Настройки

Укажите год
-

Небесная энциклопедия

Космические корабли и станции, автоматические КА и методы их проектирования, бортовые комплексы управления, системы и средства жизнеобеспечения, особенности технологии производства ракетно-космических систем

Подробнее
-

Мониторинг СМИ

Мониторинг СМИ и социальных сетей. Сканирование интернета, новостных сайтов, специализированных контентных площадок на базе мессенджеров. Гибкие настройки фильтров и первоначальных источников.

Подробнее

Форма поиска

Поддерживает ввод нескольких поисковых фраз (по одной на строку). При поиске обеспечивает поддержку морфологии русского и английского языка
Ведите корректный номера.
Ведите корректный номера.
Ведите корректный номера.
Ведите корректный номера.
Укажите год
Укажите год
Применить Всего найдено 19303. Отображено 100.
12-01-2012 дата публикации

Method and apparatus for a content protecting and packaging system for protecting a content package

Номер: US20120008777A1
Автор: Bartlomiej Piotr Jozwiak, Elena GILLET, Janne Sakari Mantyla, Juhani Mäkelä, Kimmo Surakka, Markku Kylanpaa, Markku Savela, Mustafa Ilhan GUREL, Sami Petteri Lehtisaari, Tommi Sakari Von Hertzen
Принадлежит: Nokia Oyj

An apparatus for providing an improved content protecting and packaging system for protecting content may include an extractor for extracting a content package into a plurality of content segments including a first portion and a second portion. An enveloper may envelop each of the content segments in the first portion separately to thereby create one or more protected content segments. Further, a packager may package the protected content segments with the second portion of the content segments into a protected content package, which may then be uploaded to a distributor for distribution to user terminals. A corresponding method and computer program product are also provided.

Подробнее
Номер записи: 1
12-01-2012 дата публикации

Method and system for transmitting delay media information in ip multimedia subsystem

Номер: US20120011368A1
Автор: Tian Tian, Yinxing Wei, Yunwen Zhu, Zhimeng Teng
Принадлежит: ZTE Corp

The present invention provides a method and a system for transmitting delay media information in an IP multimedia subsystem, the system includes: a sending party of media information, a receiving party of the media information, a KMS and a mailbox server of the receiving party of the media information. The method and system of the present invention establishes an end-to-end security association between the sending party and the receiving party of the media information to encrypt the media information between them, without any need for the KMS to store the media key; at the same time, the security association is also established between the sending party and the mailbox server of the receiving party, and between the mailbox server of the receiving party and the receiving party, to perform an integrity protection and a mutual authentication between them, thus the security transmission of the IMS delay media information can be realized.

Подробнее
Номер записи: 2
19-01-2012 дата публикации

Systems and methods for processing data flows

Номер: US20120017262A1
Автор: Charles Ching Lee, Chunsheng Fu, Harsh Kapoor, John C. Ferguson, Moisey Akerman, Paul S. Gallo, Stephen D. Justus, Timothy M. Martin, Weidong Xu, Yevgeny Korsunsky
Принадлежит: Crossbeam Systems Inc

A flow processing facility, which uses a set of artificial neurons for pattern recognition, such as a self-organizing map, in order to provide security and protection to a computer or computer system supports unified threat management based at least in part on patterns relevant to a variety of types of threats that relate to computer systems, including computer networks. Flow processing for switching, security, and other network applications, including a facility that processes a data flow to address patterns relevant to a variety of conditions are directed at internal network security, virtualization, and web connection security. A flow processing facility for inspecting payloads of network traffic packets detects security threats and intrusions across accessible layers of the IP-stack by applying content matching and behavioral anomaly detection techniques based on regular expression matching and self-organizing maps. Exposing threats and intrusions within packet payload at or near real-time rates enhances network security from both external and internal sources while ensuring security policy is rigorously applied to data and system resources. Intrusion Detection and Protection (IDP) is provided by a flow processing facility that processes a data flow to address patterns relevant to a variety of types of network and data integrity threats that relate to computer systems, including computer networks.

Подробнее
Номер записи: 3
26-01-2012 дата публикации

System and method for exchanging information among exchange applications

Номер: US20120023193A1
Автор: Gabriel Oancea, Mark Eisner
Принадлежит: FireStar Software Inc

A system and method for communicating transaction information includes a plurality of client application devices distributed among one or more local client application devices and one or more remote client application devices, and a plurality of gateways distributed among one or more local gateways and one or more remote gateways. The one or more local gateways are configured to communicate the transaction information with the one or more local client application devices, with which the one or more local gateways are associated, using one or more local data formats. The one or more remote gateways are configured to communicate the transaction information with the one or more remote client application devices, with which the one or more remote gateways are associated, using one or more remote data formats. The one or more local gateways are configured to transform the transaction information in the one or more local data formats into one or more common data formats that are shared with the one or more remote gateways. The one or more remote gateways are configured to transform the transaction information in the one or more common data formats into the one or more remote data formats. The transaction information from the one or more local client application devices is communicated to the one or more remote client application devices for completing a transaction.

Подробнее
Номер записи: 4
23-02-2012 дата публикации

Key Distribution Scheme for Networks of Information

Номер: US20120045064A1
Автор: Daniel Catrein, Frank Hartung, Rene Rembarz
Принадлежит: Individual

A method for control ling information object ( 102 ) usage in a network of information ( 100 ) wherein information objects ( 102 ) are identified by information object identities and locations of the information objects ( 102 ) are indicated by location pointing information, the method comprising receiving ( 5 b ) an encrypted information object ( 102 ), sending ( 7 ) to a resolution node (D 200 ) a request for location pointing information of a key issuing node (D300), the request comprising an identity of the received information object ( 102 ), receiving ( 8 ) the location pointing information of the key issuing node (D 300 ), sending ( 9 ) to the key issuing node (D 300 ) a request for an access key ( 104 ) for decrypting the encrypted information object ( 102 ), the request comprising the identity of the received information object ( 102 ), receiving ( 11 ) the access key ( 104 ), and decrypting ( 12 ) the received encrypted information object ( 102 ) with the received access key ( 104 ).

Подробнее
Номер записи: 5
08-03-2012 дата публикации

Security of a multimedia stream

Номер: US20120057697A1
Автор: Pekka Johannes Laitinen, Silke Holtmanns
Принадлежит: Nokia Oyj

A method including receiving encrypted multimedia information of a multimedia broadcast multicast service streaming session, wherein the multimedia information is encrypted using an encryption key. An indication allowing to switch the receiving of the encrypted multimedia information to a peer-to-peer streaming session is received and receiving of the encrypted multimedia information from the multimedia broadcast multicast service streaming session to the peer-to-peer streaming session is switched. Encrypted multimedia information of the peer-to-peer streaming session is received.

Подробнее
Номер записи: 6
08-03-2012 дата публикации

Method and system for optimizing authentication procedures in media independent hanodver services

Номер: US20120057706A1
Автор: Anirudh Bhatt
Принадлежит: SAMSUNG ELECTRONICS CO LTD

A method and system for establishing security association mechanism between a Mobile Node (MN) and a plurality of Point of Services (PoS) are provided. The method includes sending a first request from primary PoS to secondary PoS. The primary PoS then receives a first response along with a derived first key. The first key is derived at the secondary PoS. The method further includes receiving a second request from the MN at the primary PoS. The method then derives a second key based on a MN identity and the derived first key. Thereafter, the method sends a second response along with a second key from the primary PoS to the MN. Further, the method establishes communication between the MN and secondary PoS based on the second key received by the MN and the second key generated at the secondary PoS.

Подробнее
Номер записи: 7
29-03-2012 дата публикации

Method, device, and system for deriving keys

Номер: US20120077501A1
Автор: Aiqin Zhang, Jing Chen, Xiaoyu Bi
Принадлежит: Huawei Technologies Co Ltd

Method, device, and system for deriving keys are provided in the field of mobile communications technologies. The method for deriving keys may be used, for example, in a handover process of a User Equipment (UE) from an Evolved Universal Terrestrial Radio Access Network (EUTRAN) to a Universal Terrestrial Radio Access Network (UTRAN). If a failure occurred in a first handover, the method ensures that the key derived by a source Mobility Management Entity (MME) for a second handover process of the UE is different from the key derived for the first handover process of the UE. This is done by changing input parameters used in the key derivation, so as to prevent the situation in the prior art that once the key used on one Radio Network Controller (RNC) is obtained, the keys on other RNCs can be derived accordingly, thereby enhancing the network security.

Подробнее
Номер записи: 8
29-03-2012 дата публикации

Method And System For Enabling Rendering Of Electronic Media Content Via A Secure Ad Hoc Network Configuration Utilizing A Handheld Wireless Communication Device

Номер: US20120079112A1
Автор: Alexander MacInnis, Arya Behzad, Jeyhan Karaoguz, John Walley, Mark Buer, Thomas Quigley
Принадлежит: Broadcom Corp

A handheld wireless communication device (HWCD) establishes an ad hoc network comprising interconnected networks for a user. The HWCD gains access to content on a first device and controls communication of the content from the first device via the HWCD to a second device. The HWCD enables the second device to consume the content. The content may be streamed from the first device via the HWCD to the second device. The first device is a service provider network device or other network device. The access may be authenticated and/or secure. Secure access to the content is extended from the first device to the second device. The ad hoc network is configured and/or reconfigured until communication is complete. The HWCD comprises multiple wireless interfaces. The ad hoc network comprises a PAN, WLAN, WAN and/or cellular network. The HWCD may hand-off among base stations during communication of the content.

Подробнее
Номер записи: 9
19-04-2012 дата публикации

Data integrity protecting and verifying methods, apparatuses and systems

Номер: US20120096564A1
Автор: JI Li
Принадлежит: Sony Corp

The disclosure provides data integrity protecting and verifying methods, apparatuses and systems. A data integrity protecting method include: calculating a Hash value of each of the data blocks by using a first Hash function, to obtain a plurality of block Hash values which form a first series of Hash values; calculating a second series of Hash values based on the first series of Hash values, the second series of Hash values comprising a plurality of chain Hash values, each of which being associated with a corresponding block Hash value in the first series of Hash values and being associated with a neighbor chain Hash value in the second series of Hash values, wherein the first series of Hash values and the second series of Hash values used as integrity information of the data; and generating verification information of the data by using a last chain Hash value.

