Entries |
Document | Title | Date |
20080209575 | License Management in a Privacy Preserving Information Distribution System - A system and method for transferring licenses from a first user to one or several other users in an information distribution system, while providing privacy for said users. The level of privacy is enhanced by the license format and the use of a master license, an anonymous license and by the inclusion of a revocation lists in the certificate corresponding to a license. | 08-28-2008 |
20080209576 | PREVENTION OF SOFTWARE PIRACY USING UNIQUE INTERNAL INTELLIGENCE WITH EVERY SOFTWARE APPLICATION COPY - Each copy of a software package utilizing this invention would contain unique self knowledge, the method of interpreting the self knowledge being based upon the self knowledge contents itself, using one or more internal characters, strings of characters and tables of one or more characters meant for self-recognition, that are in themselves unique to each and every copy of a software application product that employs this invention, along with dynamically created actuation codes that would work only for the intended unique copy of the said software package. | 08-28-2008 |
20080209577 | Method of Controlled Access to Content - A method of controlled access to content, comprising joining an access sharing network, obtaining a content item from the access sharing network which requires access control data to enable playback, obtaining the access control data, determining from the access control data that a particular other device is authorized to play back the content item, and enabling playback of the content item in accordance with the access control data upon a positive determination that said other device is a member of said access sharing network. Preferably the access control data is used also during a predetermined period of time after making a determination that said other device has ceased to be a member of the access sharing network. Also a device (101) configured to carry out the method. | 08-28-2008 |
20080229431 | System and Method to Manage Device Access in a Software Partition - A system and method to manage device access in a software partition are provided. The illustrative embodiments provide a mechanism for exporting resources/devices from an administrator partition to a software partition in its purview. A trusted device list data structure is provided that identifies which devices are permitted to be exported into a software partition from an administrative partition. This trusted device list data structure also identifies which of the devices in the list of devices should be exported by default when exporting devices to a software partition, i.e. if no overrides are specified. In addition, a user-specifiable mechanism to override the entries in the trusted device list data structure is provided. For security purposes, this mechanism may not be used to export devices not listed in the trusted device list data structure. The mechanism may also be used to prevent the exporting of devices which are exported by default. | 09-18-2008 |
20080235810 | Method of Authorizing Access to Content - A method of and source device ( | 09-25-2008 |
20080235811 | Method for Device Dependent Access Control for Device Independent Web Content - A method, an apparatus, and computer instructions are provided for device-dependent access control for device independent web content. In an illustrative embodiment, a module may be implemented in a computer program detects a client device and security level from a request for a resource by a client device. The module loads, from a data source or configuration file, a three-dimensional device dependent access control matrix, which includes a user role axis, a device axis, and a resource axis. Based on the security level of the device indicated by the device matrix, the module grants or denies access to the resource by the user device. The security levels may include security protocols implemented by different devices, encryption schemes implemented by different devices, and security patches applied by the same device. | 09-25-2008 |
20080256646 | Managing Digital Rights in a Member-Based Domain Architecture - Techniques enable seamless movement and consumption of licensed digital content amongst multiple devices. In some embodiments, these techniques allow establishment of a domain capable of having multiple member devices. Each member device of the domain typically comprises a content-consuming device such as a personal computer, a portable media player, or the like. These techniques enable a license associated with digital content to bind to a domain rather than an individual device. As such, each member device of the domain may contain a domain identity and, with the identity, may consume the content with use of the license and in accordance with policy described in the license. These tools may also enable a member device to join multiple domains and to contain an identification of each of these multiple domains. | 10-16-2008 |
20080263677 | Client Health Validation Using Historical Data - Implementations of client health validation using historical data are described. In one implementation, historical data on a client, such as a laptop, attempting to access a network is scanned. The historical data can come in many forms, including cookies and application data caches saved on the client. The historical data can be used to assess a health of the client. For example, if historical data stored in an application data cache indicates interactions between the client and a website known to disseminate malicious agents, the client can be assessed to have unacceptable health. Alternately, if the historical data indicates that the client has not interacted with enough suspicious sources to constitute a danger to the network, the client can be assessed to have acceptable health. In such a case, the client can be allowed to access the network. | 10-23-2008 |
20080271161 | Method and Apparatus for Transferring a Data Carrier of a First System to a Second System - A description is given of a method of transferring a first electronic data carrier ( | 10-30-2008 |
20080271162 | Software execution management apparatus, method, and computer-readable medium thereof - Even if the process for permitting execution of software is enabled in accordance with first license information, upon transmitting an invalidation signal from the invalidation signal transmitter | 10-30-2008 |
20080295182 | Distribution System of Contents Embedding License Machine ID | 11-27-2008 |
20090049559 | Informing recipient device of message content properties - According to an aspect of the invention, a content class of a data set for a message to be transmitted to the recipient device is defined. A network element transferring messages to the recipient device specifies at least one information element in a message to the recipient terminal such that the information element comprises an indication of the content class. The message is transmitted to the recipient device. | 02-19-2009 |
20090064346 | PROVIDING SERVICES TO A GUEST DEVICE IN A PERSONAL NETWORK - A method may include sending personal network connection information from a mobile device to a guest device; sending authentication credentials from the mobile device to the guest device; receiving the authentication credentials in the personal network from the guest device; authenticating the guest device based on the authentication credentials; and granting access to the guest device to content stored in the personal network for a guest session. | 03-05-2009 |
20090064347 | Protection Against Unauthorized Copying of Digital Medial Cotent - Protection against unauthorized copying of digital media content is achieved by receiving information from a client device related to its storing function used to store digital media content that is to be sent to the client device; and performing a procedure to protect against unauthorized copying of the digital media content if the client device is able to store the digital media content using its storing function. | 03-05-2009 |
20090083861 | Systems and Methods for Server Load Balancing Using Authentication, Authorization, and Accounting Protocols - Systems and methods for dynamically load-balancing clients across available servers without the need for a load balancer in front of a network are provided. Exemplary methods assign servers to clients in wireless and wireline networks based on server load. Methods and systems for using the authentication, authorization, and accounting (AAA) protocols to load-balance network servers are provided. The load-balancing systems and methods further include using the Diameter AAA protocol routing attribute value pairs (AVPs) to implement bootstrap functionality and load balancing. Methods and systems using the Diameter protocol to manage client assignments are disclosed. Methods and systems for dynamically load-balancing clients across available servers using an AAA protocol are further described. Methods and systems to redirect clients to available servers with the least load are disclosed. | 03-26-2009 |
20090089885 | RADIO FREQUENCY IDENTIFIERS FOR PROVIDING USER ACCESS TO COMPUTING RESOURCES - A system for controlling access to computing resources including an authentication device operatively associated with a computing device, the authentication device being configured to transmit an interrogation signal to a predetermined area. A computing device has at least one software application resides thereon. A wireless license device is configured to transmit license information to the authentication device in response to the interrogation signal and to allow the software application to run while the wireless license device is within the predetermined area and to prevent the software application from running when the wireless license device is not within the predetermined area. | 04-02-2009 |
20090100530 | Method And System For Using Location Information Acquired From GPS For Secure Authentication - Secure functions may be accessed via an authentication process utilizing a password that may be generated within a chip integrated on a device. The password may be unique per chip location, per challenge and/or per chip. The location of the chip may be determined based on GPS information and securely stored and securely communicated to an external entity. Two or more of the chip location, a generated random number sample and a key from a table of keys may be passed to a hash function that may generate a password. An external entity attempting access may be challenged to respond with a password that matches the password generated by the hash function. The response may be compared with the password generated by the hash function and access to one or more secure functions may be granted based on the comparison. | 04-16-2009 |
20090113559 | Stateless challenge-response protocol - A two-party stateless protocol by which a server receives a request from a client, transmits a tamper-resistant challenge to the client, receives a response to the challenge, and validates the response, where each of the challenge and the response contain a copy of the request. If the client responds correctly to the challenge and does not modify the request during the protocol, the server executes the request. | 04-30-2009 |
20090113560 | CONTENT PROCESSING DEVICE, SERVER DEVICE, COMMUNICATION METHOD, AND STORAGE MEDIUM CONTAINING COMPUTER PROGRAM | 04-30-2009 |
20090126027 | FILE ACCESSING AND RETRIEVAL USING SOFT DIGITAL RIGHTS MANAGEMENT TECHNOLOGY - The subject matter disclosed herein relates to a method and/or system for enabling access to computer file content using an open routine having a proprietary argument. | 05-14-2009 |
20090144835 | System, method and computer-readable medium for providing a unifed computer-mediated purchasing experience - A method, system and computer-readable medium are provided to enable in an electronic communications network comprising a client system, an order processing computer and a plurality of fulfillment systems, a method for processing purchase requests. The method may include (a.) providing a managed client with user interface and navigation on the client system to a user, the user interface enabling a user to place purchase requests via the client system; (b.) transmitting at least one purchase request from the client system to the order processing computer; and (c.) enabling the order processing computer to direct at least one fulfillment system to execute at least one aspect of the at least one purchase request. The at least one fulfillment system may authorize an execution of a software by the client system, authorize a webservice, and/or a download of data to the client system. | 06-04-2009 |
20090165147 | Control technique for object production rights - Methods for a control technique for object production rights include but are not limited to receiving at the duplication control system a digital rights management code, the digital rights management code associated with one or more object data files; generating an authorization status based on the digital rights management code; and configuring one or more manufacturing machines to operate as a function of the authorization status. | 06-25-2009 |
20090172823 | MANAGEMENT ENGINE SECURED INPUT - In some embodiments a controller controls an input device, receives input information from the input device, excludes a host processor from controlling the input device, and secures the input information received from the input device so that the input information is not received by the host processor or by any software running on the host processor. Other embodiments are described and claimed. | 07-02-2009 |
20090205052 | Coupling of a computer program or of data to a reference system and associated verification - The invention relates to a method of coupling a computer program and/or data to a reference system, implementation of the computer program and/or access to the data being carried out by executing software, a group of parameters being associated with the reference system. The method comprises the protection of a value V | 08-13-2009 |
20090235365 | DATA ACCESS SYSTEM - A data access system includes a host and a storage device. The host has a security setup function and includes a first identity code storage block to store a first identity code. The storage device has a security check function and includes a second identity code storage block. The host executes the security setup function to set a second identity code according to the first identity code, and the second identity code is stored into the second identity code storage block. The storage device executes the security check function to determine if the host is allowed to access the storage device according to the first and second identity codes. | 09-17-2009 |
20090265792 | Memory security override protection for manufacturability of information handling systems - Systems and methods are disclosed for providing memory security override protection for improved manufacturability of information handling systems. A security authentication system is added to a software driven security override signal for unlocking programmable memory circuitry, such as flash memory, according to security protection techniques associated with the Intel AMT (Active Management Technology) architecture. This security authentication system disclosed requires authentication of software security override requests before they are allowed. More particularly, the systems and methods disclosed add specific BIOS (Basic Input Output System) code to check the security override status and the software security override request signals on boots of the computer system to make sure these requests are not coming from rogue elements within the computer system. If the authentication is validated, then the programmable memory circuitry is unlocked on the next boot of the system to allow for reprogramming. | 10-22-2009 |
20090265793 | PREVENTING UNAUTHORIZED DISTRIBUTION OF MEDIA CONTENT WITHIN A GLOBAL NETWORK - One embodiment of the invention is a method for providing media content while preventing its unauthorized distribution. The method includes transmitting from a client to an administrative node a request for delivery of an instance of media content (IMC); determining which content source (CS) of a plurality of CSs to provide delivery of the IMC, provided the client is authorized to receive the IMC; transmitting to the client an access key and a location of the IMC; transmitting from the client to the CS a second request and the access key; in response to receiving the second request and the access key, transferring the IMC from the CS to the client; transmitting from the client to the administrative node an indicator indicating a successful transfer of the IMC; and generating a transaction applicable to the client and associated with the transfer of the IMC to the client. | 10-22-2009 |
20090271873 | METHOD AND SYSTEM FOR DISPLAYING A SEQUENCE OF MEDIA FILES - A server connected to a network may receive a media file and divide the media file into one or more display files according to the number of display components in the media file. The display files may be stored in a media storage library on the server. An image display sequence including an order list of one or more selected display files stored in the media storage library may be generated. The server may authenticate a display client configured for viewing a sequence of images on the server and transmit to the display client a pointer to the image in the sequence of images to present. | 10-29-2009 |
20090313704 | CONTENT MANAGEMENT METHODS AND SYSTEMS - Content management methods and systems are provided. First, a UID of a component of a device is read. The UID may be performed with an operation or not. Then, it is determined whether or not the UID matches with a predefined identification attached to the content. When the UID matches with the predefined identification, the content in the device is allowed to be accessed. | 12-17-2009 |
20090320143 | SENSOR INTERFACE - A sensor application programming interface (API) is capable of restricting an application's access to sensor data measured by a sensor, while at the same time providing access to sensor properties of the sensor, even if access has not been granted to the application for the sensor. | 12-24-2009 |
20090320144 | Method and system for transferring protected content - There is provided a method of transferring a protected content, in which the method comprises receiving from a first player the protected content via a transmission medium calculating usage rights associated with the protected content to confirm receipt from the first player of some or all of the usage rights associated with the protected content making available the protected content for distribution to a second player, and transmitting the protected content to the second player. The method also includes confirming that the first player has relinquished the some or all of the usage rights associated with the protected content prior to transmitting the protected content to the second player. The protected content may comprise a music file, and the some or all of the usage rights may comprise a usage right for a limited number of protected content players, or comprise a usage right for a limited time duration. | 12-24-2009 |
20090320145 | APPARATUS, METHOD, AND COMPUTER PROGRAM FOR CONTROLLING USE OF A CONTENT - A content usage control apparatus prevents a content managed by an end user from being illegally used. To prevent a content from being used by an apparatus or user other than an authorized apparatus or user, a content usage control apparatus registers the authorized apparatus or user and determines, before providing the content, whether the content is going to be provided to the authorized apparatus or user. The content usage control apparatus also has the capability of imposing a limitation on rewriting of registration. The above-described capabilities of the content usage control apparatus make it possible to protect copyright of information to be provided. A specific example of the content usage control apparatus is a server which stores contents such as movie contents or music contents, and may be used in a system in which a content is provided in response to a request from a client such as a portable telephone, a TV set, or a personal computer, connected to the server. | 12-24-2009 |
20100017891 | Method of Controlling a Browser Window - A method of controlling a browser window is disclosed. The method comprises the steps of associating the browser window to a token indicative of a personalized session; and repetitively, verifying said token; and, closing the browser window in dependence of said token. A valid token is generated at startup of the personalized session. The token is invalidated when the user logoffs from the personalized session. Upon detection of an invalid token all browser windows associated with said personalized session will be closed. | 01-21-2010 |
20100031373 | METHOD AND SYSTEM FOR SECURE FLEXIBLE SOFTWARE LICENSING - When executing a licensing management application, data indicative of licensing privileges of a software application for simultaneous execution on a subset of a plurality of computers are received from a licensor of the software application. The data indicative of licensing privileges comprise data indicative of a licensing key. For each of a plurality of users a peripheral licensing device is provided and the data indicative of a licensing key are then stored in memory thereof. Data indicative of a total number of users—equal to a number of the subset—are determined and provided to the licensor, or storage of the licensing key is prevented, when the total number is greater than a predetermined number of the subset. After execution of the licensing management application and provision of each of the users with a respective peripheral licensing device, each of the users is enabled to execute the software application by interfacing the peripheral licensing device with one of the computers, after which the data indicative of a licensing key are retrieved and the software application is executed. | 02-04-2010 |
20100050274 | CONTENT CONTROL SYSTEM - A content control system capable of controlling delivery destinations of user contents in respective groups, identifying each group through which each content is delivered, and delivering information/advertisements according to the attribution information of the content. In a content control server, group identifying information is set in each user content to be uploaded to or downloaded from a group memory area corresponding to a gateway ID from a terminal through a gateway having a plurality of its subordinate terminals. The information identifies each gateway through which each object content is delivered according to the gateway ID. The control system controls the delivery destination of each content according to the combination of the content delivery route and a table prepared in the content control server. | 02-25-2010 |
20100064378 | METHOD AND APPARATUS FOR MANAGING DIGITAL RIGHTS MANAGEMENT MODULE - Provided are a method and apparatus for managing a digital rights management (DRM) module. A DRM module for removing a DRM scheme applied to a content selected from among contents, and the content being protected with the DRM scheme, are received. The content is used by using the DRM module, and then the DRM module is partially or completely removed. | 03-11-2010 |
20100122351 | Software Application Framework for Network-Connected Devices - A facility for provisioning and managing registered applications is described. Registered applications can be downloaded to a mobile device from an application provisioning server. When the download is complete, the mobile device may begin execution of the registered application. However, at least portions of the registered application cannot be executed by the mobile device without first passing control to an application provisioning server via a network connection. Upon receiving temporary control of the registered application, the application provisioning server can perform tasks such as license verification and other tasks before turning control of the application back to the mobile device. | 05-13-2010 |
20100212026 | IMAGE FORMING APPARATUS, LICENSE MANAGEMENT SYSTEM AND LICENSE MANAGEMENT METHOD - An image forming apparatus comprises a communication interface unit that performs communication with a terminal device, a storage unit that stores an application program installed under license and a management application program for managing the application program, an arithmetic processing unit that executes the application program and the management application program stored in the storage unit, a determination unit that determines whether or not predetermined software installed in the terminal device has a legitimate license code corresponding to the license of the management application program, and an installing unit that, when it is determined that the predetermined software has a legitimate license code, obtains the application program from the terminal device and installs the application program into the storage unit. | 08-19-2010 |
20100212027 | SYSTEM AND METHOD FOR RENDERING CONTENT ASSOCIATED WITH A DIGITAL WORK - A method, system and software for permitting use of digital works having rights associated therewith in a system having repositories configured to enable use of the digital work in accordance with the rights, including associating a transfer right with a digital work, the transfer right specifying that the digital work is transferred from a first repository to a second repository; transferring the digital work from the first repository to the second repository in accordance with the transfer right; and in response to the transferring, step updating transfer right information in respect of the digital work. | 08-19-2010 |
20100223674 | CONTENT DISTRIBUTION SYSTEM, DISTRIBUTION METHOD, CONTENT PROCESSING DEVICE, AND PROCESSING METHOD - The present invention provided a content delivery system that can deliver content by way of the Internet. In the system, a browser requests a content server to deliver a startup file. The content server transmits the startup file to the browser. The startup file describes that the content is to be delivered by streaming or that it is to be delivered by downloaded files. A content reproducing section determines if the content is that to be delivered by streaming or that to be delivered by downloaded files according to the description of the startup file it receives from the browser. A television receiving set may be used as content processing apparatus for receiving the delivery of the content from a content delivery apparatus of such a system. | 09-02-2010 |
20100251387 | TERMINAL APPARATUS, DATA PROVIDING SYSTEM, DATA PROVIDING METHOD, AND COMPUTER PROGRAM - A terminal apparatus includes requester that requests data used for installed software from an external apparatus, a receiver that receives the data requested by the requester, a storage unit that stores the data received by the receiver, a restoring unit that restores the storage unit to the state at an arbitrary point of time; and a restoration controller that enables or disables the restoration operation of the restoring unit, wherein the storage unit stores the data that is requested by the requester and received by the receiver after the restoration controller disables the restoration operation of the restoring unit, the restoration controller enables the restoration operation of the restoring unit after the data received by the receiver is stored in the storage unit, and the restoring unit restores the storing unit to the state at a point of time when or after the restoration controller enables the restoration operation. | 09-30-2010 |
20100251388 | Systems and Methods for Challenge-Response Animation and Randomization Testing - Systems and methods are provided for challenge/response animation. In one implementation, a request for protected content may be received from a client, and the protected content may comprise data. A challenge phrase comprising a plurality of characters may be determined, and a computer processor may divide the challenge phrase into at least two character subsets selected from the characters comprising the challenge phrase. Each of the at least two character subsets may include less than all of the characters comprising the challenge phrase. The at least two character subsets may be sent to the client in response to the request; and an answer to the challenge phrase may be received from the client in response to the at least two character subsets. Access to the protected content may be limited based on whether the answer correctly solves the challenge phrase. | 09-30-2010 |
20100263059 | Virtualization Based Conditional Access Tuner Module For Providing Secure Linear And Non-Linear Content Services - A virtualized, general-purpose computer or consumer electronics (CE) device is provided with and hosts a plug-in module for securely accessing various content services. These modules are referred to as content personalization portable on demand storage units (content personalization PODs). | 10-14-2010 |
20100287622 | System and Method for Preventing Proper Execution of an Application Program in an Unauthorized Processor - A system and method for preventing an application program, which is licensed to a customer to be exclusively executed in a processor based on a certain processor design, from being executed properly in unauthorized processors is provided. The system includes a scrambling module and a recovery module. The scrambling module scrambles a selected portion of the application program using an identifier which identifies the authorized processor design. The recovery module adds an unscrambling program to the application program such that when the program is running in a processor, it retrieves a second identifier from the processor and unscrambles the scrambled portion of the application program using the retrieved second identifier. If the second identifier does not correspond to an authorized processor design, the unscrambling operation will incorrectly unscramble the scrambled portion and the application program will not run properly. | 11-11-2010 |
20100325739 | DATA TRANSMISSION APPARATUS AND METHOD, DATA RECEIVING APPARATUS AND METHOD, AND DATA TRANSMISSION AND RECEPTION SYSTEM AND METHOD - The protection of data against illicit transfer with respect to specific data can be ensured. An integrated receiver decoder determines whether or not ATRAC (Adaptive Transform Acoustic Coding) data requiring authentication is contained in selected piece-of-music data in accordance with determination data added into transmitted data. When ATRAC data requiring authentication is contained, the integrated receiver decoder performs an authentication process between it and a storage which is a transfer destination of the ATRAC data, and performs downloading of the ATRAC data after confirming that the storage is a valid apparatus to which the downloading may be performed. | 12-23-2010 |
20100325740 | MANAGING ELECTRONIC DEVICES USING AN ELECTRONIC DEVICE AS A ROOT OF TRUST - Various embodiments pertain to managing electronic devices using an electronic device as a root of trust. According to one embodiment, registration information for an electronic device | 12-23-2010 |
20100333212 | PORTABLE PARAMETER-BASED LICENSING - Portable parameter-based licensing techniques are described. These techniques allow licenses to be decoupled from any particular host device and utilized in a portable and flexible fashion. In at least some embodiments, license data that includes a license to use computer-related functionality can be stored in a secure execution environment. The secure execution environment can be provided by a suitable secure execution environment hosting device(s) (SEHD), such as a portable flash memory device for instance. The license data in the secure execution environment can then be utilized to authorize use of the computer-related functionality, according to the license, on any number of host devices not responsible for providing the secure execution environment. As a result, the owner of the license can use the computer-related functionality without being restricted to any particular host device. | 12-30-2010 |
