Abstract: A presentation apparatus includes: a communication connection establishing unit establishing a communication connection with a plurality of receiving terminals and a source terminal, the source terminal having a token corresponding to an authority of controlling a presentation; a presentation data relay unit receiving presentation data from the source terminal, broadcasting a presentation image to the plurality of receiving terminals to display the presentation image of the received presentation data on each screen of the plurality of receiving terminals, and broadcasting voice information to the source terminal and the plurality of receiving terminals to output, from each terminal, the voice information being inputted from any one of the source terminal and the plurality of receiving terminals; and a presentation control unit controlling a transmission/reception of the presentation image and the voice information, and controlling a receiving terminal requesting the token to obtain the token.

Abstract: A data generating device is capable of preventing unauthorized extraction of plaintext content between decryption processing and digital watermark embedment processing. A content reproducing device obtains restoration information and, in accordance with the restoration information, selectively performs predetermined restoration processing and processing of embedding device unique information, on content data at a position shown by the restoration information.

Abstract: A system for determining security associations using binary output sequences is described. In an example systematic embodiment, a first device is coupled over a network to a second device. Each device includes a processor and an indicator mechanism coupled to the processor. The indicator mechanism is configured to output a binary representation of a security state established between the devices to a user in perceivable proximity to at least one of the devices. A computer readable storage medium is coupled to the processor and includes executable instructions for the processor. The instructions when executed by the processor initiate a security transaction between the devices. The security transaction includes a protocol that uses one or more public keys to establish a security state between the devices. The indicator mechanism then outputs the binary representation to the user based on the established security state.

Abstract: A method for initializing a recording medium on which data is recorded in compliance with the AVCHD standard is proposed. Under a root directory of partitions, an ICB and FIDs for each directory contained in a directory structure defined by the AVCHD standard are recorded with consideration of information on child directories. Thereafter, an SBD and a metadata bitmap file are recorded in a partition and also, an LVIS is recorded on the basis of information, such as the number of sectors used as a result of recording the ICBs and the FIDs of all the directories and the total number of directories.

Abstract: A method and an apparatus for configuring a key stored within a secure storage area (e.g., ROM) of a device including one of enabling and disabling the key according to a predetermined condition to execute a code image are described. The key may uniquely identify the device. The code image may be loaded from a provider satisfying a predetermined condition to set up at least one component of an operating environment of the device. Verification of the code image may be optional according to the configuration of the key. Secure execution of an unverified code image may be based on a configuration that disables the key.

Abstract: A quarantine system QS includes a network connection control apparatus 103 for connecting a client computer 104 to a network; a management server (a security inspection computer 101 and a property information managed computer 102) for managing property information of the client computer connected to the network, and issuing an inspection certificate to the client computer when the property information satisfies a predetermined condition; and a network connection control computer 100, when the computer makes a connection request to the network, for checking an inspection certificate sent by the client computer and the inspection certificate issued by the management server, instructing the apparatus 103 to connect the client computer to the service network 10s when the check result matches, and instructing the apparatus 103 to connect the client computer to the quarantine network 10q for quarantining the property information of the client computer when the check result does not match.

Abstract: A computer hardware implemented cryptography method computes a modular exponentiation, M :=Cd (mod p·q), upon a message data value C using a Chinese Remainder Theorem (CRT) based technique. To secure against cryptanalysis, the private key moduli p and q are transformed by multiplication with a generated random value s, so that p?: =p·s and q? :=q·s, as shown in an exemplary embodiment in FIG. 2. The CRT steps of the modular exponentiation are applied using the transformed moduli p? and q? to obtain a random intermediate message data value M?. A final reduction of M? modulo p·q yields the final message data value M. Values needed for the computation are loaded into data storage and accessed as needed by electronic processing hardware.

Abstract: Various systems and method are disclosed for automatically disseminating key server contact information in a network. For example, one method (e.g., performed by a discovery server) involves generating a discovery message that includes at least one list of one or more key servers and then sending that discovery message to one or more members of a key management protocol group. Each list of key servers can include contact information for one or more key servers and indicate the priority of each key server relative to other key servers within the list.

Abstract: A stream on a recording medium is divided into parts, and is subjected to rearrangement editing while the compatibility with a playback-only device is maintained. By adopting a division processing procedure of a play item, rearrangement processing of a stream for each chapter is achieved. In a product specification, a plurality of real play lists are put together into a series of chapter groups to be presented to the user, and thus there are cases where rearrangement of chapters are closed in the same play list, and cases where the rearrangement extends over a plurality of play lists. Moreover, rearrangement editing, which moves a chapter between real play lists, between virtual play lists, and further from a real play list to a virtual play list, is performed.