Подробнее
Номер записи: 10
17-05-2012 дата публикации

System and method for managing transfer of rights using shared state variables

Номер: US20120123952A1
Автор: Eddie J. Chen, Guillermo Lao, Mai Nguyen, Thanh Ta, XIN Wang
Принадлежит: Contentguard Holdings Inc

A method, system and device for transferring rights adapted to be associated with items from a rights supplier to a rights consumer, including obtaining a set of rights associated with an item, the set of rights including meta-rights specifying derivable rights that can be derived from the meta-; determining whether the rights consumer is entitled to the derivable rights specified by the meta-rights; and deriving at least one right from the derivable rights, if the rights consumer is entitled to the derivable rights specified by the meta-rights, wherein the derived right includes at least one state variable based on the set of rights and used for determining a state of the derived right.

Подробнее
Номер записи: 11
24-05-2012 дата публикации

Method, Apparatus and System for Processing Security Key when Reestablishing Radio Resource Control (RRC) Connection

Номер: US20120129499A1
Автор: Jinglan Li
Принадлежит: ZTE Corp

A method for processing a security key when a Radio Resource Control (RRC) connection is reestablished is provided, which comprises: receiving a Radio Resource Control connection reestablishment request from a user equipment by a node B; the node B judging whether there is a need to generate a new access layer security key, and generating the new access layer security key or using an original access layer security key based on this judgment result; and sending corresponding Radio Resource Control connection reestablishment information to the user equipment by the node B, so that the user equipment carries out the connection reestablishment. The method adds in the judgment steps into the process of generating an access layer security key, and thus solving the problem in the conventional method that a new key is generated regardless of the situation, thereby saving a large number of computation process of generating the key and reducing the time delay of the systems.

Подробнее
Номер записи: 12
24-05-2012 дата публикации

Servicing attributes on a mobile device

Номер: US20120129514A1
Автор: Blayn W. Beenau, David P. Whittington, Jeffrey D. Langus, Williams J. Gray
Принадлежит: American Express Travel Related Services Co Inc

Enabling remote customer service and maintenance using a visual identifier is disclosed. In response to a user enrolling in a service capability associated with a mobile device, the process utilizes a visual identifier to associate the service capability with the customer account, the service and the mobile device. The system allocates a visual identifier for each service capability and enables customer service agents to identify the service capability and mobile device, verify the user and retrieve information for the service interaction.

Подробнее
Номер записи: 13
24-05-2012 дата публикации

Transaction verification on rfid enabled payment and transaction instruments

Номер: US20120130905A1
Автор: Ersin Uzun, Gene Tsudik
Принадлежит: UNIVERSITY OF CALIFORNIA

A display enabled RFID tag (DERT) receives transaction details from the reader. DERT verifies that the details match their counterparts in the reader public key certificate. The process is aborted in case of a mismatch. DERT extracts and displays user-verifiable data. It then enters a countdown stage that lasts for a predetermined duration. A user observes the transaction information and, if the transaction amount and other details are deemed correct, presses an accept button provided on the DERT before the timer runs out. DERT signs the time-stamped transaction statement and sends it to the reader. This signed statement is then sent to the payment gateway and eventually to the financial institution that issued the payment DERT.

Подробнее
Номер записи: 14
24-05-2012 дата публикации

Method and apparatus for controlling access to data based on layer

Номер: US20120131342A1
Автор: Dae Youb Kim, Eunah Kim, Mi Suk Huh
Принадлежит: SAMSUNG ELECTRONICS CO LTD

Disclosed is an access control apparatus and method for giving access authority with respect to data. The access control apparatus may encrypt, using a Public Key (PK) of a terminal, a Node Key (NK) of a target layer in which the access authority is to be granted to the terminal, and produce an Access Control List (ACL) of the target layer based on the encrypted NK and ID information of the terminal. Also, the access control apparatus may produce a copy of the ACL based on the produced ACL, and store the produced copy of the ACL in a lower layer.

Подробнее
Номер записи: 15
24-05-2012 дата публикации

Secure Information Storage and Delivery System and Method

Номер: US20120131656A1
Автор: Abhilash Ravindran, David Reed, George K. Tsantes, Jonathan Slaton, Ryan B. Johnson, Toan Tran
Принадлежит: Intersections Inc

A system for secure information storage and delivery includes a vault repository that includes a secure vault associated with a user, wherein the secure vault is configured to receive at least one data entry. A mobile vault server coupled to the vault repository creates a mobile vault on a mobile device based on the secure vault and is capable of authenticating the mobile device based on user authentication information. The mobile vault server includes a mobile device handler that communicates with the mobile device. A synchronization utility determines whether the at least one data entry on the secure vault is transferable to or storable on the mobile vault. and transfers the data entry from the secure vault to a corresponding data entry on the mobile vault if the at least one data entry on the secure vault is determined to be transferable to or storable on the mobile vault.

Подробнее
Номер записи: 16
31-05-2012 дата публикации

Smartphone-Based Methods and Systems

Номер: US20120134548A1
Автор: Geoffrey B. Rhoads, Tony F. Rodriquez, William Y. Conwell
Принадлежит: Digimarc Corp

Methods and arrangements involving portable devices are disclosed. One arrangement enables a content creator to select software with which that content should be rendered—assuring continuity between artistic intention and delivery. Another arrangement utilizes the camera of a smartphone to identify nearby subjects, and take actions based thereon. Others rely on near field chip (RFID) identification of objects, or on identification of audio streams (e.g., music, voice). Some of the detailed technologies concern improvements to the user interfaces associated with such devices. Others involve use of these devices in connection with shopping, text entry, sign language interpretation, and vision-based discovery. Still other improvements are architectural in nature, e.g., relating to evidence-based state machines, and blackboard systems. Yet other technologies concern use of linked data in portable devices—some of which exploit GPU capabilities. Still other technologies concern computational photography. A great variety of other features and arrangements are also detailed.

Подробнее
Номер записи: 17
21-06-2012 дата публикации

Communication system, communication device, communication method, and computer program

Номер: US20120159575A1
Автор: Atsuko Ogasawara, Takehiko Nakano, Teruhiko Kori, Toshiharu Fukui
Принадлежит: Sony Corp

To securely transmit content through remote access via an external network, such as a WAN, while exceeding restrictions of an RTT and a TTL. A way of handling a flag for controlling remote access of content is explicitly defined, and an authentication method is explicitly defined when a content using device performs remote access. Thus, also in remote access, similarly to access of the related art in a household, a copyright protection environment of content based on the DTCP-IP is constructed.

Подробнее
Номер записи: 18
28-06-2012 дата публикации

Method and system for subscription digital rights management

Номер: US20120167229A1
Автор: Guillermo Lao
Принадлежит: Contentguard Holdings Inc

A system and method for managing use of items having usage rights associated therewith. The system includes an activation device adapted to issue a software package having a public and private key pair, the public key being associated with a user, a license device adapted to issue a license, a usage device adapted to receive the software package, receive the license and allow the user to access the item in accordance with the license, and a subscription managing device adapted to maintain a subscription list including the public key associated with the user. License's is issued by the license device upon verifying presence of the public key in the subscription list corresponding to requested content.

Подробнее
Номер записи: 19
12-07-2012 дата публикации

Method, Apparatus and System for Accessing Remote Files

Номер: US20120179731A1
Автор: Chuming Chen, Yan Lin
Принадлежит: Sangfor Networks Co Ltd

The present invention relates to a method, apparatus and system for accessing remote files, wherein the method for accessing remote files comprising the following steps: obtaining download operation information for downloading a file in an operational system server; redirecting the download operation to a file server with safety space; saving a real copy of the downloaded file in the safety space and enumerating a corresponding virtual copy in the safety space. In the present invention, local file operations are redirected to the network file operations of network file storage system by redirecting the download operation on the file in the operational system server to the file server instead of being saved in the local user terminal to realize the “Not to local” effect for the key file. Even when it is power-off and then restarted, the data will not be saved in the local user terminal to achieve an effect close to “physical-like isolation”, which solves the safety problems of the offline key file much better.

Подробнее
Номер записи: 20
12-07-2012 дата публикации

Secure portable medical information system and methods related thereto

Номер: US20120179908A1
Автор: Christopher M. Duma
Принадлежит: Datcard Systems Inc

Using a secure portable reference to medical information, stored on a portable storage medium, various embodiments allow a patient to give to their doctor an easy-to-use access key that will enable access to desired medical information stored on a computer network. The secure portable reference provides greater transportability of medical records to a patient or medical data repository including a doctor's office, clinic, or hospital, while maintaining data security to satisfy medical data privacy regulations and expectations. Some described embodiments use encrypted information inside the secure portable reference to hide, for example, who is allowed access to the stored medical information, and the network location of the stored information. Some embodiments use a secret PIN to authenticate the user attempting access to the referenced medical information. The secure portable reference contains information on network resources used to enable download access to medical information, including medical records and medical images.

Подробнее
Номер записи: 21
02-08-2012 дата публикации

Digital works having usage rights and method for creating the same

Номер: US20120198563A1
Автор: Mark J. Stefik, Peter L. T. Pirolli
Принадлежит: Contentguard Holdings Inc

Digital work adapted to be distributed within a system for controlling at least one of the distribution and use of digital works. The digital work includes digital content representing a portion of a digital work suitable for being rendered by a rendering device and usage rights associated with the digital content. The usage rights specify a manner of use indicating one or more stated purposes for which the digital work can be at least one of used and distributed by an authorized party.

Подробнее
Номер записи: 22
02-08-2012 дата публикации

Digital works having usage rights and method for creating the same

Номер: US20120198567A1
Автор: Mark J. Stefik, Peter L. T. Pirolli
Принадлежит: Contentguard Holdings Inc

Digital work adapted to be distributed within a system for controlling at least one of the distribution and use of digital works. The digital work includes digital content representing a portion of a digital work suitable for being rendered by a rendering device and usage rights associated with the digital content. The usage rights specify a manner of use indicating one or more stated purposes for which the digital work can be at least one of used and distributed by an authorized party.

Подробнее
Номер записи: 23
09-08-2012 дата публикации

Digital rights management of captured content based on capture associated locations

Номер: US20120201418A1
Автор: Gabriel A COHEN, Michael A. Paolini, Thomas A. Bellwood, Travis M. Grigsby
Принадлежит: International Business Machines Corp

A certification is received from a user stating that captured content does not comprise a particular restricted element and a request from the user for an adjustment of a digital rights management rule identified for the captured content based on the captured content comprising the particular restricted element. At least one term of the digital rights management rule is adjusted to reflect that the captured content does not comprise the particular restricted element. The usage of the captured content by the user is monitored to determine whether the usage matches the certification statement.

