52nd week of 2009 patent applcation highlights part 64 |
Patent application number | Title | Published |
20090320051 | METHOD AND SYSTEM FOR MANAGING ACCESS TO ADD-ON DATA FILES - A method for managing access to add-on data files ( | 2009-12-24 |
20090320052 | METHODS OF POPULATING A THIRD-PARTY DOCUMENT WITH DIGITAL INFORMATION CONTENT - Systems and methods of transferring information from at least one source context to at least one target context, and associated physical computer-readable medium. A service software application is used on a processor-based platform to transfer digital data content from at least one data source to at least one data target in at least a semi-automatic manner. The data source is associated with a source software application and the data target is associated with a target software application. The digital data content includes, for example, text data, image data, graphics data, or a clipboard object. | 2009-12-24 |
20090320053 | DISC DRIVE APPARATUS AND ELECTRONIC INSTRUMENTS - A disc drive apparatus includes: an apparatus body to which a disc is inserted and from which the disc is ejected; a disc recording and reproducing unit having a disc loading unit configured to load the disc inserted into the apparatus body, a disc rotation drive mechanism configured to rotate the disc loaded onto the disc loading unit, an optical pickup configured to record and/or reproduce a data signal with respect to the disc, and a pickup feeding mechanism configured to convey the optical pickup in a radial direction of the disc; a disc conveying mechanism configured to insert the disc into the apparatus body and eject the disc from the apparatus body; and a conveyance drive mechanism provided in the apparatus body and configured to drive the disc conveying mechanism; wherein the apparatus body includes a shoulder which is reduced in thickness in the vicinity of an insertion end of the disc. | 2009-12-24 |
20090320054 | DISK DEVICE - To provide a “disk device” that does not waste a power during waiting for disk insertion and thus can save power consumption. The disk device includes: a casing equipped with an insertion port to which a disk is inserted; a conveying mechanism for conveying a disk, which is provided inside the insertion port; a switching type detecting switch that is switched to a detection state in accordance with a movement force of a disk inserted from the insertion port in an insertion direction; and an optical detecting member that is switched to a detection state when a disk inserted from the insertion port blocks an optical path, wherein when the detecting switch is switched to a detection state, power supply to the optical detecting member is started. | 2009-12-24 |
20090320055 | SYSTEMS AND METHODS FOR CONSERVING ENERGY IN AN ENTERTAINMENT SYSTEM - Apparatus, systems and methods are described for conserving energy in an entertainment system. An entertainment device tracks usage patterns of a user over time while outputting presentation content and utilizes the collected information to determine whether to automatically enter a low power mode state at appropriate times. | 2009-12-24 |
20090320056 | SYSTEM OF USING SET-TOP BOX TO OBTAIN AD INFORMATION - A system of using a set-top box to obtain ad information includes a remote control, a set-top box, a program system server, and an advertising server. A first ad request corresponding to a target ad is transmitted to the set-top box via the remote control so as to obtain ad information of the target ad. A second ad request corresponding to the first ad request received is produced and transmitted to the program system server by the set-top box. A third ad request corresponding to the second ad request received is produced and transmitted to the advertising server by the program system server. The advertising server obtains a user's contact information and the ad information of the target ad according to the third ad request and transmits the ad information to the user. Hence, the user obtains the ad information of the target ad conveniently by the set-top box. | 2009-12-24 |
20090320057 | ENHANCED PARENTAL CONTROL - A parental control method, including receiving a channel selection command from a user to select from a plurality of channels for playing, each of the channels having a plurality of programming content, performing a parental control procedure prior to allowing playing of the programming content of one of the channels, during at least one specific timeslot, and allowing playing of the programming content prior to performing a parental control procedure for at least one of the following the one channel outside of the at least one specific timeslot, and another one of the channels. Related apparatus and methods are also described. | 2009-12-24 |
20090320058 | Multimedia Content Distribution System and Method for Multiple Dwelling Unit - A method for distributing video programs in a multiple dwelling unit from a receiver device associated with the unit to a plurality of client devices located in the multiple dwelling unit, including: receiving a plurality of video programs associated with a plurality of television channels from a signal source; receiving a request for a particular video program associated with a particular television channel from a selected one of the plurality of client devices; confirming that an account associated with the selected client device is authorized to receive the particular video program on the particular television channel; descrambling the particular video program using account data associated with the selected client device in response to the confirmation; scrambling the descrambled particular video program using a local key associated with the selected client device and transmitting the re-scrambled video program to the selected client device; and maintaining account data associated with each of the client devices in the receiver and transmitting updated account data to the signal source. | 2009-12-24 |
20090320059 | METHOD AND SYSTEM FOR PROVIDING INTERACTIVE ADVERTISEMENT CUSTOMIZATION - A system and method may include providing a media stream via a network, the media stream comprising one or more advertisement content segments, identifying aggregate information associated with a viewer, assigning the one or more advertisement content segments to one or more categories and a category score associated with the one or more categories, filtering the one or more advertisement content segments based at least in part on the one or more categories, the category score associated with the one or more categories and the aggregate information associated with the viewer, and outputting the filtered one or more advertisement content segments to the viewer. | 2009-12-24 |
20090320060 | ADVERTISEMENT SIGNATURE TRACKING - Advertisement signature tracking is described. In embodiment(s), a video feed of television media content can be received for distribution to media devices, and the video feed can include advertisements. An advertisement can be detected in the video feed of the television media content, and a signature of the advertisement can be generated. Occurrences of the advertisement can then be detected and tracked by the signature of the advertisement when the advertisement is subsequently received via the video feed and/or broadcast for viewing. | 2009-12-24 |
20090320061 | Advertising Based on Keywords in Media Content - In accordance with one or more aspects, a trigger including both a criteria portion and a payload portion is accessed, the criteria portion identifying one or more criteria that includes a keyword, and the payload portion identifying one or more actions for presenting advertising content. Data corresponding to media content being presented is also accessed, and a check is made as to whether the data satisfies the one or more criteria. The one or more actions are performed in response to the data satisfying the one or more criteria. The trigger associating the advertising content with the keyword can be received in exchange for compensation. | 2009-12-24 |
20090320062 | RETAIL OUTLET TV FEATURE DISPLAY SYSTEM - An automatic feature demonstration mode for TV products that can be used in retail stores. TV features that otherwise would be overlooked by customers or misrepresented by the sales staff are advertised on the TV itself. The system maybe used to convey information beyond TV features. | 2009-12-24 |
20090320063 | LOCAL ADVERTISEMENT INSERTION DETECTION - Local advertisement insertion detection is described. In embodiment(s), a video feed of television media content can be received for distribution to media devices, and the video feed can include national advertisements and spliced-in local advertisements. A splice point in the video feed can be detected that indicates where a local advertisement has been inserted into the video feed. | 2009-12-24 |
20090320064 | Triggers for Media Content Firing Other Triggers - In accordance with one or more aspects of the triggers for media content firing other triggers, a check is made as to whether a presentation of media content satisfies a criteria portion of a trigger. When the presentation satisfies the criteria portion, one or more actions in a payload portion of a different trigger are performed. | 2009-12-24 |
