reference, the first region or the editable region whether the input manipulation is detected. | 04-10-2014 |
20140101773 | SYSTEM, A METHOD AND A COMPUTER READABLE MEDIUM FOR TRANSMITTING AN ELECTRONIC FILE - Provided is an electronic file transmission system comprising a data acquiring section that acquires data including an electronic file that is created or attached by a first communication terminal; an extracting section that extracts from the data the electronic file and recipient identification information identifying a correct recipient of the electronic file; an encoding section that encodes the extracted electronic file; and a management information transmitting section that transmits, to a pass phrase management apparatus that transmits to a second communication terminal a pass phrase needed to decode the encoded electronic file, first file identification information identifying the encoded electronic file, the pass phrase, and the recipient identification information. | 04-10-2014 |
20140101774 | TRANSACTION GATEWAY - According to one aspect of an example, there is provided a transaction gateway in a first network for receiving a transaction from the first network and for sending the transaction to a transaction processor in a second network. The transaction gateway is arranged to identify restricted data in the transaction, to modify the received transaction by replacing identified restricted data with replacement data different to the identified restricted data, and to send the modified transaction to the transaction processor in the second network. | 04-10-2014 |
20140109231 | IMAGE PROCESSING DEVICE, IMAGE PROCESSING SYSTEM, IMAGE PROCESSING METHOD, AND PROGRAM - There is provided an image processing device including a photographic subject position acquisition unit that acquires position information of a photographic subject corresponding to a person image included in a photographic image, a transmission unit that transmits the position information of the photographic subject to an information processing device that compares the position information of the photographic subject with position information of a communication terminal transmitted from the communication terminal, and a determination unit that determines whether a process of protecting the person image is performed based on information according to a result of the comparison received from the information processing device. | 04-17-2014 |
20140109232 | METHOD AND APPARATUS FOR PROVIDING DRM SERVICE - An apparatus for providing a Digital Rights Management (DRM) service is provided. The apparatus includes a Media Presentation Description (MPD) information configurer for determining a DRM system required in each of representations of content provided by an adaptive streaming service, classifying the representations into one or more groups according to predetermined criteria, and configuring MPD information by inserting content protection information including representation group information representing classified groups and information about DRM systems corresponding to the representation group information; and a communication unit for transmitting the MPD information to a user terminal receiving the content. | 04-17-2014 |
20140109233 | RIGHTS OBJECT ACQUISITION METHOD OF MOBILE TERMINAL IN DIGITAL RIGHT MANAGEMENT SYSTEM - A rights objects acquisition method of a mobile terminal in a digital right management system is provided for acquiring multiple rights objects in a composite manner. An objects right acquisition method of a mobile terminal may include generating, in response to a group rights object (RO) acquisition command, a group rights object acquisition request with content identifiers assigned to individual contents corresponding to the rights objects indicated by the group rights object acquisition command, sending the group rights object acquisition request to a rights issuer; and receiving an group rights object acquisition response containing rights object identifiers assigned to the rights objects from the rights issuer. The present invention streamlines the RO acquisition process, especially when acquiring multiple ROs. | 04-17-2014 |
20140115708 | SECURE INFORMATION HANDLING SYSTEM MATRIX BAR CODE - An information handling system analyzes secondary information captured with an image of a two-dimensional barcode to perform a function. For example, a mobile phone camera captures an image of a QR code at a product plus characters printed next to the QR code, uses optical code recognition to determine the characters, and applies information from the QR code and the characters to register the product. As another example, a security indicator is captured with an image of the QR code and applied to access information of the QR code, such as by using GPS position information, local network information, or telephone number information to encrypt and/or decrypt information stored in the QR code. | 04-24-2014 |
20140115709 | SECURED DELETION OF INFORMATION - Secure deletion of a storage device includes monitoring the storage device, determining whether a predetermined condition occurs, and accessing the storage device when it is determined that the predetermined condition occurs. Further, deleted information to be securely wiped is identified in accordance with a predetermined unified policy for a virtual environment comprising the storage device. Alternatively, information being deleted is intercepted when it is determined that the information being deleted satisfies a predetermined condition. The identified or intercepted deleted information is securely wiped from the storage device by filling a portion of the storage device associated with the deleted information with zero bytes before the deleted information is marked as deleted. The secured wiping of deleted information may occur in accordance with a predetermined enterprise-wide policy. | 04-24-2014 |
20140115710 | Privacy Server for Protecting Personally Identifiable Information - A privacy server protects private information by substituting a token or an identifier for the private information. The privacy server recognizes that a communication includes private information and intercepts the communication. The privacy server replaces the private information with a random or pseudo-random token or identifier. The privacy server maintains the private information in a local database and associates the private information for a particular person with the token or identifier for that person. | 04-24-2014 |
20140115711 | Method and apparatus for delivering private media content to smart phones - A device to receive media content may include a smart phone; a camera to cooperate with the smart phone to transmit a quick response (QR) code to the smart phone; a database to cooperate with the smart phone to verify the QR code; a media storage device to cooperate with the smart phone to stream media data if the QR code is verified. | 04-24-2014 |
20140115712 | METHOD AND APPARATUS FOR GENERATING PRIVACY PROFILES - A privacy processing system may use privacy rules to filter sensitive personal information from web session data. The privacy processing system may generate privacy profiles or privacy metadata that identifies how often the privacy rules are called, how often the privacy rules successfully complete actions, and the processing time required to execute the privacy rules. The privacy profiles may be used to detect irregularities in the privacy filtering process that may be associated with a variety of privacy filtering and web session problems. | 04-24-2014 |
20140115713 | PROVIDING ELECTRONIC SIGNATURE SERVICES TO THIRD PARTY APPLICATIONS BASED ON API CALLS - Systems and methods for providing an electronic signature service to a third party application, such as providing the certain stages or aspects of the service, are disclosed. In some examples, an electronic signature service receives a request for the service in the form of an API call from a third party application (e.g. a document editing application), and provides the service in response to the API call. In some examples, a third party application receives input from a user regarding a requested service, generates an API call based on the received input, and transmits the API call to the service in order to request the service. | 04-24-2014 |
20140115714 | METHOD AND APPARATUS FOR PREVENTION OF TAMPERING AND UNAUTHORIZED EXTRACTION OF INFORMATION FROM MICRODEVICES - A system for protection of information on a secured microdevice, including a control unit, an obliteration driver, and a circuit arranged to conduct the at least one pulse of electric current. The circuit incorporates at least one resistive load having a localized predetermined resistance such that the delivered portion of stored electric energy is locally resistively converted into a mechanical energy of motion during a time period shorter than a duration of time needed for heat diffusion out a volume in the proximity of the at least the fraction of stored information. | 04-24-2014 |
20140115715 | SYSTEM AND METHOD FOR CONTROLLING, OBFUSCATING AND ANONYMIZING DATA AND SERVICES WHEN USING PROVIDER SERVICES - A system, method, and computer readable medium for preventing data leakage from a transmission unit to a service provider (SP), utilizing a network system including a computer, a processor, memory, and a computer readable medium storing thereon computer code which when executed by the at least one computer causes the at least one computer to at least: identify identification information of a user included in data communication between the transmission unit and the SP; identify a SP application via an application signature; determine whether the identified SP application meets at least one data leakage prevention policy for a user; and perform at least one of a plurality of data leakage prevention processes on the transmission unit. | 04-24-2014 |
20140115716 | COPYRIGHT DETECTION AND PROTECTION SYSTEM AND METHOD - A method for detecting against unauthorized transmission of digital works comprises the steps of maintaining a registry of information permitting identification of digital copyrighted works, monitoring a network for transmission of at least one packet-based digital signal, extracting at least one feature from the at least one digital signal, comparing the extracted at least one feature with registry information and applying business rules based on the comparison result. | 04-24-2014 |
20140115717 | Method and Apparatus for an End User Identity Protection Suite - An end user identity protection suite (IPS) is discussed. In one embodiment, the IPS includes a identity validation system to evaluate a security level of at least one identity tool, the identity tool not related to computer security but rather to the user's identity. In one embodiment, the IPS further includes a security signal logic to generate a security status signal indicating an overall security state of the user, the security status signal comprising a combination of the security levels of each of the plurality of identity tools. | 04-24-2014 |
20140123296 | SECURITY THROUGH METADATA ORCHESTRATORS - A method of obtaining a service from a second cloud domain, the method being performed by a first cloud domain, includes identifying the second cloud domain which provides the service from among a plurality of cloud domains by analyzing metadata parameters of the plurality of cloud domains, receiving an indication of data which is requested by the second cloud domain to perform the service, and transmitting the requested data along with metadata corresponding to the requested data to the second cloud domain. | 05-01-2014 |
20140123297 | TERMINAL APPARATUS WITH DRM DECODING FUNCTION AND DRM DECODING METHOD IN TERMINAL APPARATUS - Provided is a terminal apparatus with a DRM decoding function and a DRM decoding method in a terminal apparatus. The terminal apparatus with a DRM decoding function comprises a native unit which is provided with a local file memory for storing DRM media content data and an application program for driving a media device player using an operating system; and a DRM decoding unit which reads the DRM media content data from the local file memory using a URL path for web server, when it is required from the application program to reproduce the DRM media content data, and decodes the read DRM media content data, and provides the decoded DRM media content data to the media device player. Therefore, it is possible to reproduce the DRM media content data in the terminal apparatus without the exclusive DRM decoding module. | 05-01-2014 |
20140123298 | METHODS AND SYSTEMS FOR MANAGING SERVICES AND DEVICE DATA - Computationally implemented methods and systems include acquiring property data regarding at least one property of one or more devices, generating anonymized data by altering the acquired property data to obscure one or more portions of the acquired property data that uniquely identify the one or more devices and/or one or more users of the one or more devices, presenting the anonymized data to one or more service providers configured to generate one or more services, and acquiring the generated one or more services, said generated one or more services at least partly based on the anonymized data. In addition to the foregoing, other aspects are described in the claims, drawings, and text. | 05-01-2014 |
20140123299 | METHODS AND SYSTEMS FOR MANAGING ONE OR MORE SERVICES AND/OR DEVICE DATA - Computationally implemented methods and systems include acquiring obscured data, said obscured data including property data regarding at least one property of one or more devices, wherein said obscured data has been obscured to avoid uniquely identifying the one or more devices, acquiring one or more services configured to be carried out on the one or more devices, said acquiring at least partly based on the acquired obscured data including the property data regarding at least one property of the one or more devices, and offering the one or more services in exchange for access to identifying data configured to uniquely identify the one or more devices associated with the property data. In addition to the foregoing, other aspects are described in the claims, drawings, and text. | 05-01-2014 |
20140123300 | METHODS AND SYSTEMS FOR MANAGING SERVICES AND DEVICE DATA - Computationally implemented methods and systems include acquiring property data regarding at least one property of one or more devices, generating anonymized data by altering the acquired property data to obscure one or more portions of the acquired property data that uniquely identify the one or more devices and/or one or more users of the one or more devices, presenting the anonymized data to one or more service providers configured to generate one or more services, and acquiring the generated one or more services, said generated one or more services at least partly based on the anonymized data. In addition to the foregoing, other aspects are described in the claims, drawings, and text. | 05-01-2014 |
20140123301 | PRIVACY PRESERVING REGISTRY BROWSING - A method, system, and computer-readable memory containing instructions include requesting a tokenizing authority to provide a tokenized string that represents a domain name, using the tokenized domain name string to perform a lookup against a database of registered tokenized domain name strings, determining whether the tokenized domain name string exists in the database, and returning results based on the existence of tokenized domain name strings and optionally variants thereof. The method, system, and computer-readable memory may further include returning an encryption key corresponding to an encrypted record of information related to the domain name corresponding to the tokenized domain name string. | 05-01-2014 |
20140123302 | DEVICE AND METHOD FOR CONCEALING CUSTOMER INFORMATION FROM A CUSTOMER SERVICE REPRESENTATIVE - A method of concealing customer-provided information from an operator during a telephone conversation between the operator and a customer includes receiving dual-tone-multi-frequency-encoded customer information via a telephone connection to a customer telephone and generating a request asking the customer to confirm the information. The method also includes converting the dual-tone-multi-frequency-encoded customer information into an ASCII data stream and sending the ASCII data stream to a computing device, whereby the operator is unable to discern the customer information. | 05-01-2014 |
20140123303 | DYNAMIC DATA MASKING - Described is a method for dynamic data masking (DDM) of sensitive data. The method for DDM comprises receiving a response output comprising sensitive data, based on a client request, from an application, and identifying a main masking specification, based on the response output, for masking of the sensitive data in the response output. Further, the response output is parsed for creating a Document Object Model (DOM) tree for the response output. Status of a masking approach indication field of the main masking specification is checked, and masking is performed on nodes in the DOM tree comprising the sensitive data, based on the status of the masking approach indication field of the main masking specification. | 05-01-2014 |
20140123304 | DATA ANONYMIZATION BASED ON GUESSING ANONYMITY - Privacy is defined in the context of a guessing game based on the so-called guessing inequality. The privacy of a sanitized record, i.e., guessing anonymity, is defined by the number of guesses an attacker needs to correctly guess an original record used to generate a sanitized record. Using this definition, optimization problems are formulated that optimize a second anonymization parameter (privacy or data distortion) given constraints on a first anonymization parameter (data distortion or privacy, respectively). Optimization is performed across a spectrum of possible values for at least one noise parameter within a noise model. Noise is then generated based on the noise parameter value(s) and applied to the data, which may comprise real and/or categorical data. Prior to anonymization, the data may have identifiers suppressed, whereas outlier data values in the noise perturbed data may be likewise modified to further ensure privacy. | 05-01-2014 |
20140130173 | EXPRESSION REWRITING FOR SECURE COMPUTATION OPTIMIZATION - Implementations of the present disclosure are directed to provide secure, multi-party computation and include actions of receiving a program, the program being human-readable and including one or more expressions to provide secure computation based on inputs provided by two or more parties, the program providing a secure computation protocol including at least one calculation that is performed on behalf of the two or more parties, processing the program and one or more rewriting rules in view of a cost-driven heuristic to automatically generate a rewritten program, the rewritten program including a structure that enables localization of one or more calculations and providing an optimized secure computation protocol that localizes the at least one calculation to be performed by at least one of the two or more parties, and compiling the rewritten program to generate a computer-executable program. | 05-08-2014 |
20140130174 | Application and Data Removal System - A method, programmed medium and system are provided for a server-based security manager application to support a self-cleaning operation on a remote computerized device. When a computer device has been reported as being missing for example, the security manager server application will cause the device to take pro-determined actions such as un-installing predetermined applications contained on the device and removing all persisted data associated with such predetermined applications. | 05-08-2014 |
20140130175 | Data Leakage Detection in a Multi-Tenant Data Architecture - Embodiments relate to a process for identifying data leakage in a data storage system. A table is created with multiple units. Each unit in the table has a unique identifier as a leading key in a schema. Two partitions are set in the table, and one of the partitions is set as unavailable. One or more queries are run on the table. Any queries that attempt to access the unavailable partition are identified through an error message or other alert. | 05-08-2014 |
20140130176 | AUTOMATIC SOFTWARE AUDIT SYSTEM AND ASSOCIATED METHOD - An automatic software audit system includes a client and a server. The client includes a network interface, a software installation record database, a software audit rule database, a software release database and a central processing unit (CPU). The network interface is coupled to the client. The software installation record databases stores a software installation record of the client. The software audit rule database stores a software audit rule. The software release database stores a software release record of the client. The CPU installs an agent program to the client to collect the software installation record, and generates a software audit result of the client according to the software installation record, the software audio rule and the software release record. | 05-08-2014 |
20140130177 | SYSTEM AND METHOD FOR CREATING A CERTIFIED ELECTRONIC RECORD - A system and method for creating a certified electronic record has data content forming record entries being associated together to from an uncertified electronic record. A user-made input for creating a certification mark is received. A visually identifiable certification mark is then generated from the input. A certified electronic record is created from the record entries of the uncertified electronic record and the visually identifiable certification mark. | 05-08-2014 |
20140130178 | Automated Determination of Quasi-Identifiers Using Program Analysis - A system and method for automated determination of quasi-identifiers for sensitive data fields in a dataset are provided. In one aspect, the system and method identifies quasi-identifier fields in the dataset based upon a static analysis of program statements in a computer program having access to - sensitive data fields in the dataset. In another aspect, the system and method identifies quasi-identifier fields based upon a dynamic analysis of program statements in a computer program having access to -sensitive data fields in the dataset. Once such quasi-identifiers have been identified, the data stored in such fields may be anonymized using techniques such as k-anonymity. As a result, the data in the anonymized quasi-identifiers fields cannot be used to infer a value stored in a sensitive data field in the dataset. | 05-08-2014 |
20140137259 | METHODS AND APPARATUS FOR SOFTWARE LICENSE MANAGEMENT - Systems and techniques for managing software licensing are described. When a computing system service request is made, the request is intercepted and software information that may be more or less continuously updated in a managed computing environment is examined to determine the effect of the service request on software usage by the system. The software usage represented by the service request is evaluated based on licensing information to determine license usage by the system and changes in license usage based on the service request, and license usage information is determined based on the software usage and the licensing information. The license usage information may be used in connection with a system of rules to govern actions such as reporting licensing usage or allowing or preventing the use of software based on whether use of the software will violate licensing requirements. | 05-15-2014 |
20140137260 | Privacy Preserving Statistical Analysis for Distributed Databases - Aggregate statistics are determined by first randomizing independently data X and Y to obtain randomized data {circumflex over (X)} and Ŷ. The first randomizing preserves the privacy of the data X and Y. Then, the randomized data {circumflex over (X)} and Ŷ is randomized secondly to obtain randomized data {tilde over (X)} and {tilde over (Y)} for a server, and helper information T | 05-15-2014 |
20140137261 | Methods and Apparatus for Software License Management - Systems and techniques for managing software licensing are described. When a computing system service request is made, the request is intercepted and software information that may be more or less continuously updated in a managed computing environment is examined to determine the effect of the service request on software usage by the system. The software usage represented by the service request is evaluated based on licensing information to determine license usage by the system and changes in license usage based on the service request, and license usage information is determined based on the software usage and the licensing information. The license usage information may be used in connection with a system of rules to govern actions such as reporting licensing usage or allowing or preventing the use of software based on whether use of the software will violate licensing requirements. | 05-15-2014 |
20140137262 | SECURE DATA COPYING - A method, computer program product, and system for the anonymization of sensitive data from a plurality of selected business objects or tables stored in a plurality of data fields in at least one primary database included in an enterprise database system when copying portions of the at least one primary database to a secondary database or updating an existing database with anonymized values for the sensitive fields therein. A plurality of data fields is specified for copying from the at least one primary database. At least one integrity map is generated and populated for each data field in the primary database requiring anonymization before copying to the secondary database. The at least one integrity map is stored in a table associated with the primary database. An anonymized value is generated for each data field in the primary database requiring anonymization. Each data field in the primary database requiring anonymization is substituted with the anonymized value. The portions of the at least one primary database including anonymized values are copied to a secondary database. | 05-15-2014 |
20140137263 | INFORMATION PROCESSING APPARATUS WITH HIBERNATION FUNCTION, CONTROL METHOD THEREFOR, AND STORAGE MEDIUM STORING CONTROL PROGRAM THEREFOR - An information processing apparatus that is capable of preventing leakage of confidential information from data saved on a nonvolatile memory even when the apparatus makes a transition to a hibernation state. The information processing apparatus with a hibernation function has a volatile memory and a nonvolatile memory. A security-area determination unit determines whether a memory area allocated to the volatile memory is a security area. A transition unit to save data saved on a memory area of the volatile memory that is determined as a non-security area by the security-area determination unit and not to save data saved on a memory area of the volatile memory that is determined as a security area, when going to a hibernation state. A resuming unit writes the data that is saved on the nonvolatile memory back to the volatile memory at the time of resuming from the hibernation state. | 05-15-2014 |
20140143881 | IMPLEMENTING CONDUCTIVE MICROCAPSULE RUPTURE TO GENERATE A TAMPER EVENT FOR DATA THEFT PREVENTION - A method and circuit for implementing conductive microcapsule rupture to generate a tamper event for data theft prevention, and a design structure on which the subject circuit resides are provided. A polymeric resin containing microcapsules surrounds a security card and a tamper sensor device provided with the securing card. Each microcapsule contains a conductive material. The conductive material of the microcapsule disperses onto the tamper sensor device on the security card responsive to the microcapsule being ruptured to create a change in resistance, reducing the resistance of a security mesh of the tamper sensor device. The microcapsules are more sensitive to pressure than a tamper mesh of the tamper sensor device and therefore rupture first, creating the change in resistance when dispersed onto the tamper sensor device. The resistance change is detected by the tamper sensor device and the security card is disabled to prevent data theft. | 05-22-2014 |
20140143882 | SYSTEMS AND METHODS FOR PRESERVING PRIVACY FOR WEB APPLICATIONS - A system and method for preserving privacy includes selecting a plurality of lexicons and executing a plurality of random operations through at least one web application using the plurality of lexicons. The system and method models the plurality of random operations based on typical usage to mask actual operations or searches executed by a user. | 05-22-2014 |
20140143883 | Preventing Data Extraction by Side-Channel Attack - A method for data transfer includes receiving a control signal triggering a transfer of a secret value into an element ( | 05-22-2014 |
20140143884 | SYSTEM AND METHOD FOR PROTECTING DATA STORED ON A REMOVABLE DATA STORAGE DEVICE - A system for protecting data stored in a memory of a removable data storage device is provided. The system includes a personal electronic device, a removable solid state data storage device operatively coupled to the personal electronic device, and a circuit including a data protection module and an authorization module. The data storage device includes a memory for storing data. The authorization module is configured to determine whether a preauthorized state is active. When the preauthorized state is not active, the data protection module is configured to protect at least some of the data stored in the memory in response to detecting impending removal of the data storage device from the personal electronic device. When the preauthorized state is active, the data protection module is configured to preserve certain data stored in the memory in response to detecting impending removal of the data storage device from the personal electronic device. | 05-22-2014 |
20140150108 | PREVENTION OF ACCIDENTAL PASSWORD DISCLOSURE IN APPLICATION WINDOWS - Text entry context information associated with text entry within an inter-user communication application is evaluated. A determination is made as to whether the evaluated text entry context information identifies a text string entered by a user as a potential password inadvertently entered into the inter-user communication application by the user. In response to determining that the text string is identified as the potential password, the user is prompted to confirm that the user intends to send the text string using the inter-user communication application. The text string is transmitted using the inter-user communication application in response to a confirmation from the user to send the text string. | 05-29-2014 |
20140150109 | METHOD FOR PROTECTING USER PRIVACY IN SOCIAL NETWORKS - A method for protecting user privacy in an online social network, comprising the steps of defining, for a given primary user of an online social network who is authorized to post multimedia information in an account of the social network, a personal profile type that characterizes a level of desired privacy and that is selected from a group of predetermined profile types; defining a personal profile type selected from the group for each of a plurality of secondary users who are interested in accessing posted multimedia information of the primary user while functioning as a friend thereof; and denying a request for friendship initiated by one of the plurality of secondary users when the profile type of the primary user and of the one of the plurality of secondary users are incompatible as defined by predetermined rules, that may be stored in the privacy setting module. | 05-29-2014 |
20140150110 | METHOD FOR ROUTING A MESSAGE - A method for routing at least one message, this method being implementation-dependent on a trusted operating system of an electronic device comprising an electronic assembly on which the trusted operating system and a Rich-OS operating system are executed. The method may include operations for consulting a trusted memory of a terminal, which may be called a first memory, and when the first memory contains a message, determining the operating system targeted by the message from among at least the Rich-OS operating system and the trusted operating system. And when the message targets the Rich-OS system, transferring the message from the first memory to a memory accessible to the Rich-OS system, which may be called a second memory. | 05-29-2014 |
20140150111 | Audio/Video Identification Watermarking - The invention is directed to marking audio/video (A/V) signals for use in tracing content to a source. An ID controller captures an A/V synchronization fingerprint from a master A/V signal, stores the fingerprint in a data store, and provides signals to an ID encoder to have encoded an identifier into a copy of the master A/V signal. The identifier is encoded to be persistent through actions such as capture, compression, and/or transcoding. In one embodiment, the identifier is encoded as a bit sequence, where each bit is encoded using an encoding technique that is hereinafter called a Mississippi encoding technique. The encoded identifier within the copied A/V signal may later be determined by extracting the fingerprint and comparing it to the stored fingerprint to determine the identifier. The identifier may then be used to trace a source of the copied A/V signal. | 05-29-2014 |
20140150112 | DEVICE AND PORTABLE STORAGE DEVICE WHICH ARE CAPABLE OF TRANSFERRING RIGHTS OBJECT, AND A METHOD OF TRANSFERRING RIGHTS OBJECT - A device and a portable storage device which are capable of transferring a rights object (RO) and a method of transferring an RO are provided. The method includes enabling a device to transmit an installation request message to a portable storage device for installing a copy of an original RO present in the device in the portable storage device, enabling the device to install the copy of the original RO in the portable storage device, and enabling the device to receive an installation response message indicating that the copy of the original RO has been successfully installed in the portable storage device from the portable storage device. | 05-29-2014 |
20140150113 | DEVICE AND PORTABLE STORAGE DEVICE WHICH ARE CAPABLE OF TRANSFERRING RIGHTS OBJECT, AND A METHOD OF TRANSFERRING RIGHTS OBJECT - A device and a portable storage device which are capable of transferring a rights object (RO) and a method of transferring an RO are provided. The method includes enabling a device to transmit an installation request message to a portable storage device for installing a copy of an original RO present in the device in the portable storage device, enabling the device to install the copy of the original RO in the portable storage device, and enabling the device to receive an installation response message indicating that the copy of the original RO has been successfully installed in the portable storage device from the portable storage device. | 05-29-2014 |
20140157422 | COMBINING PERSONALIZATION AND PRIVACY LOCALLY ON DEVICES - A profiling service may determine, local to a device, user profile attributes associated with a device user based on interaction of the device user with the device, based on device-local monitoring of device user interactions with the device, and may store the user profile attributes in a memory. The profiling service may be configured as an augmentation to a device operating system of the device. A profile exposure component may manage exposure of information associated with the user profile attributes to applications operating locally on the device, without exposure to the applications or to third parties of information determined as sensitive to the device user. | 06-05-2014 |
20140157423 | CODE PROTECTION USING ONLINE AUTHENTICATION AND ENCRYPTED CODE EXECUTION - Methods for code protection are disclosed. A method includes using a security processing component to access an encrypted portion of an application program that is encrypted by an on-line server, after a license for use of the application program is authenticated by the on-line server. The security processing component is used to decrypt the encrypted portion of the application program using an encryption key that is stored in the security processing component. The decrypted portion of the application program is executed based on stored state data. Results are provided to the application program that is executing on a second processing component. | 06-05-2014 |
20140157424 | MOBILE DEVICE PRIVACY APPLICATION - A device is configured to determine that the device is to activate a privacy mode, obscure information displayed by a display of the device, detect a user interaction with a first portion of the display, the first portion being less than an entirety of the display, and reveal first information obscured by the first portion of the display, without revealing information obscured by a remaining portion of the display, the first portion and the remaining portion comprising the entirety of the display. | 06-05-2014 |
20140157425 | CLIENT DEVICE WITH APPLICATION STATE TRACKING AND METHODS FOR USE THEREWITH - A client device includes a network interface that is coupled to receive media content via a network, wherein the media content is protected by digital rights management data. A processing device executes a digital rights management application for validating playback of media content based on state tracker data. A memory stores the media content, the digital rights management application, the digital rights management data and the state tracker data. The digital rights management application generates the state tracker data based on digital rights management data and state data of the digital rights management application. | 06-05-2014 |
20140157426 | PERSONAL INFORMATION PROTECTION SYSTEM FOR PROVIDING SPECIALIZED FUNCTION FOR HOST TERMINAL BASED ON UNIX AND LINUX - Provided are an information protection apparatus and system. The information protection apparatus based on Windows, Unix, or Linux includes a first check unit, a second check unit, and a security measure unit. The first check unit checks whether there is a file including monitoring information among a plurality of check target files in a local storage area, according to a predetermined check policy. The second check unit checks whether there is a file including the monitoring information among the check target files in a sharing storage area of a file system that is shared in a network drive type in an NFS scheme. The security measure unit performs a security measure conforming to a predetermined security policy for the file including the monitoring information. | 06-05-2014 |
20140157427 | APPARATUS AND METHOD FOR VERIFYING INTEGRITY OF FIRMWARE OF EMBEDDED SYSTEM - An apparatus and method for verifying the integrity of firmware of an embedded system is provided. The apparatus for verifying the integrity of firmware of an embedded system includes a target integrity code obtainment unit for obtaining a target integrity code of firmware of the embedded system. A source integrity code obtainment unit obtains a source integrity code of source firmware. An integrity determination unit determines whether integrity of the firmware of the embedded system is maintained, by using the target integrity code and the source integrity code. | 06-05-2014 |
20140157428 | PREVENTING MALICIOUS OBSERVANCE OF PRIVATE INFORMATION - A technique for preventing malicious observance of private information includes receiving an instruction of entering a mode of inputting private information; determining a correspondence between actual inputs and expected inputs; receiving an actual user input; and converting the actual input into an expected input as private information inputted by the user according to the correspondence. This security technique can prevent discovery of the private information of a user through observation. | 06-05-2014 |
20140157429 | LICENSE MANAGEMENT DEVICE, LICENSE MANAGEMENT SYSTEM, LICENSE MANAGEMENT METHOD, AND PROGRAM - A license management device causes a wireless device to enter a state in which all functions are restricted by overwriting key information of the wireless device with a default key specific to the wireless device. A key generating device generates an upgrade key specific to the wireless device, and transmits the update key to the license management device. The license management device can release a restriction of a function in the wireless device by applying the upgrade key to the key information of the wireless device overwritten with the default key. | 06-05-2014 |
20140165208 | METHOD AND APPARATUS FOR DYNAMIC OBFUSCATION OF STATIC DATA - A method and an apparatus that provide rewriting code to dynamically mask program data statically embedded in a first code are described. The program data can be used in multiple instructions in the first code. A code location (e.g. an optimal code location) in the first code can be determined for injecting the rewriting code. The code location may be included in two or more execution paths of first code. Each execution path can have at least one of the instructions using the program data. A second code may be generated based on the first code inserted with the rewriting code at the optimal code location. The second code can include instructions using the program data dynamically masked by the rewriting code. When executed by a processor, the first code and the second code can generate identical results. | 06-12-2014 |
20140165209 | DIGITAL CONTENT DELIVERY PLATFORM FOR MULTIPLE RETAILERS - A digital content distribution platform includes a content distribution device configured to store digital assets and associated metadata, encode and encrypt each of the digital assets, and publish the metadata associated with the assets to one or more catalog servers associated with multiple digital content retailers. The digital content distribution platform further includes a portal server configured to permit registration by the multiple digital content retailers to enable access to the stored digital assets by clients associated with the multiple digital content retailers. The digital content distribution platform also includes one or more license servers configured to engage in digital rights management (DRM) with multiple DRM servers associated with the multiple digital content retailers. | 06-12-2014 |
20140165210 | SOFTWARE WATERMARKING TECHNIQUES - A method and system for watermarking software is disclosed. In one aspect, the method and system include providing an input sequence and storing a watermark in the state of a software object as the software object is being run with the input sequence. In another aspect, the method and system verify the integrity or origin of a program by watermarking the program. The watermark is stored as described above. In this aspect, the method and system also include building a recognizer concurrently with the input sequence and the watermark. The recognizer can extract the watermark from other dynamically allocated data and is kept separately from the program. The recognizer is adapted to check for a number. In another aspect, the software is watermarked by embedding a watermark in a static string and applying an obfuscation technique to convert the static string into executable code. In another aspect, the watermark is chosen from a class of graphs having a plurality of members and applied to the software. Each member of the class of graphs has at least one property that is capable of being tested by integrity-testing software. | 06-12-2014 |
20140173745 | AUTOMATED HUMAN INTERFACE DEVICE OPERATION PROCEDURE - The present invention provides an automated human interface device operation procedure electrically activated in one computer in which Mac OS X v10.4 or a higher version is installed, makes a browser program automatically executed by the computer without manual intervention, fetch/enter a specific Uniform Resource Locator for login, and is automatically unloaded with all steps completed. | 06-19-2014 |
20140181983 | IDENTIFYING PRIMARILY MONOSEMOUS KEYWORDS TO INCLUDE IN KEYWORD LISTS FOR DETECTION OF DOMAIN-SPECIFIC LANGUAGE - Techniques are described for generating a monosemous (i.e., single sense) keyword list associated with a particular domain (e.g., a medical or financial domain) for document classification. An input term frequency dictionary, a candidate keyword list, and a document corpus may be used to generate the keyword list. A collection of documents is divided into two sets, one related to a target domain and one not. A statistical approach may be used to evaluate each term in the candidate list to determine a measure of how monosemous each remaining candidate term is, i.e., how strongly the term (or short phrase) identifies with a single sense. Terms with a primarily single sense related to the target domain are added to the monosemous keyword list. The keyword list may be used to identify documents associated with the domain, allowing, the appropriate protections to be applied to the document (e.g., do not send outside an enterprise boundary or permit copying). | 06-26-2014 |
20140181984 | METHOD AND APPARATUS FOR AUTHENTICATION OF SOLUTION TOPOLOGY - A computer implemented method is provided to verify an integrity of a solution. The computer implemented method comprises hashing, by a computer, a set of virtual machine instances in a solution topology of the solution. The computer hashes a set of connections in the solution topology. The set of connections comprising a connection between ones of the set of virtual machine instances, a connection between a first component of a first one of the set of virtual machine instances and a second component of a second one of the set of virtual machine instances, and combinations thereof. The computer hashes a set of solution-specific information, and then signs the hashes to create a first signed topology. | 06-26-2014 |
20140181985 | Content Specific Data Scrambling - An electronic device may include multiple modules that share access to a common memory. The electronic device may include content access logic that selective allows a module to access target data in the memory. When writing data into the memory, the content access logic may determine an access restriction associated with the write data, where the access restriction specifies one or more modules that can access the write data. The content access logic may scramble the write date using an access key, and configure the access key such that only authorized modules can use the access key when retrieving data from the memory. The content access logic may then store the scrambled data in the memory. | 06-26-2014 |
20140181986 | UNIQUE AND UNCLONABLE PLATFORM IDENTIFIERS USING DATA-DEPENDENT CIRCUIT PATH RESPONSES - A method and apparatus are provided for generating a unique identifier. One or more tests are performed over one or more data-dependent circuit paths for one or more circuits. The one or more tests are then repeated over the one or more data-dependent circuit paths for the one or more circuits while adjusting an operating frequency and/or operating voltage for each of the one or more circuits. A threshold frequency and/or threshold voltage is ascertained for each of the one or more data-dependent circuit paths. An identifier may then be generated based on a plurality of the threshold frequencies and/or threshold voltages ascertained for the one or more data-dependent circuit paths. | 06-26-2014 |
20140181987 | SECURE STORAGE AND RETRIEVAL OF CONFIDENTIAL INFORMATION - A secure information storage management system may securely manage the storage of confidential information. A randomizer module may randomly generate a schema that specifies a random number of pieces, a random size for each piece, a random sequence for the pieces, and/or a random location where each piece is to be stored. The randomizer module may divide the confidential information into pieces that collectively constitute the confidential information in conformance with the schema. A storage management module may cause each piece of confidential information to be stored at a different, non-contiguous storage location. When present, the storage management module may cause each piece to be stored at the location for it that is specified in the schema. | 06-26-2014 |
20140181988 | INFORMATION PROCESSING TECHNIQUE FOR DATA HIDING - A disclosed method includes: receiving one or plural processing instructions, each of which includes a result of an anonymizing processing, which is performed based on whether or not a plurality of data blocks that have a predetermined relationship exist, and a processing content to cause the result to be reflected, wherein each of the one or plural processing instructions is to be performed for a data block, for which the anonymizing processing has been performed; determining whether or not processing instructions, which include the one or plural received processing instructions, before outputting satisfy a predetermined condition; upon determining that the processing instructions before outputting satisfy the predetermined condition, outputting the processing instructions before outputting; and upon determining that the processing instructions before outputting do not satisfy the predetermined condition, keeping the processing instructions before outputting. | 06-26-2014 |
20140181989 | INFORMATION PROCESSING APPARATUS, COMMUNICATION TERMINAL APPARATUS, AND STORAGE MEDIUM - There is provided an information processing apparatus including a storage controller configured to perform control in a manner that a log of a user is stored in a storage, a determination part configured to determine whether a position of the user is within a set area, and an erasure controller configured to substantially erase, when the determination part determines that the position of the user is not within the set area, at least data capable of identifying the user individually among the log of the user stored in the storage. | 06-26-2014 |
20140181990 | METHOD AND APPARATUS FOR SYNCHRONIZING AN ADAPTABLE SECURITY LEVEL IN AN ELECTRONIC COMMUNICATION - A method of communicating in a secure communication system, comprises the steps of assembling as message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient. | 06-26-2014 |
20140181991 | ADVANCED MULTI-CHANNEL WATERMARKING SYSTEM AND METHOD - A method, computer program product, and computing device for modifying a first channel portion of a digital media data file to include at least a first primary watermark. A second channel portion of the digital media data file is modified to include at least a first secondary watermark, wherein the first secondary watermark is the complement of the first primary watermark. | 06-26-2014 |
20140189876 | SYSTEMS AND METHODS FOR LICENSING NON-DESTRUCTIVE TESTING CONTENT - A non-transitory computer readable medium may include executable instructions which, when executed by a processor, cause the processor provide for a repository of digital content and to create a first license based on the digital content. The instructions further cause the processor to transmit the first license and the digital content to a non-destructive testing (NDT) device, and wherein the digital content is configured to be executed by, used by, or displayed by the NDT device, or a combination thereof, based on the first license. | 07-03-2014 |
20140189877 | IDENTITY PROTECTION AND DISTRIBUTION SYSTEM - Embodiments of the invention are directed to systems, methods and computer program products for providing user information to a merchant. Embodiments may receive and store user information in a user file, receive a request from a merchant for some or all of the user information stored in the user file in response to the merchant reading a readable indicia presented by a user using a mobile device; and, in response to the request for some or all the user information, retrieve the requested information and transmit the requested information to the merchant. Embodiments may receive and store a plurality of profiles, where each profile is associated with some or all the user information stored in the user file. Some embodiments may receive user input, through the merchant, selecting one of the profiles; where retrieving the requested information comprises retrieving the user information associated with the selected profile. | 07-03-2014 |
20140189878 | IMAGE FORMING APPARATUS - An image forming apparatus. The image forming apparatus performs security management functions such as security transmission and security printing of data stored in a hard disk of the image forming apparatus and shared with a plurality of host computers through a network, to which a security tag is added for the security of the data so as to increase the security of the data. The image forming apparatus is connected to the network to be shared with the host computers to receive and store data transmitted from the host computers, and includes a storage device to store IP address information of a host computer which transmitted data and security data to which a security tag is added for the security of the transmitted data corresponding to the IP address information, and an image forming controller to perform security management function of the security data. | 07-03-2014 |
20140189879 | METHOD FOR IDENTIFYING FILE TYPE AND APPARATUS FOR IDENTIFYING FILE TYPE - A method for identifying a file type and an apparatus for identifying a file type, so as to solve a problem in the prior art that a file type cannot be effectively identified when a sender tampers with a file being transmitted. The method includes: acquiring, from a transmitted data packet, a file header of a file to be identified, and determining whether a magic number can be obtained from the file header; if the magic number can be obtained, searching for the file type that corresponds to the magic number; determining whether data of the file to be identified complies with a data structure feature of the file type; if yes, determining that a file type of the file to be identified is the file type that corresponds to the magic number; and if not, determining that a file type of the file is an abnormal type. | 07-03-2014 |
20140196151 | PRESERVING GEOMETRIC PROPERTIES OF DATASETS WHILE PROTECTING PRIVACY - The privacy of a dataset is protected. A private dataset is received that includes multiple rows of multidimensional data. Each row may correspond to a user, and each dimension may be an attribute of the user. A projection matrix is applied to each row to generate a lower dimensional sketch of the row. Noise is added to each of the lower dimensional sketches. The sketches with the added noise may be published together with the projection matrix. The sketches preserve geometric relationships of the original dataset including clustering, distances, and nearest neighbor, and therefore may be useful for data mining purposes while still protecting the privacy of the users. | 07-10-2014 |
20140196152 | DIGITAL MEDIA PRIVACY PROTECTION - In one example of digital media privacy protection, a computer-readable medium stores computer-executable instructions that, when executed, cause one or more processors to execute operations including capturing at least one image file, obfuscating at least all facial images included in the captured image file, comparing all facial images included in the captured image file against a locally stored privacy policy, unobfuscating those of the facial images included in the captured image file for which the comparison against the locally stored privacy policy results in a positive match, and rendering the captured image file. | 07-10-2014 |
20140196153 | SYSTEM AND METHOD FOR NETWORK ADMINISTRATION AND LOCAL ADMINISTRATION OF PRIVACY PROTECTION CRITERIA - Cookie files are screened in a client machine, wherein a cookie file includes a cookie file source. A request from a subscriber is received at a server to send a list of untrusted cookie file sources to the client machine. The list of untrusted cookie file sources is downloaded from the server to the client machine. The downloaded list of untrusted cookie file sources is used to detect cookie files received at the client machine from cookie file sources on the downloaded list by comparing the cookie file source of any received cookie file to the untrusted cookie file sources on the downloaded list. | 07-10-2014 |