Подробнее
Номер записи: 24
09-08-2012 дата публикации

Systems and methods for facilitating secure transactions

Номер: US20120203665A1
Автор: Hitesh Seth, Robert E. Morgan
Принадлежит: American Express Travel Related Services Co Inc

A system for secure transactions receives an authorization request from a mobile device, the mobile device having received the authorization request by scanning a QR code and/or other encoded data. The system processes the authorization request using one or more transaction accounts that are paired to the mobile device, and transmits a response indicating approval or denial of the authorization request.

Подробнее
Номер записи: 25
09-08-2012 дата публикации

Rich media file format and delivery methods

Номер: US20120203869A1
Автор: Konstantin J. Balashov, Robert M. Caruso
Принадлежит: MARGER JOHNSON AND MCCOLLOM PC

A rich media file is a self-contained file, including both the information to be viewed by a user and the viewer that displays the information to the user. The information can be formatted however the client likes: for example, the information can be split across several pages, and can include text and still and animated images. There can also be web links to pages on a network, and e-mail forms to simplify sending an e-mail message to the client. The rich media file can include viewing limitations, so that only the proper password can unlock the file, or that the rich media file will automatically expire after a specified condition occurs. The rich media file also assists the user in obtaining the latest version of the rich media file, by offering to retrieve a newer version for the user.

Подробнее
Номер записи: 26
09-08-2012 дата публикации

Botmaster Traceback

Номер: US20120203900A1
Автор: Daniel Ramsbrock, Xinyuan Wang
Принадлежит: George Mason Intellectual Properties Inc, George Mason University

Embodiments locate a botmaster on a network. A honeynet host is configured to join a botnet and generate a watermarked packet flow by applying a watermark to an outgoing packet flow in response to commands from the botmaster. The watermark is applied to the outgoing packet flow by: choosing distinct packets from the outgoing packet flow; forming packet pair(s) from the distinct packets, that include a reference packet and an encoding packet; and encoding bits in the watermark to the packet pair(s) by increasing the length of the encoding packet when watermark bits have a predetermined value. The cooperating node(s) are configured to: inspect passing packet flows for the watermarked packet flow and generate tracking information related to detection of the watermarked packet flow. The path determination processor is configured to analyze the tracking information to locate a path taken by the watermarked packet flow.

Подробнее
Номер записи: 27
09-08-2012 дата публикации

Protecting web authentication using external module

Номер: US20120204242A1
Автор: Ram Cohen
Принадлежит: Activepath Ltd

Systems, methods, computer program products, and networks for protecting web authentication. In some examples a system for protecting web authentication includes a web client and a validator which is external to the web client. In these examples, the validator is configured to enable at least one validation item which is provided to a web server during web user authentication to be protected from possible tampering by the web client.

Подробнее
Номер записи: 28
16-08-2012 дата публикации

Method of securing communication

Номер: US20120210134A1
Автор: Navroop Mitter
Принадлежит: Individual

A method for securing data to be transmitted between a plurality of devices which includes exchanging encryption keys between first and second devices of the plurality of devices, selecting digital rights management (DRM) features for the data which is to be transmitted from the first device, encrypting the data to be transmitted and the selected digital rights management features using at least one distinct key, transmitting the encrypted data and the selected DRM features to the second device and a third device, and decrypting the encrypted data on the second device using the exchanged encryption keys and displaying the data according to the selected DRM features.

Подробнее
Номер записи: 29
16-08-2012 дата публикации

Circuit device and a communication apparatus

Номер: US20120210394A1
Автор: Akihiko Yamagata, Akira Fukada, Kenji Nakada, Shigeru Arisawa, Tadashi Morita
Принадлежит: Sony Corp

An application program relating to a process of an integrated circuit is stored in a virtual integrated circuit storage area server apparatus. Following a mutual authentication between the IC and the virtual storage area server apparatus through a portable communication function unit, the server apparatus executes the application program. Additionally, through the IC, the portable communication function unit, a wireless communication line, and a network, communicate with an IC_R/W apparatus and perform a process relating to a service in collaboration with each other.

Подробнее
Номер записи: 30
23-08-2012 дата публикации

Method and apparatus for monitoring the distribution of electronic files

Номер: US20120215811A1
Автор: Christopher James Wood, Guy Charles Tipper
Принадлежит: Media Mark Tech Ltd

A remote server is arranged to respond to a request from a user terminal for the download of a media file to cause a unique water-marked copy of a media file to be generated and sent to the user terminal. At the same time the remote server is arranged to access a seal server, which causes an electronically sealed record of the transaction to be generated and stored in a download database. Subsequently, if a suspect media file is identified the sealed record provides evidence of the original transaction which led to the water-marked copy of the media file being issued and hence the original source of the unauthorised copy of the file. Control of distributed media files can be enforced by imposing penalties in the event that unauthorised copies corresponding to the distributed water-marked media files are identified.

Подробнее
Номер записи: 31
30-08-2012 дата публикации

Cryptographic sanction server and methods for use therewith

Номер: US20120221846A1
Автор: Heyun Zheng, Paul D. Ducharme
Принадлежит: ViXS Systems Inc

A sanction server includes a network interface that receives a request for media content from a client device and transmits first sanction data to a caching server and second sanction data to the client device. A sanction processing module generates the first sanction data based on a random number and generates the second sanction data based on the random number. The caching server generates first cryptographic data based on the first sanction data and sends the first cryptographic data to the client device. The client device generates second cryptographic data based on the first sanction data and sends the second cryptographic data to the caching server. The caching server generates a scrambling control word based on the first sanction data and the second cryptographic data. The client device generates the scrambling control word based on the second sanction data and the first cryptographic data.

Подробнее
Номер записи: 32
13-09-2012 дата публикации

Wirelessly accessing broadband services using intelligent covers

Номер: US20120231766A1
Автор: Deepak Jain, Tuan Quoc Dao
Принадлежит: Device Fidelity Inc

The present disclosure is directed to a system and method for wirelessly accessing broadband services using intelligent covers. In some implementations, a cover for a consumer device includes side surfaces, a rear surface, a physical interface, a circuit, and a broadband service card. The side surfaces and a rear surface form an opening that receives at least a portion of a consumer device. A first portion of at least one of the surfaces includes a connector for connecting to a port of the consumer device. The circuit connects the physical interface to the connector. The broadband service card connected to the physical interface and accesses a service foreign through the wireless broadband network independent of the consumer device.

Подробнее
Номер записи: 33
27-09-2012 дата публикации

Root node and a computer readable medium

Номер: US20120243685A1
Автор: Shinji Yamanaka, Yasuyuki Tanaka, Yoshihiro Oba
Принадлежит: Individual

A wireless mesh network includes a plurality of nodes to which a device key is assigned. The device key belongs to one of a plurality of groups. In a root node, a correspondence relationship between the nodes and the device key thereof, and a correspondence relationship between past join nodes and a device key thereof, are stored. When a new node in the wireless mesh network is detected as a past join node, the device key assigned to the past join node is assigned to the new node again. When the new node is not the past join node, a new device key is assigned to the new node. A cipher text is generated by encrypting a message using device keys assigned to the nodes and the new node. If the number of groups to which the device keys belong is fewer, a size of the cipher text is smaller.

Подробнее
Номер записи: 34
27-09-2012 дата публикации

Encryption information transmitting terminal

Номер: US20120246473A1
Автор: Mitsuru Kanda, Takeshi Saito, Yasuyuki Nishibayashi, Yoshihiro Oba
Принадлежит: Toshiba Corp

The communication unit transmits and receives a communication message. The authentication processor performs an authentication process for establishing the network connection by transmitting and receiving an authentication message to and from an authentication server through the communication unit. The encryption information generator generates an encryption key shared with the authentication server when the authentication process is successfully completed. The first message generator generates a first communication message instructing the destination device to acquire the encryption key from the authentication server. The second message generator generates a second communication message including data to be transmitted to the destination device. The communication unit transmits the first communication message to the destination device, encrypts the second communication message with the encryption key, and transmits an encrypted second communication message to the destination device.

Подробнее
Номер записи: 35
04-10-2012 дата публикации

Methods and apparatuses for avoiding damage in network attacks

Номер: US20120254997A1
Автор: John Mattsson, Karl Norrman, Oscar OHLSSON, Vesa Petteri Lehtovirta
Принадлежит: Telefonaktiebolaget LM Ericsson AB

Methods and apparatuses in a client terminal ( 400 ) and a web server ( 402 ) for enabling safe communication between said terminal and server. When the terminal obtains a web page from the server in a session, the terminal creates a context-specific key, Ks_NAF′, based on one or more context parameters, P1, . . . Pn, pertaining to said session and/or web page. The terminal then indicates the context-specific key in a login request to the server, and the server determines a context-specific key, Ks_NAF′, in the same manner to verify the client if the context-specific key determined in the web server matches the context-specific key received from the client terminal. The context-specific key is thus bound to and valid for the present context or session only and cannot be used in other contexts or sessions.

Подробнее
Номер записи: 36
11-10-2012 дата публикации

Method and system to confirm ownership of digital goods

Номер: US20120259720A1
Автор: Frank Anthony Nuzzi
Принадлежит: eBay Inc

A method and system to confirm ownership of digital goods is provided. In one embodiment, the method comprises receiving, from a client device via a data network interface, a request for a digital good, completing one or more micro transactions with respect to a financial account, generating a code utilizing information derived from the one or more micro transactions and embedding the code into a first copy of the digital good, the code to be used to confirm ownership of the digital good.

Подробнее
Номер записи: 37
11-10-2012 дата публикации

Method and apparatus for identifying installed software and regulating access to content

Номер: US20120260353A1
Автор: Daniel Chen, Hsi-Cheng Wu, Michael Raley, Thanh Ta
Принадлежит: Contentguard Holdings Inc

A system and method for controlling use of content in accordance with usage rights associated with the content and determined in accordance with the environment of a user device. A request is received for secure content from a user device and the integrity of the environment of the user device is verified. Appropriate usage rights are retrieved based upon the results of the verification of integrity and the content is rendered on the user device in accordance with the appropriate usage rights.

Подробнее
Номер записи: 38
18-10-2012 дата публикации

Method and apparatus for providing machine-to-machine service

Номер: US20120265983A1
Автор: ALPER Yegin, Youngkyo Baek
Принадлежит: SAMSUNG ELECTRONICS CO LTD

A method and an apparatus for providing Machine-to-Machine (M2M) service are provided. A method of providing service by an M2M device includes transmitting a request for service to a Network Security Capability (NSEC), the request for service comprising a identifier of a Device Servie Capability Layer (DSCL) of the M2M device, performing an Extensible Authentication Protocol (EAP) authentication with an M2M Authentication Server (MAS) via the NSEC, and generating, if the EAP authentication is successful, a service key using a Master Session Key (MSK), a first constant string, and the identifier of the DSCL.