20090320065 | CONTENT SELECTION AND OUTPUT - Content selection and output techniques are described. In an implementation, a user interface is output at a client device that provides for selection of television content via a website for output on a television. A communication is formed to be communicated to the website based on interaction with the user interface to cause the television content to be output by the television automatically and without user intervention. | 2009-12-24 |
20090320066 | Referencing Data in Triggers from Applications - In accordance with one or more aspects of the referencing data in triggers from applications, a device can store multiple triggers for media content. For each of these triggers, a check is made as to whether a presentation of media content satisfies a criteria portion of the trigger. When the presentation satisfies the criteria portion, one or more actions in a payload portion of the trigger are performed. Additionally, data in the triggers can be referenced by applications executing on the device. These applications include applications that are launched as part of the one or more actions when the criteria portion of a trigger is satisfied, as well as other applications executing on the device. | 2009-12-24 |
20090320067 | SYSTEM FOR DOWNLOADING AUDIO CONTENT - A method for recording a clean broadcast free of background, such as fade-ins and fade-outs on a receiver includes providing program data associated with an upcoming broadcast, the broadcast being selected by a broadcaster, on the receiver to describe the upcoming broadcast to a user. The receiver records the upcoming broadcast to an internal memory of the receiver in response to either the broadcast being automatically selected based on the user's preferences or the user manually selecting the upcoming broadcast. Start and stop commands, independent of any manual input, are received by the receiver to begin and end the recording of the clean broadcast. | 2009-12-24 |
20090320068 | Communicating Video Content - A method is disclosed that includes receiving a selection of a channel at a set-top box device. In response to the selection of the channel, a still image associated with a program being transmitted via the selected channel is displayed at a display device. The method further includes receiving a multicast stream of video content associated with the selected channel at the set-top box device. At least a portion of the multicast stream is received while the still image is displayed at the display device. The method also includes transmitting the video content to the display device. | 2009-12-24 |
20090320069 | METHOD AND SYSTEM FOR ELECTRONIC PROGRAM GUIDE TEMPORAL CONTENT ORGANIZATION - A method and system which temporally sorts data such as program guide data for example, to ensure that near-term data (i.e. most likely to be used, or “now data”) is always available for rapid access from a physical memory location such as a high-speed temporal cache. The method incorporates two low-priority background processes or algorithms, termed “event horizons” into the storage and manipulation of the data so that applications using the data may be run without having to always access a mass storage device. The method and system are highly applicable to all set top boxes (STBs) used in various communication systems such as satellite communication, Cable-TV and DVB systems. The method and system are economical in that superior STB and/or system performance may be obtained with the inclusion of lesser amounts of expensive high-speed RAM. | 2009-12-24 |
20090320070 | ELECTRONIC DEVICE, DISPLAY SYSTEM, DISPLAY METHOD, AND PROGRAM - An electronic device comprising: a content acquiring means capable of acquiring content acquired via a network or from inside of the electronic device, or generated inside of the electronic device; a first displaying means capable of displaying the acquired first content; a second displaying means arranged as a touch panel which is capable of accepting an input operation of a user, and capable of displaying the acquired second content; a display controlling means which, based on a predetermined condition, when the content acquiring means acquired third content in a state where the first and second content are displayed in the first and second displaying means, respectively, performs one of: (1) displaying in the second displaying means the third content clearing the second content, (2) presenting a split view by splitting the screen of the first display means into parts for the first and second content, and displaying in the second displaying means the third content, and (3) presenting a split view by splitting the screen of the second displaying means into parts for the second and third content. | 2009-12-24 |
20090320071 | PROGRAM GUIDE SYSTEM WITH COMBINATION CATEGORY SEARCH - An interactive television program guide system is provided in which the program guide may provide the user with a selectable list of combination categories. Combination categories are composed of multiple simple categories such as sports, news, comedy, movies, children, etc. Program listings are supplied to the program guide. At least some of the program listings are associated with combination categories. A combination category build process may be used to assign combination categories to program listings. The user is able to use the selectable categories list to quickly identify programming of interest. | 2009-12-24 |
20090320072 | CUSTOM CHANNELS - The technology is a system and method for generating a virtual channel in an electronic program guide. Scheduling instructions, which are configured by a user, indicate content that should be presented for selection in the virtual channel. The scheduling instructions are executed in priority order. The virtual channel is populated with content descriptions based on the execution of the scheduling instructions. After the virtual channel is initially populated with content, broadcasting gaps in the virtual channel are identified. In one embodiment, each broadcasting gap is populated with other content based on a broadcast gap setting set by the user. In another embodiment, each broadcasting gap remains an empty schedule entry in the virtual channel. An electronic document associated with the virtual channel may be published to a third-party website so that other users may subscribe to the virtual channel. | 2009-12-24 |
20090320073 | Method and Apparatus for Browsing Using Multiple Coordinated Device Sets - Systems and methods for navigating hypermedia using multiple coordinated input/output device sets. Disclosed systems and methods allow a user and/or an author to control what resources are presented on which device sets (whether they are integrated or not), and provide for coordinating browsing activities to enable such a user interface to be employed across multiple independent systems. Disclosed systems and methods also support new and enriched aspects and applications of hypermedia browsing and related business activities. | 2009-12-24 |
20090320074 | Information system and method - Example systems and methods provide information such as, but not limited to, interactive program guide (IPG) information for display on a display device such as a television. In the case of IPG information, an IPG server includes an IPG data store that stores IPG data such as program titles, actors, program descriptions, program start times, program end times, program duration, and the like. Receivers such as televisions and set-top boxes are configured to have an electronic mailbox. In response to a request to display the IPG, an IPG data request is sent via a wide area network such as the internet to the IPG server. The server accesses the IPG data store and retrieves IPG data corresponding to the request. The retrieved IPG data is sent to the television's electronic mailbox as an e-mail message. Using the data contained in the e-mail message, the television generates and displays an IPG on the television screen. | 2009-12-24 |
20090320075 | Method and apparatus for multiplexing audio program channels from one or more received broadcast streams to provide a playlist style listening experience to users - A method and apparatus are provided for generating a personalized radio channel playlist by time division multiplexing songs from multiple received channels from one or more broadcast source streams in a queue. Users can specify favorite channels for building their personal playlists, or multiple default playlist channels can be provided by genre. Navigation tools permit users to see upcoming songs in their playlist queue and skip ahead and backward. Thumbs up/down buttons on the radio receiver permit entering a song or artist being played back into a favorites list that is used to search all channels for matches or a banned list used to block songs from future playlists. If matches are found, the channel carrying the favorite is extracted and added to the playlist. Channel searching for matches involves monitoring real-time song and artist labels for all channels carried in a separate data channel (e.g., Broadcast Information Channel (BIC)). Segments on the playlist are dynamically truncated to reduce the average time each segment is played to facilitate preview of playlist segments. Preview times can vary depending on the size of the playlist or number of channels used. During a preview of a segment, users can opt to listen to the full song or back up in the playlist to listen to a previous song. Connectivity options and web interfaces are provided to facilitate transfer and sharing of customization parameters for personalized radio configuration. | 2009-12-24 |