20140196154 | SYSTEMS AND METHODS FOR CONTROLLING ACCESS TO SECURE DEBUGGING AND PROFILING FEATURES OF A COMPUTER SYSTEM - The present disclosure describes systems and methods for controlling access to secure debugging and profiling features of a computer system. Some illustrative embodiments include a system that includes a processor, and a memory coupled to the processor (the memory used to store information and an attribute associated with the stored information). At least one bit of the attribute determines a security level, selected from a plurality of security levels, of the stored information associated with the attribute. Asserting at least one other bit of the attribute enables exportation of the stored information from the computer system if the security level of the stored information is higher than at least one other security level of the plurality of security levels. | 07-10-2014 |
20140201844 | DETECTION OF AND PRIVACY PRESERVING RESPONSE TO OBSERVATION OF DISPLAY SCREEN - The security and privacy of a user is enhanced by monitoring the background environment in which the user is working for changes. In an embodiment, a first or reference image is acquired using a front-facing camera of the user's computing device. A second or target image is acquired using the front-facing camera. The images are compared and an alert is generated if there is a change in background that exceeds a threshold. The change may be a person who has entered the environment and is watching the computing device screen. The alert may include reducing the visibility of information shown on the screen. | 07-17-2014 |
20140201845 | SECURE CLOUD IMPLEMENTATION - Implementation of a secure network may be provided by analyzing packet traffic for sensitive information. Network processing elements found to be processing sensitive information may be classified as needing higher security. The classified network processing elements may be moved into a group of secure network processing elements. | 07-17-2014 |
20140201846 | SECURE CLOUD IMPLEMENTATION - Implementation of a secure network may be provided by analyzing packet traffic for sensitive information. Network processing elements found to be processing sensitive information may be classified as needing higher security. The classified network processing elements may be moved into a group of secure network processing elements. | 07-17-2014 |
20140201847 | ANONYMIZATION DEVICE AND ANONYMIZATION METHOD - For satisfying request level of anonymization and preventing a decline of information value, an anonymization device, includes: an anonymization unit which executes anonymization processing to a data set including two data or over with making each group of the data as a processing unit; an anonymous level setting unit which sets an adaptive anonymous level to each of the groups of the data set executed the anonymization processing; an anonymity judgment unit which judges whether or not the group satisfies the set adaptive anonymous level; and further the anonymization unit executes anonymization processing to the data set executed the anonymization processing based on the judgment result by the anonymity judgment unit. | 07-17-2014 |
20140208433 | SYSTEM AND METHOD FOR THE SECURE UNIDIRECTIONAL TRANSFER OF SOFTWARE AND SOFTWARE UPDATES - A system is disclosed that provides an authenticated payload, e.g., a software program or update, to a recipient device. A storage device stores a payload. A provider server coupled to the storage device outputs the payload and a manifest table. The manifest table includes information identifying the payload. A manifest engine TX server receives the payload and the manifest table from the provider server, generates information about the received payload, compares the information generated about the payload with the contents of the received manifest table, and, if the information about the received payload matches information for a particular one of the at least one payloads included in the received manifest table, forwards the payload to a one-way data link. The output of the one-way data link is coupled to a manifest engine RX server, which in turn forwards any received payload to a recipient device coupled to an output of the manifest engine RX server. | 07-24-2014 |
20140208434 | DATA PROTECTION FOR KEYCHAIN SYNCING - Some embodiments provide a program that provides data protection for a device when synchronizing a set of keychains stored on the device with a set of other devices. The program receives keychain data for synchronizing the set of keychains stored on the device with the set of other devices. The keychain data is specified as belonging to a protection domain. The program determines whether a set of conditions defined for the protection domain is satisfied. When the set of conditions is determined as satisfied, the program allows access to the keychain data in order to process the keychain data and synchronize the set of keychains stored on the device with the set of other devices. | 07-24-2014 |
20140208435 | SOFTWARE MODIFICATION FOR PARTIAL SECURE MEMORY PROCESSING - This disclosure is directed to software modification that may be used to prevent software piracy and prevent unauthorized modification of applications. In some embodiments, a software vendor may modify software prior to distribution to a user. The software vendor may extract cutouts from an application to create a modified application. The modified application and the cutouts may be downloaded by a user device. The user device may run the application using the modified application and by executing the cutouts in a secure execution environment that conceals the underlying code in the cutouts. | 07-24-2014 |
20140208436 | ALPHA II LICENSE MANAGEMENT SYSTEM - The Alpha II installation architecture requires extra management of per-seat installations to ensure the games are only installed with as many instances as were sold to the site. The License Management method manages and enforces proper per-license activation since a mechanism is present on the gaming machines to copy the software which is sold on compact flashes and installed onto hard drives. A method for providing license management using an activation application to manage and enforce proper per-license activation is disclosed. The method includes: adding purchased game titles to an active license database; requesting activation installations for game titles that are desired to be activated on associated gaming machines; creating activation installations on a portable memory device that associates the activation installations with associated gaming machines; enabling software to be installed onto each machine which the software is inserted using the portable memory device; enabling return of the portable memory device to the activation application where the portable memory device is read, after completion of the gaming machines being updated; and passing the current snapshot and confirmation data to a central licensing host to confirm the activation installations and free any uninstalled software licenses. | 07-24-2014 |
20140208437 | ANONYMIZATION DEVICE, ANONYMIZATION METHOD AND RECORDING MEDIUM RECORDING PROGRAM THEREFOR - An anonymization device includes: an analysis unit which outputs an analysis result of privacy information including personal information on the basis of an analysis command; and a feedback information creation unit which creates the analysis command on the basis of a disclosure request including disclosure object information indicating an object to be disclosed and disclosure format information indicating the format of the disclosure, outputs the analysis command to the analysis unit, and creates and outputs a disclosure response including feedback information which suggests a change to the disclosure request to increase anonymity, on the basis of the anonymity in the analysis result received from the analysis unit. | 07-24-2014 |
20140215632 | PREVENTING THE DETECTION AND THEFT OF USER ENTRY ALPHANUMERIC SECURITY CODES ON COMPUTER TOUCH SCREEN KEYPADS - Preventing, discernible patterns of surface marks resulting from the repetitive entry of security codes to computer device touch screen alphanumeric keypads. There is predetermined the number of security code entries after which the positions of the representative keys in the keypad array should be reconfigured. This predetermined number should be the number of security code entries estimated to produce a pattern of distinguishable display surface marks coincident with a users repetitive entry alphanumeric character security code. The number of security code entries is counted. When the count of the predetermined number of security code entries has been reached, the representative keys in the displayed keypad array are reconfigured. This implementation is equally effective against thieves who are visually stealing the security codes over the user's shoulder. | 07-31-2014 |
20140215633 | SECURITY FILTER FOR CONTEXT-BASED DATA GRAVITY WELLS - A processor-implemented method, system, and/or computer program product defines multiple security-enabled context-based data gravity wells on a security-enabled context-based data gravity wells membrane. Non-contextual data objects are associated with context objects to define synthetic context-based objects. The synthetic context-based objects are associated with one or more security objects to generate security-enabled synthetic context-based objects, which are parsed into an n-tuple that includes a pointer to one of the non-contextual data objects, a probability that a non-contextual data object has been associated with a correct context object, probability that the security object has been associated with a correct synthetic context-based object, and a weighting factor of importance of the security-enabled synthetic context-based object. A virtual mass of each parsed security-enabled synthetic context-based object is calculated, in order to define a shape of multiple security-enabled context-based data gravity wells that are created when security-enabled synthetic context-based objects are pulled in. | 07-31-2014 |
20140215634 | MANAGING APPLICATION ACCESS TO CERTIFICATES AND KEYS - Plural modes of operation, each associated with a class attribute, may be established on a mobile device. The present application discloses a method of handling an application launch request, a computing device for carrying out the method and a computer readable medium for adapting a processor to carry out the method. The method includes receiving a launch request identifying an application that is to be launched, acquiring an identity for the application, acquiring a class for the application, labeling the application with the identity and the class and launching the application. | 07-31-2014 |
20140215635 | VARIABLE ANONYMOUS IDENTIFIER VALUE - Systems and method for allowing an identifier value associated with a computing device, and that is delivered to content providers when requesting content, to be altered from that of the unique identifier value associated with the computing device. A computing device will include user interface elements that allow a user to request a new identifier on-demand. In some cases, the user can also configure the computing device to obtain a new identifier value in response to other actions at the computing device or automatically when some type of usage criteria is met. The identifier value is configured to be substantially unique and to be different than a unique identifier associated with the computing device to provide anonymity for the user. | 07-31-2014 |
20140223568 | METHOD FOR SECURELY CHECKING A CODE - A method and a circuit system are provided for securely checking a first code word. The method uses at least one code checker, and provides that the first code word to be checked is transferred into a second code word prior to entry into the code checker. | 08-07-2014 |
20140223569 | System on Chip with Embedded Security Module - An embedded security module includes a security processor, volatile and non-volatile memory, and an interface. The security processor includes transistors formed in one or more semiconductor layers of a semiconductor die, and implements one or more security-related functions on data and/or code accessed by the security processor. The volatile memory is fabricated on the same semiconductor die as the security processor and stores the data and/or code accessed by the security processor. The non-volatile memory includes non-volatile storage cells disposed above each semiconductor layer of the semiconductor die, and securely stores at least one of the data and/or code accessed by the security processor and security information relating to the data and/or code accessed by the security processor. The interface is fabricated on the same semiconductor die as the security processor and provides a communication interface for the security processor. | 08-07-2014 |
20140223570 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING SYSTEM, AND LICENSE MANAGEMENT METHOD - An information processing system including one or more information processing apparatus includes one or more service providing units to provide a service to a first terminal device; and a license management unit to manage a license temporarily registered from a second terminal device. The service providing unit includes a first storage unit to preserve license information of the license managed by the license management unit; a second storage unit to store a copy of the license information; and a validation unit to receive a request to make the license valid from the first terminal device, to make the temporarily registered license information stored in the second storage unit valid, and to request to make the temporarily registered license information preserved in the first storage unit valid. The service is provided for the first terminal device based on the license having made valid. | 08-07-2014 |
20140223571 | PROGRAMMABLE DISPLAY - A programmable display that is connected to a control apparatus controlling apparatuses and that functions as a user interface for the control apparatus, includes a display processing unit displaying, on a display unit, a screen and display objects arranged in the screen; and a storing unit storing, concerning each of a candidate screen, which is a candidate of the screen, and a candidate display object, which is a candidate of the display objects, setting security level information for specifying a level to which the candidate screen or the candidate display object belongs among levels obtained by ranking security in a horizontal division manner and setting security group information for specifying a group to which the candidate screen or the candidate display object belongs among groups obtained by dividing security in a vertical division manner over the levels. | 08-07-2014 |
20140223572 | MESSAGE SERVICE PROVIDING METHOD, AND APPARATUS AND SYSTEM THEREFOR - The present invention relates to a message service providing method, and more specifically, to a message service providing method, and an apparatus and a system therefor capable of selective message protection by extracting a part corresponding to confidential information when the confidential information is included in a message received from a partner, and setting a protection function for only the extracted part. | 08-07-2014 |
20140223573 | DIGITAL CONTENT DELIVERY - Digital content delivery are disclosed. An example method includes receiving personal information associated a user and receiving a first request from the user to receive first content digitally. The first content is to be generated by a first content creator. The method includes, based on the personal information and the first request received, registering the user with a content distributor to enable the user to receive the first content digitally, the content distributor being different than the first content creator and conveying the first request to the first content creator for the user to receive first content digitally. | 08-07-2014 |
20140237608 | System and Method for Masking Email Addresses - The present invention is directed to a system and method for masking email addresses. In an exemplary embodiment, a consumer responds to a marketing offer by supplying consumer information, including an actual email address, to a lead specialist. The consumer's actual email address is masked, with a unique email address substituted, when the consumer's information is passed-on to a lender. The lead specialist can then track and filter responses to the consumer to identify misuse of its lead information and to protect the consumer from unwanted emails and solicitations. | 08-21-2014 |
20140237609 | HARDWARE ENFORCED CONTENT PROTECTION FOR GRAPHICS PROCESSING UNITS - This disclosure proposes techniques for graphics processing. In one example, a graphics processing unit (GPU) is configured to access a first memory unit according to one of an unsecure mode and a secure mode. The GPU comprises a memory access controller configured to allow the GPU to read data from only an unsecure portion of the first memory unit when the GPU is in the unsecure mode, and configured to allow the GPU to write data only to a secure portion of the first memory unit when the GPU is in the secure mode. | 08-21-2014 |
20140237610 | METHOD AND SYSTEM FOR DISTRIBUTED CONTROL OF USER PRIVACY PREFERENCES - A system and method for managing user data preferences across multiple online sites and applications. A privacy center can be configured to include a user interface and an application programming interface (API). The user interface can be employed to set preferences for specific data types in order to handle the data types with a different level of privacy than other similar data type by the user. The API permits a plurality of sites to discover user's preferences, field names, and categories of data recognized by the site. The API adds new data fields to accommodate future changes in both technology and in legal restrictions on data usage. An address with respect to the API and the user interface along with a token can be entered when installing an application and the application downloads the preferences and applies them based on requirement. | 08-21-2014 |
20140237611 | METHOD FOR PROTECTING THE INTEGRITY OF A GROUP OF MEMORY ELEMENTS USING AN AGGREGATE AUTHENTICATION CODE - One feature pertains to an efficient algorithm to protect the integrity of a plurality of data structures by computing an aggregate message authentication code (MAC) over the plurality of data structures. An aggregate MAC may be constructed from a plurality of MAC values associated with a plurality of data structures. The aggregate MAC binds the plurality of data structures and attests to their combined integrity simultaneously. Rather than checking the integrity of a data structure when it is accessed, the aggregate MAC is periodically checked or verified, to ascertain the integrity of all data structures. If the aggregate MAC computed is different from the previously stored aggregate MAC, then all data structures that are part of the aggregate MAC are discarded. | 08-21-2014 |
20140237612 | PRIVACY SETTING IMPLEMENTATION IN A CO-BROWSING ENVIRONMENT - Embodiments described herein provide systems and method for implementing privacy control in a co-browsing environment. In a particular embodiment, a method provides receiving an instruction in a co-browsing server to initiate a co-browsing session for a website with a first client and a second client. The method further provides receiving first privacy settings from the first client, wherein the first privacy settings indicate how the website should be presented at the second client. The method further provides presenting the website at the first client and presenting the website at the second client based on the first privacy settings. | 08-21-2014 |
20140237613 | DISTRIBUTION APPARATUS, DEVICE, CONTROL METHOD FOR DISTRIBUTION APPARATUS, AND STORAGE MEDIUM - A distribution apparatus accepts registration of an application program configured to provide a specific service to a device and an extension application program. When an application program that is specified by the extension application program is registered, the image forming apparatus manages the extension application program by linking it with the application program. When a license key has been received, the distribution apparatus distributes, to the image forming apparatus, an application program specified by a license key and/or an extension application program linked to the application program. | 08-21-2014 |
20140237614 | COMMUNICATION SYSTEM AND METHOD - There is provided a system, including a network that is defined by its novel approach to privacy, security and freedom for its users, namely privacy by allowing access anonymously, security by encrypting and obfuscating resources and freedom by allowing users to anonymously and irrefutably be seen as genuine individuals on the network and to communicate with other users with total security and to securely access resources that are both their own and those that are shared by others with them. Functional mechanisms that the system are able to restore open communications and worry-free access in a manner that is very difficult to infect with viruses or cripple through denial of service attacks and spam messaging; moreover, it will provide a foundation where vendor lock-in need not be an issue. | 08-21-2014 |
20140237615 | PORTABLE LICENSE SERVER - A portable license for licensed content is obtained by a user along with a regular license in a local network, such as a home network or other private network. The portable license may be stored in a license server on a portable device, such as a smart phone or a tablet, which functions as a portable license server. The user may take the portable device to another location where it joins another local network. A device in the second network, which does not have a license to play the licensed content, may use the portable license on the portable device to execute the content, enabling the user to enjoy it in multiple environments. The device (e.g., a TV) in the second network may continue to play the content as long as the portable license or another valid license is present in the network. | 08-21-2014 |
20140237616 | PROFILE AND CONSENT ACCRUAL - Consent management between a client and a network server. In response to a request for consent, a central server determines if requested user information is included in a user profile associated with a user and if the user has granted consent to share the requested user information. A user interface is provided to the user via a browser of the client to collect the requested user information that is not included in the user profile and the consent to share the requested user information from the user. After receiving the user information provided by the user via the user interface, the service provided by the network server is allowed access to the received user information, and the central server updates the user profile. Other aspects of the invention are directed to computer-readable media for use with profile and consent accrual. | 08-21-2014 |
20140237617 | ORIGIN AND CUSTODY OF COPIES FROM A STORED ELECTRONIC RECORD VERIFIED PAGE BY PAGE - A method of authenticating a copy of a multi-page document, which includes digitizing a said multi-page document to generate one or more digitized files that together comprise a digitized transcript. A mark that is unique to the preparer of the document, such as a signature, is prepared and digitized. The preparer of the document is allowed to deposit the digitized transcript on an online repository. The operator of the online repository immediately establishes a verification process for the deposited digitized transcript. This verification process includes associating the digitized preparer mark with the deposited digitized transcript, and freezing the transcript, by encrypting it and deriving a checksum. The verification process also include associating a repository mark with the transcript. The operator of the online repository defines, under the direction of at least the preparer of the document, security rights to limit or otherwise control access to the deposited digitized transcript. The digitized preparer mark and the digitized repository mark are allowed to appear on substantially all copies of the pages of the document only if the pages have not been altered. If carrying out the verification process verifies that the deposited digitized transcript has not been changed since the verification process was established the marks are displayed with the unaltered page. This display whether the pages are displayed on a monitor or printed in paper form. Each page with this display is thus authenticated as to origin and custody apart from the other pages or the transcript as a whole. | 08-21-2014 |
20140237618 | DYNAMIC ENFORCEMENT OF PRIVACY SETTINGS BY A SOCIAL NETWORKING SYSTEM ON INFORMATION SHARED WITH AN EXTERNAL SYSTEM - An external system (such as a website) that interacts with users communicates with a social networking system to access information about the users, who may also be users of the social networking system. If a privacy setting is changed in the social networking system, and the change applies to information that has been shared with an external system, the change is enforced at the external system. For example, the external system may be notified that the information is invalid and must be deleted, or the external system may periodically request the information so that changes to the privacy settings are eventually experienced at the external systems. When an external system again needs the information, whether expired naturally or actively invalidated by the social network, the external system sends a new request for the information, which is subject to the (possibly revised) privacy settings. | 08-21-2014 |
20140237619 | ELECTRONIC DEVICE AND SECURITY CONTROL METHOD - Setting of security for communication is automatically changed for each application that is started up. An electronic device includes a communication unit which communicates with another electronic device, a storage unit which stores setting information of security for communication corresponding to each application, an execution control unit which starts up and executes one application among a plurality of applications used to communicate with the other electronic device and recruit a participant of a community, and a security control unit which reads the setting information corresponding to the application which has been started up from the storage unit and controls security for communication using the communication unit based on the read setting information when the execution control unit starts up the application. | 08-21-2014 |
20140237620 | SYSTEM AND METHOD FOR DATABASE PRIVACY PROTECTION - The invention relates to a system and a method for privacy preservation of sensitive attributes stored in a database. The invention reduces the complexity and enhances privacy preservation of the database by determining the distribution of sensitive data based on Kurtosis measurement. The invention further determines and compares the optimal value of k-sensitive attributes in k-anonymity data sanitization model with the optimal value of l sensitive attributes in l diversity data sanitization model using adversary information gain. The invention reduces the complexity of the method for preserving privacy by applying k anonymity only, when the distribution of the sensitive data is leptokurtic and optimal value of k is greater than the optimal value of l. | 08-21-2014 |
20140237621 | MICROPROCESSOR SYSTEM WITH SECURED RUNTIME ENVIRONMENT - Microprocessor system that is implemented or can be implemented in a mobile terminal and comprises: a normal operating system designed to generate and maintain a non-secure runtime environment and a security operating system designed to generate and maintain a secured runtime environment, and an operating system interface between the normal operating system and the security operating system, said operating interface being designed to control communication between the non-secure runtime environment and the secured runtime environment on the operating system level, and at least one filter interface that is designed to securely control communication between the non-secure runtime environment and a secured runtime environment on a level different from the operating system level. | 08-21-2014 |
20140245452 | RESPONDING TO A POSSIBLE PRIVACY LEAK - When a user is about to perform a “communicative act” (e.g., to send an e-mail or to post to a social-networking site), the proposed communicative act is reviewed to see if it may lead to a privacy leak. If, upon review, it is determined that performing the proposed communicative act could lead to a privacy leak, then an appropriate response is taken, such as preventing the proposed act from being performed or suggesting a modification to the proposed act that would lessen the likelihood of a privacy leak. A privacy server creates a privacy profile for a user based on information about the user's personae and how those personae are used. Using that profile, the privacy server can judge whether a proposed communicative act would support an unwanted inference. | 08-28-2014 |
20140245453 | METHOD AND APPARATUS FOR TRANSMITTING A USER DATAGRAM PROTOCOL MESSAGE THAT IS LARGER THAN A DEFINED SIZE - A first device initiates a handshake message exchange with a second device according to a security protocol. The first device determines that an application datagram is to be transmitted according to a first transport protocol that limits a size of a datagram based on a defined size. The first device also determines that an application datagram size is larger than the defined size. The first device fragments the application datagram if the application datagram size is larger than the defined size and secures the application datagram with the security protocol. The first device also encapsulates the application datagram fragments in handshake messages, wherein an encapsulated application datagram fragment is transmitted from the first device to the second device in a first security protocol record. The first device may also transmit, to the second device, another application datagram secured with the security protocol. | 08-28-2014 |
20140245454 | METHOD AND APPARATUS FOR PROTECTING FLIGHT DATA - The present invention relates to a system and method for automatically protecting flight data in response to a variety of kinds of cyber terror that paralyze control service in a flight data system by enhancing the availability, reliability, and integrity of the flight data system when damage due to external or internal viruses or hacking, such as the alteration or modification of flight data, occurs. The flight data protection system has an advantage in that it can manage a system safely by providing an embedded system, using an Enhanced Write Filter (EWF), and protecting an Operating System (OS). | 08-28-2014 |
20140245455 | Privacy Preserving Interaction process for Collective Outcome - A process where everyone can interact by broadcasting encrypted conditional commitment segments, and at the end, everyone must undisputedly agree on quantifiable collective outcome, and no-one should know which way anyone else intentions was. | 08-28-2014 |
20140245456 | NON-TRANSITORY COMPUTER-READABLE RECORDING MEDIUM AND INFORMATION PROCESSING APPARATUS INCLUDING SHARED LIBRARY THAT PREVENTS UNAUTHORIZED USE - A non-transitory computer-readable recording medium includes a shared library that is executed by a processor. The shared library includes a preprocessing function and a function. The function causes the processor to execute a process if a value, as an execution result of the preprocessing function, is valid, and not to execute the process if the value is invalid. The preprocessing function causes the processor to acquire encrypted unique information from the storage device, to decrypt the unique information, to acquire, from the storage device, specific information that specifies an application using the shared library, and to return the value that is valid or invalid based on a comparison between the specific information and the decrypted unique information. | 08-28-2014 |
20140245457 | METHOD AND DEVICE FOR INITIATING PRIVACY MODE OF DATA PROCESSING APPARATUS - This application discloses method and device for initiating privacy mode of data processing apparatus, the method includes: setting privacy space as privacy mode to protect corresponding privacy information on the data processing apparatus, setting authentication information corresponding to the privacy space and setting specified interface for inputting the authentication information; Monitoring input information on the data processing apparatus at the specified interface of the data processing apparatus, comparing degree of similarity between the input information and the authentication information corresponding to the privacy space after the input information is detected, and initiating the privacy space in a case where the degree of similarity between the input information and the authentication information corresponding to the privacy space is higher than a corresponding threshold. | 08-28-2014 |
20140250534 | MANAGEMENT OF DIGITAL INFORMATION - According to an embodiment of the present invention, a system provides secure access to a digital item and includes at least one processor. The system partitions the digital item into a plurality of segments each containing a portion of the digital item and associated with a corresponding sensitivity level. The portion of the digital item within each segment is encrypted in accordance with the corresponding sensitivity level, and the plurality of segments are randomly stored among a plurality of storage units. Embodiments of the present invention further include a method and computer program product for providing secure access to a digital item in substantially the same manner described above. | 09-04-2014 |
20140250535 | APPARATUS FOR PREVENTING REPLAY ATTACK AND METHOD FOR PREVENTING REPLAY ATTACK - An apparatus for preventing replay attacks and a method for preventing replay attacks are provided in this invention, wherein the apparatus for preventing replay attacks comprises: an acquisition unit for, when a request for operating a digital content is received, acquiring current location information of a set of placeholder files; a determination unit for determining whether the current location information is consistent with recorded location information of the placeholder file; a protection unit for, when inconsistent as determined by the determination unit, wherein there is a correspondence between the digital content and the set of placeholder files. | 09-04-2014 |
20140259175 | SYSTEM AND METHOD FOR CONTROLLING UTILIZATION OF CONTENT - Apparatus, method, and media for controlling utilization of content. An exemplary method comprises associating one or more usage rights with content, wherein the usage rights are based at least in part on a usage rights grammar, and wherein each of the usage rights corresponds to a permitted utilization of the content and one or more conditions which must be satisfied in order for the respective usage right to be exercised, receiving from an external computing device external, a request to access the content, the request corresponding to a utilization of the content, determining whether the requested utilization corresponds to at least one of the usage rights associated with the content, and transmitting to an external a computing device, at least one of the usage rights based at least in part on a determination that the requested utilization corresponds to at least one of the usage rights. | 09-11-2014 |
20140259176 | SYSTEM AND METHOD FOR PERMITTING USE OF CONTENT USING TRANSFER RIGHTS - Apparatus, method, and media for permitting use of content. An exemplary method comprises associating a transfer right with content, the transfer right specifying that the content is permitted to be transferred from a first computing device to a second computing device, transferring the content from the first computing device to the second computing device in accordance with the transfer right, updating information associated with the transfer right based on the transfer of the content from the first computing device to the second computing device, and associating a usage right with the content, the usage right corresponding to a utilization of the content, wherein the first computing device includes at least a server mode of operation, and wherein the second computing device includes both a requester mode of operation and a server mode of operation. | 09-11-2014 |
20140259177 | EFFICIENTLY SEGREGATING DATA FROM EXTERNALLY ACCESSIBLE SYSTEMS - Various embodiments herein include at least one of systems, methods, and software that efficiently segregate data from externally accessible systems. One such embodiment is a method performed by a first data processing system and includes receiving a call from a client of a user interaction service requesting data to populate a client application user interface. Next, a first object service obtains the requested data. The first object service is then executed to call a master data service to retrieve master data from a local database storing master data copied from master data stored by a second data processing system. Next, transaction data is retrieved via a remote service call over a network from the second data processing system. The retrieved data is then provided back to the calling user interaction service, which then transmits the data to the client application. | 09-11-2014 |
20140283086 | System and Method for Performing Sensitive Geo-Spatial Processing in Non-Sensitive Operator Environments - Methods and systems are disclosed including transmitting, by processor of a server computer, image raster content of a geo-referenced aerial image to an operator user device without the geo-referencing information of the geo-referenced aerial image; receiving, by the processor of the server computer from the operator user device, image coordinates, which may be in the form of pixel row/column, representing an object or region of interest selected within the image raster content of the geo-referenced aerial image by a data processing operator of the operator user device; and translating the image coordinates into real-world geographic coordinates. The processor may calculate measurements based on the real-world geographic coordinates and may store real-world geographic coordinates and/or measurements. The geo-referenced aerial image may be isolated such that a data processing operator may not be able to pan or zoom outside of the isolated geo-referenced aerial image. | 09-18-2014 |
20140283087 | SELECTIVE CONTENT SHARING ON COMPUTING DEVICES - Described herein are architectures, platforms and methods for selective content sharing feature in a computing device and more particularly, a system that supports user configurable application-level privacy is described. | 09-18-2014 |
20140283088 | Preventing stack buffer overflow attacks - Improved buffer overflow protection for a computer function call stack is provided by placing a predetermined ShadowKEY value on a function's call stack frame and copying the ShadowKEY, a caller EBP, and a return pointer are pushed onto a duplicate stack. The prologue of the function may be modified for this purpose. The function epilogue is modified to compare the current values of the ShadowKEY, caller EBP, and the return pointer on the function stack to the copies stored on the duplicate stack. If they are not identical, an overflow is detected. The preserved copies of these values may be copied back to the function stack frame thereby enabling execution of the process to continue. A function prologue and epilogue may be modified during compilation of the program. | 09-18-2014 |
20140283089 | SENSITIVE PERSONAL INFORMATION DATA PROTECTION - A computing device may be configured to provide operations related to providing additional security for sensitive personal information (SPI) in data records of an enterprise. The SPI is extract from the data records and mask sequence values associated with the SPI are generated. A master translation table is updated with the association of the mask sequence values to the entries of SPI and the mask sequence values are merged into the data records to be used in place of the SPI to safeguard the SPI. The table containing the mask sequence values is stored separately. | 09-18-2014 |
20140283090 | LICENSING USING A NODE LOCKED VIRTUAL MACHINE - A method of licensing software to a particular instance of a virtual machine that is being run as part of an Active Directory domain. Since a virtual machine is a simulation of a physical machine, i.e. a computer, it can easily be cloned to produce an exact duplicate. This poses a problem when it is desired to license an instance of software for use only on a particular virtual machine. The technology disclosed allows for software to be licensed for execution only on a particular instance of a virtual machine that is being run as part of an Active Directory domain. | 09-18-2014 |
20140283091 | DIFFERENTIALLY PRIVATE LINEAR QUERIES ON HISTOGRAMS - The privacy of linear queries on histograms is protected. A database containing private data is queried. Base decomposition is performed to recursively compute an orthonormal basis for the database space. Using correlated (or Gaussian) noise and/or least squares estimation, an answer having differential privacy is generated and provided in response to the query. In some implementations, the differential privacy is ε-differential privacy (pure differential privacy) or is (ε,δ)-differential privacy (i.e., approximate differential privacy). In some implementations, the data in the database may be dense. Such implementations may use correlated noise without using least squares estimation. In other implementations, the data in the database may be sparse. Such implementations may use least squares estimation with or without using correlated noise. | 09-18-2014 |
20140283092 | Controlled Application Distribution - An application sender can control the distribution and use of an application using an authorization token encapsulating distribution terms submitted by the application sender and the application license specification submitted by a developer of the application. The application sender can access an application store and perform various functions such as selecting one or more applications for use by an application receiver, combining one or more applications into a bundle for use by an application receiver, and/or combining several applications to form a new application for use by an application receiver. The application receiver can utilize the application in accordance with the authorization token generated by the distribution terms. | 09-18-2014 |
20140283093 | METHOD, APPARATUS, SYSTEM, AND COMPUTER READABLE MEDIUM TO PROVIDE SECURE OPERATION - Technologies are provided in embodiments for receiving an enclave program for operation in an enclave, identifying at least one shared object dependency of the enclave program, determining whether the shared object dependency corresponds to at least one enclave shared object, causing association between the shared object dependency and the enclave shared object in circumstances where the shared object dependency corresponds to the enclave shared object, and causing association between the shared object dependency and an enclave-loadable non-enclave shared object in circumstances where the shared object dependency fails to correspond to the enclave shared object. | 09-18-2014 |
20140283094 | SYSTEM AND METHOD FOR SYSTEMATIC DETECTION OF FRAUD RINGS - The present invention provides, in at least one embodiment, a system, and method for detecting fraud rings. The system gathers a small group of highly likely fraudsters. The system then looks for groups of these likely fraudsters who are interconnected. When the interconnections are strong, these groups are likely to be fraud rings. Once fraud rings are detected, the links can be applied to better prevent fraud and to help in criminal investigations. | 09-18-2014 |
20140283095 | COLLABORATIVE PUBLISHING WITHIN A SOCIAL NETWORK - Exemplary methods, apparatuses, and systems select a plurality of entities within a social network. Content published by each entity to the social network is received by a plurality of users of the social network that follow the plurality of entities within the social network. One or more of the plurality of entities is selected based upon a characteristic of the plurality of following users. Permission is received from the plurality of entities to publish content to the social network on behalf of each entity. Utilizing the permission, content within a single theme is published to the social network on behalf of each of the plurality of entities, wherein the content within the single theme is published on behalf of each of the plurality of entities contemporaneously with each of the others of the plurality of entities. | 09-18-2014 |
20140283096 | VALIDATING NORMALIZED CODE REPRESENTATIONS - A request that includes an indication of an execution context and data that represents executable code is obtained. An analysis of the data is initiated based on generating a first templatized representation of the executable code. A list of clearance indicators that indicate a blocking status associated with respective forms of templatized representations is accessed. A workflow policy is determined based on the accessing of the list of clearance indicators. The list of clearance indicators is updated, based on a result of the analysis of the data. | 09-18-2014 |
20140283097 | Anonymizing Sensitive Identifying Information Based on Relational Context Across a Group - Mechanisms are provided for relational context sensitive anonymization of data. A request for data is received that specifies a relational context corresponding to a selected group of selected persons selected from a global group of persons based on the relational context. The relational context specifies one or more attributes of selected persons in the selected group that establishes a relationship between the selected persons and distinguishes the selected persons from non-selected persons in the global group that are not in the selected group. For the relational context, based on a corpus of personal information data corresponding to the selected persons, key attributes in the personal information data are determined and a rarity value for each key attribute is determined. Selected key attributes are then anonymized based on the determined rarity value for each of the key attributes within the relational context of the selected group. | 09-18-2014 |
20140283098 | MUTUALLY ASSURED DATA SHARING BETWEEN DISTRUSTING PARTIES IN A NETWORK ENVIRONMENT - An apparatus for sharing information between entities includes a processor and a trusted execution module executing on the processor. The trusted execution module is configured to receive first confidential information from a first client device associated with a first entity, seal the first confidential information within a trusted execution environment, receive second confidential information from a second client device associated with a second entity, seal the second confidential information within the trusted execution environment, and execute code within the trusted execution environment. The code is configured to compute a confidential result based upon the first confidential information and the second confidential information. | 09-18-2014 |
20140283099 | PRIVACY AWARE DHCP SERVICE - Generally, this disclosure describes a system including a privacy aware DHCP service and a user device. The user device includes a trusted execution environment including a client privacy agent configured to request a first Internet Protocol (IP) address from a DHCP service and to determine a device privacy score based, at least in part, on a DHCP policy; memory comprising secure storage configured to store the first IP address; and communication circuitry configured to establish at least one connection between the user device and at least one entity over a network using the first IP address. The client privacy agent is configured to monitor communication activity over the connection(s), to update the device privacy score based, at least in part, on the communication activity, and to close the connection(s) if the device privacy score is outside an acceptable privacy score range, the acceptable privacy range bounded by a privacy threshold. | 09-18-2014 |
20140283100 | DISPLAY PRIVACY WITH DYNAMIC CONFIGURATION - Generally, this disclosure provides systems, devices, methods and computer readable media for dynamic configuration of display privacy. The device may include a context determination module configured to determine a usage context for the device; a content attribute determination module configured to determine privacy attributes associated with data content to be displayed by the device; and a privacy decision module configured to trigger a privacy mode based on the usage context and the privacy attributes, the privacy decision module further configured to generate a switching signal to a switchable privacy filter in response to the privacy mode. | 09-18-2014 |
20140283101 | COMPUTING SYSTEM WITH PRIVACY MECHANISM AND METHOD OF OPERATION THEREOF - A computing system includes a context module configured to determine a sharing context; an option module, coupled to the context module, configured to generate a sharing option for the sharing context based on a default set for the sharing context, a user's past sharing selection for the sharing context, and a personalization degree for the sharing context; and a privacy preference module, coupled to the option module, configured to estimate a user's privacy preference based on the sharing option. | 09-18-2014 |
20140283102 | METHOD FOR RECEIVING ENTERED DATA AND INFORMATION PROCESSING DEVICE - A computer displays a first screen for left eye and a second screen for right eye in a same display region of a display device. The computer acquires an event corresponding to an operation performed on a screen displayed in the display region. The computer identifies a screen used as a standard screen from among the first screen and the second screen. The computer identifies an instruction provided by the event on basis of the screen used as the standard screen. | 09-18-2014 |
20140283103 | Systems and methods to extend ROM functionality - Various embodiments allow for flexible and secure updates of drivers for numerous types of external memory devices by utilizing an address-selection mechanism within a simple and secure ROM code to enable the loading of a dynamic routine from an external source into a dynamic memory. In certain embodiments, the routine enables a simple and trusted framework to access and modify the content of any number of complex memory devices via simple commands without affecting existing security measures. This increases the usable lifetime of secure ROM code, simplifies device validation, and shortens the overall development cycle by extending the functionality of secure ROM code while keeping the ROM code and any programming thereof simple. | 09-18-2014 |
20140283104 | Object Rendering Systems and Methods - Systems and methods are described that protect intellectual property rights in connection with 3-dimensional printing processes. In certain embodiments, an object a user would like to render with a 3-dimensional printing device may be compared with one or more managed objects having certain associated intellectual property rights. If the object is found to be similar to a managed object (e.g., similar in shape, function, composition, etc.), policy associated with the managed object may be enforced in connection with rendering the object. In this manner, intellectual property rights associated with the managed objects may be enforced. | 09-18-2014 |
20140289861 | SYSTEM AND METHOD FOR PROVISIONING LICENSE KEYS - Systems and method for provisioning license keys are disclosed. The systems and methods may include receiving an entitlement data set from a license manager, the entitlement data set associated with a plurality of entitlements, receiving a host data set from an access controller, the host data set associated with a plurality of components, assigning a subset of the plurality of entitlements based at least on the host data set, communicating a binding data set to the license manager, the binding data set associated with the subset, and communicating a license data set to the access controller, the license data set based at least on the binding data. | 09-25-2014 |
20140289862 | SYSTEMS AND METHODS FOR MANAGING DATA ASSETS ASSOCIATED WITH PEER-TO-PEER NETWORKS - A system and method for targeting content to BitTorrent users is presented. The system searches torrent file websites for a torrent file according to specified search criteria and verifies that the torrent file corresponds to a media file containing the copyrighted work. The system obtains tracker server information from the torrent file and obtains the IP addresses of participants currently connected to the torrent file from the tracker server, attempts to establish a connection with a participant based on an IP address selected from the IP addresses and, if successful, receives a data piece with a cryptographic hash from the participant. The cryptographic hash is verified to correctly match with the torrent file. The system provides for correlation of information about participants in the peer-to-peer network and using the information to provide targeted campaign to each user based on the user's preferences. | 09-25-2014 |
20140289863 | FILTER FOR A DISTRIBUTED NETWORK - A filter for a distributed network may include receiving index requests from indexing nodes over a network and providing over the network index responses to the indexing nodes in response to the index requests. The index responses may instruct a receiving indexing node to index or not index a specified file. The method may be implemented in software and executed on a computer. | 09-25-2014 |
20140289864 | METHOD AND APPARATUS FOR SECURING A COMPUTER - A computer system ( | 09-25-2014 |
20140298475 | IDENTIFYING UNAUTHORIZED CONTENT PRESENTATION WITHIN MEDIA COLLABORATIONS - Systems and methods are disclosed for identifying unauthorized presentation of protected content by one or more participants in a media collaboration. In one implementation, a processing device receives one or more content elements, each of the one or more content elements being provided within a media collaboration and associated with one or more users. The processing device identifies an unauthorized presentation of at least one of the one or more content elements within the media collaboration. Based on an identification of the unauthorized presentation, the processing device initiates one or more actions with respect to one or more of the users associated with the at least one of the one or more content elements. | 10-02-2014 |
20140298476 | SYSTEM, METHOD, APPARATUS AND COMPUTER PROGRAMS FOR SECURELY USING PUBLIC SERVICES FOR PRIVATE OR ENTERPRISE PURPOSES - A method, system, apparatus and computer programs are disclosed to process content for an enterprise. The method includes reviewing, using at least one enterprise policy, content that is to be sent through a data communications network to a public service to determine if the content comprises secure data and, in response to identifying secure data, modifying the content to be sent to the public service such that a presence of secure data will be visually imperceptible when the content is rendered at the public service. The step of modifying can include steganographically embedding the secure data or a link to the secure data in a container such as image data. | 10-02-2014 |
20140298477 | SYSTEM, METHOD, APPARATUS AND COMPUTER PROGRAMS FOR SECURELY USING PUBLIC SERVICES FOR PRIVATE OR ENTERPRISE PURPOSES - A method, system, apparatus and computer programs are disclosed to process content for an enterprise. The method includes reviewing, using at least one enterprise policy, content that is to be sent through a data communications network to a public service to determine if the content comprises secure data and, in response to identifying secure data, modifying the content to be sent to the public service such that a presence of secure data will be visually imperceptible when the content is rendered at the public service. The step of modifying can include steganographically embedding the secure data or a link to the secure data in a container such as image data. | 10-02-2014 |
