| 40th week of 2008 patent applcation highlights part 89 |
| Patent application number | Title | Published |
|---|
| 20080244654 | System and Method for Providing a Directory of Advertisements - Embodiments of the present disclosure are directed to a system and method for providing a directory of advertisements comprising receiving a menu command, outputting a user menu at a display device in response to receiving the menu command, receiving one or more entries based on interactions with the user menu to select an advertisement and corresponding advertisement data, retrieving the advertisement and corresponding advertisement data in response to receiving on one or more entries, and outputting, at the display device, at least one of the retrieved advertisement and the retrieved corresponding advertisement data. | 2008-10-02 |
| 20080244655 | VIRAL MARKETING OF BROADCAST CONTENT - Viral marketing may be used in the delivery of broadcast content over networks such as DVB-H networks. By tracking and monitoring viewer recommendations and viewer responses to recommendations, content providers may target viewers and/or peer groups for marketing various types of content. Content may include advertisements, television programs, service announcements and the like. Feedback from viewers may be received on a user device through a backward or upstream channel. The viewers may be provided with a recommendation interface. In one or more configurations, the interface may be integrated into an electronic programming guide. | 2008-10-02 |
| 20080244656 | Information processing apparatus and method, and program - In the present invention, there is provided an information processing apparatus for recommending contents. The information processing apparatus may include recommendation information generating means for generating recommendation information for presenting a recommended content to be recommended to a user to the user, and when presenting the recommendation information to the user, changing a form of presentation of at least a part of the recommendation information. | 2008-10-02 |
| 20080244657 | Method and system of retrieving prior broadcasted programming at a user device from a service provider - A communication system | 2008-10-02 |
| 20080244658 | METHOD, SYSTEM AND APPARATUS FOR MANAGING IPTV LIVE BROADCAST SERVICE - A method for managing an IPTV live broadcast service, including: receiving a request from a subscriber terminal; updating authorization information of the subscriber terminal in real time; generating a channel list for the subscriber terminal according to the authorization information; and sending the channel list to the subscriber terminal. A system, IPTV application apparatus and subscriber terminal for managing an IPTV live broadcast service is also provided. By the interaction between the IPTV application apparatus and the subscriber terminal, the embodiments of the present invention make it possible to send authorization information to the subscriber terminal in real time so that the subscriber may employ the live broadcast of a PPV program in real time. In addition, the embodiments of the present invention make it possible to effectively manage the time shift operation performed by the subscriber in the time shift limit. | 2008-10-02 |
| 20080244659 | PROGRAM GUIDE NAVIGATION TOOLS FOR MEDIA CONTENT ACCESS SYSTEMS AND METHODS - An exemplary system includes a media content processing subsystem configured to provide a program guide graphical user interface (“GUI”) to a display for presentation to a user, the program guide GUI including a portion of a program guide. The media content processing subsystem is further configured to provide at least one navigation tool to the display for presentation in the program guide GUI, the navigation tool including a plurality of selectable options for navigating the program guide. The media content processing subsystem is further configured to detect a user selection of one of the selectable options and initiate a navigation to a location in the program guide based on the selected option. In certain embodiments, the navigation tool includes at least one of a time-based navigation tool and a channel navigation tool. | 2008-10-02 |
| 20080244660 | VIRTUAL SET-TOP BOX TUNER IN CONTENT DISTRIBUTION SYSTEM - A method for scheduling the reception of content in a content receiver, for example, in an STB/DVR, includes scheduling ( | 2008-10-02 |
| 20080244661 | Method and system for automatically selecting television channels - It is disclosed that in a content distribution system a speech-to-text convertor can be used for the conversion of at least a part of a particular data stream to text data. The text data can be used for triggering a set-top box to select the particular data stream to which the text data is associated. The text data can be provided to a trigger receiver that determines whether the text data matches with an entry of a trigger table. In the case of a match the set-top box is instructed to select the particular data stream. | 2008-10-02 |
| 20080244662 | Option Menu for Use with a Computer Management System - A method for improving video quality of a video stream. The method decodes the video stream and generates subblocks of video data from the video stream. The method then removes effects of subblock boundaries from previous deblocking. Each subblock is then smoothed to create pixel values and optionally, subblocks are merged if a predetermined quality is not achieved from the smoothing analysis. The pixels values are filled into each pixel position in the subblock. The subblocks are deblocked and then at least one subblock is outputted to a rendering device. | 2008-10-02 |
| 20080244663 | Method and system for inserting digital video effects into a video stream using a bypass router - A method and system for generating an output signal includes a receiving system | 2008-10-02 |
| 20080244664 | Interface for bulkhead monitor and method for using the same - An interface for a bulkhead monitor in an in-flight entertainment system, and a method for using the same. More specifically, a one-wire interface use to electrically couple a tapping unit and its associated monitor in an in-flight entertainment system. The wire has a first end for coupling to an input of a comparator in the tapping unit, and a second end for coupling to an input of a comparator in the monitor, to couple the tapping unit to the monitor. The interface further includes a second wire for coupling the wire to a load, such as an indicator which indicates an on or off condition of at least the video monitor. The wire of the interface can also carry a signal indicating a indicating at least one of transmitting state and a receiving state of a microcontroller of the monitor. | 2008-10-02 |
| 20080244665 | System and method of providing video content - A method of providing video content is disclosed that includes identifying a current user of a set-top box device, where a plurality of users that includes the current user is associated with the set-top box device. The method also includes identifying a first channel associated with the set-top box device, where the set-top box device is tuned to the first channel. Further, the method includes predicting that the current user will select at least one next channel based on historical data associated with the current user. The method also includes streaming video content of the at least one next channel to the set-top box device via a video distribution network while the set-top box device is tuned to the first channel. | 2008-10-02 |
| 20080244666 | SYSTEMS AND METHODS FOR USING INCENTIVES TO INCREASE ADVERTISING EFFECTIVENESS - Systems and methods can include offering a user an incentive for viewing advertising content, delivering the advertising content to the user, monitoring the delivery of the advertising content to the user and awarding the user the offered incentive upon successful completion of delivery of the advertising content to the user. Systems and methods can further include maintaining a database of incentives awarded to the user for subsequent redemption by the user. Systems and methods can further include offering the user an opportunity to identify advertising content preferences, storing those advertising content preferences in a database and using the advertising content preferences to filter the advertising content identified to the user when the user is offered an incentive for viewing advertising content. | 2008-10-02 |
| 20080244667 | BANDWIDTH SENSITIVE SWITCHED DIGITAL VIDEO CONTENT DELIVERY - Systems and methods are disclosed for enabling a switched digital video (SDV) server to prioritize SDV programs. More specifically, SDV programs carried on an RF carrier frequency are given priorities in the event of unavailable bandwidth. In this manner, the SDV server selects which SDV programs to broadcast, to unbind, or not to fulfill. | 2008-10-02 |