Подробнее
Номер записи: 39
25-10-2012 дата публикации

Multi-Factor Authentication Using A Smartcard

Номер: US20120272307A1
Автор: Mark Buer
Принадлежит: Broadcom Corp

Methods and systems are provided for non-cryptographic capabilities of a token such as a smartcard to be used as an additional authentication factor when multi-factor authentication is required. Smartcards are configured to generate a transaction code each time a transaction is attempted by the smartcard. The transaction code is dynamic, changing with each transaction, and therefore is used as a one-time password. When a user attempts to access a service or application requiring at least two authentication factors, a secure processor is used to read transaction code from the smartcard. The secure processor establishes a secure communication with the remote computer hosting the service or application. The transaction code can then be encrypted prior to transmission over the public Internet, providing an additional layer of security.

Подробнее
Номер записи: 40
08-11-2012 дата публикации

Method for facilitating access to a first access nework of a wireless communication system, wireless communication device, and wireless communication system

Номер: US20120284785A1
Автор: Apostolis K. Salkintzis, Kenneth A. Stewart
Принадлежит: MOTOROLA MOBILITY LLC

A method for facilitating access to a first access network ( 110 ) of a wireless communication system ( 100 ) comprises authenticating ( 300 ) a wireless communication device ( 102 ) with a second access network ( 104 ) and generating temporary access credentials using access information provided by the second access network ( 104 ). The wireless communication device ( 102 ) then transforms ( 302 ) the temporary access credentials and an identifier of the first access network ( 110 ) to provide first transformed access credentials which are transmitted ( 304 ) for performing authentication with the first access network ( 110 ). The identifier of the first access network ( 110 ) is provided to the second access network ( 104 ) which generates ( 308 ) second transformed access credentials using the identifier of the first access network ( 110 ) and the temporary access credentials. Authentication is performed ( 310 ) with the first access network ( 110 ), which includes comparing the first transformed access credentials with the second transformed access credentials and allowing access to the first access network ( 110 ) when the first transformed access credentials and the second transformed access credentials are substantially the same. A wireless communication device, and a wireless communication system are also disclosed and claimed.

Подробнее
Номер записи: 41
15-11-2012 дата публикации

Method and System for Allocating Access to Digital Media Content

Номер: US20120291140A1
Автор: Arnaud Robert, David Diner, Maja Todorovic, Robert Schonfeld, Shih-Ta (Thomas) Peng
Принадлежит: Disney Enterprises Inc

There is provided a method and system for allocating an entitlement to digital media content. In one implementation, the system includes a media server accessible over a communications network and configured to utilize a processor to issue the entitlement including a transferable authorization to access the digital media content to a first user, and to store an entitlement record identified with the first user and authorizing access to the digital media content by the first user in a memory of the media server. The media server is further configured to receive a communication including a data corresponding to the transferable authorization to access the digital media content from a second user and to update the entitlement record to authorize access to the digital media content by the second user.

Подробнее
Номер записи: 42
29-11-2012 дата публикации

Systems and Methods for Encrypting Mobile Device Communications

Номер: US20120300932A1
Автор: Brent Dewayne Adkisson, Brian Kean, Devin Michael Cambridge, Norman Theodore Davis, JR., Stephen M. Meyers
Принадлежит: First Data Corp

Embodiments of the invention can provide systems and methods for encrypting mobile device communications. According to one example embodiment of the invention, a method for encrypting mobile device communications is provided. The method can include generating, by a first application stored on a first memory of a mobile device, a message to be communicated to an intended recipient; providing, by the first application to an authentication application stored on a second memory of the mobile device, the message; encrypting, by the authentication application, the message; providing, by the authentication application to the first application, the encrypted message; and directing, by the first application, communication of the message to the intended recipient.

Подробнее
Номер записи: 43
29-11-2012 дата публикации

Arranging data ciphering in a wireless telecommunication system

Номер: US20120300934A1
Автор: Juha Ala-Laurila, Jukka-Pekka Honkanen, Jyri Rinnemaa
Принадлежит: Individual

Arranging data ciphering in a telecommunication system comprising at least one wireless terminal, a wireless local area network and a public land mobile network. At least one first ciphering key according to the mobile network is calculated in the mobile network and in the terminal for a terminal identifier using a specific secret key for the identifier. Data transmission between the mobile network and the terminal is carried out through the wireless local area network. A second ciphering key is calculated in the terminal and in the mobile network using said at least one first ciphering key. The second ciphering key is sent from the mobile network to the wireless local area network. The data between the terminal and the network is ciphered using said second ciphering key.

Подробнее
Номер записи: 44
29-11-2012 дата публикации

Systems and Methods for Authenticating Mobile Devices

Номер: US20120303961A1
Автор: Brent Dewayne Adkisson, Brian Kean, Devin Michael Cambridge, Norman Theodore Davis, JR., Roger Lynn Musfeldt, Stephen M. Meyers
Принадлежит: First Data Corp

Embodiments of the invention provide systems and methods for authenticating mobile devices. A registration request and identifying information for a mobile device or a secure element associated with the mobile device may be received. Based upon the received identifying information and a base level key, a rotated key for the mobile device may be determined. The determined rotated key may then be provided to the mobile device, and the rotated key may be utilized for subsequent authentication of the mobile device.

Подробнее
Номер записи: 45
13-12-2012 дата публикации

System and Method for Extracting Device Uniqueness to Assign a License to the Device

Номер: US20120317418A1
Автор: Darrell Rosser, Gang Liu, Jason C. Dale, Marshal F. Savage, Michael Brundridge, Sruthi Mothukupally
Принадлежит: Dell Products LP

An information handling system includes a device, a controller, and a license manager subsystem. The controller is configured to determine whether the device has a license assigned and to extract a unique identification for the device in response to a request for information about the device. The license manager subsystem is configured to send the request for information about the device to the controller, to send the unique identification for the device to a license server as a request for the license for the device, to receive the license from the license server, and to assign the license to the device when the license is received.

Подробнее
Номер записи: 46
13-12-2012 дата публикации

System and method for utilizing content in accordance with usage rights

Номер: US20120317660A1
Автор: Mark J. Stefik, Peter L.T. Pirolli
Принадлежит: Contentguard Holdings Inc

Apparatus, method, and media for utilizing content. An exemplary method comprises storing a description structure comprising one or more usage rights, storing content associated with the one or more usage rights, receiving a request for the content, the request corresponding to a utilization of the content, determining whether the utilization corresponds to at least one of the one or more usage rights, determining whether the computing device is an authorized device, and utilizing the content in accordance with the at least one of the one or more usage rights based at least in part on a determination that the utilization corresponds to the at least one of the one or more usage rights and a determination that the computing device is an authorized device.

Подробнее
Номер записи: 47
20-12-2012 дата публикации

Information processing apparatus, terminal apparatus and information processing method

Номер: US20120324544A1
Автор: Dai Kanetomo
Принадлежит: NEC Corp

This invention is directed to achievement of a content sharing with a high level of safety by restricting the other end of communication with which contents are shared. An information processing apparatus, which can communicate with first and second terminal apparatuses, manages an access right required for the user of the first terminal apparatus to access contents on a network. The information processing apparatus determines whether a communication, in which the other party of communication is specified, is performed between the first and second terminal apparatuses. In the case of being determined that the first and second terminal apparatuses is performing the communication with each other, the information processing apparatus utilizes the access right to permit an access from the second terminal apparatus to the contents.

Подробнее
Номер записи: 48
20-12-2012 дата публикации

System and Method for Processing and Protecting Content

Номер: US20120324583A1
Автор: Jeffrey Douglas Carr
Принадлежит: Broadcom Corp

Systems and methods that process and protect content are provided. In one example, a system may include, for example, a first device coupled to a second device. The first device may include, for example, an integrated circuit that may include a content processing system and a security system. The security system may include, for example, a digital rights manager. The first device and the second device may be part of a network. The network receives content and control information via the first device. The content processing system processes incoming content based upon at least the control information. The integrated circuit protects the content before placing the content on the network.

Подробнее
Номер записи: 49
03-01-2013 дата публикации

Methods and systems for providing a secure electronic mailbox

Номер: US20130006731A1
Автор: Cathy M. Rogerson, Christine Ray, Jon L. Cook
Принадлежит: US Postal Service (USPS)

A secure electronic mailbox is provided to a customer having an electronic account. The electronic account links the secure electronic mailbox to a physical address of the customer. The customer can send and receive secure and non-secure messages via the secure electronic mailbox. The customer can also access electronic services such as electronic bill presentment and payment using the secure electronic mailbox.

Подробнее
Номер записи: 50
03-01-2013 дата публикации

Near-field communication based payment methods

Номер: US20130006872A1
Автор: Madhuri CHANDOOR, Nicolas Groleau
Принадлежит: Individual

A method of performing a payment transaction is provided. Transaction information is received from a payee, which has been provided to the payee by a payor using near-field communications and includes a payment amount and payee account information. A transaction authentication request is sent to the payor, and, after a transaction authentication is received from the payor, the payment amount is sent to the payee. After the payment has been completed, a payment confirmation is sent to the payor. A method for processing a payment transaction using a generated remittance key is also provided. The remittance key, which includes an encrypted alphanumeric key having a payment amount and payment provider account information for a payor, is generated and transmitted to a payee who, in turn, transmits the remittance key to a remittance agent. The remittance agent transmits the remittance key and a payment request to a payment provider who processes the request and transmits a payment to the payee.

Подробнее
Номер записи: 51
31-01-2013 дата публикации

System and method for media transcoding and presentation

Номер: US20130028416A1
Автор: Dennis R. Flaharty, Gregory J. Gagnon, Ronald P. Cocchi
Принадлежит: SYPHERMEDIA INTERNATIONAL Inc

A method and apparatus for presenting a media data stream complying with a broadcast encryption standard is disclosed. A dongle is removably coupleable to a rendering device, with the dongle performing transcoding so as to allow presentation of the media in a secure manner without modification of the rendering device software or hardware.