20100333213 | Systems and Methods for Determining Authorization to Operate Licensed Software Based on a Client Device Fingerprint - Methods and systems disclosed herein may be used to determine if licensed software has been previously installed or used on a device by monitoring an identifier associated with the device on which the licensed software is to be installed or used. Prior to operation of licensed software, a client device requires authorization from a license server. The license server may retrieve a unique identifying device fingerprint from the client device to authorize installation of the software based on a probabilistic comparison of the identifier with stored device identifiers subject to a license. If the comparison yields a match and if total instances of retrieval of the retrieved device fingerprint does not exceed licensed rights, the authorization is granted. | 12-30-2010 |
20100333214 | INFORMATION PROCESSING APPARATUS, CONTROL METHOD, AND CONTROL PROGRAM - An information processing apparatus in which an application managed by a license based on license data operates. The information processing apparatus includes a recording unit to record transfer information indicating that the license data is transferred from the information processing apparatus to a second information processing apparatus, and a prohibition unit to prohibit use in the information processing apparatus of the license data corresponding to the transfer information when the transfer information indicates that the license data has been transferred from the information processing apparatus to the second information processing apparatus. | 12-30-2010 |
20110010777 | Digital receipt for use with an interoperable keychest - There is provided a system and method for a digital receipt for use with an interoperable keychest. There is provided a method for online registration of a digital receipt associated with a content, comprising performing a transaction to obtain from a first distributor the content encrypted by a title key and a first digital rights management (DRM) license usable with the first distributor to access the title key, receiving from the first distributor the digital receipt associated with the content including information relevant to the transaction, and transmitting the digital receipt to the interoperable keychest acting as a central key repository (CKR) for an online registration of the digital receipt associated with the content. Authorized media distributors may then generate new DRM licenses using the CKR, enabling interoperable content playback of the same universal file across different media distributors and clients. | 01-13-2011 |
20110023131 | Method and Apparatus for Checking Aggregated Web Services - Method and apparatus for checking an aggregated web service requested by a terminal user ( | 01-27-2011 |
20110030069 | SYSTEM AND METHOD FOR PREVENTING UNAUTHORISED USE OF DIGITAL MEDIA - A method for protecting digital media content from unauthorised use on a client, is described. The method comprising the steps of receiving from a server on the client a list of processes, instructions, activity descriptions or data types that must not be active simultaneously with playback of the digital media content (“the blacklist”). The method further comprising checking, on the client, for the presence of any items on the list; and continuing interaction with the server, key management and playback of protected content only if no items on the list are detected on the client. A system is also described. | 02-03-2011 |
20110035811 | PROVIDING AN ACCESS MECHANISM ASSOCIATED WITH A DOCUMENT PART TO DETERMINE AN ACTION TO TAKE IF CONTENT OF THE DOCUMENT PART IS INACCESSIBLE - A modular document is composed of plural parts, where at least a particular one of the parts is associated with an access right policy that restricts access to the particular part. In response to a request to access the modular document, it is determined based on the access right policy whether content of the particular part is accessible in an electronic device. In response to determining that the content of the particular part is inaccessible in the electronic device, an access mechanism associated with the particular part is accessed to determine an action to take with respect to the particular part when presenting the modular document. | 02-10-2011 |
20110035812 | DIGITAL RIGHTS MANAGEMENT USING TRUSTED TIME - A method for monitoring time so that the use of protected content can be controlled includes receiving a trusted time value from a trusted authority external to a client device. When the client is no longer in communication with the trusted authority, the previously-received trusted time value is updated by use of the client's operating system counter so that a calculated trusted time value is derived for content license evaluation purposes. | 02-10-2011 |
20110055935 | SYSTEM FOR GROUP ACCESS TO SHARED MEDIA, RESOURCES, AND SERVICES - A system and method for establishing a group of wireless devices for sharing software and hardware resources as well as media stored thereupon associates each group member device of the group of wireless devices, communicates with at least some of the group member devices of the group of wireless devices to identify shared media and upon receiving a request transmitted by a group member device of the group of wireless devices, supports access to shared media. The shared media may be stored on a different group member device, upon a managing portal device, or a media server. Upon a successful validation, the group member device that made the request is notified to facilitate the access to the shared media. The notification includes access information. | 03-03-2011 |
20110067115 | SYSTEM AND METHODS FOR SELECTIVE ADVERTISING IN MEDIA CONTENT - Embodiments of techniques for distributing and rendering media content are provided. In response to a request for a first media file, a combined media file is generated having first and second segments that together include data from the first media file and from a second media file. The combined media file is then provided to a player module operable to render only data from the first media file during a first operating mode, and operable to render data from both the first and second media files during a second operating mode. For example, the first media file may be a music file, and the second media file an advertisement. A consumer may play the music portion without special software or a license, but the advertisement will be rendered as well. Alternatively, the consumer may purchase a license and use special playback software to render the music without the advertisement. | 03-17-2011 |
20110067116 | Method for Validating User Equipment, a Device Identity Register and an Access Control System - The present invention discloses a method for validating user equipment, a device identity register and an access control system. Wherein the method for validating user equipment comprises: setting a central device identity register shared by different networks, wherein illegal user equipment identities are stored in the central device identity register; the central device identity register receiving an ID validation request from a mobility management entity, wherein the ID validation request carries ID parameters of a user equipment; the central device identity register validating the validity of the user equipment according to the ID parameters, and returning a validation result to the mobility management entity. In virtue of the present invention, the accessing of the illegal non-3GPP network user equipment which is capable of accessing 3GPP network to the 3GPP network is able to be controlled. | 03-17-2011 |
20110072521 | SECURE CONTENT DELIVERY SYSTEM AND METHOD - A system and method for secure content delivery is provided. The system and method has a content system that verifies a device with a media player based on one or more properties of the device with the media player wherein the content system delivers content to the device with the media player only when the device with the media player is verified. | 03-24-2011 |
20110078801 | UTILITY COMPUTING WITH PREVIEW AND PAY FEATURE - A remote computing service is provided that allows a user to preview results of processing at a remote computing device on a client device before committing to pay for and download result data. The remote computing device derives a series of preview data sets from the result data processed at the remote computing devices. The client device receives the preview data sets and presents output to a user for inspection, evaluation or examination of various aspects of the result data. By allowing the user to inspect, evaluate or examine the result data based on the series of preview data sets, there are fewer occasions where the user needs to download the result data that may have a large size to the client device. Further, the series of preview data sets is structured so that the result data cannot be reconstructed by harvesting the series of preview data sets. Hence, the user cannot take advantage of the preview data to reconstruct the result data without paying for the result data. | 03-31-2011 |
20110083198 | PROGRAM LICENCE MANAGEMENT TECHNIQUE IN AN AUDIO SIGNAL PROCESSING SYSTEM - CPU of a console accepts a full application activation instruction generated via an activation instruction switch. The CPU searches through all of apparatus of a mixing system, which the console belongs to, to detect any apparatus having connected thereto a USB dongle that has recorded therein an access key corresponding to an application program to be fully activated. If such an apparatus has been detected within the mixing system, the CPU places the application program in a fully activated state. If, on the other hand, no such apparatus has been detected, the CPU terminates a full application activation process. Such arrangements allows the application program, which requires authentication of the access key, to be executed with simple operation, while preventing unauthorized use of the application program. | 04-07-2011 |
20110088101 | INFORMATION EXCHANGE/SHARE SYSTEM, METHOD AND PROGRAM THEREOF - It is checked whether or not information requested in an information request is present in a message sharing/storing unit which stores information provided from an information provider and accessibility information setting an information requester which is allowed to access the information. It is also determined whether or not the information requester can access information requested in an information request message based on the accessibility information. When it is determined that the information requested in the information request message is already registered in the message sharing/storing unit and the information requester can access the information, information on a request-reply-message to the information requester is created based on the information in the message sharing/storing unit. | 04-14-2011 |
20110107436 | APPARATUS AND METHODS FOR DEVICE AUTHORIZATION IN A PREMISES NETWORK - Apparatus and methods for enabling protected premises networking capabilities. In one embodiment, a white list of devices authorized to access a premises network and a black list of device not authorized to access a premises network are utilized. The black and white lists may be stored at a database in communication with an authorization manager or may be stored at the manager itself. When a client device is connected to a premise, the manager determines, based on the premises and/or device identity, whether the device is entitled to access. The authorization manager makes this determination based on whether the device is on the white or black list. If the device is on neither list, the manager may add the device to the white list upon appropriate verification. The manager may also facilitate removal of a device from the white list to the black list upon request or automatically. | 05-05-2011 |
20110119772 | Media Content Transfer and Remote License Acquisition - In one embodiment of a method of providing protected data from a network server, a data file is downloaded from an external source to a computer on a network. The downloaded file is stored in a location accessible to a server on the network. Using a computer on the network connected to the server, a license linked to the server for the data is procured from an external source. The data file is played from the server using the license. | 05-19-2011 |
20110131665 | INFORMATION PROCESSING APPARATUS, DATA PROCESSING METHOD AND PROGRAM - A configuration is achieved in which content copying between media and content downloading are performed effectively and under strict management. In content copying between media, the identification information (medium ID) of a copying destination medium is obtained using an API for providing a predefined processing, then the obtained medium ID is transmitted to a server to obtain copying permission information from the server, and then content copying is performed under the management of the server. This configuration allows a copying destination medium to be managed, which can eliminate the unauthorized use of the content. Also, the configuration in which content downloading from the server is performed according to, for example, a Java® program allows a ROM disc on which the content is recorded to store the program and to be provided to a user. | 06-02-2011 |
20110138483 | MOBILE PHONE AND IP ADDRESS CORRELATION SERVICE - A system, method and program product for controlling access to a restricted item. A method is provided that includes: receiving a request for access to a restricted item at a computer system associated with a provider, said request originating from a client system; determining an IP address of the client system; determining a mobile phone number of a mobile phone associated with the requester; transmitting to a third party service provider the IP address and mobile phone number; and receiving back from the third party service provider a confirmation message indicating whether or not the IP address and mobile phone are located within an acceptable range of each other. | 06-09-2011 |
20110138484 | Embedded content requests in a rights locker system for digital content access control - Access to digital content may be controlled by determining a digital content specification and associated authenticated rights locker access request, sending the authenticated rights locker access request and the digital content specification, and receiving a new authenticated rights locker access request and a Web page with clickable links in response to the sending, where at least one of the clickable links is associated with an authenticated digital content request. When an indication of a user selection of one of the clickable links is received, an authenticated digital content request associated with the user-selected clickable link is sent to a digital content repository. The digital content is received in response to the sending of the authenticated digital content request. | 06-09-2011 |
20110145932 | System and Method for Remote Management of Applications Downloaded to a Personal Portable Wireless Appliance - The present invention relates to a system and method for remote management of applications downloaded to a personal portable appliance. Applications comprising programs and data structures are updated to include a dummy application that can replace the ordinarily executable application and that manipulates the data structure when invoked, so as to limit it. The dummy application is subsequently reduced to have a limited amount of the original functionality and to prompt the user to delete it. | 06-16-2011 |
20110162087 | VIRTUALIZING REMOTE PRESENTATION SESSION CLIENT LICENSING WITH A SERVER-BASED BROKER - Systems, methods, and computer-readable storage media are disclosed for virtualizing remote presentation session licensing issuance for a system executing a plurality of virtual machines hosting a remote presentation session server. In an embodiment, a licensing broker is executed in the host partition of the system, and each session server, upon receiving a request for a license from a client, transmits the request to the broker. The broker completes the license negotiation with a license server responsible for issuing licenses, and once issued, the broker transmits this to the corresponding session server, which completes the licensing transaction with the client. | 06-30-2011 |
20110162088 | COMMUNICATION TERMINAL APPARATUS AND METHOD OF CONTROLLING FUNCTION - A communication terminal apparatus for communicating data is disclosed, the communication terminal apparatus including a sending part configured to send, upon occurrence of an operation event, first identification data that identifies the communication terminal apparatus to another communication terminal apparatus which is in communication with the communication terminal apparatus; a receiving part configured to receive, from the another communication terminal apparatus, second identification data that identifies the another communication terminal apparatus; a memory part configured to store the first identification data upon occurrence of the operation event and the second identification data upon reception by the receiving part of the second identification data; and a controlling part configured to prevent an operation locally performed on the communication terminal apparatus from changing a setting of a function of the communication terminal apparatus while the second identification data is stored in the memory part. | 06-30-2011 |
20110167502 | TIME-BASED DIGITAL CONTENT AUTHORIZATION - Methods and apparatuses for time-based access to digital content are provided. Access to a set of digital content is provided for a predetermined period of time. During the predetermined period of time, a user can access (e.g., download, play) any digital content in the set of digital content. At the end of the predetermined period of time, the user is denied access to the digital content regardless of where the content is stored (e.g., in a digital content library, on a computer system controlled by the user, on a playback device controlled by the user). Simplified access and control of digital content is thereby provided in the form of time-based access. | 07-07-2011 |
20110191863 | System and Method for Identifying Systems and Replacing Components - A system, method, and computer-readable medium are disclosed for managing a system's entitlement to digital assets when the system's components are replaced. A unique system identifier, comprising the unique identifiers of predetermined system components, is associated with digital assets data to generate digital assets entitlement data, which in turn entitles the system to process the digital assets data. The digital assets entitlement is perpetuated when a first unique system component identifier is replaced with a second unique system component identifier. | 08-04-2011 |
20110203006 | METHOD AND SYSTEM FOR DELIVERING CLOSED-AUDIENCE CONTENT TO A CLOSED MOBILE AUDIENCE - A method and system for delivering closed-audience content to a closed mobile audience is described. In one embodiment, a method for delivering closed-audience content to a closed mobile audience is described. The method for delivering closed-audience content to a closed mobile audience involves obtaining closed-audience content, establishing a closed mobile audience, identifying a mobile user or a mobile device as being part of the closed mobile audience, and delivering the closed-audience content to the mobile user or the mobile device. Other embodiments are also described. | 08-18-2011 |
20110231941 | LICENSE MANAGEMENT IN A MEDIA NETWORK ENVIRONMENT - Acquiring a license in a hub network, including: sending a license request from a client to a server through an intermediary device; sending a connection confirmation from the client to the server through the intermediary device; and receiving license data at the client from the server through the intermediary device in response to the license request, wherein the client and the server are not connected in a hub network, wherein the license request identifies a sub-copy version stored on the client, wherein the sub-copy version includes sub-copy locked content data, and wherein the license data is bound to the hub network. | 09-22-2011 |
20110258708 | METHOD, APPARATUS AND COMPUTER PROGRAM PRODUCT FOR CACHING OF CONTENT FROM SERVER - Disclosed are a method, an apparatus and a computer program product. The method includes receiving a server feed from a server for accessing a content stored in the server. The method further includes determining a Unique Identifier (ID) of at least one hierarchical level of the content by parsing the server feed. Further, the method includes comparing the determined UniqueID of the at least hierarchical level of the content to a stored UniqueID of the at least one hierarchical level. Thereafter, the method facilitates for accessing the content based on the comparison of the determined UniqueID to the stored UniqueID. | 10-20-2011 |
20110277040 | Methods for electronically communicating with a person where the person's e mail address or cell phone number is unknown - Methods and apparatus are provided to allow a person to obtain the e mail address and or cell phone number of another person. However at least two blocks are provided to assure that a computer cannot obtain the same. A Directory of phone numbers and or e mail address is created by voluntary permission of each registrant. Each registrant is able to add personal and additional blocks to prevent unwanted seekers, even humans, from obtaining any information not permitted by an individual registrant. Accordingly, each registrant is in control of the information obtained by a seeker. | 11-10-2011 |
20110283366 | METHOD AND SYSTEM FOR PREVENTING BROWSER-BASED ABUSE - Disclosed is a method and system of preventing browser-based abuse. The method of preventing browser-based abuse may include determining whether an access based on a browser function extension module is a malicious access for acquiring data of an Internet browser, and blocking the access based on the browser function extension module when the access is determined to be a malicious access. | 11-17-2011 |
20110289599 | SERVICE PROVISION - A method and system for service provision, comprising: a web browser ( | 11-24-2011 |
20110302662 | CONTENT PROTECTION SYSTEM - Provided is a content protection system, in which: a user terminal judges, when a content is to be reproduced or executed, whether or not the user terminal has a usage right of the content, and makes, if it is judged that the user terminal does not have the usage right of the content, a request to a license management apparatus to acquire the usage right of the content; the license management apparatus generates, when the request to acquire the usage right is received from the user terminal, license information containing information on an expiration date that is set based on a timing when the request is received, and transmits the generated license information to the user terminal; and the user terminal judges that the user terminal has the usage right of the content until the expiration date indicated by the license information received from the license management apparatus arrives. | 12-08-2011 |
20110314561 | Server implemented method and system for securing data - A server implemented method for securing data is provided. The method includes generating a context container for storing data objects transferred to the server during a session with a client, creating, from the data objects in the context container, a plurality of protected zones of data objects, wherein each protected zone includes data objects of a different class of security and creating a reference for each protected zone. Further, the method includes providing the client access to that protected zone via the reference, wherein the reference is non-persistently stored in the server. | 12-22-2011 |
20110321177 | INFORMATION PROCESSING APPARATUS AND OPERATION METHOD OF THE SAME - Provided is a service processor (SVP) | 12-29-2011 |
20120011595 | PERMISSION BASED TEXT MESSAGING - A system and method for narrowcasting text messages to a plurality of cellular phones. The system and method allow a potential user to opt in to receive the text messages the user wants to receive. The potential user can opt in through a computer network based web page. Once the potential user sends a sign up request application to participate via the computer network, the user will receive a first text message containing an authorization code on their cell phone. The user enters the authorization code into the web page and sends the authorization code. Receipt of the authorization code back through the computer network will trigger the phone number of the potential user to be added to a list of authorized text message receivers. A narrowcaster then instructs the central computer to narrowcast text messages to the phone numbers on the list that have indicated they want to receive messages on a certain topic. | 01-12-2012 |
20120023596 | Electronic License Management - In one aspect, this application describes a method for determining a license status of a software application. The method includes receiving a license status request to obtain an indication of whether a software application is licensed for use on a client computing device. The method also includes identifying identity information that corresponds to user identity information, device identity information, or both. The method also includes sending a communication generated from the license status request and the identity information to a licensing service, the communication being used by the licensing service to generate the indication based at least in part on the identity information and licensing information associated with the software application. The method also includes receiving a license status response from the licensing service that includes the indication. The method also includes sending the license status response to the software application for processing by the software application. | 01-26-2012 |
20120042394 | System and method for alerting on open file-share sessions associated with a device - A method and system for detecting an active file-share session on a monitored device associated with a client device, alerting the user of the client device, and enabling them to terminate the file-share session, are disclosed. In accordance with the disclosed method and system, when a remote device (e.g., on a network, the internet, etc.) connects to a shared file or folder on a monitored device (e.g., a personal computer, network area storage, a game console, a storage area network, a smart telephone, etc.) the user of the client device receives an immediate, automatic alert with the specifics of the file-sharing session and data affected. The user is then presented with an option of whether to OK the file-sharing session (i.e. allow data access to proceed), or to disconnect the file-share session (i.e. cause the remote user to lose access to the monitored device's shared data). | 02-16-2012 |
20120060227 | COMMUNICATION APPARATUS AND COMMUNICATION METHOD - A communication apparatus includes a user signal transmission unit that transmits a user signal required for an end user to perform communication; a manager function implementing unit that implements a function provided to a manager of the present apparatus; a license monitoring unit that monitors a license of the present apparatus, and outputs a function limitation signal when the license has expired; and a function limitation unit that limits the function implemented by the manager function implementing unit when receiving the function limitation signal. In a communication apparatus that transmits a user signal required for an end user to perform communication, a function of the apparatus is limited when a relevant license has expired, while preventing an influence of the limitation upon the end user. | 03-08-2012 |
20120066773 | INFORMATION SAFEGUARD TOOL - Embodiments of the present invention relate to methods and apparatuses for safeguarding information by, for example, controlling access to electronic files. Some embodiments of the present invention provide a method that includes embedding a script in an electronic file, where the script comprises commands that when operated on by a processor allow a recipient device to access the electronic file if either a token associated with the recipient device is detected or the recipient device is determined to be an authorized device. | 03-15-2012 |
20120079607 | Request Based License Mode Selection - Methods and systems are disclosed for providing a mechanism for dynamically switching between the licensing modes on the remote presentation host to handle different kinds of licenses. In one embodiment, the mode switching may be based on the configuration of the users that are connecting to the remote presentation host. In an embodiment, users may be provided with remote presentation session files that define what type of license to be used for the current connection to the remote presentation host. In some embodiments, mechanisms are disclosed to provide the ability to convert a remote client access license from one type to another by using a convertibility matrix. | 03-29-2012 |
20120102575 | DIGITAL CONTENT DELIVERY SYSTEM AND METHOD - A method and system for securing digital content for transmission to an end user device. In a preferred embodiment, the invention provides for: a control center for controlling access to the digital content by the end user device; transmitting scrambled digital content to the end user device, such that the end user device cannot play back the said scrambled digital content; contacting the control center to request a PECM (personal ECM), the PECM being specific to the end user device; transmitting the PECM to the end user device by the control center; and unscrambling the scrambled digital content by the end user device according to the PECM. | 04-26-2012 |
20120110679 | SERVICE PROVIDING SYSTEM, SERVICE PROVIDING METHOD, PORTABLE COMMUNICATION TERMINAL AND SERVER - A service providing system includes a portable communication terminal operated by a user; a service providing apparatus providing a service to the user, and a server managing the service providing apparatus, wherein the service providing apparatus calculates a response using a challenge, and the portable communication terminal transmits a challenge generated by the server to the service providing apparatus subjected to a legitimacy check of the service providing apparatus and presents a result of the legitimacy check based on a response calculated by the service providing apparatus subjected to the legitimacy check using the transmitted challenge. | 05-03-2012 |
20120117663 | SEMICONDUCTOR MEMORY CARD AND DATA READING APPARATUS, AND DATA READING/REPRODCUING APPARATUS - A semiconductor memory card comprising a control IC | 05-10-2012 |
20120124677 | COLLECTION USER INTERFACE - Collection user interface techniques are described. In one or more implementations, a plurality of inputs are recognized as gestures received via interaction with a user interface to navigate through a file system of a computing device and select representations of objects managed by file system of the computing device, at least two of which are accessible via different devices. In response, copies of the representations are displayed by the computing device in a collection portion of the user interface. An option is output in conjunction with the collection portion by the computing device that is selectable to initiate a command to be performed using the objects that have corresponding representations included in the collection portion. | 05-17-2012 |
20120124678 | ACTIVATING LICENSABLE COMPONENT PROVIDED BY THIRD PARTY TO AUDIO VIDEO DEVICE - An audio-video display device can download from a third party server a licensable component on which a royalty is to be paid. Various methods are disclosed for accounting for royalties associated with downloading the licensable component to the client device between the third party server and a client device manufacturer server. | 05-17-2012 |
20120131684 | AUTOMATIC BACKUP LICENSE TO AVOID SERVICE INTERRUPTIONS IN CONTINUOUS SERVICE, HIGH RELIABILITY SYSTEMS - Methods for automatically providing a backup license for a device that relies on a primary license to operate when the primary license for the device fails to satisfy a licensing requirement are provided. A backup license that can become automatically available for use upon noncompliance of a primary license can prevent service interruptions, which are unacceptable for systems that provide continuous service and require high reliability. For example, methods of the disclosure can be used in cable systems and more specifically in cable modem termination systems to prevent an interruption in service. | 05-24-2012 |
20120151606 | SOFTWARE SYSTEM FOR DENYING REMOTE ACCESS TO COMPUTER CAMERAS - A program and method for detecting and preventing the unauthorized remote access of a computer camera by determining whether the camera is activated, and scanning applications to determine if the activation is authorized, and if it is not authorized, then the user is alerted. | 06-14-2012 |