20090320076 | System and Method for Processing an Interactive Advertisement - A set-top box device comprises a speech recognition module, a video image recognition module, and a voice over Internet protocol bridge. The speech recognition module is configured to perform speech recognition on a voice command signal to determine an action to take in the set-top box device. The video image recognition module is connected to the speech recognition module, and is configured to recognize a display device image. The voice over Internet protocol bridge is coupled to the video image recognition module, and is configured to connect a voice telephone call from the set-top box device to a call center. | 2009-12-24 |
20090320077 | Method and apparatus for on-demand content transmission and control over networks - Methods and apparatus for delivering content over network infrastructure are disclosed. In one embodiment, the network comprises a content-based (e.g., cable) network coupled to a radio or other service provider network, and a portion of the infrastructure comprises that nominally used for on-demand (OD) services such as VOD. Mobile or other consumer devices (e.g., cellular telephones, PDAs, etc.) capable of accessing the service provider network are able to access the on-demand and related “trick mode” functionality of the content-based network, as well as make use of ancillary functions such as billing modules associated with the content network. | 2009-12-24 |
20090320078 | HYBRID TELECOMMUNICATION SYSTEM, METHOD, AND DEVICE - A hybrid telecommunications system, method, and device are provided. The system may include a plurality of unidentified users, a broadcaster, a source of information content, and a packet or switched network. The users may each be equipped with a transreceiving device for receiving broadcast communications and generating communications of their own. According to the method, a broadcaster may receive a first communication, the first communication being directed to the broadcaster over a packet or switched network, from a user or a source of information content. The broadcaster, in turn, broadcasts the first communication to one or more unidentified users. One or more unidentified users who received the first broadcast communication may generate a second communication which is transmitted to the broadcaster. Upon receipt of the second communication by the broadcaster, the broadcaster may broadcast it to one or more unidentified users. | 2009-12-24 |
20090320079 | ON-VEHICLE EQUIPMENT FOR RECEIVING AND DISPLAYING DIGITAL BROADCASTING - An on-vehicle equipment mounted on a vehicle and adapted to receive a data broadcasting transmitted in digital broadcasting and display it on a display unit, holds a contents of the data broadcasting in correspondence with a combination of component tag value and module ID for discriminating the contents, displays, in accordance with layout information of defaults containing information indicative of areas on the screen of display unit at which contents are displayed, a corresponding contents on the screen of the display unit, and acquires, when a combination of component tag value and module ID is received, a contents corresponding to the combination of component tag value and module ID and displays the acquired contents on the screen of display unit in a size larger than that for display pursuant to the default layout information. | 2009-12-24 |
20090320080 | Wireless Streaming Media Systems, Devices and Methods - A system includes one or more transmitter devices constructed and adapted to transmit wireless streaming media, the transmitter device connected to at least one video source, wherein the transmitter device is further constructed and adapted to automatically detect a type of active source signal from the at least one video source and automatically to convert that signal, if necessary, to an appropriate output signal; and one or more receiver devices constructed and adapted to receive wireless signals, the receiver connected to at least one video output device, wherein the at least one receiver device is further constructed and adapted to produce, automatically, a appropriate signal for the at least one video output device connected thereto. | 2009-12-24 |
20090320081 | Providing and Displaying Video at Multiple Resolution and Quality Levels - A method provides video from a video data source comprising a sequence of multi-level frames. Each multi-level frame comprises multiple copies of a respective frame. Each copy has an associated video resolution or quality level that is a member of a predefined range of levels that range from a highest level to a lowest level. First video data corresponding to a first portion of a first copy of a respective frame and second video data corresponding to a second portion of a second copy of the respective frame are extracted from the video data source. The video resolution or quality level of the second copy is distinct from that of the first copy. The first and second video data are transmitted to a client device for display. The extracting and transmitting are repeated with respect to successive multi-level frames of the video data source. | 2009-12-24 |
20090320082 | Method of delivering content data - A system and method are provided for delivering video content data from a first computer to a second computer. In such system, a first computer can store video content in first and second encoded video files having first and second data encoding formats. The video content may be stored in a directory accessible by a request from a browser of a second computer. The first computer can receive a request for content data from the second computer and identify a data format consumable a player of the second computer. When the requested content data is available in the consumable data format, the first computer can transmit the requested content data in the consumable data format to the second computer. When the requested content data is available at the first computer but is not in the consumable data format, the first computer may convert the requested content data to the consumable data format and transmit the converted content data having the consumable data format to the second computer. | 2009-12-24 |
20090320083 | Personal Media Viewer - A media viewer includes a housing having a monocular configuration having forward and rearward ends and defining an interior space. The forward end includes a lens through which a user may look into the interior space. A rear wall of the housing encloses the housing. A display is mounted upon an intermediate wall within the interior space and may be viewed by a user through the lens. An electronics area is defined between the intermediate and rear walls of the housing. A battery, central processing unit, and data storage devices are positioned within the electronics housing and are interconnect to one another and to the display. Interactive control buttons are positioned on an external surface of the housing such that programming from the data storage devices may be reviewed, selected, and viewed on the display. Content may be downloaded from subscriber websites onto the storage devices. | 2009-12-24 |
20090320084 | PROVIDING PROGRAM RESTART FUNCTIONALITY IN A DIGITAL VIDEO NETWORK - A technique for providing program restart functionality in a digital video network involves receiving requests from different end-user devices to restart a program and servicing the program restart requests from the different end-user devices via a single broadcast stream. In an embodiment, program restart requests that are received within an established time interval, referred to as an aggregation interval, are serviced by the same broadcast stream. Additionally, during the aggregation interval and before the program restart begins, personalized content can be provided to the end-user devices via, for example, unicasting. Once the aggregation interval is over, all of the unicast streams are switched over to the same broadcast stream and the program broadcast is restarted. In an embodiment, a switch buffer is provided just before the restarted broadcast stream in order to ensure a smooth transition from each of the multiple unicast streams to the restarted broadcast stream. | 2009-12-24 |
20090320085 | HOUSE AMPLIFIER WITH RETURN PATH GATING - In a traditional HFC plant, the return path signals originating from cable modems, eMTAs, and settop boxes are transmitted in the 5-42 MHz range (other countries use frequencies such as 5-30 MHz, 5-55 MHz, and 5-65 MHz). These signals with entry points at any RF connection point in the home are combined by RF combiners at the side of the house. Furthermore, RF return path signals from multiple homes are combined by RF taps into a coaxial cable TV plant, and transmitted back to a hub or headend either in RF or thru a fiber optic network. | 2009-12-24 |
20090320086 | Loss reduction in a coaxial network - An in-house coaxial network includes an input ( | 2009-12-24 |