20140298478 | METHOD AND DEVICE FOR PROVIDING A PRIVATE PAGE - Methods and devices for providing a private page are provided. A method includes operations of entering a security mode based on a user input; extracting the private page that corresponds to the security mode; and providing both the private page and a normal page that is provided during a normal mode, wherein the private page includes at least one object that is selected by a user so as to be provided during the security mode. A device includes a user input configured to receive a user input; a controller configured to enter a security mode based on the received user input, and extracting a private page that corresponds to the security mode; and a display configured to provide both the private page and a normal page that is provided during a normal mode, wherein the private page comprises at least one object that is selected by a user so as to be provided during the security mode. | 10-02-2014 |
20140298479 | SECURE DATA TRANSFER FOR CHAT SYSTEMS - The methods and systems disclosed herein pertain to secure data transfers during live chat sessions. At the conclusion of the chat session, any confidential information exchanged using the secure data transfer can be destroyed to maintain the confidentiality and/or privacy of the content of that information. | 10-02-2014 |
20140298480 | Increased Flexibility of Security Framework During Low Power Modes Management - The present invention relates to a method of managing switching from a first mode of operation to a second mode of operation a first processor in a processing device which comprises at least one other processor and a controller processor. The method comprises receiving a message which comprises a request to switch the first processor from a first to a second mode of operation; deciding whether the switching is appropriate; and upon decision of switching, switching the first processor from a first mode of operation to a second mode of operation according to the selected type of switching. | 10-02-2014 |
20140304823 | Multi-dimensional rights scheme - A multi-dimensional rights scheme is described, including generating a time-based media presentation including a media track, encoding the media track for a first right of a user of the media presentation, and encoding a time-based portion of the media presentation for a second right of the user of the media presentation. | 10-09-2014 |
20140304824 | SYSTEMS AND METHODS FOR CONTEXT-SENSITIVE DATA SECURITY FOR BUSINESS APPLICATION PERFORMANCE OPTIMIZATION - Described herein are systems and methods for providing context-sensitive data security, for business application performance optimization. In accordance with an embodiment, the system can be used together with a Role Based Access Control model. Data security predicates can be made context-sensitive, by taking into account the context in which an end-user is navigating an application. By providing context-sensitive data security in this manner, the complexity of database queries can be reduced, and the underlying relational database management system can create better-optimized execution plans. | 10-09-2014 |
20140304825 | ANONYMIZATION AND FILTERING DATA - System and method of anonymising data comprising the steps of reading parameters of an anonymisation procedure from a configurable anonymisation procedure resource. Receiving data to be anonymised from a data source, wherein the data source is identified by one or more of the read parameters. Applying one or more transformations to the received data according to the anonymisation procedure, wherein the one or more transformations include transforming at least an original portion of the received data into a transformed portion. | 10-09-2014 |
20140304826 | CAPACITIVE SENSOR INTEGRATED IN AN INTEGRATED CIRCUIT PACKAGE - A system and method for disposing a capacitive proximity and touch sensor in locations where an integrated circuit package may be vulnerable to intrusion by providing electrodes in the packaging that may prevent interception of data obtained by a probe that is brought into proximity of the integrated circuit. | 10-09-2014 |
20140304827 | DATA LEAK PROTECTION - Methods and systems for Data Leak Prevention (DLP) in an enterprise network are provided. According to one embodiment a data leak protection method is provided. Information regarding a watermark filtering rule is received by a network device. The information includes a sensitivity level and an action to be applied to files observed by the network device that match the watermark filtering rule. A file attempted to be passed through the network device is received by the network device. A watermark embedded within the received file is detected by the network device. A sensitivity level associated with the watermark is compared by the network device to the sensitivity level of the watermark filtering rule after the watermark is detected. If the comparison results in a match, then the action specified by the watermark filtering rule is performed by the network device. | 10-09-2014 |
20140304828 | System and Method for Securing Information Distribution via eMail - A method facilitating secure financial transactions using email is presented comprising the steps of receiving bill data at a server implementing the method, and generating an email message to a recipient with information including at least a portion of the received bill data. The amount of bill data included in the email message is based, at least in part, on the email address of the recipient. | 10-09-2014 |
20140304829 | STATISTICAL MESSAGE CLASSIFIER - A system and method are disclosed for improving a statistical message classifier. A message may be tested with a machine classifier, wherein the machine classifier is capable of making a classification on the message. In the event the message is classifiable by the machine classifier, the statistical message classifier is updated according to the reliable classification made by the machine classifier. The message may also be tested with a first classifier. In the event that the message is not classifiable by the first classifier, it is tested with a second classifier, wherein the second classifier is capable of making a second classification. In the event that the message is classifiable by the second classifier, the statistical message classifier is updated according to the second classification. | 10-09-2014 |
20140310816 | Method to Prevent Operating System Digital Product Key Activation Failures - A method, an information handling system (IHS), and a computer program product initiates injection verification to determine whether a key injection procedure to support automated system activation within a target IHS was completed successfully. An injection verification module (IVM) compares a copy of a selected and limited character sequence for a unique digital product key (DPK) utilized during key injection to a character sequence reported by an operating system (OS) image on a selected, target IHS. If the selected character sequence matches the reported character sequence, the IVM identifies the selected information handling system as a “passing” system on which the key injection procedure was successfully performed. If the selected character sequence for the unique DPK does not match the reported character sequence, the IVM identifies the selected information handling system as a “failing” system on which the key injection procedure was not successfully performed. | 10-16-2014 |
20140310817 | Execution-Based License Discovery and Optimization - Techniques, systems, and articles of manufacture for execution-based license discovery and optimization. A method includes collecting execution information for one or more software processes on one or more servers in an operating system, mapping the collected execution information for the one or more software processes to one or more software products, determining usage of a software product in the operating system based on the mapping of the collected execution information for the one or more software processes to one or more software products, and identifying one or more software product license optimization opportunities based on a comparison of the determined usage of the software product in the operating system and an indication of all installations of the software product in the operating system. | 10-16-2014 |
20140310818 | Execution-Based License Discovery and Optimization - Systems and articles of manufacture for execution-based license discovery and optimization include collecting execution information for one or more software processes on one or more servers in an operating system, mapping the collected execution information for the one or more software processes to one or more software products, determining usage of a software product in the operating system based on the mapping of the collected execution information for the one or more software processes to one or more software products, and identifying one or more software product license optimization opportunities based on a comparison of the determined usage of the software product in the operating system and an indication of all installations of the software product in the operating system. | 10-16-2014 |
20140310819 | METHOD AND APPARATUS FOR ACCESSING MEDIA - A system controls access to a group of media items. A client device is operable by a user. A media server is coupled to at least one media data source, wherein the at least one media data source stores one or more media items for supply, by the media server, to the client device over a network. An authorization server is coupled to an authorization data source. The authorization data source stores data identifying a group of media items of fixed group size N that are accessible by the user, each media item in said group having a different associated availability parameter value indicating a number of time periods M within which access to the media item is available, wherein the authorization server is arranged to authorize the media server to supply a media item to the client device if said media item belongs to the group of media items. | 10-16-2014 |
20140310820 | System and Method for Digital Rights Management of Digital Media - A system and accompanying method for Digital Rights Management (DRM) are disclosed that permit arbitrary forms of digital media to be vended in a networked environment. Special purpose renderers are distributed with each particular instance of digital media. Each renderer may include a tailored set of controls allowing the owner of the digital media to restrict the use thereof. | 10-16-2014 |
20140317753 | Bi-directional communication over a one-way link - Apparatus for communication includes a single one-way link, which is physically capable of carrying the communication signals in one direction and incapable of carrying the communication signals in the opposite direction. Ancillary circuitry is coupled so as to cause the single one-way link to convey both first communication signals from a first station to a second station and second communication signals from the second station to the first station. | 10-23-2014 |
20140317754 | Detecting Unauthorised Changes to Website Content - Methods, apparatus, systems are provided for use in detecting unauthorised changes to websites of web operators. Authorised content policy sets for each of a multiplicity of websites from web operators are collected and stored. In addition, content information obtained in respect web content downloaded from said websites by a multiplicity of client devices, client proxy devices, and/or client gateway devices is used to identify websites that do not conform to respective policy sets. Alerts are sent to the web operator of any non-conforming website. Optionally, alerts may be sent to client devices, client gateway devices, and/or client proxy devices for use in scanning or blocking the web content from non-conforming websites. | 10-23-2014 |
20140317755 | METHOD AND APPARATUS FOR MAKING SYSTEM CONSTRAINT OF A SPECIFIED PERMISSION IN THE DIGITAL RIGHTS MANAGEMENT - A method and a terminal device for making multi-system constraint of a specified permission in a digital rights. A rights object related to content object is obtained by an executing device. The specific permission descriptions of the rights object include system constraint descriptions of a plurality of systems of the same type. The executing device obtains a corresponding system information in the device according to the system constraint descriptions and compares the system information in the device with the system information in the system constraint descriptions, so as to judge whether there is any system permitted in system constraint descriptions. If yes, it determines to permit executing the specific permission for the content object; otherwise, it determines not to permit executing said specific permission for the content object. | 10-23-2014 |
20140317756 | ANONYMIZATION APPARATUS, ANONYMIZATION METHOD, AND COMPUTER PROGRAM - Provided is an anonymization apparatus for optimally and fully performing anonymization, in anonymizing history information, in a state where a specific property existing in a plurality of records with an identical identifier is maximally maintained. | 10-23-2014 |
20140325663 | AUTOMATIC RECOVERY OF LICENSE KEY INFORMATION - A method, system, and computer program product to manage license key information in a system including a feature requiring the license key information are described. The method includes storing, automatically, a backup copy of the license key information from a primary copy of the license key information after installation of a feature requiring the license key information on the system. The method also includes recovering, automatically, the license key information whenever the license key information is required to be installed. | 10-30-2014 |
20140325664 | SYSTEMS AND METHODS FOR REPLACING APPLICATION METHODS AT RUNTIME - A computer-implemented method for replacing application methods at runtime may include identifying an application at runtime that includes a target method to replace at runtime with a source method, locating a target address of a target method data structure (that includes a target code pointer to method code of the target method) within memory at runtime that is referenced by a target class, determining a source address of a source method data structure (that includes a source code pointer to method code of the source method) within memory at runtime that describes the source method, and modifying the application at runtime to have the target class reference the source method instead of the target method by copying the source method data structure from the source address to the target address and, thereby, replacing the target code pointer with the source code pointer. Various other methods and systems are also disclosed. | 10-30-2014 |
20140325665 | COMPUTER SYSTEM FOR PREVENTING THE DISABLING OF CONTENT BLOCKING SOFTWARE FUNCTIONALITY THEREIN, AND METHOD THEREFOR - In a computer system having a hard drive and a processor, operating system software stored on the hard drive and implemented by the processor, and a display on which icons, features, lists and menus representative of executable programs of the operating system software are displayable, there is a method for preventing the disabling or circumventing of content blocking software functionality to be installed in the computer system at time of manufacture. In the method, system restore is turned off prior to installation of the content blocking software onto the computer system, and then content blocking software-related features are hid once the content blocking software is installed. The method includes preventing booting of the computer system from external sources, preventing modifying of BIOS settings of the computer system, and the disabling of selected advanced troubleshooting tools in the operating system software. | 10-30-2014 |
20140325666 | GUARANTEEING ANONYMITY OF LINKED DATA GRAPHS - A system and computer program product for transforming a Linked Data graph into a corresponding anonymous Linked Data graph, in which semantics is preserved and links can be followed to expand the anonymous graph up to r times without breaching anonymity (i.e., anonymity under r-dereferenceability). Anonymizing a Linked Data graph under r-dereferenceability provides privacy guarantees of k-anonymity or l-diversity variants, while taking into account and preserving the rich semantics of the graph. | 10-30-2014 |
20140325667 | PREVENTING IDENTITY FRAUD FOR INSTANT MESSAGING - A computer-implemented method for preventing identity fraud in instant messaging is provided in accordance with an aspect of the present disclosure. In the method, an instant message is received. Then, determine relationship between a sender and a receiver of the instant message, and determine whether key identifier of the sender has changed. Subsequently, inform the receiver about the change of the key identifier of the sender when the sender and the receiver have a preset type of relationship. | 10-30-2014 |
20140325668 | Lawful Intercept Utility Application - Novel tools and techniques are provided for lawfully intercepting communications. In some embodiments, a lawful intercept application might be provided on a cloud computing system. The lawful intercept application might include an application programming interface (“API”) to exchange data with a plurality of different communication building blocks of different types. Communication intercept data associated with a particular communication between a lawful intercept subject and other parties may be received with the lawful intercept application. The communication intercept data may then be provided from a delivery function of the lawful intercept application to a collection function. In some cases, the collection function might be part of the lawful intercept application, might be located at a government facility separate from the cloud computing system, or might be two collection functions, one of which is part of the lawful intercept application and the other of which is located at the government facility. | 10-30-2014 |
20140325669 | Cloud-Basd Digital Verification System and Method - A method for formal verification of a digital circuit using a cloud-based verification engine. The method comprises extracting a proof problem from a design of a digital circuit with a local processor, reducing said proof problem to proof relevant data, encrypting said reduced proof problem, transmitting said encrypted reduced proof problem to a remote server, decrypting said encrypted reduced proof problem at said remote server, storing said reduced proof problem in a memory at said remote server, running a proof on said reduced proof problem at said remote server to generate a proof result; encrypting said proof result at said remote server; transmitting said encrypted proof result to said local processor; decrypting said encrypted proof result at said local processor; and reconstructing a verification result of said digital circuit design at said local processor using said decrypted proof result. | 10-30-2014 |
20140325670 | SYSTEM AND METHOD FOR PROVIDING RISK SCORE BASED ON SENSITIVE INFORMATION INSIDE USER DEVICE - A system and method for providing risk score based on sensitive information inside user device is provided. The system includes a user, a computing device or a user device (e.g. a mobile phone, laptop, desktop, etc.), a risk scoring tool, a network, and a server. The risk scoring tool may be installed in the computing device | 10-30-2014 |
20140325671 | APPARATUS AND METHOD FOR PROVIDING DRM SERVICE BASED ON CLOUD - A DRM service providing method of a DRM cloud server is provided. The DRM service providing method includes receiving a request for a DRM management service from a contents service company; sending a DRM cloud agent for the contents service company to a server of the contents service company; if a contents provider terminal device sends a request for registration of specific contents by using the DRM cloud agent allotted to the contents service company, packaging the contents corresponding to the received request for registration of the specific contents to DRM contents; and storing the packaged DRM contents, an encryption key for the packaged DRM contents and information upon permissions for use of the packaged DRM contents. | 10-30-2014 |
20140331329 | OBFUSCATING THE LOCATIONS OF ACCESS POINTS AND FEMTOCELLS - Methods and apparatuses are presented for obfuscating the locations of terrestrial wireless transceivers, including wireless access points and femtocells. According to some embodiments, a method may receive, by a mobile device, data for a terrestrial wireless transceiver, wherein the data includes location coordinates of the terrestrial wireless transceiver, and wherein the location coordinates include an error term. Additionally, the method may include determining the error term based on the data. Furthermore, the method may include determining a corrected location of the terrestrial wireless transceiver by removing the error term from the location coordinates. In some instances, the data can further include a unique identifier associated with the terrestrial wireless transceiver, and wherein the error term is further determined based on the unique identifier. | 11-06-2014 |
20140331330 | APPLYING DIGITAL RIGHTS MANAGEMENT TO MULTI-MEDIA FILE PLAYBACK - A method begins with a processing module of a centralized digital video storage (DVS) system that supports a plurality of subscriber units, receiving a request for playback of a stored multi-media file from a subscriber unit. The method continues with the processing module determining whether the stored multi-media file is a subscription based file or a publically available file. When the stored multi-media file is the subscription based file, the method continues with the processing module accessing digital rights management data regarding subscription based multi-media files to determine the subscriber unit's digital rights to the stored multi-media file. When the subscriber unit's digital rights include playback of the multi-media file, the method continues with the processing module sending a unique copy of the stored multi-media file to the subscriber unit in accordance with a unique slice retrieval pattern of the subscriber unit. | 11-06-2014 |
20140337983 | Entry/Exit Architecture for Protected Device Modules - The entry/exit architecture may be a critical component of a protection framework using a secure enclaves-like trust framework for coprocessors. The entry/exit architecture describes steps that may be used to switch securely into a trusted execution environment (entry architecture) and out of the trusted execution environment (exit architecture), at the same time preventing any secure information from leaking to an untrusted environment. | 11-13-2014 |
20140337984 | VERIFICATION OF SERIALIZATION CODES - An example apparatus may include a processor and a memory device including computer program code. The memory device and the computer program code may, with the processor, cause the apparatus to provide modified serialization codes for a first entity in a serialization flow to replace existing serialization codes for the first entity. In various examples, the modified serialization codes may have a representation of at least two different characters, and a number of instances of one of the characters in the representation of the modified serialization codes may be different from a number of instances of the one of the characters in the representation of the existing serialization codes. The memory device and the computer program code may further cause the apparatus to receive serialization codes from a second entity, the second entity being downstream in the serialization flow from the first entity; compare serialization codes from the second entity with the modified serialization codes; and verify the serialization codes from the second entity by determining if the serialization codes from the second entity are compatible with the modified serialization codes. | 11-13-2014 |
20140337985 | Security in Digital Manufacturing Systems - A system for digital manufacturing is described. A content repository includes digital manufacturing source files that have model information, pricing information, and rights information. A viewport for viewing a visual rendering of the digital manufacturing source file is included along with an obfuscation engine for obfuscating the digital manufacturing source file at the content repository and de-obfuscating the digital manufacturing source file at the viewport. Also included is a selection engine for choosing the digital manufacturing source file for digital manufacturing. | 11-13-2014 |
20140337986 | INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING APPARATUS, COMPUTER-READABLE STORAGE MEDIUM HAVING STORED THEREIN INFORMATION PROCESSING PROGRAM, AND DATA PROVIDING METHOD - An information processing system | 11-13-2014 |
20140337987 | SECURE SERIAL NUMBER - A serial number for a software product is secured with an authenticator value. The authenticator value and the serial number are evaluated entirely by a remote authentication server such that no cryptographic authentication occurs on a local computer on which the software product is being installed. An abbreviated portion of the authenticator value is used for offline authentication. | 11-13-2014 |
20140337988 | METHOD AND APPARATUS FOR DATABASE SANITIZING - A method of generating a test database from a deployed database by “sanitizing”, or removing sensitive data, is employed for recreating problem scenarios from a customer site, verifying compatibility of customer data with database version updates, and for performance testing using actual, rather than generated, database structures. In database management operations, in can be beneficial to use data generated from actual operational scenarios rather than artificially generated data created from a test pattern. Data generated from actual operation, such has at a customer site, assures compatibility with the relation patterns and record volumes employed by the customer (user). However, databases often contain sensitive information that would be inappropriate, illegal, or vulnerable in a testing environment. Accordingly, the generated test database overwrites sensitive data values with benign, or generic values while preserving the structure and relations of the data stored. | 11-13-2014 |
20140337989 | Systems and Methods for Multi-User Multi-Lingual Communications - Various embodiments described herein facilitate multi-lingual communications. The systems and methods of some embodiments enable multi-lingual communications through different modes of communication including, for example, Internet-based chat, e-mail, text-based mobile phone communications, postings to online forums, postings to online social media services, and the like. Certain embodiments implement communication systems and methods that translate text between two or more languages. Users of the systems and methods may be incentivized to submit corrections for inaccurate or erroneous translations, and may receive a reward for these submissions. Systems and methods for assessing the accuracy of translations are described. | 11-13-2014 |
20140337990 | Method for Using a Multi-Function Computer for Testing - A system and method facilitate the use of a multi-function computer for an examination. An application implementing the method receives a hash input from a user and, upon successful completion of the examination, displays a hash output. The hash output may be displayed as a visual hash. During the examination, the application or system monitors the multi-function computer to determine whether the user has activated, viewed, or launched any prohibited functions or applications on the multi-function computer. If the user views a prohibited function or application, the examination application does not display the hash output. The system and application implement various security measures to prevent spoofing or duplication of the hash output or tampering with the application. | 11-13-2014 |
20140337991 | METHODS AND APPARATUS FOR BLOCKING USAGE TRACKING - Methods and apparatuses that maintain one or more data stores capable of storing local data in a device for loading a resource of a domain are described. The resource may be loaded to cause one or more data access operations on the data stores. Access to usage tracking data of the device from the domain may depend on at least one of the data access operations. The data access operations may be configured to block the usage tracking data of the device from the domain. The data access operations may be performed on the data stores for the loading of the resource. A web page may be presented to a user when the resource is successfully loaded. | 11-13-2014 |
20140337992 | PIRACY PREVENTION IN DIGITAL RIGHTS MANAGEMENT SYSTEMS - A method in a multimedia device ( | 11-13-2014 |
20140337993 | METHOD FOR MANAGING PRIVACY OF DIGITAL IMAGES - A captured digital image is stored in memory together with metadata derived from a location signal only if the location metadata is determined not to be within one or more predefined exclusion zones. A GPS receiver module can be implemented to obtain the location signal. | 11-13-2014 |
20140337994 | INFORMATION PROCESSING DEVICE - An information processing device of the invention has a first board on which a tamper detection pattern is installed, a second board that is arranged to face the first board and on which a tamper detection pattern is installed, and sidewalls that are arranged between the first and second boards and along the outer periphery of the first and second boards and that include a plurality of layers ( | 11-13-2014 |
20140337995 | SYSTEMS AND METHOD FOR IDENTIFYING AND MITIGATING INFORMATION SECURITY RISKS - Methods and systems for Sustained Testing and Awareness Refresh against Phishing threats (STAR*Phish™) are disclosed. In an embodiment, a method assigns schemes and unique identifiers to target e-mail addresses associated with a user accounts. The method delivers e-mail messages to the targeted e-mail addresses, the e-mail messages comprising an HTTP request and a unique identifier associated with each of the user accounts. The method then receives, at a Phishing Metric Tool (PMT), a response including the unique identifier. The PMT logs training requirements for the user accounts, tracks response metrics for the training requirements, and redirects the respective HTTP requests to a phishing training tool (PTT). The PTT sends a notification of the user account identities and the unique identifiers to the PMT and returns a status for the training requirements for the user accounts. Upon completion of the training, the PMT sends completion notifications for the user accounts. | 11-13-2014 |
20140337996 | INFORMATION PROCESSING APPARATUS AND METHOD, RECORDING MEDIUM, AND PROGRAM - Information processing apparatus and method, recording medium, and program are provided. An information processing apparatus includes the following elements. A receiver receives a command requesting for the execution of predetermined processing. A storage unit stores data and first information indicating, among a plurality of stages in a lifecycle of the information processing apparatus, the current stage determined by the stored data and second information indicating an executable command in the current stage, the executable command being determined for each of the plurality of stages. A determining unit determines on the basis of the first information and the second information whether the command received by the receiver is an executable command in the current stage. | 11-13-2014 |
20140344941 | METHOD FOR MANAGING PUBLIC AND PRIVATE DATA INPUT AT A DEVICE - A method is provided for managing public and private data input by a device such as a mobile handset, a personal digital assistant, a personal computer and an electronic tablet. Method provides for separating public and private data such that public data can be operated on by open operating system and private data is either encrypted while in the open operating environment but can be operated on and used when received by the secure operating environment. | 11-20-2014 |
20140344942 | Methods for Activating End-User Software Licenses - Methods for software activation are provided that associate a software license key with one or more authorized individuals such that an authorized individual can readily transfer a license between different platforms. A biometric sample of the individual is stored in an enrollment step upon first activation of the software. Later, the same individual can provide a biometric sample that matches the stored biometric sample in order to activate the software on another platform, rendering the first instance inactive if no additional activations are available. More than one individual can be authorized under a license that allows for multiple activations. | 11-20-2014 |
20140344943 | SYSTEM AND METHOD FOR SECURING SENSITIVE DATA - An approach is provided for securing data in a technical environment. In one embodiment, a processor obtains a first file, which when executed installs a first portion of a second file and an assembly key to assemble the second file. The processor executes this first file and then obtains the second portion of the second file. The processor assembles the second file using the first portion, the second portion, and the assembly key. | 11-20-2014 |
20140344944 | DYNAMIC DATABASE UPDATE IN MULTI-SERVER PRIVATE INFORMATION RETRIEVAL SCHEME - A system and methods to provide updates of an oblivious database that is based on an original database without compromising privacy guarantees, and without requiring a periodic downtime to re-initialize the database. According to embodiments of the present invention, update caches are provided at the random servers that are not emptied or sent to the oblivious database after every update in a predictable fashion. Instead, updates are made incrementally to the oblivious database in an order that is independent of how the original database is updated. Hence there is no way for the server to learn which record of the oblivious database corresponds to an updated block from the original database. | 11-20-2014 |
20140344945 | Thin-Client Embedded Secure Element - A thin-client embedded secure element, which includes a processor and a memory coupled to the processor, and a proxy client. The thin-client embedded secure element also includes a storage device including an identification uniquely identifying the thin-client secure element. The proxy client is configured to receive a request for the secured data from a module in the client device, establish a secure communication channel with a proxy server coupled to the computing device over a network, request the secured data from the proxy server using the identification, and provide the secured data to the module of the client device. | 11-20-2014 |
20140344946 | EMISSION CONTROL FOR WIRELESS LOCATION MANAGEMENT - An emission control scheme intended to limit the localization and identification of a wireless device to known friendly wireless networks. Use of an intelligent access control (IAC) on a wireless device allows the user or administrator control over the revealing of the wireless device to any particular network. Passive scanning allows collection of network information while passive device-based location and on-board databased information on the wireless networks allows localization to thwart network spoofing for unfriendly positioning and identification of the wireless device. | 11-20-2014 |
20140344947 | METHOD AND APPARATUS FOR HANDLING STORAGE OF CONTEXT INFORMATION - A method and apparatus is provided for improving security of context information of processing circuitry of a processing device. In one example, the method and apparatus stores context information of the processing circuitry on an external storage medium at a first location as part of the processing circuitry entering a first power state, and stores the context information of the processing circuitry on the storage medium at a second location as part of the processing circuitry entering a second, later and different power state. | 11-20-2014 |
20140344948 | Automated Management of Private Information - A private information management apparatus, a method, and a program that allows individual users to easily set and apply their privacy rules. A private information management apparatus receives setting data from a user terminal and creates a privacy rule that defines a condition for restricting disclosure of private information and a restriction method. If undisclosed image data contains private information of a user, the private information management apparatus extracts metadata contained in this undisclosed image data, and determines whether or not the metadata satisfies the condition for restricting disclosure of the private information. If it is determined that the condition is satisfied, the private information management apparatus executes the restriction method defined by the privacy rule. | 11-20-2014 |
20140344949 | DIGITAL RIGHTS MANAGEMENT SYSTEMS AND METHODS FOR AUDIENCE MEASUREMENT - Digital rights management systems and methods for audience measurement are disclosed. Example methods disclosed herein include enabling a media handler implemented by a media device to begin presenting first media based on a first digital license associated with the first media. Such example methods also include retrieving a second digital license different from the first digital license from a license server separate from the media device. Such example methods further include causing the media handler to perform a first media monitoring operation based on the second digital license, the first media monitoring operation being deactivated by default. | 11-20-2014 |
20140351943 | ANONYMIZATION AND FILTERING DATA - System method of anonymising data comprising the steps of receiving data to be anonymised. Applying one or more transformations to the received data according to a transformation configuration resource, wherein the one or more transformations include transforming at least an original portion of the received data into a transformed portion, wherein the original portion of the received data is recoverable from the transformed portion using stored information. | 11-27-2014 |
20140351944 | SOFTWARE PROTECTING SYSTEM AND ELECTRONIC DEVICE USING THE SAME - A software protecting system existing as an independent program in an electronic device protects against misuse of new software to be installed. The protecting system includes an invoking module and an input/output setting module. The invoking module invokes the genuine software in response to user input but the input/output setting module sets input/output functions of the genuine software when the genuine software is run to prevent complete of peripheral functionality during any trial period of use. An electronic device with the software protecting system is also provided. | 11-27-2014 |
20140351945 | INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING APPARATUS, AND RECORDING MEDIUM STORING LICENSE MANAGEMENT PROGRAM - An information processing system includes an operation unit that receives an operation from a user and a main unit that operates based on a request from the operation unit. A device information providing part provides device information of the main unit as device information required for a license registration of an application program to be executed by the operation unit. A license management part performs, after an execution of the application program is requested in the operation unit, a license verification by using the device information of the main unit acquired from the main unit based on license management information of the application program of which a license is registered using the device information. | 11-27-2014 |
20140351946 | PRIVACY PROTECTION-TYPE DATA PROVIDING SYSTEM - An information providing apparatus for collecting data including personal information and distributing the data to a user terminal performs anonymization processing for converting data, which an individual who is an owner of personal information allows to use, into data with which the individual cannot be identified using multiple parameters, thus generating multiple anonymized data protecting the, privacy of the individual. Since each of the anonymized data is anonymized using a different parameter, the amount of information of each of the anonymized data is different. Then, when a request is received from a user terminal, anonymized data that can be provided to the user are identified from among multiple generated anonymized data on the basis of the reliability of the user who uses the user terminal. | 11-27-2014 |
20140351947 | METHOD OF GENERATING EXECUTION FILE FOR MOBILE DEVICE, METHOD OF EXECUTING APPLICATION OF MOBILE DEVICE, DEVICE TO GENERATE APPLICATION EXECUTION FILE, AND MOBILE DEVICE - A method of generating an application execution file for a mobile device is provided. The method according to an exemplary embodiment of the present invention includes encoding at least one class, which requires security, independently of other classes among a plurality of classes to execute an application, and generating the application execution file which includes the encoded at least one class and the other classes. | 11-27-2014 |
20140351948 | SECURITY BOX - Provided is a security box including: an input means for input of external data; an execution means for executing, in a predetermined area, external data input by the input means; and an isolation control means for isolating the execution area from other areas during execution. The security box can be further equipped with: a display means for displaying the behavior of external data executed by the execution means; a determination means for determining, on the basis of the behavior displayed by the display means, whether the external data is normal data; and a deletion means for deleting data that the determination mean has determined is not normal data and/or all of the data of the execution means. | 11-27-2014 |
20140351949 | PRIVACY ISSUES IN M2M - Upon transmitting privacy information to an MTC server ( | 11-27-2014 |
20140351950 | COMMUNICATION DEVICE, SYSTEM, AND CONTROL METHOD - A communication device includes a memory and a processor coupled to the memory and configured to, when a first vibration is detected in the communication device, set a certain state that protects information stored in the memory, and cancel the certain state based on receiving from another communication device a notification indicating that the other communication device detected a second vibration. | 11-27-2014 |
20140359781 | ELECTRONIC APPARATUS AND MANAGEMENT METHOD - According to at least one embodiment, an electronic apparatus includes a wireless communicator, storage, and an erasing processor. The wireless communicator communicates with a management device connected to a network. The storage stores a plurality of account information elements and data. The plurality of account information elements correspond to a plurality of accounts. The plurality of account information elements include account names. The data correspond to the plurality of accounts. The erasing processor erases a first account information item corresponding to a first account in the plurality of accounts and first data corresponding to the first account when a request to erase the first account is received from the management device. | 12-04-2014 |
20140359782 | DYNAMIC PSEUDONYMIZATION METHOD FOR USER DATA PROFILING NETWORKS AND USER DATA PROFILING NETWORK IMPLEMENTING THE METHOD - A users' data profiling network implementing a method of dynamic pseudonymization of users for ensuring user privacy, including: receiving at a data node new input data related to a user along with an associated new user pseudonym and an old user pseudonym; in the data node, finding user data record, corresponding to the received new input data, having stored therein a dynamic input user pseudonym equal to the old user pseudonym received together with the new input data or to one user pseudonym; temporarily storing, in the found user data record, the new input data; setting the dynamic input user pseudonym stored in the user data record equal to the last received new user pseudonym associated with the received input data related to the user; computing and storing an output user data profile in the user data record, and then erasing accumulated new input data from the user data record. | 12-04-2014 |
20140359783 | SYSTEMS AND METHODS FOR PROVIDING PRIVACY SETTINGS FOR THIRD-PARTY APPLICATIONS - Systems and methods for providing privacy settings for applications associated with a user profile are provided. Exemplary methods include receiving a request from a member of a web-based social network to access a third-party application, providing privacy settings selections to control access to data associated with the installed application, receiving a privacy settings selection from the member, and providing to the third party application information about the user subject to the received privacy settings selections. | 12-04-2014 |
20140359784 | Method of Anonymising an Interaction Between Devices - A method is provided of anonymising an interaction between a user entity and a service provider node wishing to provide a service to the user entity in dependence upon characteristics of the user entity determined or revealed as a result of the interaction, the method comprising: assigning the user entity to at least one set, each set comprising as members a plurality of user entities sharing a characteristic associated with that set; counting the number of user entities the set or in an intersection of the at least one set and calculating a share of said value attributable to each user by dividing the value by the number of user entities in the set; ensuring that the intersection of the at least one set comprises at least a predetermined minimum number of user entities; and providing to the service provider node information relating to the or each characteristic associated with the at least one set, the information being for use at the service provider node in providing a service to the user entity that is appropriate in view of the characteristics of the user entity but insufficient to identify the user entity. | 12-04-2014 |
20140366147 | AUTOMATIC MEDIATION OF RESOURCE ACCESS IN MOBILE APPLICATIONS - The subject disclosure is directed towards automated, static analysis-based program code processing that detects unprotected resource accesses by applications, that is, those that do not provide proper opt-in consent dialogs (prompts). In one aspect, consent prompt code is automatically inserted into the program code to protect such unprotected access points. Also described are program representation graph construction and processing, a dominator node-based approach to determine placement points for inserting consent prompt code, and a backward search-based approach for inserting consent prompt code. | 12-11-2014 |
20140366148 | Storage Medium Securing Method and Media Access Device thereof - By disabling at least one data transmission port of a media access device when the media access device is connected to a storage medium under an encrypted state and when the media access device is capable of performing decryption corresponding to an encryption mechanism applied on the storage medium, data security of the storage medium can be secured. | 12-11-2014 |
20140366149 | SYSTEM AND METHOD FOR USING DIGITAL STRINGS TO PROVIDE SECURE DISTRIBUTION OF DIGITAL CONTENT - A method and system for secure distribution of digital content, using a disintegration tool under control of a distributor of the digital content to divide the digital content into protected and unprotected segments, delivering the unprotected segments to the customer along with installation software and identification information. The segments to be protected are modified using the identification information on the distribution medium and hardware information unique to a particular customer device. Upon communication of this information from the customer device, the modified segments are sent to the customer device for integration with the unprotected segments to generate a modified digital content operable only on the particular customer device. | 12-11-2014 |
20140366150 | LICENSING PLATFORM - A licensing platform is provided. The licensing platform, in communication with a first license sharing device and a second license sharing device, includes a license database and a main license sharing device. The license database provides a plurality of licenses. The main license sharing device includes: a license allocation manager, in communication with the license database, for dynamically managing a usage status of the plurality of licenses; a next-tier membership manager, in communication with the license sharing devices, for allocating at least one of the plurality of licenses to the license sharing devices, and updating a license usage status of the license sharing devices; and a license record manager, in communication with the license allocation manager and the next-tier membership manager, for recording the usage status of the plurality of licenses. | 12-11-2014 |
20140366151 | TOKENIZED PAYMENT PROCESSING SCHEMES - A data-processing system, such as a payment processing system, including a tokenizer, such as a card encryption and storage system (CES) employing a tokenization feature. In one embodiment, the present invention provides a first-computer-implemented method for preventing the transmission of confidential information between a first computer and a second computer in communication with the first computer. The method includes the steps of: (a) the first computer receiving information for performing a transaction, the information including confidential information manually entered by a user; (b) the first computer sending the confidential information to a third computer; (c) the first computer receiving, from the third computer, a token having no algorithmic relationship to the confidential information; and (d) the first computer sending to the second computer (i) the information for performing the transaction, except for the confidential information, and (ii) the token. | 12-11-2014 |
20140366152 | SECURE DATA TRANSMISSION - To securely transmit data from a communication terminal (TC) to an application server (SA) over a telecommunications network (RT), the communication terminal (TC) being connected to the application server (SA) via an unsecure access network (RAns) and being able to communicate with the application server (SA) via at least one secure access network (RAs), the communication terminal (TC) switches the connection with the application server (SA) from the unsecure access network (RAns) to a secure access network (RAs), when personal data (DonP) is likely to be entered or is entered by the user, transmits the personal data (DonP) to the application server (SA) via the secure access network (RAs), and switches the connection with the application server (SA) from the secure access network (RAs) to an unsecure access network (RAns). | 12-11-2014 |
20140366153 | STORAGE DEVICES WITH SECURE DEBUGGING CAPABILITY AND METHODS OF OPERATING THE SAME - A device includes a first bus, a second bus, a processor configured to communicate with a storage circuit through the first bus and to communicate with a debug host through the second bus and a control circuit configured to inhibit transfer of data from the second bus to the debug host while receiving authentication information from the debug host and to enable transfer of data from the second bus to the debug host responsive to authentication of the received authentication information. The control circuit may be configured to inhibit data transfer from the second bus to the debug host by causing dummy data to be transmitted to the debug host over a transmit channel between the device and the debug host. | 12-11-2014 |
20140366154 | Adaptive Communication Anonymization - A method identifies anonymized parties in a transmitted communication. A sender replaces one or more communication party identifiers in control data within a communication with one or more anonymized identifiers before transmitting the communication to one or more recipients of the communication. A recipient receiving the communication searches a local lookup table by an anonymized identifier for a corresponding non-anonymized identifier which identifies a party of the communication. In response to identifying a corresponding non-anonymized identifier, the recipient then replaces the anonymized identifier with the corresponding communication party identifier and presents the recipient with the non-anonymized identifiers within the communication. | 12-11-2014 |
20140373163 | Filtering Confidential Information In Voice and Image Data - Confidential information included in image and voice data is filtered in an apparatus that includes an extraction unit for extracting a character string from an image frame, and a conversion unit for converting audio data to a character string. The apparatus also includes a determination unit for determining, in response to contents of a database, whether at least one of the image frame and the audio data include confidential information. The apparatus also includes a masking unit for concealing contents of the image frame by masking the image frame in response to determining that the image frame includes confidential information, and for making the audio data inaudible by masking the audio data in response to determining that the audio data includes confidential information. The playback unit included in the apparatus is for playing back the image frame and the audio data. | 12-18-2014 |
20140373164 | ASSOCIATING FIRST AND SECOND WATERMARKS WITH AUDIO OR VIDEO CONTENT - The present invention relates generally to processing audio or video content. One claim recites a system comprising: a portable device comprising storage and an electronic logic processor, the electronic logic processor configured for analyzing first content stored in said storage to detect a first class of watermarking hidden therein, the first class of watermarking comprising a link between the first content and a user, the first content further comprising a second class of watermarking, the second class of watermarking providing an indication that the first content is protected, in which the second class of watermarking is more difficult to remove from content relative to the first class of watermarking; and a software module for interacting with content files, said software module including instructions to cause an electronic logic processor to control transfer of the first content file to said portable device based on detection and interpretation of the second class of watermarking. Other claims and combinations are provided as well. | 12-18-2014 |
20140373165 | Privacy-Protective Data Transfer - A method is performed at a computer system having one or more processors and memory storing one or more programs executed by the one or more processors. The method includes generating a document, including marking one or more portions of the document as private; and sending the document to an intermediary system for transmission to a destination system. Prior to the document being transmitted to the destination system, the marked portions of the document are encrypted by the intermediary system using a key that is unavailable to the destination system. | 12-18-2014 |
20140373166 | Data security device - The invention provides an apparatus for storing data using solid state technology. The apparatus is configured to employ a destruction mechanism that damages elements of the apparatus to render data stored within it irrecoverable in the event that predetermined conditions are met. There are various trigger mechanisms that initiate the destruction process, providing security for stored data from unauthorised access. | 12-18-2014 |
20140373167 | TRACE CENTER APPARATUS AND METHOD FOR ENABLING CONTENTS TO BE TRACED - A leaked information tracing technique enabling a recipient of leaked information to be identified. A trace center apparatus includes a tracer generation and registration part which issues a tracer identification number uniquely identifying both of a content residing on different computer and a tracer, generates a tracer program having the function of reporting identification information of a computer on which the content resides and the tracer identification number to a trace center, and registers the tracer program with the trace center. | 12-18-2014 |