20120167232 | Mobile Device for Authenticating A Device Accessory - A mobile device for authenticating a device accessory is disclosed. The mobile device receives a unique identifier from a device accessory, sends the received unique identifier to a server via a communication network, and receives information from the server relating to the unique identifier. | 06-28-2012 |
20120167233 | EMAIL TRUST SERVICE - In embodiments of an email trust service, an email message is received at an email distribution service for distribution to a client device that corresponds to a recipient of the email message. Authentication techniques can be applied to verify that the email message is received from an authorized domain as specified in a sender address field of the email message. Additionally, it can be determined whether an Extended Validation certificate is associated with the authorized domain. Responsive to determining that an Extended Validation certificate is associated with the authorized domain, a trust indicator is associated with the email message to generate a trusted email message. The trust indicator indicates that the trusted email message is from an authorized domain when the email message is displayed at the client device. | 06-28-2012 |
20120167234 | PERSONA-BASED IDENTITY MANAGEMENT SYSTEM - A method, performed by a computer device, may include receiving personal data from a user device associated with personas, where each of the personas corresponds to at least one classification of requesters, associating the received personal data with at least one of the personas, and identifying any of the classifications that correspond to the personas associated with received personal data. The method may further include receiving, from a data requester, a query including a request for the personal data; associating the data requester with a classification; and comparing the classification associated with the data requester to the classifications associated with personal data. The method may further include sending, to the data requester, a message containing the personal data in response to the classification of the data requester corresponding to the classifications of the personal data. | 06-28-2012 |
20120167235 | UNIVERSAL IDENTITY SERVICE AVATAR ECOSYSTEM - A system is configured to receive personal data associated with a user, verify one or more facts from the personal data, and form an avatar based on a first subset of the received personal data, where a second, differing, subset of the received personal data is not associated with the avatar. The system is also configured to receive, from a data requester, a query including a request for the avatar, and send, to the data requester, a message that includes information associated with the avatar and an indication that the one or more facts from the personal data were verified. | 06-28-2012 |
20120174237 | LOCATION AWARE SELF-LOCKING SYSTEM AND METHOD FOR A MOBILE DEVICE - A mobile device includes a protected mode in which the device automatically locks itself after a period of inactivity. In the protected mode, the device can determine whether it is in a trusted location. If the device is not in a trusted location, the device continues in the protected mode. If the device is within a trusted location, the device can alter the protected mode, such as by disabling the protected mode. Alternatively, a parameter associated with the protected mode can be changed. For instance, the period of inactivity before the device automatically self locks can be increased. The trusted location can be defined by a specific network, specific wireless access point, specific geographic coordinates or an express user indication. Such a device can avoid the frustration of repeatedly locking and unlocking the device if the user is located in an environment in which privacy and security concerns are minimized. | 07-05-2012 |
20120174238 | METHOD AND SYSTEM FOR COORDINATING CLIENT AND HOST SECURITY MODULES - A system and methods for coordinating the operation of a client security module and a host security module on a mobile electronic device. The modules communicate with each other through a platform abstraction layer using application programming interfaces to coordinate their activities. In particular, the client security module instructs the host security module when to lock and unlock the device, and the host security module alerts the client security module to attempts by the user to lock or unlock the device. | 07-05-2012 |
20120185950 | METHOD, ACCESS NODE, AND SYSTEM FOR OBTAINING DATA - The present invention discloses a method, an access node, and a system for obtaining data. The method includes: receiving a data obtaining request sent by a client and obtaining an authentication result of multilevel authentication performed on the data obtaining request; when the authentication result of the data obtaining request is successful, obtaining data to be obtained corresponding to the data obtaining request and sending the data to be obtained to the client, or, obtaining information about a content storage node to which the data to be obtained corresponding to the data obtaining request belongs and sending the information about the content storage node to the client. The embodiments of the present invention may ensure security of data obtaining, avoid a single-point failure or bottleneck, and reduce the cost when data is obtained from a data storage platform. | 07-19-2012 |
20120198567 | DIGITAL WORKS HAVING USAGE RIGHTS AND METHOD FOR CREATING THE SAME - Digital work adapted to be distributed within a system for controlling at least one of the distribution and use of digital works. The digital work includes digital content representing a portion of a digital work suitable for being rendered by a rendering device and usage rights associated with the digital content. The usage rights specify a manner of use indicating one or more stated purposes for which the digital work can be at least one of used and distributed by an authorized party. | 08-02-2012 |
20120204272 | METHOD, APPARATUS AND COMPUTER PROGRAM PRODUCT FOR PUBLISHING PUBLIC CONTENT AND PRIVATE CONTENT ASSOCIATED WITH THE PUBLIC CONTENT - A publishing method is disclosed, which process enables a publisher to publish in a simple and easy manner a set of content that includes both public content and private content. In some embodiments, this advantageous solution is achieved by implementing a multi-step publishing process. In one step, the publisher publishes a feed that contains: ( | 08-09-2012 |
20120210448 | SYSTEM AND METHOD FOR ACCESSING PRIVATE DIGITAL CONTENT - A system, method and computer program product for providing access to private digital content are disclosed. The private digital content is owned by an owner and installed on a content server and access is provided to a first client which is capable of rendering said digital content. Predetermined information required for gaining authorized access to said content server by said first client is generated by a second client. The predetermined information is transferred from said second client to said first client then used by said first client to get access to said private digital content. | 08-16-2012 |
20120216299 | Server-Side Security Mechanism for Untrusted Clients Using Directory Hiding - A security mechanism provided by a server protects files in data storage from untrusted clients. In one embodiment, the server generates a filename in response to a request from a client for creating a filename. The filename is associated with a file to be stored in the data storage managed by the server. The server manages a directory that contains the filename, and hides the directory contents from the client. The client is granted access to the file when the client provides the filename associated with the file. | 08-23-2012 |
20120222135 | ADVANCED USER INTERFACE AND CONTROL PARADIGM INCLUDING DIGITAL RIGHTS MANAGEMENT FEATURES FOR MULTIPLE SERVICE OPERATOR EXTENDED FUNCTIONALITY OFFERS - Methods and systems for presenting information regarding multiple categories of content are provided. In addition, methods and systems that suggest activities by a user in relation to content and determined affinity for content in relation to user contacts are provided. A user interface application is provided that operates to display status and/or historical information regarding content, suggested activities, and suggested contacts. The user can interact with the interface to access detailed information and to act on suggestions. In addition the user can interact with the interface to share content to other users, including users participating in real time communication sessions. | 08-30-2012 |
20120227112 | METHOD AND APPARATUS FOR SECURING MEDIA ASSET DISTRIBUTION FOR A MARKETING PROCESS - A method and apparatus for securing media asset distribution for a marketing process is described. In one embodiment, the method includes generating a dynamic security component for each media asset allocation to at least one receiver, wherein the dynamic security component verifies the at least one receiver upon login, coupling the dynamic security component to at least one file having a media asset and communicating a locator reference associated with the at least one file to the at least one receiver, wherein the locator reference is created using the dynamic security component. | 09-06-2012 |
20120227113 | REMOTE DATA VIEWER - A medical image and data application service provider system provides a way of remotely viewing and manipulating medical images and data for diagnostic and visualization purposes by users unconstrained by geography. Medical images and data are stored on one or more servers running application service provider software along with meta-data such as access control information, origin of information and references to related data. A set of medical data consisting related information is sent as an encrypted stream to a viewing station running client software in a secure execution environment that is logically independent of the viewing station's operating system. | 09-06-2012 |
20120227114 | ACCESS CONTROL SYSTEM, COMMUNICATION TERMINAL, SERVER, AND ACCESS CONTROL METHOD - Terminal certification means of a communication terminal manages a content and certification information on the content in association with each other. Upon access to a server associated with the execution of the content, request means sends the server a request including certification information associated with the content. In response to the request from the communication terminal, the server uses server certification means to certify the request. Access control means performs access control based on policy information stored in policy information storage means. | 09-06-2012 |
20120233705 | SYSTEM AND METHODS FOR IDENTITY ATTRIBUTE VALIDATION - A method of identity attribute validation at a computer server involves the computer server receiving an identity attribute validation request from a communication terminal. The computer server further receives a credential, and is configured with an attribute disclosure profile of attributes authorized for disclosure to the communication terminal. The computer server determines the validity of the credential, and provides the communication terminal with a response to the identity attribute validation request based on an outcome of the credential validity determination. The attribute validation response includes attributes data associated with the credential authorized for disclosure by the attribute disclosure profile but excludes attributes data associated with the credential not authorized for disclosure by the attribute disclosure profile. | 09-13-2012 |
20120240244 | CERTIFICATES TO CREATE PRODUCT MAPPINGS - A server receives a consumer request pertaining to product asset management from a client. The consumer request comprises one or more product-related certificates that associates the client with one or more products. The product-related certificate comprises at least one extended attribute object identifier that has a corresponding product attribute. For each extended attribute object identifier, the server searches a data store to identify a product that corresponds to the extended attribute object identifier and generates a response to the consumer request based on the product that is identified in the data store. | 09-20-2012 |
20120246743 | SYSTEM AND METHOD FOR ACCESSING PRIVATE DIGITAL CONTENT - Method for providing access to private digital content installed on a content server C(s), wherein a content manager server C(a) has a number of clients potentially interested in the private content; the method comprising the following steps performed at the content management server C(a):
| 09-27-2012 |
20120255036 | PROPRIETARY ACCESS CONTROL ALGORITHMS IN CONTENT DELIVERY NETWORKS - Mechanisms are provided to allow application of proprietary access control algorithms during requests for resources obtained using a content delivery network (CDN). Requests to a CDN are augmented with a content provider specific token. The content provider can maintain strict control over access to restricted content at the time of request with a proprietary authorization algorithm and maintains real-time usage information for restricted content. | 10-04-2012 |
20120255037 | LICENSE MANAGEMENT FOR DIGITAL CONTENT - Aspects of the present disclosure relate to managing licenses for playback of digital content. A license management device may create licenses that determine the number of playback devices that can be authorized by the license. Each license may be included in a corresponding digital content. In addition, each license may be distributed to a set of playback devices. Thereafter, a playback device may playback digital content that includes a license when the playback device stores a matching license. A single license can be used to provide authorization to play digital content from multiple sources and/or multiple types of content. Playback devices can store multiple licenses, which allows playback devices to belong to multiple sets of playback devices authorized to playback various digital content. In one embodiment digital content files can contain multiple licenses to allow the content files to be shared by multiple sets of playback devices. | 10-04-2012 |
20120260353 | METHOD AND APPARATUS FOR IDENTIFYING INSTALLED SOFTWARE AND REGULATING ACCESS TO CONTENT - A system and method for controlling use of content in accordance with usage rights associated with the content and determined in accordance with the environment of a user device. A request is received for secure content from a user device and the integrity of the environment of the user device is verified. Appropriate usage rights are retrieved based upon the results of the verification of integrity and the content is rendered on the user device in accordance with the appropriate usage rights. | 10-11-2012 |
20120284804 | SYSTEM AND METHOD FOR PROTECTING DIGITAL CONTENTS WITH DIGITAL RIGHTS MANAGEMENT (DRM) - An approach for protecting digital contents includes a content delivery phase wherein a client stores digital contents or retrieves them in streaming, transmits to a user device the digital content in a protected format along with an enabling code for enabling the user device to access or read the protected digital content. The approach includes a key generation phase in a DRM (Digital Right Management) server which derives at least one key for encrypting the digital contents. A key transmission phase involves the derived key being transmitted from the DRM server to the client. For decrypting the digital content, the user device requests the key from the DRM server, with the request including a key identification defined by the enabling code transmitted by the client to the user device which is used by the DRM server to derive the key for the user device. | 11-08-2012 |
20120284805 | SYSTEM FOR ELIMINATING UNAUTHORIZED ELECTRONIC MAIL - A system for eliminating unauthorized email sent to a user on a network employs an email-receiving server connected between the network and the user's email client for receiving email addressed to the user and rejecting those in which the sender address does not match any of sender addresses maintained on an “authorized senders” list (ASL list). The ASL lists are maintained by an ASL manager in an ASL database operable with a spam processor module. A redirector module rejects the email if, upon sending a request for validation to the spam processor module, the sender's address does not match any authorized sender address on the ASL list. Email rejected by the redirector module is redirected to a web-based messaging (WBM) module which sends a message to the sender to confirm that the sender is a legitimate sender of email to the intended recipient. | 11-08-2012 |
20120284806 | EMBEDDED CONTENT REQUESTS IN A RIGHTS LOCKER SYSTEM FOR DIGITAL CONTENT ACCESS CONTROL - Access to digital content may be controlled by determining a digital content specification and associated authenticated rights locker access request, sending the authenticated rights locker access request and the digital content specification, and receiving a new authenticated rights locker access request and a Web page with clickable links in response to the sending, where at least one of the clickable links is associated with an authenticated digital content request. When an indication of a user selection of one of the clickable links is received, an authenticated digital content request associated with the user-selected clickable link is sent to a digital content repository. The digital content is received in response to the sending of the authenticated digital content request. | 11-08-2012 |
20120297492 | SYSTEM AND METHOD OF INTEGRATING MODULES FOR EXECUTION ON A COMPUTING DEVICE AND CONTROLLING DURING RUNTIME AN ABILITY OF A FIRST MODULE TO ACCESS A SERVICE PROVIDED BY A SECOND MODULE - A system for integrating modules of computer code may include a sandbox validator for receiving a first module and verifying that the first module complies with one or more sandbox constraints. A computing device may execute the first module within a runtime environment. A module integrator may operate within the runtime environment for receiving a request from the first module to access a service provided by a second module and only allowing the first module to access the service when the first module is authorized to access the service according to a service authorization table. The sandbox validator may ensure the first module correctly identifies itself when requesting a service provide by another module and that the first module includes runtime policing functions for non-deterministic operations. A service authorizer may generate an authorization policy for the first module, which is sent to the computing device along with the first module. | 11-22-2012 |
20120304313 | FACILITATING DATA ACCESS CONTROL IN PEER-TO-PEER OVERLAY NETWORKS - Methods and apparatuses are provided for facilitating data access controls in peer-to-peer or other similar overlay networks. A peer node storing a data object may receive a request for access to the stored data object, and may locate in the network an access control list associated with the data object using a routing mechanism included in the data object. The peer node may determine whether the requested access is authorized based on the access control list, and may grant or deny access based on the determination. A peer node storing an access control list may receive a request from a peer node storing a data object for information relating to access controls associated with the data object. The peer node storing the access control list may then send the requested information relating to the access controls associated with the data object. | 11-29-2012 |
20120304314 | METHODS FOR ADMINISTERING AN AUTONOMOUS RIGHTS COMPONENT, AUTONOMOUS RIGHTS ADMINISTRATION SYSTEMS AND DEVICES CARRYING OUT THE METHODS - A method for an autonomous rights administration component of a computer system includes recording devices of the computer system, determining unique identifiers for each recorded device, permanently storing the unique identifiers, defining a usage rights contingent and a usage rights requirement and activation of at least one application function on the basis of a comparison of the usage rights contingent with the usage rights requirement. | 11-29-2012 |
20120311724 | APPARATUS AND METHOD OF IN-APPLICATION LICENSING - Apparatus and methods for licensing include executing a base application on a device, initiating a transaction with an application store to obtain access to a subordinate licensable item that is usable by the base application, receiving a transaction receipt corresponding to the transaction for the subordinate licensable item, and obtaining, from a license server, a subordinate license that corresponds to the subordinate licensable item. Additionally, the apparatus and methods may include storing a base license for a base application on a device, acquiring a subordinate license for a subordinate licensable item usable by the base application, receiving a request to execute the base application, enforcing, by a license agent service on the device, the base license with respect to executing the base application, and enforcing, by the base application, the subordinate license during execution of the base application. | 12-06-2012 |
20120311725 | MODERATION OF SHARED DATA OBJECTS - Methods, system, and computer storage media are provided for moderating actions performed on shared data objects. Rule enforcement logic is received for an application that is associated with one or more data objects shared between various clients. The rule enforcement logic is stored at a data server that also stores data associated with data objects. A moderator, also stored on the data server, is used to enforce the rule enforcement logic corresponding to the application when a client attempts to perform an action to a data object associated with the application. | 12-06-2012 |
20120311726 | DOWNLOAD METHOD OF MEDIA CONTENTS - Disclosed is a download method of media contents, wherein an electronic book terminal is registered with a contents server to be provided with a DRM (Digital Right Message)code, and the electronic book terminal is allowed to view the media contents downloaded from the contents server by decoding the media contents using the DRM code, and where the media contents downloaded from the contents server are prevented in advance from being illegally copied and used. Furthermore, the periodically published media contents are set up for periodic subscription to allow a convenient downloading. | 12-06-2012 |
20120317657 | DIGITAL CATALOGUE RAISONNE PLATFORM - A content management system for creating a digital catalogue raisonné includes at least one computer, a public user interface, a private catalogue raisonné manager, and a private user interface. The private catalogue raisonné manager is configured to instruct at least one object-oriented database to store first digital data for at least one artist, the first digital data including at least one of an image of an artwork of the at least one artist and a description of the artwork. The private user interface is configured to receive the first digital data, transmit information permitting a user to provide a command to the content management system to make available, at the public user interface, a public catalogue raisonné including the first digital data, and receive the command to make available the public catalogue raisonné. | 12-13-2012 |
20120317658 | SYSTEM AND METHOD FOR DISTRIBUTING DIGITAL CONTENT TO BE RENDERED IN ACCORDANCE WITH USAGE RIGHTS INFORMATION - Methods, apparatus, and media for distributing digital content to at least one recipient computing device to be rendered by the at least one recipient computing device in accordance with usage rights information. An exemplary method comprises determining, by at least one sending computing device, if the at least one recipient computing device is trusted to receive the digital content from the at least one sending computing device, sending the digital content, by the at least one sending computing device, to the at least one recipient computing device only if the at least one recipient computing device has been determined to be trusted to receive the digital content from the at least one sending computing device, and sending usage rights information indicating how the digital content may be rendered by the at least one recipient computing device, the usage rights information being enforceable by the at least on recipient computing device. | 12-13-2012 |
20120317659 | SYSTEM, APPARATUS, AND MEDIA FOR GRANTING ACCESS TO AND UTILIZING CONTENT - Apparatus, system, and media for utilizing content. An exemplary system comprises a first computing device and a second computing device, wherein the first computing device transmits a request for access to content to the second computing device, receives the content from the second computing device, and grants at least one permitted utilization of the content, and wherein the second computing device receives the request for access to content from the first computing device, determines whether the first second computing device is permitted to receive the content, grants access to the content based at least in part on the first computing device being permitted to receive the content, and transmits the content to the first computing device based at least in part on the first computing device being permitted to receive the content. | 12-13-2012 |
20120317660 | SYSTEM AND METHOD FOR UTILIZING CONTENT IN ACCORDANCE WITH USAGE RIGHTS - Apparatus, method, and media for utilizing content. An exemplary method comprises storing a description structure comprising one or more usage rights, storing content associated with the one or more usage rights, receiving a request for the content, the request corresponding to a utilization of the content, determining whether the utilization corresponds to at least one of the one or more usage rights, determining whether the computing device is an authorized device, and utilizing the content in accordance with the at least one of the one or more usage rights based at least in part on a determination that the utilization corresponds to the at least one of the one or more usage rights and a determination that the computing device is an authorized device. | 12-13-2012 |
20120331568 | GROUP AUTHORIZATION METHOD AND SOFTWARE - A method for sharing information limited by permission comprising a user providing content to be shared, the user specifying a plurality of individuals or Groups with which to share the content, after the providing and specifying, automatically creating a new Group comprising the specified plurality, and distributing the content to the new Group. Also a method for sharing information limited by permission comprising compiling in an online service a plurality of individual members and Groups, providing content associated with the individuals and Groups, and displaying to a user a combined content view capable of being based on any combination of one or more of: types of Group content; Groups in which the user is a member; combinations of individual members in Groups in which the user is a member; content shared with the user by any of the user's contacts; content from sources external to the online service; access and permissions levels; and user selectable display settings. | 12-27-2012 |
20120331569 | SYSTEM AND METHOD FOR RENDERING DIGITAL CONTENT IN ACCORDANCE WITH USAGE RIGHTS INFORMATION - Methods, apparatus, and media for rendering digital content by at least one recipient computing device in accordance with usage rights information. An exemplary method comprises receiving the digital content by the at least one recipient computing device from at least one sending computing device only if the at least one recipient computing device has been determined to be trusted to receive the digital content from the at least one sending computing device, receiving, by the at least one recipient computing device, a request to render the digital content, determining, based on the usage rights information, whether the digital content may be rendered by the at least one recipient computing device, and rendering the digital content, by the at least one recipient computing device, only if it is determined that the content may be rendered by the at least one recipient computing device. | 12-27-2012 |
20120331570 | RULE-BASED APPLICATION ACCESS MANAGEMENT - A container that manages access to protected resources using rules to intelligently manage them includes an environment having a set of software and configurations that are to be managed. A rule engine, which executes the rules, may be called reactively when software accesses protected resources. The engine uses a combination of embedded and configurable rules. It may be desirable to assign and manage rules per process, per resource (e.g. file, registry, etc.), and per user. Access rules may be altitude-specific access rules. | 12-27-2012 |
20130007898 | DIGITAL MEDIA ASSET IDENTIFICATION SYSTEM & METHOD - The present invention provides a system and method for identifying and transferring digital media assets within a system through the use of identification data. The identification data is applied to each transferred copy and includes data specific to the customer and digital media asset. To facilitate transfers and ease of use the digital media assets can be made DRM-free. | 01-03-2013 |
20130007899 | Persistent Public Machine Setting - Disclosed herein are methods for protecting user information on a client device that may have a plurality of users. A user interface with a public machine designation portion is presented to a user prior to the start of the authentication process. The public machine designation removes web service account descriptions and any user specific information stored on the client device. Also, the client device is prevented from storing any new user specific information that is provided to the client device. The public machine designation is a persistent feature that may only be disabled by an affirmative action from the user. | 01-03-2013 |
20130014285 | COMMUNICATION SERVICE SYSTEM - A communication service system includes a SNS server | 01-10-2013 |
20130019321 | MULTI-MODE HANDHELD WIRELESS DEVICE - Various embodiments of the invention relate to a multi-function handheld user device that may have multiple selectable modes of operation. Various mechanisms may be provided for switching between modes. Within each mode, context awareness and situational awareness may be used to obtain additional information or perform additional functions not directly requested by the user. | 01-17-2013 |
20130019322 | CONTENT RECEIVER, LICENSE SERVER, CONTENT UTILIZATION SYSTEM, AND CONTENT VIEWING TIME LIMIT MANAGEMENT METHOD - A license receiver comprises a viewing license invalidating unit which invalidates a viewing license of a content a viewing time limit of which is not determined, and a first control unit. When the first control unit reproduces the content, (i) if the viewing license is valid, the first control unit determines the viewing time limit, and (ii) if the viewing license is invalid, the first control unit transmits a viewing license request including a request of determining viewing time limit, to the license server, and receives the determined viewing time from the license server. When the first control unit writes out the content to an exchangeable medium before reproducing the content, if the viewing license is valid, the first control unit invalidates the viewing license and writes out the non-determined viewing time limit to the exchangeable medium. | 01-17-2013 |
20130024950 | SYSTEMS AND METHODS FOR CHALLENGE-RESPONSE ANIMATION AND RANDOMIZATION TESTING - Systems and methods are provided for challenge/response animation. In one implementation, a request for protected content may be received from a client, and the protected content may comprise data. A challenge phrase comprising a plurality of characters may be determined, and a computer processor may divide the challenge phrase into at least two character subsets selected from the characters comprising the challenge phrase. Each of the at least two character subsets may include less than all of the characters comprising the challenge phrase. The at least two character subsets may be sent to the client in response to the request; and an answer to the challenge phrase may be received from the client in response to the at least two character subsets. Access to the protected content may be limited based on whether the answer correctly solves the challenge phrase. | 01-24-2013 |