20090320087 | METHOD FOR MAPPING BETWEEN SIGNALING INFORMATION AND ANNOUNCEMENT INFORMATION AND BROADCAST RECEIVER - A method for mapping signaling information to announcement information and a broadcast receiver are disclosed herein. A method of providing a Non-Real-Time (NRT) service, the method comprises extracting identification information of first signaling information and second signaling information based upon a program specific information/program and system information protocol (PSI/PSIP) table, receiving the first signaling information and second signaling information based upon the extracted identification information, constructing and displaying a service guide using the received first signaling information, acquiring first content identification information as a content selected from the displayed service guide, accessing a File Delivery over Unidirectional Transport (FLUTE) session using the received second signaling information, acquiring second content identification information matched with the acquired first content identification information from the accessed FLUTE session and receiving and storing one or more file constructing corresponding content based upon the acquired second content identification information. | 2009-12-24 |
20090320088 | Access enforcer - A computer-driven resource manager ( | 2009-12-24 |
20090320089 | POLICY-BASED USER BROKERED AUTHORIZATION - A User Brokered Authorization (UBA) mechanism for policy decisions in a computing device is provided. The authorization mechanism interacts with an authorization layer of the computing device's operating system and enables a determination of whether an authorization decision can be made programmatically or by end user decision based on generalized device policy. | 2009-12-24 |
20090320090 | DEPLOYING PRIVACY POLICY IN A NETWORK ENVIRONMENT - An authoring application enables an administrative user to generate, validate, and deploy one or more privacy notices and legal notices in web pages that may be retrieved by a client user via a web browser. Two or more of the privacy notices generated by the authoring application may be deployed in a web page, and may be selectively presented to the client user via the web browser in accordance with the notification setting selected at the web browser. Two or more of the legal notices generated by the authoring application may be deployed in the web page or in a second web page. The legal notices may be selectively presented to the client user via the web browser in accordance with the notification setting. | 2009-12-24 |
20090320091 | PRESENTING PRIVACY POLICY IN A NETWORK ENVIRONMENT RESPONSIVE TO USER PREFERENCE - An approach for presenting a web page to a client user via a web browser. As one example, a user preference specifying a notification setting may be received from the client user at the web browser. The notification setting may cause the web browser, upon retrieving a web page, to present one or more of a privacy notice or a legal notice to the client user. The particular way in which the privacy notice and the legal notice are presented to the client user may be varied based on the notification setting specified by the user preference. | 2009-12-24 |
20090320092 | USER INTERFACE FOR MANAGING ACCESS TO A HEALTH-RECORD - A server system for regulating access to a health record of an individual includes a communications subsystem, a logic subsystem operatively coupled to the communications subsystem and configured to execute instructions, memory operatively coupled to the logic subsystem and holding user-interface instructions that, when executed by the logic subsystem, send information via the communications subsystem for presenting a user interface. In this embodiment, the user interface includes a list of one or more items in the health record to which an application has requested access, and for each of the one or more items, a configuration-indicating element distinguishing whether the application is configured to service the individual if access to that item is denied. The user interface further includes for each of the one or more items, one or more presettable selection elements enabling a marshal of the health record to authorize or withhold access to that item. | 2009-12-24 |
20090320093 | HOLISTIC XACML AND OBLIGATION CODE AUTOMATICALLY GENERATED FROM ONTOLOGICALLY DEFINED RULE SET - Computer-based systems and methods for automatically generating both XACML rules and processed-based obligation code using a common ontologically defined ruleset. | 2009-12-24 |
20090320094 | System and Method for Implementing a Publication - Systems and methods are provided that allow for publication delegation through the use of publication authorization rules, where a presentity can allow another entity, e.g., a publisher, to publish presence information associated with the presentity on behalf of the presentity. Additionally, the ability is provided for, e.g., a service provider, to restrict presence information that a presentity is allowed to publish. Hence, publication delegation can be effectuated in cases when a rule matches users (with identities) other than the presentity whose presence information is to be published. Moreover, service provider restriction on the allowed presence information can also be provided in those cases when a rule matches the identity of the presentity. | 2009-12-24 |
20090320095 | OBTAINING DIGITAL IDENTITIES OR TOKENS THROUGH INDEPENDENT ENDPOINT RESOLUTION - A federated identity provisioning system includes relying parties, identity providers, and clients that obtain tokens from identity providers for access to a relying party's services. When a client contacts a new relying party, the relying party provides information that the client can independently resolve and evaluate for trustworthiness. For example, the relying party provides a generic domain name address. The client can then resolve the domain name address over various, authenticated steps to identity an endpoint for a digital identity provisioning service. The client can further interact with and authenticate the provisioning service (e.g., requiring digital signatures) to establish a trust relationship. Once determining that the client/user trusts the provisioning service, the client/user can then provide information to obtain a digital identity representation. The client can then use the digital identity representation with the corresponding identity provider to obtain one or more tokens that the relying party can validate. | 2009-12-24 |
20090320096 | MANAGING ACCESS TO A HEALTH-RECORD - A method to regulate access to a health record of an individual includes receiving a request from an application, the request identifying an item in the health record to which access is requested. The method further includes presenting the request to a marshal of the health record via a user interface and receiving a response from the marshal of the health record via the user interface, the response indicating whether access to the item is authorized or withheld. The method further includes granting the application access to the item if the response indicates that access to the item is authorized, and denying access to the item from the application if the response indicates that access to the item is withheld. | 2009-12-24 |
20090320097 | METHOD FOR CARRYING OUT A DISTRIBUTED SEARCH - An operator provides services to a population of client device, such as mobile communication devices, including search services accessed via an operator portal. A search gateway places a search object, in which user privacy is protected, into a distributed, transactional object (tuple) space. Resolvers monitoring the space read the search descriptors and coordinate an external search to be performed with result objects placed back in the space. The gateway removes the search result objects from the space, matching them with the user search for reporting to a user of the client device. Thereby, an increased amount of content is accessible across a distributed system. | 2009-12-24 |
20090320098 | HOSTED NETWORK DEVICE USER INTERFACE - A system and method of hosting a user interface of a network device are provided. A particular method includes receiving a request at a server to display a user interface of the network device, authenticating an end user device to validate an identity of a user, and communicating display information of the user interface of the network device to the end user device for display. The server hosted user interface permits monitoring and interactions with the network device by a user of the end user device. | 2009-12-24 |
20090320099 | Content Retrieval - Content retrieval techniques are described. In an implementation, a determination is made as to whether a client is permitted to receive content requested by the client. When the client is permitted to receive the content, a communication is formed to be communicated via a wide area network that includes a hash list having a hash of each of a plurality of blocks of the content, each hash being configured to enable the client to locate a corresponding one of the blocks of the content via a local area network. | 2009-12-24 |
20090320100 | HANDLING OF INTEGRITY CHECK FAILURE IN A WIRELESS COMMUNICATION SYSTEM - Handling of integrity check failure in a wireless communication system can safely send the mobile station to the idle mode upon detection of security failure. Alternatively or in addition, attempts to recover from the security failure situation can be enabled without forcing the mobile station to enter idle mode. The mobile station autonomously transitions to idle mode when the integrity check failure is detected a certain threshold number ‘X’ times during a specified period ‘Y’. Whereupon, the mobile station initiates the Radio Resource Control (RRC) connection re-establishment procedure after integrity check failure is detected. In the RRC connection re-establishment procedure, the security parameters are re-initialized to provide a possibility to recover from the failure situation. | 2009-12-24 |