| 20080244668 | SYSTEM AND APPARATUS FOR SEARCHING MEDIA STATIONS - A system and apparatus for searching media stations is disclosed. A system that incorporates teachings of the present disclosure may include, for example, a set-top box having a video processor that presents multimedia programs at a media device, and a controller element that manages operations of the video processor and searches for a broadcast channel associated with a media station according to a search string corresponding to one among a name of the media station, and call letters of the media station. Additional embodiments are disclosed. | 2008-10-02 |
| 20080244669 | Method and system for marking video signals for identification - An apparatus for generating an output signal includes a receiving system | 2008-10-02 |
| 20080244670 | System and Method for IPTV Service Prompting - The embodiment of the present invention discloses a system for IPTV service promoting. And the system includes: a first subsystem, for storing program information of each user; a second subsystem, for determining the program information needed to be prompted according to the program information stored in the first subsystem. The embodiment of the present invention also discloses a method for IPTV service promoting. According to the embodiment of the present invention, the user is timely prompted to get the IPTV program. | 2008-10-02 |
| 20080244671 | NOTIFICATION FOR INTERACTIVE CONTENT - A system may provide a video program or information associated with the video program on a video display device, and provide an interactive content icon on the video display device. The interactive content icon may indicate that interactive content is available for the video program. | 2008-10-02 |
| 20080244672 | Co-ordinated on-line video viewing - In a method of co-ordinated on-line data file viewing, a user selects an on-line video or other data file, selects a companion viewer, and views the on-line file simultaneously with the selected companion viewer. | 2008-10-02 |
| 20080244673 | Information processor and recording medium in which information processing program is recorded - In a request node for receiving content with a preset distribution completion time limit, which is distributed from a content node connected to the request node via a network, remaining time to the distribution completion time limit is detected. On the basis of the detected remaining time, a download speed necessary for distributing the content in the whole of the detected remaining time and completing the distribution within the remaining time is determined. Content request information including information indicative of the determined download speed is transmitted to the request node. | 2008-10-02 |
| 20080244674 | Information distribution system, program-for-management-apparatus recording medium, and program-for-information-processor recording medium - A content distribution system includes a node to which content is distributed via a network and a distribution management server for managing a content distribution status. | 2008-10-02 |
| 20080244675 | Imaged image data processing apparatus, viewing information creating apparatus, viewing information creating system, imaged image data processing method and viewing information creating method - An imaged image data processing apparatus includes obtaining means for obtaining imaged image data, which is imaged by an imaging section that images the sight of a user, extracting means for extracting identification data for identifying a viewed program from the imaged image data obtained by the obtaining means, and transmitting means for transmitting the identification data extracted by the extracting means to an external viewing information creating apparatus. | 2008-10-02 |
| 20080244676 | METHODS, SYSTEMS AND APPARATUSES TO ENHANCE BROADCAST ENTERTAINMENT - The present embodiments provide methods and systems to access additional, enhanced and/or interactive content associated with a broadcast program received over a closed broadcast network. Some embodiments provide methods of enhancing broadcast content by receiving broadcast content from a broadcast content source over a closed network, receiving a request to tune in a broadcast program, tuning in the broadcast program from the broadcast content, extracting a program identification of the broadcast program from the broadcast content, and communicating the program identification to a remote network access device to allow access over a network to additional content associated with the broadcast program. | 2008-10-02 |
| 20080244677 | Information processing apparatus, information processing method, information processing program, and information processing system - In an information processing apparatus, identification information identifying a specified broadcast content is converted into identification information identifying another broadcast content corresponding to the originally specified broadcast content, in accordance with table information indicating a correspondence among a plurality of pieces of identification information respectively identifying broadcast contents thereby indicating a correspondence among the broadcast contents. | 2008-10-02 |
| 20080244678 | Method for transmitting/receiving broadcasting signal and apparatus for receiving broadcasting signal - Disclosed herein are disclosed a method for transmitting/receiving a broadcasting signal and an apparatus for receiving the broadcasting signal. A plurality of video streams may be transmitted through a single virtual channel and an identifier for identifying the plurality of video streams may be included in program table information and the program table information be transmitted/received. Accordingly, it is possible to obtain the plurality of video streams with respect to the single virtual channel. | 2008-10-02 |
| 20080244679 | SWITCHED DIGITAL VIDEO CLIENT REVERSE CHANNEL TRAFFIC REDUCTION - Systems and methods are disclosed for enabling a switched digital video (SDV) client to intelligently generate and transmit reverse request in a SDV system. In this manner, reverse channel traffic is reduced. During rapid channel changes using the up and down keys on a remote control, the SDV client waits a predetermined amount of time before generating a reverse request that is subsequently transmitted upstream to a headend server. By way of example, changing broadcasted channels quickly will not generate a reverse request until the predetermined amount of time is over. In the event that a changed channel is an SDV session, a program select request is immediately generated in order to begin receiving the SDV session. | 2008-10-02 |
| 20080244680 | CONNECTION STATUS CHECKING APPARATUS AND CONNECTION STATUS CHECKING METHOD - According to one embodiment, a connection status checking apparatus checking a connection status of an external apparatus has following respective configurations. That is, the connection status checking apparatus includes: a connection part to which the external apparatus is connected; a command output unit outputting a check command for checking whether or not the external apparatus is connected to the connection part; a judging unit judging whether or not an answer to the check command from the external apparatus to which the check command is outputted by the command output unit exists; and a connection determining unit determining whether or not the external apparatus is connected to the connection part based on a judgment result of the judging unit. | 2008-10-02 |
| 20080244681 | Conversion of Portable Program Modules for Constrained Displays - A computer-implemented method includes identifying a computer-based portable program module, automatically altering code in the portable program module to permit display of the module on a television-based display so that the displayed module has a substantially similar appearance on the television-based display as on a computer display, and providing the altered code for execution on a processor connected to a television-based display. | 2008-10-02 |
| 20080244682 | METHOD FOR ENHANCING FEATURES OFFERED BY A SOFTWARE APPLICATION RESIDING ON A SET TOP TERMINAL - A set top terminal includes a processor and a runtime execution engine adapted to run on the processor. The runtime execution engine has at least one interface to expose one or more functions of the runtime execution engine. The set top terminal also includes a software application adapted to run on the runtime execution engine. An application interface shim is also provided to chain calls between the software application and the runtime execution engine and to redirect select functions calls over a communications network to a remote device. The select function calls enable at least one feature not otherwise available to the software application. | 2008-10-02 |
| 20080244683 | Methods, Systems and Devices for Multimedia-Content Presentation - Embodiments of the present invention comprise systems, methods and devices for determining by-storyline data from by-episode data. | 2008-10-02 |
| 20080244684 | Digital Broadcast Receiving Apparatus - A digital broadcast receiving apparatus is disclosed that performs channel list switching without increasing the apparatus scale and power consumption. In this apparatus, schedule control section ( | 2008-10-02 |