Подробнее
Номер записи: 52
31-01-2013 дата публикации

Url-based certificate in a pki

Номер: US20130031361A1
Автор: James Semple, Paul Neil Fahn
Принадлежит: Certicom Corp

A method of requesting and issuing a certificate from certification authority for use by an initiating correspondent with a registration authority is provided. The initiating correspondent makes a request for a certificate to the registration authority, and the registration authority sends the request to a certificate authority, which issues the certificate to the registration authority. The certificate is stored at a location in a directory and this location is associated with a pointer such as uniform resource locator (URL) that is derived from information contained in the certificate request. The initiating correspondent computes the location using the same information and forwards it to other corespondents. The other correspondents can then locate the certificate to authenticate the public key of the initiating correspondent.

Подробнее
Номер записи: 53
28-02-2013 дата публикации

Coordinated detection of a grey-hole attack in a communication network

Номер: US20130055383A1
Автор: Jean-Philippe Vasseur, Jonathan W. Hui, Shmuel Shaffer
Принадлежит: Cisco Technology Inc

In one embodiment, a security device receives one or more first unique identifications of packets sent by a first device to a second device for which a corresponding acknowledgment was purportedly returned by the second device to the first device. The security device also receives one or more second unique identifications of packets received by the second device from the first device and acknowledged by the second device to the first device. By comparing the first and second unique identifications, the security device may then determine whether acknowledgments received by the first device were truly returned from the second device based on whether the first and second unique identifications exactly match.

Подробнее
Номер записи: 54
28-02-2013 дата публикации

Method and system for tracking machines on a network using fuzzy guid technology

Номер: US20130055388A1
Автор: David G. Jones, Scott Thomas
Принадлежит: ThreatMETRIX PTY LTD

A method for querying a knowledgebase of malicious hosts numbered from 1 through N. The method includes providing a network of computers, which has a plurality of unknown malicious host machines. In a specific embodiment, the malicious host machines are disposed throughout the network of computers, which includes a world wide network of computers, e.g., Internet. The method includes querying a knowledge base including a plurality of known malicious hosts, which are numbered from 1 through N, where N is an integer greater than 1. In a preferred embodiment, the knowledge base is coupled to the network of computers. The method includes receiving first information associated with an unknown host from the network; identifying an unknown host and querying the knowledge base to determine if the unknown host is one of the known malicious hosts in the knowledge base. The method also includes outputting second information associated with the unknown host based upon the querying process.

Подробнее
Номер записи: 55
14-03-2013 дата публикации

Method and apparatus for key sharing over remote desktop protocol

Номер: US20130067229A1
Автор: Eric T. Marshall, Richard W. German, Tony E. Thompson
Принадлежит: Stoneware Inc

Various methods for the secure exchange of private keys for authenticating a user to an RDP service are provided. One example method may comprise receiving a request comprising a session token to provide a user with access to an RDP service, and retrieving a username and password associated with the user using the session token. The method may further comprise assigning a time period of validity to the password. Furthermore, the method may comprise generating a first secret key based on user information, generating a second secret key based on the first secret key and a salt, and encrypting a packet comprising the password and the time period using the second secret key. Additionally, the method may comprise transmitting the username and encrypted packet to the device for authenticating the user with the requested RDP service. Similar and related example methods, apparatuses, systems, and computer program products are also provided.

Подробнее
Номер записи: 56
16-05-2013 дата публикации

System And Method For A Single Request And Single Response Authentication Protocol

Номер: US20130124856A1
Автор: Mathew J. Poling, Sunil Agrawal
Принадлежит: Adobe Systems Inc

Various embodiments of a system and method for a single request and single response authentication protocol are described. A client may send to an authentication server a request to authenticate the identity of a user attempting to access an electronic document protected by a rights management policy. The single request may be generated according to rights management configuration information included within the document. Such rights management information may include one or more parameters for requesting authentication from an authentication server. In response to the request, an authentication server may send a single response to the client. The single response may include information indicating that the identity is authenticated (e.g., a license to access the document, or an encryption key to decrypt the document). The client system may be configured to, in response to the single response, provide access to the document according to the rights management policy.

Подробнее
Номер записи: 57
23-05-2013 дата публикации

Method and apparatus for managing time-limited contents in an electronic device

Номер: US20130132908A1
Автор: Boran Lee, Sihak JANG, Yuran Kim
Принадлежит: SAMSUNG ELECTRONICS CO LTD

A time-limited content management method and device for presenting the types and expiry dates of time-limited contents at a side of the content view screen and an execution screen is provided in order for the user to manage the time-limited contents efficiently as intended. The time-limited content management method of an electronic device according to the present invention includes requesting for displaying at least one time-limited content; and displaying a view screen having the at least one content arranged in response to the request, wherein the view screen comprises type and expiry period information of the at least one time-limited content. The time-limited content management method and device is capable of displaying the type and expiry period of the executed time-limited content at a side of the content execution screen so as to facilitate management of the time-limited contents.

Подробнее
Номер записи: 58
23-05-2013 дата публикации

Method, apparatus and system for preventing ddos attacks in cloud system

Номер: US20130133068A1
Автор: Wu Jiang
Принадлежит: Huawei Technologies Co Ltd

A method, an apparatus and a system for preventing DDoS (Distributed Denial of Service) attacks in a cloud system. The method for preventing DDoS attacks in a cloud system includes: monitoring, by a protection node in a cloud system, data traffic input into virtual machines, where the cloud system includes the protection node and multiple virtual machines, and data streams communicated between the virtual machines pass through the protection node; extracting data streams to be input into virtual machines if it is detected that the data traffic input into the virtual machines is abnormal; sending the extracted data streams to a traffic cleaning apparatus for cleaning; receiving the data streams cleaned by the traffic cleaning apparatus; and inputting the cleaned data streams into the virtual machines. The technical solutions provided in the embodiments of the present disclosure can effectively prevent DDoS attacks between virtual machines in the cloud system.

Подробнее
Номер записи: 59
30-05-2013 дата публикации

Contextual use and expiration of digital content

Номер: US20130139269A1
Автор: Anoop Balakunthalam, Gaurav Soni, Khurshidali Shaikh, Ravi Petlur, Shafeeq Ahmed
Принадлежит: EMPIRE TECHNOLOGY DEVELOPMENT LLC

Technologies related to contextual use and expiration of digital content are generally described. In some examples, a receiving device may connect with a sponsoring device having the digital content. A relationship property defines a relationship context between the receiving device and the sponsoring device. The receiving device may receive the digital content from the sponsoring device and use the digital content so long as allowed, as determined with reference to the relationship property.

Подробнее
Номер записи: 60
06-06-2013 дата публикации

Methods, Systems, Devices, and Products for Authenticating Users

Номер: US20130142404A1
Автор: Brian M. NOVACK, Daniel L. Madsen
Принадлежит: AT&T INTELLECTUAL PROPERTY I LP

Enhanced biometric authentication is achieved by combining a user's inherent biometric data with the user's knowledge of a secret glyph. In one embodiment, a touchpad is provided on which the user may use a finger to indicate a plurality of strokes that form a distinct glyph. Image stabilization may be used to extract a readable fingerprint from the strokes, and the glyph and finger print are matched to a stored profile. The glyph may be one or more alphanumeric characters that represent a password. The user can then enter the password on the touch pad with his finger. If the fingerprint and password both match, the user is authenticated.

Подробнее
Номер записи: 61
13-06-2013 дата публикации

Device using secure processing zone to establish trust for digital rights management

Номер: US20130152180A1
Автор: Kevin J. Ma, Mikhail Mikhailov, Raj Nair
Принадлежит: Azuki Systems Inc

A DRM client on a device establishes trust with a DRM server for playback of digital content. The client executes in a secure execution environment, and the process includes (1) securely loading loader code from secure programmable memory and verifying it using a digital signature scheme and first key securely stored in the device; (2) by the verified loader code, loading DRM client code from the memory and verifying it using a digital signature scheme and second key included in the loader code; (3) by the verified DRM client code (a) obtaining a domain key from the memory; (b) encrypting the domain key with a device identifier using a DRM system key included in the DRM client code; and (c) sending the encrypted domain key and device identifier to the DRM server, whereby the device becomes registered to receive content licenses via secure communications encrypted using the domain key.

Подробнее
Номер записи: 62
27-06-2013 дата публикации

Methods and Apparatus for Key Delivery in HTTP Live Streaming

Номер: US20130163758A1
Автор: Kelly Yoshikazu Kishore, Srinivas R. Manapragada, Viswanathan Swaminathan
Принадлежит: Adobe Systems Inc

A key delivery mechanism that delivers keys to an OS platform (e.g., iOS platform) devices for decrypting encrypted HTTP live streaming data. An HTTPS URL for a stateless HTTPS service is included in the manifest for an encrypted HTTP live stream obtained by an application (e.g., a browser) on an OS platform device. The URL includes an encrypted key, for example as a query parameter value. The application passes the manifest to the OS. The OS contacts the HTTPS service to obtain the key using the URL indicated in the manifest. Since the encrypted key is a parameter of the URL, the encrypted key is provided to the HTTPS service along with information identifying the content. The HTTPS service decrypts the encrypted key and returns the decrypted key to the OS over HTTPS, thus eliminating the need for a database lookup at the HTTPS service.

Подробнее
Номер записи: 63
04-07-2013 дата публикации

Methods for identifying network traffic characteristics to correlate and manage one or more subsequent flows and devices thereof

Номер: US20130173779A1
Автор: Dmitry ROVNIAGUIN, Ephraim Dan, Ron Talmor
Принадлежит: F5 Networks Inc

A method, non-transitory computer readable medium, and device that identifies network traffic characteristics to correlate and manage one or more subsequent flows includes transmitting a monitoring request comprising one or more attributes extracted from an HTTP request received from a client computing device and a timestamp to a monitoring server to correlate one or more subsequent flows associated with the HTTP request. The HTTP request is transmitted to an application server after receiving an acknowledgement response to the monitoring request from the monitoring server. An HTTP response to the HTTP request is received from the application server. An operation with respect to the HTTP response is performed.

Подробнее
Номер записи: 64
04-07-2013 дата публикации

Method for sharing secret values between sensor nodes in multi-hop wireless communication network

Номер: US20130173910A1
Автор: Choong Seon Hong, Eung Jun Cho, Hee Bum Pyun
Принадлежит: Intellectual Discovery Co Ltd

A method for sharing a secret key between a source node and a destination node includes (a) adding, at each forward intermediate node, a secret key between the forward intermediate node and a node before the forward intermediate node to the secret key sharing request message; (b) generating a shared secret key between the source node and the destination node from the secret key between the forward intermediate node and the node before the forward intermediate node added in the secret key sharing request message; (c) adding, at each backward intermediate node, a secret key between the backward intermediate node and a node before it to the secret key sharing response message; and (d) generating the shared secret key between the destination node and the source node from the secret key between the backward intermediate node and the node before it added in the secret key sharing response message.