20090320101 | SYSTEM AND METHOD FOR AUTHENTICATING USERS IN A SOCIAL NETWORK - A system and method is provided that authenticates the identity of the person behind a username and stores that information in a manner that allows a first person communicating on a social network with a second person to confirm that the identity of the second person is known and authenticate without requiring the second person to reveal identity information (other than their user name/screen name) to the first person and vice versa. | 2009-12-24 |
20090320102 | Methods for Distributing Information Using Secure Peer-to-Peer Communications - A method for providing access to secure peer-to-peer communications to a device can include receiving a request to join an interest group. The request can include a device identification number of the device. The method can further include determining access rights for the device. The access rights can include permission to access shared messages of the interest group. Additionally, the method can include providing an access key to the device. The access key can enable the device to access shared messages of the interest group. | 2009-12-24 |
20090320103 | EXTENSIBLE MECHANISM FOR SECURING OBJECTS USING CLAIMS - An extensible mechanism for providing access control for logical objects in a network environment. A security broker is able to dynamically register one or more claims providers, each of which can assert one or more claims about logical objects. The claims providers may be purpose built or may be third party applications which expose data or business rules for use. Claims may be augmented by additional claims providers after the original claim is asserted. The applicability of claims may be scope limited either at the time the claims provider is registered or when the user requests that a security token be issued. | 2009-12-24 |
20090320104 | Communications Network with Smart Card - Methods and systems are disclosed to enable a smart card having relatively low data rate and low computational power to control a high data rate communications channel without degradation of performance. The smart card and an associated monitor/interface, which can be implemented in a network access device, are interposed between transmitting and receiving nodes in a network, and configured to intervene when conditions of rules stored in the smart card are met. For example, the smart card can intervene when a packet header indicates sufficient change in information, such as the exceeding of a predefined threshold or a requirement for user authorization/authentication. In one mode of regulating packet flow, the smart card selectively enables or disables packet transmission, reception, or both, according to the rules stored therein. In another mode, the smart card, upon activation, provides rules and modifications for packet data, headers, or both. The rules and modifications can implement communication policies of the entity providing communication services to the user of the services, and can be stored in the smart card to prevent alteration or tampering. | 2009-12-24 |
20090320105 | AUTHENTICATION OF USER INTERFACE ELEMENTS IN A WEB 2.0 ENVIRONMENT - A method for managing authentication of user interface elements in a user interface can be provided. The method can include displaying a plurality of widgets in the web browser and sending an HTTP request for data to a web site, wherein the HTTP request is sent via an XMLHttpRequest API. The method can further include receiving from the web site a 401 HTTP status code associated with a custom “WWW-Authenticate” header value indicating that the HTTP request is unauthorized for communication with the web site and detecting the custom “WWW-Authenticate” header value. The method can further include displaying in a first widget of the plurality of widgets a text field for entering user credentials. The method can further include sending to the web site an HTTP request including the user credentials entered by a user, wherein the HTTP request is sent via the XMLHttpRequest API. | 2009-12-24 |
20090320106 | SYSTEMS, APPARATUS, AND METHODS FOR CURRENCY PROCESSING CONTROL AND REDEMPTION - A coin processing and redemption system includes a coin processing machine configured to receive a batch of coins in an input region and process the batch of coins to determine a value thereof. A dispensing device is provided and is configured to output a redemption ticket bearing a code. The coin processing machine is configured to associate the redemption ticket code with a coin processing transaction prior to the determination of a value of a batch of coins. | 2009-12-24 |
20090320107 | SECURE PASSWORD RESET FOR APPLICATION - A method of controlling access to an interaction context of an application, including receiving login requests pertaining to an access account, each login request including a login password to be matched against an access password associated with the access account. A database includes at least one account record including a password state field indicating whether the access password is a temporary password or a permanent password and a security hold field indicating whether a security hold has been placed on the access account by an administrator. Access is denied upon receipt of a login request when the login password fails to match the access password. Access is denied upon receipt of a login request when the login password matches the access password, the password state field indicates that the access password is a permanent password, and the security hold field indicates that there is a security hold on the access account. Access is granted upon receipt of a login request when the login password matches the access password, the password state field indicates that the access password is a permanent password, and the security hold field indicates that there is no security hold on the access account. The method includes granting access which is limited to permitting changing of the access password and prompting a change of the access password upon receipt of a login request when the login password matches the access password and the access password is a temporary password. | 2009-12-24 |
20090320108 | Generating And Changing Credentials Of A Service Account - Technologies are described herein for generating and changing credentials of a service account. In one method, a credential schedule is retrieved. The credential schedule specifies when a plurality of credentials are scheduled to be changed. A determination is made whether a current credential associated with the service account is scheduled to be changed according to the credential schedule. Upon determining that the current credential is scheduled to be changed, at least part of a new credential is generated. The current credential is replaced with the new credential for the service account. | 2009-12-24 |
20090320109 | SIGNED EPHEMERAL EMAIL ADDRESSES - Architecture for generating a temporary account (e.g., an email address) with a user-supplied friendly name and a secret used to the sign the temporary account. For example, when a user wishes to create a temporary email address to use with an online organization, a friendly name is provided and the system generates a temporary email address including the friendly name. A signing component signs the temporary email address with a secret. One or more of these secrets can be provisioned prior to the user's creation of a friendly name, which eliminates propagation delay. During use, only incoming email messages having the temporary email address signed with the secret are validated. When the user revokes the temporary email address, the secret is revoked and the revocation is propagated to network gateways, rejecting any email sent to that address. | 2009-12-24 |
20090320110 | SECURE BOOT WITH OPTIONAL COMPONENTS METHOD - A method is executed which is for managing the optional trusted components that are active within a device, such that the device itself controls the availability of trusted components. The device includes: a storing unit which stores a plurality of pieces of software and a plurality of certificates; a receiving unit which receives the certificates; and a selecting unit which selects one of the certificates. The device further includes an executing unit which verifies an enabled one of the plurality of pieces of software using the selected and updated one of the certificates. | 2009-12-24 |
20090320111 | SECURE LEGACY MEDIA PERIPHERAL ASSOCIATION WITH AUTHENTICATION IN A MEDIA EXCHANGE NETWORK - Aspects for secure access and communication of information in a distributed media network may include detecting when a legacy media peripheral is connected to a PC and/or a media processing system on the distributed media network. One or more identifiers associated with the legacy media peripheral may be established and utilized to facilitate communication of the legacy media peripheral over the distributed media network. At least one legacy media peripheral identifier and at least one identifier of a user utilizing the legacy media peripheral may be requested. The legacy media peripheral identifier may be a serial number of the legacy media peripheral, while the user identifier may be a user password and/or a user name. Media peripheral association software may be executed on the PC and/or the media processing system and utilized for media peripheral association and authentication in accordance with various embodiments of the invention. | 2009-12-24 |