| 20080244685 | Method and Apparatus for Providing Dynamic Security Management - Methods and devices provide dynamic security management in an apparatus, such as a mobile telephone terminal. The apparatus includes a platform for running an application; a security manager for handling access of the application to functions existing in the apparatus; an application interface (API) between the platform and the application; a set of access permissions stored in the apparatus and used by the security manager for controlling access of the application to functions through the application interface. Methods can include downloading into the apparatus an object containing access permissions applicable to at least one function; verifying the object; and installing the access permissions together with the existing permissions. | 2008-10-02 |
| 20080244686 | Systems and Methods for Enhancing Security of Files - Systems and methods for enhancing security of files are provided. A representative method includes: associating information with a file, the information identifying contents of the file; monitoring the information and the file contents; detecting a lack of correlation between the information and the file; and responsive to detecting the lack of correlation, storing information corresponding to a modification of the file separately from the file. | 2008-10-02 |
| 20080244687 | FEDERATED ROLE PROVISIONING - In various embodiments, techniques for federated role provisioning are provided. A federated role definition for a resource is constructed and distributed. The federated role definition includes a role hierarchy having role assignments and constraints for dynamically resolving and binding a resource to particular ones of the role assignments. A resource may have role assignments statically bound to its identity and dynamically bound to its identity. Furthermore, some role assignments may be inherited from the role hierarchy. | 2008-10-02 |
| 20080244688 | VIRTUALIZED FEDERATED ROLE PROVISIONING - In various embodiments, techniques for virtualized federated role provisioning are provided. An entire policy and role provisioning environment is packaged in a first environment and sent to a second environment. The second environment authenticates and initiates the policy and role provisioning environment as a virtualized federated role provisioning service or a shared policy decision point service. The shared policy decision point service dynamically resolves policy, roles, and constraints for requesting resources within the second environment and supplies this information to a local policy enforcement point service that enforces roles on the resources. | 2008-10-02 |
| 20080244689 | Extensible Ubiquitous Secure Operating Environment - The present invention provides a portable and secure computer operating system, and applications that can be used securely on virtually any computer system regardless of its security state (i.e., regardless of the presence of computer viruses, Trojan code, keylogging software, or any other malicious mobile code that may exist on host computer system). The present invention is embodied within three (3) components including 1) the client desktop or server software, 2) the appliance-based management server, and 3) the media (i.e., including but not limited to USB thumb drive or CDROM) on which the client desktop or server software is installed. | 2008-10-02 |
| 20080244690 | DERIVING REMEDIATIONS FROM SECURITY COMPLIANCE RULES - Systems and methods that automatically generate remediation processes such as acts performed as part of a benchmark model, to improve and update compliance of a machine with security policies compliance. A remediation component can automatically determine processes that are required to change and increase compliance of a machine with a security policy, and hence improve security level thereof. | 2008-10-02 |
| 20080244691 | Dynamic threat vector update - A security manager aggregates various security components into a unified user interface. For each security component, the security manager may obtain an updated policy description that defines specific groups of settings for the component in terms of several threat conditions. Using the groups of settings, the security manager may classify a current state of a security component into a category. Some embodiments may use a standardized schema for an interface between a security component and the security manager. The schema may be implemented with an adapter that translates the specific settings of a security component into data for the security manager. In some embodiments, the adapter may also receive updated policy descriptions and perform a classification of the current settings. | 2008-10-02 |
| 20080244692 | SMART WEB SERVICES SECURITY POLICY SELECTION AND VALIDATION - A computer-implemented method to select a web service security policy alternative can comprise selecting a web service security policy alternative at runtime based on previously collected data concerning web service and using the selected web service security policy alternative for a web service message. In addition, a computer-implemented method to prevent intrusion can use a honey policy that can be defined by the administrator in order to attract and closely monitor the hackers. | 2008-10-02 |
| 20080244693 | SMART WEB SERVICES POLICY SELECTION USING MACHINE LEARNING - A computer-implemented method to select a Web Service policy alternative can use previously collected data concerning Web Service to select a desirable Web Service policy alternative at runtime. The selected Web Service policy alternative can then be applied to a Web Service message such as a SOAP message. | 2008-10-02 |
| 20080244694 | Automated collection of forensic evidence associated with a network security incident - An automated collection of forensic evidence associated with a security incident is provided by an arrangement in which different security products called endpoints in an enterprise network are enabled for sharing security-related information over a common communication channel using an abstraction called a security assessment. A security assessment is generally configured to indicate an endpoint's understanding of a detected security incident that pertains to an object in the environment which may include users, computers, IP addresses, and website URIs (Universal Resource Identifiers). The security assessment is published by the endpoint into the channel and received by subscribing endpoints. The security assessment triggers the receiving endpoints to go into a more comprehensive or detailed mode of evidence collection. In addition, any forensic evidence having relevance to the security incident that may have already been collected prior to the detection will be marked for retention so that it is not otherwise deleted. | 2008-10-02 |
| 20080244695 | Total system for preventing information outflow from inside - Disclosed is a system for monitoring data flow for security including: a computing device for executing an application program and creating human-readable print-out data; and a control unit for receiving information, which is associated with the human-readable print-out data from an application program, and controlling a printing device based on the received information, wherein the information has an attribute of the human-readable print-out data to be output. The attribute of the human-readable print-out data is provided by a security program which is installed in the computing device, the attribute includes at least user's IP of the computing device, and the information is merged into the human-readable print-out data by the printing device. | 2008-10-02 |
| 20080244696 | Dynamic Access Control in a Content-Based Publish/Subscribe System with Delivery Guarantees - Improved access control techniques for distributed messaging systems such as content-based publish/subscribe systems are disclosed. For example, a method for providing access control in a content-based publish/subscribe system, wherein messages are delivered from publishing clients to subscribing clients via a plurality of brokers, includes the following steps/operations. One or more changes to an access control policy are specified. An access control version identifier is associated to the one or more changes. The one or more changes are sent to one or more brokers of the plurality of brokers that have a publishing client or a subscribing client associated therewith that is affected by the one or more changes. The access control version identifier associated with the one or more changes is sent to each of the plurality of brokers. | 2008-10-02 |
| 20080244697 | Security Objects Controlling Access To Resources - Controlling access to resources through use of security objects including creating a security object in dependence upon user-selected security control data types, the security object comprising security control data and at least one security method; receiving a request for access to the resource; receiving security request data; and determining access to the resource in dependence upon the security control data and the security request data. Creating a security object includes storing in the security object a resource identification for the resource; storing in the security object an authorization level of access for the resource; storing in the security object user-selected security control data types; and storing in the security object security control data for each user-selected security control data type. Embodiments include deploying the security object on a security server or on a client device. | 2008-10-02 |