20140373168 | METHOD OF PROTECTING PRIVACY DATA OF AN APPLICATION PROGRAM AND APPARATUS USING THE SAME - The present application is applied to data processing technique field, providing an application program privacy data protection method and an apparatus. The method includes: creating a privacy space, including creating a user interface and a data storage area that the privacy space corresponds to, the user interface of the created privacy space is the same as the user interface of the normal space; when installing an application program, it is determined whether the application program has been installed into the normal space; if the result of the determination is yes, the application program is installed into the privacy space; if the result of the determination is no, the application program is installed in the privacy space and the normal space respectively. Through the present application, it is possible to protect the privacy data of the application program in the user terminal without any trail. | 12-18-2014 |
20140373169 | PROCESSING COPYRIGHT NOTICE OF MEDIA FILE - A system and method for processing the copyright notice of a media file stored in digital format in an electronic device are provided. The copyright notice of the media file is checked prior and/or during transmission between two devices and if the copyright notice is not found, action is taken to insert the copyright notice. The copyright notice is presented when the media file is presented. | 12-18-2014 |
20140380489 | SYSTEMS AND METHODS FOR DATA ANONYMIZATION - A system and method for dynamic anonymization of a dataset includes decomposing, at at least one processor, the dataset into a plurality of subsets and applying an anonymization strategy on each subset of the plurality of subsets. The system and method further includes aggregating, at the at least one processor, the individually anonymized subsets to provide an anonymized dataset. | 12-25-2014 |
20140380490 | CONVERTING TRADITIONAL COMPUTER PRODUCT LICENSES INTO CLOUD-BASED ENTITLEMENTS - Techniques are provided for converting a node-locked licensing scheme to a cloud-based management of licenses to use computer products. In one example, a license manager device of a vendor receives a request to upgrade a computer product that is associated with a node-locked certificate that configures the computer product to be node-locked to a particular device. The request includes an identifier of the computer product. The license manager device registers the product identifier to a license pool of a customer account associated with the computer product. The license pool includes entitlements to use the computer product. The license manager device searches for node-locked entitlements that are associated with the node-locked certificate. The license manager device moves the node-locked entitlements to the license pool. | 12-25-2014 |
20140380491 | ENDPOINT SECURITY IMPLEMENTATION - A method includes a computer detecting an element from a data flow for at least one endpoint device; the computer using the detected element and a protection engine to assess security requirements for the flow of data for the at least one endpoint device; and the computer causing the protection engine to issue additional security controls for the at least one endpoint device. | 12-25-2014 |
20140380492 | METHOD FOR CONTROLLING CONTENTS SECURITY AND ELECTRONIC DEVICE THEREOF - A method and an apparatus for controlling contents security in an electronic device are provided. The method includes determining at least one region for security setting in contents, and setting security to the region for security setting. | 12-25-2014 |
20140380493 | SYSTEM AND METHOD FOR FORENSIC ANALYSIS OF MEDIA WORKS - A method and system for identifying a source of a copied work that in one embodiment includes obtaining at least some portions of a reference work, collecting at least some portions of the suspect work, matching the suspect work with the reference work, wherein the matching includes temporally aligning one or more frames of the reference work and the suspect work, spatially aligning frames of the reference work and the suspect work, and detecting forensic marks in the suspect work by spatiotemporal matching with the reference work. | 12-25-2014 |
20140380494 | DRIVER RELATED DATA STORAGE SYSTEM AND METHOD - A driver related data storage system comprising: a data generation module adapted to generate driver related data; an encryption module adapted to encrypt driver related data, a storage module adapted to store the encrypted driver related data, a code generation module adapted to generate a machine readable code based on the stored encrypted driver related data and an output module adapted to output the generated machine readable code. | 12-25-2014 |
20140380495 | ANONYMOUS INFORMATION EXCHANGE - A third party facilitates exchange of customer data between first and second entities while maintaining customer privacy. Personally identifiable information (PII) and first entity customer attributes of a first set of customers are received from a first entity. PIT for a second set of customers is received from a second entity. First and second set common customers are identified using the PII of the first and the second set of customers. Subsequently, a list of third set of customers is sent to the second entity. The list of third set of customers includes the common customers and a plurality of other customers from the second set of customers. Second entity customer attributes are received for each customer in the list of third set of customers. Further, the first entity customer attributes of the common customers and the second entity customer attributes of the common customers are linked. | 12-25-2014 |
20140380496 | METHODS AND SYSTEMS FOR DETERMINING A COMPLIANCE LEVEL OF AN APPLICATION WITH RESPECT TO A PRIVACY PROFILE ASSOCIATED WITH A USER - An exemplary method includes an application management system 1) detecting a request provided by a user to install an application on a user device, 2) identifying a plurality of privacy attributes of the application, 3) determining, based on the identified privacy attributes, a compliance level of the application with respect to a privacy profile associated with the user, the compliance level representing a degree to which the application complies with the privacy profile associated with the user, and 4) directing, prior to the installation of the application, the user device to present a graphic that represents the determined compliance level of the application. Corresponding methods and systems are also disclosed. | 12-25-2014 |
20140380497 | DEVICE, METHOD, AND SYSTEM FOR SECURE MOBILE DATA STORAGE - A device, method, and system for secure mobile data storage includes a mobile data storage device having a short-range communication circuit, a long-range communication circuit, and a data storage for storing data. The mobile data storage device is used to store data used by a paired mobile communication device. The mobile data storage device and the mobile communication device communicate control signals over a wireless control link established using the short-range communication circuit and data over a wireless data link, different from the wireless control link, established using the long-range communication circuit. The mobile data storage device and/or mobile communication device may monitor a distance between the devices and perform a security function in response the devices being separated from each other. The mobile data storage device may backup data on a remote data server and/or repopulate data from the remote data server using the mobile communication device. | 12-25-2014 |
20150020206 | SYNTHETIC PROCESSING DIVERSITY WITH MULTIPLE ARCHITECTURES WITHIN A HOMOGENEOUS PROCESSING ENVIRONMENT - A method of increasing processing diversity on a computer system includes: loading a plurality of instruction streams, each of the plurality of instruction streams being equivalent; executing, in a context, a first stream of the plurality of instruction streams; stopping execution of the first stream at a first location of the first stream; and executing, in the context, a second stream of the plurality of instruction streams at a second location of the second stream, the second location corresponding to the first location of the first stream. | 01-15-2015 |
20150020207 | SYSTEMS AND METHODS FOR DATA LOSS PREVENTION - One method for developing a data loss prevention model includes receiving, at a processing device, an event record corresponding to an operation performed on a computing device. The event record includes an event type and event data. The method also includes transforming, using the processing device, the event type to an event number corresponding to the event type. The method includes transforming, using the processing device, the event data to a numerical representation of the event data. The method includes associating an indication of whether the event type and the event data correspond to a data loss event with the event number and the numerical representation. The method also includes determining the data loss prevention model using the indication, the event number, and the numerical representation. | 01-15-2015 |
20150020208 | SYSTEM AND METHOD FOR TARGETED MESSAGING, WORKFLOW MANAGEMENT, AND DIGITAL RIGHTS MANAGEMENT FOR GEOFEEDS - The disclosure relates to systems and methods for targeted messaging, workflow management, and digital rights management for geofeeds, including content that is related to geographically definable locations and aggregated from a plurality of social media or other content providers. The system may facilitate targeted messaging to users who create content. The targeted messaging may be based on the content (or location related to the content) such as a request for additional information or a promotional message. The system may generate workflows that allow management of the content with respect to operational processes of an entity that wishes to use the content and facilitates the management of usage rights related to the content as well as payments related to such usage rights. For example, the system may store whether content requires permission to use the content and/or whether such permission was obtained and facilitates payment. | 01-15-2015 |
20150026814 | INVISIBLE INTERFACE FOR MANAGING SECURED DATA TRANSACTIONS - In an exemplary embodiment, a computer-implemented method for secure data transactions includes storing, by a processing device, personal data on a wearable data storage applicable to a body of a user. The wearable data storage is rendered invisible. | 01-22-2015 |
20150026815 | MANAGING AND ACCOUNTING FOR PRIVACY SETTINGS THROUGH TIERED COOKIE SET ACCESS - Tiered management of privacy settings is disclosed. In one example, such management entails defining privacy tiers respectively corresponding to privacy levels. Cookies are then associated to the privacy tiers to accommodate the management of browsing activity according to the relevant tier. Additionally, different sets of private information are respectively to the privacy tiers. This provides for the management of browsing activity using the privacy tiers, the cookies and the different sets of private information. In this fashion, the association of a given cookie to a given privacy tier dictates a given set of private information to be provided to another party in connection with a given browsing activity. | 01-22-2015 |
20150026816 | DISPLAY METHOD AND ELECTRONIC DEVICE - The present invention discloses a display method and an electronic device. The method is applicable to an electronic device, the electronic device is capable of data transmission with a display device, the electronic device includes a first display unit, and the display device includes a second display unit; and the method includes: when the electronic device obtains information needing to be displayed, determining whether the information needing to be displayed is private information and generating a first determination result; in a case that the information needing to be displayed is private information, transmitting the information needing to be displayed to the first display unit only; and in a case that the information needing to be displayed is not private information, transmitting the information needing to be displayed at least to a second display unit. | 01-22-2015 |
20150026817 | Hiding Sensitive Data In Plain Text Environment - Method and system for hiding sensitive data in a plain text environment. The method may include recognizing a starting key in a plain text environment, wherein the starting key indicates to a working system that the text input subsequent to the starting key is to be hidden according to a specified hiding method; receiving subsequent plain text, the working system carrying out the hiding method on the plain text, wherein the input plain text is not displayed in the plain text environment; and recognizing an ending key, ending the hiding method and displaying subsequently input plain text in the plain text environment. The starting key and ending key may also be used to indicate to the working system that the data subsequent to the starting key is hidden according to the specified hiding method. The starting key and ending key are the same or different escape characters. | 01-22-2015 |
20150026818 | METHOD AND DEVICE FOR PROVIDING TEMPORARY CONTACT INFORMATION - A device includes a storage unit, a processor and an output unit. The storage unit is configured to store identification information and a plurality of temporary contact data items. The processor is configured to select one of the temporary contact data items based on the identification information and a first time index. The output unit is configured to output the selected temporary contact data item. The selected contact data item may include at least one of, e.g. a temporary telephone number, a temporary email address, a temporary IP address, and a temporary uniform resource identifier (URI). | 01-22-2015 |
20150033354 | Method for Protecting an Application Program and Related Computer Program Product - A Method for protecting an application program executable on a computer against reverse engineering, said application is created to run with at least one selected dynamic link library (DLL) on said computer, comprises the steps of: adding a specific library loader to the executable application program, said loader either contains or has access to said dynamic link library; setting modified references to said dynamic link library such that upon loading said application program and said loader into the main memory of said computer, said dynamic link library is initialized by said library loader instead of the operating system; The library loader and the pseudo-statically linked library could be embedded into the application program, thereby using unused space within the application. The protected application presents itself as a monolithic application without the vulnerable interface to a DLL. | 01-29-2015 |
20150033355 | INFORMATION PROCESSING APPARATUS, LICENSE MANAGEMENT SYSTEM, AND NON-TRANSITORY COMPUTER READABLE MEDIUM - An information processing apparatus includes a detecting unit and a license update requesting unit. The detecting unit detects a status of an element involved in execution of software. The license update requesting unit requests an update of license information of the software if the status detected by the detecting unit is a status that does not satisfy a condition desired for executing the software. | 01-29-2015 |
20150033356 | ANONYMIZATION DEVICE, ANONYMIZATION METHOD AND COMPUTER READABLE MEDIUM - The present invention preserves the anonymity of data even against the providers of the data. This anonymization device contains: a determination unit for determining whether or not the anonymity of data linked with records acquired from multiple providers is preserved against the providers that provided the records which are a part of the data; and an anonymization unit for anonymizing the data on the basis of the anonymity determination result of the determination unit. | 01-29-2015 |
20150033357 | METHOD FOR IMPROVING THE FUNCTIONAL SECURITY AND INCREASING THE AVAILABIILTY OF AN ELECTRONIC CONTROL SYSTEM, AND ELECTRONIC CONTROL SYSTEM - A method for improving the functional security and increasing the availability of an electronic control system, particularly a motor vehicle control system, including hardware components and software components, wherein the hardware components are abstracted by at least one basis software component and/or a runtime environment, and in which an implemented security concept describes two or more software levels, wherein a first software level includes control functions of an application software and a second software level is designed as functional monitoring, for safeguarding against control function faults, wherein a data encryption, provided by at least one hardware component, and/or a data signature for securing the data of at least one communication channel of the hardware component is used with at least one first software component. The invention additionally describes an electronic control system for performing the method. | 01-29-2015 |
20150033358 | Methods, Systems and Computer Program Products for Discreetly Monitoring a Communications Network for Sensitive Information - A method for monitoring a network for information includes repeatedly searching the network for sensitive information about a subscriber. The network is intermittently searched for obscuring information during the repeated searching to thereby disguise the sensitive information that is the target of the repeated searching. Related systems and computer program products are also discussed. | 01-29-2015 |
20150033359 | METHOD AND SYSTEM FOR SUBSCRIPTION DIGITAL RIGHTS MANAGEMENT - A system and method for managing use of items having usage rights associated therewith. The system includes an activation device adapted to issue a software package having a public and private key pair, the public key being associated with a user, a license device adapted to issue a license, a usage device adapted to receive the software package, receive the license and allow the user to access the item in accordance with the license, and a subscription managing device adapted to maintain a subscription list including the public key associated with the user. License's is issued by the license device upon verifying presence of the public key in the subscription list corresponding to requested content. | 01-29-2015 |
20150040234 | Implementing Role Based Security in an Enterprise Content Management System - A method of implementing role based security in an enterprise content management system is provided and may include creating a role object; creating a role adapter object that is communicatively coupled to the created role object; creating a security adapter object that is communicatively coupled to the created role adapter object; and associating the security adapter object to a content class. | 02-05-2015 |
20150040235 | COERCED ENCRYPTION ON CONNECTED DEVICES - Techniques for coercing users to encrypt synchronized content stored at their personal computing devices. In some aspects, one or more computing devices receive, from a personal computing device, an indication of whether data stored in at least a portion of a storage device of the personal computing device is protected by disk encryption. In response to determining, based on the indication, that the portion of the storage device is not protected by encryption, synchronization data for synchronizing a copy of one or more synchronized content items stored in the portion of the storage device with another copy of the synchronized content items stored at one or more server computing devices is withheld from the personal computing device until disk encryption on the personal computing device is enabled so as to coerce the user to enable disk encryption on the personal computing device. | 02-05-2015 |
20150040236 | ADDING RANDOMIZATION TO AUTOMATED PROCESS FLOWS - A method, system and article of manufacture for adding randomness to a process used to achieve a specified objective. In one embodiment, the method comprises defining a multitude of solution paths through the process for achieving the specified objective; storing the paths as process workflows; and in response to a specified event, choosing one of the solution paths at random and executing the process, using the chosen solution path, to achieve the specified objective. In an embodiment, the process includes a specified number of steps; and the solution paths are defined by defining a multitude of orders of the steps, each of the orders, when executed, achieving the specified result. In one embodiment, at least a plurality of the steps includes one or more parameters; and a range of values is defined for at least one of the parameters of at least one of the steps. | 02-05-2015 |
20150040237 | SYSTEMS AND METHODS FOR INTERACTIVE CREATION OF PRIVACY SAFE DOCUMENTS - Embodiments relate to systems and methods for interactive creation of privacy safe documents. In aspects, an online document processing system can be configured to include a text editor with a set of privacy controls. The text editor can interact with a remote privacy engine to scan an original document entered by a user, to seamlessly detect potentially sensitive data such as medical information contained in that document as it is entered. When potentially sensitive data is identified, for instance by checking the entered content, data fields or formats of a Web form, the privacy engine can generate text substitution data to transmit to the text editor. Potentially sensitive data, such as social security numbers or other personal or private identifiers, can therefore be masked redacted to export to Web sites, users or services without exposing potentially sensitive data. | 02-05-2015 |
20150040238 | METHOD AND DEVICE FOR IMPROVING SUBSCRIBERS PRIVACY IN IP COMMUNICATIONS NETWORKS - A method and devices for improving privacy of subscribers of a service provider IP network are disclosed. The service provider has a worldwide unique collection of global IP addresses to be used by their subscribers and the region served by the service provider is divided in different zones, the service provider having for each zone a network node, called IP address assigner node, which assigns unique global IP addresses to the subscribers located in said zone. The disclosed method and devices increase the privacy disabling the non authorized IP geolocation by third parties without the need of additional computational efforts and strong investments in the network. | 02-05-2015 |
20150040239 | SYSTEMS AND METHODS FOR MANAGING LOST DEVICES OF MULTIPLE TYPES WITH MULTIPLE POLICIES USING MELDED PROFILES ASSOCIATED WITH GROUPS - This disclosure facilitates managing lost devices. In some embodiments, a system receives a first device type from a first agent on a first device, and a different second device type from a second agent on a second device. The system receives a first group associated with the first device and a different second group associated with the second device. The system determines that the first device and the second device are lost and accesses a database storing first and second configuration classes associated with the first and second devices, respectively. The system creates first and second device-dependent classes based on the first and second device types and the first and second configuration classes, respectively. The system melds the first device-dependent class into a first melded profile and the second device-dependent class into a second melded profile, using the respective groups, and applies the melded profiles to the corresponding device. | 02-05-2015 |
20150040240 | SYSTEM AND METHOD FOR SOFTWARE PIRACY MONETIZATION - A method includes the steps of: providing a software product configured to run on a local computer and to perform a piracy monetization checksum based process; providing a list of valid checksums for a distribution filename of the software product version; connecting by computer the local computer with a software company server; identifying by computer a unique computer identification of the local computer; following a launch, sending the unique computer identification and a checksum of at least one distribution filename on the local computer to the software company server; comparing at the software company server the checksum to the list of valid checksums; and responsive to the step of comparing on detection of a non-authorized checksum, sending a message from the software company server to the local computer, the message configured to perform a piracy monetization action. A method using checksums and serial numbers is also described. | 02-05-2015 |
20150040241 | METHOD AND SYSTEM FOR SECURE CONTENT DISTRIBUTION BY A BROADBAND GATEWAY - A broadband gateway, which enables communication with a plurality of devices, handles at least one physical layer connection to at least one corresponding network access service provider. Security boundaries such as conditional access (CA) and/or digital right management (DRM) boundaries associated with the broadband gateway are identified based on security profiles associated with the plurality of devices and/or a service from networks. The identified security boundaries are utilized to determine or negotiate CA information for content access for the service. The received content may be distributed according to the determined CA information and the security profiles of the corresponding devices. The broadband gateway may be automatically and dynamically configured based on the identified security boundaries to secure content distribution to the devices. Content distribution security schemes, for example, super encryption, simul-crypt, IPSec and/or watermarking, may be selected by matching the CA information with corresponding device security profiles. | 02-05-2015 |
20150040242 | ENHANCED PRIVACY FOR PROVISION OF COMPUTER VISION - Methods, apparatuses and storage medium associated with providing enhanced privacy during usage of computer vision are disclosed. In embodiments, an apparatus may include one or more privacy indicators to indicate one or more privacy conditions of the apparatus in association with provision of computer vision on the apparatus. The apparatus may further include a privacy engine coupled with the one or more privacy indicators, and configured to pre-process images from an image source of the apparatus associated with the provision of computer vision to the apparatus, to increase privacy for a user of the apparatus, and to control the one or more privacy indicators. In embodiments, the apparatus may include means for blanking out one or more pixels with depth values identified as greater than a threshold. Other embodiments may be described and claimed. | 02-05-2015 |
20150047048 | System For Selectively Displaying Information In a Secured Manner and Method Thereof - A communication system comprising a controlling server coupled to a controlled server via a socket communication channel to stream sensitive information to a desktop computer for viewing in a secured manner. The streamed information is not stored at the desktop. The controlling server streams the information to the desktop computer as long as the server is receiving a continuous uninterrupted flow of requests for information signals from the desktop computer. The user continuously depresses the mouse on the desktop to generate the continuous uninterrupted requests to view the sensitive information in a secure manner. The controlling server will immediately stop streaming the sensitive information and thus stop the display of the sensitive information upon detection of any interruption of the continuous transmission of request signals as would occur, for example, if the user were to unexpectedly leave the desktop unattended. | 02-12-2015 |
20150047049 | Binary Translation and Randomization System for Application Security - In one embodiment, methods are described to provide a binary translation and randomization system. Relocation metadata is received, which comprises, for each of a plurality of execution units in an executable file, a mapping from the executable file into an address space range. For at least one of the plurality of execution units, the mapping is modified to replace instructions within the address space range with a relocated copy of the instructions at a randomly located address space range. An order of the plurality of execution units may thus be modified. An image is generated from the executable file using the relocation metadata, and an execution of the image is caused. The randomization may be carried out in two passes to provide executable files that are uniquely randomized for each computer and for each execution. | 02-12-2015 |
20150047050 | Method and Apparatus for Configuring Privacy Settings for Publishing Electronic Images - A method and apparatus configure privacy settings for publishing electronic images. An image including first image content and second image content can be received. A first image content data file can be created for the first image content and a second image content data file can be created for the second image content. A publication privilege can be assigned to the first image content data file. The publication privilege can be based on a relationship between a consumer of the image and a subject of the first image content. The first image content data file with the publication privilege can be stored separate from the second image content data file. Image reconstruction data can be stored. The image reconstruction data can provide information on how to reconstruct the image from the first image content data file and the second image content data file | 02-12-2015 |
20150052615 | SYSTEM AND METHOD FOR FIELD-VERIFIABLE RECORD AUTHENTICATION - A code is added as a marking to a document and encodes an identifier that maps to a copy of the document stored in a database. Database copies of stored documents are preferably digitally signed. Using a device such as a smart phone, a user may extract the document identifier from the marking on a purported authentic version of the document and retrieve a copy of the document from the corresponding location in the database. The user can then visually compare the purported authentic version of the document with the retrieved database copy. | 02-19-2015 |
20150058995 | SEARCHING FOR SECRET DATA THROUGH AN UNTRUSTED SEARCHER - Embodiments of the present invention relate to searching for secret data through an untrusted searcher without exposing the secret data. In one embodiment, a method of and computer program product for searching for secret data through an untrusted searcher is provided. A secret value is read from a storage medium. The secret value is divided into a plurality of portions. Each of the plurality of portions is ranked. A subset of the secret value is determined from the ranking of the plurality of portions. A search string is constructed from the subset. The search string is transmitted to a searcher via a network. Search results are received from the searcher via the network. The search results are compared to the secret value to determine whether the searcher found the secret value. | 02-26-2015 |
20150058996 | Gap Services Router (GSR) - A gap services router (GSR) that is a drop-in replacement of an end of life Cisco™ 2811 integrated services router (ISR). The GSR is a routing, switching, and computing platform that provides a technology refresh in the same form factor as the legacy 2811 router. The GSR is one rack unit in size and comprises the latest routing and switching technology from Cisco™, preferably a Cisco™ 5915 embedded services router (ESR) and a Cisco™ embedded services 2020 switch. The GSR contains two WAN ports and twenty-five LAN ports, with power over ethernet capability on all ports. The GSR also optionally includes an embedded server module capable of running the latest virtualization technology. An embedded server module in the GSR includes a removable solid state drive (SSD) that is zeroed upon removal. The GSR is preferably used to replace 2811 ISRs integrated in deployed military equipment. | 02-26-2015 |
20150058997 | System and Method for Self-Protecting Data - Disclosed is a system comprising a physical memory, a processor and a software component. The software component includes a policy/domain handler for receiving data and a policy associated with the data; a hypervisor; and a file management module. The file management module receives a request from a third-party application to interact with a data file containing the data; sends an authorization and tag request to the policy/domain handler to check if the user and application are permitted to access the data, and if permitted, to generate hardware tags for the data file; and sends a secure data request to the hypervisor to create a secure data compartment for the data file and the hardware tags. Based on the authorization and tag request, and the security policy associated with the data, the policy/domain handler generates the hardware tags for the data file. Based on the secure data request, the hypervisor creates in the physical memory a secure data compartment containing the data file and the hardware tags, the hypervisor associating the hardware tags with the data in the secure data compartment. As the data is operated upon and moved to other memory areas, the hardware tags are propagated with the data according to tag propagation rules, and checked before performing operations that may lead to security breaches. | 02-26-2015 |
20150058998 | ONLINE VIDEO TRACKING AND IDENTIFYING METHOD AND SYSTEM - A method and system of identifying and tracking online videos comprises the steps of searching and discovering targeted video on the Internet, filtering out manageable amount of online videos from large amount of search results of the targeted video, acquiring online video contents through websites, identifying acquired videos by their contents, and generating different tracking reports according to video identification results and other historical records. | 02-26-2015 |
20150058999 | PROVIDING PRIVACY ENHANCED RESOLUTION SYSTEM IN THE DOMAIN NAME SYSTEM - An apparatus and a non-transitory computer-readable medium may perform a method of minimizing the disclosure of a domain name contained in a DNS query. The method may include determining a first label and a second label associated with a domain name included in a DNS query. A first nameserver may be queried for a first resource record type associated with the first label without revealing information related to the second label by removing information related to the second label from the DNS query. A response may be received from the first nameserver, and the response may include the first resource record type which directs a resolver to a second nameserver. The second nameserver may be queried for a second resource record type associated with the first label and the second label. | 02-26-2015 |
20150067869 | PROTECTING PRIVACY VIA A GATEWAY - A system and methods for protecting privacy via a gateway are provided. The system includes a data store comprising a computer readable medium storing a program of instructions for performing the protection of privacy via the gateway; a processor that executes the program of instructions; an event detection unit to detect an event behind the gateway; a correlation unit to detect a source associated with the detected event; a semi-stable identification unit to assign a semi-stable identification for the associated source with the detected event; a vector assigning unit to assign a vector to data associated with the semi-stable identification, the vector being related to the source independent any personal identification information (PII); and a communication unit to transmit the vector to instigate an action. | 03-05-2015 |
20150067870 | SECRET COMMUNICATION METHOD WITH SELF-AUTHENTICATION CAPABILITY - A secret communication method with a self-authentication capability is provided, which comprises steps of dividing a secret message into a plurality of secret segments; converting each of the secret segments into (k+1) shares, wherein k is a positive integer; embedding the shares into a media carrier; selecting every k shares among the (k+1) ones to compute (k+1) copies in value; and checking if the (k+1) copies in value are the same. If the (k+1) copies in value are the same, then the secret message is shown. Otherwise, at least one mark will be utilized to replace the secret message while the part of the secret message which is not falsified can still be correctly shown. By employing the method, the integrity and fidelity of the hidden secret message can thus be verified, thereby achieving a new covert communication process performing both information hiding and self-authentication capability. | 03-05-2015 |
20150067871 | Network Device, System and Method for Rendering an Interactive Multimedia Playlist - A device, method, and system for managing authorization for rendering of digital media recordings by a networked rendering device are disclosed. The device includes a processor and a memory. The device receives metadata identifying a recording of a specific audio performance, and searches for a source providing the recording. The device obtains a token authorizing the source to deliver the recording to the rendering device. The device provides the token to the source, receives the recording from the source, and renders the recording. An agent may serve as an intermediary between the rendering device and the source. | 03-05-2015 |
20150067872 | Method and Apparatus for Providing Security in a Radio Frequency Identification System - A part can receive a communication that originates externally of the part, that conforms to a predetermined communications protocol, and that contains payload information consistent with the protocol but subject to a security provision supplemental to the protocol. The part extracts the payload information from the security provision. | 03-05-2015 |
20150067873 | INFORMATION PROCESSING DEVICE AND METHOD FOR LIMITING FUNCTION - An information processing device includes, a processor; and a memory which stores a plurality of instructions, which when executed by the processor, cause the processor to execute, determining, when an execution of one of a first application and a second application is requested, an execution state of the other of the first application and the second application; and limiting a function of the requested application based on the execution state of the other application. | 03-05-2015 |
20150067874 | SECURING ACCESSIBLE SYSTEMS USING CROSS-LINKING - Systems and techniques for securing accessible computer-executable program code and systems are provided. One or more base functions may be generated and blended with existing program code, such that it may be difficult or impossible for a potential attacker to distinguish the base functions from the existing code. The systems and code also may be protected using a variety of other blending and protection techniques, such as fractures, variable dependent coding, dynamic data mangling, and cross-linking, which may be used individually or in combination, and/or may be blended with the base functions. | 03-05-2015 |
20150067875 | SECURING ACCESSIBLE SYSTEMS USING VARIABLE DEPENDENT CODING - Systems and techniques for securing accessible computer-executable program code and systems are provided. One or more base functions may be generated and blended with existing program code, such that it may be difficult or impossible for a potential attacker to distinguish the base functions from the existing code. The systems and code also may be protected using a variety of other blending and protection techniques, such as fractures, variable dependent coding, dynamic data mangling, and cross-linking, which may be used individually or in combination, and/or may be blended with the base functions. | 03-05-2015 |
20150067876 | Method and device for managing security of information in mobile terminal, and mobile terminal - Disclosed are a method and device for managing security of information in a mobile terminal, as well as a mobile terminal. In creating and initializing a text file, first mobile terminal ID information is written in a starting part of the text file; and in storing information, information to be stored is ciphered and written in the text file, and the text file is stored; in reading the first mobile terminal ID information and the stored information, the first mobile terminal ID information and the ciphered information are loaded into a memory; and a mode of displaying text information is determined; and in displaying the stored information, when it is determined to display text information as plaintext, authentication is performed to determine if a local mobile terminal is authorized to decipher the ciphered information loaded in the memory according to the first mobile terminal ID information, and when the mobile terminal is authorized, the ciphered information is deciphered and displayed as plaintext, or ciphertext is displayed if the mobile terminal is not authorized. With the disclosure, it is possible to effectively stop someone other than a user of a mobile terminal from connecting the mobile terminal to a computer through a Universal Serial Bus (USB) and stealing user information in the mobile terminal. | 03-05-2015 |
20150067877 | APPARATUS AND METHOD FOR SETTING RIGHTS FOR EACH OBJECT OF PIECE OF CONTENT - Disclosed are an apparatus and method for setting rights for each object of a piece of content. A data detection unit detects, for each object, data regions corresponding to each of a plurality of objects in the source code of a piece of digital content including the plurality of objects. A data encryption unit encrypts the data region from among the plurality of data regions that corresponds to the object subject to protection. A data transmission unit transmits the source code of the piece of digital content including the encrypted data region to a user terminal. According to the present invention, use rights can be authorized for each object included in a piece of content, and therefore a user may be provided with the selected object according to the right of the user for the same content. Further, a file may be executed even on a computer in which a DRM program is not installed, and it is possible to set the file such that a user may not access only the encrypted object in the file being executed. | 03-05-2015 |
20150067878 | APPARATUS, SYSTEM, AND METHOD FOR OBFUSCATION AND DE-OBFUSCATION OF DIGITAL CONTENT - Computer-implemented apparatus, system, and method of generating digital content with various degrees of obfuscation applied. A publisher of content, such as a private or commercial publisher of digital content, may set access restrictions to the content, such as to obfuscate and/or de-obfuscate the content based on select criteria. | 03-05-2015 |
20150067879 | SYSTEMS AND METHODS FOR SOCIAL PARENTING PLATFORM AND NETWORK - A parent social network based on relationship of children, including of activities, needs, interests or combinations thereof, is described. The parent social network can identify at least two minors with a common activity, need, interest or combination thereof, identify an adult responsible for the identified minors; and propose to link the identified adults. The parent social network can also provide post and other data to a parent based on interests and activities of a child. The parent social network can also identify and subscribe the parent to relevant children related calendars. The parent social network can allow effective communication between relevant parents using messaging and other means. | 03-05-2015 |
20150067880 | LOCATION SPOOFING FOR PRIVACY AND SECURITY - A sentry system is provided for use within a mobile device to limit access to device location using onboard systems. Access limitation can include access to only spoofed data in accordance to the rules or user instructions. Spoofed data may include refinements to render a location estimate and associated collateral information to be more plausible. | 03-05-2015 |
20150067881 | METHOD AND SYSTEM FOR PROVIDING ANONYMIZED DATA FROM A DATABASE - The invention relates to a method for providing an anonymized value for a data element stored with an original value in a database ( | 03-05-2015 |
20150067882 | METHODS AND SYSTEMS FOR ENCODING AND PROTECTING DATA USING DIGITAL SIGNATURE AND WATERMARKING TECHNIQUES - Systems and methods are provided for determining a presence of a watermark in electronic data. In certain embodiments, a plurality of keys is generated, and a plurality of payloads are retrieved from electronic data using the keys. A statistical indicia of randomness is generated based on the payloads, and the presence of a watermark is determined when the indicia is below a threshold. | 03-05-2015 |
20150074813 | PROTECTION OF RESOURCES DOWNLOADED TO PORTABLE DEVICES FROM ENTERPRISE SYSTEMS - An aspect of the present invention provides for protection of resources hosted on enterprise systems. In an embodiment, an enterprise system receives a request from a portable device to download a resource, and in response formulates multiple security actions and associated conditions for the requested resource. The enterprise system sends the requested resource, the security actions and the conditions to the portable device. The portable device determines whether each condition is satisfied and performs the security actions associated with the conditions determined to have been satisfied. Due to the ability to send multiple security actions and associated conditions, better control in protection and retention of downloaded resources is obtained. | 03-12-2015 |
20150074814 | METHOD AND SYSTEM FOR EMBEDDING DATA IN A TEXT DOCUMENT - The present invention relates to a method and system of embedding data in text documents. The method includes obtaining a document having dimensions and at least a first character and a second character and determining a length between the first character and the second character to define an inter-character space. A reference length is determined, where the reference length is a function of the dimensions of the text document. A threshold length is determined, where the threshold length is a minimum length wherein information is not encoded in the inter-character space if the inter-character space is not within the threshold length. The information is encoded into an altered inter-character space wherein a length of the altered inter-character space is an integral multiple of the reference length or a non-integral multiple of the reference length. | 03-12-2015 |
20150074815 | LICENSE MANAGEMENT OF FIRMWARE-CONTROLLABLE FEATURES IN COMPUTER SYSTEMS - License management of firmware-controllable features in computer systems is described. In an example, a computer system includes: a plurality of hardware modules having a plurality of features capable of selective activation; firmware-based controllers distributed among the plurality of hardware modules having control points to control activation of the plurality of features; and a management module to obtain license data and communicate with the firmware-based controllers to configure the control points to activate at least one of the plurality of features as permitted by the license data. | 03-12-2015 |
20150074816 | METHOD FOR URL ANALYSIS AND ELECTRONIC DEVICE THEREOF - A method and apparatus for analyzing a URL included in contents and displaying the analyzed result is provided. The method includes detecting a URL from contents, analyzing the URL, and displaying the analyzed result. | 03-12-2015 |
20150074817 | Data protection method and device - An apparatus and method for encoding and decoding additional information into a digital information in an integral manner. More particularly, the invention relates to a method and device for data protection. | 03-12-2015 |
20150082443 | SYSTEM TO AUTOMATE COMPLIANCE WITH LICENSES OF SOFTWARE THIRD-PARTY CONTENT - A method to automate compliance with software package content licenses is disclosed. The method may generate a dependency graph for a software product's package code by creating nodes only for software packages upon which run-time code depends. Software package content license lists may be propagated through the generated dependency graph. License notice files may be generated based on the propagated license lists. | 03-19-2015 |
20150082444 | SECURITY MODE CONFIGURATION PROCEDURES IN WIRELESS DEVICES - A method of detecting an error in a security mode configuration procedure conducted at a radio access network is provided. A cell update message is transmitted which causes the radio access network to abort a security mode configuration procedure. After the transmission of an update message, a new security mode configuration is received and the original security mode configuration is replaced with a new security mode configuration. A security mode configuration check is performed on a received downlink message using the new security mode configuration. If the security mode configuration check fails, a further security mode configuration check is performed on the downlink message to detect an error in the security mode configuration procedure. If it is determined there has been an error in the security mode configuration procedure, security mode configuration checks are performed on further downlink messages received from the network using the original security mode configuration. | 03-19-2015 |
20150082445 | INFORMATION PROCESSING METHOD AND ELECTRONIC DEVICE - The present invention discloses an information processing method and an electronic device so as to address such a technical problem in the convention that data can not be protected from being misappropriated by another person while ensuring a rapid and convenient daily access of the user to the data. The method is applicable to a first electronic device and includes: obtaining first data; dividing the first data into a first part of data and a second part of data where the first part of data satisfies a first dimension and the second part of data satisfies a second dimension, and there is an association relationship of the first dimension with the second dimension, wherein the first electronic device characterizes a response result as a response failure when obtaining a second instruction for the first part of data and responding to the second instruction with the first part of data; and the first electronic device characterizes the response result as a response failure after obtaining a third instruction for the second part of data and responding to the third instruction with the second part of data; storing the first part of data on a first storage unit of the first electronic device; and storing the second part of data on a second storage unit. | 03-19-2015 |
20150082446 | METHOD AND APPARATUS FOR DISPLAYING POTENTIALLY PRIVATE INFORMATION - Methods and apparatus for displaying potentially private information are disclosed. A computing device, that is showing a breathing view on its touch screen display, detects a peek request event, such as a swipe on the display. Before allowing the user to see potentially private information in response to the peek request, the computing device determines if the computing device is currently locked and if an increased privacy setting is enabled. If the computing device is not locked, or the increased privacy setting is not enabled (even though the computing device may be locked), the computing device shows a full peek view (e.g., some or all of the text from a recent text message). However, if the computing device is locked, and the increased privacy setting is enabled, the computing device shows a secure peek view (e.g., the number of new text messages, but no text from the messages). | 03-19-2015 |
20150082447 | SYSTEM AND METHOD FOR LICENSING A PLURALITY OF SOFTWARE COMPONENTS - A method for licensing a plurality of software components on a data processing system, including retrieving a plurality of component-specific identification codes of the plurality of software components by a license management client installed on the data processing system; bundling the component-specific identification codes in a system-specific licensing query by the license management client; sending the system-specific licensing query from the license management client to a license management server assigned to the license management client; extracting the component-specific identification codes from the system-specific licensing query by the license management server for generating component-specific licensing queries; sending the component-specific licensing queries by the license management server to each one of a plurality of licensing services; and receiving component-specific license keys from the plurality of licensing services for licensing the plurality of software components. | 03-19-2015 |
20150082448 | Method for Detecting Spammers and Fake Profiles in Social Networks - A method for protecting user privacy in an online social network, according to which negative examples of fake profiles and positive examples of legitimate profiles are chosen from the database of existing users of the social network. Then, a predetermined set of features is extracted for each chosen fake and legitimate profile, by dividing the friends or followers of the chosen examples to communities and analyzing the relationships of each node inside and between the communities. Classifiers that can detect other existing fake profiles according to their features are constructed and trained by using supervised learning. | 03-19-2015 |
20150082449 | DATA MASKING SYSTEMS AND METHODS - Embodiments include a method for data masking such as receiving, by a first data masking component, data including unmasked data for a first attribute, the first data masking component including a data set and a masking algorithm; generating, by the first data masking component, masked attribute data for the first attribute by applying the masking algorithm to the unmasked data associated with the first attribute using the data set; and replacing, by the first data masking component, the data for the first attribute in the first data with the masked attribute data. | 03-19-2015 |
20150082450 | SYSTEM AND METHOD FOR SECURE CROSS-DOMAIN COMMUNICATION IN A BROWSER - A method for client-side cross-domain communication of a browser application executing on a client computing device, wherein said browser application comprises a parent host window retrieving internet game operator specific first content from an internet game operators first domain, wherein said internet game operator specific first content comprises an inner window markup language element retrieving internet game provider second content from an internet game providers second domain, the method comprising the steps of determining that a game related event has occurred when processing said internet game providers second content in said inner window and sending an game event signal as game event data indicative of said determined game related event data from said inner window to said parent host window. | 03-19-2015 |
20150082451 | System and Method for Evaluating Domains to Send Emails While Maintaining Sender Reputation - Systems, device and techniques are disclosed for evaluating domains to send emails while maintaining sender reputation. Registration records of a domain are retrieved. The registration records include a mail server record and one or more records linking the domain to another domain or to an IP address. The mail server record is verified to be associated with a domain that is not on a black list. A webpage is retrieved from a website associated with the one or more records linking the domain to another domain or to an IP address. The webpage is compared to webpages for websites that are on white lists. An electronic communications sending strategy is determined based on verifying that the mail server record is associated with a domain that is not on a blacklist and comparing of the webpage to webpages for websites that are on one or more white lists. | 03-19-2015 |