20090320112 | Method of Gaining Access to a Device - The method is for activating a device. A communication device ( | 2009-12-24 |
20090320113 | HOME NETWORKING WEB-BASED SERVICE PORTAL - A web-based service portal provides a user interface to configure and/or access device(s) of a home network. The service portal can communicate with device(s) through application program interfaces (APIs). The service portal can provide a standardized user interface for specific feature(s) of a device. | 2009-12-24 |
20090320114 | FEDERATED REALM DISCOVERY - A federated realm discovery system within a federation determines a “home” realm associated with a portion of the user's credentials before the user's secret information (such as a password) is passed to a non-home realm. A login user interface accepts a user identifier and, based on the user identifier, can use various methods to identify an account authority service within the federation that can authenticate the user. In one method, a realm list of the user device can be used to direct the login to the appropriate home realm of the user. In another method, an account authority service in a non-home realm can look up the user's home realm and provide realm information directing the user device to login at the home realm. | 2009-12-24 |
20090320115 | Secure Network Portal - According to one embodiment, a secure network portal includes a number of application servers coupled to one or more clients through a portal server. The application servers serve a number of secure services that may be consumed by clients. The portal server creates a login session with a graphical user interface in which the login session is associated with a particular authorization level. The portal server then displays a service access point for each of the plurality of secure services and restricts access to each of the secure services according to the authorization level of the login session. | 2009-12-24 |
20090320116 | FEDERATED REALM DISCOVERY - A federated realm discovery system within a federation determines a “home” realm associated with a portion of the user's credentials before the user's secret information (such as a password) is passed to a non-home realm. A login user interface accepts a user identifier and, based on the user identifier, can use various methods to identify an account authority service within the federation that can authenticate the user. In one method, a realm list of the user device can be used to direct the login to the appropriate home realm of the user. In another method, an account authority service in a non-home realm can look up the user's home realm and provide realm information directing the user device to login at the home realm. | 2009-12-24 |
20090320117 | REMOTE SIGN-OUT OF WEB BASED SERVICE SESSIONS - Remote sign-out of web based service sessions. As a part of remote sign-out of web based service sessions, a user authentication token is accessed that is used to establish a web based service session and this user authentication token is stored in memory of an authentication server and returned in a cookie to the device. User access and deletion of the user authentication token from memory is accommodated using a device different from that which initially established the web based service session. Upon receipt of a browser request involving the user authentication token, it is determined whether the user authentication token is stored in memory. An access denial indication is provided to a web based service that indicates that the user authentication token is not stored in memory. | 2009-12-24 |
20090320118 | Security Token and Method for Authentication of a User with the Security Token - A security token includes (a) a personal data memory configured to store digital identity credentials related to personal data of a user; (b) an input appliance configured to check said personal data; (c) a key record data memory configured to store at least one identity credential of an authentication server or of an application operator; (d) a transmitter and receiver unit configured to create a secure channel directly or indirectly to said authentication server or application operator to handle said key record relating to said authentication server or application operator, respectively; (e) a control unit configured to control the transmitter and receiver unit and the key record data memory in view of said handling, wherein the control unit is configured to perform one of: interpreting, deciphering, creating, checking, renewing, withdrawing and further key record handling actions. A method for authentication of a user using the security token is also disclosed. | 2009-12-24 |
20090320119 | EXTENSIBLE CONTENT SERVICE FOR ATTRIBUTING USER-GENERATED CONTENT TO AUTHORED CONTENT PROVIDERS - A method and system allows a user to add content to a displayable content container (e.g., web page) that specifies at least one modifiable portion, where the modifiable portion is served by a server operated by one entity, but provided to the server by a service operated by another entity. The modifiable portion is attributable to the one entity and remaining content in the displayable content container is not editable by the users. Other features, such as user authentication mechanisms, are also described herein. | 2009-12-24 |
20090320120 | REPLICATING MESSAGE QUEUES BETWEEN CLUSTERED EMAIL GATEWAY SYSTEMS - A method of “stateful failover” is provided that allows email gateway systems in a cluster to deliver email messages that have been accepted for delivery by a member of the cluster, but has failed with out delivering the messages. The method involves creating a backup copy of the messages that have been accepted for delivery by one email gateway system in the stateful failover cluster on one or more other email gateway systems in the stateful failover cluster. Upon detecting the failure of the email gateway system that accepted the message, another member of the stateful failover cluster that has access to the backup copy of the message queue takes responsibility for the delivery of the messages on the mirrored queue. | 2009-12-24 |
20090320121 | SYSTEM AND METHODS FOR SECURE SERVICE ORIENTED ARCHITECTURES - Provided is a method for intercepting a message between a requesting web service and a source web service, validating the message, logging the result of the validations, and adding a security profile to the message. The method may also include examining the message to determine whether a security profile is embedded therein. If the message is valid, access to the message by the requesting web service is permitted. If the message is not valid, access to the message by the requesting web service is prevented. | 2009-12-24 |
20090320122 | CONGESTION MANAGEMENT OF SESSION NEGOTIATIONS IN NETWORK DEVICES - A network device implements congestion management of sessions of a network protocol. In one implementation, an incoming request component receives session requests for a negotiation session between the network device and a second network device. A capacity pool stores a value relating to capacity of the network device to continue to efficiently process the session requests. New sessions are initiated when the value stored in the capacity pool is less than an estimate of the capacity of the network device at which the network device maximizes processor usage while minimizing session timeouts. | 2009-12-24 |
20090320123 | METHOD AND APPARATUS FOR USER RECOGNITION EMPLOYING MOTION PASSWORDS - A method and apparatus are disclosed that authenticate a user of a mobile device with motion sensors. During a learning session, the user initializes the mobile device by providing a motion sample. The mobile device extracts motion features that are unique to the user and converts them to parity bits and to a password shadow. During a recognition session, a motion pattern is gathered from the user moving the mobile device as if it were a virtual pen. The mobile device then uses the stored parity bits to correct small differences between motion patterns exhibited by the same user at different times. The mobile device converts the corrected motion pattern into a motion password that is compared with the stored password shadow. A user is authenticated only if the two values coincide. The system erases the generated motion password. | 2009-12-24 |
20090320124 | APPARATUS AND METHODS FOR DYNAMIC PICTORIAL IMAGE AUTHENTICATION - Apparatus, systems and methods are provided for facilitating user authentication in a computing system based on pictorial discernment of images displayed to a user. Multiple images are displayed to a user, with each image having one or more distinguishing characteristics. Each symbol of the user's password is associated with a particular characteristic included in one of the displayed images. The user is properly authenticated if they select the images having the characteristics corresponding with the symbols of the user's password. | 2009-12-24 |
20090320125 | SYSTEMS, METHODS, AND COMPUTER READABLE MEDIA FOR COMPUTER SECURITY - Embodiments of the present invention provide systems and methods that enhance the security various processes are provided, as well as machines, computer-readable media and processes that employ or allow employment of such systems. | 2009-12-24 |
20090320126 | INFORMATION PROCESSING APPARATUS AND METHOD - An information processing apparatus sets positional relationship information indicating positional relationship between a designated position, which is to be designated on a screen by a user in a case where a plurality of images inclusive of the pass image are displayed on the screen at the time of authentication, and a display position of the pass image (S | 2009-12-24 |