Подробнее
Номер записи: 65
04-07-2013 дата публикации

Systems and methods for detecting similarities in network traffic

Номер: US20130174253A1
Автор: Matthew Thomas, Nipun Jawalkar
Принадлежит: Verisign Inc

A system, computer-readable medium, and method for identifying similarities in network traffic are provided. Hash values are calculated from Internet Protocol (IP) addresses in a group of IP addresses that request a domain name, a hash signature is generated from the hash values and paired with the domain name, and the domain name is then clustered with another domain name having a paired hash of the same value. The clustered domain names are then extracted and used in a similarity calculation.

Подробнее
Номер записи: 66
04-07-2013 дата публикации

Digital rights management (drm) service control method, apparatus, and system

Номер: US20130174278A1
Автор: Xiaoyu Cui, Zhi Tang
Принадлежит: Beijing Founder Apabi Technology Co Ltd, Founder Information Industry Holdings Co Ltd, PEKING UNIVERSITY, Peking University Founder Group Co Ltd

A digital rights management service control method, including: receiving an authorization file request transmitted from a client terminal for a selected service operation; obtaining an authorization file template matching an authorization type included in the authorization file request; generating, based on the obtained authorization file template, an authorization file including digital resource feature information included in the authorization file request and rights feature information; and transmitting the generated authorization file to the client terminal.

Подробнее
Номер записи: 67
15-08-2013 дата публикации

Electronic device and method for resetting unlocking password of the electronic device

Номер: US20130212657A1
Автор: Yong-Liang Lu
Принадлежит: Futaihua Industry Shenzhen Co Ltd, Hon Hai Precision Industry Co Ltd

A computerized method resets an unlocking password of an electronic device. Verification information used for resetting a first unlocking password currently used for unlocking the electronic device, and a destination for receiving a second unlocking password in place of the first unlocking password are preset in the electronic device. A request message from a terminal device is monitored in real-time, and checked for the inclusion of the verification information. The second unlocking password is generated, the first unlocking password of the electronic device is replaced by the second unlocking password, and the second unlocking password is sent to the destination if the verification information is included in the request message.

Подробнее
Номер записи: 68
22-08-2013 дата публикации

Managing a ddos attack

Номер: US20130219502A1
Автор: Clark D. Jeffries, Kevin D. Himberger, Robert W. Danford, Terry D. Escamilla
Принадлежит: International Business Machines Corp

A method, system, and/or computer program product manages a distributed denial of service attack in a multiprocessor environment. A determination is made of (a) a first upper threshold for a normal number of packets from the multiprocessor environment to multiple destination addresses, (b) a second upper threshold for a normal ratio of the packets from the multiprocessor environment to a single destination address compared to the packets from the multiprocessor environment to the multiple destination addresses, and (c) a third upper threshold for a normal ratio of packets from the multiprocessor environment to a single port at a single destination address compared to packets from the multiprocessor environment to the multiple destination addresses. In response to the first and second thresholds being exceeded, a specific port is monitored to determine if the third upper threshold is being exceeded at that port, thus indicating an apparent distributed denial of service attack.

Подробнее
Номер записи: 69
29-08-2013 дата публикации

Method for synchronous encryption between a client and a licensing agent

Номер: US20130227282A1
Автор: Christopher D. Coley, Ralph E. Wesinger, Jr.
Принадлежит: Individual

A licensing system is disclosed for performing synchronous encryption with a client over an IP-compliant network. In disclosed embodiments, the system includes a licensing agent configured to pass a data structure unencrypted in an initial communication between the licensing agent/client pair and pass a first key to said client responsive to an initial communication. The licensing agent then receives the data structure from the client having designated fields encrypted according to the first key. The licensing agent then sends a second key to the client for use in subsequent communications.

Подробнее
Номер записи: 70
12-09-2013 дата публикации

Method, system and mobile device employing enhanced user authentication

Номер: US20130239202A1
Автор: Neil Patrick Adams, Richard Paul Sibley
Принадлежит: Research in Motion Ltd

The described embodiments relate generally to methods and systems for user authentication for a computing device. In one embodiment, the method comprises: enabling receipt of input in relation to selection of a plurality of authenticators for consecutive use by the computing device to authenticate a user; and storing reference information identifying the selected plurality of authenticators in a memory of the computing device. The computing device may comprise a mobile device.

Подробнее
Номер записи: 71
03-10-2013 дата публикации

Systems and methods for automated malware artifact retrieval and analysis

Номер: US20130263266A1
Автор: Daniel Raygoza, Hermes Bojaxhi, Joseph Drissel
Принадлежит: Cyber Engr Services Inc

An automated malware analysis method is disclosed which can perform receiving a first universal resource locator identifying a first intermediate network node, accessing the first intermediate network node to retrieve a first malware artifact file, storing the malware artifact file in a data storage device, analyzing the malware artifact file to identify a second universal resource locator within the malware artifact file, and accessing a second intermediate network node to retrieve a second malware artifact file.

Подробнее
Номер записи: 72
03-10-2013 дата публикации

System and method for rules-based control of custody of electronic signature transactions

Номер: US20130263283A1
Автор: Donald G. Peterson, Doug Rybacki, Duane E. Wald
Принадлежит: Docusign Inc

Techniques for electronic signature processes are described. Some embodiments provide an electronic signature service (“ESS”) configured to facilitate the creation, storage, and management of electronic signature documents. In one embodiment, an electronic signature document may be associated with custody transfer rules that facilitate transfers of custody of an electronic signature document from one user or party to another. A custody transfer may results in a transfer of rights or capabilities to operate upon (e.g., modify, view, send, delete) an electronic signature document and/or its associated data. A custody transfer rule may be trigged by the occurrence of a particular event, such as the receipt of an electronic signature.

Подробнее
Номер записи: 73
10-10-2013 дата публикации

Apparatus, systems and methods to communicate authorized programming between a receiving device and a mobile device

Номер: US20130268959A1
Автор: Thomas S. Taylor
Принадлежит: EchoStar Technologies L.L.C.

A mobile device embodiment communicates program distribution account information to a program distributor. The mobile device embodiment receives from the program distributor, authorization to use programming that is conditioned on the communicated program distribution account information. The mobile device embodiment communicates the authorization to a receiving device.

Подробнее
Номер записи: 74
17-10-2013 дата публикации

System and method for secure remote access

Номер: US20130275754A1
Автор: He Zhu, Randy Kuang, Robert Frank STEKLASA, Stanislus Kisito Xavier, Stephen George WILSON
Принадлежит: INBAY TECHNOLOGIES Inc

System, method, and apparatus for providing access to remote computing services are described. The method includes authenticating a user and a client device; establishing a connection to a server computer including: a server program executing on the server computer detecting the connection; the server program creating a blocking process on the server computer to block access of the user to a service on the connection, authorizing, using a client program executing on the client device and the server program, the user to use the service on the server computer including: terminating the blocking process, the user using the service; and the user closing the connection to the server computer. Embodiments of the present invention provide secure remote access to computing services.

Подробнее
Номер записи: 75
24-10-2013 дата публикации

Multi-factor mobile transaction authentication

Номер: US20130282589A1
Автор: David L. Shoup, Robert O'farrell
Принадлежит: Conductiv Software Inc

Disclosed are authentication systems and techniques that can automatically recognize, validate, and utilize different types of information including user information, device information, and network information. Each of these types of information is processed with a unique algorithm and then is encrypted for security purposes. The processed and encrypted information are then used as components of a multi-factor authentication process. During an actual authentication transaction, these unique identifiers are used along with real-time personal identification methods including, but not limited to, biometrics and/or a personal identification number (the “PIN”), to complete the authentication process between two devices. A backend server communicates to both the devices to create a highly secure closed-loop authentication process. This authentication process can be used to interface with other processes or systems to enable customer identification, payment processing or any other business process that can benefit from a secure, positive identification authentication capability.

Подробнее
Номер записи: 76
24-10-2013 дата публикации

Protected Distribution And Location Based Aggregation Service

Номер: US20130283036A1
Автор: Gregory M. Evans, Hugh Svendsen, Olivia Marie Marsh
Принадлежит: Lemi Tech LLC

A system for and method of per access-point streaming media customization and privacy protected feedback in a wireless network. The system is operative to: encrypt real time streamed media content from a streaming media source; multicast the streamed encrypted media content for availability to a user device for playback, the user device sending out unicast responses at the time of joining or dropping the multicast; aggregate the unicast responses in the form of a connect multicast state or a disconnect multicast state of the user device based on the joining or dropping of the multicast; and provide information back to the streaming media source based on the aggregated unicast responses.

Подробнее
Номер записи: 77
31-10-2013 дата публикации

System and Method for Run-Time Attack Prevention

Номер: US20130291103A1
Автор: Andy Davenport, Hunter King, Jon R. Ramsey
Принадлежит: Dell Products LP

Preventing attacks on a computer at run-time. Content that is configured to access at least one function of a computer is received by the computer. Protections corresponding to the function are added to the content, wherein the protections override the function. The content and the protections are then transmitted to the computer. The function may expose a vulnerability of the computer, and arguments passed to the function may exploit that vulnerability. The protections are executed when the content is executed, and determine whether the arguments the content passed into the function represent a threat. In response to determining that the arguments represent a threat, execution of the content is terminated without executing the function.

Подробнее
Номер записи: 78
05-12-2013 дата публикации

Cryptographic method

Номер: US20130326235A1
Автор: Gisela Meister
Принадлежит: Giesecke and Devrient GmbH

In a cryptographic method between a portable data carrier and a terminal device there are employed a public data-carrier key and a secret data-carrier key of the data carrier as well as a public terminal key and a secret terminal key of the terminal device. The data carrier employs as a public data-carrier key a static public key. As a secret data-carrier key the data carrier employs a secret key that is derived from a secret basic key associated with the public data-carrier key. Within the framework of the method, the terminal device checks an authentication parameter associated with the data carrier and different from the data-carrier keys.