20150082452 | METHOD AND APPARATUS FOR GEOLOCATION OF A NETWORK USER - A database correlating the geographic locations of users of a network to the network address through which the users access the network is maintained and used to infer the geographic location of other users of the network that access the website through the same IP addresses. An Internet website operator may generate such a database from home or business address information self-reported by users of the website. If a plurality of users that access a website through the same IP address have self-reported information as to their geographic location to a website operator, that information collectively provides information as to the likely geographic location and the geographic diversity of other users that access the network through that IP address. Accordingly, such information is used to infer the extent to which a given IP address is likely to correlate to any particular geographic area and the particular area. Additionally, a website operator that has information indicative of the veracity of the self-reported location information may use that information to rate the likelihood that the self-reported location information for a given user is truthful and then use that rating to provide an even more accurate rating of the likelihood that an inferred location of a user is in a given location. | 03-19-2015 |
20150082453 | METHOD AND APPARATUS FOR HIERARCHICAL ASSIGNMENT OF RIGHTS TO DOCUMENTS AND DOCUMENTS HAVING SUCH RIGHTS - A system and method for distribution of digital works in a tree-like structure of devices. A hierarchical right may include a first usage right governing a use for the digital work and a first delegation right governing distribution of the digital work to child nodes of the tree-like structure. A second usage right and/or a second delegation right may be generated based on the hierarchical right, the second usage right governing a use for the digital work and the second delegation right governing distribution of the digital work to child nodes of a first child node of the tree-like structure. The second usage right and/or the second delegation right may be assigned to a version of the digital work, and the second usage right and/or the second delegation right and the version of the digital work may be forwarded to the first child node. | 03-19-2015 |
20150089657 | ENDPOINT LOAD REBALANCING CONTROLLER - A endpoint load rebalancing controller, method of controlling endpoint activity to suppress side channel variation and computer program product for controlling endpoint activity for suppressing side channel variation in information from utility company users, e.g., from power company endpoints. The load rebalancing controller monitors period to period endpoint service usage and predicts next period endpoint service usage. Whenever the controller maintains determines that the endpoint usage will exhibit a change that may be sufficient to convey activity information in side channel activity, the controller rebalances activity for the next period. Rebalancing may include shifting off-line execution from one period to another and capping or increasing on-line execution activity. | 03-26-2015 |
20150089658 | BATCH LOADING AND SELF-REGISTRATION OF DIGITAL MEDIA FILES - Methods and apparatus for batch loading and self-registration of digital media files is provided. The system provides numerous methods of interfacing with a content outlet. The methods further include comparing attributes of content to be downloaded with attributes of content in a media database. The methods also includes providing restrictions based on a result of the comparing. The methods further include monetizing the methods between both retailers and right-holders using the system. Additionally, the method may include providing retail analysis, resolving disputes, and distributing royalty payments to rights-holders of content. | 03-26-2015 |
20150089659 | SYSTEM AND METHOD FOR REMOTE WIPE - A remote wipe message or notification may be sent from a server computer to one or more target client devices associated with a user. A managed container running on a target client device associated with the user and having a managed cache storing content managed by or through the server computer may, in response to the remote wipe message or notification, deleting the managed content or a portion thereof from its managed cache. The managed container may send back an acknowledgement or message to the server computer that it had completed the remote wipe. The remote wipe functionality can avoid having to deal with individual applications running on the client device and therefore can eliminate the complexity of having to deal with individual applications. Furthermore, the remote wipe can be done independently of the local operating system and without affecting non-managed information/applications on the client device. | 03-26-2015 |
20150089660 | Device, System, and Method of Enhancing User Privacy and Security Within a Location-Based Virtual Social Networking Context - A first mobile computing device of a first user receives a request to participate in a location-based virtual social network. A radio component of the first mobile computing device detects venues within proximity of the first mobile computing device. Each venue includes a host of a respective virtual social network. One of the venues is selected by the user for participation in the virtual social network. A wireless connection with the virtual social network is established at the selected venue. Electronic communications with second users are conducted at the selected venue. The second users are also participants of the virtual social network. A departure of the first user from the selected venue is detected. In response to the detected departure, electronic records pertaining to the conducted electronic communications with the one or more second users are erased from the first mobile computing device. | 03-26-2015 |
20150089661 | PROTECTING BRAND-ASSOCIATED CONTENT OF COMMUNICATIONS IN A SOCIAL NETWORKING ENVIRONMENT - Disclosed are examples of systems, apparatus, methods and computer program products for protecting brand-associated content of communications in a social networking system associated with one or more databases. For example, a first communication comprising first content which identifies a brand of a business entity can be received. Metadata can be embedded in or identified in the first content. The metadata can identify the first content as being attributed to the brand of the business entity. A second communication comprising second content in which the metadata is embedded can be received. The embedded metadata in the second content can be interpreted. It can be determined that the interpreted metadata identifies the first content as being attributed to the brand of the business entity. It can be determined that the second content is different from the first content. Data indicating that the second content is different from the first content can be generated. | 03-26-2015 |
20150089662 | METHOD AND SYSTEM FOR IDENTIFYING FILE SECURITY AND STORAGE MEDIUM - A method for identifying file security, obtaining a file mark of the file, obtaining application data of the file according to the file mark, obtaining a vitality according to the application data, and obtaining the file security according to the vitality. The application data of the file can be obtained through real-time user feedback, after the file vitality is obtained according to the application data, the file security can be determined according to a statistical principle and the file vitality, thus an automatically analyzing and an artificial analyzing can be neglected. A system and a storage media for identifying the file security are also provided. | 03-26-2015 |
20150096037 | ENHANCED VIEW COMPLIANCE TOOL - According to one embodiment, an apparatus comprises a network interface and a processor communicatively coupled to the network interface. The network interface communicates with a database comprising a plurality of columns and a plurality of views. Each view is associated with at least one column of the plurality of columns. The processor receives a request to determine one or more noncompliant views of the database. For each view and each column associated with the view, the processor determines whether the column is associated with a privacy indicator that indicates that the column should be masked and whether the view masks the column. The processor then determines that the view is noncompliant if the view does not mask at least one column that should be masked, and generates a report that indicates whether each view of the database is noncompliant. The network interface communicates the report. | 04-02-2015 |
20150096038 | COLLISION AVOIDANCE IN A DISTRIBUTED TOKENIZATION ENVIRONMENT - A client receives sensitive data to be tokenized. The client queries a token table with a portion of the sensitive data to determine if the token table includes a token mapped to the value of the portion of the sensitive data. If the mapping table does not include a token mapped to the value of the portion of the sensitive data, a candidate token is generated. The client queries a central token management system to determine if the candidate token collides with a token generated by or stored at another client. In some embodiments, the candidate token includes a value from a unique set of values assigned by the central token management system to the client, guaranteeing that the candidate token does not cause a collision. The client then tokenizes the sensitive data with the candidate token and stores the candidate token in the token table. | 04-02-2015 |
20150096039 | DYNAMIC TOKENIZATION WITH MULTIPLE TOKEN TABLES - Sensitive data is accessed by a tokenization system. The sensitive data includes a first portion and a second portion. A token table is selected from a plurality of dynamic token tables based on the second portion of the received data. The selected token table is queried with the first portion of the sensitive data. If the selected token table includes a token mapped to the value of the first portion of the sensitive data, the first portion of the sensitive data is replaced with the token to form tokenized data. If the selected token table does not include a token mapped to the value of the first portion of the sensitive data, a token is generated, the sensitive data is tokenized with the generated token, and the generated token and association with the value of the first portion of the sensitive data is stored in the selected token table. | 04-02-2015 |
20150096040 | Tokenization Column Replacement - A tokenization system includes a vector table and one or more token tables. The tokenization system accesses sensitive data and a vector from a vector table column, and modifies the sensitive data based on the accessed vector. The tokenization system then queries the one or more token tables using a portion of the modified data to identify a token mapped to the portion of the modified data. The portion of the modified data is replaced with the token to create tokenized data. The vector table can be updated by replacing a vector table column with an updated vector table column. The tokenization system can modify subsequent data using the updated vector column prior to tokenization. | 04-02-2015 |
20150096041 | IDENTIFYING AND RANKING PIRATED MEDIA CONTENT - A computer identifies and ranks URL hyperlinks to possible pirated media content by searching a web page from a first website for one or more indicator keywords, wherein a strength of an indicator keyword is related to a likelihood of pirated media content. Responsive to locating a plurality of instances of the one or more indicator keywords, identifying a plurality of hyperlinks respectively associated with one or more of the plurality of instances. Weighting, the identified plurality of hyperlinks based on at least one of: a strength of associated indicator keywords, number of associated indicator keywords, number of times each hyperlink was identified, and date of posting. Ranking the plurality of hyperlinks according to weight indicating a relative likelihood that respective hyperlinks point to pirated media content in a ranked list. | 04-02-2015 |
20150096042 | METHOD AND APPARATUS FOR IMPROVED PRIVATE MESSAGING - An improved method and apparatus for private messaging is disclosed. In one embodiment, a first device transmits a message to a second device via a server. The message is displayed on the second device without any identification of the sender, and the message disappears after a predetermined time period and is permanently deleted from the first device, second device, and server. In another embodiment, the second device sends communications to the server indicating that the second device received the message, opened the message, and deleted the message, and the server sends those communications to the first device. | 04-02-2015 |
20150096043 | METHODS AND APPARATUS TO IDENTIFY PRIVACY RELEVANT CORRELATIONS BETWEEN DATA VALUES - Methods, apparatus, systems and articles of manufacture are disclosed to identify privacy relevant correlations between data values. An example disclosed apparatus includes a principal monitor to identify a first privacy value associated with a first principal, a tuple manager to build a probability tuple matrix comprising a first tuple and a plurality of second tuples, the first tuple including the first principal and the associated first privacy value, and an Eigenvector engine to evaluate the probability tuple matrix to identify a dominant Eigenvector indicative of a correlation between the first privacy value and one of the plurality of second tuples. | 04-02-2015 |
20150096044 | Method and device for adjusting screen locking time, and electronic terminal - Disclosed are a method and a device for adjusting screen locking time, and an electronic terminal. Time interval values T1, T2, . . . , and TN between screen locking and screen unlocking for consecutive N times are acquired, and when it is determined that the acquired time interval values T1, T2, . . . , and TN are all in a preset threshold range, a current screen locking time value is updated into the sum of the current screen locking time value and a preset time delay value. In the disclosure, a usage situation in which the terminal automatically locks the screen and a user unlocks the screen is monitored in real time, and according to the time intervals between screen locking and screen unlocking for consecutive N times, it is determined whether the current screen locking time is appropriate in the current usage environment and situation. When the determining result is that the current screen locking time is inappropriate, the current screen locking time value is automatically updated into the current screen locking time value plus the preset time delay value, so as to achieve the objective of dynamically adjusting the screen locking time according to the current usage environment and situation, thereby effectively reducing the unlocking operations and screen locking settings of the user and improving satisfaction in the user experience. | 04-02-2015 |
20150096045 | SYSTEMS, METHODS, AND COMPUTER PROGRAM PRODUCTS FOR SECURELY MANAGING DATA ON A SECURE ELEMENT - Systems, methods, and computer program products are provided for managing applets. A first request to personalize the first applet is received over a communications network. A second request including a command requesting at least a portion of the second applet data is communicated to the second applet. At least a portion of the second applet data is communicated to the first applet. One or more values of the first applet data are replaced with one or more values of at least the portion of the second applet data. | 04-02-2015 |
20150096046 | Verifiable Tokenization - Use rules are included within tokenized data either before or after tokenization. The use rules can be appended to the data before or after tokenization, can be used to modify the data before or after tokenization, and can be used to select or generate token tables for use in tokenizing the data. The use rules limit how, where, and when the tokenized data can be used, who can use the tokenized data, and the like. In addition, data can be tokenized such that the tokenized data can be identified as tokenized based on the tokenized data failing a validation test. The data is tokenized using one or more token tables, and the validation test is applied to the tokenized data. If the tokenized data passes the validation test, the data is modified with formatting rules or re-tokenized with additional token tables until the tokenized data fails the validation test. | 04-02-2015 |
20150101058 | Blog Post Protection Pathway - Disclosed herein is a method and system for providing copyright protection for blog posts prior to publication from within a running blog-publishing software application by automatically assembling and electronically submitting a copyright application for the blog post to the United States Copyright Office through the use of a portable application programming interface, which may be utilized by third-party blog-publishing applications, and then automatically publishing the blog post through the blog-publishing application once submission of the electronic copyright application for the blog post is confirmed. Additionally disclosed is a method and system of registering a blog post in order to memorialize the creation of the blog post from within a running blog-publishing application through the use of a portable application programming interface, which may be utilized by third-party blog-publishing applications, and then automatically publishing the blog post through the blog-publishing application once registration of the blog post is confirmed. | 04-09-2015 |
20150101059 | Application License Verification - An application may provide an application identifier to a client as part of a validation request. The client may request a validation token from a server using the application identifier and a user token provided by the client. The server may send a validation token to the client which, in turn, may send the validation token to the application. The application may establish a secure connection to the server and present the validation token to the server as part of a validation request. The server may validate the application in response to the validation request. The server's response may indicate that the application or content contained in the application is licensed. | 04-09-2015 |
20150101060 | METHOD AND SYSTEMS FOR LOCKBOX SECURED FILE TRANSMISSION - A transparent method, and systems, for secure file transmission from a first computing device of a sender to a recipient computing device, comprising the steps of: selecting a group, at least one recipient having a recipient computing device and a file from the first computing device; selecting a lockbox option at the first computing device to securely transmit the file to a lockbox situated at the at least one recipient computing device; iteratively selecting a location on at least one recipient computing device where the file is to be dispatched by performing a set of lockbox content version control operations at the first computing device until a valid location on the at least one recipient computing device is selected; dispatching the file at the valid location and presenting an indication that the file is dispatched with the lockbox option; and displaying the file. | 04-09-2015 |
20150101061 | PRIVACY ENHANCED SPATIAL ANALYTICS - Method, system, and computer program products, implementing and using techniques for processing data representing observations of entities. An anonymized key is generated. The anonymized key represents a spacetime region with which an entity is associated. The spacetime region represents a spatial region and a time interval. The entity is associated with the spacetime region based on spacetime coordinates for the entity. | 04-09-2015 |
20150101062 | SYSTEM AND METHOD FOR ONLINE DATA PROCESSING - Customer online data is collected via script on customer computers and is communicated to a server hosted by an organization, such as a card issuer. The customer online data communicated to the server is non-personally identifiable information (non-PII). In turn, the server aggregates the non-PII customer online data from the set of participating merchants. The server associates the received non-PII customer online data with non-PII demographic data. Other non-PII transaction data, such as previous transactions processed at a card issuer, also can be associated with the non-PII customer online data and non-PII demographic data. These associations are, in turn, used to create reports and to provide services to help merchants or other requesting organizations develop online strategies to drive click thru and conversion rates. | 04-09-2015 |
20150106946 | SECURE CLIENT DRIVE MAPPING AND FILE STORAGE SYSTEM FOR MOBILE DEVICE MANAGEMENT TYPE SECURITY - Methods and systems for providing a secure client drive mapping and/or file storage for mobile device management type security may include executing a managed application for presentation on a mobile device, receiving a request to save a data file locally on the mobile device, and determining whether the data file contains sensitive data are described herein. Subsequently, when the data file contains sensitive data and responsive to the request, the methods and system may also include encrypting the data file, storing the encrypted data file on the mobile device, and linking the encrypted data file to an unencrypted version of the data file, the unencrypted version of the data file not containing the sensitive data. | 04-16-2015 |
20150106947 | METHODS, SYSTEMS, AND DEVICES FOR HANDLING IMAGE DATA FROM CAPTURED IMAGES - Computationally implemented methods and systems include acquiring image data that includes an image that contains a representation of a feature of an entity and that has been encrypted through use of a unique device code, wherein said image data further includes a privacy metadata regarding a presence of a privacy beacon associated with the entity, obtaining term data at least partly based on the acquired privacy metadata, wherein said term data corresponds to one or more terms of service that are associated with use of the image that contains the representation of the feature of the entity, and generating a valuation of the image, said valuation at least partly based on one or more of the privacy metadata and the representation of the feature of the entity in the image. In addition to the foregoing, other aspects are described in the claims, drawings, and text. | 04-16-2015 |
20150106948 | METHODS, SYSTEMS, AND DEVICES FOR MONITORING PRIVACY BEACONS RELATED TO ENTITIES DEPICTED IN IMAGES - Computationally implemented methods and systems include monitoring a deployment of a privacy beacon associated with an entity, said privacy beacon configured to facilitate acquisition of one or more terms of service associated with said entity, and storing a record of the deployment of the privacy beacon associated with the entity, wherein said record is configured to be transmitted upon a particular request from a requestor entity. In addition to the foregoing, other aspects are described in the claims, drawings, and text. | 04-16-2015 |
20150106949 | DEVICES, METHODS, AND SYSTEMS FOR MANAGING REPRESENTATIONS OF ENTITIES THROUGH USE OF PRIVACY INDICATORS - Computationally implemented methods and systems include acquiring a block of encrypted data that corresponds to an image that has been encrypted through use of a unique device code associated with an image capture device configured to capture the image that includes a representation of a feature of an entity, obtaining a privacy metadata that corresponds to a detection of a privacy beacon in the image, said at least one image captured by the image capture device, said privacy beacon associated with the entity, and determining, at least partly based on the obtained privacy metadata, and partly based on a calculation related to the block of encrypted data that corresponds to the whether to allow one or more processes related to the encrypted data block. In addition to the foregoing, other aspects are described in the claims, drawings, and text. | 04-16-2015 |
20150106950 | METHODS, SYSTEMS, AND DEVICES FOR HANDLING IMAGE CAPTURE DEVICES AND CAPTURED IMAGES - Computationally implemented methods and systems include acquiring an encrypted image that is a captured image that has been encrypted through use of a particular device code associated with an image capture device that captured the captured image, wherein the captured image includes a representation of a feature of an entity, decrypting the acquired encrypted image that was encrypted through use of the particular device code, and performing a validation detection operation to detect a privacy beacon associated with the entity in the decrypted captured image. In addition to the foregoing, other aspects are described in the claims, drawings, and text. | 04-16-2015 |
20150106951 | Obscuring Internet Tendencies - Disclosed herein are techniques for obscuring Internet tendencies. It is determined whether a user tends to access a category of information over the Internet more than an average user. If the user accesses the category of information over the Internet more than the average user, a user profile associated with the user is adjusted such that the user profile is proportional to an average user profile associated with the average user. | 04-16-2015 |
20150106952 | PROVIDING ISOLATED ENTROPY ELEMENTS - Embodiments of the invention relate to providing isolated entropy elements for a virtual machine to increase entropy in a computing environment. At least one virtual machine is deployed on a hypervisor. The hypervisor generates entropy elements based on triggers related to a virtual machine. Identifiers are assigned to the entropy elements based on the triggers and the virtual machine. Use of the entropy elements is restricted for the virtual machine based on the assigned identifiers. The increase in entropy through providing isolated entropy elements for a virtual machine deployed on a hypervisor reduces the success of external attacks on data residing within the computing environment. | 04-16-2015 |
20150106953 | LINEAR NETWORK CODING IN A DYNAMIC DISTRIBUTED FEDERATED DATABASE - A method, system and/or computer program product secures response data sent from a responder to a querier. Path information for query data is collected. The path information identifies paths from the querier to the responder and includes a physical machine identifier for each node hosted by a physical machine. One or more sets of return paths are identified for sending response data. For each set of return paths, any return paths that utilize any nodes sharing a physical machine identifier with any node present in another of the return paths within the set of return paths are discarded. The response data is split into a plurality of portions, and each of the plurality of portions is sent from the responder to the querier using a different return path selected from one of the set of return paths | 04-16-2015 |
20150106954 | CONTENT TRANSMISSION DEVICE AND CONTENT RECEPTION DEVICE - A content reception equipment for accessing an in-home content transmission equipment from a remote place executes a first authentication process with the content transmission equipment in advance, executes the remote access information sharing process required for access from a remote place, and causes the information on the content reception equipment and the remote access information to be registered in an equipment information table of the content transmission equipment. | 04-16-2015 |
20150113656 | CONSISTENT DATA MASKING - According to one embodiment of the present invention, a system masks data objects across a plurality of different data resources. The system comprises a processor configured to include a plurality of service providers to mask the data objects, wherein each service provider corresponds to a different type of data masking for the data objects. An interface provides access to the plurality of service providers from different data-consumers to mask the data objects according to the corresponding types of data masking, wherein resulting masked data maintains relational integrity across the different data resources. Embodiments of the present invention further include a method and computer program product for masking data objects across a plurality of different data resources in substantially the same manners described above. | 04-23-2015 |
20150113657 | PUBLIC VIEWING SECURITY FOR PUBLIC COMPUTER USERS - Methods and systems for activating a display security application and initiating a privacy measure on a computing device are provided. A user opens and turns on an application on the computing device, which monitors the security of the screen. The security feature recognizes when an unauthorized user is within viewing range of the display of the computing device. The user is prompted to initiate a privacy measure or ignore the unauthorized user. If the user initiates the privacy measure, the unauthorized user is prevented from seeing the content on the display. The user may terminate the privacy measure when the unauthorized user is no longer within viewing range of the display. | 04-23-2015 |
20150113658 | MOBILE DEVICE AND METHOD FOR PROTECTING PRIVATE INFORMATION STORED IN MOBILE DEVICE - In a method for protecting private information stored in a mobile device, a first instruction is received to activate a private protection function of the mobile device. A second instruction is received to select a private information stored in the mobile device. The mobile device is connected to a pair of glasses and the selected private information is transmitted to the pair of glasses. The selected private information is displayed on a visual screen of the pair of glasses, and not displayed on a screen of the mobile device. | 04-23-2015 |
20150113659 | CONSISTENT DATA MASKING - According to one embodiment of the present invention, a system masks data objects across a plurality of different data resources. The system comprises a processor configured to include a plurality of service providers to mask the data objects, wherein each service provider corresponds to a different type of data masking for the data objects. An interface provides access to the plurality of service providers from different data-consumers to mask the data objects according to the corresponding types of data masking, wherein resulting masked data maintains relational integrity across the different data resources. Embodiments of the present invention further include a method and computer program product for masking data objects across a plurality of different data resources in substantially the same manners described above. | 04-23-2015 |
20150113660 | INFORMATION PROCESSING APPARATUS AND METHOD, PROGRAM, AND INFORMATION PROCESSING SYSTEM - There is provided an information processing apparatus, including a storage section which stores a first image, which is an image of a format requiring license information in reproduction, to which reproduction is performed by a reproduction apparatus after being acquired, a conversion section which converts the first image into a second image of a format not requiring license information in reproduction, which is an image with content the same as content of the first image, and a distribution section which distributes the second image to the reproduction apparatus to be reproduced, during acquisition of the first image. | 04-23-2015 |
20150113661 | METHOD AND APPARATUS FOR PRIVACY PROTECTION IN IMAGES - In accordance with an example embodiment of the present invention, a method is disclosed. The method includes defining a first privacy setting related to a user. Communicating the first privacy setting using a first radio communication network to a server. Storing the first privacy setting related to the user on the server. Applying the first privacy setting when analyzing an image to determine the user in the image. Determining to apply a second privacy settling related to the user. Defining the second privacy setting related to the user and communicating the second privacy setting to another device of a second user using a second radio communication network. | 04-23-2015 |
20150113662 | Backup System for enhancing the security of information technological control facilities - A backup device ( | 04-23-2015 |
20150113663 | Systems and Methods for Managing Data Incidents - Systems and methods for managing a data incident are provided herein. Exemplary methods may include receiving data breach data that comprises information corresponding to the data breach, automatically generating a risk assessment from a comparison of data breach data to privacy rules, the privacy rules comprising at least one federal rule, at least one state rule, and at least one contractual obligation, each of the rules defining requirements associated with data breach notification laws, and providing the risk assessment to a display device that selectively couples with the risk assessment server. | 04-23-2015 |
20150121534 | CONTENT MANAGEMENT USING MULTIPLE ABSTRACTION LAYERS - Systems, devices, methods and computer program products improve various aspects of a content management system. In one scenario, one or more contents are accessed at a content handling device. The content handling device is configured to operate using multiple abstraction layers including an application layer, an operating system layer, a firmware layer and a hardware layer. Content management operations are conducted on the one or more contents using at least two abstraction layers. Such content management operations include conducting watermark extraction and content screening operations at a first layer for a first watermark message having a first value, conducting watermark extraction and content screening operations at a second layer for a second watermark message having a second value, and initiating one or more enforcement actions corresponding to the first value and the second value based at least in-part on respective results of the content screening. | 04-30-2015 |
20150121535 | MANAGING GEOGRAPHICAL LOCATION INFORMATION FOR DIGITAL PHOTOS - Techniques are described for managing geographical location information for digital photos. For example, sensitive geographical areas can be created and privacy options defined for managing digital photos taken within the sensitive geographical areas. The privacy options can comprise an option to not include the current geographical location in digital photos when taken and an option to include a generalized geographical location, instead of the current geographical location, in digital photos when taken. Geographical location information can also be managed when digital photos are shared. | 04-30-2015 |
20150121536 | METHODS AND APPARATUS FOR PROTECTING SOFTWARE FROM UNAUTHORIZED COPYING - A processing device provides a method for protecting a program from unauthorized copying. The processing device may include an encrypted version of the program. According to one example method, the processing device creates a secure enclave, and in response to a request to execute the encrypted program, the processing device automatically generates a decrypted version of the program in the secure enclave by decrypting the encrypted program in the secure enclave. After automatically generating the decrypted version of the program in the secure enclave, the processing device may automatically execute the decrypted version of the program in the secure enclave. Other embodiments are described and claimed. | 04-30-2015 |
20150121537 | Secure Erase in a Memory Device - The various implementations described herein include systems, methods and/or devices used to enable secure erase in a memory device. In one aspect, the method includes detecting a secure erase trigger. The method further includes determining a secure erase algorithm from among one or more secure erase algorithms to use in accordance with the detected secure erase trigger. The method further includes performing a secure erase operation in accordance with the selected secure erase algorithm, the secure erase operation including: (1) signaling a secure erase condition to a plurality of controllers on the memory device, (2) erasing one or more non-volatile memory devices on the memory device, (3) monitoring the secure erase operation, and (4) recording data related to the secure erase operation. | 04-30-2015 |
20150121538 | TECHNIQUES FOR MANAGING SECURITY MODES APPLIED TO APPLICATION PROGRAM EXECUTION - A device includes a memory and a processor coupled to the memory. The processor is configured to execute a management program, an application program, and a first security module. The management program presents a first list associated with the first security module to a user that includes a first item that represents the application program. The application program is executed in a security mode that is governed by the first security module when the first item is selected. | 04-30-2015 |
20150121539 | METHOD FOR USING RIGHTS TO CONTENTS - A method of using rights corresponding to broadcast contents in a terminal having a memory card attached thereto. The method according to one embodiment includes checking, by the terminal, whether or not rights corresponding to broadcast contents include a constraint for verifying an existence of the memory card and an existence of the rights within the memory card; and if the rights include the constraint, performing, by the terminal, a procedure for verifying the existence of the memory card and the existence of the rights within the memory card through an SRM Ping protocol, the performing the procedure for verifying including transmitting, from the terminal to the memory card, a request message, receiving, by the terminal, a response message, and continuing/initiating or stopping/not initiating a consumption of the rights. The constraint includes at least one of a synchronized element, a sync Threshold element, and a check Interval element. | 04-30-2015 |
20150128282 | PRIVACY PROTECTION FOR PARTICIPATORY SENSING SYSTEM - Provided is a method that may be used for privacy protection. The method comprises: generating a pseudonym at a user equipment in association with sensed data; calculating a unique value based upon the pseudonym using a first algorithm; sending the unique value and the sensed data to a server; receiving from the server a certificate, wherein the certificate is calculated based at least in part on the unique value using a second algorithm; and sending at least the pseudonym and the certificate to a certification center via a secure channel, for obtaining a reward associated with the sensed data; wherein the certification center is internal or external to the server. By this method, a user's identify may be protected. | 05-07-2015 |
20150128283 | ENERGY USAGE DATA MANAGEMENT - A method including receiving energy usage data representative of energy usage of a customer during a particular time period. The energy usage data is sign with a digital signature of a utility. The method includes receiving input of a customer effective to select a data block of the energy usage data. The method includes redacting the selected data block from the energy usage data in response to the input. The method includes calculating a hash value for the redacted data block using a per-customer key that is unique to the customer, an initialization vector, and a counter. The method includes replacing in the energy usage data the redacted data block with the calculated hash value corresponding to the redacted data block. | 05-07-2015 |
20150128284 | Dynamic De-Identification And Anonymity - Various systems, computer-readable media, and computer-implemented methods of providing improved data privacy, anonymity and security by enabling subjects to which data pertains to remain “dynamically anonymous,” i.e., anonymous for as long as is desired—and to the extent that is desired—are disclosed herein. Embodiments include systems that create, access, use, store and/or erase data with increased privacy, anonymity and security, thereby facilitating the availability of more qualified and accurate information. When data is authorized by subjects to be shared with third parties, embodiments may facilitate sharing information in a dynamically controlled manner that enables delivery of temporally-, geographically-, and/or purpose-limited information to the receiving party. In one example, anonymity measurement scores may be calculated for the shared data elements so that a level of consent/involvement required by the Data Subject before sharing the relevant data elements to third parties may be specified. | 05-07-2015 |
20150128285 | Dynamic De-Identification And Anonymity - Various systems, computer-readable media, and computer-implemented methods of providing improved data privacy, anonymity and security by enabling subjects to which data pertains to remain “dynamically anonymous,” i.e., anonymous for as long as is desired—and to the extent that is desired—are disclosed herein. Embodiments include systems that create, access, use, store and/or erase data with increased privacy, anonymity and security, thereby facilitating the availability of more qualified and accurate information. When data is authorized by subjects to be shared with third parties, embodiments may facilitate sharing information in a dynamically controlled manner that enables delivery of temporally-, geographically-, and/or purpose-limited information to the receiving party. In one example, anonymity measurement scores may be calculated for the shared data elements so that a level of consent/involvement required by the Data Subject before sharing the relevant data elements to third parties may be specified. | 05-07-2015 |
20150135327 | METHOD OF OBFUSCATING RELATIONSHIPS BETWEEN DATA IN DATABASE TABLES - Relationships between data in database tables are obfuscated. An input data set is divided into two database tables with corresponding rows. A key field if created in a second one of the tables, and for each row, the field is populated with a valve generated with a one-way function, using a unique valve associated with the corresponding row of the first one of the tables as an input. The two tables are stored in a data store, so that the data in corresponding rows may be associated only with access to the one way function, and the unique valve associated with a row of the first table. | 05-14-2015 |
20150135328 | VEHICLE INTERFACE - One or more embodiments of techniques or systems for intelligent data presentation are provided herein. Data can be presented on similar devices having different characteristics in different manners. For example, data may be rendered in a first manner on a first device having one monitor, the same data may be rendered in a second manner on a second device having two displays or a different display size. Financial information, sales data, banking information, etc. may be presented in a variety of ways based on capabilities or properties of a device accessing the information or data. Similarly, renderings may be selected based on interaction capabilities or interaction options a user may have with different renderings or presentations. In other embodiments, user interaction with an automated teller machine (ATM), call center, vehicle, or other interface can be based on device properties or device capabilities. | 05-14-2015 |
20150135329 | METHOD AND APPARATUS FOR PRIVACY PROTECTED CLUSTERING OF USER INTEREST PROFILES - According to an implementation of the present subject matter, apparatus and methods for privacy protected clustering of user interest profiles are described. The method includes generating at least one interest profile segment based on an interest profile of an end user ( | 05-14-2015 |
20150135330 | METHOD AND SYSTEM FOR SECURE REQUESTING OF AN OBJECT VIA A COMMUNICATIONS NETWORK - A method for requesting an object by means of a client system, which is coupled to a server system operatively via a communications network is provided, wherein a server means of the server system receives via the communications network a request message from an electronic document displayed at a client system, the request message comprises at least a first parameter, which identifies a user of the client system, and a second parameter, which identifies the requested object, the server means evaluates the parameters of the received request message, wherein data for the first parameter assigned to the user and data for the second parameter assigned to the object are determined, wherein the respective data are stored in a storage means of the server system, and after a successful evaluation, the requested object is provided for transmission to the user. | 05-14-2015 |
20150143529 | METHOD AND SYSTEM FOR ANONYMISATION IN CONTINUOUS LOCATION-BASED SERVICES - In some embodiments, a computer-implemented method includes receiving a first location-based service (LBS) request from a requesting device. One or more peer devices are selected from a plurality of actual peer devices. A set of false queries is generated, by a computer processor, based on the selected peer devices. Transmitted to a service provider are a real query, representing the first LBS request of the requesting device, and the set of false queries representing the selected peer devices. A set of query responses are received from the service provider. From the set of query responses, a real query response is extracted, corresponding to the real query. The real query response is transmitted to the requesting device in reply to the first LBS request. | 05-21-2015 |
20150143530 | METHOD FOR SHARING FILE AND ELECTRONIC DEVICE THEREOF - A method of operating an electronic device is provided. The method includes generating an edition file edited in a form that shares an original file, generating a first sharing file by inserting a watermark into the edition file, transmitting the first sharing file to an external electronic device, receiving a transmission request of a second sharing file corresponding to the original file from the external electronic device, and transmitting the second sharing file to the external electronic device. | 05-21-2015 |
20150143531 | Monitoring and Managing User Privacy Levels - Various embodiments pertain to techniques for measuring a user's privacy level as a user interacts with various web services. In various embodiments, entities with which the user interacts are detected and sensitive information shared by the user is logged to determine what a given entity knows about the user. In some embodiments, sensitive information that is shared by a user can be processed using a predictive algorithm to ascertain a user's level of privacy. When a user's identity is predicted by the algorithm, a user can be alerted to the loss of anonymity. In various embodiments, user-defined areas of anonymity can be used to measure a user's definition of privacy. In some embodiments, alerts can also be provided to the user when a new, previously undisclosed, piece of information is shared by the user. | 05-21-2015 |
20150143532 | SYSTEM AND METHOD FOR ENABLING PSEUDONYMOUS LIFELIKE SOCIAL MEDIA INTERACTIONS WITHOUT USING OR LINKING TO ANY UNIQUELY IDENTIFIABLE USER DATA AND FULLY PROTECTING USERS' PRIVACY - A quasi-identity system and methods of operating the same are described. The quasi-identity system may be deployed as a mobile application, website, or Application Programming Interface (API) at which users thereof are allowed to share opinions and other information with one another without ever having to expose their true identity or a reference thereto (e.g., email address, phone number, etc.). Thus, users of the website never have to concern themselves with the potential loss of private information and can, therefore, share their opinions more freely. | 05-21-2015 |
20150143533 | METHOD OF GENERATING A STRUCTURE AND CORRESPONDING STRUCTURE - Disclosed is a method of generating a structure comprising at least one virtual machine, the method comprising: obfuscating a first virtual machine source code, thereby yielding a first obfuscated virtual machine (OVM) source code; associating a processor identifier with the first OVM source code, thereby yielding a processor-specific first OVM source code; compiling the processor-specific first OVM source code, thereby yielding a processor-specific first OVM. Furthermore, a structure generated by said method is disclosed. | 05-21-2015 |
20150143534 | SYSTEM AND METHOD FOR MANAGING, TRACKING, AND UTILIZING COPY AND/OR PASTE EVENTS - A method of enforcing copyright rights over a distributed computer network includes the steps of transmitting website content to a remote user computer, transmitting computer executable instructions to the remote user computer, the computer executable instructions being operable to identify execution of a copy command applied to at least a portion of the website page content, receiving notification, via the computer executable instructions, of execution of a copy command applied to at least a portion of the website content, receiving identification information associated with either the remote user computer or a user of the remote user computer, and identifying publication of the at least a portion of the website page content. | 05-21-2015 |
20150150139 | DATA FIELD MAPPING AND DATA ANONYMIZATION - To establish a link between data fields related by similar data or similar information, a data management application parses data fields of data structures residing in a data store. The attributes and attribute values corresponding to the data fields are determined. The attributes and attribute values are compared and related data fields are determined. A parent data field from the related data fields is determined. A link is established between the parent data field and the data fields from the related data fields. | 05-28-2015 |
20150150140 | METHOD AND APPARATUS FOR DETERMINING SHAPES FOR DEVICES BASED ON PRIVACY POLICY - An approach is provided for determining at least one interaction mode of at least one application executing on at least one device, wherein the at least one device supports shifting from among a plurality of physical form factors. The approach also involves determining at least one selected physical form factor from among the plurality of physical form factors based, at least in part, on the at least one interaction mode, at least one user privacy policy, or a combination thereof. The approach further involves causing, at least in part, a shape shifting of the at least one device to the at least one selected physical form factor. | 05-28-2015 |
20150150141 | Systems, Methods and Computer Program Products for Managing Remote Execution of Transaction Documents - Provided are methods, systems and computer program products for providing remote document execution. Such methods, systems and computer program products may include storing an electronic document as a secure electronic file, identifying a signature space in the electronic document, the signature space, after being executed, includes a signature of a signing party of the electronic document, receiving the signature of the signing party into the electronic document stored as the secure electronic file and responsive to receiving the signature of the signing party, converting the electronic document into a read only electronic document. | 05-28-2015 |
20150150142 | COMPUTER DEVICE AND METHOD FOR ISOLATING UNTRUSTED CONTENT - A computer system and method are provided to intercept a task from a primary user account | 05-28-2015 |
20150150143 | SYSTEM AND METHOD FOR PROVIDING VIRTUAL DESKTOP INFRASTRUCTURE (VDI) SERVICE - A system for providing a virtual desktop infrastructure (VDI) service includes: a service provider configured to provide VDI service data to a client terminal; and a watermark inserter configured to insert a watermark into the VDI service data, in which the watermark comprises a watermark code for identifying a watermark and a terminal code for identifying a client terminal. | 05-28-2015 |
20150150144 | PRIVACY SERVER FOR PROTECTING PERSONALLY IDENTIFIABLE INFORMATION - A privacy server protects private information by substituting a token or an identifier for the private information. The privacy server recognizes that a communication includes private information and intercepts the communication. The privacy server replaces the private information with a random or pseudo-random token or identifier. The privacy server maintains the private information in a local database and associates the private information for a particular person with the token or identifier for that person. | 05-28-2015 |
20150293980 | DATA COMPASS - A system contains at least one load server that receives subscriber files including encrypted and unencrypted data from a vendor server connected to a subscriber network. The load server includes a load server processor that sorts the encrypted files to a decryption route and the unencrypted files to a direct loading route. The decryption route includes a decryption module that decrypts the encrypted files. The data warehouse includes at least one data warehouse processor having a job tasking module that assigns dedicated load jobs to each file. The data warehouse processor includes a staging module that loads data to a staging table. The data warehouse processor loads data from the staging table to a target table and aggregates the data into a report. | 10-15-2015 |
20150294093 | MANAGEMENT SYSTEM, INFORMATION PROCESSING DEVICE, MANAGEMENT SERVER, CONTROL METHOD THEREFOR, AND PROGRAM - When software as the object of issuance of license is software for which movement of license to another information processing device is prohibited or which is in dependence relationship with the software for which movement of license to the other information processing device is prohibited, the license is issued to which transfer prohibition information is attached indicating that movement of the license to the other information processing device is prohibited. | 10-15-2015 |
20150294114 | APPLICATION RANDOMIZATION - In one implementation, an application randomization system accesses an annotated intermediate representation of an application, identifies a first instruction block within the annotated intermediate representation, and randomly selects a first modification for the first instruction block. The application randomization system then identifies a second instruction block within the annotated intermediate representation and randomly selects a second modification different from the first modification for the second instruction block. The application randomization system then generates a native-code representation of the application in which the first modification is applied to the first instruction block and the second modification is applied to the second instruction block. | 10-15-2015 |
20150294115 | SYSTEMS AND METHODS FOR SECURING VIRTUAL MACHINE COMPUTING ENVIRONMENTS - Systems and methods are provided for securing data in virtual machine computing environments. A request is received for a security operation from a first virtual machine operating in a host operating system of a first device. In response to receiving the request, a first security module executes the security operation, the first security module implemented in a kernel of the host operating system. The result of the security operation is provided to the first virtual machine. | 10-15-2015 |
20150294118 | METHOD AND SYSTEM FOR SECURING DATA - A method for securing user data includes the steps of: a) setting the user data as input data; b) randomly fragmenting the input data into a plurality of Atoms and randomly distributing the Atoms into an AtomPool and an AtomKey; and c) recording information about the fragmentation and the distribution of step b) into an AtomMap. | 10-15-2015 |
20150294121 | ANONYMIZED DATA GENERATION METHOD AND APPARATUS - A method for generating anonymized data includes: (A) extracting, from plural data blocks, each of which includes a secret attribute value and a numeric attribute value, plural groups of data blocks, wherein each of the plural groups includes data blocks that include a first data block, which has not been grouped, whose frequency distribution of the secret attribute value satisfies a predetermined condition and whose numeric attribute values are within a certain area that has a predetermined size; and (B) replacing the numeric attribute values of the data blocks that belong to each group of the plural groups with a numeric attribute value calculated for the group. And, the certain area is determined without any relation with other certain areas for other groups. | 10-15-2015 |
20150295897 | METHOD AND DEVICE FOR CONTROLLING SECURITY SCREEN IN ELECTRONIC DEVICE - A device and a method for controlling a security screen in an electronic device are provided. The electronic device includes a display module, a first memory having at least one display data stored therein, a composing module that composes a plurality of display layers each including at least one display data and displays the same on the display module, and a control module that controls at least one of the display module, the first memory, or the composing module, wherein the control module identifies a type of the at least one display data included in each of the plurality of display layers and controls the attributes of the plurality of display layers to display a display layer including security data, among the plurality of display layers, at the uppermost position when the identified display data is the security data. | 10-15-2015 |