20090320127 | Approach for Printing Locked Print Data Using User and Print Data Authentication - An approach is provided for printing locked print data using user and print data authentication. The approach is applicable to a wide variety of contexts and implementations and includes the use of bi-directional security measures to ensure a secure transmission of a document to a printer and secure retrieval of the document from the printer by one or more intended recipients. In particular, the bi-directional security measures ensure that: 1) the document is received only by the intended recipient designated by the creator, 2) both the document's creator and the intended recipient are successfully authenticated, 3) the document received by the intended recipient is the document that was created by the creator, and 4) the document received by the intended recipient is identical to the document created by the creator. | 2009-12-24 |
20090320128 | SYSTEM MANAGEMENT INTERRUPT (SMI) SECURITY - A system management interrupt (SMI) security system includes one or more subsystems to define a first variable using advanced configuration and power interface (ACPI) source language (ASL) code, define a second variable using system management mode (SMM) code, generate a first soft SMI to generate a random value, update the first and second variables with the generated value, generate a second SMI to perform an operation, compare the values of the first and second variables and perform the operation in response to the first and second variables having a value substantially the same as one another. | 2009-12-24 |
20090320129 | SECURE CONTROL FLOWS BY MONITORING CONTROL TRANSFERS - A cross-module detection system and method for detecting and monitoring control flow transfers between software modules in a computer system. The system and method detect and monitor control flows entering and exiting the software modules. For a particular module, a checking model is extracted from the binary file of that module. In addition, a relaxed shadow stack is generated. If the module is an original module, meaning that the control flow originated from that module, then the checking model is used to check the validity of the control flow transfer. Otherwise, the relaxed shadow stack is used. An interception module is used to intercept and terminate invalid control flow transfers. If an invalid control flow transfer is detected, then the transfer is terminated. Otherwise, the control flow transfer is allowed to continue. | 2009-12-24 |
20090320130 | TRAITOR DETECTION FOR MULTILEVEL ASSIGNMENT - One embodiment of the present invention includes a method for traitor tracing that includes performing an inner code traitor tracing on a recovered pirated digital file, the recovered digital file incorporating an inner code for assigning segments of the digital file and an outer code for assigning inner codes to individual digital files. The method also includes extracting partial information regarding the outer code from the inner code tracing. An outer code tracing procedure may then be performed using the partial information. | 2009-12-24 |
20090320131 | Method and System for Preventing Malicious Communication - A method and a system for preventing malicious communication are disclosed. The system comprises a safe module set with a specific Internet Protocol address and a Time to Live threshold value of the specific IP address to determine whether a malicious communication exists. If the malicious communication exists, the safe module can re-direct the malicious communication to a recording module of the system for recording the content of the malicious communication. | 2009-12-24 |
20090320132 | SYSTEMS AND METHODS FOR DISTRIBUTED NETWORK PROTECTION - By distributing various information and monitoring centers that monitor distributed networks and unauthorized access attempts, it is possible to, for example, more quickly defend against an unauthorized access attempts. For example, a Level 1 monitoring center could monitor a predetermined geographical area serving, for example, a wide variety of commercial and public sites, an organizational structure, or the like, for alarms. Upon analyzing an alarm for various characteristics, the Level 1 monitoring center can refer the unauthorized access attempt to an appropriate Level 2 center for, for example, possible retaliatory and/or legal action. Then, a Level 3 monitoring center can record and maintain an overall picture of the security of one or more networks, the plurality of monitoring centers and information about one or more hacking attempts. | 2009-12-24 |
20090320133 | STREAMING MALWARE DEFINITION UPDATES - A method, system and apparatus for assembling and publishing frequent malware signature definition updates through the use of additive or “streaming” definition packages is provided. Embodiments of the present invention provide such functionality by publishing not only full malware signature definition updates on a long periodicity but also streaming malware signature definition updates containing newly certified signature definitions on a short periodicity. As newly-certified malware signature definitions are received, those newly-certified signature definitions are incorporated not only in the full signature definition file but also in a streaming signature definition update that contains only newly-certified signature definitions received during a streaming update period. At the end of the streaming update period, a streaming signature definition file is made available by publication to anti-malware clients. A streaming signature definition file only contains those signature definitions received during the assembly period for that streaming definition file. Embodiments of the present invention replace a previous streaming signature definition file with a new streaming signature definition file at the time of publication of the new streaming signature definition file. | 2009-12-24 |
20090320134 | Detecting Secondary Infections in Virus Scanning - A method, computer program product or computer system for scanning files in a computer system to detect additional infected files of a computer virus when a first infected file of the computer virus is identified, includes maintaining a friends tree for each file in the computer system, maintaining a search tree using the friends trees for scanning the files, searching the files listed in the search tree for the additional infected files, and quarantining the additional infected files detected in the searching. | 2009-12-24 |
20090320135 | SYSTEM AND METHOD FOR NETWORK EDGE DATA PROTECTION - Disclosed are systems and methods which examine information communication streams to identify and/or eliminate malicious code, while allowing the good code to pass unaffected. Embodiments operate to provide spam filtering, e.g., filtering of unsolicited and/or unwanted communications. Embodiments provide network based or inline devices that scan and scrub information communication in its traffic pattern. Embodiments are adapted to accommodate various information communication protocols, such as simple mail transfer protocol (SMTP), post office protocol (POP), hypertext transfer protocol (HTTP), Internet message access protocol (IMAP), file transfer protocol (FTP), domain name service (DNS), and/or the like, and/or routing protocols, such as hot standby router protocol (HSRP), border gateway protocol (BGP), open shortest path first (OSPF), enhanced interior gateway routing protocol (EIGRP), and/or the like. | 2009-12-24 |
20090320136 | IDENTIFYING EXPLOITATION OF VULNERABILITIES USING ERROR REPORT - A tool and method examine error report information from a computer to determine not only whether a virus or other malware may be present on the computer but also may determine what vulnerability a particular exploit was attempting to use to subvert security mechanism to install the virus. A system monitor may collect both error reports and information about the error report, such as geographic location, hardware configuration, and software/operating system version information to build a profile of the spread of an attack and to be able to issue notifications related to increased data collection for errors, including crashes related to suspected services under attack. | 2009-12-24 |
20090320137 | SYSTEMS AND METHODS FOR A SIMULATED NETWORK ATTACK GENERATOR - Systems and methods for generating a network attack within a simulated network environment including a module configured for creating one or more attack events against network devices within the simulated network environment wherein the attack events include exploitations of published and unpublished vulnerabilities and failures of hardware and software network systems, devices, or applications within the simulated network environment and for executing the created attack event on the simulated network environment and having an interface configured for receiving metadata regarding each attack event and adding the received attack event metadata to each associated attack event. | 2009-12-24 |