20130031642 | LICENSING VERIFICATION FOR APPLICATION USE - Techniques involving detection of misuse of digital licenses pertaining to application use. An identification of unsigned applications or other use-protected applications enabled for use at a user device is obtained. The identification of such applications is directed to a licensing authority to seek digital license renewal for using the applications. A renewed digital license is received if the provided identification of use-protected applications corresponds to what is authorized by the licensing authority for use at the user device. In other embodiments, verification information may be provided to protect the identification of unsigned applications from tampering, such as information indicative of whether the identification of unsigned applications originated at the user device in which the use-protected applications are used, and indicative of whether the identification of the unsigned applications is a copy of a previous identification of the unsigned applications. | 01-31-2013 |
20130031643 | Methods and Apparatus for Sharing, Transferring and Removing Previously Owned Digital Media - The invention provide systems and methods for management of digital media objects, comprising first and second client digital data processors (e.g., personal (or private) computers, laptops, dedicated music devices, electronic book readers, and so forth) that are in communications coupling with one or more stores (e.g., dedicated disk drives, flash drives, cloud storage, etc.). At least one digital media object (DMO) or copy thereof is stored in one or more of those stores and is accessible by at least one of the first and second client digital data processors. | 01-31-2013 |
20130036479 | CONTENT RECORD TERMINAL, CONTENT RECORD/REPRODUCTION SYSTEM, AND CONTENT RECORDING METHOD - When a content write unit records a content on a medium, a control unit controls to record a dummy license which is generated by a dummy license generation unit and an expiration time limit is set into a past time, into the medium. When a recording of the content on the medium is completed, the control unit controls to delete the dummy license recorded on the medium and to record a normal license into the medium. | 02-07-2013 |
20130047270 | METHOD AND APPARATUS FOR DYNAMIC DATA FLOW CONTROL USING PRIORITIZATION OF DATA REQUESTS - A data center determines whether requested content is available at the data center. The content is available when the content is both present at the data center and current. When the requested content is available at the data center, the data center returns the requested content to the browser. When the requested content is locally unavailable at the data center, the requested content is retrieved from an origin server. When retrieval of the content is delayed, the request is prioritized and placed in a queue for handling by the origin server based on the priority of the request. A status page may be communicated to the browser to inform a user of the delay and provide alternate content and status information related to the request determined as a function of the request or the current state of the origin server. | 02-21-2013 |
20130067598 | TECHNIQUES FOR PRESENTING AND COLLECTING END USER LICENSE AGREEMENT ACCEPTANCE - Techniques are disclosed for presenting and collecting end user license agreement acceptance for software applications or firmware components executed on a computing appliance. A sentry component allows only certain commands to be executed before the relevant end user license agreements are accepted, e.g., commands to configure a network interface and web server on the appliance executed on a shell over a serial interface. Once configured the web server is used to provide a rich interface for presenting end user license agreements and obtaining acceptance thereof. Once the user accepts the terms of the relevant license agreements, then the appliance is made active and all configuration commands become operational, including commands needed to configure the device and start services which would otherwise be prohibited by the sentry component prior to license acceptance. | 03-14-2013 |
20130067599 | Software distribution service federation - Software update distribution techniques are disclosed. Authentication information is received, from a content source authenticator, by an update agent included in a client device. The authentication information comprises a list of a plurality of content sources, wherein the plurality of content sources have been verified by the content source authenticator as being authentic content sources for legitimate software applications. The update agent selects a first content source of the plurality of content sources, where the first content source is configured to provide updates for a first software application. The update agent checks the first content source for updates for the first software application. | 03-14-2013 |
20130086697 | Systems and methods for pairing identification data to a network-based service - Disclosed are methods and systems of providing access, indexing, and/or connecting a user to a network-based service, associated with a particular entity, using an identifier that can be uniquely associated with the particular entity (e.g., with respect to a given scope of identification), can be proprietary to the entity, and/or issued by a third-party (i.e., a party not providing the method or system). A method can comprising receiving from a client computer system an entity identifier uniquely associated with a real world entity in a scope of identification, the entity identifier being issued by a third-party in association with the real world entity. The method can select a network-based service uniquely associated with the entity identifier, determine a public access parameter to the network-based service, and provide the client computer system with public access to the network-based service according to the public access parameter. | 04-04-2013 |
20130086698 | METHOD AND APPARATUS FOR DISTRIBUTED UPLOAD OF CONTENT - A system and method for distributed uploading of content utilizes one or more viewer systems, coupled over a network to a remote content source, to upload transmit at least a portion of the content to a remote storage system along with authorization/identification indicia identifying the viewer system. In one embodiment, fractional portions of the same content program from multiple different viewer systems are aggregated at the remote storage system for subsequent download streaming to a requesting of the viewer systems for viewing thereby at a second time, which is time-shifted from the initial transmission from the content source. | 04-04-2013 |
20130086699 | AGGREGATION SYSTEM - A machine and methods, the machine including a computer, networking hardware connecting the computer to the Internet, and a memory storing executable instructions which when executed, enable the end-user computer system to perform the operations of: connecting to a plurality of sites on the Internet; authenticating itself with each of the sites; retrieving information from each of the sites; parsing the information from each of the sites so as to produce an aggregation of the parsed information, wherein the aggregation is produced at the end-user computer system; and rendering the aggregation as output. | 04-04-2013 |
20130104247 | Verification Of Content Possession By An Announcing Peer In A Peer-To-Peer Content Distribution System - A tracker node verifies content possession by a peer node in a peer-to-peer content distribution system. Upon receiving an announcement that a peer node claims to possess a content item, the tracker node in one embodiment obtains the content item, selects a random portion of the content item; formulates a challenge based on the random portion of the content item and determines an expected challenge response. The challenge may comprise, for example, a request for a hash of the random portion (or alternatively, a hash of the random portion and a random seed value). The tracker node issues the challenge to the announcing node and verifies the announcing node's possession of the content item if the challenge response from the announcing node matches the expected challenge response. | 04-25-2013 |
20130104248 | Distributing Licensed Content Across Multiple Devices - Distributing licensed content across multiple devices, including: identifying, by a mobile device, licensed content being presented by a local presentation device; determining, by the mobile device, whether the mobile device is eligible to receive the licensed content; requesting, by the mobile device, a license for the licensed content being presented by the local presentation device; receiving, by the mobile device, the license for the licensed content being presented by the local presentation device; receiving, by the mobile device, licensed content for mobile device presentation; and presenting, by the mobile device, the licensed content for mobile device presentation. | 04-25-2013 |
20130111609 | Highly secure method for accessing a dispersed storage network | 05-02-2013 |
20130117861 | SYSTEM ALLOWING THE DISPLAY OF A PRIVATE COMPUTER FILE ON A SCREEN OF A TELECOMMUNICATIONS TERMINAL AND CORRESPONDING METHOD - A system allows the display of a private file on a screen of a telecommunications terminal. This system includes a first and a second Internet site. In the first Internet site, a first image contains a coded link to an address of a file of the second Internet site. The private file is stored in encrypted form in the meta data of the file in the second Internet site. A program recognizes the coded link and searches the meta data of the file whose Internet address corresponds to the coded link for authorization of a person connected to the first Internet site to view the private file. The program downloads the private file of the second Internet site via a remote protocol from the telecommunications terminal if viewing is authorized, to display the private file on the screen. | 05-09-2013 |
20130117862 | METHOD OF AUTHENTICATING SUBSCRIPTION TO A MOBILE CONTENT SERVICE - This invention relates to a method of authenticating subscription to a mobile content service. Currently, the known methods of authenticating subscription to a mobile content service are unsatisfactory due to their susceptibility to fraud and their complexity. The present invention obviates the problems with the known methods by introducing a third party Unique Identifier verifier | 05-09-2013 |
20130117863 | Method and Apparatus for Enabling Secure Distribution of Digital Content - A digital content management system includes a host machine and a delivery machine remote from the host machine. The host machine sends validation agent software to the delivery machine, which executes the validation agent. The validation agent performs one or more tests or observations to determine whether the delivery machine has been compromised, and communicates the results of the tests or observations to the host machine. If the host machine determines that the delivery machine has not been compromised, the host machine sends digital content to the delivery machine, and a player module at the delivery machine delivers the content to the user according to an appropriate set of access rights. After delivering the content, the delivery machine deletes the content to prevent unwanted access to the content. The content can contain signals indicative that the content is legitimate, such as watermarks or bad code segments or sectors. | 05-09-2013 |
20130152217 | MACHINE-TO-MACHINE APPARATUS CAPABLE OF FACILITATING ADDITION OF EXTENSION FUNCTIONALITIES - Disclosed is a Machine-To-Machine (M2M) apparatus capable of facilitating addition of extension functionalities. The apparatus includes an input/output unit configured to connect with an external peripheral, a wireless communication unit configured to connect with the external peripheral or a control center (server), a storage unit configured to store details about the exchange of data between the input/output unit and the wireless communication unit, programs of one or more inherent functionalities and scripts of one or more extension functionalities, Application Programming Interfaces (APIs) and libraries configured to be provided to obtain a command code of each of the extension functionalities from the script of the extension functionality, control means configured to verify a right to use to determine whether to execute the command code, and an interpreter configured to provide an environment in which command codes of the APIs and libraries are sequentially executed, and to add the extension functionality. | 06-13-2013 |
20130152218 | COMPUTER-READABLE MEDIUM RECORDED WITH INFORMATION PROCESSING PROGRAM, INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING SYSTEM, AND INFORMATION PROCESSING METHOD - An example information processing program that causes a computer of an information processing apparatus | 06-13-2013 |
20130160144 | ENTITY VERIFICATION VIA THIRD-PARTY - Among other things, one or more techniques and/or systems are provided for verifying an identity of an entity via a third-party authentication system. As an example, an entity may be logged into a website and may have certain access permissions given the manner within which the entity was logged into the website. The entity may attempt to access, via the website, protected data owned by the website and/or owned by a third-party (e.g., social networking website). If the access permissions presently associated with the entity do not allow the entity to access the protected data, a request may be made to the third-party authentication system (e.g., operated by the social networking website) to verify the identity of the entity before increasing the access permissions to grant the entity access to the protected data. | 06-20-2013 |
20130160145 | SYSTEM AND METHOD FOR ASSET LEASE MANAGEMENT - Disclosed herein are systems, methods, and non-transitory computer-readable storage media for asset lease management. The system receives, from a client device associated with a user profile, a lease start request for an asset for which the user profile is authorized. The system identifies a number of available slots for progressively downloading content. If the number of available slots is greater than zero, the system assigns an available slot from the number of available slots to the client device to yield an assigned slot. The system transmits security information, a lease key, and a lease duration associated with the assigned slot to the client device in response to the lease start request, wherein the security information and lease key allow the client device to start a progressive download of the asset for the lease duration. At the end of the lease, the system terminates the lease and releases the assigned slot. | 06-20-2013 |
20130167252 | AUTONOMOUS ACCESS CONTROL - Methods and devices for controlling actions associated with a plurality of resources available on a computing device are described herein. One example embodiment comprises: presenting a request for a usage preference that indicates a manner in which the computing device is preferred to be used; receiving input indicating the usage preference; determining an action for a resource that is to be controlled in order to satisfy the usage preference, wherein the determining is performed according to a heuristic that maps the usage preference to the action for the at least one resource; and controlling whether or not to allow the action to be performed; wherein the request for the usage preference or the input identifying the usage preference does not explicitly indicate that the determined action is to be controlled in order to satisfy the usage preference. | 06-27-2013 |
20130167253 | METHOD AND APPARATUS FOR PROVIDING CLOUD-BASED DIGITAL RIGHTS MANAGEMENT SERVICE AND SYSTEM THEREOF - A method for providing a Digital Rights Management (DRM) service in a network is provided. The method includes receiving a request message for device registration, which includes DRM-related identification information, from a user device; and registering registration information of the user device, which is distinguished according to a corresponding user account and according to a corresponding DRM solution, based on the DRM-related identification information. | 06-27-2013 |
20130174278 | DIGITAL RIGHTS MANAGEMENT (DRM) SERVICE CONTROL METHOD, APPARATUS, AND SYSTEM - A digital rights management service control method, including: receiving an authorization file request transmitted from a client terminal for a selected service operation; obtaining an authorization file template matching an authorization type included in the authorization file request; generating, based on the obtained authorization file template, an authorization file including digital resource feature information included in the authorization file request and rights feature information; and transmitting the generated authorization file to the client terminal. | 07-04-2013 |
20130174279 | Secure Read-Write Storage Device - A method and system for securing a read write storage (RWS) device, the method comprising, providing the RWS device, the RWS device comprising a controller comprising a processor and a bit bucket storing data, and employing the controller to corrupt at least a portion of the data. | 07-04-2013 |
20130179991 | SYSTEMS AND METHODS FOR ENFORCING SECURITY IN MOBILE COMPUTING - Methods and systems described herein relate to enhancing security on a device by configuring one or more software functions in a trusted zone of a processor using object firewalls, IPC mechanisms, and/or a policy engine. | 07-11-2013 |
20130185810 | CONTROLLED SERIALIZATION AND/OR DESERIALIZATION - Among other things, one or more techniques and/or systems are provided for controlling the serialization of data into a serialized structure and/or the deserialization of data from the serialized structure. That is, a first client may request serialization of data comprising one or more entities. Entities that the first client has permission to serialize may be serialized for inclusion within a serialized structure, which may be encrypted. A set of deserialization permissions specifying which entities may be accessed by which clients may be defined for the serialized structure. In this way, one or more entities within the serialized structure may be deserialized for a second client based upon evaluating the second client against the set of deserialization permissions to determine which entities the second client has permission to access. The serialized structure may otherwise remain encrypted to provide sustained protection of serialized data comprised therein. | 07-18-2013 |
20130185811 | SUSTAINED DATA PROTECTION - Among other things, one or more techniques and/or systems are provided for sustained data protection. In particular, a data protector may define a set of access levels associated with content within data using a set of access policies (e.g., a partial access level to inventory data for an inventory server, a full access level to inventory data and billing data for a shopping website server, etc.). The data protector may secure (e.g., encrypt) the data to create protected data, so that clients may be unable to access content of the protected data without obtaining access through the data protector. In this way, the data protector may selectively provide clients with access to content within the protected data according to respective access levels for the different clients (e.g., access to inventory data, but not billing data, may be provided to the inventory server by the data protector). | 07-18-2013 |
20130185812 | SYSTEM AND METHOD FOR SECURE CLOUD COMPUTING - In a method for secure cloud computing, a virtual machine (VM) associated with a client is executed at a computer within a trusted computing cloud. An image including state information of the VM is obtained; storage of the image is arranged; a freshness hash of the image is determined; and the freshness hash is sent to the client. Subsequently, at the same computer or at a different computer within the trusted computing cloud, the stored image may be retrieved; a freshness hash of the retrieved image may be determined; the freshness hash of the retrieved image may be sent to the client; and an indication may be received from the client verifying the integrity of the freshness hash of the stored image. | 07-18-2013 |
20130185813 | ACTIVATION OF DEVICE HAVING LIMITED USER INTERFACE - An electronic device performing device activation includes: a wireless communication module operated in an access point (AP) mode to perform communication with a mobile terminal or operated in a client mode to perform communication with a server; an input unit configured to receive a signal requesting conversion of a mode of the wireless communication module; and a controller configured to convert a mode of the wireless communication module and generate device identification information, wherein when a mode conversion request signal is received by the input unit, the controller converts the wireless communication module to the AP mode, and when user authentication information is received from the mobile terminal, the controller converts the wireless communication module into the client mode and transmits an activation request for requesting performing a registration to a device management server based on the user authentication information and the device identification information. | 07-18-2013 |
20130185814 | TECHNIQUES FOR PRESENTING AND COLLECTING END USER LICENSE AGREEMENT ACCEPTANCE - Techniques are disclosed for presenting and collecting end user license agreement acceptance for software applications or firmware components executed on a computing appliance. A sentry component allows only certain commands to be executed before the relevant end user license agreements are accepted, e.g., commands to configure a network interface and web server on the appliance executed on a shell over a serial interface. Once configured the web server is used to provide a rich interface for presenting end user license agreements and obtaining acceptance thereof. Once the user accepts the terms of the relevant license agreements, then the appliance is made active and all configuration commands become operational, including commands needed to configure the device and start services which would otherwise be prohibited by the sentry component prior to license acceptance. | 07-18-2013 |
20130198866 | APPLICATION LICENSING USING SYNC PROVIDERS - A method, system, and computer-readable storage media for licensing an application using sync providers are provided herein. The method includes receiving a request for a license for an application from a client sync provider at a licensing service and receiving information relating to the license from a commerce partner offering the application via a commerce partner sync provider. The method also includes returning the license for the application to a client computing device, receiving information relating to a state of the license from the client sync provider, and adjusting conditions of the license according to the state of the license. | 08-01-2013 |
20130198867 | A Docking Station for Portable Devices Providing Authorized Power Transfer and Facility Access - A docking station for docking portable electronic devices is disclosed. The docking station is configured to mechanically accept and operatively interface with the portable electronic device for non-contact charging and data transfer. The docking station can provide security features for providing and/or restricting access to computational facilities such as printers, databases, installed programs, etc. Such security features can include installing applications on such portable devices that limit access. | 08-01-2013 |
20130198868 | METHODS AND APPARATUS FACILITATING ACCESS TO STORAGE AMONG MULTIPLE COMPUTERS - Multiple computers in a cluster maintain respective sets of identifiers of neighbor computers in the cluster for each of multiple named resource. A combination of the respective sets of identifiers define a respective tree formed by the respective sets of identifiers for a respective named resource in the set of named resources. Upon origination and detection of a request at a given computer in the cluster, a given computer forwards the request from the given computer over a network to successive computers in the hierarchical tree leading to the computers relevant in handling the request based on use of identifiers of neighbor computers. Thus, a combination of identifiers of neighbor computers identify potential paths to related computers in the tree. | 08-01-2013 |
20130205411 | METHOD FOR PROTECTING DATA CONTENT - A method is provided for protecting data content against illegal copying. The data content is provided by an entertainment system and is output to output units in an authorized playback environment for playing back the data content. The method includes transmitting the data content in the authorized playback environment from the entertainment system to an output unit, and adding an interference signal to the data content such that, during playback of the data content outside the authorized playback environment a disruption is induced. | 08-08-2013 |
20130205412 | ON BOARD VEHICLE MEDIA CONTROLLER - The present disclosure describes a microprocessor executable media controller on board a vehicle operable (a) to determine a first spatial location of an external communication device, the external communication device being in wireless communication with the on board media controller and the first spatial location being associated with a first set of restrictions, the first set of restrictions being at least one of a control on connectivity access by the external communication device, a restriction on the connectivity access, and a restriction on one or more functions of the external communication device and (b), in response, to apply the first set of restrictions. | 08-08-2013 |
20130212707 | Document control system - Systems and techniques to provide a document control system. In general, in one implementation, the technique includes: receiving, at a permissions-broker server, a request from a client to take an action with respect to an electronic document, identifying, at the permissions-broker server and in response to the request, first document-permissions information associated with the electronic document, the first document-permissions information being in a first permissions-definition format, translating, at the permissions-broker server, the identified first document-permissions information into second document-permissions information in a second permissions-definition format, and sending the second document-permissions information to the client to govern the action with respect to the electronic document at the client. The first permissions-definition format can include at least one type of permission information that cannot be fully defined in the second permissions-definition format, and translating the first information into the second information can involve translating based upon additional information associated with the request. | 08-15-2013 |
20130212708 | SYSTEM AND METHODS THEREOF FOR DETECTION OF CONTENT SERVERS, CACHING POPULAR CONTENT THEREIN, AND PROVIDING SUPPORT FOR PROPER AUTHENTICATION - An apparatus and methods thereof provide for efficient usage of network bandwidth and ability to identify whether a client is authorized to receive such bandwidth. Content provided by a content source for a first content consumer is stored in the apparatus located in between the content source and the content consumer allowing delivery of such content to another content consumer from the apparatus thereby reducing the overall network load. For protected content, the apparatus identifies the need for authorization and provides a random identification to the target content consumer and storing that random identification as well as at least another parameter associated thereto such that when revalidation is necessary the content consumer can be validated by the apparatus. | 08-15-2013 |
20130212709 | System and Method for Securing Virtual Computing Environments - A computer implemented method includes introducing unpredictable temporal disruptions to the operating states of an authorized process and an unauthorized process. The authorized process is migrated to a virtual machine to avoid the unpredictable temporal disruptions while the unauthorized process is subject to the unpredictable temporal disruptions and thereby experiences an unstable environment that induces operating faults. | 08-15-2013 |
20130219519 | PHYSICAL KEY SECURE PERIPHERAL INTERCONNECTION - A multi-display device can interface with two or more different types of docking stations. The device can determine the type of dock and change the pin outs for a connector to interface with that dock. Once docked, the device can determine a charge status for the device and the dock to present the status to the user. Further, the dock can enter one of several modes, including a call receipt mode and an entertainment mode. The modes allow for expanded functionality for the device while docked. Two particular docks, the laptop dock and the smart dock, provide special functionality with the device. | 08-22-2013 |
20130227710 | SYSTEM AND METHOD FOR SECURING LEASED IMAGES IN A CLOUD ENVIRONMENT - Provided is a system, method, and computer-readable storage medium having one or more computer-readable instructions thereon for providing leased images in cloud computing environments. The method includes monitoring a usage of a leased image provided by a cloud vendor, by a client computing device. A threshold period of time associated with the usage is determined. Whether an access to the leased image should be terminated based upon an expiry of the threshold period of time or based upon a request received from the client computing device is determined. The image is locked based upon whether the access to the leased image should be terminated. An access request received for the locked image is monitored; and access to the locked image is enabled when it is determined that the access request is valid. | 08-29-2013 |
20130227711 | Controlled Access by Applications to Mobile Device Resources - There is provided a system and method for controlled access by applications to mobile device resources. The method comprises receiving a request from one of a plurality of applications to access a first resource of a plurality of resources, determining whether the first resource of the plurality of resources is classified as a protected resource, if the determining determines that the first resource of the plurality of resources is classified as the protected resource, identifying an application authorization for the first resource, and configuring access by the one of the plurality of applications to the first resource according to the application authorization. Based on the application authorization, the method may further configure access by the one of the plurality of applications to a second resource of the plurality of resources. Additionally, the first resource of the plurality of resources may be connected to a communication network resource. | 08-29-2013 |
20130232584 | METHOD, SECURE DEVICE, SYSTEM AND COMPUTER PROGRAM PRODUCT FOR SECURELY MANAGING FILES - A method, a secure device and a computer program product for securely managing files. The method includes providing a secure device, where the secure device is protected by design against malicious software or malware and adapted to establish a connection to a server via a host, the host connected to the server through a telecommunication network, upon receiving a request for using a file stored on the secure device, processing the request at the secure device according to an updated use permission associated to the file, where the updated use permission is obtained by instructing at the secure device to establish a connection between the secure device and the server via the host and updating at the device the use permission associated to the file, according to permission data sent from the server through the established connection. | 09-05-2013 |
20130232585 | METHOD AND APPARATUS FOR ROAMING DIGITAL RIGHTS MANAGEMENT CONTENT IN DEVICE - A device includes an authentication unit that issues disposable authentication information to a mobile device which stores a rights object; a receiver that receives a request for remote authentication from an unauthorized device; and a transmitter that transmits a data that approves the remote authentication of the unauthorized device. The data that approves the remote authentication is transmitted to the mobile device via the unauthorized device, a disposable rights object, which is converted from the rights object for a temporary use of content, is transmitted to the unauthorized device according to a result of determining the data, and the mobile device and the unauthorized device are connected via a network. | 09-05-2013 |