| 20080244698 | Authorized Content Verification Method, Content Transmission/Reception System, Transmitter, and Receiver - In a system which attaches update information required to create a content key used for content encryption/decryption to encrypted content and transmits the encrypted content, there is used an authorized content verification method including a verification request step of, by a receiver, transmitting an authorization verification request including update information received from a transmitter, an update information check step of, by the transmitter, checking whether the update information included in the received authorization verification request is predetermined update information, a message-of-acceptance transmission step of creating a message of acceptance using the update information and an exchange key shared between the transmitter and the receiver and transmitting the message of acceptance if the update information matches the predetermined update information, and an authorized content determination step of, by the receiver, determining that content is authorized content on the basis of reception of the message of acceptance. | 2008-10-02 |
| 20080244699 | IDENTIFICATION MEANS AND METHOD FOR THE LOGICAL AND/OR PHYSICAL ACCESS TO A TARGET MEANS - A means for the secure personalized identifying and allowing or prohibiting of a logical and/or physical access to a target means. The means comprises a portable identification means for outputting an authorization signal comprising at least one biometric sensor, at least one output elemental, a processor having a memory and a software as well as a sending- and receiving electronic for the wireless data exchange. The identification medium is configured in such a manner that upon successfully authentifying by an authorized user, an authorization signal is output over the output element. The portable identification medium is arranged at a wristband to be fixed at a user's wrist. The means comprises at least one security means which is configured to interrupt and/or prohibit the outputting of the authorization signal in case the wristband is opened and/or disconnected and/or the removing of the means from the user's wrist. | 2008-10-02 |
| 20080244700 | METHODS AND SYSTEMS FOR GRAPHICAL IMAGE AUTHENTICATION - Systems and methods for providing authentication using an arrangement of dynamic graphical images, which may display a popup element while a pointing device indicator is over a graphical image. The graphical images can be arranged as a grid or matrix for presentation on a device display for authentication of a user. The kinds of graphical images can be derived from a designated authentication category and non-authenticating categories. A series of password elements corresponding to the graphical images can be displayed with the graphical images. The user may enter the series of one or more password elements corresponding to graphical images from the authentication category which combine to form a password entry. An authentication server can compare the password entry to an authentication password corresponding to the particular arrangement of dynamic graphical images. The selection of graphical images, their arrangement and their corresponding password elements, may dynamically change in between authentication processes. | 2008-10-02 |
| 20080244701 | CONFIGURATION SYSTEM AND METHOD - An authentication method includes determining that a unique overt identifier is associated with a product; detecting that a random covert identifier is associated with the product, wherein the covert identifier includes at least one taggant particle, the unique overt identifier is combined with the random covert identifier, and the unique overt identifier is not a function of the random covert identifier; and comparing the unique overt identifier and the random covert identifier respectively to a unique overt number and a random covert number stored in a database. | 2008-10-02 |
| 20080244702 | Method, Apparatus, System, Medium, and Signals for Intercepting a Multiple-Party Communication - Systems, apparatus and methods related to multiple-party communications conducted between client computers in a computer network. For example, a method and apparatus for intercepting a multiple-party communication between a plurality of client computers in communication with a server in a computer network is disclosed. The method involves receiving an input message at the server, the message representing user input received at one of the plurality of client computers, producing an output message representing the user input provided by the input message. The method further involves authorizing a designated client computer that is not part of the multiple-party communication to communicate with the server to cause the server to transmit output messages to the designated client computer, and transmitting the output message to each of the plurality of client computers and to the designated client computer. A method and apparatus for supporting access to a plurality of saved messages by a designated client computer in communication with a server in a computer network is also disclosed. | 2008-10-02 |
| 20080244703 | Quarantine System and Method - A quarantine system QS includes a network connection control apparatus | 2008-10-02 |
| 20080244704 | MOBILE COMMUNICATION DEVICE MONITORING SYSTEMS AND METHODS - Systems and methods are directed to monitoring the communications to and from a mobile communication device in accordance with some embodiments of the present invention. For example in accordance with an embodiment, each of the data services on a mobile communication device may be monitored against rules stored in a central data center repository. The data services may include all forms of communications between the mobile communication device and a third party along with changes to application or data within the mobile communication device. An alert may be provided to an administrator when unauthorized data service activity and/or a message may be sent to the mobile communication device to prevent the unauthorized data service activity. | 2008-10-02 |
| 20080244705 | METHOD AND APPARATUS FOR EXTENDING REMOTE NETWORK VISIBILITY OF THE PUSH FUNCTIONALITY - An approach is provided for extending remote network visibility for push functionality. An application is transmitted, via a push agent, from a first network to a device of a second network, wherein the device is configured to execute the application. The device is remotely controlled using the application. | 2008-10-02 |
| 20080244706 | Method of and System For Generating an Authorized Domain - This invention relates to a system and a method of generating an Authorized Domain (AI)), the method comprising the steps of selecting a domain identifier (Domain ID) uniquely identifying the Authorized Domain, binding at least one user (P | 2008-10-02 |
| 20080244707 | WIRELESS TRANSMITTER IDENTITY VALIDATION IN A WIRELESS NETWORK - An apparatus, a method, and logic encoded in computer readable media that when executed operable to carry out the method. The method includes wirelessly receiving at a receiving station a signal transmitted from a transmitting station in a wireless network. The signal includes a network identifier, e.g., MAC address of the transmitting station. The method includes determining one or more RF waveform characteristics of at least a transient part of the received signal, decoding the received signal to determine the network identifier, e.g., MAC address, determining one or more behavior characteristics from the received signal; and using the decoded network identifier, e.g., MAC address and a combination of the one or more waveform characteristics and the one or more behavior characteristics to ascertain whether or not the network identifier, e.g., MAC address is a spoofed identifier, the ascertaining using historical samples of combinations for different network identifiers. | 2008-10-02 |
| 20080244708 | UPDATING AUTHENTICATION SERVER LISTS FOR USERS ACCESSING SHARED ACCESS DEVICES - A method, service, system, computer program, etc., provides a list of acceptable authentication servers that a user could use to log in when accessing a networked device, such as a networked printer or document processing device. The embodiments include preparing a module, such as a dynamically loadable module (DLM) for use in the networked system accessed by the users. Each of the networked devices is enabled to accept the DLM. The embodiments forward the DLM to the networked devices as a print job along a print job submission path within the network. The networked devices recognize the DLM as a special job. Further, the networked devices use the DLM to install the XML file on each of the networked devices. Thus, the authentication server lists and authentication programs are updated within each of the networked devices using the DLM. | 2008-10-02 |
