Abstract: For encoding, a frame of video data can be segregated into macroblocks, which can be segregated into slices, which in turn can be segregated into slice groups. A macroblock identifier (ID) can be associated with each of the macroblocks. When at least one slice from each of the slice groups has been encoded, the macroblock IDs associated with the encoded slices can be compared to determine an order in which the encoded slices are to be placed in an access unit for the frame. Of the encoded slices, the slice that includes the macroblock with the lowest macroblock ID will be placed in the access unit before the other encoded slices.

Abstract: A method is provided for implementing collaborative information management. Information collaboration entities are authorized to allow entity members thereof access to a collaborative information data structure. Each information collaboration entity is a different business entity than each other information collaboration entity. An entity member of each one of the information collaboration entities is authorized to maintain business process information associated therewith within the collaborative information data structure. The business process information of each one of the information collaboration entities is generated through a business process thereof. The business process information of each one of the information collaboration entities is useful as quality control information for a manufactured product of a particular one of the information collaboration entities.

Abstract: The invention relates to various solutions to the challenges of supporting call centers and networks having a plurality of network connected agents or employees. According to one aspect, the invention manages agent authentication, including hiding the authentication methods (e.g., username and password) from the agent. According to another aspect, the invention provides information bridging, such as entering previously-collected information in carrier site pages. According to yet another aspect, the invention provides scripting, such as performing agency-specific scripting and guidance. According to still another aspect, the invention restricts agents from visiting non-approved sites. According to yet another aspect, the invention monitors and logs data fields of particular interest.

Abstract: A system, method and computer program product are provided for sending information extracted from a potentially unwanted data sample to generate a signature. In use, information is extracted from a portion of a sample of potentially unwanted data. Further, the information is sent to generate a signature.

Abstract: A method and apparatus for over-the-air provisioning of authentication credentials at an access device via a first access system, wherein the authentication credentials are for a second access system lacking an over-the-air provisioning procedure. For example, the second access system may be a 3GPP system using AKA authentication methods. The first access system may be CDMA, using an OTASP or IOTA procedure. Provisioning the authentication credentials may include provisioning any of a 3GPP AKA authentication root key (K), AKA authentication related parameters, an AKA authentication algorithm to be used in the 3GPP authentication, or authentication algorithm customization parameters.

Abstract: The present invention relates to an electronic circuit for securing data interchanges between a computer station and a network, said circuit comprising a first network interface connected to said network, said circuit comprising at least a second network interface connected to a network interface of said computer station, a unit for processing data passing between the first network interface and the second network interface, an interface for connection to an internal bus of the computer station suitable for electrically connecting the power supply, said electronic circuit not comprising any means of transferring processed data with the bus of said station. The invention applies in particular to the protection of personal computers handling confidential data.

Abstract: It is aimed to implement a hierarchical predicate encryption (HPE) scheme. A cryptographic process is performed using dual vector spaces (dual distortion vector spaces (DDVS)) of a space V and a space V* paired through a pairing operation. An encryption device generates as a cipher vector a vector in the space V, the vector having transmission information embedded therein. A decryption device, using a predetermined vector in the space V* as a key vector, performs the pairing operation on the cipher vector generated by the encryption device and the key vector, to decrypt the cipher vector and to extract information concerning the transmission information.

Abstract: A method that includes initiating a network access request from an access requester on a platform that couples to a network, the network access request made to a policy decision point for the network. The method also includes establishing a secure communication channel over a communication link between the policy decision point and a policy enforcement point on the platform. Another secure communication channel is established over another communication link. The other communication link is between at least the policy enforcement point and a manageability engine resident on the platform. The manageability engine forwards posture information associated with the access requester via the other secure communication channel. The posture information is then forwarded to the policy decision point via the secure communication channel between the policy enforcement point and the policy decision point.

Abstract: A secure secret sharing system is implemented. Shares SH(?, h(?)) are generated by secret sharing of secret information separately for each subset SUB(?); each of share management apparatuses PA(?, h(?)) generates a shared secret value DSH(?, h(?)) by performing a common operation to a corresponding share SH(?, h(?)) and common information containing a common value ?(?) shared in each subset SUB(?); and an acquisition apparatus generates a reconstructed secret value SUBSK(?) by reconstruction processing for each subset SUB(?), using a plurality of shared secret values DSH(?, h(?)) corresponding to the same subset SUB(?), and generates generation information SK by using the reconstructed secret values SUBSK(?).

Abstract: A security controller has first and second read request paths for performing security checking of read requests received from a master device and for controlling issuing of the read request to a safe device. If the first read request path is selected for an incoming read request then the first read request path controls issuing of the read request in dependence on result of the security checking. If the second read request path is selected, then the incoming read request is issued without waiting for a result of the security checking, and tracking data is stored indicating the result of the security checking. When receiving a response to a read request issued using the second read request path, a response path modifies the response to mask read data if the tracking data stored for the corresponding read request indicates that a security violation occurred.