20150301957 | SECURED MEMORY SYSTEM AND METHOD THEREFOR - There is disclosed a cache memory controller for storing cache data within a cache, the cache data comprising an unsecured version data to corresponding secured first data. | 10-22-2015 |
20150302181 | Method and System for Simplified Recording to Discrete Media - In one aspect, a method for recordation of a content is described. A device requests a copy of the content for a discrete media (DM). The device retrieves metadata that supports the format of the DM, processes such metadata to generate a file. The file contains the content. The device causes the content to be recorded onto the DM using the file. | 10-22-2015 |
20150302182 | COMPARING APPLICATIONS AND ASSESSING DIFFERENCES - An analysis including a comparison is performed of first and second applications and a determination is made regarding whether the first is a counterfeit version of the second application, or vice-versa. Based on the analysis and comparison, and based on an assessment of the first application, an assessment of the second application may be generated. | 10-22-2015 |
20150302205 | INFORMATION ASSET PLACER - A computer-implemented method for the placing of information assets, including: discovering information about a new or changed information asset; determining one or more characteristics of an ideal location for the information asset; determining one or more characteristics of one or more locations in an information technology environment; determining the compatibility of the information asset with the location(s) by comparing the characteristic(s) of the ideal location to the characteristic(s) of the actual location(s); reporting the compatibility to a user; and optionally suggesting alternative placement locations. The locations may be part of one or more locational schemas. | 10-22-2015 |
20150302206 | METHOD AND SYSTEM FOR HIDING SENSITIVE DATA IN LOG FILES - An approach for hiding sensitive data in log files is provided. The approach uses a background program embedded within an operating system. The background program intercepts a write operation of an application and, in response to determining that the write operation is for a log file, gets content of the write operation. The background program checks a knowledge base that comprises information for the sensitive data and identifies the sensitive data in the content of the write operation. The background program masks the sensitive data in the content of the write operation, in response to determining that the content of the write operation has the sensitive data to be masked. In the log file, the background program writes modified content in which the sensitive data is masked. | 10-22-2015 |
20150302207 | PROVIDING INTRUSION DETECTION, MONITORING AND PROTECTION IN A SYSTEM - In an embodiment, a system includes a processor with at least one core to execute an application to provide intrusion detection and protection, a radar sensor to detect presence of one or more persons within a detection zone about the system and to output a detection notification responsive to the presence detection, and a peripheral controller coupled to the radar sensor to receive the detection notification and to provide the detection notification to the application, where the application is to cause a protection measure to be performed responsive to the detection notification. Other embodiments are described and claimed. | 10-22-2015 |
20150302208 | TRIGGER SIGNAL GENERATION APPARATUS AND METHOD - An apparatus and method that generate a trigger signal required for side channel analysis by analyzing the data of a smart card cryptographic module in real time. In the trigger signal generation method, a data input/output signal of a cryptographic module is monitored in real time. A preset section in the data input/output signal is analyzed. A reference signal is generated using the data input/output signal and a signal obtained from results of analysis of the preset section, and a trigger signal is generated using the reference signal. | 10-22-2015 |
20150302209 | CONTROL APPARATUS | 10-22-2015 |
20150302610 | Processing Imaging Data - A method is provided for processing image data, wherein the image data are given by an image bitmap including pixels, wherein each pixel has exactly one pixel color value. Regions including pixels having a prespecifiable first color value and a prespecifiable maximum pixel spacing are overwritten by a rectangle having a prespecifiable second color value. This method advantageously allows for anonymization of selected image data on the basis of pixel color values to be carried out. The method may be used universally, independently of the form of the information to be anonymized (e.g., embedded texts, tables, images). | 10-22-2015 |
20150310189 | ENCRYPTION METHOD FOR DIGITAL DATA MEMORY CARD AND ASSEMBLY FOR PERFORMING THE SAME - Embodiments of a portable data storage device and a method of protecting data stored in the portable data storage device are provided. In one embodiment, the portable data storage device includes a device identification unique to the portable data storage device, a rights object containing information indicative of access rights and a verification identification, a memory to store the device identification and the verification identification, and controller logic. The memory is partitioned into a plurality of areas of memory, including: a first area as a protection area to store an instruction code, a second area as a partition table area to store a partition table, and a third area as a file area to store data files. In response to a request from a client external to the portable data storage device, the controller logic compares the verification identification with the device identification to allow the client to access of the data files if the verification identification matches the device identification. | 10-29-2015 |
20150310192 | METHOD FOR PROTECTING A COMPUTER PROGRAM PRODUCT, COMPUTER PROGRAM PRODUCT AND COMPUTER-READABLE STORAGE MEDIUM - A method for protecting a computer program product, the computer program product being configured for operation in an operating environment (e.g., a virtual operating environment), includes: detecting at least one operating parameter of the operating environment in which the computer program product is executed, the at least one operating parameter having been defined outside of the operating environment; comparing the detected at least one operating parameter to a comparison value stored for each operating parameter; and outputting a warning signal if a plurality of comparison results exceeds a predetermined threshold value, wherein the comparison results indicate an execution of the computer program product in a different operating environment. | 10-29-2015 |
20150310193 | CONTROL FLOW FLATTENING FOR CODE OBFUSCATION WHERE THE NEXT BLOCK CALCULATION NEEDS RUN-TIME INFORMATION - A method of obscuring software code including a plurality of basic blocks wherein the basic blocks have an associated identifier (ID), including: determining, by a processor, for a first basic block first predecessor basic blocks, wherein first predecessor basic blocks jump to the first basic block and the first basic block jumps to a next basic block based upon a next basic block ID; producing, by the processor, a mask value based upon the IDs of first predecessor basic blocks, wherein the mask value identifies common bits of the IDs of the first predecessor basic blocks; and inserting, by the processor, an instruction in the first basic block to determine a next basic block ID based upon the mask value and an ID of one of the first predecessor basic blocks. | 10-29-2015 |
20150310218 | SYSTEMS AND METHODS FOR SECURE DISTRIBUTION OF CODES - Systems and methods for secure distribution of codes involve providing messages to end-users that include links. When one of the messages is accessed by an end-user, one of the links is accessed and a code is rendered in the message based on the accessed link. The end-user can then redeem the code for something of value. | 10-29-2015 |
20150310223 | Systems, Methods, and Computer Program Products for Interfacing Multiple Service Provider Trusted Service Managers and Secure Elements - System, methods, and computer program products are provided for interfacing between one of a plurality of service provider (SP) trusted service managers (TSM) and one of a plurality of secure elements (SE). A first request including a mobile subscription identifier (MSI) is received from an SP TSM over a communications network. At least one memory is queried for SE data including an SE identifier corresponding to the MSI. The SE data is transmitted to the SP TSM over the communications network. A second request based on the SE data is received from the SP TSM over the communications network. A third request, based on the second request, is transmitted, over a mobile network, to an SE corresponding to the SE data. The mobile network is selected from multiple mobile networks, and is determined based on the SE data queried from the memory. | 10-29-2015 |
20150310228 | SECURED MOBILE GENOME BROWSING DEVICES AND METHODS THEREFOR - A secured mobile genome browsing device is disclosed. The device can store genome data in a webapp format within an isolated, secured container in memory. The device further comprises a genome browser module that identifies relevant genome data and renders the relevant genome data, including drug interacting information, on a display of the device according to genome browsing constraints. | 10-29-2015 |
20150312246 | TOKENIZATION IN A CENTRALIZED TOKENIZATION ENVIRONMENT - Data can be protected in a centralized tokenization environment. A request to tokenize sensitive data is received by an endpoint. A token for use in tokenizing the sensitive data is identified. A token certificate store is queried for a token certificate associated with the identified token. The token certificate can include a token status and use rules describing a permitted use of the token. Responsive to the token certificate store storing the queried token certificate, the endpoint tokenizes the sensitive data using the identified token if the token status indicates the token is available, and subject to the use rules included in the token certificate being satisfied. The token certificate is updated based on the tokenization of the sensitive data with the identified token and stored at the token certificate store. | 10-29-2015 |
20150312263 | SOCIAL NETWORK PRIVACY AUDITOR - A privacy auditor determines discrepancies between user privacy settings in a social network and installed applications. The privacy auditor can employ a privacy determinator that tests an installed application on various privacy levels to determine actual privacy settings of the installed application. The privacy auditor then uses a privacy comparator to derive differences between the actual privacy settings of the installed application and the user privacy settings from the social network. | 10-29-2015 |
20150317482 | PREVENTING VISUAL OBSERVATION OF CONTENT ON A MOBILE DEVICE BY HIDING CONTENT - Users can hide content normally displayed on a mobile device screen and read or view content by touching the screen and creating a path, for example, in the shape of a circle, in which a portion of the content can be viewed. The content is hidden by a particle layer. A “hole” into the particle layer and a ghost layer is used to view content normally shown in a table view. Embodiments of the present invention allow a user to view partial content in a table (message) view, such as part of a text message, through a pre-defined area, such as a circle, square or any other shape the designer chooses while covering the other content on the screen. | 11-05-2015 |
20150317484 | PROVIDING SELECTIVE CONTROL OF INFORMATION SHARED FROM A FIRST DEVICE TO A SECOND DEVICE - A system and method for providing selective control of information shared from a first device to a second device. The system includes a connection detector to detect a short-range communication between the first device and the second device; a security setter to set or acquire a security setting; a disconnect detector to detect whether the short-range communication between the first device and the second device is terminated; and a wiper to perform data management of information shared via the short-range communication between the first device and the second device based on the security setting. | 11-05-2015 |
20150317490 | SECURE COMPUTING SYSTEMS AND METHODS - The present disclosure relates to systems and methods for facilitating trusted handling of genomic and/or other sensitive information. Certain embodiments may use a virtualized execution environment to execute code and/or programs that wish to access and/or otherwise use genomic and/or other sensitive information. In some embodiments, data requests from the code and/or programs may be routed through a transparent data access proxy configured to transform requests and/or associated responses to protect the integrity of the genomic and/or other sensitive information. | 11-05-2015 |
20150317491 | SYSTEM AND METHOD FOR SECURITY AND PRIVACY AWARE VIRTUAL MACHINE CHECKPOINTING - A checkpointing method for creating a file representing a restorable state of a virtual machine in a computing system, comprising identifying processes executing within the virtual machine that may store confidential data, and marking memory pages and files that potentially contain data stored by the identified processes; or providing an application programming interface for marking memory regions and files within the virtual machine that contain confidential data stored by processes; and creating a checkpoint file, by capturing memory pages and files representing a current state of the computing system, which excludes information from all of the marked memory pages and files. | 11-05-2015 |
20150317492 | Collision Avoidance in a Distributed Tokenization Environment - A client receives sensitive data to be tokenized. The client queries a token table with a portion of the sensitive data to determine if the token table includes a token mapped to the value of the portion of the sensitive data. If the mapping table does not include a token mapped to the value of the portion of the sensitive data, a candidate token is generated. The client queries a central token management system to determine if the candidate token collides with a token generated by or stored at another client. In some embodiments, the candidate token includes a value from a unique set of values assigned by the central token management system to the client, guaranteeing that the candidate token does not cause a collision. The client then tokenizes the sensitive data with the candidate token and stores the candidate token in the token table. | 11-05-2015 |
20150319141 | UNSEND FEATURE IN MESSAGING APPLICATIONS - A message generated at a sender device is received at a messaging server via a network. The message is transmitted to a recipient device, where it is displayed in a modified format at least partly obscuring content of the message. A command is received from the sender device to unsend the transmitted message after transmitting the message to the recipient device. The messaging server determines whether the message has been displayed in an unobscured form at the recipient device, and, responsive to the message not having been displayed in the unobscured form at the recipient device, transmits a command to the recipient device to delete the message at the recipient device. | 11-05-2015 |
20150319195 | OBFUSCATION OF LAWFULLY AUTHORIZED ELECTONRIC SURVEILLANCE - The obfuscation of information included in Session Initiation Protocol (SIP) invites for the purposes of facilitating Lawfully Authorized Electronic Surveillance (LAES) is contemplated. The obfuscation may include the use of LAES headers with invites of sessions that require surveillance as well as those not requiring surveillance and/or selecting values or otherwise influencing parameter selection of data included in LAES headers according to a validity function, a shared secret, a key or other construct. | 11-05-2015 |
20150324375 | METHOD AND APPARATUS FOR PROVIDING A LAYERED WEBPAGE - Methods, apparatuses, and computer program products are described herein that are configured to provide a web page with one or more additional layers allowing certain functionality to be performed without having to navigate away from the web page. One example embodiment may include a method for providing a page, the page comprising a main layer and one or more additional layers, displaying the main layer and one or more indications representing the one or more additional layers, receiving a selection of at least one of the one or more indications, and displaying the at least one of the one or more additional layers in conjunction with displaying the main layer, the at least one of the one or more additional layers configured to manipulate the main layer. | 11-12-2015 |
20150324553 | Providing Display Content According to Confidential Information - A method, system, and program to prevent leakage of confidential information included in a display content. A terminal device controls the displays of an internal display and an external display provided separately from the internal display. The terminal device includes a display control section which, when confidential information is included in an image to be displayed on the external display, causes the external display to display a substitute content instead of this image, and the internal display to display the image including the confidential information, and a confidential information processing section for performing processing on the confidential information included in the image displayed on the internal display by the display control section. | 11-12-2015 |
20150324554 | REGISTRATION OF DEVICES IN A DIGITAL RIGHTS MANAGEMENT ENVIRONMENT - Methods and structure for Digital Rights Management (DRM) are provided. An exemplary system includes a Digital Rights Management (DRM) licensing server. The DRM licensing server is able to receive authentication information generated by a DRM module of a client device, and to receive a device identifier that uniquely distinguishes the client device from other client devices, wherein the device identifier has been generated by the DRM module. The DRM licensing server is further able to authenticate the DRM module based on the authentication information, to create a signed identifier based on the device identifier responsive to authenticating the DRM module, and to transmit the signed identifier to the client device. The system also includes an application server able to register the client device with an account at the application server, based on the signed identifier. | 11-12-2015 |
20150324590 | METHOD FOR PROTECTING DATA - In the present disclosure, a hash function is computed over a known image, for example, an address range in a program. The result of the hash function is known to be the same at two distinct points in time, before the program is run, i.e. signing at build-time, and during the running of the program, i.e. run time. The value that the programmer wishes to hide, i.e. the secret value, is also known at build-time. At build-time, the secret value is combined with the hash in such a way that the combining operation can be reversed at run time. This combined value, i.e. the salt, is stored along with the program. Later, at runtime, the program computes the same hash value as was computed at signing time, and does the reverse combining operation in order to reveal the secret value. | 11-12-2015 |
20150324591 | INFORMATION PROCESSING APPARATUS AND METHOD, RECORDING MEDIUM, AND PROGRAM - Information processing apparatus and method, recording medium, and program are provided. An information processing apparatus includes the following elements. A receiver receives a command requesting for the execution of predetermined processing. A storage unit stores data and first information indicating, among a plurality of stages in a lifecycle of the information processing apparatus, the current stage determined by the stored data and second information indicating an executable command in the current stage, the executable command being determined for each of the plurality of stages. A determining unit determines on the basis of the first information and the second information whether the command received by the receiver is an executable command in the current stage. | 11-12-2015 |
20150324607 | METHODS AND SYSTEMS FOR OBFUSCATING SENSITIVE INFORMATION IN COMPUTER SYSTEMS - A data-masking tool encoded on one or more computing readable storage media that includes a code that uses a combination of fields that uniquely identifies data in a record and utilizing it as a reference to mask original data with substitute values, by either aggregating several into one, mapping one-to-one or expanding one into a set. | 11-12-2015 |
20150324609 | SEMANTICALLY DETERMINING A SECURITY CLASSIFICATION OF DATA - Disclosed herein is a method for determining a security classification for data that includes generating a classification signature for data based on a semantic interpretation of the data. The classification signature is associated with a security classification for the data. The method also includes comparing the generated classification signature to a predetermined classification signature associated with the security classification. Further, the method includes verifying the generated classification signature matches the predetermined classification signature. | 11-12-2015 |
20150326522 | System and Methods for Event-Defined and User Controlled Interaction Channel - System and methods for an event defined and user controlled interaction channel are disclosed. The interaction channel can be added to people, locations, things, or media content for associated activity and information interactions between interested parties to achieve a goal or outcome. The disclosed system may include mobile, web, and cloud applications or services supporting enablement of an interaction channel for attachment and/or interconnection with traditional or social media sources, communication services, or other referenced objects to facilitate added layers of host-defined and user controlled interactions. The methods may include an event definition process for an event host to easily and quickly attach an interaction channel to a referenced object for user controlled interactions. The methods may also include convenient and non-intrusive event sign-in or channel connection processes for users to have full control of how they want to participate and control their data privacy in activity and information interactions with the event-defined interaction channel host and/or users. | 11-12-2015 |
20150326536 | SYSTEM AND METHOD FOR EXECUTION OF DEDICATED PERSONAS IN MOBILE TECHNOLOGY PLATFORMS - A method and user terminal for executing an anonymous or limited persona on a mobile technology platform (MTP) are provided. The method includes configuring a persona to be an anonymous persona by hiding at least an activity performed within the persona; executing the anonymous persona in a background operation of the MTP; checking if a secret request to activate the anonymous persona has been received; and activating the anonymous persona in the foreground of the operation of the MTP, upon receiving the secret request. | 11-12-2015 |
20150332025 | INFORMATION PROCESSING DEVICE, LICENSE ASSIGNMENT METHOD, AND COMPUTER-READABLE, NON-TRANSITORY MEDIUM - An information processing apparatus includes a storage for storing a plurality types of software licenses in association with a number of possessed licenses, a product type of a software product, and a device specification condition, a receiver for receiving information of a software product operating in a management target device and information of a device specification of the management target device, a determining module for determining a software license to be assigned to the management target device based on the number of possessed licenses, a number of the product types, or the device specification condition, when there is a plurality of software licenses, in which the software product is included in the product type and the device specification meets the device specification condition, among the plurality types of software licenses, and an assigning module for assigning a software license determined by the determining module to the management target device. | 11-19-2015 |
20150332040 | Systems, Devices, and Methods for Authenticating A Value Article - Systems, devices, and methods for authenticating a value article are provided herein. In an embodiment, a system for authenticating a value article that includes a luminescent material includes a portable computing device and an authentication device that is physically and electronically separate from the portable computing device. The portable computing device includes a microprocessor and a data receiver. The authentication device has the capacity to electronically connect with the portable computing device, and the authentication device includes an exciting light source, a photodetector, and a data transmitter. The exciting light source is provided to excite luminescent material of the value article, and the photodetector is provided to detect emitted radiation from the luminescent material after excitation. The data transmitter has the capacity to transfer a detected radiation signal or data derived therefrom from the authentication device to the data receiver of the portable computing device when electronically connected. | 11-19-2015 |
20150332056 | PROTECTING DATA OWNED BY AN OPERATING SYSTEM IN A MULTI-OPERATING SYSTEM MOBILE ENVIRONMENT - An approach is provided for protecting data owned by an operating system on a mobile computing device having multiple operating systems. A map specifying protected data regions for the operating systems on the mobile computing device is generated. At least a portion of the map is secured with a shared key. Based on the map and the shared key, and in response to a data cleanup activity being performed by a software utility being executed on another, currently running operating system included in the multiple operating systems, a data region included in the protected data regions is determined to be owned by the operating system. Based on the data region being owned by the operating system and the data region being specified by the map, the data cleanup activity is blocked from being performed on the data region owned by the operating system. | 11-19-2015 |
20150332057 | METHOD AND APPARATUS FOR OBTAINING SENSING DATA - An electronic device according to various embodiments of the present disclosure may include at least one sensor module including a transmitter, a receiver, a secure memory for storing data obtained by the receiver, and a security control module for controlling the transmitter based on whether a target memory in which the obtained data is to be stored is the secure memory. In an example, the sensor may be a biometric sensor in which the transmitter transits an optical signal to a user's finger or iris or the like to authenticate the user. If malicious code attempting to defeat security is detected, so that the secure memory is not set up as the target memory, the security control module may control the transmitter by restricting transmission of signals. | 11-19-2015 |
20150332059 | ELECTRONIC TRANSMISSION SECURITY PROCESS - An electronic transmission system and method for converting and transmitting transmissions to provide secure communication between a plurality of users and protect or secure content of each transmission by preventing unauthorized individuals from capturing and viewing or hearing the transmitted content in its entirety. The electronic transmission system breaks a transmission apart into a random plurality of pieces and randomly transmits each piece separately to a plurality of remote servers. If an unauthorized party tries to intercept and access an electronic transmission, they will not be able to capture the entire transmission and will not be able to recompile its actual content, but rather misleading content. A password or other suitable authentication requirement(s) authenticates the intended recipient and allows the original pieces to be retrieved and re-compiled for viewing or hearing. | 11-19-2015 |
20150332060 | SYSTEM, COMMUNICATION APPARATUS, AND COMMUNICATION METHOD - A system includes a plurality of communication apparatuses, the plurality of communication apparatuses performing communication using predetermined information. Each of the plurality of communication apparatuses includes a detection unit configured to detect a first signal issued from a first signaling part and a second signal issued from a second signaling part; and a communication unit configured to perform the communication with another communication apparatus of the plurality of communication apparatuses within an area where the detection unit can detect the first signal and the second signal. | 11-19-2015 |
20150332067 | SOCIAL EXPOSURE MANAGEMENT SYSTEM AND METHOD - The invention describes and claims a system and a method of computer-implemented social exposure management, intended for expeditious and near-simultaneous alteration of user's privacy characteristics across a plurality of social media environments. The system comprises a GUI interface for setting user's preferences, a processing component for transforming the user's preferences and commands into an action command sequence, an execution component for implementation of the user-selectable preferences and commands, and a feedback system for providing a report of the system's actions in altering of user's privacy characteristics. | 11-19-2015 |
20150339054 | METHOD AND SYSTEM FOR INPUTTING AND UPLOADING DATA - A method and a system for inputting and uploading data are disclosed. The data inputting and uploading method comprises following steps. A figure factor is generated by a user equipment according to a key rule. A dynamic keyboard is generated by the user equipment according to the figure factor, wherein the dynamic keyboard is composed of a plurality of figures. A permutation of the selected figures is recorded by the user equipment. The permutation of the selected figures is transformed into a hash code by the user equipment. The hash code is received and transformed into a plain code by a back-end device. | 11-26-2015 |
20150339462 | METHOD AND LICENSING SYSTEM FOR AUTOMATICALLY LICENSING SERVICE FEATURES DURING THE UPGRADE OF A COMMUNICATION SYSTEM - The invention relates to a method for automatically licensing service features during the upgrade of a first communication system ( | 11-26-2015 |
20150339492 | Protecting user privacy from intrusive mobile applications - Systems and techniques are provided for protecting user privacy from intrusive mobile applications. A capability request may be received from an application. The capability request may be a request for access to data associated with a capability. A selection may be received to provide the application with stub data upon receiving a request from the application to access the data associated with the capability. The stub data may be generated to be provided to the application when the application requests the data associated with the capability. The stub data may be stored. A request may be received from the application for the data associated with the capability. It may be determined that the application is to be provided with the stub data when the application requests access to the data associated with the capability. The stub data may be retrieved. The stub data may be provided to the application. | 11-26-2015 |
20150339496 | System and Method for Shifting Dates in the De-Identification of Datasets - A system and method of performing date shifting with randomized intervals for the de-identification of a dataset from a source database containing information identifiable to individuals is provided. The de-identified dataset is retrieved comprising a plurality of entries or records containing personal identifying information. Date quasi-identifiers in the dataset for the entries can be identified within the data set which may be used potentially identifiable for a patient. Date events are consolidated in the date quasi-identifiers and connected dates in the dataset. The date events are moved relative to an anchor date in a longitudinal sequence of the date events. De-identification of the entries in the dataset including the date quasi-identifiers is performed to meet a risk metric defining risk of re-identified patients associated with the records. | 11-26-2015 |
20150341322 | USER PRIVACY PROTECTION METHOD AND SYSTEM - Methods and systems for facilitating communications between user computing devices and online entities (such as web sites, advertisers, and/or advertising networks or exchanges), and safeguarding user identifiable information and ad targeting data from those entities are provided. Communications sent from user computing devices and directed to the entities are intercepted, and those communications are processed to encrypt, or otherwise remove, user identifiable information therein. The processed communications are transmitted to the intended entities, targeting data calls are received from those entities for ad targeting data associated with users of those computing devices, and at least a portion of such ad targeting data is provided to the entities when certain predefined conditions are met. | 11-26-2015 |
20150347721 | SYSTEM AND APPARATUS FOR FAULT-TOLERANT CONFIGURATION AND ORCHESTRATION AMONG MULTIPLE DRM SYSTEMS - A method of updating a common provisioning system (CPS) service is provided that includes: selecting a DRM service level from a DRM provider and a corresponding CPS service for said DRM service level; determining if the CPS service is associated with one or more CPS packages; for each associated CPS package, determining if the association is in a corrupt state, wherein the association is in a corrupt state if at least one package content collection (PCC) for the CPS package does not correctly include or exclude the DRM service level that corresponds to said CPS service; and for each associated CPS package in a non-corrupt state, updating a package content collection (PCC) in the DRM provider. | 12-03-2015 |
20150347749 | CONSISTENT EXTENSION POINTS TO ALLOW AN EXTENSION TO EXTEND FUNCTIONALITY OF AN APPLICATION TO ANOTHER APPLICATION - According to one embodiment, in response to an inquiry received from a first application for an extension service associated with a first of a plurality of extension points of an operating system, a list of one or more extensions is identified that have been registered for the first extension point with the operating system, where the first application is executed within a first sandboxed environment. The identified list of extensions is displayed to prompt a user to select one of the extensions to be associated with the first application. In response to a selection of one of the extensions, the selected extension is launched in a second sandboxed environment. The selected extension and the second application were packaged in an application bundle, and when the application bundle was installed, the selected extension and the second application appeared in a registry of the operating system as separate applications. | 12-03-2015 |
20150347762 | MECHANISM FOR PROTECTING INTEGRATED CIRCUITS FROM SECURITY ATTACKS - A mechanism for protecting integrated circuits (IC) from security attacks includes an IC having components that may store one or more data items and may perform a number of functions and which produce resulting events. The IC may also include a security module that may modify signals and events provided to the components such that the resulting events are modified in a non-effectual way but that causes the events to be non-deterministic relative to an event that is external to the integrated circuit when the resulting events are viewed externally to the IC. This may result in obscuring the data, and the functions from being observed from external to the IC, particularly when using an IR laser probe. | 12-03-2015 |
20150347765 | SECURE FILE TRANSFER SYSTEMS AND METHODS - Certain example embodiments relate to file transfer systems and/or methods that enable a single provider to offer to different customers customizable file transfer solutions that are secure, scalable to handle enterprise-level amounts of data, and able to meet customer-specific needs even though such needs are not necessarily known in advance. Once initially set up, the file transfer solution of certain example embodiments delegates management of the customer-specific instances of the solution, optionally in a sub-delegatable manner and, thus, the single provider need not be consulted after specific initial instance deployment time (e.g., for security management and/or other routine maintenance issues). | 12-03-2015 |
20150347786 | SECURE STORAGE OF AN ELECTRONIC SUBSCRIBER IDENTITY MODULE ON A WIRELESS COMMUNICATION DEVICE - A method for secure storage of an embedded Subscriber Identity Module (eSIM) on a wireless communication device including an embedded Universal Integrated Circuit Card (eUICC) and a memory external to the eUICC is provided. The method can include the eUICC determining that an eSIM package including an eSIM is to be stored on the memory. The method can also include the eUICC, in response to determining that the eSIM package is to be stored on the memory, maintaining a single-use session parameter associated with the eSIM package to enable installation of the eSIM on the eUICC if the eSIM package is later loaded onto the eUICC from the memory. | 12-03-2015 |
20150350165 | SYSTEM AND METHOD FOR DYNAMICALLY ALLOCATING RESOURCES - A computer network has a number of resources. One or more trusted localisation provider certifies the location of the resources. Encrypted data is closely associated with a policy package defining privacy policies for the data and metapolicies for their selection. A trusted privacy service enforces the privacy policies. The trusted privacy service is arranged to supply a key to a resource to allow that resource to process data if the trusted privacy service determines from the trusted localisation provider certifying the location and other contextual information of the resource that the privacy policy allows processing of the data on that resource in that location. | 12-03-2015 |
20150350215 | METHOD AND TERMINAL DEVICE FOR KID MODE - The disclosure relates to a method and a terminal device for processing an application in a kid mode, and the disclosure belongs to the field of Internet technology. The method includes receiving a list of allowed functions or a list of prohibited functions of a target application from a first terminal device, determining allowed functions in the target application according to the list of allowed functions or the list of prohibited functions, and displaying the allowed functions in a kid mode of the target application. Therefore, according to the present disclosure, normal usage of applications is not affected in the kid mode. | 12-03-2015 |
20150356280 | SYSTEMS AND METHODS FOR DETERMINING COMPATIBILITY BETWEEN SOFTWARE LICENSES - A non-transitory storage device stores instructions that, when executed by a processor, causes the processor to receive, from an input device, input identifying software licenses for software components to be included in an application. The instructions also cause the processor to receive usage information identifying how the application is to be used, determine whether an incompatibility exists between a first one of the software licenses for a first software component and a second one of the software licenses for a second software component, and based on a determination of the existence of an incompatibility, display a recommendation by the processor as to how to avoid the incompatibility. | 12-10-2015 |
20150356304 | DEVICE AND METHOD FOR ACTIVATING SECURITY FUNCTION FOR CHATTING REGION - There may be provided a method that activates a security function. The method includes: displaying a chatting region on a display of a user device; presenting chatting texts of multiple users on the displayed chatting region; receiving a security request signal for requesting activation of a security function through a user interface; receiving a signal for selecting a non-security region in the displayed chatting region through the user interface; and displaying the non-security region differently from a security region in the displayed chatting region. | 12-10-2015 |
20150363576 | Restricted Code Signing - A method and system is provided for signing data such as code images. In one embodiment, the method comprises receiving, from a requestor, a request to sign the data according to a requested configuration selected from a first configuration, in which the data is for use with any of the set of devices, and a second configuration in which the data is for use only with a subset of a set of devices; modifying the data according to the requested configuration; generating a data signature using the modified data; and transmitting the generated data signature to the requestor. Another embodiment is evidenced by a processor having a memory storing instructions for performing the foregoing operations. | 12-17-2015 |
20150363577 | Remotely Defining Security Data for Authorization of Local Application Activity - Systems and methods, including computer software adapted to perform certain operations, can be implemented for remotely defining security data for authorizing access to data on a client device. Permission indicators are associated with a sequence of instructions, and a protected activity is associated with one or more of the permission indicators and with an instruction within the sequence of instructions. The one or more permission indicators and the sequence of instructions are provided to a remote device. The remote device determines whether execution of the instruction is permitted based, at least in part, on the one or more permission indicators, and the remote device performs the protected activity if execution of the instruction is permitted. | 12-17-2015 |
20150363578 | AUTOMATED POPULARITY-BASED PRICING FOR DIGITAL CONTENT LICENSING - A method and apparatus for automated popularity-based pricing for digital content licensing are provided. Automated popularity-based pricing for digital content licensing may include receiving a request for access to content, the request for access indicating a customer account, determining a cardinality of assigned units for the content based on a popularity based assignment index for the content, identifying a cardinality of available licensing units allocated to the customer account, determining whether the cardinality of the assigned units is within the cardinality of the available licensing units, outputting a response indicating that the request is granted, on a condition that the cardinality of the assigned units is within the cardinality of the available licensing units, and outputting a response indicating that the request is denied, on a condition that the cardinality of the assigned units exceeds the cardinality of the available licensing units. | 12-17-2015 |
20150363580 | PROTECTING SOFTWARE THROUGH A FAKE CRYPTOGRAPHIC LAYER - The fake cryptographic layer obfuscation technique can be used to lure an attacker into expending reverse engineering efforts on sections of code the attacker would normally ignore. To do this the obfuscation technique can identify sections of code that are likely to be of lesser interest to the attacker and disguise them as higher value sections. This can be achieved by transforming a lower value section of code to include code patterns, constants, or other characteristics known to exist in sections of code of higher value, such as cryptographic routines. To transform a code section, the obfuscation technique can use one or more program modifications including control flow modifications, constant value adjustments to simulate well-known cryptographic scalars, buffer extensions, fake characteristic table insertion, debug-like information insertion, derivation function-code generation linking, and/or cryptographic algorithm specific instruction insertion. | 12-17-2015 |
20150363600 | Method, Apparatus, and System for Data Protection - A method, an apparatus, and a system for data protection. A specific solution is: a proxy server receives outgoing data from a user terminal, where the outgoing data carries an identifier of a user; acquires a user grade and a credit value of the user from a credit server according to the identifier, where the credit value is a violation percentage of historical outgoing data of the user; sends the outgoing data, the user grade, and the credit value to a DLP server so that the DLP server inspects security of the outgoing data according to the user grade and the credit value, and further generates a message including an inspection result; and receives, from the DLP server, the message including the inspection result and uses a policy corresponding to the inspection result to process the outgoing data. The present invention is used during a protection process of outgoing data. | 12-17-2015 |
20150363601 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING SYSTEM, AND INFORMATION PROCESSING METHOD - An information processing apparatus includes a determination unit configured to determine whether data including identification information of a user satisfy a condition to conceal the identification information, the data being generated when the user uses an apparatus, the condition being stored in a condition storage; a concealing unit configured to execute a concealing process to conceal the identification information included in the data when the data satisfy the condition; and a data storage configured to store one of the data including the identification information and data including the concealed identification information. | 12-17-2015 |
20150363602 | SYSTEM AND METHOD FOR ACCESSING AND UPDATING SECURED DATA - A method is provided for use on an electronic device having a display, a communication component, a memory, and a processor coupled to the display, the communication component, and the memory. The memory stores data in a first sandbox and data in a second sandbox, the first sandbox being a secure sandbox and having a shadow data component, the shadow data component storing a subset of the data stored in the first sandbox. The method comprises, in response to a request, providing the data stored in the first sandbox when the first sandbox is in an unlocked mode and providing the data stored in the shadow data component when the first sandbox is in a locked mode. | 12-17-2015 |
20150363612 | MANAGING CONFIDENTIAL INFORMATION - Embodiments of the present application relate to a method, apparatus, and system for managing confidential information. The method includes accessing stored target information comprising a public part and a confidential part, wherein an identifier corresponds to the confidential part of the target information, outputting the public part of the target information and the corresponding identifier, wherein the public part of the target information comprises at least first address information, receiving location information and a to-be-recognized identifier, wherein the location information is associated with a current location of a mobile terminal, determining whether the location information is consistent with the first address information, and in the event that the location information is consistent with the first address information, sending the confidential part of the target information associated with the to-be-recognized identifier to the mobile terminal. | 12-17-2015 |
20150371013 | METHOD AND SYSTEM FOR LOCKING CONTENT - In the present disclosure provides a method and system for locking content, such as video discs, until a release date having a first server configured for generating a daily key, a firewall couple to the first server for securing the content thereof and a second server for hosting an Internet webpage for publishing the daily disc key and coupled via the firewall to the first server for receiving the daily key therefrom. An end-user video disc player may be configured to connect to the second server via the Internet and includes executable code for retrieving the daily key from the second server or for providing a user interface for manually entering the daily key from the second server. | 12-24-2015 |
20150371014 | OBSCURELY RENDERING CONTENT USING MASKING TECHNIQUES - Exemplary embodiments relate to methods, apparatus, and computer-readable media storing instructions for displaying content. An exemplary method comprises receiving source content, constructing a mask that segments the source content into at least a first segment and a second segment, identifying a masking technique, generating a first transformed image by applying the masking technique to the first segment, the first transformed image being different from the source content, generating a second transformed image by applying the masking technique to the second segment, the second transformed image being different from the source content and the first transformed image, and displaying the first transformed image and the second transformed image as frames in a repeating series of frames to thereby approximate the source content. | 12-24-2015 |
20150371048 | APPARATUS AND METHOD FOR COMMUNICATIONS IN A SAFETY CRITICAL SYSTEM - A safety communication scheme for a safety-critical system which includes two or more higher level units that have voting capabilities and one or two sets of lower level units that do not have voting capabilities, involves using one channel between the high and low level units for safety and two channels for redundancy. | 12-24-2015 |
20150371049 | SYSTEMS, METHODS AND DEVICES FOR PROVIDING VISUAL PRIVACY TO MESSAGES - At least one of the embodiments described herein relate generally to a method of providing visual privacy for a message sent to at least one device. The method may include the acts of: receiving the message at the at least one device, the message including content and a privacy indicator; converting the content to a content image; applying a blur function to the content image to generate a blurred content image, generating an obscured layer from the blurred content image; partitioning the content image into one or more segments to generate a content layer, the one or more segments each having one or more segment attributes; aligning the obscured layer with the content layer, wherein selecting an area on the obscured layer corresponding to the one or more segments removes the obscured layer for the one or more segments based on the one or more segment attributes. | 12-24-2015 |
20150371050 | METHOD AND END DEVICE FOR SECURELY INPUTTING ACCESS CODE - The invention provides a method for securely inputting an access code to an input interface of a mobile end device. During an input time period covering the process of inputting the access code, at least one or some sensors of the end device that are uninvolved in the input of the access code, said sensors being respectively arranged for capturing sensor variables by sensor, are hindered from capturing and/or passing on the respective sensor variable. Possible sensors are acceleration sensors or a digital camera. The method prevents the access code from being spied out by means of the deactivated sensors. | 12-24-2015 |
20150371051 | METHOD AND APPARATUS FOR PROTECTING DIGITAL CONTENT USING DEVICE AUTHENTICATION - A user device may strengthen the protection level of a digital content by dividing the security and normal modes and performing an operation. In order to further strengthen the protection level of the digital content, the user device may determine whether the main operating system is hacked or not, and blocks the operation in the secure mode. Otherwise, the device authorization information indicating the device security level of the user device is authorized by the content service server, and the user device blocks the operation in the secure mode according to the result. | 12-24-2015 |
20150371059 | PRIVACY-SENSITIVE RANKING OF USER DATA - One embodiment of the present invention provides a system for privacy-sensitive ranking of aggregated data. During operation, the system distributes secret keys to a plurality of devices. The system then generates a plurality of probability density functions in a privacy-preserving way using encrypted data received from a subset of the plurality of devices. The encrypted data is data that has been encrypted with one or more of the secret keys by the subset of devices. The system then generates a plurality of probability mass functions, each probability mass function associated with a corresponding probability density function. Subsequently, the system computes a plurality of distance values, each respective distance value being a measure of distance from a probability mass function to a second distribution. The system then ranks the probability mass functions and/or associated attributes according to their respective distance from the second distribution. | 12-24-2015 |
20150373045 | METHODS AND APPARATUS FOR VARYING SOFT INFORMATION RELATED TO THE DISPLAY OF HARD INFORMATION - Methods, systems, and apparatuses for varying soft information are disclosed. In an example embodiment, a security processor receives, from a transaction server, hard information to transmit to a client device related to a transaction with the client device, and soft information related to the display of the hard information on the client device. The security processor determines a variation of the soft information configured to prevent a malicious application from interacting with the hard information and determines the variation of the soft information does not change how the hard information is displayed at the client device compared to how the hard information was to be displayed using the soft information. Responsive to determining the variation of the soft information does not change how the hard information is displayed, the security processor transmits the hard information and the variation of the soft information to the client device. | 12-24-2015 |
20150379245 | DEDUPLICATION OF END USER LICENSE AGREEMENTS - In a computer-implemented method for deduplicating a plurality of instances of end user licensing agreements (EULAs), an end user licensing agreement (EULA) from a software bundle is accessed. Only a single instance of the EULA is displayed such that there is a deduplication of a plurality of instances of EULAs. | 12-31-2015 |
20150379275 | PRIVACY AGAINST INFERENCE ATTACKS FOR LARGE DATA - A methodology to protect private data when a user wishes to publicly release some data about himself, which is correlated with his private data. Specifically, the method and apparatus teach combining a plurality of public data into a plurality of data clusters in response to the combined public data having similar attributes. The generated clusters are then processed to predict a private data wherein said prediction has a certain probability. At least one of said public data is altered or deleted in response to said probability exceeding a predetermined threshold. | 12-31-2015 |
20150379297 | SECURELY STORING CONTENT WITHIN PUBLIC CLOUDS - Systems, methods, and computer-readable storage media are provided for securely storing and accessing content within a public cloud. A processor manufacturer provides processors having secure enclave capability to a cloud provider. The provider makes available a listing of processor identifiers (CPUIDs) for processors available for storing content and having secure enclave capability. A content owner provides CPUIDs for desired processors from the listing to the manufacturer which provides the content owner with a processor-specific public code encryption key (CEK) for encrypting content to be stored on each processor identified. Each processor is constructed such that content encrypted with the public CEK may only be decrypted within a secure enclave thereof. The content owner encrypts the desired content with the public CEK and returns the encrypted content and the CPUID for the appropriate processor to the cloud provider. The cloud provider then stores the encrypted content on the particular processor. | 12-31-2015 |