| 20080244709 | METHODS AND SYSTEMS TO ALLOW MULTIPLE SIP APPLICATIONS ON A SIP CLIENT THE ABILITY TO SELECT SPECIFIC APPLICATIONS AND FEATURES ON A SIP SERVER - A method is provided for a SIP client to select a SIP application and a SIP feature associated with the SIP application by sending a message to a remote SIP server that includes the identification of the SIP application and SIP feature. The message may be generated by the SIP client using SIP application configuration information stored on the SIP client. The SIP application configuration information includes information about SIP applications and associated features and where the SIP applications can be located. A further method is provided for a SIP enabled device, for example a SIP client or a SIP server, to be provided with SIP application configuration information by a configuration server. Various SIP enabled devices and a configuration server for implementing the methods are also described herein. | 2008-10-02 |
| 20080244710 | METHODS AND SYSTEMS FOR AUTHENTICATION USING IP MULTIMEDIA SERVICES IDENTITY MODULES - Systems and methods provide two levels of authentication for a user on an IMS-IPTV system. A first level of authentication validates an ISIM card (set-top box) with the network using, e.g., an IMSI comparison. A second level of authentication validates the user through comparing user entered information with information stored on the ISIM card. Additionally, methods for populating security information onto the ISIM card to facilitate the second level of authentication are described. | 2008-10-02 |
| 20080244711 | System and Method for Specifying Access to Resources in a Mobile Code System - Mobile code, such as an applet, is permitted to create a network connection with a content server on a network, without restricting the applet only to connections from the computer from which it was downloaded. This is achieved in accordance with the principles of the present invention by using network restriction software in the execution engine or runtime system under which the applet executes. When the applet attempts to create a network connection to a content server, the network restriction software checks a name file on the content server for the presence of an entry whose name corresponds to the name of the computer from which the applet was downloaded. If such an entry is present, then the network restriction software permits the network connection between the applet and the content server to be created. If not, the applet may not create a network connection with the content server. | 2008-10-02 |
| 20080244712 | SYSTEM AND METHOD FOR AUTHENTICATING A USER OF AN IMAGE PROCESSING SYSTEM - A system and method for authenticating a user of an image processing system. User credentials are received at an authentication device corresponding to an image processing device, and transmitted to a first server remote from the authentication device. The validity of the user credentials are judged by comparing the received user credentials to authentication information stored at the first server, and a result of the judging is transmitted to the image processing device. The image processing device then requests access to a second server remote from the image processing device, and the second server transmits a request for the user credentials to the first server. After receiving the user credentials from the first server, the second server performs user authentication. | 2008-10-02 |
| 20080244713 | METHOD FOR CONTROLLING ACCESS TO DIGITAL CONTENT - Method for utilizing digital content is provided. The method includes controlling a throughput rate for utilizing the digital content by an accessing system, wherein the throughput rate is associated with information related to the digital content stored as a file. | 2008-10-02 |
| 20080244714 | Secure RFID authentication system using non-trusted communications agents - The electronic Secure Authentication For Exchange Global Purchasing System (GPurs) facilitates interactions between customers and service/retail commercial enterprise whereby a Global Positioning System (GPS) like system is used to search, locate, reserve, schedule, order or purchase numerous products and services through a secure system that employs product encryption safeguards against counterfeit, diverted or pirated products, and to reserve, order or purchase services that meet quality standards. The GPurs system presents a digital graphical user interface to accept customer input, an audio interaction system speech recognition engine linked microphone or cellular telephone, a digital device interface that accepts textual input from a cellular telephone, PC, PDA, IPod, DVD controller, game controller, or an on-board automotive integrated computer or a wireless input system, to search, locate, reserve, schedule, order or purchase products and services. All GPurs data is stored and retrievable for later usage. | 2008-10-02 |
| 20080244715 | Method and apparatus for detecting and reporting phishing attempts - One embodiment of the present invention provides a system that facilitates detecting phishing, wherein phishing is an attempt to fraudulently acquire sensitive information by masquerading as a legitimate entity. The system operates by receiving data from a server at a client. Next, the system determines if an attribute (such as a visual appearance of a presentation) encoded in the data matches an attribute encoded in data provided by a known entity. If so, the system determines if other attributes in the data match attributes in the data provided by the known entity. If not, the system determines that the data comprises a phishing attempt. | 2008-10-02 |
| 20080244716 | TELECOMMUNICATION SYSTEM, TELECOMMUNICATION METHOD, TERMINAL THEREOF, AND REMOTE ACCESS SERVER THEREOF - Telecommunication system comprises a terminal and a relay device which relays a communication path established on a network by the terminal, wherein the relay device sends certification information based on a demand of the terminal and the terminal checks whether the certification information is correct or not and the terminal establishes a communication path on the network when the certification information is correct. | 2008-10-02 |
| 20080244717 | System and method for confirming identity and authority by a patient medical device - A system and method for confirming identity and authority by a patient medical device is provided. Master credentials are issued to a requesting device and a receiving device from an authorizing agent. The master credentials include the authorizing agent's public key and a digital signature of a root certification authority. Device credentials are issued to the requesting device from the authorizing agent. The device credentials include the requesting device's public key and the authorizing agent's digital, signature. Identification credentials are provided to the receiving device and include the device credentials and the requesting device's digital signature. The requesting device is authenticated. The authorizing agent's digital signature in the device credentials is checked using the authorizing agent's public key in the master credentials of the receiving device. The requesting device's digital signature in the identification credentials is checked using the requesting device's public key in the device credentials. | 2008-10-02 |
| 20080244718 | Systems and Methods for User Login - Systems and methods for login a user into a computing system are shown and described. The method can include receiving a request for an anonymous user login, creating an identifying tag responsive to the received request, creating a user account incorporating the identifying tag, and providing to the computing system the created user account to log into the computing system. | 2008-10-02 |
| 20080244719 | AUTHENTICATION PROCESSING METHOD AND SYSTEM - A plurality of authentication servers belonging to different domains are connected to achieve a Single Sign-On using two cookies in two management systems. | 2008-10-02 |
| 20080244720 | Portable Device For Clearing Access - The invention relates to a portable device ( | 2008-10-02 |
| 20080244721 | Techniques for Sharing Data - Techniques for sharing data between users in a manner that maintains anonymity of the users. Tokens are generated and provided to users for sharing data. A token comprises information encoding an identifier and an encryption key. A user may use a token to upload data that is to be shared. The data to be shared is encrypted using the encryption key associated with the token and the encrypted data is stored such that it can be accessed using the identifier associated with the token. A user may then use a token to access the shared data. The identifier associated with the token being used to access the shared data is used to access the data and the encryption key associated with the token is used to decrypt the data. Data is shared anonymously without revealing the identity of the users using the tokens. | 2008-10-02 |