Подробнее
Номер записи: 79
26-12-2013 дата публикации

Ciphering as a part of the multicast concept

Номер: US20130343540A1
Автор: Antti-pentti Vainio, Jan Kall, Kimmo Kettunen, Niina Karhuluoma, Sinikka Sarkkinen, Valtteri Niemi
Принадлежит: Nokia Oyj

The invention proposes a method for transmitting a message to a plurality of user entities in a network by using a multicast service, comprising the steps of encrypting a multicast message by using ciphering, and sending the encrypted multicast message to the plurality of user entities simultaneously. The invention also proposes a corresponding multicast service control device and a corresponding user entity.

Подробнее
Номер записи: 80
02-01-2014 дата публикации

Establishing secure, mutually authenticated communication credentials

Номер: US20140006783A1
Автор: Eric D. Tribble, HAO Zhang, Jeffrey B. Kay, Malcolm E. Pearson
Принадлежит: Microsoft Corp

Establishing secure, mutually authenticated communication between a trusted network and a perimeter network. Servers on the perimeter network may be securely and automatically configured to communicate with the trusted network. Servers not functioning properly may be stopped from communicating with the other servers. Credential information relating to a perimeter server may be automatically, and regularly, updated without intervention.

Подробнее
Номер записи: 81
09-01-2014 дата публикации

Method and System for Allocating Access to Digital Media Content

Номер: US20140013448A1
Автор: Arnaud Robert, David Diner, Maja Todorovic, Robert Schonfeld, Shin-Ta (Thomas) Peng
Принадлежит: Disney Enterprises Inc

There is provided a method and system for allocating an entitlement to digital media content. In one implementation, the system includes a media server accessible over a communications network and configured to utilize a processor to issue the entitlement including a transferable authorization to access the digital media content to a first user, and to store an entitlement record identified with the first user and authorizing access to the digital media content by the first user in a memory of the media server. The media server is further configured to receive a communication including a data corresponding to the transferable authorization to access the digital media content from a second user and to update the entitlement record to authorize access to the digital media content by the second user.

Подробнее
Номер записи: 82
23-01-2014 дата публикации

Wirelessly accessing broadband services using intelligent covers

Номер: US20140024342A1
Автор: Deepak Jain, Tuan Quoc Dao
Принадлежит: Device Fidelity Inc

The present disclosure is directed to a system and method for wirelessly accessing broadband services using intelligent covers. In some implementations, a cover for a consumer device includes side surfaces, a rear surface, a physical interface, a circuit, and a broadband service card. The side surfaces and a rear surface form an opening that receives at least a portion of a consumer device. A first portion of at least one of the surfaces includes a connector for connecting to a port of the consumer device. The circuit connects the physical interface to the connector. The broadband service card connected to the physical interface and accesses a service foreign through the wireless broadband network independent of the consumer device.

Подробнее
Номер записи: 83
06-02-2014 дата публикации

Methods and apparatus for sharing, transferring and removing previously owned digital media

Номер: US20140041058A1
Автор: Amihai Viks, John M. Ossenmacher, Lawrence S. Rogel, Micha Moffie
Принадлежит: Redigi Inc

The invention provide systems and methods for management of digital media objects, comprising first and second client digital data processors (e.g., personal (or private) computers, laptops, dedicated music devices, electronic book readers, and so forth) that are in communications coupling with one or more stores (e.g, dedicated disk drives, flash drives, cloud storage, etc.). At least one digital media object (DMO) or copy thereof is stored in one or more of those stores and is accessible by at least one of the first and second client digital data processors.

Подробнее
Номер записи: 84
20-02-2014 дата публикации

Attack resistant continuous network service trustworthiness controller

Номер: US20140053269A1
Автор: Anup K. Ghosh, Arun Sood, Yih Huang
Принадлежит: George Mason Research Foundation Inc

An attack resistant continuous network service trustworthiness controller comprising: state estimation module(s), response selection module(s), actuation module(s), and client dispatcher communication module(s) for maintaining the availability and integrity of online server(s). The state estimation module(s) are configured to generate state estimate(s) for online server(s) using behavior data obtained using sensor module(s). The response selection module(s) are configured to determine corrective action(s) to maintain the availability and integrity of online server(s) when state estimate(s) indicate that the integrity of an online server(s) is compromised. The actuation module(s) are configured to activate actuator(s) based upon the corrective action(s). Client dispatcher communication module(s) are configured to communicate online server availability information to a client dispatcher.

Подробнее
Номер записи: 85
27-02-2014 дата публикации

Privacy broker

Номер: US20140059658A1
Автор: Martin Stecher
Принадлежит: McAfee LLC

A brokered authentication request is received corresponding to an interaction between a particular user and a particular online entity. An identity provider corresponding to the particular user is identified that stores user data identifying the particular user. Confirmation is received that the identity provider has authenticated the particular user to a user profile maintained by the identity provider and a unique persistent user identifier is generated for the particular user that is unique within a system to a pairing of the first user with the first entity. The user identifier is caused to be communicated to the first entity for authenticating the first user in interactions with the first entity.

Подробнее
Номер записи: 86
06-03-2014 дата публикации

Method and apparatus for proactive notifications based on the location of a user

Номер: US20140067649A1
Автор: A. Kranthi MITRA, Pallipuram V. Kannan, Santhosh Kumar ARJUNAN
Принадлежит: 24/7 Customer Inc

The location of a user is obtained and, based on the location of the user and services available to, or requested by the user, a notification handler sends appropriate notifications to the user.

Подробнее
Номер записи: 87
06-03-2014 дата публикации

Two-factor authentication systems and methods

Номер: US20140068723A1
Автор: Evan Tyler GRIM, Josh Alexander
Принадлежит: Toopher Inc

Systems and methods for authenticating defined user actions over a computer network. An authentication service receives an authentication request from an authenticating service to perform an action on behalf of a user. The authentication service then sends a permission request to a mobile device associated with the user, asking the user whether or not the action should be allowed. The user sends a permission response via the mobile device to the authentication service, granting or denying the action. The user may automate future similar responses so long as at least one automation criterion is met (e.g., the physical location of the mobile device), eliminating the need to manually provide a response to future permission requests. Information necessary to determine whether the automation criterion is met is stored locally on the mobile device.

Подробнее
Номер записи: 88
13-03-2014 дата публикации

Trust services for securing data in the cloud

Номер: US20140075184A1
Автор: Andrey Shur, Dmitry Denisov, Gitika Aggarwal Saubhasik, Irina Gorbach, Lars Kuhtz, Michael Entin, Michael Ray Clark, Roy Peter D'Souza, Sumalatha Adabala, Venkatesh Krishnan
Принадлежит: Microsoft Corp

Embodiments are directed to securing data in the cloud, securely encrypting data that is to be stored in the cloud and to securely decrypting data accessed from the cloud. In one scenario, an instantiated trust service receives information indicating that a trust server is to be instantiated. The trust service instantiates the trust server, which is configured to store key references and encrypted keys. The trust service receives the public key portion of a digital certificate for each publisher and subscriber that is to have access to various specified portions of encrypted data. A data access policy is then defined that specifies which encrypted data portions can be accessed by which subscribers.

Подробнее
Номер записи: 89
27-03-2014 дата публикации

Key derivation

Номер: US20140087691A1
Автор: Nicholas Bone, Steven Babbage
Принадлежит: Vodafone IP Licensing Ltd

To facilitate a change in network authentication key (Ki) for use by a smart card (SIM) during authentication on a cellular telecommunications network, there is provided a smart card management scheme that combines key derivation with over the air (OTA) provisioning. This scheme ensures both that the Ki is never transmitted OTA and that the Ki is stored in two locations only: on the SIM and at an authentication centre (AuC).

Подробнее
Номер записи: 90
06-01-2022 дата публикации

Authentication to Authorization Bridge Using Enriched Messages

Номер: US20220005030A1
Автор: Adam Ratica, Chandra S. Balasubramanian, Erik Nils ENRIGHT, Francis M. Sherwin, Michael A. Keresman, III
Принадлежит: CardinalCommerce Corp

A system of electronic communication is disclosed. The system may: create a Pre-Authentication Transaction Number (Pre-ATN) by combining a number with a Special Encode Value (SEV), wherein the SEV is a single digit integer value; encrypt the Pre-ATN using a Format Preserving Encryption (FPE) to generate an encrypted Authentication Transaction Number (ATN); and send the encrypted ATN to an access control server (ACS) to use the encrypted ATN to generate a cardholder Authentication Verification Value (CAVV) or an Accountholder Authentication Value (AAV).

Подробнее
Номер записи: 91
06-01-2022 дата публикации

Injection of Tokens or Client Certificates for Managed Application Communication

Номер: US20220006800A1
Автор: Duchastel Thierry
Принадлежит:

Methods and systems for injection of tokens or certificates for managed application communication are described. A computing device may intercept a request from an application executable on the computing device, the request being to access a remote resource. The computing device may modify future network communications between the computing device and the remote resource to include a token or a client certificate, where the token or the client certificate is an identifier that enables the future network communications to be routed to the remote resource for a given computing session without use of data from the remote resource or data indicative of a connection of the remote resource in which to receive the future network communications. The computing device may send the future network communications to the remote resource to enable action to be taken on behalf of the computing device in response to receipt of the future network communications. 1. A computing device , comprising:at least one processor; intercept a request from an application executable on the computing device, the request being to access a remote resource;', 'modify future network communications between the computing device and the remote resource to include a token or a client certificate, wherein the token or the client certificate is an identifier that enables the future network communications to be routed to the remote resource for a given computing session without use of data from the remote resource or data indicative of a connection of the remote resource in which to receive the future network communications; and', 'send the future network communications to the remote resource to enable action to be taken on behalf of the computing device in response to receipt of the future network communications., 'memory storying computer-readable instructions that, when executed by the at least one processor, cause the computing device to2. The computing device of claim 1 , wherein a server claim 1 , ...

Подробнее
Номер записи: 92
07-01-2016 дата публикации

Method and System for Generating a Smart Time-Lapse Video Clip

Номер: US20160004390A1
Автор: Cameron Hill, Greg Duffy, Greg R. Nelson, Hiro Mitsuji, Jason N. Laska, Lawrence W. Neal
Принадлежит: Google LLC

An electronic device with a display, processor(s), and memory displays a video monitoring user interface including a video feed from a camera located remotely from the client device in a first region and an event timeline in a second region, the event timeline including event indicators for motion events previously detected by the camera. The electronic device detects a user input selecting a portion of the event timeline, where the selected portion of the event timeline includes a subset of the event indicators. In response to the user input, the electronic device causes generation of a time-lapse video clip of the selected portion of the event timeline. The electronic device displays the time-lapse video clip, where motion events corresponding to the subset of the event indicators are played at a slower speed than the remainder of the selected portion of the event timeline.