20130239231 | Communication Between Web Applications - In an embodiment, communication is controlled between a service provider web application executed in a first web browser instance on a device platform of the device and a partner web application executed in a second web browser instance on the device platform. A signal is received, at a control module at the device, from the partner web application, the signal for initiating communication between the partner web application and the service provider web application. The control module, provided by the service provider and installed on the device, uses technology that is native to the device platform. The control module uses a list of partners approved by the service provider to determine whether the partner web application is approved for communication with the service provider web application. If the control module determines the partner web application is approved, the control module allows communication to proceed. | 09-12-2013 |
20130239232 | ENTERPRISE LICENSE REGISTRAR ANCHOR POINT - Methods and systems for providing an enterprise license registrar anchor point are provided. More particularly, an enterprise license registrar is established within an enterprise system using license files and a certificate provided by an external license authority. The enterprise license registrar operates within the enterprise system to maintain a record of allocations of license rights by license manager servers to application instances. The enterprise license registrar logs the report data. The log files are digitally signed or encrypted to prevent tampering by the enterprise system, and are delivered to the external license authority, without requiring a persistent connection between the external license authority and the enterprise system. The enterprise system can comprise a virtualized environment. | 09-12-2013 |
20130239233 | Interoperable Keychest for Use by Service Providers - There is provided a system and method for distributors to use an interoperable key chest. There is provided a method for use by a distributor to obtain content access authorizations from a key chest or central key repository (CKR), the method comprising receiving a user request from a user device for access to an encrypted content identified by a content identification, transmitting a key request to the CKR including the content identification, receiving an encrypted first key from the CKR, decrypting the encrypted first key using a second key to retrieve the first key, and providing a DRM license for the encrypted content to the user device using the first key for use by the user device to decrypt the encrypted content using the first key. By generating such DRM licenses, distributors can unlock protected content even sourced from distributors using different DRM schemas. | 09-12-2013 |
20130247226 | CONNECTIVITY-BASED AUTHORIZATION - Techniques which allow definition and enforcement of connectivity-based action and execution authorization policies. On a computer, an action or execution attempt is intercepted in real-time. The connectivity state of the computer, the subject process, the program file of the subject process, the attempted action and the object of the attempted action are determined. An authorization policy considering the connectivity state indicates whether the attempted action is authorized or not. In a tracking mode, the attempted action and its authorization are logged and the attempted action is allowed to proceed. In an enforcement mode, unauthorized attempts are blocked and logged, thereby enforcing the authorization policy. | 09-19-2013 |
20130247227 | Strategies for Controlling Use of a Resource that is Shared Between Trusted and Untrusted Environments - A strategy is described for controlling access to a resource which is shared between a trusted environment and an untrusted environment. The resource can represent a clipboard module. The trusted environment can include trusted client functionality, while the untrusted environment can include potentially untrusted network-accessible entities (e.g., websites) which seek to access the clipboard module. The strategy provides a security presentation which notifies a user when a network-accessible entity is attempting to access the clipboard module, identifying the entity which is making the attempt, together with the nature of the information being read or added to the clipboard module. The security presentation invites the user to approve or deny the particular attempt (or all such attempts from the network-accessible entity), and/or clear the clipboard module. The security presentation does not block the user's interaction with other parts of a user interface presentation. | 09-19-2013 |
20130247228 | METHOD, SYSTEM AND SERVER FOR DIGITAL RIGHT MANAGEMENT - This application discloses methods, systems, and servers for digital right management. One such method may include the steps of: combining content of multiple digital files selected by a user into a new digital file; encrypting the new digital file and generating authorization information according to a key used in the encryption and information of a client where the user logs in; and transmitting the authorization information to the client to instruct the client to use the new digital file based on the authorization information. In some embodiments, contents of multiple digital files selected by a user may be combined into a new digital file, and authorization information for the new digital file may be transmitted to the client, thus achieving authorization for digital works from multiple sources. | 09-19-2013 |
20130254902 | CONTENT RESTRICTION COMPLIANCE USING REVERSE DNS LOOKUP - A method for alerting Internet content providers of the age or other personal information of a computer user, which includes receiving a reverse DNS lookup query from an Internet content provider; and providing the age information of the computer user, in addition to a host name, from a reverse map zone file in response to the request. The personal information may be used by the content provider to select appropriate content for the requesting host, for example for complying with content restrictions. A system of alerting an Internet content provider of the age or other personal information of a computer user is also provided. | 09-26-2013 |
20130254903 | INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSOR, IMAGE FORMING APPARATUS, AND INFORMATION PROCESSING METHOD - An information processing system including multiple apparatuses capable of executing one or more applications and an information processor connected to the apparatuses through a first network is disclosed. The information processing system includes a license status information obtaining part configured to obtain the license status information of the applications installed in each of the apparatuses from the corresponding apparatuses through the first network, a license data obtaining part configured to obtain license data authorizing usage of the applications from a computer connected through a second network based on the license status information, and a license data delivery part configured to deliver the license data to each of the apparatuses. | 09-26-2013 |
20130269042 | OPTIMIZING SECURITY SEALS ON WEB PAGES - A method of providing web site verification information to a user can include receiving a DNS query including a host name and a seal verification site name, parsing the DNS query, and extracting the host name from the DNS query. The method also can include accessing a DNS zone file including a list of Trust Services customers and determining if the host name is associated with a Trust Services customer in the list of Trust Services customers. The method further can include transmitting a positive identifier to the requester if the host name is associated with a Trust Services customer and transmitting a negative identifier to the requester if the host name is not associated with a Trust Services customer. In a specific embodiment, the Trust Services include issuance of digital certificates. | 10-10-2013 |
20130276144 | WIRELESS SENSOR FIELD ENUMERATION - A system for authenticating data acquired by multiple sensors prior to storing the data in a database is described. The system also authenticates users requesting data access and intelligence agents that provide analyses of data stored in the database. As a result, any data or data analysis obtained from the system is traceable and reliable. | 10-17-2013 |
20130276145 | METHOD AND SYSTEM FOR REGISTERING A PRESENCE USER WITH A PRESENCE SERVICE - A method, performed by a registrar of a presence service, for registering a user with a presence service. The method entails negotiating a key with a client device operated by the user in order to establish an encrypted communications channel between the client device and the registrar via a proxy node, authenticating the user by exchanging messages through the encrypted communications channel and through a separate e-mail channel, binding a universally unique identifier identifying the user with one particular function node that is interposed between the proxy node and a publish-subscribe subsystem of the presence service and creating a user profile for the user and storing the user profile in a persistent data store. | 10-17-2013 |
20130276146 | METHOD AND APPARATUS TO USING STORAGE DEVICES TO IMPLEMENT DIGITAL RIGHTS MANAGEMENT PROTECTION - Embodiments of systems, apparatuses, and methods to securely download digital rights managed content with a client are described. In some embodiments, a system establishes a secure root of trust for the client. In addition, the system establishes a secure tunnel between an agent of the client and a storage system of the client. Furthermore, the system securely downloads the digital rights managed content to the storage system via the secure tunnel and securely provides the digital rights managed content from the storage system to a display. | 10-17-2013 |
20130283399 | REMOTE OPERATION SYSTEM, RELAY DEVICE, COMMUNICATION DEVICE, AND REMOTE OPERATION METHOD - The present invention provides a remote operation system, a relay device, a communication device, and a remote operation method which are capable of executing collective remote operations. The remote operation system according to the present invention includes communication devices ( | 10-24-2013 |
20130291125 | Method and Apparatus for Facilitating the Transfer of a Software License between Computer Systems - One embodiment of the present invention provides a system that facilitates the transfer of a software license from a first client to a second client. The system operates by receiving a request at the first client to deactivate the software license for an associated application installed on the first client. The system then receives a deactivation request that includes an identifier for the license at a license activation server from the first client. Next, the system validates the identifier on the license activation server to determine if the identifier is a valid identifier. If so, the system sends a deactivation message to the first client, receives a deactivation response from the first client, and increments a count of license instances available for the identifier on the license activation server. | 10-31-2013 |
20130298261 | ACTIVATING LICENSABLE COMPONENT PROVIDED BY THIRD PARTY TO AUDIO VIDEO DEVICE - An audio-video display device can download from a third party server a licensable component on which a royalty is to be paid. Various methods are disclosed for accounting for royalties associated with downloading the licensable component to the client device between the third party server and a client device manufacturer server. | 11-07-2013 |
20130305391 | Common Computing Apparatus Providing Distinct Non-Certified And Certified Computing Platforms - An example apparatus includes a non-certified computing platform, a certified computing platform and a user interface. The non-certified computing platform includes first hardware and configured to host non-certified software. The certified computing platform is separate and distinct from the non-certified computing platform, and it includes second hardware and configured to host certified software in a partitioned environment. The user interface is coupled to both platforms and includes a display coupled to both the first hardware and second hardware via a controllable switch. According to this example, the non-certified computing platform and certified computing platform are configured to host the non-certified software and certified software such that both are capable of operating concurrently. | 11-14-2013 |
20130305392 | SYSTEM, DEVICE, AND METHOD OF SECURE ENTRY AND HANDLING OF PASSWORDS - Devices, system, and methods of secure entry and handling of passwords and Personal Identification Numbers (PINs), as well as for secure local storage, secure user authentication, and secure payment via mobile devices and via payment terminals. A computing device includes: a secure storage unit to securely store a confidential data item; a non-secure execution environment to execute program code, the program code to transport to a remote server a message; a secure execution environment (SEE) to securely execute code, the SEE including: a rewriter module to securely obtain the confidential data item from the secure storage, and to securely write the confidential data item into one or more fields in said message prior to its encrypted transport to the remote server. | 11-14-2013 |
20130305393 | METHOD FOR CONFIGURING ACCESS RIGHTS, CONTROL POINT, DEVICE AND COMMUNICATION SYSTEM - In a method for configuring access rights, a UPnP (Universal Plug and Play) device receives CPID information sent by a first CP without administrator rights, wherein the CPID information comprises an ID of another CP obtained by the first CP. Then the UPnP device sends a CPID list that carries the CPID information to a second CP with administrator rights. And the UPnP device receives a CP right configuration command sent by the second CP, and configures access rights for at least one CP corresponding to a CPID in the CPID list. | 11-14-2013 |
20130318633 | DATA EXCHANGE BETWEEN APPLICATIONS OF AN ELECTRONIC DEVICE - An electronic device includes a requesting application and a hosting application. When the requesting application requests permission from the hosting application to access a category of data, the device identifies the requesting application and the permission request. The device awaits a user input to determine whether the user will permit the requesting application's request to be granted. | 11-28-2013 |
20130333055 | SYSTEM AND METHOD FOR TRANSFERENCE OF RIGHTS TO DIGITAL MEDIA VIA PHYSICAL TOKENS - A system and method for transferring digital content includes a physical token incorporating a Near Field Communication (“NFC”) tag that represents a virtual gift of digital content such as an eBook. The tag can include a Uniform Resource Locator (URL) that can be used to gain access to the electronic content which can be stored on a remote server. A unique identifier on the tag is associated with gifted digital content. This association is preferably stored on a remote server in the “cloud”. A user receiving the physical and places it on or next to their electronic device, which includes an NFC receiver, and the device reads the tag and connects to the remote server. The remote server validates the information on the token and provides the user with access to the digital content, such as downloading the digital content to the user's electronic device. | 12-12-2013 |
20130340098 | Method for Outsourcing Data for Secure Processing by Untrusted Third Parties - Data is generated in a client based on events at a client, wherein each event is associated with a first dimension, a second dimension and a quantity. A random value is generated for each interval of the first dimension and each instance of the second dimension. The quantity of each event is modified using the random value to determine a modified quantity. A running total for each interval of the first dimension and each instance of the second dimension is determined using the modified quantities and transmitted to an untrusted third party. An exact result of processing the modified quantities and the running totals by the untrusted third party can then be received and decoded by the client. | 12-19-2013 |
20130340099 | SYSTEM, METHOD AND APPARATUS FOR ELECTRONICALLY PROTECTING DATA AND DIGITAL CONTENT - A system, method and apparatus for protecting sensitive data in a file that has been replaced with pointer(s) for each sensitive data. The sensitive data items are protected by restricting subsequent access to and use of the sensitive data items via the pointers by: receiving a first request for data stored in a file on the data storage, determining whether the requested data includes at least one of the pointers, providing the requested data whenever the requested data does not include any of the pointers, and performing the following steps whenever the requested data includes at least one of the pointers: sending a second request containing the pointer(s) included in the requested data to the server that authenticates the second request, denying the first request whenever the authentication fails, and receiving and providing the extracted data item(s) corresponding to the pointer(s) included in the requested data whenever the authentication succeeds. | 12-19-2013 |
20130347130 | METHODS AND APPARATUS FOR DYNAMICALLY PROVIDING MODIFIED VERSIONS OF ELECTRONIC DEVICE APPLICATIONS - A computer-implemented method for dynamically delivering a securitized version of an application to a mobile device in a computing system programmed to perform the method includes receiving a request for the application from a mobile device; sending the request for the application to an application server, receiving the application from the application server in response to the request for the application, determining with the computing system, a securitized version of the original requested application, and sending the securitized version of the application to the mobile device. In the invention, if the securitized version is not previously held in storage by the computing device, the computing device creates the securitized version and sends that to the mobile device. | 12-26-2013 |
20130347131 | Systems and Methods Involving Features of Hardware Virtualization Such as Separation Kernel Hypervisors, Hypervisors, Hypervisor Guest Context, Hypervisor Contest, Rootkit Detection/Prevention, and/or Other Features - Systems, methods, computer readable media and articles of manufacture consistent with innovations herein are directed to computer virtualization, computer security and/or data isolation. According to some illustrative implementations, innovations herein may utilize and/or involve a separation kernel hypervisor which may include the use of a guest operating system virtual machine protection domain, a virtualization assistance layer, and/or a rootkit defense mechanism (which may be proximate in temporal and/or spatial locality to malicious code, but isolated from it), inter alia, for detection and/or prevention of malicious code, for example, in a manner/context that is isolated and not able to be corrupted, detected, prevented, bypassed, and/or otherwise affected by the malicious code. | 12-26-2013 |
20140007262 | Method, an Apparatus and a Computer Program Product for Extending an Application in a Client Device | 01-02-2014 |
20140013449 | Delayed validation for software licensing and activation - According to some embodiments, a method, an apparatus and a system perform delayed validation for software licensing and activation. In some embodiments, a method includes receiving a request to execute a software application having a license. The method also includes permitting execution of the software application. The method includes validating the license subsequent to the permitting of the execution of the software application. | 01-09-2014 |
20140013450 | METHODS AND DEVICES FOR FACILITATING A DOWNLOAD SESSION - Methods and devices for facilitating download of content, particularly data, from a third-party server using an administration server. The administration server receives a request from an electronic device to download content from the third-party server over a wireless network connection. It then generates an authorization message in response to the request based on applying one or more pre-determined rules to the request, wherein the one or more pre-determined rules are based on an estimate of wireless network traffic load and sends the authorization message to the electronic device indicating whether the electronic device is authorized to establish a download session with the third-party server. | 01-09-2014 |
20140013451 | DATA OBFUSCATION FOR OPEN DATA (ODATA) COMMUNICATIONS - Techniques and configurations for implementing data obfuscation for Representational State Transfer (RESTful) web service communications such as those communicated using an Open Data (OData) protocol are described. In one example embodiment, an obfuscation service includes an OData client, an OData server, and an OData obfuscation data server, the obfuscation service operating to intercept and process OData web service requests being transmitted from requesting clients to backend enterprise data services. The obfuscation service may include or integrate with an obfuscation engine, including a context engine, a rules engine, and a hierarchical mapping engine to determine rules for data obfuscation based on determined context and hierarchical mappings. The obfuscation service may apply the determined rules to provide specific access control and data obfuscation results of data retrieved from the backend enterprise services. | 01-09-2014 |
20140020117 | SERVER, RECORDING MEDIUM, AND IMAGE DISPLAY SYSTEM - A server connectable to an apparatus providing contents and an image display apparatus includes an index information processing part configured to provide the image display apparatus with index information for causing a list of information items associated with the contents to be displayed by the image display apparatus, an image data processing part configured to provide the image display apparatus with image data for causing a content associated with an information item selected from the list to be displayed by the image display apparatus, and an apparatus authentication part configured to cause the index information processing part and the image data processing part to execute respective processes when the identification information of the image display apparatus that has requested to obtain the content associated with the selected information item by using access authority information regarding authority to access the content is managed in correlation with the access authority information. | 01-16-2014 |
20140020118 | Authorization Method and Terminal Device - Embodiments of the present invention provide an authorization method and a terminal device. A terminal device receives a right application request from a control device having no access right. The terminal device notifies a control device having an administrator right to assign a right to the control device having no access right. The terminal device receives a right assignment command from the control device having an administrator right and assigning a right to the control device having no access right. | 01-16-2014 |
20140026231 | SELF-GENERATION OF VIRTUAL MACHINE SECURITY CLUSTERS - A method of operating a virtual computing system includes receiving at a security controller security data corresponding to a candidate virtual machine that is proposed to be included in a virtualization environment managed by a virtualization environment manager, comparing the security data of the candidate virtual machine to security data of other virtual machines in the virtualization environment, and in response to the comparison, recommending that the virtualization environment manager exclude the candidate virtual machine from the virtualization environment. Related systems and computer program products are disclosed. | 01-23-2014 |
20140041058 | METHODS AND APPARATUS FOR SHARING, TRANSFERRING AND REMOVING PREVIOUSLY OWNED DIGITAL MEDIA - The invention provide systems and methods for management of digital media objects, comprising first and second client digital data processors (e.g., personal (or private) computers, laptops, dedicated music devices, electronic book readers, and so forth) that are in communications coupling with one or more stores (e.g, dedicated disk drives, flash drives, cloud storage, etc.). At least one digital media object (DMO) or copy thereof is stored in one or more of those stores and is accessible by at least one of the first and second client digital data processors. | 02-06-2014 |
20140047562 | SELECTIVE PROVISIONING OF ONLINE MEDIA CONTENT - Providing for client-selected user authentication in relation to accessing or acquiring online media content is described herein. In response to an access request transmitted by a client device, a server can determine a type of request employed by the client device and identify a type of media playback device associated with the client. Identification can be based on information specified within the access request, information derived from information pertaining to the access request, information derived from stored associations between access request and types of playback devices, or suitable combinations thereof. Once identified, promotional content or service(s) can be allocated to a subscriber account in response to the access request satisfying one or more criteria. In this manner, a service provider can facilitate client-selection of a mode of user authorization, while incentivizing a particular type of playback device for acquiring content from or generally interfacing with the service provider. | 02-13-2014 |
20140047563 | DATA RETENTION KILL FUNCTION - Various data protection techniques are provided. In one embodiment, a memory device is provided. The memory device may initiate a security measure upon occurrence of one or more triggering events. The one or more triggering events may include receipt of a command signal. Various additional methods, devices, and systems are also provided. | 02-13-2014 |
20140053281 | CONFIGURATION OF A NEW ENROLLEE DEVICE FOR USE IN A COMMUNICATION NETWORK - An electronic device obtains a device password associated with the new enrollee device to be configured for a communication network. The device password is provided to a network registrar to cause the network registrar to configure the new enrollee device for the communication network. The network registrar performs an enrollment process based upon the device password and provides feedback to the electronic device to indicate whether or not the new enrollee device was successfully added to the communication network. Alternatively, when an electronic device detects the presence of a new enrollee device to be configured for the communication network, the electronic device generates a device password for the new enrollee device and provides the device password to the new enrollee device and to the network registrar, thereby causing the network registrar to initiate an enrollment process for the new enrollee device based upon the device password. | 02-20-2014 |
20140059707 | ELECTRONIC DEVICE AND CONTENT SHARING METHOD - A method of sharing content for an electronic device is provided. The electronic device is capable of changing contents that are to be shared when a network changes. The content sharing method includes storing a list of contents shared between the electronic device and another electronic device via a network formed using an access point, such that the contents match the access point, and setting contents included in a list of contents stored to match the access point as contents to be shared in response to the electronic device being connected to the network via the access point. | 02-27-2014 |
20140068789 | Wireless Media Streaming System - While a stream device is streaming a media program from a multimedia device to a client device, the streaming device may be configured to send a first portion of the media program to the client device, where the first portion is transcoded from a first format into a second different format and adapted for a first playing mode of the client device. The streaming device may be configured to receive an indication of a user command from the client device specifying a second different playing mode of the client device. The streaming device may be configured to send a second different portion of the media program to the client device, where the second portion is transcoded from the first format to the second format and adapted for the second playing mode of the client device. | 03-06-2014 |
20140075575 | CONTENT DELIVERY SYSTEM WITH AN IDENTIFICATION MECHANISM AND METHOD OF OPERATION THEREOF - A method of operation of a content delivery system includes: compiling a detected device ensemble; detecting user information to develop a profile; and retrieving a content with an access level matching the profile and compatible with the detected device ensemble for displaying on a device. | 03-13-2014 |
20140075576 | METHOD AND SYSTEM FOR AUTHORIZING PLAYBACK FROM MULTIPLE DEVICES - A system and method for using content on multiple devices includes a head end associating a first user device and a second user device with a user account and authorizing the first user device and the second user device to receive content. The first user device forms a selection signal corresponding to a first content. The head end communicates the first content to the first user device corresponding to the selection signal. The first user device displays the first content on a first display associated therewith. The second user device receives the first content and displays the first content on a second display associated with the second user device. | 03-13-2014 |
20140075577 | FILE SECURITY CONTROL SYSTEM AND METHOD - A server sets security configuration information and inserts the security configuration information into a file. The server generates a new file according to the security configuration information and the file, and displays content of the new file and operates the new file, in response to a determination that the client has authority to access and operate the new file. The server updates the security configuration information in the new file after the new file has been operated by the client. | 03-13-2014 |
20140075578 | METHOD FOR PROVIDING LICENSE CORRESPONDING TO ENCRYPTED CONTENTS TO CLIENT APPARATUS AND DIGITIAL RIGHTS MANAGEMENT CONVERSION SYSTEM USING THE METHOD - Disclosed are a method for providing a license corresponding to encrypted contents to a client apparatus, which provides a license in response to a request of the license corresponding to contents super-distributed to a third person in a DRM conversion system, and a DRM conversion system using the same. First digital rights contents type first contents and a first license corresponding to the first contents are digital rights management converted to generate second digital rights contents type second contents and a second license corresponding to the second contents. A license request corresponding to the second contents super-distributed to a third person is received. A second license corresponding to the second contents super-distributed is requested from a server corresponding to the second digital right management. The second license corresponding to the second contents super-distributed is received and transmitted to the third person. | 03-13-2014 |
20140082749 | SYSTEMS AND METHODS FOR SECURE AND PERSISTENT RETENTION OF SENSITIVE INFORMATION - An information processing system provisions a client account for a user to enable a client computer associated with the user to store information in an elastic storage system and to prohibit the client computer, the information processing system, and the elastic storage system from altering and from deleting the stored information during an authorized retention period. Data messages are received from one or more client computers and include information that is required to be stored for the authorized retention period. That information is transmitted via one or more data communications networks to the elastic storage system for storage so that the stored information is non-rewriteable and non-erasable during the authorized retention period. The secure data center receives the retrieved copy and provides it to the user device. The elastic storage system permits deletion, modification, or destruction of the stored information only when a trusted independent third party having predetermined authentication information associated with the client account provides the predetermined authentication information to the elastic storage system. | 03-20-2014 |