| 20080244722 | Method and apparatus for accepting a digital identity of a user based on transitive trust among parties - Method and apparatus for accepting a digital identity of a user based on transitive trust among parties are described. One aspect of the invention relates to managing a digital identity of a user. The digital identity is provided to a first party, where the digital identity includes a self-asserted claim. An acceptance token is obtained from the first party. The acceptance token purports authenticity of the self-asserted claim according to the first party. The digital identity and the acceptance token are provided to a second party to request validation of the self-asserted claim by the second party based on the acceptance token. | 2008-10-02 |
| 20080244723 | Firewall Restriction Using Manifest - Procedures of using manifest restrictions for use in configuring a firewall are described. In an example, an application including manifest defined restrictions for a firewall is executed. The firewall is configured to permit application access, in accordance with the defined restrictions while the application is executing. | 2008-10-02 |
| 20080244724 | Consumer computer health validation - Consumer computers that are not properly configured for safe access to a web service are protected from damage by controlling access to web services based on the health of the client computer. A client health web service receives health information from the client computer, determines the health status of the consumer computer, and issues a token to the consumer computer indicating its health status. The consumer computer can provide this token to other web services, which in turn may provide access to the consumer computer based on the health status indicated in the token. The client health web service may be operated as a web service specifically to determine the health of consumer computers or may have other functions, including providing access to the Internet. Also, the health information may be proxied to another device, such as a gateway device, that manages interactions with the client health web service. | 2008-10-02 |
| 20080244725 | METHOD AND APPARATUS FOR MANAGING PACKET BUFFERS - According to one example embodiment of the inventive subject matter, there is described herein a method and apparatus for securely and efficiently managing packet buffers between protection domains on an Intra-partitioned system using packet queues and triggers. According to one embodiment described in more detail below, there is provided a method and apparatus for optimally transferring packet data across contexts (protected and unprotected) in a commodity operating system. | 2008-10-02 |
| 20080244726 | FIREWALL SYSTEM FOR INTERCONNECTING TWO IP NETWORKS MANAGED BY TWO DIFFERENT ADMINISTRATIVE ENTITIES - Firewall system for interconnecting a first IP network ( | 2008-10-02 |
| 20080244727 | Privacy protection for mobile internet protocol sessions - A method of establishing communication protocols between a mobile node and a home agent in a mobile communications networks. The method uses the steps of: generating, at the mobile node plural care of addresses (CoAs) and a corresponding number of security parameter indices; sending the generated CoAs and security parameter indices to the home agent in an encrypted form; generating, at the home agent, on the basis of the received CoAs and security parameter indices, an equal number of home addresses (HoAs) and associated security parameter indices; sending the list of HoAs and associated security parameter indices generated at the home agent to the mobile node, and; using the generated CoAs, HoAs and associated security parameter indices as the basis for communication protocol addresses and encryption for communication between the home agent and the mobile node. A system employing the method is also provided. | 2008-10-02 |
| 20080244728 | RELAY APPARATUS, RELAY METHOD, A COMPUTER-READABLE RECORDING MEDIUM RECORDING A RELAY PROGRAM THEREIN AND INFORMATION PROCESSING APPARATUS - The present relay apparatus includes: a first security information obtaining unit which obtains security information from transmission data sent from the first apparatus during specification establishing communication previously performed to encryption communication; a first registering unit which registers the obtained security information and the address of the first apparatus, as first routing information, in association with each other; a second security information obtaining unit which obtains security information from the transmission data sent from the second apparatus; and a first distributing unit which distributes the transmission data to its destination first apparatus with reference to the first routing information based on the security information obtained by the second security information obtaining unit. This construction makes it possible to perform specification establishing communication normally from multiple first apparatuses, and to correctly distribute encrypted packets to the LAN end first apparatuses. | 2008-10-02 |
| 20080244729 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD AND COMPUTER READABLE MEDIUM - An information processing apparatus includes a communication section, a control section, an operating section, a storage section. The control section sends identification information of a first user to an external apparatus connected through the communication section. The operating section allows the first user to request at least one function. The storage section stores approver authentication information of an approver previously registered. When the communication section fails to receive, from the external apparatus, information indicating what function the first user is permitted to request as a response to the identification information of the first user, the control section authenticates a second user based on the stored approver authentication information. The control section executes the function requested by the first user when an authentication result shows that the second user is the approver. | 2008-10-02 |
| 20080244730 | SECURITY CAPABILITY WITH AN INPUT DEVICE - The present invention provides apparatuses and methods for providing security for a secured unit with a security code. The secured unit may be locked to prevent an unauthorized user from accessing the secured unit. In order to unlock the secured unit, a user enters a sequence of strokes through an input device, e.g., a circular input device. A security module extracts stroke information from the entered strokes and unlocks the secured unit when the extracted stroke information matches the security code. Stroke information may be indicative of the locations of the start and end points and the direction of each stroke. A security code is configured for a secured unit by a user entering a sequence of strokes through an input device. The security code is determined from stroke information. The stroke information may be verified by the user re-entering the sequence of strokes. | 2008-10-02 |
| 20080244731 | Thin client computer with fingerprint identification structure - A thin client computer with a fingerprint identification structure of the present invention comprises a motherboard, a case, a faceplate and a fingerprint reader. The case is designed for holding the motherboard. The faceplate is placed to cover the case. The faceplate has a coupling hole on a lateral surface. The fingerprint reader is coupled into the coupling hole on the lateral surface of the faceplate, and connected with the motherboard for reading a fingerprint. The fingerprint reader is located on the lateral surface of faceplate in such a manner that the thin client computer can read the fingerprint easily no matter whether the thin client computer is placed horizontally or vertically. After verifying the fingerprint, the user is authorized to boot up or shut down the thin client computer. | 2008-10-02 |
| 20080244732 | Password protection for file backups - Various embodiments of a system and method for performing file backup operations are described. The method may operate to enable a user of a computer system to provide a password or other authentication information to associate with files on the computer system, e.g., in order to protect files that are backed up. For example, when the user (or another person or software agent) attempts to restore or otherwise access a backup copy of a password-protected file, the user may be prompted to enter the password. The method may operate to verify that the entered password matches the password associated with the file before granting permission to restore the file. | 2008-10-02 |