Подробнее
Номер записи: 93
07-01-2021 дата публикации

PROOF OF AFFINITY TO A SECURE EVENT FOR FRICTIONLESS CREDENTIAL MANAGEMENT

Номер: US20210004454A1
Автор: CHESTER Benjamin D., Greiche Hubert, Heard Richard W., Vaid Yousuf H.
Принадлежит:

Systems, methods, and computer-readable media for facilitating frictionless credential provisioning on a user electronic device are provided. 1. A method for increasing the efficiency of credential provisioning using an administration entity (“AE”) subsystem , the method comprising: when a first electronic device is fully authenticated for a user account of the AE subsystem, requesting proof of ownership of a funding account;', 'in response to the requesting, receiving from the first electronic device the requested proof of ownership;', provisioning on the first electronic device a credential associated with the funding account;', 'generating an ownership token based on the credential and a user of the user account; and', 'storing the ownership token in an AE locker of the user account;, 'in response to the receiving the requested proof of ownership, 'after the storing the ownership token in the AE locker of the user account, when a second electronic device is fully authenticated for the user account, storing the ownership token on the second electronic device;', 'after the storing the ownership token on the second electronic device, receiving from the second electronic device a request to provision the credential on the second electronic device;', 'determining that the received request to provision comprises the ownership token; and', 'in response to the determining, automatically provisioning on the second electronic device the credential., 'at the AE subsystem2. The method of claim 1 , further comprising claim 1 , prior to the requesting claim 1 , fully authenticating the first electronic device for the user account at the AE subsystem via three factor authentication.3. The method of claim 2 , further comprising claim 2 , after the storing the ownership token in the AE locker of the user account but prior to the storing the ownership token on the second electronic device claim 2 , fully authenticating the second electronic device for the user account at the AE ...

Подробнее
Номер записи: 94
07-01-2021 дата публикации

Configuration Of Server Using Stored Security Elements

Номер: US20210004464A1
Автор: Lundeby Bruce A., Narasimha Murthy Raghu, Padlia Abhay, Tyagi Parul
Принадлежит:

In one implementation, a computing device includes a secure storage to store a plurality of security elements, a processor, and a storage medium including instructions. The instructions are executable by the processor to: receive a configuration request for a first server, the configuration request including one or more logical references to security settings of the first server; retrieve, from the secure storage, one or more security elements corresponding to the one or more logical references in the configuration request; and configure an operating system volume for the first server based on the configuration request and the one or more security elements. 1. A computing device comprising:a secure storage to store a plurality of security elements;a processor; and receive a configuration request for a first server, the configuration request including one or more logical references to security settings of the first server;', 'retrieve, from the secure storage, one or more security elements corresponding to the one or more logical references in the configuration request; and', 'configure an operating system volume for the first server based on the configuration request and the one or more security elements., 'a storage medium including instructions executable by the processor to2. The computing device of claim 1 , wherein the plurality of security elements are pre-loaded into the secure storage prior to a receipt of the configuration request claim 1 , and wherein the plurality of security elements are sufficient to configure a plurality of servers.3. The computing device of claim 2 , wherein the computing device is an appliance device for configuring the plurality of servers claim 2 , and wherein the plurality of security elements are pre-loaded via a write-only interface of the appliance device.4. The computing device of claim 3 , wherein the appliance device is mounted in a first server enclosure claim 3 , and wherein the appliance device is to configure all servers ...

Подробнее
Номер записи: 95
13-01-2022 дата публикации

REAL-TIME FEATURE LEVEL SOFTWARE SECURITY

Номер: US20220012351A1
Автор: Frost David L., SANDERS Adam
Принадлежит:

Systems and techniques for real-time feature level software security are described herein. A request may be received from a computing device for data from the feature of the software application. The request for data may include authorization information of a user of the computing device. It may be identified that the feature of the software application contains code containing a reference to a security configuration service. A security configuration may be determined for the feature of the software application by comparing a resource identifier and a feature identifier of the feature of the software application to a set of security configurations of the security configuration service. The security configuration may provide access rules for the feature of the software application. A response may be sent to the computing device based on a comparison of the received authorization information of the user of the computing device to the determined security configuration. 1. A system for providing security for a feature of a software application in real-time , the system comprising:at least one processor; and receive a request, from a computing device, for data from the feature of the software application, the feature of the software application including code containing a reference to a security configuration service;', 'determine a security configuration for the feature of the software application by comparing identifiers of the feature to a set of security configurations of the security configuration service, the security configuration providing access rules for the feature of the software application;', 'determine, using the security configuration, that a first data item identified in the request for data should be encrypted before transmission and a second data item identified in the request for data should be transmitted unencrypted;', 'encrypt the first data item using an encryption algorithm; and', 'send a response including the encrypted first data item and the ...

Подробнее
Номер записи: 96
04-01-2018 дата публикации

AUTHENTICATION METHOD

Номер: US20180004925A1
Автор: Petersen John, THORNHILL Daniel
Принадлежит:

An authentication method. The method comprises comparing user voice data received via an electronic device to a stored voice template to determine a voice authentication parameter. A voice authentication threshold is determined and the voice authentication parameter is compared to the voice authentication threshold to determine whether to authenticate the user. Determining the voice authentication threshold comprises determining a current value of an enrolment counter, then comparing the current value of the enrolment counter to an enrolment counter threshold and determining whether the stored voice template is fully enrolled according to the result. If the stored voice template is fully enrolled, the voice authentication threshold is set to a first voice authentication threshold. If the stored voice template is not fully enrolled then a device attribute received from the electronic device is compared to a stored device attribute. If the received device attribute matches the stored device attribute, the voice authentication threshold is set to a second voice authentication threshold determined by the current value of the enrolment counter. If the received device attribute does not match the stored device attribute, the voice authentication threshold is set to a third voice authentication threshold. 1. An authentication method comprising:comparing user voice data received via an electronic device to a stored voice template to determine a voice authentication parameter;determining a voice authentication threshold; andcomparing the voice authentication parameter to the voice authentication threshold to determine whether to authenticate the user; determining a current value of an enrolment counter;', 'comparing the current value of the enrolment counter to an enrolment counter threshold and determining whether the stored voice template is fully enrolled according to the result;', 'if the stored voice template is fully enrolled, setting the voice authentication threshold ...

Подробнее
Номер записи: 97
07-01-2021 дата публикации

USER SCANNING AND ONE-WAY AUGMENTED REALITY VIEWING SYSTEM

Номер: US20210004597A1
Автор: Dascola Michael Anthony, Grady Jacob Atticus, Stahl Kaitlyn
Принадлежит:

An augmented reality customer interaction system includes a transparent panel having a first side and a second side that is opposite to the first side, and a camera device configured to capture visual data from an area adjacent to the second side of the transparent panel. The visual data includes identifying features of a customer located in the area with respect to the second side of the transparent panel. The system further includes a projection system configured to project information on the first side of the transparent panel. The information projected on the first side of the transparent panel may include customer interaction data retrieved from a data store based on the identifying features of the customer. 1. An augmented reality user interaction system , comprising:a processing unit including a processor;a camera device configured to capture sensor data about a location and to capture visual data about an object in the location; receive the sensor data corresponding to the location from the camera device, the sensor data including the visual data;', 'analyze the sensor data to detect a user within a proximity of the location;', 'detect, based on analyzing the sensor data, a characteristic of the user;', 'compare the characteristic of the user to a data store having a plurality of user profiles with user characteristics stored therein for a plurality of users;', 'identify a user profile among the plurality of user profiles by matching the characteristic to a user characteristic associated with the user profile; and', 'generate and output user interaction data associated with the user profile via an augmented reality system., 'a computer-readable memory having stored thereon instructions that are executable by the processor to cause the system to2. The augmented reality user interaction system of claim 1 , wherein the characteristic of the user is a visual characteristic corresponding to facial features of the user.3. The augmented reality user interaction ...

Подробнее
Номер записи: 98
04-01-2018 дата публикации

SECURE BOOT WITH RESISTANCE TO DIFFERENTIAL POWER ANALYSIS AND OTHER EXTERNAL MONITORING ATTACKS

Номер: US20180004957A1
Автор: Jaffe Joshua M., Kocher Paul, Rohatgi Pankaj
Принадлежит:

A method for device authentication comprises receiving, by processing hardware of a first device, a message from a second device to authenticate the first device. The processing hardware retrieves a secret value from secure storage hardware operatively coupled to the processing hardware. The processing hardware derives a validator from the secret value using a path through a key tree, wherein the path is based on the message, wherein deriving the validator using the path through the key tree comprises computing a plurality of successive intermediate keys starting with a value based on the secret value and leading to the validator, wherein each successive intermediate key is derived based on at least a portion of the message and a prior key. The first device then sends the validator to the second device. 1. A method for device authentication comprising:receiving, by processing hardware of a first device, a message from a second device to authenticate the first device;retrieving, by the processing hardware, a secret value from secure storage hardware operatively coupled to the processing hardware;deriving, by the processing hardware, a validator from the secret value using a path through a key tree, wherein the path is based on the message, wherein deriving the validator using the path through the key tree comprises computing a plurality of successive intermediate keys starting with a value based on the secret value and leading to the validator, wherein each successive intermediate key is derived based on at least a portion of the message and a prior key; andsending the validator to the second device.2. A method as in claim 1 , wherein the validator is exchanged between the first device and the second device as part of a challenge-response protocol.3. A method as in claim 2 , wherein the first device comprises a printer cartridge and the second device comprises a printer.4. A method as in claim 1 , wherein the path through the key tree identifies a plurality of ...

Подробнее
Номер записи: 99
03-01-2019 дата публикации

Securely updating software on connected electronic devices

Номер: US20190004785A1
Автор: Eric MONTI, Imran Khan, John Kelley, Max Guise, Todor Ristov
Принадлежит: Square Inc

This disclosure describes, in part, techniques for securely updating a point-of-sale (POS) system that includes a merchant-facing device and a buyer-facing device. For instance, the merchant-facing device may execute first software that provides first POS functionality and the buyer-facing device may execute second software that provides second POS functionality. To update both devices, the merchant-facing device may receive a software update from a payment service via a network connection, and update the first software using the software update. The merchant-facing device can then cause, via a physical connection, the buyer-facing device to reboot in an update mode and send the software update to the buyer-facing device. In response, the buyer-facing device can update the second software using the software update and then reboot in a payments mode. In some instances, the buyer-facing device can then update a secure enclave on the buyer-facing device using the software update.

Подробнее
Номер записи: 100