20150379302 | PRIVACY ENHANCED EMAIL SERVICE - Generally, this disclosure describes a system including a user device and a privacy service. The user device includes a random number generator module configured to generate a random number. The user device further includes an email account module configured to create a random email name based, at least in part, on the random number and to create a random email address including the random email name and a privacy domain name. The random email address is configured to be provided to a service provider. | 12-31-2015 |
20150379307 | PROTECTION OF A NON-VOLATILE MEMORY BY CHANGE OF INSTRUCTIONS - A method for protecting a volatile memory against a virus, wherein: rights of writing, reading, or execution are assigned to certain areas of the memory; and a first list of opcodes authorized or forbidden as a content of the areas is associated with each of these areas. | 12-31-2015 |
20150381571 | SYSTEM AND METHOD FOR SECURELY MANAGING MEDICAL INTERACTIONS - Disclosed are peer-to-peer mobile applications that manage secure and intelligent communication between medical providers, patients, and/or physicians. The mobile application can be configured to provide an encrypted mixed media messaging system between registered users that provide, for example, a HIPAA compliant messaging platform. A secure messaging system can controls delivery of the mobile application and provide functionality to enable providers to control the messaging environment. The secure messaging system can be architected to provide geographically located servers. The geographically located servers can be configured to manage secure communication and implement geographically based communication requirements. In various embodiments, a plurality of communication management servers can be located in multiple jurisdictions, each managing respective communication requirements and/or restrictions. | 12-31-2015 |
20150381626 | SYSTEMS AND METHODS FOR EFFICIENT DETECTION OF FINGERPRINTED DATA AND INFORMATION - The disclosed embodiments provide systems, methods, and apparatus for efficient detection of fingerprinted content and relate generally to the field of information (or data) leak prevention. Particularly, a compact and efficient repository of fingerprint ingredients is used to analyze content and determine the content's similarity to previously fingerprinted content. Some embodiments employ probabilistic indications regarding the existence of fingerprint ingredients in the repository. | 12-31-2015 |
20160004848 | OBTAINING SOFTWARE ASSET INSIGHT BY ANALYZING COLLECTED METRICS USING ANALYTIC SERVICES - A plurality of software instances deployed in a monitored environment are discovered by a software asset management tool operated by a software asset administrator who is responsible for monitoring software license compliance within the monitored environment. The software asset management tool then collects metrics associated with the plurality of software instances. The collected metrics are then provided to a first analytic service adapted to generate analytic information about the plurality of software instances. Using at least the collected metrics, the analytic service generates analytic information. The analytic information is then obtained from the analytic service. By reviewing the analytic information, the software asset administrator is able to obtain additional insight into the monitored environment that would not otherwise be available to him. | 01-07-2016 |
20160004871 | METHOD AND APPARATUS FOR INCREMENTALLY SHARING GREATER AMOUNTS OF INFORMATION BETWEEN USER DEVICES - Methods and systems are disclosed for incrementally sharing increasing amounts of information between two or more user devices. An aspect detects a second user device that is proximate a first user device, receives first log data from the second user device, determines whether the first user device and the second user device interacted with each other during a first period of time based on the first log data, assigns a first trust level to the second user device based on the first log data, wherein the second log data is more private than the first log data, determines whether the first user device and the second user device interacted with each other during a second period of time based on the received second log data, and assigns a second trust level to the second user device based on the second log data. | 01-07-2016 |
20160004872 | Information Processing Device, and Information Processing Method - An information processing device includes an interrupt information output request part configured to detect an input of interrupt information, which is information newly output with an output part and which includes a plurality of contents, when output information is being output with the output part. An output controller restricts the scope of the interrupt information being output with the output part based on the type of the output information. Thus, the information processing device is able to switch an operation as to whether or not to output personal information such as an incoming notice with the output part. | 01-07-2016 |
20160006700 | PRIVACY AGAINST INFERENCE ATTACKS UNDER MISMATCHED PRIOR - A methodology to protect private data when a user wishes to publicly release some data about himself, which is can be correlated with his private data. Specifically, the method and apparatus teach comparing public data with survey data having public data and associated private data. A joint probability distribution is performed to predict a private data wherein said prediction has a certain probability. At least one of said public data is altered or deleted in response to said probability exceeding a predetermined threshold. | 01-07-2016 |
20160006747 | SYSTEM AND METHOD FOR PARALLEL SECURE CONTENT BOOTSTRAPPING IN CONTENT-CENTRIC NETWORKS - One embodiment of the present invention provides a system for retrieving a content collection over a network. During operation, the system determines additional information associated with the piece of content that is needed for consumption of the content collection; generates a plurality of Interests, which includes at least one Interest for a catalog of the content collection and at least one Interest for the additional information; and forwards, concurrently, the plurality of Interests, thereby facilitating parallel retrieval of the content collection and the additional information. | 01-07-2016 |
20160012209 | PUBLISHING CONTENT PENDING FINAL APPROVAL | 01-14-2016 |
20160012219 | MULTIPLE-KEY FEATURE TOGGLES FOR COMPLIANCE | 01-14-2016 |
20160012245 | COMPUTER SECURITY RESPONSIVE TO AN OPERATING ENVIRONMENT | 01-14-2016 |
20160012252 | TECHNIQUES AND ARCHITECTURE FOR ANONYMIZING USER DATA | 01-14-2016 |
20160014092 | METHOD AND SYSTEM FOR CREATION AND VERIFICATION OF ANONYMOUS DIGITAL CREDENTIALS | 01-14-2016 |
20160014094 | PROTECTION OF PRIVATE DATA | 01-14-2016 |
20160019394 | METHOD AND SYSTEM FOR PRIVACY PRESERVING COUNTING - A method includes: receiving a set of records from a source, wherein each record in the set of records includes a set of tokens, and wherein each record is kept secret from parties other than the source, and evaluating the set of records with a garbled circuit, wherein the output of the garbled circuit is a count based on the set of tokens. An apparatus includes: a processor, that communicates with at least one input/output interface and at least one memory in signal communication with the processor, and wherein the processor is configured to: receive a set of records from a source, wherein each record includes a set of tokens, and wherein each record is kept secret from parties other than the source and evaluate the set of records with a garbled circuit, wherein the output of the garbled circuit is a count based on the set of tokens. | 01-21-2016 |
20160019402 | INTEGRATED COLLABORATION PLATFORM FOR CONTEXTUAL COMMUNICATION - An integrated collaboration platform with various communication and collaboration tools includes an analytic engine to perform communication and mood analysis of conversations among other analyses. The platform enables a method for contextual communication, in an embodiment. The method for contextual communication involves receiving an indication of sending a message from a sender to a recipient, understanding the topic of the message, analyzing various parameters associated with the sender and the recipient, and suggesting a list of messages, information, alternate communication channels, desired moods for the receiver at the time of receiving the message, and timing of delivery of the message for a desired response from the recipient. | 01-21-2016 |
20160021064 | SYSTEM AND METHOD TO SECURE SENSITIVE CONTENT IN A URI - A system and method for transmitting data using a data transfer protocol, including receiving, at the first device, a request from the second device, the request containing a transformed identifier, determining an original identifier associated with the transformed identifier, retrieving a response object associated with the original identifier, the response object including one or more identifiers, transforming the response object by transforming each identifier contained in the response object, and sending the transformed response object to the second device. | 01-21-2016 |
20160026581 | DETECTION OF UNAUTHORIZED MEMORY MODIFICATION AND ACCESS USING TRANSACTIONAL MEMORY - Technologies for detecting unauthorized memory accesses include a computing device having transactional memory support. The computing device executes a code segment identified as suspicious and detects a transactional abort during execution of the code segment. The computing device may execute a security support thread concurrently with the code segment that reads one or more monitored memory locations. A transactional abort may be caused by a read of the security support thread conflicting with a write from the code segment. The computing device may set a breakpoint within the code segment, and a transactional abort may be caused by execution of the code segment reaching the breakpoint. An abort handler determines whether a security event has occurred and reports the security event. The abort handler may determine whether the security event has occurred based on the cause of the transactional abort. Other embodiments are described and claimed. | 01-28-2016 |
20160026785 | INTEGRATED PHYSICAL AND LOGICAL SECURITY MANAGEMENT VIA A PORTABLE DEVICE - Integrated physical and logical security management is extended to a mobile device, such as a portable wireless device or radio. The Mobile-IMPACT solution extends the reach of authorized users to handheld devices for monitoring, managing and/or controlling of IT/network and physical security. Allowing authorized users to view and control access events while not in their office and logged into their console, mobility within and outside of a facility or campus organization no longer requires a laptop computer. With new handheld technologies more widely accessible and dropping in price while still gaining additional functionality, a chief security officer and their security staff can now monitor access to their building/doors/control zones, look-up user and card information, trigger queries/reports, set new alarm conditions and monitor sensors or a perimeter from a handheld device anywhere in the world using an electronic communication medium, such as a PDA, cell phone, radio, or the like. | 01-28-2016 |
20160026800 | STATEFUL DATA GEOFENCING - An apparatus includes a boundary module that determines if a mobile device is within a secure area. The mobile device includes a computing device capable of connecting to a wireless network. The apparatus includes a download module that downloads a latest version of a file from a secure server to the mobile device in response to the boundary module determining that the mobile device has entered the secure area. The apparatus includes a copy module that copies the file from the mobile device to the secure server in response to the boundary module determining that the mobile device has left the secure area and a deletion module that deletes the file from the mobile device in response to the boundary module determining that the mobile device has left the secure area and in response to the copy module completing copying the file from the mobile device to the secure server. | 01-28-2016 |
20160026801 | METHOD AND SYSTEM PROVIDING MUTLI-LEVEL SECURITY TO GATE LEVEL INFORMATION FLOW - A preferred method for providing multi-level security to a gate level information flow receives or specifies a security lattice having more than two security levels. The security lattice defines how security levels relate to each other. A hardware design implementing information flows including flows having security levels specified by the security lattice is received. Logic is created for testing the hardware design in view of the security lattice. A logic function is created based upon the hardware design and the logic for testing to implement the security lattice. Another method receives a hardware design in a hardware description language. At least a portion of the hardware design is synthesized to gate level primitives. Functional component tracking logic supporting more than two-security levels is built from the gate level primitives. Functional components in the hardware design are simulated with the functional component tracking logic. | 01-28-2016 |
20160026824 | SECURITY AGAINST MEMORY REPLAY ATTACKS IN COMPUTING SYSTEMS - A method of providing security for data stored in external memory in a computing system comprises storing a reference updatable hash value for each protected window of the external memory. Each reference value is stored in internal memory of the computing system. The method further comprises continually generating a current hash value for each protected window and comparing each current hash value to its corresponding reference hash value. | 01-28-2016 |
20160026825 | Secure Data Processing Method and Use in Biometry - The invention relates to a processing method, including the calculation of one function between a datum to be compared and a reference datum. The function can be written in the form of a sum of: a term that depends on the datum to be compared, a term that depends on the reference datum, and a polynomial, such that all the monomials of the polynomial include at least one coordinate of each datum. The method includes an initialization step including: generating masking data; scrambling reference data by means of a server unit on the basis of said masking data; and calculating, by means of a client unit, the term of the function that depends on the datum to be compared. The method also includes steps for executing the calculation of the function between the datum to be compared and the reference datum, indexed by an index c, during which: the client unit sends the coordinates of the datum to be compared to a secure component, which returns said datum, in a masked form, to said component; the client unit retrieves, from the server unit, the reference datum, indexed by the index c and scrambled by the masking data; and on the basis of the data obtained from the secure component and the server unit, the client unit calculates the sum of the term of the function that depends solely on the reference datum and the polynomial term and adds, to said sum, the term that depends on the datum to be compared, such as to obtain the result of the function. | 01-28-2016 |
20160028732 | SEARCH ENGINE WITH PRIVACY PROTECTION - A search engine system with privacy protection, including a data indexer configured to create an index of data, a search engine configured to search the index of the data in response to a query, and create a search result set including excerpts from the data, and a privacy protector configured to identify at least one data entity within at least one excerpt of the search result set that meets at least one predefined entity extraction criterion, redact the search result set by removing the data entity from the excerpt, and present the redacted search result set on a computer output device. | 01-28-2016 |
20160028742 | CONDITION CHECKING FOR PAGE INTEGRATION OF THIRD PARTY SERVICES - A widget generator may be configured to provide, to a browser application, a widget that is executable to be rendered in conjunction with a page rendered by the browser application. A protection manager may be configured to provide, to the browser application and in conjunction with the widget, a protection script that is executable within a page context of the page and separate from a widget context of the widget. The protection script, during execution, validates a condition associated with a frame of the page that is used to render the widget, and enables functionality of the widget within the page, based on validation of the condition. | 01-28-2016 |
20160028743 | WEB PAGE INTEGRITY VALIDATION - An aspect identifier of an integrity validation script may be provided to a browser application, that, during execution thereof by the browser application when rendering a page, identifies a document object model (DOM) aspect of a DOM of the page. A copy generator of the integrity validation script may be provided to the browser application that, during execution thereof by the browser application when rendering the page, generates a copy of the identified DOM aspect. The integrity validation script is configured to test an integrity of the DOM based on attempted deletion of the identified DOM aspect, while maintaining the identified DOM aspect through the copy thereof. | 01-28-2016 |
20160034692 | AUTOMATED CONTACT LIST MATCHING WITH IMPROVED PRIVACY - A method and system for matching a first plurality of private data sets with a second plurality of data sets stored on a server-based communication system. A method including the steps of a) the server computer computing ( | 02-04-2016 |
20160034704 | METHOD OF MODIFYING IMAGE INCLUDING PHOTOGRAPHING RESTRICTED ELEMENT, AND DEVICE AND SYSTEM FOR PERFORMING THE METHOD - Provided is a user device including: a storage configured to store data; and a controller configured to recognize a person included in an image captured by the user device or received by the user device from an external source, and change a part of the image corresponding to the recognized person to be unrecognizable in response to a degree of closeness between the recognized person and a user of the user device being lower than a predetermined level based on the data stored in the storage. | 02-04-2016 |
20160034705 | STOCHASTIC PRIVACY - A stochastic privacy service provider may provide users with a guaranteed upper bound on a probability that personal data will be accessed while enabling the services to collect data that can be used to enhance its services. Users may receive incentives to become participants in a stochastic privacy program. The stochastic privacy provider may employ one or more probabilistic and decision-theoretic methods to determine which participants' personal data should be sought while guaranteeing that the probability of personal data being accessed is smaller than the mutually agreed upon probability of access. The probability of access may be on a per time basis. The stochastic privacy provider mayaccess coalescenses of the personal data of sets of multiple people, where a maximum probability is given for accessing statistical summaries of personal data computed from groups of people that are of at least some guaranteed size. | 02-04-2016 |
20160036815 | Regulating Communication of Audio Data From a Client Device Based on a Privacy Setting Stored by the Client Device - A client device stores a user-specified privacy setting regulating communication of information associated with audio data captured by the client device to an external entity. When the client device captures audio data, the client device determines whether the user-specified privacy setting authorizes communication of data associated with the captured audio data to an external entity. The privacy setting may identify specific external entities to which data may be communicated, specify characteristics of captured audio data authorized to be transmitted, or generally specify whether communication of data associated with captured audio data is authorized or prevented. | 02-04-2016 |
20160036820 | DEVICE MANAGEMENT APPARATUS THAT NOTIFY UNAUTHORIZED USE OF ELECTRONIC DEVICE DURING DISCONNECTION TIME PERIOD OF ELECTRONIC DEVICE FROM NETWORK, RECORDING MEDIUM AND DEVICE MANAGEMENT METHOD - A device management apparatus for notifying unauthorized use of an electronic device includes a connection status detecting circuit, a usage log acquiring circuit, and a notification circuit. The connection status detecting circuit detects a connection status of the electronic device to a network. The usage log acquiring circuit acquires a usage log of the electronic device. The notification circuit notifies an unauthorized use of the electronic device. The notification circuit notifies the unauthorized use if the usage logs acquired by the usage log acquiring circuit before and after a time period of disconnection of the electronic device from the network are varied, a reconnection of the electronic device to the network being detected by the connection status detecting circuit. | 02-04-2016 |
20160036828 | SECURE TWO-DIMENSIONAL BARCODES - The disclosed invention provides ways to prevent a user of mobile device from being deceived into disclosing sensitive personal information from scanning a machine-readable two-dimensional barcode that contains a URI. | 02-04-2016 |
20160041784 | PERFORMING AUTHORIZATION CONTROL IN A CLOUD STORAGE SYSTEM - A method, apparatus and computer program product for performing authorization control in a cloud storage system. The method comprises: receiving an access request to a file block, wherein the file block is embedded with tag data comprising at least file block authorization information; retrieving the file block; extracting the file block authorization information from the tag data; determining whether the access request matches the file block authorization information; and performing the access request if the access request matches the file block authorization information. Effective authorization control may be performed in a cloud storage system. | 02-11-2016 |
20160042183 | GENERATING IDENTIFIER - There are described methods and apparatus for generating an identifier of a computer device, which may also be an identifier of a software application installed on the computer device such as a web browser. Parameters of the computer device are collected, extended with dummy values, and reordered, to form a permuted extended set of parameters, which in turn is used to generate the identifier. | 02-11-2016 |
20160042184 | LOGGING IN SECURE ENCLAVES - Embodiments of an invention for logging in secure enclaves are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive an instruction having an associated enclave page cache address. The execution unit is to execute the instruction without causing a virtual machine exit, wherein execution of the instruction includes logging the instruction and the associated enclave page cache address. | 02-11-2016 |
20160042185 | INFORMATION PROCESSING APPARATUS, STORAGE MEDIUM, AND INFORMATION PROCESSING METHOD - To provide an information processing apparatus and a display control program that each determine a risk level of data owned by the apparatus based on information obtained from plural sensors included in the apparatus, an information processing apparatus | 02-11-2016 |
20160042193 | Steganography Detection - Systems and methods for detecting potential steganography use to hide content in computer files transmitted via electronic communications are provided. An electronic communication associated with a computer file may be identified. The communication and the computer file may be analyzed to determine whether the computer file potentially includes hidden content. To determine whether the computer file potentially includes hidden content, a set of steganographic criteria may be analyzed. If at least a portion of the steganographic criteria are satisfied, then it may be determined that the computer file potentially includes hidden content. If at least a portion of the steganographic criteria are not satisfied, then it may be determined that the computer file does not potentially include hidden content. If the computer file is determined to potentially include hidden content, an individual may be notified of the communication associated with the computer file. | 02-11-2016 |
20160042201 | INFORMATION PROCESSING DEVICE - A non-secure display area and a secure display area are set on a screen of a display section of a touch panel TP. A non-secure input area and a secure input area are set on a detection surface of a touch input detector of the touch panel TP. In settlement processing, in a display area where the non-secure display area and the secure display area are overlapped, amount information is displayed. A message for urging authentication information input and a PIN pad are displayed in the secure display area. An operator can safely input PIN information to secure the input area through the PIN pad displayed in the secure display area. Even when the secure portion and the non-secure portion are present together, the settlement terminal device can secure the security of input authentication information or the like to suppress the operator's mistake or incorrect operation. | 02-11-2016 |
20160048687 | DOCUMENT TAMPER DETECTION - A computer implemented method for identifying tampering of an electronic document, the method comprising the steps of: generating a document digest for the document, the document having associated one or more modification records and the document digest being a copulative digest based on & digest of each of the modification records; receiving a modified version of the document from a document modifier, the modified version of the document having associated one or sore additional modification records; generating a new document digest for the modified document, the new document digest being a cumulative digest based on a digest of each of the modification records and the additional modification records; generating a validation digest, the validation digest being a cumulative digest based on the document digest and a digest of each of the additional modification records; comparing the new document digest and the validation digest to determine if the modified version of the document has been tampered with. | 02-18-2016 |
20160048697 | Enveloping and de-enveloping for Digital Photos via Wavefront Muxing - Data photo files with digital envelops may be used for many new applications for cloud computing. The new applications include games and entertainments featuring additional privacy and survivability on data storage and transport on cloud computing. Wavefront multiplexing/demultiplexing process (WF muxing/demuxing) embodying an architecture that utilizes multi-dimensional waveforms has found applications in data storage and transport on cloud. Multiple data sets are preprocessed by WF muxing before stored/transported. WF muxed data is aggregated data from multiple data sets that have been “customized processed” and disassembled into any scalable number of sets of processed data, with each set being stored on a storage site. The original data is reassembled via WF demuxing after retrieving a lesser but scalable number of WF muxed data sets. A customized set of WF muxing on multiple digital files as inputs including at least a data message file and a selected digital envelop file, is configured to guarantee at least one of the multiple outputs comprising a weighted sum of all inputs with an appearance to human natural sensors substantially identical to the appearance of the selected digital envelop in a same image, video or audio format. The output file is a file with enveloped or embedded messages. The embedded message may be reconstituted by a corresponding WF demuxing processor at destination with the known a priori information of the original digital envelope. In short, digital enveloping/de-enveloping can be implemented via WF muxing and demuxing formulations. WF muxed data featured enhanced privacy and redundancy in data transport and storage on cloud. On the other hand, data enveloping is an application in an opposite direction for WF muxing applications as far as redundancy is concerned. Enveloped data are intended only for limited receivers who has access to associated digital envelope data files with enhanced privacy for no or minimized redundancy. | 02-18-2016 |
20160048703 | SECURING INTEGRITY AND CONSISTENCY OF A CLOUD STORAGE SERVICE WITH EFFICIENT CLIENT OPERATIONS - A method for providing integrity and consistency of a cloud storage service to a group of mutually trusted clients may be provided. The cloud storage service may offer a set of operations, such as read, write, update, delete in respect to stored data to the clients, whereby each client only executes its own client operations when consuming one of the set of operations of the cloud storage service, and wherein each client detects data correctness of the cloud storage service based on a protocol providing fork-linearizablity. | 02-18-2016 |
20160048706 | METHOD AND DEVICE FOR SECURE VIEWING ON A SCREEN OF AN ELECTRONIC TERMINAL, AND CORRESPONDING TERMINAL - A method for secure viewing on a screen of an electronic terminal includes determining a mode of operation, secured or open, of the terminal; and modifying the displaying of at least one indicator representing the mode of operation of the terminal. The displaying modification is controlled by at least one secure processor of the terminal and takes into account at least one predetermined action of the user on the terminal and/or of an expiration of at least one predetermined time limit. | 02-18-2016 |
20160050183 | METHOD AND APPARATUS FOR PROVIDING PRIVACY ADAPTATION BASED ON RECEIVER CONTEXT - An approach is provided for determining a communication session established between at least one first device of at least one first user and at least one second device of at least one second user, wherein the at least one first device and the at least one second device are in a collaborative context detection relationship. The privacy platform causes, at least in part, a detection of a presence of at least one third user within a proximity threshold of the at least one first device, the at least one second device, the at least one first user, the at least one second user, or a combination thereof, wherein the detection is performed via the collaborative context detection relationship. The privacy platform also determines one or more modifications to one or more privacy profiles for information exchanged over the communication session based, at least in part, on the detection of the presence of the at least one third user. | 02-18-2016 |
20160055342 | DEVICE AND METHODS TO CONTROL INFORMATION OUTPUTTING ON COMPUTING DEVICE - A computing device and method are provided for exchanging signals therewith being configurable between different outputting control modes. An outputting control mode selection is input via a graphical interface. Instructions enable the outputting of information to a data file in the memory when the information is either not designated or is designated as ‘Displayable’ or ‘Not-Displayable’ in a first mode; disable the outputting of information to a data file in the memory when the information is designated as ‘Not-Displayable’ and to enable the outputting of information to a data file in the memory when information is not designated ‘Not-Displayable’ in a second mode; and disable the outputting of information to a data file in the memory when the information is not designated as ‘Not-Displayable’ and to enable the outputting of information to a data file in the memory when the information is designated as ‘Not-Displayable’ in a third mode. | 02-25-2016 |
20160055345 | AUTOMATIC MEDIATION OF RESOURCE ACCESS IN MOBILE APPLICATIONS - The subject disclosure is directed towards automated, static analysis-based program code processing that detects unprotected resource accesses by applications, that is, those that do not provide proper opt-in consent dialogs (prompts). In one aspect, consent prompt code is automatically inserted into the program code to protect such unprotected access points. Also described are program representation graph construction and processing, a dominator node-based approach to determine placement points for inserting consent prompt code, and a backward search-based approach for inserting consent prompt code. | 02-25-2016 |
20160055353 | SYSTEM INCLUDING A PORTABLE STORAGE DEVICE EQUIPPED WITH A USER PROXIMITY DETECTOR AND METHOD OF PREVENTING THE LOSS THEREOF - A portable storage system. The portable storage system comprises a portable storage device having a flash memory element and a loss-prevention unit. The portable storage system further comprises Master and Slave proximity elements. One of the proximity elements is physically connected with the portable storage device, while the other is physically connected with the loss-prevention unit. The Master proximity element is configured to wirelessly determine the presence of the Slave proximity element within a predefined range. | 02-25-2016 |
20160057143 | FAMILIAR DYNAMIC HUMAN CHALLENGE RESPONSE TEST CONTENT - Embodiments of the invention are directed to human challenge response test delivery systems and methods. Specifically, embodiments of the present invention are directed to secure human challenge response test delivery services of configurable difficulty for user devices. One embodiment of the present invention is directed to methods and systems for implementing a familiar and dynamic human challenge response test challenge repository created from transaction data. The dynamic human challenge response test challenge repository may be created by a server computer receiving a plurality of transaction data. Challenge items may be extracted from the transaction data using an extraction algorithm. Furthermore, in some embodiments a challenge message may be sent to a requestor, a verification request may be received, and the verification request may be compared to the challenge message. Another embodiment may be directed at using user information in a human challenge response test to mutually authenticate a user and a service provider. | 02-25-2016 |
20160062816 | DETECTION OF OUTAGE IN CLOUD BASED SERVICE USING USAGE DATA BASED ERROR SIGNALS - Outage detection in a cloud based service is provided using usage data based error signals. Usage data is collected from component of the cloud based service or client devices of the cloud based service based on customer actions on the cloud based service. The usage data is aggregated and normalized to generate an error signal from errors generated from a component of the cloud based service. An outage is detected from the error signal. An alert that includes information associated with the outage and one or more customers impacted by the outage is generated. | 03-03-2016 |
20160063218 | SYSTEMS AND METHODS FOR HANDLING FRAUDULENT USES OF BRANDS - The disclosed computer-implemented method for handling fraudulent uses of brands may include (1) enabling a subscriber of a brand-protection service to select an action to perform when a fraudulent use of a brand is detected in Internet traffic that is transmitted via any of a plurality of Internet-traffic chokepoints that are managed by the brand-protection service, (2) monitoring, at each of the plurality of Internet-traffic chokepoints, Internet traffic for fraudulent uses of brands, (3) detecting, while monitoring the Internet traffic, the fraudulent use of the brand, and (4) performing the action in response to detecting the fraudulent use of the brand. Various other methods, systems, and computer-readable media are also disclosed. | 03-03-2016 |
20160063221 | More External Storage of Medical Device Program Design Parameters - Many electronic medical devices include program design features that direct the operation of the device. The program design features of most electronic medical devices reside in the device itself and therefore are easily discovered by reverse engineering. In most cases, however, these features can be introduced into the device from an external source for only so long as necessary for each operation of the device, thereby making the reverse engineering of these features more difficult (or even impossible) and preserving a greater degree of design secrecy. | 03-03-2016 |
20160063261 | Launching A Secure Kernel In A Multiprocessor System - In one embodiment of the present invention, a method includes verifying a master processor of a system; validating a trusted agent with the master processor if the master processor is verified; and launching the trusted agent on a plurality of processors of the system if the trusted agent is validated. After execution of such a trusted agent, a secure kernel may then be launched, in certain embodiments. The system may be a multiprocessor server system having a partially or fully connected topology with arbitrary point-to-point interconnects, for example. | 03-03-2016 |
20160063263 | DATA STORAGE SYSTEM WITH INFORMATION SECURITY PROTECTION - A data storage system with information security protection includes an SSD and at least one activation device selectively connected to the SSD. The SSD has a device identifier, and includes a data storage unit and a controlling and processing unit. The controlling and processing unit is in information connection with the data storage unit, and is written with at least one set of firmware data that is triggered and activated by an activation key to execute a predetermined task on the data storage unit. The activation device includes a data processing unit which is written with the activation key in advance, and has a pairing mode and an enabling mode. In the pairing mode, the data processing unit accesses and stores the device identifier. In the enabling mode, the data processing unit compares the stored device identifier to output the activation key to the controlling and processing unit. | 03-03-2016 |
20160063269 | Outsourcing Document-Transformation Tasks while Protecting Sensitive Information - An outsourcing environment is described herein by which an outsourcing entity may delegate document-transformation tasks to at least one worker entity, while preventing the worker entity from gaining knowledge of sensitive items that may be contained within a non-obfuscated original document (NOD). In one example, the environment may transform the NOD into an obfuscated original document (OOD) by removing sensitive items from the NOD. The worker entity may perform formatting and/or other document-transformation tasks on the OOD, without gaining knowledge of the sensitive items in the NOD, to produce an obfuscated transformed document (OTD). The environment may then allow for the outsourcing entity to view a content-restored version of the OTD. | 03-03-2016 |
20160066179 | REDUCED RESOLUTION LOCATION DETERMINATION FOR IMPROVED ANONYMITY OF USER LOCATION - Reduced resolution location determination for improved anonymity of a user location is disclosed. In some implementations, a first location of a computing device operating in a geographic area is determined. A population density of the geographic area is estimated. A grid overlay is generated, including a number of cells based on the estimated population density. Using the grid overlay, a second location is generated for the computing device that is less precise than the first location. The less precise second location can be used in a local search or other application to improve the anonymity of the user location. | 03-03-2016 |
20160070891 | LICENSING USING A NODE LOCKED VIRTUAL MACHINE - A method of licensing software to a particular instance of a virtual machine that is being run as part of an Active Directory domain. Since a virtual machine is a simulation of a physical machine, i.e. a computer, it can easily be cloned to produce an exact duplicate. This poses a problem when it is desired to license an instance of software for use only on a particular virtual machine. The technology disclosed allows for software to be licensed for execution only on a particular instance of a virtual machine that is being run as part of an Active Directory domain. | 03-10-2016 |
20160070892 | SYSTEM AND METHOD FOR CREATING, PROCESSING, AND DISTRIBUTING IMAGES THAT SERVE AS PORTALS ENABLING COMMUNICATION WITH PERSONS WHO HAVE INTERACTED WITH THE IMAGES - A system and method for processing, storage, distribution, and interaction with electronic images created or captured by mobile devices having network communications capabilities, such as smartphones, allows a user whose image-displaying device includes enhanced viewer software to use an image displayed on the image-displaying device as a portal for communication with others who have interacted with the image, including authors and facilitators of the image. Watermarking and security measures are provided to enable source and content verification of a displayed image so that user morphing of imagery can be tracked to maintain stability of image-based interaction and so that malicious imagery tamper can be prevented. | 03-10-2016 |
20160070917 | TOKENIZATION OF STRUCTURED DATA - Structured data, such as email addresses, social security numbers, and the like is accessed for encoding. A set of encoding rules including one or more encoding actions and/or encoding components corresponding to each of one or more structured data components is accessed. The set of encoding rules can include one or more encoding actions and/or one or more encoding components corresponding to each of one or more structured data components. Encoding actions can include tokenization, encryption, data masking, data modification, and the like. The one or more components of the structured data are encoded based on the accessed set of encoding rules. The encoded structured data is stored, processed, or outputted to an external entity. | 03-10-2016 |
20160070929 | TRUSTED COMPUTING HOST - A trusted computing host is described that provides various security computations and other functions in a distributed multitenant and/or virtualized computing environment. The trusted host computing device can communicate with one or more host computing devices that host virtual machines to provide a number of security-related functions, including but not limited to boot firmware measurement, cryptographic key management, remote attestation, as well as security and forensics management. The trusted computing host maintains an isolated partition for each host computing device in the environment and communicates with peripheral cards on host computing devices in order to provide one or more security functions. | 03-10-2016 |
20160073177 | METHOD FOR BUILDING AND TRANSMITTING A WATERMARKED CONTENT, AND METHOD FOR DETECTING A WATERMARK OF SAID CONTENT - The present invention concerns a method for building a watermarked content for sending to at least one user unit having a user unit identifier, the watermarked content comprising a first series of packets, at least some from the first series of packets being available in at least two different qualities, wherein said method comprises the steps of:
| 03-10-2016 |
20160078198 | DIGITAL RIGHTS MANAGEMENT WITH IRREGULAR NETWORK ACCESS - There is a performing of digital rights management (DRM), operable in an offline mode with respect to a communications network. The performing includes identifying a stored rights object associated with a stored asset. The stored rights object includes reporting duration information associated with the stored asset. The performing also includes determining, utilizing a processor, whether a transmission of an early status message is a successful communication based on an early status message determination. If a failure in communicating the early status message is determined, utilizing the stored asset. The performing may also include transmitting an early status message and/or later status message after identifying the stored rights object. There is also a performing of digital rights management (DRM) associated with a DRM system and operable in an offline mode with respect to a communications network. There are also client devices, communicating systems, computer readable mediums and protocols. | 03-17-2016 |
20160078216 | AUTHENTICATION MECHANISM - A computer-implemented method for preventing password leakage into a non-password field includes detecting that a user of an electronic device has entered a character in a non-password field appearing on a display associated with the electronic device. The character is echoed to at least the display, and stored to provide a stored character string. The stored character string is compared to a set of valid entries for the non-password field, when length of the stored character string reaches a predetermined threshold value. An alert is transmitted when the stored character string fails to match at least a substring of an element of the set of valid entries for the non-password field. | 03-17-2016 |
20160078246 | Notification of Blocking Tasks - A computing device may be configured to generate and execute a task that includes one or more blocking constructs that each encapsulate a blocking activity and a notification handler corresponding to each blocking activity. The computing device may launch the task, execute one or more of the blocking constructs, register the corresponding notification handler for the blocking activity that will be executed next with the runtime system, perform the blocking activity encapsulated by the blocking construct to request information from an external resource, cause the task to enter a blocked state while it waits for a response from the external resource, receive an unblocking notification from an external entity, and invoke the registered notification handler to cause the task to exit the blocked state and/or perform clean up operations to exit/terminate the task gracefully. | 03-17-2016 |
20160078249 | ENHANCED PRIVACY FOR PROVISION OF COMPUTER VISION - Methods, apparatuses and storage medium associated with providing enhanced privacy during usage of computer vision are disclosed. In embodiments, an apparatus may include one or more privacy indicators to indicate one or more privacy conditions of the apparatus in association with provision of computer vision on the apparatus. The apparatus may further include a privacy engine coupled with the one or more privacy indicators, and configured to pre-process images from an image source of the apparatus associated with the provision of computer vision to the apparatus, to increase privacy for a user of the apparatus, and to control the one or more privacy indicators. In embodiments, the apparatus may include means for blanking out one or more pixels with depth values identified as greater than a threshold. Other embodiments may be described and claimed. | 03-17-2016 |
20160078253 | DEVICE HAVING A SECURITY MODULE - A device securely accesses data in a memory via an addressing unit which provides a memory interface for interfacing to a memory, a core interface for interfacing to a core processor and a first and second security interface. The device includes a security processor HSM for performing at least one security operation on the data and a remapping unit MMAP. The remapping unit enables the security processor to be accessed by the core processor via the first security interface and to access the memory device via the second security interface according to a remapping structure for making accessible processed data based on memory data. The device provides a clear view on encrypted memory data without requiring system memory for storing the clear data. | 03-17-2016 |
20160085971 | SYSTEM AND METHOD FOR TOKENIZATION OF DATA FOR PRIVACY - The present invention describes a system and method for tokenization of data. The system includes a receiver configured to receive a request for tokenization. The request for tokenization comprises an input data to be tokenized. The system also includes a parser configured to determine one or more datatype from the input data. The system further includes a trained artificial neural network to generate a token for the input data based on a tokenization technique corresponding to the datatype of the input data. | 03-24-2016 |
20160085982 | SYSTEM AND METHOD FOR REAL-TIME TRANSACTIONAL DATA OBFUSCATION - A system and method for providing transactional data privacy while maintaining data usability, including the use of different obfuscation functions for different data types to securely obfuscate the data, in real-time, while maintaining its statistical characteristics. In accordance with an embodiment, the system comprises an obfuscation process that captures data while it is being received in the form of data changes at a first or source system, selects one or more obfuscation techniques to be used with the data according to the type of data captured, and obfuscates the data, using the selected one or more obfuscation techniques, to create an obfuscated data, for use in generating a trail file containing the obfuscated data, or applying the data changes to a target or second system. | 03-24-2016 |
20160085989 | Device, System, and Method of Enhancing User Privacy and Security Within a Location-Based Virtual Social Networking Context - A hosted virtual social network includes a plurality of users that each have a digital profile. The users are each within a predetermined distance of a venue. The users communicate with other users of the virtual social network via their respective mobile computing devices. The users include a first user and a second user. From a mobile computing device of the first user, a request is received to make a digital profile of the first user appear invisible on a mobile computing device of the second user. In response to this request the digital profile of the first user is hidden from the mobile computing device of the second user. The hiding is performed without notifying the second user and without affecting a display of the digital profile of the first user on mobile computing devices of remaining users of the plurality of users of the virtual social network. | 03-24-2016 |
20160085994 | ENDORSEMENT OF UNMODIFIED PHOTOGRAPHS USING WATERMARKS - A method, device and system of a watermarking server authenticates a user in a watermarking application of a mobile device as the user of a trusted third-party communication platform. The method determines whether a photograph is captured using a front camera or a back camera of the mobile device. The method assigns a unique identifier to the photograph so that the photograph is referenceable using the unique identifier, in case of post-modification by at least one of the user and other users of the trusted third-party communication platform. The method generates a watermark applicable to the photograph, and generates a trusted image based on the photograph by appending the watermark and the unique identifier to the photograph using a processor and a memory of the watermarking server. The method automatically posts the trusted image to the trusted third-party communication platform. | 03-24-2016 |
20160092663 | DIGITAL RIGHTS MANAGEMENT WITH IRREGULAR NETWORK ACCESS - There is a performing of digital rights management (DRM), operable in an offline mode with respect to a communications network. The performing includes identifying a stored rights object associated with a stored asset. The stored rights object includes reporting duration information associated with the stored asset. The performing also includes determining, utilizing a processor, whether a transmission of an early status message is a successful communication based on an early status message determination. If a failure in communicating the early status message is determined, utilizing the stored asset. The performing may also include transmitting an early status message and/or later status message after identifying the stored rights object. There is also a performing of digital rights management (DRM) associated with a DRM system and operable in an offline mode with respect to a communications network. There are also client devices, communicating systems, computer readable mediums and protocols. | 03-31-2016 |
20160092696 | Remote Server Encrypted Data Provisioning System and Methods - Embodiments of the invention are directed to methods, systems and devices for providing sensitive user data to a mobile device using an encryption key. For example, a mobile application on a mobile device may receive encrypted sensitive user data from a mobile application server, where the user sensitive data is encrypted with a key from a token server computer. The mobile application may then request that the encrypted payment information be sent to the token server. The mobile device may then receive a payment token associated with the payment information from the token server. | 03-31-2016 |
20160092697 | PLATFORM IDENTITY ARCHITECTURE WITH A TEMPORARY PSEUDONYMOUS IDENTITY - In an example, a client-server platform identity architecture is disclosed. The platform identity architecture may be used to enable a venue operator to provide online services and to collect telemetry data and metrics while giving end users greater control over privacy. When entering a compatible venue, the user's device generates a signed temporary pseudonymous identity (TPI) in secure hardware or software. Any telemetry uploaded to the venue server includes the signature so that the server can verify that the data are valid. The TPI may have a built-in expiry. The venue server may thus receive useful tracking data during the term of the TPI, while the user is assured that the data are not kept permanently or correlated to personally-identifying information. | 03-31-2016 |
20160092698 | Tokenization Column Replacement - A tokenization system includes a vector table and one or more token tables. The tokenization system accesses sensitive data and a vector from a vector table column, and modifies the sensitive data based on the accessed vector. The tokenization system then queries the one or more token tables using a portion of the modified data to identify a token mapped to the portion of the modified data. The portion of the modified data is replaced with the token to create tokenized data. The vector table can be updated by replacing a vector table column with an updated vector table column. The tokenization system can modify subsequent data using the updated vector column prior to tokenization. | 03-31-2016 |
20160092699 | PRIVACY-PRESERVING COOKIES FOR PERSONALIZATION WITHOUT USER TRACKING - The privacy-preserving cookie generator implementations described herein create a privacy-preserving data structure (also called a privacy-preserving cookie herein) that is used to provide personalization for online services without user tracking. In some implementations the privacy-preserving cookie generator encodes a user profile (for example, based on a user's online activity) into a data structure that has naturally occurring noise and that efficiently supports noise addition. In one implementation a Bloom filter is used to create the encoded profile. Additional noise is injected into the encoded profile to create an obfuscated user profile in the form of a privacy-preserving data structure. The privacy-preserving data structure or cookie can be attached to an online service request and sent over a network to an online service provider which can use it fulfill the services request, providing a somewhat personalized result while the user's privacy is maintained. | 03-31-2016 |
20160098566 | PROVIDING APPLICATION PRIVACY INFORMATION - A system includes a data processing device, a memory, identifications of applications, and a privacy indication module. Each identification of the application has associated therewith a privacy indicator that indicating a degree of expected privacy of each of the corresponding applications. The privacy indication module is configured to control the data processing device to set each of the privacy indicators of each of the identifications of the applications and to provide at least one of the privacy indicators to control publication of information corresponding to at least one of the applications. | 04-07-2016 |