20140082750 | METHOD AND APPARATUS FOR DYNAMIC DATA FLOW CONTROL USING PRIORITIZATION OF DATA REQUESTS - A data center determines whether requested content is available at the data center. The content is available when the content is both present at the data center and current. When the requested content is available at the data center, the data center returns the requested content to the browser. When the requested content is locally unavailable at the data center, the requested content is retrieved from an origin server. When retrieval of the content is delayed, the request is prioritized and placed in a queue for handling by the origin server based on the priority of the request. A status page may be communicated to the browser to inform a user of the delay and provide alternate content and status information related to the request determined as a function of the request or the current state of the origin server. | 03-20-2014 |
20140090088 | Facilitating Claim Use by Service Providers - Aspects of the subject matter described herein relate to facilitating claim use in an identity framework. In aspects, a definition of a trust framework may be received and stored. A graphical interface may display a plurality of trust frameworks and allow an administrator to select which trust framework to instantiate. The graphical interface may also allow the administrator to define which rules of the trust framework to use in the instance of the trust framework. After receiving this information, the instance of the trust framework may be instantiated and configuration data provided to the administrator to allow the administrator to configure a Web service to invoke the instance of the trust framework to grant or deny access to the Web service. | 03-27-2014 |
20140090089 | CLOUD KEY DIRECTORY FOR FEDERATING DATA EXCHANGES - Embodiments are directed to providing attribute-based data access. In an embodiment, a data request specifies one or more search data attributes describing requested data that is to be found in an anonymous directory. The anonymous directory is configured to provide access to secured data according to access controls defined one or more clients. The secured data includes data that is associated with a particular client and that is encrypted using multi-authority attribute-based encryption, which associates the data with one or more encryption data attributes and that enables the data to be provided if conditions in the corresponding access controls are met. The particular portion of data is provided based on determining that the conditions in the corresponding access controls are met, and that at least one of the search data attributes is determined to be relevant to at least one of the encryption data attributes. | 03-27-2014 |
20140096269 | SYSTEMS AND METHODS FOR FAST STARTUP STREAMING OF ENCRYPTED MULTIMEDIA CONTENT - Methods and systems to allow for the streaming of media from a file server to a client, where the streaming occurs concurrently with the execution of an information security protocol. The security protocol allows the client to securely receive one or more keys that allow the client to access the media. This permits a user to access the media sooner than would otherwise be possible, while allowing timely performance of security related processing. | 04-03-2014 |
20140115723 | System and Method for Digital Media Distribution - The present invention comprises a digital media delivery system with a physical authorization device for downloading media files to a digital media player. The physical authorization device is most preferably an indicia-bearing card, containing at least one of an NFC circuit with the NFC circuit comprising a reusable media authorization code, and/or a Quick Response code with a reusable media authorization code embedded in the QR code, and/or an eye-legible version of the reusable media authorization code. By touching or tapping the indicia-bearing card on the NFC enabled media player, or scanning the QR code, or entering the eye-legible media authorization code from the authorization device into a digital media player, the reusable media authorization code is transmitted to a file server on the Internet via an application on the digital media player and one or more media files will be downloaded to the digital media player or otherwise enabled for accessing on the digital media player. Once downloaded to the digital media player or otherwise enabled, the user may access the downloaded media file(s). | 04-24-2014 |
20140123320 | PROCESSOR, PROCESSOR CONTROL METHOD, AND INFORMATION PROCESSING DEVICE - According to one embodiment, a processor accesses a storage module upon a request from a processor module, which selectively switches between a secure mode and a non-secure mode and performs predetermined data processing in each mode. In this case, the access to a protected area of the storage module is permitted only when the processor module is in the secure mode based on a report indicative of an own mode, which is output from the processor module. | 05-01-2014 |
20140123321 | HANDSHAKE PROTOCOL TO CONTROL ACTORS AND FUNCTIONS IN A CABLE SET-TOP-BOX SYSTEM TO PROPAGATE ACCEPTANCE OF AN IP LICENSE TO SECURELY AUTHENTICATE SOFTWARE APPLICATION PROGRAM INTERFACES (APIs) - A system for securely authenticating software Application Program Interfaces (APIs) includes a handshake protocol that enables promulgation of licensing rights controlling Intellectual Property (IP) to multiple Actors. The Actors include components of a cable system that can include a Conditional Access System, Middleware, a Browser for a Set-Top-Box, a Guide and a Guide Data Provider. The handshake is a Challenge-Response protocol that includes a Challenge issued by one Actor who controls IP rights to verify a second Actor has Licensed IP rights when the second Actor Response includes a Hook IP function IPF | 05-01-2014 |
20140130187 | Protecting Systems from Unauthorized Access to System Resources Using Browser Independent Web Page Technology - In some embodiments, a filter may filter web graphics library code executing on the graphics processing unit. As a result the web graphics library code may be prevented from accessing memory or other resources that are not allocated specifically for the web graphics library module. Likewise web graphics library code may not access any shared resources that have been explicitly assigned to the process specific web graphics library module. | 05-08-2014 |
20140130188 | Techniques For Secure Storage Hijacking Protection - A hijack-protected, secure storage device requires proof that the user has actual physical access to the device before protected commands are executed. Examples of protected commands include attempts to change storage device security credentials of the device, erasure of protected portions of the device, and attempts to format, sanitize, and trim the device. Various techniques for proving the actual physical possession include manipulating a magnet to control a magnetic reed switch located within the device, operating a momentary switch located within the device, altering light reaching a light sensor located within the device (such as by opening or shutting a laptop cover to change ambient light reaching the sensor), and manipulating a radio-transmitting device (such as a cell phone) near the storage device for detection of the manipulation by a compatible radio receiver located within the device. | 05-08-2014 |
20140137270 | DIGITAL MEDIA ASSET IDENTIFICATION SYSTEM & METHOD - The present invention provides a system and method for identifying and transferring digital media assets within a system through the use of identification data. The identification data is applied to each transferred copy and includes data specific to the customer and digital media asset. To facilitate transfers and ease of use the digital media assets can be made DRM-free. | 05-15-2014 |
20140143892 | Architecture System for In-Store Reading - An architecture and techniques to facilitate lending of digital content at an authorized location to an authenticated electronic device. | 05-22-2014 |
20140143893 | Method for Authentication for In-Store Reading - An authentication scheme to facilitate lending of digital content at an authorized location to an authenticated electronic device. | 05-22-2014 |
20140143894 | Method for Registering a Device - A registration flow to facilitate lending of digital content at an authorized location to an authenticated electronic device. | 05-22-2014 |
20140157438 | USER DEVICE AND METHOD FOR RECEIVING DRM FUNCTION CORRESPONDING TO SPECIFIC CONTENTS - The present invention proposes a method for obtaining a digital right management (DRM) function for playing DRM contents on a user device according to need. To this end, the present invention comprises the steps of, when a user device requests a specific DRM contents or accesses a service system, a user device obtaining a rights object corresponding to a request; determining information on a current DRM function using the rights object; and when a new DRM function is required, installing a new DRM function or upgrading the standard DRM function. | 06-05-2014 |
20140165213 | Systems and Methods for Controlling Email Access - Embodiments of the disclosure relate to proxying at least one email resource from at least one email service to at least one client device, determining whether the email resources are accessible to the client devices via at least one unauthorized application on the client devices, and modifying the email resources to be inaccessible via the unauthorized applications on the client devices in response to a determination that the email resources are accessible via the unauthorized applications on the client devices. | 06-12-2014 |
20140173756 | PLATFORM-HARDENED DIGITAL RIGHTS MANAGEMENT KEY PROVISIONING - Embodiments of an invention for platform-hardened digital rights management key provisioning are disclosed. In one embodiment, a processor includes an execution unit to execute one or more instructions to create a secure enclave in which to run an application to receive digital rights management information from a provisioning server in response to authentication of the application by a verification server. | 06-19-2014 |
20140173757 | Method And System For Integrating Remote Devices Into A Domestic VLAN - A gateway network device may establish secure connections to a plurality of remote network devices using tunneling protocols to distribute to the remote network devices multimedia content received from one or more content providers. The consumption of the multimedia content may originally be restricted to local network associated with the gateway network device. The secure connections may be set up using L2TP protocol, and the L2TP tunneling connections may be secured using IPSec protocol. Use of multimedia content may be restricted based on DRM policies of the content provider. DRM policies may be implemented using DTCP protocol, which may restrict use of the multimedia content based on roundtrip times and/or IP subnetting. Each content provider may use one or more VLAN identifiers during communication of the multimedia content to the gateway network device, and the gateway network device may associate an additional VLAN identifier with each secure connection. | 06-19-2014 |
20140173758 | Local Device Awareness - Certain embodiments may take the form of a method of operating an electronic device to find and determine an identity of other local devices. The method includes transmitting electromagnetic signals from a first electronic device to find devices within a prescribed distance of the first device and receiving electromagnetic response signals from a second electronic device within the prescribed distance from the first electronic device. The method also includes identifying the second electronic device using information received in the electromagnetic response signals. Additionally, the method includes determining if the second electronic device is aware of other electronic devices and, if the second electronic device is aware of other electronic devices, obtaining identifying information of the other devices from the second electronic device. | 06-19-2014 |
20140181996 | COMPUTER READABLE STORAGE MEDIUM FOR STORING APPLICATION PROGRAM FOR NETWORK CERTIFICATION - The present invention discloses a computer readable storage medium for storing an application program for network certification. The application program is implemented by an electrical device to execute a network certification process. The network certification process includes the following steps: a network module of the electrical device is driven to receive a certification code, which is broadcasted by a network access point (AP). Determine if the certification code is in an identified list. When the certification code is not in the identified list, the application program executes an action to limit communication between the electrical device and the network AP. | 06-26-2014 |
20140181997 | Private Queue Indicator - Embodiments provided herein involve connected states between a mobile device and one or more zones in a network media system and different interactions between the mobile device and the network media system involving the connected states. The connected states may be established between the mobile device and the one or more zones such that further actions taken on media items identified in the playlist on the mobile device may also be taken on corresponding media items in a playback queue associated with the one or more zones. The interface on the mobile device may display various graphical representations to indicate the different interactions involving the connected states, including when a connected state is established, when a connected state is lost, and when a reconnected state is reestablished. The interface may further provide selectable icons to allow a user to navigate among the different media playback options involving the connected states. | 06-26-2014 |
20140189888 | SECURE DATA CONTAINER FOR AN AMBIENT INTELLIGENT ENVIRONMENT - A system and method for providing a secure data container for an ambient intelligent environment are disclosed. A particular embodiment includes: collecting a set of information from a first digital network information endpoint associated with a vehicle; associating, by use of a data processor, a persistent digital identifier with the collected information, the persistent digital identifier being derived from information associated with the vehicle; enabling a user to specify a shared data set from the collected information; enabling the user to specify a set of sharing controls corresponding to the shared data set; combining information identifying the shared data set and the sharing controls in a secure container; and enabling to second digital network information endpoint to access the shared data set via the secure container upon presentation of a valid secure access token. | 07-03-2014 |
20140208440 | APPLICATION USAGE IN DEVICE IDENTIFICATION PROGRAM - Embodiments of the invention are directed to systems, methods and computer program products for using a device identification program. In some embodiments, a system is configured to: receive device identification information from a mobile device, search a database of records based on the identification information, and in response to determining a match between information associated with a record in the database and the identification information, enable first access to an application initiated on the mobile device. | 07-24-2014 |
20140208441 | Software Authentication - A method including: receiving a client application for distribution to user devices; receiving a secret authentication key associated with the client application; securing with digital rights management technology the secret authentication key associated with the client application; and providing an application package comprising the client application and the secured secret authentication key for distribution to user devices. | 07-24-2014 |
20140223582 | Digital Receipt for Use with an Interoperable Keychest - There is provided a system and method for a digital receipt for use with an interoperable keychest. There is provided a method for online registration of a digital receipt associated with a content, comprising performing a transaction to obtain from a first distributor the content encrypted by a title key and a first digital rights management (DRM) license usable with the first distributor to access the title key, receiving from the first distributor the digital receipt associated with the content including information relevant to the transaction, and transmitting the digital receipt to the interoperable keychest acting as a central key repository (CKR) for an online registration of the digital receipt associated with the content. Authorized media distributors may then generate new DRM licenses using the CKR, enabling interoperable content playback of the same universal file across different media distributors and clients. | 08-07-2014 |
20140250540 | DYNAMIC RESOURCE SHARING - Representative implementations of devices and techniques provide dynamic secure sharing of resources. A resource module can be partitioned into a plurality of functional blocks, which may be allocated to non-secure and secure applications. A security monitor can monitor processor activity and determine when secure resources may be accessed. | 09-04-2014 |
20140259187 | SYSTEM AND METHOD FOR UTILIZING CONTENT IN ACCORDANCE WITH USAGE RIGHTS - Apparatus, method, and media for utilizing content. An exemplary method comprises storing a description structure comprising one or more usage rights, storing content associated with the one or more usage rights, receiving a request for the content, the request corresponding to a utilization of the content, determining whether the utilization corresponds to at least one of the one or more usage rights, determining whether the computing device is an authorized device, and utilizing the content in accordance with the at least one of the one or more usage rights based at least in part on a determination that the utilization corresponds to the at least one of the one or more usage rights and a determination that the computing device is an authorized device. | 09-11-2014 |
20140259188 | METHOD AND APPARATUS FOR SECURELY PROVIDING POSTAL ADDRESS DATA TO CLIENT DEVICES - A method of securely providing postal address data to a requesting client device includes storing, at a server, a plurality of number items each associated with at least one respective address item. Each number item is indicative of a mobile telephone number and each address item is indicative of postal address data. A requesting client device sends an address item request, to the server, and the address item request includes a target key indicative of a mobile telephone number. The address item request is received at the server. A respective address item associated with a number item indicative of the mobile telephone number indicated by the target key is identified at the server. A data package including at least a part of the postal address data indicated by the respective address item identified at the server is sent from the server to the requesting client device. | 09-11-2014 |
20140283132 | COMPUTING APPLICATION SECURITY AND DATA SETTINGS OVERRIDES - Provided are techniques for receiving a first request from a first application for a particular data element; making a determination, with respect to the first request, of whether or not to provide access to the particular data element to the first application; and in response to a determination to provide access to the first application, providing the first application with access to the particular data element; and in response to a determination not to provide access to the first application, providing the first application access to a first dummy data element. | 09-18-2014 |
20140283133 | CODE-ENABLED REMOTE ACTIVATION OF SOFTWARE FOR INDUSTRIAL AUTOMATION SYSTEMS - Systems, methods, and software for enabling software for industrial automation systems and equipment are provided herein. In one example, a non-transitory computer readable medium having stored thereon program instructions executable by a computing device is presented. When executed by the computing device, the program instructions direct the computing device to receive a request for enabling use of software for an industrial control device, identify a code capable of enabling the software based at least in part on the request, and communicate the code to a user to use to enable the software for the industrial control device. | 09-18-2014 |
20140283134 | Device and Method for Asset Protection Scheme - A device and method for an asset protection scheme includes receiving, by a data chunk serving server, a first request for an asset from a client device; transmitting, by the data chunk serving server, a plurality of data chunks to the client device, each of the data chunks corresponding to a portion of the asset; receiving, by a key serving server, a second request for key data from the client device, the key data corresponding to data removed from the asset to create the plurality of data chunks, wherein the plurality of data chunks and the key data correspond to an entirety of the asset; and transmitting, by the key serving server, the key data to the client device. | 09-18-2014 |
20140283135 | Mobile Computing Device with Multiple Access Modes - Some embodiments of the invention provide a mobile device that restricts access to its applications. The mobile device, displays, on the device's touch screen display, a lock screen page for accessing the device in a primary access mode or a secondary access mode. The primary access mode provides access to several of the device's applications, and the secondary access mode provides access to a limited set of the applications. The mobile device receives a touch input on the lock screen page to access the device in the secondary access mode. The mobile device unlocks the device to the secondary access mode by allowing access to the set of applications and restricting access to the remaining applications in the plurality of applications. | 09-18-2014 |
20140283136 | SYSTEMS AND METHODS FOR SECURING AND LOCATING COMPUTING DEVICES - Methods and systems are provided for identifying a computing device and/or the user of such a device and granting or prohibit access to one or more devices based on the location of the computing device. User devices include receivers and emitters for localization signals, and behavior of user devices or user interaction devices are modified according to received localization signals. Example systems may provide tracking media streaming to local devices, automatic configuration of transmitters, or adaptation of multi-user interactions based on user location. | 09-18-2014 |
20140283137 | MEDIA SERVICE DELIVERY SYSTEM PROVIDING CONDITIONAL ACCESS TO MEDIA CONTENT FROM VARIOUS CLIENT DEVICES - A system for protecting the digital rights of content owners allows digital media to be delivered to only those media rendering client devices that have been approved for the media content. Before delivering requested media, the media service provider may determines whether the media rendering client device that requested the media is the type of device that is authorized to receive the request media. If it is, the media service provider may transmit the media to a middleman server over a network (such as the Internet). A middleman server may then serves the media to the client device over a local network. By allowing the media content to be distributed to approved devices only, the media service provider can prevent a user from using the media in a way that is not authorized by the content owner. | 09-18-2014 |
20140289871 | METHOD, SYSTEM, AND DEVICE FOR VERIFYING AUTHORIZED ISSUANCE OF A RIGHTS EXPRESSION - A method, system, and device for verifying authorized issuance of a statement or expression, including determining if a statement or expression is associated with a statement of trusted issuance; determining if the statement of trusted issuance applies; determining if issuance of the statement of trusted issuance is authorized; and verifying that the issuance of the statement or expression was authorized, if the statement of trusted issuance applies, and the issuance of the statement of trusted issuance is authorized. | 09-25-2014 |
20140304838 | REMOTE INSTALLATION OF DIGITAL CONTENT - Various embodiments relating to remote installation of digital content on unlicensed computing machines are provided. In one embodiment, an unlicensed computing machine at which to install a licensed digital content item is identified by a licensed computing machine, a request to transfer a license for the licensed digital content item to the unlicensed computing machine is sent from the licensed computing machine to an authorization service computing machine, and delivery of the licensed digital content item to the unlicensed computing machine is initiated. | 10-09-2014 |
20140304839 | ELECTRONIC CLIPBOARD PROTECTION - A clipboard in an electronic system protects sensitive data by copying data into a clipboard of an electronic system as an entry and selectively blocking access to the sensitive data. An entry protect status is associated with a clipboard entry that is arranged to store copied data that is sensitive. The entry protect status is changed to indicate the entry protect status is set to block access to the copied data. Access to the copied data for which the entry protect status has been changed is selectively blocked. | 10-09-2014 |
20140310822 | CERTIFICATE GENERATION METHOD, CERTIFICATE GENERATION APPARATUS, INFORMATION PROCESSING APPARATUS, AND COMMUNICATION DEVICE - A certificate generation method executed by a computer, includes receiving specific information and configuration information of a communication device collected by an information processing apparatus, the specific information and the configuration information being transmitted from the communication device provided with the information processing apparatus having tamper resistance; determining a communication address of the communication device based on the specific information if a combination of the received specific information and the received configuration information of the communication device is equivalent to information stored beforehand in a storage unit; generating an electronic certificate including a part of or all of the specific information and the configuration information, and the determined communication address; and transmitting the electronic certificate to the communication device. | 10-16-2014 |
20140310823 | METHOD OF SEQUENCING ON A MULTICORE PROCESSOR - The present invention relates to the field of real-time executives and their adaptation for secure execution on a multicore processor. There is defined, in addition to the level of certification intrinsic to each task, a level of security relating to the criticality of the execution of the instance of the task in its context and by a method of sequencing distributed over the various cores which make it possible to exchange, during each time interval, the information relating to the level of certification and to the level of security of each of the tasks getting ready to be launched. A decision is then taken on each core for launching the task envisaged as a function of the relevant information received from the other cores. | 10-16-2014 |
20140317760 | PERMISSION-BASED UPDATING OF CONTACT INFORMATION - A system for automatically updating personal consumer and business contact information is disclosed. A server located “in the cloud” automatically controls a database of contact data elements, some of which have preferred privacy protocol. These protocols may restrict some data elements from being shared unless a data-owner's explicit permission is obtained. When the server receives a request for such a restricted data element, the server issues an email or text message in order to obtain the necessary permissions. If permission is granted, the server then supplies the requested data. | 10-23-2014 |
20140317761 | SECURING SHIPMENT INFORMATION ACCESSED BASED ON DATA ENCODED IN MACHINE-READABLE DATA BLOCKS - Example embodiments provide a Shipment Preparation System (“SPS”), which facilitates the preparation of shipments, such as by producing shipping labels. In one embodiment, the SPS is configured to receive shipment preparation information from a bar code or other machine-readable data block in a packing list. The shipment preparation information identifies a uniform resource identifier (“URI”) that identifies a code module that is remote from the SPS. The shipment preparation information and/or the URI further includes an access token. The SPS then uses the URI to communicate with the code module in order to access shipment information (e.g., to read a read a shipping address, to store an indication that a shipment is ready for pick up). The code module restricts access to the shipment information based on the access token, such as by only allowing a limited number or duration of access via the token. | 10-23-2014 |
20140317762 | PROVIDING SUBSCRIBED MEDIA CONTENT TO PORTABLE MEDIA PLAYER DEVICES ASSOCIATED WITH SUBSCRIBERS - Methods and apparatus for providing media content offered by media content subscription service to portable media player devices associated with subscribers of the service are described herein. In various embodiments, particular fulfillment module, request module and media player are provided to fulfillment server(s) of the subscription service, request client devices, and portable media player devices, respectively. | 10-23-2014 |
20140325681 | Single-Chip Virtualizing and Obfuscating Storage System for Portable Computing Devices - In certain embodiments, an information obfuscation service may be incorporated directly into the main applications processor of a portable computing device such that the applications processor and its relevant storage peripherals may be securely shared via a virtualization firmware module, avoiding the use of specialized hardware or major modifications of the operating system. The virtualizing and obfuscating storage firmware module may enable a much higher level of assurance in information-at-rest protection while using only the memory protection and privilege mode facilities inherent in common portable device applications microprocessors. The virtualizing and obfuscating storage firmware may interpose storage accesses originating from the operating system. This interposition may be performed seamlessly, without explicit knowledge of the operating system. | 10-30-2014 |
20140325682 | DEVICE, SYSTEM, AND METHOD OF DETECTING A REMOTE ACCESS USER - Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a possible attacker. The methods include monitoring of user-side input-unit interactions, in general and in response to an interference introduced to user-interface elements. The monitored interactions are used for detecting an attacker that utilizes a remote access channel; for detecting a malicious automatic script, as well as malicious code injection; to identify a particular hardware assembly; to perform user segmentation or user characterization; to enable a visual login process with implicit two-factor authentication; to enable stochastic cryptography; and to detect that multiple users are utilizing the same subscription account. | 10-30-2014 |
20140325683 | LICENSING VERIFICATION FOR APPLICATION USE - Techniques involving detection of misuse of digital licenses pertaining to application use. An identification of unsigned applications or other use-protected applications enabled for use at a user device is obtained. The identification of such applications is directed to a licensing authority to seek digital license renewal for using the applications. A renewed digital license is received if the provided identification of use-protected applications corresponds to what is authorized by the licensing authority for use at the user device. In other embodiments, verification information may be provided to protect the identification of unsigned applications from tampering, such as information indicative of whether the identification of unsigned applications originated at the user device in which the use-protected applications are used, and indicative of whether the identification of the unsigned applications is a copy of a previous identification of the unsigned applications. | 10-30-2014 |