Abstract: An embodiment of the invention provides an apparatus and method for data verification by challenge. The apparatus and method perform acts including: sending a hash value of a data piece in a sender; if the hash value matches a stored hash value in a receiver, then sending a challenge from the receiver to the sender; sending a sample data set from the data piece in the sender, wherein the sample data set is determined by a window that is identified by the challenge; comparing the sample data set with a data set that is overlapped by the window for a stored data piece in the receiver; and performing a response based on the comparison of the sample data set and the stored data set that is overlapped by the window for the stored data piece.

Abstract: Methods, apparatuses, and techniques for authenticating users of a network are described. Once a user has been authenticated on a first network, authentication information from the first network can be used by the user to gain access to the user's accounts on other networks using the same or different network enabled devices or consoles.

Abstract: A method of providing a stream of data units with scrambling state identifying data and providing a stream of key messages, synchronized with the stream of data units. The scrambling state identifying data includes an identifier value associated with the first decryption key that associates the data units in a third section. Then separating the first and second sections, with scrambling state identifying data lacking an identifier value associated with the decryption key, and providing in a key message coinciding with first or third sections key information. Thereby enabling an authorized decoder to obtain a value of the first decryption key corresponding with the second value of the first encryption key. Encryption of at least part of the clear data units uses the first encryption key is suspended for each data unit in the sequence included in the third section.

Abstract: Embodiments are directed toward a method for Behavior-based Traffic Differentiation (BTD) that initially receives incoming packets and performs traffic classification to determine the protocol of the incoming packets. In addition, BTD performs bandwidth division/allocation to further support traffic classification amongst non-TCP traffic such as UDP and ICMP. For TCP traffic, the method for BTD determines whether a TCP connection has been established and performs at least one of rate limiting, waiting time reduction for half-open connections, and incrementing backlog queue size when the TCP connection has not been established. If the TCP connection has been established successfully, the method for BTD further includes proactive tests for traffic differentiation which identify normal traffic, which is admitted, and attack traffic, which is dropped.

Abstract: A method is disclosed that enables the transmission of a digital message along with a corresponding media information signal, such as audio or video. A telecommunications device that is processing the information signal from its user, such as a speech signal, encodes the information signal by using a model-based compression coder. One such device is a telecommunications endpoint. Then, based on an evaluation of the perceptual significance of each encoded bit, or on some other meaningful characteristic of the signal, the endpoint's processor: (i) determines which encoded bits can be overwritten; and (ii) intersperses the digital message bits throughout the encoded signal in place of the overwritten bits. The endpoint then transmits those digital message bits as part of the encoded information signal. In this way, no additional bits are appended to the packet to be transmitted, thereby addressing the issue of compatibility with existing protocols and firewalls.

Abstract: A method is disclosed that enables the transmission of a digital message along with a corresponding information signal, such as audio or video. The supplemental information contained in digital messages can be used for a variety of purposes, such as enabling or enhancing packet authentication. In particular, a telecommunications device that is processing an information signal from its user, such as a speech signal, encrypts the information signal by performing a bitwise exclusive-or of an encryption key stream with the information signal stream. The device, such as a telecommunications endpoint, then intersperses the bits of the digital message throughout the encrypted signal in place of those bits overwritten, in a process referred to as “watermarking.” The endpoint then transmits the interspersed digital message bits as part of a composite signal that also comprises the encrypted information bits. No additional bits are appended to the packet to be transmitted, thereby addressing compatibility issues.

Abstract: Embodiments include a system, wherein a server provides a cryptographic function F to an execution device in an obfuscated form. The function F composes output of a plurality of the mapping tables Ti (0?i?n; n?1) using an Abelian group operator. A processor chooses tables O and C such that C[x] O[x]=0, x Di and creates tables T?i, 0?i?m; n?m?n+1, where for 0?i?n, each Table T?i represents the respective corresponding table Ti and at least one table T?o1, 0?o1?n, being formed through an Abelian composition of To1 and O, and at least one table T?c1, 0?c1?m, c1?oj; being formed through an Abelian composition that includes C.

Abstract: Provided are a method, system, and article of manufacture for maintaining keys removed from a keystore in an inactive key repository. A keystore includes active keys, wherein at least one active key in the keystore is associated with at least one storage device and available for encrypting and decrypting data with respect to the associated storage device. A request is received for an operation with respect to a specified active key that causes the specified active key to be removed as an active key from the keystore. The specified active key is indicated as inactive, wherein keys indicated as inactive are not available for use to encrypt and decrypt data. A request is received to restore one of the inactive keys to make available to decrypt and encrypt data for the at least one associated storage device associated with the requested inactive key.