20160098567 | METHOD, ELECTRONIC DEVICE, AND NON-TRANSITORY COMPUTER READABLE RECORDING MEDIA FOR IDENTIFYING CONFIDENTIAL DATA - A method, an electronic device, and a non-transitory computer readable recording medium for identifying confidential data are provided. The electronic device determines whether a data has special formats by a format feature representing the special format. Then the electronic device further determines whether the special format of the data is the confidential data by confidential factors representing the special format to be the confidential data. Therefore, the method, the electronic device, and the non-transitory computer readable recording medium for identifying confidential data can correctly provide the confidential degree for the data having many confidential descriptions but few numbers and can identify the confidential data having the special format, thereby preventing the data leakage. | 04-07-2016 |
20160098578 | SYSTEM AND METHOD FOR PERSISTENT DATA INTEGRITY IN DOCUMENT COMMUNICATION - A system, method, and computer readable medium for verifying data integrity of documents involves adding a machine-readable stamp on a document generated by a device of a first user. The machine-readable stamp allows another user which receives a copy of the document to use another device to verify the integrity of data in the copy. | 04-07-2016 |
20160104000 | METHODS AND SYSTEMS FOR SECURE ACQUISITION AND TRANSMISSION OF IMAGE - Methods and systems allow secure acquisition and transmission of images by a mobile communication device. The method includes acquiring an image by the mobile device and allocating volatile memory space in the mobile device for a defined session. The image may be acquired by a digital camera built in the mobile device. The method includes digitally storing the acquired image in the allocated volatile memory space. The method includes encrypting and transmitting the stored image using a secure transmission protocol during the session. The method includes de-allocating the volatile memory space at the termination of the session. The de-allocation of the volatile memory space may cause the digitally stored image to be erased from the volatile memory space. Thus, the stored image is not persistently retained by the mobile device. | 04-14-2016 |
20160105399 | Systems and Methods for Cloaking Communications - The present invention relates to systems and methods for cloaking communications. Specifically, the present invention relates to systems and methods for thwarting the viewing or tracking of communications between parties on the Internet or other network. More specifically, the systems and methods of the present invention hide the destination caller's Internet Protocol (“IP”) address and prevent others from viewing or tracking the same. In addition, the systems and methods of the present invention obfuscates the addresses associated with the IP server. | 04-14-2016 |
20160105797 | CLOAKING WITH FOOTPRINTS TO PROVIDE LOCATION PRIVACY PROTECTION IN LOCATION-BASED SERVICES - A method for using a location-based service while preserving anonymity includes receiving a location associated with a mobile node, receiving an anonymity level associated with the mobile node, computing a region containing the location of the mobile node and a number of footprints based on the anonymity level, wherein each of the footprints from a different user, and providing the region to a location-based service to thereby preserve anonymity of the mobile node. A method also allow a mobile device or its user to specify the anonymity level by selecting a public region consistent with a user's feelings towards desired privacy. | 04-14-2016 |
20160110561 | TERMINAL AND METHOD FOR HIDING AND PROTECTING DATA INFORMATION - The present invention provides a terminal which includes an an information collection unit configured to acquire subsidiary information added to a current image by a user and collect authentication information relating to the user according to an information hiding command received by the current image, an information processing unit configured to execute the following steps: eliminating the subsidiary information on the current image, and embedding the subsidiary information and the authentication information into a file of the current image from which the subsidiary information is eliminated in a related manner, or eliminating a display identifier of the subsidiary information on the current image, and embedding the subsidiary information, the display identifier, and the authentication information into the file of the current image from which the display identifier is eliminated from in a related manner. The present invention further provides a method for hiding and protecting data information. | 04-21-2016 |
20160112431 | METHOD AND APPARATUS FOR PRIVACY POLICY MANAGEMENT - Various methods are provided for determining run-time characteristics of an application at the time of installation and/or modification. Based on the determined run time characteristics, various methods control the installation and/or modification of the application based on a user privacy profile. One example method may comprise receiving a request to modify an application. A method may further comprise determining whether a conflict is present between the application and a user privacy profile. A method may further comprise causing the determined conflict and at least one conflict resolution to be displayed in an instance in which a conflict is determined. A method additionally comprises causing a user privacy profile to be modified in an instance in which an indication of acceptance is received in response to the displayed at least one conflict resolution. | 04-21-2016 |
20160112435 | SYSTEMS AND METHODS FOR FILE LOADING - The application describes systems and methods for preventing the distribution of large volumes of electronic data by loading selected sensitive files with pad data to increase the size of the files such that file transfer, distribution, or downloading to removable media storage devices is more cumbersome. In one aspect, a file loading system comprises a datastore for storing a plurality of data files where each of the plurality of data files includes information and a processor arranged to: access the plurality of data files in the datastore, and load a data pad into one or more of the plurality of data files to increase the size of the one or more of the plurality of data files. | 04-21-2016 |
20160117488 | CONTROLLED APPLICATION DISTRIBUTION - An application sender can control the distribution and use of an application using an authorization token encapsulating distribution terms submitted by the application sender and the application license specification submitted by a developer of the application. The application sender can access an application store and perform various functions such as selecting one or more applications for use by an application receiver, combining one or more applications into a bundle for use by an application receiver, and/or combining several applications to form a new application for use by an application receiver. The application receiver can utilize the application in accordance with the authorization token generated by the distribution terms. | 04-28-2016 |
20160117509 | METHOD AND SYSTEM FOR KEEPING DATA SECURE - The present disclosure provides a method and system for keeping data secure. The method includes: acquiring at least one audio signal and assigning the segment to an audio frame having a predetermined size; partitioning the data to be kept into a plurality of portions with a maximum capable bit the data kept in each of the sampled points; | 04-28-2016 |
20160117512 | COMPUTING SYSTEM WITH INFORMATION PRIVACY MECHANISM AND METHOD OF OPERATION THEREOF - A computing system includes: a control unit configured to: obtain an information release setting for a raw user information, the raw user information including an information attribute; determine an information format for the information attribute of the raw user information; determine a privacy notion based on the information release setting; generate perturbed user information from the information attribute based on the privacy notion, wherein the information format for the raw user information is preserved in the perturbed user information; and a communication unit, coupled to the control unit, configured to transmit the perturbed user information. | 04-28-2016 |
20160117520 | METHOD AND SYSTEM FOR SHARING CONTENT FILES USING A COMPUTER SYSTEM AND DATA NETWORK - A method and system of distributing files among devices is described. The method and system permits users and authors to create customized channels for filtering the automatic distribution of content. Each content item can have an associated plurality of tags, and each user's device can define a channel as a set of tag values. The channel definition and filtering may also be used to control, restrict or monitor distribution of content through the system. | 04-28-2016 |
20160117526 | INFORMATION PROCESSING DEVICE, METHOD FOR VERIFYING ANONYMITY AND METHOD - The present invention provides an information processing device that enables a reduction in the processing cost of verifying anonymity during anonymization when multi-dimensional data is the subject of anonymization. The information processing device is provided with: a unit which generates information indicating the correspondence between a record contained in a data set and a class specifying a unique combination of quasi-identifier attribute values; a unit which verifies the anonymity of each record on the basis of the class thereof indicated in the information; and a unit which, on the basis of the results of verifying the anonymity, updates the information in a manner such that whether or not the record satisfies the anonymity can be identified and outputs the record-class correspondence information. | 04-28-2016 |
20160119364 | SYSTEMS AND METHODS FOR DYNAMICALLY SELECTING MODEL THRESHOLDS FOR IDENTIFYING ILLEGITIMATE ACCOUNTS - Systems, methods, and non-transitory computer-readable media can determine a plurality of model scores for a set of accounts. Each model score in the plurality of model scores can be associated with at least one account in the set of accounts. The plurality of model scores can be ranked in descending order. One or more metrics can be determined for each model score in the plurality of model scores based on information about the at least one account associated with each model score. Specified criteria for selecting a model threshold utilized in identifying illegitimate accounts can be acquired. The specified criteria can be based on at least some of the one or more metrics. The model threshold can be selected as corresponding to a lowest ranked model score that satisfies the specified criteria. It is contemplated that there can be many variations and/or other possibilities. | 04-28-2016 |
20160125172 | AUTOMATIC GENERATION OF LICENSE TERMS FOR SERVICE APPLICATION MARKETPLACES - A processor stores information associated with one or more programming modules, including one or more license terms associated with the one or more programming modules. The processor receives an input indicating a set of programming modules selected from the one or more programming modules, based on the information which is stored. The processor compares the one or more license terms associated with the set of programming modules. In response to determining a conflict between the one or more license terms of the set of programming modules, the processor applies a set of rules to resolve the conflict between the one or more license terms of the set of programming modules, and the processor composes a composite license for the set of programming modules, based on the one or more license terms of the set of programming modules and the set of rules applied to resolve the conflict. | 05-05-2016 |
20160125191 | SELF-REMOVAL OF ENTERPRISE APP DATA - Self-removal of enterprise application data (e.g., managed application data) is disclosed. It may be determined that a data removal condition has been satisfied. Based at least in part on the determination, data removal information may be generated for a plurality of applications including a managed set of mobile applications. The data removal information may be provided to at least a first application included in the plurality of applications. The first application may provide the data removal information to a data storage location accessible to at least a second application upon a data removal-related event. | 05-05-2016 |
20160125202 | Method for operating a control device - A method for operating a control device having a system-on-a-chip having a processor unit and a security processor unit, the processor unit and the security processor unit each having at least one processor core, the processor unit instructing the security processor unit to execute security-critical processes, a priority being assigned, by the processor unit or by the security processor unit, to each of the security-critical processes that are to be executed in the security processor unit, and the security-critical processes being executed in the security processor unit as a function of the respective priority. | 05-05-2016 |
20160127322 | MASKING DATA WITHIN JSON-TYPE DOCUMENTS - A method comprising using at least one hardware processor for: receiving input from a user with respect to masking of a data element in one or more documents of a java script object notation (JSON) type, wherein the input comprises: an identifier of the data element, and one or more constraints for masking the data element based on the hierarchy of the one or more documents of the JSON-type; and generating a masking rule for the one or more documents of the JSON-type based on the input. | 05-05-2016 |
20160132683 | Confidential Content Display in Flexible Display Devices - Confidential content within a file is masked for display on a flexible display device. A legend relating the masking to the confidential content is displayed in a hidden area created by bending the flexible display device. The flexible display device monitors secondary users and their gaze towards the flexible display device and the hidden area to determine if unauthorized secondary users can see the display and hidden area of the flexible display device. | 05-12-2016 |
20160132697 | Multi-Tier Storage Based on Data Anonymization - Examples disclosed herein relate to a multi-tier storage based on data anonymization. A processor may store data in a first data tier. The processor may anonymize the data according to a first anonymization level and store the anonymized data in a second data tier. The processor may associate a first user with the first data tier and associate a second user with the second data tier. | 05-12-2016 |
20160134645 | IDENTIFYING AN IMPOSTER ACCOUNT IN A SOCIAL NETWORK - A method for identifying an imposter account in a social network includes a monitoring engine to monitor user accounts of a social network, an identifying engine to identify attributes associated with each of the user accounts of the social network, a matching engine to match the attributes associated with each of the user accounts of the social network, a determining engine to determine when one of the user accounts is an imposter account associated with identity theft of a victim account, a calculating engine to calculate a threshold, and an executing engine to execute an action against the identity theft of the victim account by the imposter account. | 05-12-2016 |
20160140339 | METHOD AND APPARATUS FOR ASSEMBLING COMPONENT IN ROUTER - A method and apparatus for assembling a component in a router are provided. The router includes at least one reconfigurable component, the at least one reconfigurable component has a unique function, the method includes: obtaining attribute information of the at least one reconfigurable component in the router, wherein the attribute information comprises information on an importance and/or a using frequency of the at least one reconfigurable component in the router; coding the at least one reconfigurable component based on Huffman Coding to generate a Huffman code according to the attribute information of the at least one reconfigurable component; selecting the at least one reconfigurable component, and assembling the selected reconfigurable component to realize a routing function and to form an assembly code; and generating a routing paradigm table according to a user security requirement and the assembly code, such that the router performs the routing function according to the routing paradigm table. | 05-19-2016 |
20160140346 | DATA CONCEALMENT APPARATUS AND METHOD USING AN ERROR CORRECTION CODE - Disclosed are a data concealment apparatus and a data concealment method using an Error Correction Code. According to exemplary embodiments of the present invention, it is possible to prevent important information from being easily exposed to a third person by generating encoding data through convolution encoding of input data and thereafter, concealing the encoding data on an image through adjustment of a pixel value on the image and minimize an error which can occur at the time of recovering the input data by extracting the encoding data from the image in a soft decision scheme and performing Viterbi-decoding on the extracted encoding data in order to recover the input data concealed in the image. | 05-19-2016 |
20160140348 | SYSTEM AND METHOD FOR MATCHING DATA SETS WHILE MAINTAINING PRIVACY OF EACH DATA SET - A system and method that allows two parties to find common records in their data sets without having to actually share the data sets with each other or a third party. Two primitives, perfect hash functions and public key cryptography, are combined in a unique way to obtain a secure and efficient private matching solution. Since the data that is exchanged is always encrypted during the match process, neither party reveals its data to the other party. This solution enables two parties to match sensitive data such as PII (Personally Identifiable Information) or PHI (Protected Health Information) without having to disclose the data to other or to any third party. One or both of the parties only learn of matching records without learning any information about the records that do not match. | 05-19-2016 |
20160140351 | VALIDATING USER CONTROL OVER CONTACT INFORMATION IN A DOMAIN NAME REGISTRATION DATABASE - An example embodiment of a method and system of validating a user's control over contact information may comprise at least one server computer receiving contact information for a user and determining whether the contact information for the user is valid. If the contact information for the user is determined to be valid, the server computer(s) may store the contact information in a registered contacts database, monitor a plurality of record updates, including a request to register a domain name, in a domain name registration database for the contact information and determine whether the contact information appears in the record updates. If the contact information is determined to appear in the record updates, the server computer(s) may notify the user that the contact information appears in the record updates. In some embodiments, the registration of the domain name may be declined if the information matches. | 05-19-2016 |
20160140352 | COMMUNICATING DATA BETWEEN CLIENT DEVICES USING A HYBRID CONNECTION HAVING A REGULAR COMMUNICATIONS PATHWAY AND A HIGHLY CONFIDENTIAL COMMUNICATIONS PATHWAY - A technique communicates data between a first client device and a second client device. The technique involves establishing a regular communications pathway from the first client device to the second client device through a communications server, and establishing a highly confidential communications pathway from the first client device to the second client device. The highly confidential communications pathway circumvents the communications server. The technique further involves, after the regular communications pathway and the highly confidential communications pathway are established, conveying highly sensitive information from the first client device to the second client device only through the highly confidential communications pathway to avoid exposing the highly sensitive data to the communications server through the regular communications pathway. | 05-19-2016 |
20160140359 | SYSTEM AND METHOD FOR DISTRIBUTED COMPUTATION USING HETEROGENEOUS COMPUTING NODES - This disclosure relates generally to the use of distributed system for computation, and more particularly, relates to a method and system for optimizing computation and communication resource while preserving security in the distributed device for computation. In one embodiment, a system and method of utilizing plurality of constrained edge devices for distributed computation is disclosed. The system enables integration of the edge devices like residential gateways and smart phone into a grid of distributed computation. The edged devices with constrained bandwidth, energy, computation capabilities and combination thereof are optimized dynamically based on condition of communication network. The system further enables scheduling and segregation of data, to be analyzed, between the edge devices. The system may further be configured to preserve privacy associated with the data while sharing the data between the plurality of devices during computation. | 05-19-2016 |
20160140361 | METHODS FOR ANTI-FRAUD MASKING OF A UNIVERSAL RESOURCE INDENTIFIER ("URI') - Methods may display a URI of a resource. Methods may determine the presence of a non-public data element in the URI. Methods may generate a random number in response to the determination of the presence of the non-public data element. Methods may compute a resultant number based on the exclusive or of the random number and the non-public data element. Methods may substitute the resultant number for the non-public data element in the URI. Methods may transmit the URI and the random number to a server. Methods may receive a resource from the server, in response to the transmission of the URI and the random number to the server. Methods may compute the non-public data element using the random number and the resultant number. Methods may substitute the non-public data element for the resultant number in the URI. Methods may re-determine the URI of the resource. | 05-19-2016 |
20160142377 | COMMUNICATION APPARATUS, CONTROL METHOD, AND NON-TRANSITORY COMPUTER-READABLE STORAGE MEDIUM - A communication apparatus which performs communication in a wireless LAN by operating as a base station or a terminal station of the wireless LAN determines, if currently connected to the wireless LAN as the terminal station when receiving the connection request from a first another apparatus, whether to cause the first another apparatus to connect to the currently connected wireless LAN. Then, the communication unit communicates with the first another apparatus via a second another apparatus which operates as the base station in the currently connected wireless LAN when determining to cause the first another apparatus to connect to the currently connected wireless LAN, and communicates with the first another apparatus not via the second another apparatus when determining not to cause the first another apparatus to connect to the currently connected wireless LAN. | 05-19-2016 |
20160142378 | REACHING ANONYMIZATION SERVICE LEVELS THROUGH ADDED TRANSACTIONS - Methods, apparatuses, systems, and computer-readable media for an anonymization service level improvement system (“ALI”) are described. One or more transactions may be generated by a system to be transmitted outside of a secure area. The ALI may anonymize these transactions and anonymization may be measured by reference to one or more anonymization metrics, including, but not limited to, k-anonymity, 1-diversity, and t-closeness. The ALI may be configured to determine current values for the metrics and whether current anonymization is sufficient to provide a pre-determined service level. If the service level is not sufficient, then the ALI may generate fake anonymized transactions to be output to satisfy the pre-determined service levels of the one or more anonymization metrics. Results may be received which may include valid and invalid results. The ALI may remove the invalid results before returning the valid results to the system. Other embodiments may be described and/or claimed. | 05-19-2016 |
20160147980 | MAINTENANCE SERVER, MAINTENANCE METHOD, NON-TRANSITORY COMPUTER-READABLE STORAGE MEDIUM IN WHICH MAINTENANCE PROGRAM IS STORED, AND MANAGEMENT SERVER - A license management server manages a license to perform a service of remote maintenance related to one or more image forming apparatuses installed in a customer's site. The maintenance server includes a maintenance unit and a history management unit. If the license management server notified of expiration of an expiration date of the license defined by a contract, the maintenance unit stores history information acquired from the one or more image forming apparatuses corresponding to the expired license into a storage unit, and stops the service. If the license management server notified of grant of the license by a re-contract, the history management unit obtains the history information about the one or more image forming apparatuses corresponding to the granted license from the storage unit, and passes the obtained history information to the maintenance unit. By using the passed history information, the maintenance unit resumes the service. | 05-26-2016 |
20160147994 | METHOD AND APPARATUS FOR DISPLAYING INFORMATION - A terminal device for securely displaying information is provided. The terminal device includes a monitoring module configured to monitor a distance between the terminal device and a designated device, a determining module configured to determine whether the distance is less than a preset distance, and a displaying module configured to display the information if the determining module determines that the distance is less than the present distance. | 05-26-2016 |
20160148009 | QUICK USAGE CONTROL - One or more elements on a computing device can be selected and locked from use. For example, a first user (e.g., adult) of a computing device can allow a second user (e.g., child) to use the former's device; however, the first user might not want the second user to have access to all of the elements on the device, and so the first user can select which elements he/she wants to share with the second user and which elements he/she does not want to share. For example, the first user can select elements and choose to lock the selected elements, lock all other elements, lock the selected elements for a certain period of time, or lock the selected elements but allow for earned usage, etc. The lock can be removed in response to an unlock event, which can comprise a user-initiated unlock, a timed unlock, or a user-earned locked. | 05-26-2016 |
20160148019 | SECURE IMAGE PROCESSING - Various embodiments herein each include at least one of systems, methods, devices, and software for secure image processing. In particular, the secure image processing may be performed with regard to images, such as image frames of a video stream, from a camera to obscure, either via image modification, encryption, and discarding image frames, to prevent, limit, or secure viewing of sensitive information that may be included within images. One such embodiment includes receiving an image of an image flow from a scanner, such as a product scanner, and determining whether a sensitive item is present in the image. When a sensitive item is determined to be present in the image, such embodiments perform a security action with regard to the image prior to passing the image in the image flow from the scanner. | 05-26-2016 |
20160154966 | Hiding Information in Noise | 06-02-2016 |
20160154977 | TRANSMITTING MEDICAL DATASETS | 06-02-2016 |
20160154978 | METHOD OF RE-IDENTIFICATION RISK MEASUREMENT AND SUPPRESSION ON A LONGITUDINAL DATASET | 06-02-2016 |
20160162691 | SYMBOL STRING MATCHING MECHANISM - A two-stage, very fast symbol string matching mechanism measures the similarity of content between data sources, allowing for efficient detection and evaluation of exact as well as inexact matches. The disclosed approach pairs complementary encoding technique comprising a first fast lookup that identifies regions of possible similarity, and a second, more computationally intensive analysis that evaluates metrics of similarity and delimits copy boundaries. The original content remains private (encrypted) during processing. | 06-09-2016 |
20160162692 | Determining Whether a Data Storage Is Encrypted - A method, program and/or system reads a file through a first path from a data storage to obtain a first data. The file is read through a second path from the data storage to obtain a second data. The first data is compared to the second data. When the first data matches the second data, the file is determined not to be encrypted in the data storage. When the first data does not match the second data, the file is determined to be encrypted in the data storage. | 06-09-2016 |
20160162696 | Camouflaged Communication Device - A transmission system is used in a method of transmitting a camouflaged transmission of signals by generating an underlying transmission comprising a plasma transmission discharge constituting background noise having a first amplitude and generating an embedded transmission of signals within the underlying transmission. | 06-09-2016 |
20160162706 | METHOD FOR PROCESSING GEOLOCATION DATA - The present invention relates to a method for processing geolocation data, including the implementation, by means for processing data from a server, of the steps of: (a) transmitting a geolocation request to a mobile terminal including geolocation means; (b) receiving geolocation data from the mobile terminal; (c) associating said geolocation data with a unique identifier, itself associated with the mobile terminal, in a database stored in data storage means; (d) receiving a geolocation request transmitted by an application server, the request including said unique identifier associated with the mobile terminal; (e) generating and sending, to the application server, a response to the request depending on the geolocation data associated with the unique identifier in said data base, and on the rules associated with the application server. | 06-09-2016 |
20160164812 | DETECTION OF FALSE MESSAGE IN SOCIAL MEDIA - Communications in social networking environment are monitored and patterns of sharing a communication are identified. The patterns of sharing are compared to one or more criteria. A first probability of false information in the communication is determined. Responsive to determining the first probability of false information in the communication exceeding a first threshold, an additional validation of the communication is performed. A second probability that the communication contains false information is determined based on the additional validation. Responsive to determining that the second probability indicative of the communication containing false information exceeds a second threshold, an action to reduce dissemination of the communication may be performed. | 06-09-2016 |
20160165437 | ANONYMIZING LOCATION INFORMATION OF A MOBILE DEVICE - Anonymizing location information of a mobile device by an anonymization provider. The anonymizing provider receives, from the mobile device, location information identifying the location of the mobile device and an anonymity requirement. The anonymization provider selects an obfuscation value indicating an extent of location obfuscation that satisfies the received anonymity requirement. The extent of location obfuscation determines location boundaries within which a generated obfuscated location will reside. The anonymization provider generates an obfuscated location for the mobile device and sends the obfuscated location to the mobile device. | 06-09-2016 |
20160171205 | INTEGRITY FOR SECURITY AUDIT LOGS | 06-16-2016 |
20160171219 | PROTECTING PRIVACY WITH SECURE DIGITAL SIGNAGE IN VEHICLE REGISTRATION PLATES | 06-16-2016 |
20160171220 | DISPLAY CONTROL METHOD AND APPARATUS AND DISPLAY DEVICE COMPRISING SAME | 06-16-2016 |
20160171225 | DETERMINING PRIVACY GRANULARITY | 06-16-2016 |
20160171241 | APPARATUSES, SYSTEMS, METHODS, AND COMPUTER READABLE MEDIA FOR PROVIDING SECURE FILE-DELETION FUNCTIONALITY | 06-16-2016 |
20160171246 | CODE INTEGRITY PROTECTION BY COMPUTING TARGET ADDRESSES FROM CHECKSUMS | 06-16-2016 |
20160173499 | RECOMMENDATION SCHEMA FOR STORING DATA IN A SHARED DATA STORAGE NETWORK | 06-16-2016 |
20160173503 | Controlling Incoming Data Processing Requests | 06-16-2016 |
20160180063 | LICENSING IN THE CLOUD | 06-23-2016 |
20160180101 | DATA SECURITY UTILIZING DISASSEMBLED DATA STRUCTURES | 06-23-2016 |
20160180109 | CONVERGED MECHANISM FOR PROTECTING DATA | 06-23-2016 |
20160180112 | SYSTEM AND METHOD FOR PRIVACY-AWARE INFORMATION EXTRACTION AND VALIDATION | 06-23-2016 |
20160180117 | ELECTRONIC DATA SECURITY APPARATUS | 06-23-2016 |
20160188886 | Systems and Methods To Obfuscate Market Data on a Trading Device - Systems and methods to obfuscate market data on a trading device are disclosed. An example method includes receiving market data related to a tradable object at a first computing device, generating, by the first computing device, a trading interface to present the market data to a trader and reconfiguring the trading interface from a first mode to a second mode in response to a privacy command supplied by the trader via the first computing device. The first computing device is to obfuscate the market data presented by the trading interface when in the second mode. The example method includes receiving, by a second computing device, the obfuscated market data in response to the privacy command and generating, by the second computing device, a private interface to present the obfuscated market data to the trader in response to the privacy command. | 06-30-2016 |
20160188892 | Authentication system of synchronizing instant timestamp and a method thereof - The present invention is related to an authentication system of synchronizing instant timestamp issued by a digital timestamp device and a method thereof. The digital timestamp device provides an instant machine time, and the provider end uses the digital timestamp device to stamp an instant digital timestamp on a digital content. Meanwhile, the provider end records the position of the digital content whereon the digital timestamp is stamped as a stamp position, and store the digital content, the instant digital timestamp, the stamp position, and the network location information together as a reliable digital content. The receiver end can retrieve the reliable digital content from a third party end or connect to the provider end to confirm whether the reliable digital content has the identical instant digital timestamp and stamp position to ensure the authenticity of the received reliable digital content. | 06-30-2016 |
20160188906 | PROCESSORS, METHODS, SYSTEMS, AND INSTRUCTIONS TO CHANGE ADDRESSES OF PAGES OF SECURE ENCLAVES - A processor of an aspect includes a decode unit to decode a user-level instruction. The user-level instruction is to indicate a page of a secure enclave and is to indicate a linear address. An execution logic is coupled with the decode unit. The execution logic is operable, in response to the user-level instruction, to change an initial linear address of the page of the secure enclave. The initial linear address is to be stored in an enclave page storage metadata unit. The initial linear address is to be changed by the execution logic to the linear address that is to be indicated by the user-level instruction. The change to the linear address is performed without contents of the page of the secure enclave being lost. | 06-30-2016 |
20160188909 | TRUSTED COMPUTING - A trusted computing device (TCD) includes an isolated environment, host interface, secure interface, and program instructions. The environment includes an isolated environment processor (IEP), memory (secure and non-secure partition), and an auxiliary processor (AP). Memory and AP are connected for data communication with the IEP, and communicate with a host only through the IEP. The host interface and each secure interface are connected for data communication with the IEP. The instructions provision TCD for cryptographic operations via a secure interface; present a first file system partition comprising a write file and a read file with file creation/deletion privileges allocated only to the IEP at the host interface via the IEP; present a non-secured file system partition with access to the non-secure partition via the host interface via the IEP; receive, via the write file, requests to perform trusted computing; perform requested computing using the IEP, secure memory, and AP; and write results to the read file. | 06-30-2016 |
20160191531 | METHOD FOR FILE SCRUBBING IN A SECURITY GATEWAY FOR THREAT PREVENTION - Methods and systems for blocking reception of digital content elements by devices are disclosed. These methods and systems comprise elements of hardware and software for, receiving an electronic communication including at least one digital document; determining the content type of the at least one digital document; based on the content type of the at least one digital document, modifying the digital content of the digital document so as to selectively disable functionality of the digital document; and, enabling the subsequent processing of the electronic communication including the at least one digital document with the modified digital content. | 06-30-2016 |
20160191537 | IMPLEMENTING USER-SPECIFIED TRANSACTION PARAMETERS FOR TRANSFERRING DIGITAL CONTENT ITEMS AMONGST USERS - A computing system and/or network environment in which users can transfer (or initiate transfer of) digital content items to other users in accordance with a variety of transaction parameters that are specified by the user. | 06-30-2016 |
20160196445 | LIMITING EXPOSURE TO COMPLIANCE AND RISK IN A CLOUD ENVIRONMENT | 07-07-2016 |
20160196448 | COMMENT PLUG-IN FOR THIRD PARTY SYSTEM | 07-07-2016 |
20160196450 | Systems, Methods, and Computer Program Products for Managing Secure Elements | 07-07-2016 |
20160196451 | MANAGING DATA ON COMPUTER AND TELECOMMUNICATIONS NETWORKS | 07-07-2016 |
20160196453 | DATA SECURING DEVICE, RECORDING MEDIUM, AND DATA SECURING METHOD | 07-07-2016 |
20160197885 | TECHNOLOGY-AGNOSTIC APPLICATION FOR HIGH CONFIDENCE EXCHANGE OF DATA BETWEEN AN ENTERPRISE AND THIRD PARTIES | 07-07-2016 |
20160197933 | SECURE PERSONAL SERVER SYSTEM AND METHOD | 07-07-2016 |
20160197954 | DEFENDING AGAINST FLOW ATTACKS | 07-07-2016 |
20160203314 | SEARCHING DATA USING PRE-PREPARED SEARCH DATA | 07-14-2016 |
20160203328 | SEMICONDUCTOR DEVICE | 07-14-2016 |
20160203336 | System, Apparatus and Method for Anonymizing Data Prior to Threat Detection Analysis | 07-14-2016 |
20160203344 | Electronic Device Protected against Tampering | 07-14-2016 |
20160205136 | DATA COLLECTION | 07-14-2016 |
20160253523 | Redundant Fail-Safe Synchronization in a Data Authentication Infrastructure | 09-01-2016 |
20160378957 | MULTIMEDIA DATA METHOD AND ELECTRONIC DEVICE - An information security method operable to be executed in an electronic device with modules, such as a calculating module, a first determining module, an extracting module, a logic operation module, and an adjusting module. The modules find out audio segments which are suitable for the concealing of copyright and other information by way of phase inversion of the original data as audio codecs are applied and build the concealable information into the data by way of a key. | 12-29-2016 |
20160378959 | INFORMATION PROCESSING APPARATUS, METHOD, AND STORAGE MEDIUM - When a license file holds license type information and the license type is “monthly”, a license management system can update expiration timing of the license even if the license is already used. | 12-29-2016 |
20160378999 | DYNAMIC CONTENT REDACTION - Dynamic content redaction though the generation of redaction schemas associated with document, image, media, or other data files is described. A redaction schema can include at least one range of content in a data file to be concealed for a user, a group of users, or operating parameters of various devices, for example. When the data file is opened for display on a device, the redaction schema can be parsed to identify whether masking objects should be added to a masking layer for overlay upon or above the content displayed. The masking layer can be generated based on the redaction schema, a user of the device, or operating parameters of the device, for example. Masking objects in the masking layer can conceal one or more ranges of the content in a data file from view or based on users or operating parameters of various devices. | 12-29-2016 |
20160379004 | SEMICONDUCTOR DEVICE - Provided are semiconductor devices. A semiconductor device includes processors performing an operation using data stored in a memory; and a memory protector dividing the memory into a first window area and a second window area. The first window area including a first fragment page, which is of a first size. The second window area including a second fragment page, which is of a second size, wherein the second size is smaller than the first size. The memory protector configured to protect the first fragment page and the second fragment page from being accessed by the processors. | 12-29-2016 |
20160379011 | ANONYMIZATION APPARATUS, AND PROGRAM - According to one embodiment, an anonymization apparatus according to an embodiment is configured to execute a determination process, a division process, and a process of recursively executing at least the determination process and the division process, and to thereafter execute anonymization. A number-of-kinds calculation circuit calculates a number of kinds of different attribute values for each of a plurality of attributes, before the determination process is executed. A determination circuit determines the attribute to be noticed, based on also the calculated number of kinds. A sort circuit sorts a plurality of personal data items, based on the calculated number of kinds, before the division process is executed. | 12-29-2016 |
20160380946 | MENTION IDENTIFICATION FOR UNTRUSTED CONTENT - In some embodiments of the invention a method provides for processing a mention in textual content being input to a content provider. The method can include detecting input by a user of the content provider of the mention and identifying a member of a mention provider such as a social network based on the mention while maintaining privacy of information about the member with respect to the content provider. In some embodiments a computer program product for processing the mention includes a computer readable storage medium having program instructions embodied therewith. In some embodiments of the invention, a system for processing the mention includes a computer system readable media with a program module embodied therewith to detect the mention in the textual content as provided to a content provider. A network adapter with the system can provide the program module or program modules over a network. | 12-29-2016 |
20160380978 | MENTION IDENTIFICATION FOR UNTRUSTED CONTENT - In some embodiments of the invention a method provides for processing a mention in textual content being input to a content provider. The method can include detecting input by a user of the content provider of the mention and identifying a member of a mention provider such as a social network based on the mention while maintaining privacy of information about the member with respect to the content provider. In some embodiments a computer program product for processing the mention includes a computer readable storage medium having program instructions embodied therewith. In some embodiments of the invention, a system for processing the mention includes a computer system readable media with a program module embodied therewith to detect the mention in the textual content as provided to a content provider. A network adapter with the system can provide the program module or program modules over a network. | 12-29-2016 |
20160381034 | MANAGING DATA PRIVACY AND INFORMATION SAFETY - Automatically screen data associated with a user that may have already been shared on a social network or about to be shared on the social network for a potential security risk and assign a risk score to the data. If the assigned risk score is above a threshold risk score, a risk mitigation measure is generated and executed. | 12-29-2016 |
20170235962 | Secure Electronic Keypad Entry | 08-17-2017 |
20170235974 | DIFFERENTIALLY PRIVATE LINEAR QUERIES ON HISTOGRAMS | 08-17-2017 |
20180025136 | APPARATUS FOR INFORMATION PROCESSING AND SYSTEM FOR INFORMATION PROCESSING | 01-25-2018 |
20180025181 | SYSTEM AND METHOD FOR VERIFYING DATA INTEGRITY USING A BLOCKCHAIN NETWORK | 01-25-2018 |
20180026991 | SOCIAL NETWORK PRIVACY AUDITOR | 01-25-2018 |
20190147142 | DIGITAL RIGHTS MANAGEMENT FOR ANONYMOUS DIGITAL CONTENT SHARING | 05-16-2019 |
20190147173 | INFORMATION SECURITY/PRIVACY VIA A DECOUPLED SECURITY ACCESSORY TO AN ALWAYS LISTENING ASSISTANT DEVICE | 05-16-2019 |
20190147175 | AUTOMATICALLY ENHANCING PRIVACY IN LIVE VIDEO STREAMING | 05-16-2019 |
20190147188 | HARDWARE PROTECTION FOR DIFFERENTIAL PRIVACY | 05-16-2019 |
20190147195 | MOBILE COMMUNICATION DEVICE BASED ON VIRTUAL MOBILE INFRASTRUCTURE AND RELATED INPUT METHOD SWITCHING METHOD THEREOF | 05-16-2019 |
20190149520 | OBSCURING INTERNET SEARCHES FROM EXTERNAL WEB SERVICE PROVIDERS | 05-16-2019 |
20190149522 | OBSCURING INTERNET SEARCHES FROM EXTERNAL WEB SERVICE PROVIDERS | 05-16-2019 |
20190149524 | PROVIDING ASSERTIONS REGARDING ENTITIES | 05-16-2019 |
20220138285 | Pairing Devices to Prevent Digital Content Misuse - A method for preventing digital content misuse can include detecting, by a client-side computing device, that the client-side computing device is paired to a viewing device such that, after being paired, the client-side computing device can cause digital content received from a remote server to be presented on a display of the viewing device; after detecting that the client-side computing device is paired to the viewing device, detecting, by the client-side computing device, that the client-side computing device has been unpaired from the viewing device; and in response to detecting that the client-side computing device has been unpaired from the viewing device, executing a remedial action. | 05-05-2022 |
20220138288 | COMPUTER-BASED SYSTEMS CONFIGURED FOR AUTOMATED COMPUTER SCRIPT ANALYSIS AND MALWARE DETECTION AND METHODS THEREOF - Systems and methods enable automated and scalable obfuscation detection in programming scripts, including processing devices that receive software programming scripts and a symbol set. The processing devices determine a frequency of each symbol and an average frequency of the symbols in the script text. The processing devices determine a normal score of each symbol based on the frequency of each symbol and the average frequency to create a symbol feature for each symbol including the normal score. The processing devices utilize an obfuscation machine learning model including a classifier for binary obfuscation classification to detect obfuscation in the script based on the symbol features. The processing devices cause to display an alert indicting an obfuscated software programming script on a screen of a computing device associated with an administrative user to recommend security analysis of the software programming script based on the binary obfuscation classification. | 05-05-2022 |
20220138289 | System for Interactive Matrix Manipulation Control of Streamed Data - An interactive streaming media and application service provider system can securely stream high resolution, multiple formats of video and data. Different data sets can be included in a single stream. A rights management system controls matrix manipulation and other aspects of user control of the data, including one or more of rendering in various different 2D, 3D, or other media formats, reconstruction and modeling, zooming, frame grab, print frame, parental controls, picture in picture, preventing unauthorized copying, adapting to different data transmission formats, adapting to different resolutions and screen sizes, and actively control functionality contained in embedded data, encryption/decryption. Control can be exerted by an external entity through a user-side virtual machine. Control codes can optionally be embedded in the media, embedded in the user's device, and/or sent separately to the device. | 05-05-2022 |
20220138303 | Certificate Management in a Technical Installation - A control system for a technical installation includes a certification body, first and second installation components, wherein the certification body issues/revokes certificates for the first and second installation components, where a certificate revocation list service receives from the certification body a certificate revocation list having certificates already revoked by the certification body and provides the certificate revocation list to the components, a certificate revocation list distribution service implemented on the first and second installation components receives the certificate revocation list from the certificate revocation list service and stores the certificate revocation list in a storage device of the respective installation component, and where the certificate revocation list distribution service of an installation component additionally in each case connects to the certificate revocation list distribution service on another installation component and receives the certificate revocation list from this certificate revocation list distribution service on the other component. | 05-05-2022 |
20220138338 | DATA REPLACEMENT APPARATUS, DATA REPLACEMENT METHOD, AND PROGRAM - A data replacement apparatus that can perform microaggregation of large-scale data at high speed using only a primary storage device of a small capacity. The data replacement apparatus includes an attribute value set retrieval unit that retrieves a grouped attribute value set into a primary storage device when a size of the grouped attribute value set is equal to or smaller than a predefined size and retrieves the grouped attribute value set into a secondary storage device when the size of the grouped attribute value set is larger than the predefined size. Further, there is a median computation unit that computes a median of the grouped attribute value set at the primary storage device or at the secondary storage device and a division determination unit that sets respective ones of the two attribute value sets formed by the division as new groups. | 05-05-2022 |
20220138344 | MANAGEMENT OF ACCESS TO DATA IN A DISTRIBUTED DATABASE - In some implementations, a distributed database management system may monitor data operations performed by a plurality of user devices, wherein the data operations are associated with a distributed database. The distributed database management system may detect that a user device is to perform a data operation associated with a data structure of the distributed database. The distributed database management system may determine identification information associated with the user device. The distributed database management system may generate, based on the data operation, evidence information associated with the data operation, wherein the evidence information includes the identification information. The distributed database management system may store the evidence information in an immutable data structure to record that the user device is associated with the data operation. The distributed database management system may enable the user device to perform the data operation after the evidence information is stored in the immutable data structure. | 05-05-2022 |
20220138345 | SYSTEM AND METHOD FOR RECOMMENDING SECURE TRANSFER MEASURES FOR PERSONAL IDENTIFIABLE INFORMATION IN INTEGRATION PROCESS DATA TRANSFERS - An information handling system operating a personal identifiable information (PII) recommendation system may comprise a GUI modelling with visual integration elements, an integration process flow for migrating field values comprising PII data, wherein the integration process applies a security measure to migration of PII data, a processor executing code instructions to generate a migrating field value term frequency vector describing a weighted frequency with which a metadata term for the migrating field value appears within a metadata for a migrating dataset comprising the migrating field value, input the term frequency vector into a trained neural network to determine the migrating field value includes PII data, label the migrating field value as PII data, such that the modeled integration process applies the security measure to the migrating field value, and a network interface device transmitting a set of connector code instructions for performing the modeled integration process for remote execution. | 05-05-2022 |
20220138346 | SYSTEMS AND METHODS FOR ADAPTIVE ELECTRONIC PRIVACY SCREEN BASED ON INFORMATION HANDLING SYSTEM CONTEXT - A method may include executing a privileged service on top of an operating system of an information handling system, the privileged service configured to: (i) configure a rules engine defining rules for selectively enabling and disabling an electronic privacy screen of a display device associated with the information handling system, the rules based on a configuration policy; (ii) in response to an event for triggering enabling or disabling of the electronic privacy screen, determine a context of the information handling system; (iii) based on the context and the rules engine, determine whether a threat level associated with the event is within a range for enabling the electronic privacy screen; and (iv) based on the threat level, cause communication of a control signal to the display device, the control signal indicative of whether to enable or disable the electronic privacy screen. | 05-05-2022 |
20220138755 | DETECTING UNAUTHORIZED DEVICES - A payment reader and a POS terminal may communicate over a wireless connection. The methods and systems include monitoring one or more parameters corresponding to a payment reader and another device in proximity to the payment reader. The first device, through a set of customized instructions, determines whether behavior of the second device substantially corresponds to the first device, in order to detect suspected hardware or software intrusion associated with the secure first device. On successful detection of a suspected intrusion, the first device generates an alert for a user of the first device if illegal intrusion is suspected by the processor. | 05-05-2022 |
20220141197 | INFORMATION PROCESSING METHOD, INFORMATION PROCESSING SYSTEM, AND INFORMATION PROCESSING APPARATUS - In a case where data is provided to a plurality of third parties, an embodiment of the present invention provides a method and the like for checking the consent and disclosure history of disclosure to the third parties while also reducing the disadvantages from a data leak. An information processing method according to an embodiment of the present invention includes writing, to a blockchain, a consent record indicating a consent with respect to the handling of data and a related party related to the consent or the data. In the case where executing the handling in the consent record would allow the data to be usable by a third party that is neither the executing party executing the handling nor the related party, the consent record is written such that the identifier is changed to a different identifier uniquely corresponding to the third party. | 05-05-2022 |
20220141234 | Ontology Mapping System - An article of manufacture includes a non-transitory medium including machine-readable instructions. The instructions are to be read and executed by a processor. The instructions, when read and executed by the processor, to cause the processor to receive a malware analysis of a malware from a computer security source and receive other malware analyses. Each other malware analysis is of another malware from another computer security source. The instructions may further cause the processor to perform a fuzzy matching algorithm to quantify a similarity of the malware analyses, determine that the malware is a same malware as other malware based upon results of the fuzzy matching algorithm, and later take a same corrective action for malware based upon a receipt of the malware analysis. | 05-05-2022 |