| 20080244733 | Information management system, information management method, and computer program product - An information management system includes a management terminal, and a production base terminal, an installation terminal, a recycling base terminal or a reproduction base terminal connected to the management terminal via a network. Upon receipt of product information and recording medium information from the production base terminal and the customer information from the installation base terminal, the management terminal stores therein the information, and selects a recycling base or a reproduction base based on the information. The management terminal transmits at least one of the product information and the recording medium information to the recycling base terminal or the reproduction base terminal. | 2008-10-02 |
| 20080244734 | INFORMATION PROCESSING APPARATUS AND METHOD, PROGRAM, AND INFORMATION PROCESSING SYSTEM - An information processing apparatus limiting access to a storage medium from outside, includes unlock command obtaining means for obtaining, from an authentication unit configured separately from the information processing apparatus, a unlock command requesting release of inhibition of access to the storage medium, and also an authentication mode ID for identifying an authentication mode of the authentication unit, authentication data supplying means for supplying the authentication unit with authentication data used as sample data indicating that a user is verified in an authentication processing of a user instructing access to the storage medium, the authentication data being corresponding to the authentication mode ID obtained together with the unlock command from the unlock command obtaining means, authentication result obtaining means for obtaining, from the authentication unit, an authentication result of the authentication processing performed by using the authentication data supplied from the authentication data supplying means, authentication result confirming means for confirming contents of the authentication result, and release means for releasing inhibition of access to the storage medium from outside when, as a result of confirmation made by the authentication result confirming means, the user is authenticated as being verified. | 2008-10-02 |
| 20080244735 | Identification and Computer Login of an Operator of a Vehicle - A method for identifying and performing a vehicle operator computer login to a vehicle computer provided in a vehicle. A device is arranged to request and receive vehicle operator data stored on a data carrier provided for a tachograph comprising a reader for reading the data carrier. The device controls communication of vehicle operator related data to the vehicle computer, wherein the device is arranged to initiate a vehicle operator login procedure of the vehicle computer, in dependence on the data carrier inserted in the tachograph. The invention is also related to a vehicle arrangement, a computer program and a computer program product. The invention solves the problem of providing identification and login of an operator of a vehicle to the vehicle computer in a simplified and secure way. The invention also enables shortened start up/stop times of a vehicle by reducing systems login/logoff time for an operator. | 2008-10-02 |
| 20080244736 | MODEL-BASED ACCESS CONTROL - Access control as it relates to policies or permissions is provided based on a created model. A security policy is abstracted and can be independent of a mechanism used to protect resources. An asbstract model of a potential user, user role and/or resource is created without associating a specific individual and/or resource with a model. These abstract user models and abstract resource models can be used across applications or within disparate applications. The abstracted security policies can be selectively applied to the model. Specific users and/or resources can be associated with one or more abstract user model or abstract resource model. The models can be nested to provide configurations for larger systems. | 2008-10-02 |
| 20080244737 | STORAGE DEVICE - A storage device has a data erasing function. A controller of a storage device, such as an USB, has a lost timer section and an emergency timer section. Both timer sections halt clocking operation as a result of initiation of use of the storage device by an authorized user. The lost timer section commences s clocking operation as a result of completion of use of the storage device by the authorized user. The emergency timer section commences clocking operation as a result of unauthorized removal of the storage device. When either the lost timer section or the emergency timer section outputs a count-up signal, data in flash ROM are erased. | 2008-10-02 |
| 20080244738 | ACCESS CONTROL - An access control method includes receiving an access request to a file system from a user terminal through a common Internet file system (CIFS) or a network file system (NFS) and determining whether the access request should be allowed. The method includes determining whether a basic permission attribute of an access request used in the NFS should be allowed with reference to access control information associated with basic permission attributes, the basic permission attribute being associated with an access request received from the user terminal through the CIFS, the access control information indicating whether an access request to respective objects of the file system should be allowed or denied, and the access control information being stored in an access-control-information storing unit. The method also includes determining whether the access request associated with the allowed basic permission attribute should be allowed, in reference to the access control information. | 2008-10-02 |
| 20080244739 | METHOD AND SYSTEM FOR RESILIENT PACKET TRACEBACK IN WIRELESS MESH AND SENSOR NETWORKS - A system and method for packet traceback in a network includes maintaining an identity number (ID) for each node in a network and generating a signature (e.g., a message authentication code (MAC)) using a secret key shared between each node on a forwarding path and a sink. Each forwarding node leaves a mark by appending its ID and a signature in the packet, either in a deterministic manner or with a probability. Upon receiving a packet at the sink, correctness of the signatures included in each packet is verified in the reverse order by which these signatures were appended. A last valid MAC is determined in the forwarding path to determine the locations of compromised nodes that collude in false data injection attacks. | 2008-10-02 |
| 20080244740 | BROWSER-INDEPENDENT EDITING OF CONTENT - A system for editing a web page includes receiving the web page in a normalized form, where the normalized form is independent of any browser form. The page may be displayed to a user, where the web page has been translated from the normalized form to a browser-dependent form, and editable by the user. The web page may be a Wiki or collaborate web page. Overall, described in detail above is a unified editing system for editing a collaborative web page is described. The collaborative web page having a normalized form that is independent of any browser form. The system displays the collaborative web page that has been translated from the normalized form to a browser-dependent form to a user, wherein the browser-dependent form of the collaborative web page is editable by a user. The unified editing system receives from the user the edited collaborative web page in the browser-dependent form. Other features and aspects of the invention are also disclosed. | 2008-10-02 |
| 20080244741 | Intrusion event correlation with network discovery information - A policy component comprises policy configuration information. The policy configuration information contains one or more rules. Each rule and group of rules can be associated with a set of response actions. As the nodes on the monitored networks change or intrusive actions are introduced on the networks, network change events or intrusion events are generated. The policy component correlates network change events and/or intrusions events with network map information. The network map contains information on the network topology, services and network devices, amongst other things. When certain criteria is satisfied based on the correlation, a policy violation event may be issued by the system resulting in alerts or remediations. | 2008-10-02 |
| 20080244742 | Detecting adversaries by correlating detected malware with web access logs - An automated arrangement for detecting adversaries is provided by examining a log that contains records of communications into and out of the enterprise network upon the detection of a security incident by which a host computer on an enterprise network becomes compromised. The log is analyzed over a window of time starting before the occurrence of the detected security incident to identify the web site URIs (Uniform Resource Identifiers) and IP (Internet Protocol) addresses (collectively “resources”) that were respectively accessed by the compromised host and/or from which traffic was received by the compromised host. When other host computers in the enterprise are detected as being compromised, a similar analysis is performed and the results of all the analyses are correlated to identify one or more resources that are common to the logged communications of all the compromised machines. | 2008-10-02 |