20140325684 | SENSITIVE INFORMATION LEAKAGE PREVENTION SYSTEM, SENSITIVE INFORMATION LEAKAGE PREVENTION METHOD, AND COMPUTER-READABLE RECORDING MEDIUM - A client device ( | 10-30-2014 |
20140331336 | EXTENSIBLE MARKUP LANGUAGE DOCUMENT MANAGEMENT METHOD AND SYSTEM - An Extensible Markup Language (XML) document management method includes: receiving an XML document management operation request sent via an XCAP protocol, by an XML Document Management Server (XDMS); determining that the XML document management operation request is in an entrustment mode, and determining whether to perform an operation described in the XML document management operation request in accordance with access permission information corresponding to an XML document, by the XDMS. | 11-06-2014 |
20140351957 | Blocking Objectionable Content in Service Provider Storage Systems - When objects are shared by one user with another user, objectionable content, if identified as such, can be blocked from being shared, while the remainder of the shared objects can be accessed by the other user. Functions that allow sharing of content are implemented so as prevent sharing of objectionable content with another user, while allowing other content to be shared. If a group of files or objects is shared, then the presence of objectionable content in one object in the group results in that objectionable content not being shared, but the remaining files or objects are still shared. A graphical user interface for accessing the storage system, whether by providers or recipients of shared content, can selectively render information about objects with objectionable content. | 11-27-2014 |
20140359792 | Public Exposed Objects - A system, a method, and a computer program product for public exposed objects in packaged interfaces of business process applications are provided. A service provider of a service registers a public exposed object for use by a client of the service provider by identifying the public exposed object and associating a predetermined access protocol for accessing the registered public exposed object by the client. The registered public exposed object is accessible from the service provider only. The service provider provides the registered public exposed object to the client during a transaction. The client accesses the registered public exposed object using an identifier, an attribute, an access location of the registered public exposed object, and the predetermined access protocol. | 12-04-2014 |
20140373181 | METHOD FOR PROTECTING COMPUTER PROGRAMS AND DATA FROM HOSTILE CODE - A method that protects computer data from untrusted programs. Each computer's object and process is assigned with trust attributes, which define the way it can interact with other objects within the system. When an object is classified as untrusted, it can interact with other object within the system on a limited basis. A virtualized system is provided on the computer so that when the untrusted object attempts to perform an operation that is outside its scope of authorization, the virtualized system intercepts the operation but present the untrusted program with an indication that the requested operation has been performed. The method further includes processes to securely move a program from an untrusted group to a trusted group. | 12-18-2014 |
20140380510 | SYSTEM FOR PROVIDING BEHAVIOR INFORMATION NOTIFICATION SERVICE AND METHOD FOR PROVIDING BEHAVIOR INFORMATION NOTIFICATION SERVICE - The present invention has the aim of providing a method of an activity information notification service in which a server can receive activity information from a user of a target terminal, depending on his or her privacy setting, and then transmit the received activity information to a selected receiving user, and in which any receiving user can transmit a notification request to a target user in order to receive desired activity information. According to an embodiment of the present invention, a method of an activity information notification service at a server, the method includes steps of receiving activity information from a target terminal; determining a receiving terminal to which the received activity information will be transmitted, depending on a privacy setting of the target terminal stored in a storage unit; and transmitting the activity information to the determined receiving terminal. | 12-25-2014 |
20150020219 | Outbound IP Address Reputation Control and Repair - Embodiments provide IP address partitioning features that can be used to source outbound email communications, but the embodiments are not so limited. In an embodiment, a computer-based method operates to remove blocked or potentially misused IP addresses from a partition and/or move good or reputable IP addresses from other partitions to account for volumetric shortfalls. A method of one embodiment operates to repair removed IP address reputations as part of recycling and reusing IP addresses. A system of an embodiment is configured in part to remove misused IP addresses from one or more partitions, source reputable IP addresses from other partitions, and/or repair and reuse IP addresses as needed. Other embodiments are included. | 01-15-2015 |
20150020220 | SYSTEMS AND METHODS FOR APPLICATION BASED INTERCEPTION OF SSL/VPN TRAFFIC - A method for allowing or denying, by an appliance, access to a resource by an application on a client via a virtual private network connection includes basing the decision to allow or deny access on identification of the application. The appliance intercepts a request from an application on a client on a first network to access via a virtual private network connection a resource on a second network. The appliance identifies the application and associates with the intercepted request an authorization policy based on the identity of the application. The appliance determines, using the authorization policy and the identity of the application, to either allow or deny access by the application to the resource. | 01-15-2015 |
20150026826 | SUBSCRIBER IDENTITY MODULE-BASED AUTHENTICATION OF A WIRELESS DEVICE AND APPLICATIONS STORED THEREON - An approach is provided for performing a device-level and/or an application-level security check of a device. In the device-level check, a device hash is generated based on a subscriber identity module identifier (SIM ID), a device identifier, the number of secured applications, and the names of the secured applications. A temporary device hash is generated during a booting of the device. If the device hash is determined to not match the temporary device hash, the applications are removed from the device during the booting of the device. In the application-level check, an application hash is generated based on the SIM ID, the device identifier, and the application name. A temporary application hash is generated during a loading of the application. If the application hash is determined to not match the temporary application hash, the application is removed from the device without running the application. | 01-22-2015 |
20150026827 | METHOD FOR APPLICATION MANAGEMENT, CORRESPONDING SYSTEM, AND USER DEVICE - A method for application management is provided. First, an original application is received. A license code is injected into the original application through a repackaging process to generate a repackaged application. Next, the repackaged application is published for a user device to download and install, wherein the user device executes a client program. When the user device executes the repackaged application, the license code sends a license check request to activate the client program to send a license check response according to license information of the repackaged application. The license check response indicates whether the repackaged application is allowed to be further executed. When the license check response indicates that the repackage application is not allowed to be further executed, the license code terminates the repackaged application. | 01-22-2015 |
20150033365 | EXTERNAL PLATFORM EXTENSIONS IN A MULTI-TENANT ENVIRONMENT - Enforcing access control to individual extensions of services in a multi-tenant cloud environment by initializing objects for the extension based on public and private configuration files with service access rules that are merged is described. This allows third party vendors to specify payment rules for their own extensions while securely keeping the core extension configuration files. Tenants of the multi-tenant cloud environment can pick and choose which services to purchase, and the cloud environment automates the process of accessing the service using the third-party developer's tenant access list rules. | 01-29-2015 |
20150033366 | Methods and apparatus for displaying simulated digital content - Systems, methods, and devices for displaying digital content. In one embodiment, a method of simulating digital content includes providing information corresponding to a plurality of pixels of displayable content at an electronic device; and simulating the displayable content at the electronic device by displaying a representation of a first subset of the plurality of pixels during a first time period and displaying a representation of a second subset of the plurality of pixels during a second time period. | 01-29-2015 |
20150047058 | CERTIFICATE CHECKIN SERVICE - A method and system for a content provider to enable the consumption of content by properly entitled consumers (e.g., end-users, clients, customers) within a cloud provider network. A first certificate checkin service (CCS) executed by a processing device deployed in the cloud provider network receives a first set of usage data relating to content of a content provider consumed by a client of the cloud provider network. The first CCS provides the usage data to a communicatively coupled parent CCS. The first CCS provides the parent CCS with a request for entitlement data relating to the cloud provider, and stores the entitlement data received from the parent CCS. The entitlement data may be used by the first CCS to determine if the client is entitled to consume the content. | 02-12-2015 |
20150059005 | NETWORKED SERVICES LICENSING SYSTEM AND METHOD - A method, system, and computer program product for controlling consumption of a distributed network service in accordance with rights expression information associated with the distributed network service and specifying a manner of use of the distributed network service, including interpreting the rights expression information associated with the distributed network service, the rights expression information indicating a manner of use of the distributed network service; and controlling consumption of the distributed network service based on the rights expression information. | 02-26-2015 |
20150067891 | METHOD AND SYSTEM FOR DIGITAL RIGHTS MANAGEMENT ENFORCEMENT - A method and system for Digital Right Management (DRM) enforcement on a client device is provided. The method includes: determining client requested digital content; retrieving DRM data associated with the requested digital content; bundling the associated DRM with the requested digital content; transmitting the bundled DRM and digital content to the client device; and enforcing the DRM on the client device. The system includes: a client device configured to issue a request for digital content; a content review module configured to retrieve DRM data associated with the requested digital content; a bundler module configured to bundle the associated DRM with the requested digital content; a connection module configured to transmit the bundled DRM and digital content to the client device; and an enforcement module configured to enforce the DRM on the client device. | 03-05-2015 |
20150067892 | SYSTEM AND METHOD FOR AUTHORIZATION AND AUTHENTICATION, SERVER, TRANSIT TERMINAL - System for authorization and authentication comprises a server and at least one level of transit terminals. The server transmits digital content, server's identifier, and business pattern to the transit terminal. The transit terminal transmits to a lower level transit terminal the digital content, the server's identifier, the business pattern, and identifiers of respective transit terminals through which the digital content passes, and returns the above identifiers to the server. The server performs a match verification on the returned identifiers; if matched, the transit terminal is permitted to parse the business pattern and authorize a client to use the digital content based on privilege in the business pattern. | 03-05-2015 |
20150089672 | COMPUTER APPARATUS AND CONTROL METHOD FOR OPTICAL DISK DRIVE THEREOF - A computer apparatus and a control method for the ODD are disclosed. The control method includes: providing a user setting interface by the computer apparatus when the computer apparatus is in a user mode; receiving a user instruction through the user setting interface so as to start or close an ODD safety protection mode; and deciding whether or not a position state of a tray of the ODD can be changed according to that whether or not the ODD safety protection mode is started and whether or not the computer apparatus is in the user mode. | 03-26-2015 |
20150089673 | SYSTEM AND METHOD FOR GEOFENCING - A managed container may have a managed cache storing content managed by or through an application gateway server computer. The managed container may receive a request for content from an application running in a secure shell provided by the managed container on a client device. The managed container may determine whether the client device is within a specified geographical location. If not, the managed container may deny or restrict the application access to the requested content. The access denial or restriction may continue until a connection is made to the application gateway server computer or until the client device has returned to within the specified geographical location. If the client device is within the specified geographical location, the managed container may provide or restore access to requested content. Embodiments of the managed container can therefore perform geofencing by disabling or limiting access to content based on predetermined secure/insecure designations. | 03-26-2015 |
20150096056 | COLLISION AVOIDANCE IN A DISTRIBUTED TOKENIZATION ENVIRONMENT - A client receives sensitive data to be tokenized. The client queries a token table with a portion of the sensitive data to determine if the token table includes a token mapped to the value of the portion of the sensitive data. If the mapping table does not include a token mapped to the value of the portion of the sensitive data, a candidate token is generated. The client queries a central token management system to determine if the candidate token collides with a token generated by or stored at another client. In some embodiments, the candidate token includes a value from a unique set of values assigned by the central token management system to the client, guaranteeing that the candidate token does not cause a collision. The client then tokenizes the sensitive data with the candidate token and stores the candidate token in the token table. | 04-02-2015 |
20150096057 | Device Robustness Framework - Systems and methods for utilizing a robustness framework to restrict access to digital content distributed via a network in accordance with embodiments of the invention are disclosed. In one embodiment, restricting access to digital content includes loading device robustness information, where the device robustness information includes a device robustness level defined using a set of robustness rules, loading at least one digital rights management (DRM) certificate, where the at least one DRM certificate is utilized to authenticate the device to a DRM server, requesting playback of the content from a content store, where the content store is configured to store the content in at least one content distribution server, receiving the content from the at least one content distribution server upon a verification that the device robustness satisfies a threshold robustness by a computing system, and accessing the received content utilizing the at least one DRM certificate. | 04-02-2015 |
20150096058 | INFORMATION PROCESSING APPARATUS - According to one embodiment, an information processing apparatus includes a nonvolatile semiconductor memory and a processor. The nonvolatile semiconductor memory stores identification information. The processor controls an application which executes authentication processing for authenticating validation of the identification information stored in the nonvolatile semiconductor memory. The processor executes the application to read the identification information from the nonvolatile semiconductor memory, and to execute the authentication processing for determining whether or not the identification information is authentic. When the identification information is authentic, the processor continues at least some processes of the application, and when the identification information is inauthentic, the processor ends at least some processes of the application. | 04-02-2015 |
20150106957 | METHODS, SYSTEMS, AND DEVICES FOR FACILITATING VIABLE DISTRIBUTION OF DATA COLLECTED BY WEARABLE COMPUTATION - A method substantially as shown and described the detailed description and/or drawings and/or elsewhere herein. A device substantially as shown and described the detailed description and/or drawings and/or elsewhere herein. | 04-16-2015 |
20150121553 | SYSTEM AND METHOD FOR CODE PROTECTION - Systems, methods, and techniques are disclosed for. An example method of providing code protection includes identifying a set of methods including one or more code portions to extract from an application. The method also includes extracting the one or more code portions from the set of methods. The one or more extracted code portions is executable on a computing device remote from a client. The method further includes inserting an interface into the application. The interface enables the client to remotely execute the one or more extracted code portions. The method also includes transmitting the application including the interface and without the one or more extracted code portions to the client. | 04-30-2015 |
20150121554 | PROXY DEVICE FOR MANAGING DIGITAL RIGHTS - A system and method relate to a platform for distributing digital contents (digital content) to various client devices. A digital rights management platform allows a content provider to forward digital contents that is automatically ingested and processed in accordance with various requirements associated with providing the digital contents to the client devices. Information regarding the ingested digital contents may be provided to a coordinator device that uses this information to form a digital rights locker associated with the digital contents. A client device accesses the digital rights locker to obtain a rights token, or a proof of purchase, that is used to obtain rights data for accessing the digital contents. | 04-30-2015 |
20150128293 | APPLICATION DISTRIBUTION NETWORK - Methods and systems for remotely provisioning applications from the cloud in secure environments with robust license control failover options using a hierarchical server topology. Cloud-based servers provide applications and licenses to an organization's local servers, which in turn serve applications and licenses to end user devices. By synchronizing information including license and application provision information among the local and cloud-based servers, an organization's local servers can continue to serve applications and licenses when one or more of the organization's local servers fail. | 05-07-2015 |
20150128294 | INFORMATION PROCESSING APPARATUS, CONTROL METHOD THEREFOR AND SYSTEM - A system in which a communication apparatus and first and second information processing apparatuses are communicably connected, comprises a comparison unit which compares a first disclosure range set in the first information processing apparatus with a second disclosure range set in the second information processing apparatus, and a notification unit which sends a notification to the communication apparatus. The information processing apparatuses distributes the content to a third-party terminal included in a disclosure range decided based on the result of the comparison. | 05-07-2015 |
20150135336 | MOBILE DEVICE ENABLED TIERED DATA EXCHANGE VIA A VEHICLE - A mobile device enabled tiered data exchange via a vehicle is disclosed. A mobile device can access profile information related to a tiered-data sharing profile. The tiered-data sharing profile can associate data with a sharing tier designating security, privacy, or authorization constraints on sharing the associated data. A sharing tier can further designate obfuscation of the data as a constraint on sharing the data. The mobile device can enable access to the data subject to the constraints of the tiered-data sharing profile. In an embodiment, tiered data can be shared from the mobile device to an external service device via vehicle device. In another embodiment, tiered data can be shared from the mobile device to a service device of the vehicle. | 05-14-2015 |
20150143543 | SCALABLE SECURE EXECUTION - In one embodiment a controller comprises logic configured to establish a pairing with a remote processor in a second electronic device, create a first secure communication channel with the remote processor, transmit a first portion of a processing task to the remote processor via the first secure channel, receive, via a second communication channel, an input from the first portion of the processing task, and complete at least a second portion of the processing task using the input. Other embodiments may be described. | 05-21-2015 |
20150143544 | APPARATUSES, METHODS, AND BROWSERS BROWSER DATA PROTECTION - A terminal device may include a storage medium and a processor. The processor may be configured to execute instructions stored in the storage medium to operate a browser under an instruction of a user of the terminal, wherein the browser may include a private mode and a non-private mode; obtain data generated by an operation of the browser by the user; and switch the browser from the non-private mode to the private mode in response to a private mode entry instruction received from the user. When the terminal device receives a data display request from the user, the processor may display the data obtained when the browser is in the private mode and the data obtained when the browser is in the non-private mode together when the browser is in the private mode; and display the data obtained when the browser is in the non-private mode only when the browser is in the non-private mode. | 05-21-2015 |
20150295940 | Detecting Unauthorized Devices - Methods and systems are disclosed that, in some aspects, provide for receiving a provisioning request from a requesting device, and identifying one or more other devices proximate to or co-located with the requesting device. The methods and systems may include determining a location and other information of the one or more other devices and using the information to determine a location of and other information related to the requesting device. It may be determined whether to grant the provisioning request based on the determined location of the requesting device. | 10-15-2015 |
20150302219 | METHOD IN A PROCESSOR, AN APPARATUS AND A COMPUTER PROGRAM PRODUCT - There is disclosed a method in which information relating to a sequence of instructions of a thread is examined to determine a security condition of the thread. It is further determined by using the security condition which processor core of a multicore processor has an appropriate security mode to fulfil the security condition. If the determining indicates that one or more processor cores of the multicore processor has the appropriate security mode are available, one of the one or more processor cores is selected as a potential processor core to execute the sequence of instructions of the thread. There is also disclosed an apparatus and a computer program product to implement the method. | 10-22-2015 |
20150304283 | Source Based Anonymity and Segmentation for Visitors - A method and system for the anonymization and segmentation of the media access control (MAC) addresses reported by visitors' 802.11 enabled devices at a venue operator premises. This system assures a venue operator and its visitors that no individually identifying information about a visitor is re-transmitted or stored that can be traced back to their MAC address, while still allowing the venue operator to obtain venue visitor counts visit frequencies well as traffic patterns during visits (i.e. dwell times at, and movements between, locations within a venue) and counts of common visitors between venues. It also ensures that the data generated is segmented so that the data obtained by two different venue operators is not correlatable between visitors common to the two sets of data. | 10-22-2015 |
20150331810 | RANDOMIZED MEMORY ACCESS - An embodiment relates to a device for a memory access, the device comprising a first component for conducting operations on the memory and a second component for accessing the memory in a randomized manner, wherein the first component conducts at least a portion of the operations via the second component. | 11-19-2015 |
20150332026 | REUSABLE LICENSE ACTIVATION KEY - Systems, methods, apparatuses, and computer program products for a reusable license activation key are provided. One method includes creating, by a server, a registration record in a database upon activation of a license for a product, the registration record comprising an activation key for the license. The method may further include generating a new registration record comprising a new activation key when a change to the license occurs, generating a globally unique identifier for linking the registration record with the new registration record, and storing the linked registration records in the database. | 11-19-2015 |
20150339488 | INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD AND MEDIUM - An information processing device of the present invention includes: a cluster information acquisition unit which acquires information indicating a cluster which is a set of records in an anonymized state in which at least a portion of attribute values of set-valued attributes, which can include one value or a plurality of values included in the records, is removed from the cluster which is a set of records including an attribute value so that the cluster satisfies a predetermined anonymity; and a set-valued attribute refinement unit which discloses at least a portion of attribute values from among removed attribute values of the set-valued attributes of records included in the cluster acquired by the cluster acquisition, and divides the cluster into clusters which satisfy the predetermined anonymity based on the disclosed attribute values. | 11-26-2015 |
20150347723 | SOFTWARE APPLICATION LICENSE ROAMING - A master license entry that links a software application to a user identification can be made. Application licenses to use the software application can be roamed to multiple computing machines. Feature licenses for added features of the software application can be roamed to those computing machines as well. Multiple overlapping license rights for the software application may be linked to the master license entry. A count of how many license rights for the software application are linked to the master license entry can be maintained. Requests for licenses may be refused if the count of license rights has reached zero. | 12-03-2015 |
20150347771 | ISOLATION AND PRESENTATION OF UNTRUSTED DATA - Architecture that provides a secure environment in which data (e.g., code, instructions, files, images, etc.) can be opened and run by a client application. Once opened the data can be viewed (in a “protected view”) by the user without incurring risk to other client processing and systems. Accordingly, the architecture mitigates malicious attacks by enabling users to preview untrusted and potentially harmful data (e.g., files) in a low risk manner. Files opened in the protected view are isolated from accessing key resources on the client computer and provides the user a safer way to read files that can contain dangerous content. The protected view also provides a seamless user experience. The user is unaware that the client is operating on data in a different mode and allows for the reduction of security prompts. | 12-03-2015 |
20150347774 | RESTRICTED RESOURCE CLASSES OF AN OPERATING SYSTEM - Techniques for access control of a data processing system are described. In one embodiment, in response to a request from an application for accessing a resource of a data processing system, it is determined a first class of resources the requested resource belongs. A second class of resources the application is entitled to access is determined based on a resource entitlement encoded within the application and authorized by a predetermined authority. The application is allowed to access the resource if the first class and the second class of resources are matched. The application is denied from accessing the resource if the first class and the second class are not matched, regardless an operating privilege level of the application. | 12-03-2015 |
20150347788 | MOBILE DEVICE AUTO WIPE - In one embodiment, a mobile computing device automatically determines an occurrence of a security event associated with the mobile computing device, and automatically erase all software and data on the mobile computing device. | 12-03-2015 |
20150350189 | METHOD, SYSTEM AND APPARATUS FOR ENHANCING SECURITY OF BEACON DEVICE - A method, system and apparatus for enhancing the security of a beacon device are herein disclosed. A service device includes a service communication unit and a service control unit. The service communication unit communicates with at least one terminal and a beacon device, and transmits and receives data required to enhance the security of the beacon device. The service control unit performs control so as to receive pieces of identification information from the terminal and the beacon device, to check the received pieces of identification information and then perform validation based on the times at which the pieces of identification information have been generated and whether authentication keys match each other, to extract service information in response to the result of the validation, and to transmit the extracted service information to the terminal. | 12-03-2015 |
20150363575 | DEVICE FOR DECRYPTING AND PROVIDING CONTENT OF A PROVIDER AND METHOD FOR OPERATING THE DEVICE - The invention relates to a device for decrypting protected content and for providing the decrypted content for playback. The device comprises one or more system software modules providing functions for facilitating the decryption of the protected content and at least one client software module assigned to a provider of protected content. The client software module is adapted to access functions of the system software modules in order to control the system software to decrypt the protected content of the provider. Moreover, the device is adapted to validate the system software and/or a further client software module and to prevent the decryption and/or provision of the protected content of the provider, if the system software and/or the further client software module are not validated successfully. The validation of the system software and/or a further client software module comprises a comparison of identification data of software modules of the system software and/or further client software modules loaded in a processor of the device and identification data included in a revocation list assigned to the provider. In addition to the device, the invention relates to a method for operating the device. | 12-17-2015 |
20150365407 | AUTHENTICATION OF MOBILE APPLICATIONS - Embodiments of the present invention provide a system, method and computer program product for authenticating a mobile application. According to one embodiment the method comprises registering, by a computer processor of a computer system, the mobile application, wherein the registration includes receiving and storing information associated with the mobile application, receiving, by the computer processor, one or more application details associated with the mobile application from a computing device, comparing, by the computer processor, the received one or more application details associated with the mobile application with the stored information associated with the mobile application, generating, by the computer processor, a notification based on the comparison to indicate authenticity of the mobile application and sending the notification to the computing device. | 12-17-2015 |