Abstract: A system and method is disclosed for allowing content providers to protect against widespread copying of their content, while enabling them to give their customers more freedom in the way they use the content. In accordance with one embodiment, content providers identify their content as protected by watermarking the content. Consumers use compliant devices to access protected content. All of a user's compliant devices, or all of a family's devices, can be organized into an authorized domain. This authorized domain is used by content providers to create a logical boundary in which they can allow users increased freedom to use their content.

Abstract: According to one embodiment, in an encryption device, a segmentation unit segments masked plain data into pieces of first segmented data. A first processing unit generates pieces of second segmented data from the pieces of first segmented data. A nonlinear transform unit generates pieces of third segmented data transformed from the pieces of second segmented data. A data integration unit integrates fourth segmented data to generate masked encrypted data. An unmask processing unit generates encrypted data from the masked encrypted data. The exclusive OR of the pieces of second segmented data matches the exclusive OR of input data, subjected to nonlinear transform processing and calculated from the plain data, and the first mask. The exclusive OR of the pieces of third segmented data matches the exclusive OR of transform data, obtained when the nonlinear transform processing is performed on the input data, and the second mask.

Abstract: An update server acquires, from an apparatus, a result of verifications relating to tampering of a protection control module and each of install modules included in an install module group. The update server determines a processing procedure of the apparatus depending on the acquired result of the verifications. Specifically, if it is judged that the protection control module and each of the install modules is unauthentic, then the update server transmits, to the apparatus, an instruction to perform updating of the unauthentic protection control module in preference to a revocation of the unauthentic install module.

Abstract: Provided are a mobile terminal for sharing resources, a method of sharing resources within a mobile terminal and a method of sharing resources between a web server and a terminal.

Abstract: A relay device first uses latest authentication data to determine whether request-authentication data transmitted from a wireless communications device is valid. If the latest authentication data is used to determine that the request-authentication data is valid, the relay device carries out relayed communications with the wireless communications device. If the latest authentication data is used to determine that the request-authentication data is invalid, the relay device next uses a former authentication data to determine whether the request-authentication data is valid. If the former authentication data is used to determine that the request-authentication data is valid, the relay device provides the wireless communications device with the latest authentication data to update authentication data in the wireless communications device.

Abstract: Functionality is described for forming a summary representation of a video item to help a user decide whether to obtain a full version of the video item. The functionality operates by: (a) receiving a video item; (b) dividing the video item into a plurality of segments; (c) extracting at least one key frame from each of the plurality of segments to form a plurality of key frames; and (d) organizing the video segments into one or more groups corresponding to one or more respective scenes based on the plurality of key frames, to thereby form the representation of the video item. The functionality can be used to communicate search results to a user, to provide a sample of the video item in a message, etc.

Abstract: A system for extracting a video-watermark embedded in a video sequence, comprising a decryption and decoding engine to receive the video sequence in a video-codec-encoded format and encrypted, then decrypt the video sequence yielding a decrypted video sequence, then decode the decrypted video sequence yielding a decrypted decoded video sequence, and then output the decrypted decoded video sequence to a display device for rendering thereon, a measurement module to measure memory usage utilized by the engine decoding at least part of the video sequence yielding measurements of memory usage, a memory usage analyzer to analyze the measurements to determine an arrangement of video frames of at least one frame type in the video sequence, and an encoding feature analyzer to analyze the arrangement of the video frames to extract the video-watermark from the video sequence. Related apparatus and methods are also described.

Abstract: An Internet-based fill-level measurement value and diagnostic information polling system includes several field devices, a central server and a processing unit that is connected to the server by way of the internet. In response to a user inquiry the server generates a certificate and an associated data object that characterizes the data that may be polled by the user. In response to an inquiry by the user, with which inquiry the certificate is sent along to the server, the server automatically transmits the requested data to the user if a check of the certificate shows that the user is authorized to receive this.

Abstract: A method is provided for processing a digital information set having a plurality of information bytes. The method comprises receiving the information set, determining a set of initialization parameters, initializing a set of state variables using the set of initialization parameters, and generating a plurality of cryptors, each cryptor being a virtual dynamic array containing a monoalphabetic cipher. The method further comprises modifying the state variables and one or more of the cryptors, setting the index value for each cryptor in the plurality of cryptors; and selecting an ordered cryptor subset to be applied to an information byte. The information byte is processed using the ordered cryptor subset to produce a processed information byte. If the information byte is a plaintext byte, the processed byte is an encrypted byte, and vice versa. The actions of modifying, setting, selecting, and processing are then repeated for each remaining information byte.

Abstract: Secondary content in encrypted for distribution to client terminals by selecting at least a portion of raw encrypted audio-video data (REAVD) that is provided on a media article as an encryption key, encrypting secondary content using the encryption key, and storing encrypted secondary content at a remotely located host. The media article can then be used for providing access to the encrypted secondary content to client terminals by receiving encrypted secondary content at a client terminal, extracting a decryption key from a media article encoded with REAVD, the decryption key being determined by at least a portion of the REAVD, using the decryption key to decrypt the secondary content, and outputting the decrypted secondary content from the client terminal.