| 20080244743 | Computer System Architecture And Method Providing Operating-System Independent Virus-, Hacker-, and Cyber-Terror Immune Processing Environments - Information appliance, computing device, or other processor or microprocessor based device or system provides security and anti-viral, anti-hacker, and anti-cyber terror features, and can automatically create multiple sequentially or concurrently and intermittently isolated and/or restricted computing environments to prevent viruses, malicious or other computer hacking, computer or device corruption and failure by using these computing environments in conjunction with restricted and controlled methods of moving and copying data, combined with a process that destroys malicious code located in computing environments and data stores. | 2008-10-02 |
| 20080244744 | METHOD FOR TRACKING MACHINES ON A NETWORK USING MULTIVARIABLE FINGERPRINTING OF PASSIVELY AVAILABLE INFORMATION - A method for tracking machines on a network of computers. The method includes determining one or more assertions to be monitored by a first web site which is coupled to a network of computers. The method monitors traffic flowing to the web site through the network of computers and identifies the one or more assertions from the traffic coupled to the network of computers to determine a malicious host coupled to the network of computers. The method includes associating a first IP address and first hardware finger print to the assertions of the malicious host and storing information associated with the malicious host in one or more memories of a database. The method also includes identifying an unknown host from a second web site, determining a second IP address and second hardware finger print with the unknown host, and determining if the unknown host is the malicious host. | 2008-10-02 |
| 20080244745 | METHOD AND APPARATUS FOR VERIFYING THE INTEGRITY AND SECURITY OF COMPUTER NETWORKS AND IMPLEMENTING COUNTER MEASURES - A system securing a computer network having various devices connected thereto. The system includes a security subsystem connected to the devices in the network, a master security system, and a first communication medium connected between the security subsystem and the master security system. The network devices generate event messages when under attack. The security subsystem generates multiple views, each view including a subset of the event messages generated by the devices. The security subsystem includes an event analyzer, which analyzes the event messages across multiple views to determine if any of the associated events exceeds a predetermined threshold. The master security system receives the associated events, which exceed the predetermined threshold, from the security subsystem through the first communication medium. | 2008-10-02 |
| 20080244746 | RUN-TIME REMEASUREMENT ON A TRUSTED PLATFORM - A method and system are disclosed. In one embodiment, the method includes invoking a run-time measurement agent (RTMA) to run on a trusted platform, the RTMA measuring a core system code block multiple times after a single boot on the trusted platform; and a trusted platform module storing these multiple measurements. | 2008-10-02 |
| 20080244747 | Network context triggers for activating virtualized computer applications - A computer system, comprising at least one controlled execution space hosting an operating system and an application program; a vulnerability monitoring agent coupled to the controlled execution space; one or more vulnerability profiles coupled to the vulnerability monitoring agent, wherein each of the vulnerability profiles comprises an application program identifier, an operating system identifier, a vulnerability specification describing a vulnerability of an application program that the application program identifier indicates when executed with an operating system that the operating system identifier indicates, and a remedial action which when executed will remediate the vulnerability; wherein the vulnerability monitoring agent is configured to monitor execution of the operating system and the application program in the controlled execution space, to detect an anomaly associated with the vulnerability, to determine the remedial action for the operating system and application program based on one of the vulnerability profiles, and to cause the remedial action. | 2008-10-02 |
| 20080244748 | Detecting compromised computers by correlating reputation data with web access logs - Compromised host computers in an enterprise network environment comprising a plurality of security products called endpoints are detected in an automated manner by an arrangement in which a reputation service provides updates to identify resources including website URIs (Universal Resource Identifiers) and IP addresses (collectively “resources”) whose reputations have changed and represent potential threats or adversaries to the enterprise network. Responsively to the updates, a malware analyzer, which can be configured as a standalone endpoint, or incorporated into an endpoint having anti-virus/malware detection capability, or incorporated into the reputation service, will analyze logs maintained by another endpoint (typically a firewall, router, proxy server, or gateway) to identify, in a retroactive manner over some predetermined time window, those client computers in the environment that had any past communications with a resource that is newly categorized by the reputation service as malicious. Every client computer so identified is likely to be compromised. | 2008-10-02 |
| 20080244749 | INTEGRATED CIRCUITS INCLUDING REVERSE ENGINEERING DETECTION USING DIFFERENCES IN SIGNALS - An active shield can be configured to receive a test signal, and configured to output a plurality of shield signals, derived from the test signal, via a plurality of signal paths. A compare logic can be configured to compare the test signal with each of the plurality of shield signals to provide at least two comparison signals indicating comparison results and can be configured to output the at least two comparison signals. A detection and decision logic can be configured to determine whether the active shield is subject to attack based on patterns of the at least two comparison signals. | 2008-10-02 |
| 20080244750 | Method and Apparatus Regarding Attachments to E-mails - A computer processor is programmed by computer software so that the computer processor scans text of a first e-mail for any one of a set of matching words and if any one of the set of matching words is found in the text of the first e-mail, the computer processor is programmed by the computer software to alert a user that an e-mail attachment is missing. The set of matching words may include “attach”. The computer processor may alert a user than an e-mail attachment is missing by causing a message to be displayed on a computer monitor concerning whether an attachment should have been included with the first e-mail. The message may provide a prompt to the user which can be selected by the user to start the process of including an attachment with the first e-mail. | 2008-10-02 |
| 20080244751 | Binding A Digital License To A Portable Device Or The Like In A Digital Rights Management (DRM) System And Checking Out/Checking In The Digital License To/From The Portable Device Or The Like - To render digital content encrypted according to a content key (KD) on a first device having a public key (PU | 2008-10-02 |
| 20080244752 | Detection of Physical Movement For Document Sharing - A system for using accelerometer-based detection of physical movement for document sharing provides easy and intuitive ways to securely share documents, even without passwords, between computing devices. The system of the present invention includes: at least two computing devices that each have a motion detection device capable of detecting sudden movements and generating a unique signature. The unique signature can then be used to generate signatures or shared secrets for controlling the transfer of data between devices. The motion detection device is capable of detecting sudden movement such as the tapping of the two computing devices together, tapping a stack of computing devices, tossing a computing device in the air. The system may optionally include an intermediary device such as a server for transferring the documents or files between computing devices such that only a small decryption key and file pointer is needed to share records between computing devices. The present invention also includes a novel method for accelerometer-based detection of movement for transferring data between computing devices. | 2008-10-02 |
| 20080244753 | Instruction Transform for the Prevention and Propagation of Unauthorized Code Injection - A method and structure of instruction transformation. Applying the principals of biodiversity to instruction transformation applicable to devices and embedded systems and networks containing many devices not only protects individual devices from attack from unauthorized code, but additionally retards propagation of such unauthorized code to other devices in the system or network in communication with a potentially infected device. | 2008-10-02 |