20150371056 | SYSTEM AND METHOD FOR ENHANCING USABILITY OF APPLICATIONS RUNNING ON DEVICES THAT SECURELY STORE DATA - The technique relates to a system and method for enhancing usability of devices that securely store data. The method involves receiving a plurality of client related context information from a client on a server, in response to invocation of a client application on a device then obtaining data and a plurality of data related context information from the server thereafter determining decision on data storage request on the device based on the client related context information and the data related context information and finally communicating the data and the decision to the client. | 12-24-2015 |
20150379288 | SECURE ACCESS TO RUNNING CLIENT APPLICATION FEATURES FROM A BROWSER APPLICATION - A secure access is provided to a plurality of software application features associated with a plurality of software applications running on a user's device, wherein the secure access is provided from a web browser application associated with the user's device. This may include providing an open connection between a server and at least one software application within the plurality of software running on the user's device. This may also include sending a message from the web browser application to the server. This may further include detecting the sent message from the web browser application to the server. Additionally, the open connection may be used to send data from the server to the at least one software application. | 12-31-2015 |
20160011991 | DATA PROTECTED PROCESS CORES | 01-14-2016 |
20160019376 | WIRELESS DEVICE FOR GROUP ACCESS AND MANAGEMENT - A system and method for establishing a group of wireless devices having shared media stored thereupon associates each group member device of the group of wireless devices, communicates with at least some of the group member devices of the group of wireless devices to identify shared media and upon receiving a request transmitted by a group member device of the group of wireless devices, supports access to shared media. The shared media may be stored on a different group member device, upon a managing server computer, or a media server. Upon a successful validation, the group member device that made the request is notified to facilitate the access to the shared media. The notification includes access information. | 01-21-2016 |
20160019377 | SOFTWARE REVALIDATION - Software revalidation. In one example embodiment, a method for software revalidation may include various steps. For example, the method may include receiving, at a machine on which a software application has been installed and activated, activation rules, from an activation server, that have been updated since the release of the software application to account for new or updated software or hardware with which the software application is configured to be employed. The method may also include periodically applying, at the machine, the updated activation rules to newly-collected machine configuration information from the machine to determine whether a product key remains valid for the newly-collected machine configuration information and, if the product key remains valid for the newly-collected machine configuration information, revalidating, at the machine, the software application to authorize continued access to the software application. | 01-21-2016 |
20160026777 | INFORMATION PROCESSING SYSTEM, METHOD OF CONTROLLING THE SYSTEM, INFORMATION PROCESSING APPARATUS, WEB SERVER, AND STORAGE MEDIUM - In an information processing apparatus, upon the calling of a web application being instructed, the information processing apparatus sets a URL corresponding to the web application in the web browser and makes a request to the web server, and when a request to perform a confirmation process for the license is received from the web server, the information processing apparatus generates signature information of the information processing apparatus, sends the signature information to the URL, and obtains authorization information from the web server. The web server confirms a license of the information processing apparatus in response to the request from the information processing apparatus, and responds to the information processing apparatus with web application content upon the license of the information processing apparatus being successfully confirmed. | 01-28-2016 |
20160042159 | DELAYED VALIDATION FOR SOFTWARE LICENSING AND ACTIVATION - A method for performing a delayed license validation may include receiving a request to execute a software application. In response to receiving the request to execute the software application, the execution of the software application may be permitted. Subsequent to permitting the execution of the software application, compliance with a license associated with the software application may be determined. | 02-11-2016 |
20160050208 | MOBILE DEVICE ENABLED TIERED DATA EXCHANGE VIA A VEHICLE - A mobile device enabled tiered data exchange via a vehicle is disclosed. A mobile device can access profile information related to a tiered-data sharing profile. The tiered-data sharing profile can associate data with a sharing tier designating security, privacy, or authorization constraints on sharing the associated data. A sharing tier can further designate obfuscation of the data as a constraint on sharing the data. The mobile device can enable access to the data subject to the constraints of the tiered-data sharing profile. In an embodiment, tiered data can be shared from the mobile device to an external service device via vehicle device. In another embodiment, tiered data can be shared from the mobile device to a service device of the vehicle. | 02-18-2016 |
20160063220 | Replay Attack Prevention for Content Streaming System - The invention relates to a method for accessing protected content provided to a client device, wherein the client device decrypts the content using at least one control word provided by a server device. In the method, (i) the client device sends a request message to the server device, the request message including a nonce, and the client device stores the nonce; (ii) upon receipt of the request message, the server device generates a control word message based on the control word and the received nonce; (iii) upon receipt of the control word message, the client device determines the control word from the control word message and validates the control word message using the stored nonce; and (iv) the client device uses the control word to decrypt at least part of the content in response to a successful validation of the control word message. Moreover, the invention relates to a client device and a server device for carrying out the method. | 03-03-2016 |
20160063224 | MULTI-MODE PROTECTED CONTENT WRAPPER - A method, apparatus, media and data structure for rendering a wrapper. The wrapper includes at least one data structure in a format that is renderable by a standard rendering engine and containing censored content comprising source content identification information. When the wrapper is opened by a standard rendering engine, the censored content is rendered. When opened by a trusted rendering engine, the source content is rendered. | 03-03-2016 |
20160065593 | DEVICE VERIFICATION PRIOR TO REGISTRATION - Embodiments are directed to registering a device to receive notifications. In one scenario, a computer system receives a notification registration request from a computing device. The computer system generates a registration secret which includes identification information that uniquely identifies the computing device, and sends the generated registration secret including the information that uniquely identifies the computing device to a notification service. The computer system receives a hash value from the computing device, where the hash value is generated based on the identification information of the generated registration secret. The computer system computes another hash value based on the identification information of the received registration secret to determine whether the second hash value matches the first hash value, and upon determining that the second hash value matches the first hash value, the computer system registers the computing device to receive notifications from the notification service. | 03-03-2016 |
20160073217 | METHODS AND SYSTEMS FOR SECURE ACTIVATION OF SOFTWARE LICENSES AND FEATURES - Methods and systems for a near field communication (NFC) token is provided. The NFC token includes an antenna, and a memory device configured to store a license key. The license key is used by an NFC enabled medical system to activate a software feature of the NFC enabled medical system. The NFC token also includes a transmitter electrically coupled to the antenna and the memory device. The transmitter is configured to transmit information to the NFC enabled medical system when the transmitter is within an NFC activation field of the medical system. The transmit information includes the license key. | 03-10-2016 |
20160078199 | Method for Scalable Access Control Decisions - Content access may be provided and processed by assigning responsibility for obtaining entitlement data to the client's browser. Thus, in one example, the client may be configured to synchronize and coordinate data lookups associated with a content request, rather than relying on the server to do so. The network architecture may use a mediator design pattern, in which the client's browser acts as the mediator (i.e., middleman) between a content server and an entitlement data server. Accordingly, synchronous calls between server-side services might not be required. Instead, data necessary for the content server to process a client request for access to protected content may be received in the incoming request from the client's browser. | 03-17-2016 |
20160085946 | TECHNIQUE FOR ENABLING NOMINAL FLOW OF AN EXECUTABLE FILE - A technique for enabling nominal flow of an executable file on a client. The executable file includes executable code lacking at least one nominal constant, wherein only the nominal constant enables the nominal flow of the executable file and wherein a server has access to the at least one nominal constant. In a method aspect performed by the client, the method includes retrieving hardware information of the client, wherein the hardware information is at least substantially unique, transmitting one of the hardware information and information derived therefrom to a server and, in turn, receiving at least one constant that has been transformed based on one of the hardware information and the information derived therefrom. The client then performs, using one of the hardware information and the information derived therefrom, an inverse transformation on the at least one transformed constant to recover the nominal constant. A server-side method aspect includes receiving, from the client, one of the substantially unique hardware information and the information derived therefrom, transforming the at least one nominal constant using one of the hardware information and the information derived therefrom, and transmitting, to the client, the at least one transformed constant. | 03-24-2016 |
20160092662 | CONTENT READING METHOD FOR READING OUT COPYRIGHT-PROTECTED CONTENT FROM NON-TRANSITORY RECORDING MEDIUM, CONTENT READING APPARATUS, AND NON-TRANSITORY RECORDING MEDIUM - A content reading method includes identifying first version information indicating a version of a content copyright protection method of an optical disk based on this optical disk, identifying second version information indicating a version of a protocol used in authentication of a host apparatus, determining whether the authentication is to be approved or not by comparing the first version information and the second version information, authenticating the host apparatus according to a result of the determination, reading out, from the optical disk, Volume ID used in decrypting an encrypted content and sending it to the authenticated host apparatus, and 0 the encrypted content from the optical disk and sending it to the authenticated host apparatus. | 03-31-2016 |
20160092693 | Devices with Profile-Based Operating Mode Controls - A device (e.g., a phone) can be provided by an entity (e.g., a business) to a user (e.g., an employee). The device includes a profile manager that allows the user to configure a personal profile comprising any of applications, settings, and stored data. The device is also configurable with an entity profile determined by the entity that also may include applications, settings, and stored data. The user can select from operating modes comprising at least a personal mode, and a unity mode; an entity mode also may be available for selection. The profile manager, based on the selected mode, determines whether entity profile data and applications are available to the user, and which applications from either profile may conduct user-perceptible activities. The profile manager may periodically verify entity profile rights with a server, and if verification fails, then the profile manager can restrict entity profile data and applications access, regardless of operating mode. | 03-31-2016 |
20160098576 | Cognitive Digital Security Assistant - An approach is provided in which a cognitive digital security assistant intercepts a personal data request from a client that is requesting personal data from a user. The cognitive digital security assistant analyzes the personal data request against the user's security statements to determine whether to provide the user's personal data to the client. During the analysis, the cognitive digital security assistant determines whether the personal data request includes benefits that meet the user's benefit thresholds included in the user's security statements. When the benefits meet the user's benefit thresholds, the cognitive digital security assistant provides the requested personal data to the client in exchange for the benefit from the client. | 04-07-2016 |
20160099970 | Contract Broker for Secure Ad-Hoc Personal Data Sharing - The present disclosure is directed to a system and method for sharing sensitive personal data such as personally identifying data and financial data of a user. In an aspect the exchange of data is facilitated by a trusted contract broker, which is in communication with a client device and an external application. The contract broker having access to needs and rules for each of the client device and the external application, and the contract broker brokering the secure exchange of data between the client device and the contract broker according to said needs and rules. In an aspect, an electronic representation of a subset of personal data needed to satisfy an ad-hoc rule of said external application is generated in a client device and delivered to the external application. | 04-07-2016 |
20160103999 | METHOD AND SYSTEM FOR ELECTRONIC DELIVERY OF SENSITIVE INFORMATION - A method and related system obtains consent from a user for electronic delivery of sensitive information. The user operating a first computer accesses a web page on a server system to input the consent. The web page prompts for the consent from the user. Once the consent is received at the server system, the consent is stored and sensitive information is delivered electronically to an e-mail address specified by the user. Once consent is indicated, it is communicated from the individual's computer to another computer such as a server over, for example, a modem connection. Having secured the individual's consent, the additional sensitive information may be delivered to the individual's computer as, for example, a URL attachment to an email message. | 04-14-2016 |
20160112461 | COLLECTION AND USE OF CAPTURED VEHICLE DATA - In an example embodiment, a method of reporting observation data includes receiving, at a vehicle, a request from a server for observation data associated with at least one of an area of interest, a time period of interest, or an object of interest. The method also includes outputting a message to a user of the vehicle to request authorization to grant the server access to observation data of the vehicle. The method also includes receiving a reply to the message from the user. The method also includes, in response to the reply authorizing the server to access the observation data of the vehicle, providing the server with access to the observation data of the vehicle. | 04-21-2016 |
20160125173 | INFORMATION PROCESSING SYSTEM, ELECTRONIC DEVICE AND SERVICE AUTHORIZATION METHOD - An information processing system includes an information processing device, and an electronic device to utilize a service provided from the information processing device. A service delivery unit provides the service for the electronic device. An information management unit manages license information of the service, generates use permission information and sends the generated use permission information to the electronic device. An execution management unit manages an execution request of the service specifying the use permission information of the service. An execution unit determines whether to have a use authority of a function of the electronic device utilized by the service based on contents of the license included in the use permission information of the service and executes the service by utilizing the function of the electronic device upon determining that the use authority of the function of the electronic device utilized by the service is present. | 05-05-2016 |
20160125194 | DYNAMIC SERVICE DISCOVERY - When an application is launched, a framework scanning module scans a plurality of frameworks linked against by the application to generate a list of available services. When the application makes a request of a particular service, a service verification module compares the requested service to the list of available services and if the requested service is found in the list of available services, sends a signal to the application, the signal allowing access to the requested service for the application. Otherwise, access to the requested service is denied. | 05-05-2016 |
20160127892 | COMMUNICATION METHOD OF HIDING PRIVACY INFORMATION AND SYSTEM THEREOF - A communication method of hiding privacy information and a system thereof are provided. The method comprises following steps: performing an identification unit generating program to generate a master identification unit and a slave identification unit; storing a first identification code and a second identification code to a communication server; adding the first identification code into a first communication program of a first mobile device by detecting the master identification unit; adding the second identification code into a second communication program of a second mobile device by detecting the slave identification unit; executing the second communication program to transmit a communication request to the communication server; and the first identification code and the second identification code are utilized by the communication server to establish a communication link from the second communication program to the first communication program. | 05-05-2016 |
20160132666 | System And Method For Relicensing Content - A method, computer program product and system for indicating the occurrence of a relicensing trigger event on a client electronic device includes generating a license request for the client electronic device. An expiration indicator is received for a subscription associated with the client electronic device. A device license is created for the client electronic device that includes the license request and the expiration indicator. A secure device license is created by digitally-securing the device license. | 05-12-2016 |
20160132668 | MANAGEMENT APPARATUS, MANAGEMENT METHOD, AND RECORDING MEDIUM OF MANAGEMENT PROGRAM - A management method for billing system, the management method includes setting, by a processor, billing address for usage fees of a virtual machine, deployed based on a deploy instruction from a first account, to a second account from which execution instruction for software, which runs on the virtual machine, is issued. | 05-12-2016 |
20160134631 | ENABLING ENFORCEMENT OF LICENSING TERMS IN DISTRIBUTING CONTENT IN CONTAINERS BY INCLUDING A KEY IN THE CONTAINER CONTAINING THE PERTINENT LICENSING TERMS - A method, system and computer program product for enforcing licensing terms when distributing content via a container image running in a container. Upon receiving a request for a service from the container by the isolation code, where the isolation code limits, accounts and isolates resource usage of process groups, the commerce code application programming interfaces (APIs) of the isolation code read a key of the container. The key contains licensing terms applied to the component(s) (e.g., applications) of the container. The commerce code APIs will then confirm that the container is in compliance with those licensing terms. If the container is in compliance with the licensing terms, the container will be allowed to execute. Otherwise, the container will be prevented from executing. In this manner, the commerce code APIs can enforce the licensing terms, including restrictions and enforcement of payment to the licensor upon distributing content in the container. | 05-12-2016 |
20160140356 | SECURE DATA STORAGE DEVICE AND DATA WRITING AND READ METHODS THEREOF - A secure data storage device for preventing tampering with data stored thereon includes a two-dimensional memory array for storing data, the array includes a predetermined number of data words. Each data word includes a set of bits, and is associated with a single physical address in the memory array. A key storage area for storing a key of the data storage device is included in the device. The secure data storage device includes an address conversion unit configured to convert a logical address to a corresponding physical address which points to a location in the memory array. The device includes a bit mixing unit for mixing bit values of an input data word to obtain a mixed word value, such that the mixed word value is a rearrangement of the bit values of the input data word. The device is electrically connectable to a host. | 05-19-2016 |
20160140360 | SYSTEM AND METHOD FOR NETWORK ADMINISTRATION AND LOCAL ADMINISTRATION OF PRIVACY PROTECTION CRITERIA - Cookie files are screened in a client machine, wherein a cookie file includes a cookie file source. A request from a subscriber is received at a server to send a list of untrusted cookie file sources to the client machine. The list of untrusted cookie file sources is downloaded from the server to the client machine. The downloaded list of untrusted cookie file sources is used to detect cookie files received at the client machine from cookie file sources on the downloaded list by comparing the cookie file source of any received cookie file to the untrusted cookie file sources on the downloaded list. | 05-19-2016 |
20160140362 | HEALTHCARE AS A SERVICE - DOWNLOADABLE ENTERPRISE APPLICATION - An application as a service provided in a secure environment. A sandbox in a user's computing environment may be created. An application may be downloaded to the user's computing environment to run within the sandbox. Data sources associated with the user's computing environment may be searched and connectivity established with data registry of the data sources based on data description received with the application. The application may be run within the sandbox using the established connectivity. Metering may be performed to monitor usage of the application at the user's computing environment. | 05-19-2016 |
20160147982 | TRANSPARENT EXECUTION OF SECRET CONTENT - The present application is directed to transparent execution of secret content. A device may be capable of downloading content that may include at least one secret portion, wherein any secret portions of the content may be directed to a secure workplace in the device not accessible to device operating system components, applications, users, etc. The device may then present the content in a manner that allows secret portions of the content to be executed without direct access. For example, the device may download content, and a director module in the device may direct any secret portions of the downloaded content to a secure workspace. During execution of the content, any inputs required by the secret portions may be provided to the secure workspace, and any resulting outputs from the secret portions may then be used during content presentation. | 05-26-2016 |
20160148003 | IMPLEMENTING EXTENT GRANULARITY AUTHORIZATION AND DEAUTHORIZATION PROCESSING IN CAPI ADAPTERS - A method, system and computer program product are provided for implementing block extent granularity authorization and deauthorization processing for a Coherent Accelerator Processor Interface (CAPI) adapter. The Application Client, such as an Application Child Client sends a Delete Authorizations command to the CAPI Adapter via the Client CAPI Server Registers assigned to the specific Application Client. The CAPI Adapter deletes the Authorizations in all Lists in the Delete Authorizations command. | 05-26-2016 |
20160148004 | IMPLEMENTING EXTENT GRANULARITY AUTHORIZATION COMMAND FLOW PROCESSING IN CAPI ADAPTERS - A method, system and computer program product are provided for implementing block extent granularity authorization command flow processing for a Coherent Accelerator Processor Interface (CAPI) adapter. An Application Client builds a command including start LBA and number of LBAs and Child Authorization Handle. The Application Client sends the command directly to the CAPI Adapter via the Application Clients CAPI Server Registers assigned to the specific Application Client. The CAPI adapter validate that the requesting Client is authorized to perform the command using the Authorization Handle and the receiving CAPI Server Register address. The CAPI Adapter executes the validated command and sends completion back to the Application Client. | 05-26-2016 |
20160148005 | IMPLEMENTING AND PROCESSING EXTENT GRANULARITY AUTHORIZATION MECHANISM IN CAPI ADAPTERS - A method, system and computer program product are provided for implementing and processing a block extent granularity authorization mechanism for a Coherent Accelerator Processor Interface (CAPI) adapter. The CAPI adapter generates an authorization table with multiple authorization entries, each authorization entry including an Authorization Handle with CAPI server registers identification (ID) including a start Logical Block Address of the extent and range of Logical Block Addresses for each extent. When a command is received an authentication process uses the Authorization Handle contained in the received command and an Authorization Entry in the Authorization Table indexed by the Authorization Handle to authenticate the received command to prevent unauthorized data access. | 05-26-2016 |
20160148007 | IMPLEMENTING AND PROCESSING EXTENT GRANULARITY AUTHORIZATION MECHANISM IN CAPI ADAPTERS - A method, system and computer program product are provided for implementing and processing a block extent granularity authorization mechanism for a Coherent Accelerator Processor Interface (CAPI) adapter. The CAPI adapter generates an authorization table with multiple authorization entries, each authorization entry including an Authorization Handle with CAPI server registers identification (ID) including a start Logical Block Address of the extent and range of Logical Block Addresses for each extent. When a command is received an authentication process uses the Authorization Handle contained in the received command and an Authorization Entry in the Authorization Table indexed by the Authorization Handle to authenticate the received command to prevent unauthorized data access. | 05-26-2016 |
20160148008 | IMPLEMENTING EXTENT GRANULARITY AUTHORIZATION COMMAND FLOW PROCESSING IN CAPI ADAPTERS - A method, system and computer program product are provided for implementing block extent granularity authorization command flow processing for a Coherent Accelerator Processor Interface (CAPI) adapter. An Application Client builds a command including start LBA and number of LBAs and Child Authorization Handle. The Application Client sends the command directly to the CAPI Adapter via the Application Clients CAPI Server Registers assigned to the specific Application Client. The CAPI adapter validate that the requesting Client is authorized to perform the command using the Authorization Handle and the receiving CAPI Server Register address. The CAPI Adapter executes the validated command and sends completion back to the Application Client. | 05-26-2016 |
20160162666 | Software Management in Dynamically Scalable Cloud Environment - A license manager includes a processor and non-transitory computer readable media having encoded thereon a set of instructions executable by the at least one processor to receive a request, from a virtual machine, to reserve an individual license of the set of authorized licenses for a vendor software instance, determine the availability licenses for the requested vendor software, register a unique identifier of the virtual machine in association with an available individual license, grant the individual license to the virtual machine, and prevent the granted individual license from concurrent use by other virtual machines or devices. | 06-09-2016 |
20160164751 | BROKERING DATA ACCESS REQUESTS AND RESPONSES - The present invention extends to methods, systems, and computer program products for brokering data access requests and responses. Aspects of the invention include a brokering pipeline that sequentially processes data access requests and data access responses. The brokering pipeline manages access authentications, request brokering, response rewrite, cache, and hosting multiple (e.g., business) entities. | 06-09-2016 |
20160171187 | REGISTRATION OF DEVICES IN A DIGITAL RIGHTS MANAGEMENT ENVIRONMENT | 06-16-2016 |
20160180104 | PATTERN DRIVEN DATA PRIVACY MANAGEMENT | 06-23-2016 |
20160188866 | VERIFICATION DATA PROCESSING METHOD AND DEVICE AND STORAGE MEDIUM - A verification data processing method includes: receiving CAPTCHA response information sent by user through a user terminal and obtaining an IP address of the user terminal from the CAPTCHA response information; obtaining verification data by verifying the CAPTCHA response information, and storing the verification data in a preset hash table, where the verification data includes the type of a CAPTCHA code corresponding to the CAPTCHA response information, and the number of total verifications of CAPTCHA response information and the number of correct verifications both corresponding to the IP address; determining a user type of the user according to the IP address, the number of total verifications and the number of correct verifications; storing the verification data in a min-heap according to the CAPTCHA code type and the user type; and making a statistic of all the numbers of total verifications and all the numbers of correct verifications in the min-heap. | 06-30-2016 |
20160196442 | SECURING DATA ON UNTRUSTED DEVICES | 07-07-2016 |
20160196444 | METHOD AND APPARATUS FOR LOGICALLY DETERMINING WHETHER RECEIVED QUERIES QUALIFY FOR STRAIGHT-THROUGH-PROCESSING | 07-07-2016 |
20160203302 | LICENSE MANAGEMENT OF FIRMWARE-CONTROLLABLE FEATURES IN COMPUTER SYSTEMS | 07-14-2016 |
20160203303 | DIGITAL RIGHTS MANAGEMENT HANDLER AND RELATED METHODS | 07-14-2016 |
20160203326 | SECURING DATA GATHERING DEVICES OF A PERSONAL COMPUTING DEVICE WHILE PERFORMING SENSITIVE DATA GATHERING ACTIVITIES TO PREVENT THE MISAPPROPRIATION OF PERSONAL USER DATA GATHERED THEREWITH | 07-14-2016 |
20160253508 | Device, System, and Method of Preventing Unauthorized Recording of Visual Content Displayed on an Electronic Device | 09-01-2016 |
20160253528 | METHOD OF INTERACTING WITH AN ELECTRONIC DEVICE WHILE THE DISPLAY SCREEN IS DEACTIVATED | 09-01-2016 |
20160381079 | Peer-to-Peer Group Vigilance - Providing peer-to-peer network security includes collecting, by a local trusted network device, local trust data related to behavior of the local trusted network device, receiving, by one or more remote trusted network devices, additional trust data for the local trusted network device, calculating a combined trust score for the local trusted network device based on the local trust data and additional trust data, and modifying activity of the local trusted network device based on the combined trust score. | 12-29-2016 |
20170237747 | DIGITAL ASSET PROTECTION POLICY USING DYNAMIC NETWORK ATTRIBUTES | 08-17-2017 |
20180025138 | NETWORK INFORMATION SYSTEM WITH LICENSE REGISTRATION AND METHOD OF OPERATION THEREOF | 01-25-2018 |
20180025169 | TECHNIQUE FOR CONTROLLING THE READING OF A DIGITAL OBJECT | 01-25-2018 |
20190147174 | SYSTEM AND METHOD FOR TRACKING AND MANAGING ADDITIVE MANUFACTURING OF COMPONENTS | 05-16-2019 |