20090320138 | NETWORK SECURITY SYSTEM HAVING A DEVICE PROFILER COMMUNICATIVELY COUPLED TO A TRAFFIC MONITOR - A system and method for providing distributed security of a network. Several device profilers are placed at different locations of a network to assess vulnerabilities from different perspectives. The device profiler identifies the hosts on the network, and characteristics such as operating system and applications running on the hosts. The device profiler traverses a vulnerability tree having nodes representative of characteristics of the hosts, each node having an associated set of potential vulnerabilities. Verification rules can verify the potential vulnerabilities. A centralized correlation server, at a centrally accessible location in the network, stores the determined vulnerabilities of the network and associates the determined vulnerabilities with attack signatures. Traffic monitors access the attack signatures and monitor network traffic for attacks against the determined vulnerabilities. | 2009-12-24 |
20090320139 | TRANSPONDER INCORPORATED INTO AN ELECTRONIC DEVICE - An electronic device. The device comprises a metalization layer and an integrated circuit chip incorporated into the device wherein the integrated circuit chip is capacitively coupled to the metalization layer. The device comprises a first substrate having the metalization layer formed on the substrate, a cap layer covering at least the entire metalization layer and at least a portion of the first substrate not covered by the metalization layer. The integrated circuit chip is coupled to the first substrate, and is placed in proximity and in non-physical contact with the metalization layer. A conductive layer is attached to the integrated circuit chip. The conductive layer has at least a portion placed in a non-physical contact with the metalization layer. The integrated circuit chip is capacitively coupled to the metalization layer through the conductive layer and the metalization layer. | 2009-12-24 |
20090320140 | Piracy Prevention Using Unique Module Translation - A method for providing solidified software in a computing environment includes creating a new reference for a function in a function table; copying an address of the function and associating the address with the new reference; replacing the address associated with an old reference of the function with a dummy address; and substituting each old reference in normal code with the new reference, where injected code is not able to execute in the computing environment. The function table entries can be further randomized by reordering the entries, introducing intermediate mappings, or providing non-operative entries. Alternatively, all or part of the code of the function can be copied and moved to a different storage location and associated with the new reference. The copied code can be further randomized by the insertion of dummy code, utilizing reverse peephole techniques, varying the size of the copied portion, or interleaving non-operative code. | 2009-12-24 |
20090320141 | DOCUMENT DATA SECURITY MANAGEMENT METHOD AND SYSTEM THEREFOR - The present invention discloses a system for document security control to improve the security of document data, and the system comprises: an application, embedded in a machine readable medium, which performs a security control operation on abstract unstructured information by issuing an instruction to a platform software; the platform software, embedded in a machine readable medium, which accepts the instruction from the application and performs the security control operation on storage data corresponding to the abstract unstructured information; wherein, said abstract unstructured information are independent of a way in which said storage data are stored. | 2009-12-24 |
20090320142 | DATA PROCESSOR - A data processor by means of which when the right of a content being automatically reproduced extinguishes, the reproduction is continued so as to prevent the user from feeling discomfort, the content reproduction information is recorded and transmitted to a content distributor, and the user is charged. In the data processor, when a control unit ( | 2009-12-24 |
20090320143 | SENSOR INTERFACE - A sensor application programming interface (API) is capable of restricting an application's access to sensor data measured by a sensor, while at the same time providing access to sensor properties of the sensor, even if access has not been granted to the application for the sensor. | 2009-12-24 |
20090320144 | Method and system for transferring protected content - There is provided a method of transferring a protected content, in which the method comprises receiving from a first player the protected content via a transmission medium calculating usage rights associated with the protected content to confirm receipt from the first player of some or all of the usage rights associated with the protected content making available the protected content for distribution to a second player, and transmitting the protected content to the second player. The method also includes confirming that the first player has relinquished the some or all of the usage rights associated with the protected content prior to transmitting the protected content to the second player. The protected content may comprise a music file, and the some or all of the usage rights may comprise a usage right for a limited number of protected content players, or comprise a usage right for a limited time duration. | 2009-12-24 |
20090320145 | APPARATUS, METHOD, AND COMPUTER PROGRAM FOR CONTROLLING USE OF A CONTENT - A content usage control apparatus prevents a content managed by an end user from being illegally used. To prevent a content from being used by an apparatus or user other than an authorized apparatus or user, a content usage control apparatus registers the authorized apparatus or user and determines, before providing the content, whether the content is going to be provided to the authorized apparatus or user. The content usage control apparatus also has the capability of imposing a limitation on rewriting of registration. The above-described capabilities of the content usage control apparatus make it possible to protect copyright of information to be provided. A specific example of the content usage control apparatus is a server which stores contents such as movie contents or music contents, and may be used in a system in which a content is provided in response to a request from a client such as a portable telephone, a TV set, or a personal computer, connected to the server. | 2009-12-24 |
20090320146 | SYSTEM AND METHOD FOR SECURING DATA WITHIN A STORAGE SYSTEM - According to the present invention, there is provided a system for securing data with a storage system. The system includes at least one storage device. In addition, the system includes a security mechanism for recognizing an attempt to insert or remove the storage device. Moreover, the system includes a management unit to control the insertion and removal of the storage device. | 2009-12-24 |
20090320147 | Nonhuman transgenic animal as type 2 diabetes model - The invention provides a non-human transgenic animal as a model of type 2 diabetes manifesting a symptom of type 2 diabetes by excessive expression of the active SREBP-2 protein in pancreatic β-cells by introducing a recombinant DNA in which a DNA encoding the active SREBP-2 protein is disposed under the control of a promoter, and a method for screening therapeutic agents of diabetes using the transgenic animal. | 2009-12-24 |
20090320148 | OXYLIPINS FROM STEARIDONIC ACID AND GAMMA-LINOLENIC ACID AND METHODS OF MAKING AND USING THE SAME - Disclosed are novel oxylipins that are derived from γ-linolenic acid (GLA; 18:3n-6) and stearidonic acid (STA or SDA; 18:4n-3), and methods of making and using such oxylipins. Also disclosed is the use of such oxylipins in therapeutic and nutritional or cosmetic applications, and particularly as anti-inflammatory or anti-neurodegenerative compounds. Also disclosed are The invention novel ways of producing long chain polyunsaturated acid (LCPUF A)-rich oils and compositions that contain enhanced and effective amounts of SDA- and/or GLA-derived oxylipins. | 2009-12-24 |
20090320149 | Expression vectors - This present invention provides an expression vector system that uses alternative RNA processing to express in a single cell a polypeptide in both membrane-bound and soluble forms. By incorporating a mimetic structure of the 3′ terminal region of human mu gene and introducing other exogenous genetic elements, an artificial gene can be constructed that is capable of simultaneously expressing membrane-bound and secreted forms of polypeptides in myeloma cells and other cells of the B lymphocyte lineage, as well as in non-B cells. If an immunoglobulin heavy chain is co-expressed with a light chain using this vector, whole antibodies can be produced that are both displayed on the surface of a single cell and secreted into the cell culture supernatant. Membrane-bound antibodies facilitate isolation and expansion of those cells displaying antibodies with desired antigen binding characteristics, while secreted antibodies facilitate identification of antibodies having desired biological function(s). | 2009-12-24 |
20090320150 | COTTON CULTIVAR DP 147 RF - A cotton cultivar, designated DP 147 RF, is disclosed. The invention relates to the seeds of cotton cultivar DP 147 RF, to the plants of cotton DP 147 RF and to methods for producing a cotton plant produced by crossing the cultivar DP 147 RF with itself or another cotton variety. The invention further relates to hybrid cotton seeds and plants produced by crossing the cultivar DP 147 RF with another cotton cultivar. | 2009-12-24 |