Abstract: The invention relates to a method for decoding a probabilistic anti-collusion code intended to identify at least one sequence of code present in a multimedia content having been used to create an illegal copy of this multimedia content, this method comprising a step of estimating the collusion strategy used to constitute the illegal copy associated with a step of identifying the sequences having been used in creating the illegal copy.

Abstract: Provided is an IT system to minimize occurrence of a bottleneck on a network while effectively making use of the bandwidth of the network. A system management apparatus collects performance information from a network device, and calculates the average value, the peak hour, and the variance from the collected performance information. In response to a request for addition of a business system, the system management apparatus builds configuration patterns of a group of virtual servers configuring the business system and monitors traffic states of the paths on the network, identifies the part of the network where the traffic quality is most degraded, and determines the pattern that includes the path which has the smallest variance in the traffic based on traffic information on the part where the communication quality is degraded identified in each pattern as the requested system configuration of the business system.

Abstract: When a plurality of information processing apparatuses having an authentication function executes a cooperative job, user authentication information is transmitted from a cooperative information source processing apparatus to a destination cooperative information processing apparatus that executes the cooperative job. It is determined whether or not a user account with authentication information that is the same as the transmitted authentication information exists in the destination cooperative information processing apparatus. The determined result is then notified to the cooperative information source processing apparatus. In this case, when the cooperative information source processing apparatus is notified that a user account with the same authentication information does not exist, the cooperative information source processing apparatus creates a user account based on the authentication information.

Abstract: A processing system (60) includes an input interface (62), a first processor (64), a second processor (66), and an output interface (68) arranged in a serial configuration. Each of the input interface (62), first processor (64), second processor (66), and output interface (68) computes a digest (92, 100, 110, and 114) using information, e.g., a unique parameter (94, 102, 112, 118), known only by that element (62, 64, 66, 68) and using information generated by that element (62, 64, 66, 68). The digests (92, 100, 110, and 114) are used to validate the integrity of payload data (86) processed by the system (60) to form processed data (104) and the system (60) only outputs the processed data (104) upon validation of data integrity. The serial configuration of system (60) may be implemented to provide high bit rate, redundant cryptographic services.

Abstract: The enrollment process for purchasing multiple digital certificates configured using different cryptographic algorithms or hashing algorithms is streamlined. A certificate purchaser wishing to purchase two or more certificates is prompted to provide answers to common enrollment questions, such as the purchaser's contact information, payment details, web server software, and the like, using a simplified and streamlined enrollment process. Each certificate is optionally configured using a different hashing algorithm.

Abstract: A method for enabling limitation of service access where a service provider offers at least one service and a user possesses multiple different digital identities that can be used to invoke or register with the service, wherein the user agrees on a secret with a third party entity, assigns counter values to different digital identities used to invoke or register with a service, and requests the service by applying an encryption algorithm on the secret and the counter value assigned to the digital identity employed for the service request, and the third party entity receives the first verification value, applies the encryption algorithm to reconstruct the employed counter value, and provides information on whether the reconstructed counter value exceeds a limit.

Abstract: A method for assigning network addresses is provided. When a mobile node (MN) moves to an access domain (AN) of a visited network, the method, in the visited network, includes: receiving a network access request sent by the MN; determining a home network of the MN according to user information of the MN, and sending an authentication request to the home network for authenticating the MN; receiving an authentication response returned by the home network, where the authentication response includes a local home of address (L-HoA) for identifying the AN where the MN is currently located; and assigning a local care of address (L-CoA) to the MN, where the L-CoA identifies position information of the MN in the current AN. Correspondingly, a network and a network node are provided. Thus, technical solutions can implement address assignment when the MN moves.

Abstract: Exposure of a security mechanism, over time and/or in particular markets, increases the likelihood that the security mechanism will be compromised. A security dongle, however, can resist/delay being comprised by compounding one or more security techniques with the security dongle security mechanism (e.g., a unique identifier of the dongle stored in a secure area of the dongle, a cryptographic token with a private key that cannot be retrieved from the memory of the security dongle, etc.). A dynamic element (e.g., a changing key) and/or an unexposed element (e.g., a private key secured by an owner) can be used in conjunction with a security dongle to buttress against being compromised. Using the dynamic element and/or the unexposed element, the security dongle can be cryptographically bound to at least an identifier of a piece of software enabled by the security dongle.

Abstract: In a terminal system for managing terminals coupled to a network, a terminal management server includes: a terminal information registration module for registering, in advance, information unique to each user of the terminal; an authentication module for executing authentication by comparing an ID and authentication information which are contained in an authentication request received from the terminal to user information set in advance; an authenticity determination module for determining, based on a predetermined investigation result received from the terminal, whether or not the terminal suffers falsification; and a unique information transmission module for transmitting, when the authentication is successful, and when the authenticity determination module has determined that the terminal does not suffer the falsification, the information unique to the each user to the terminal. The terminal outputs the information unique to the each user received from the terminal management server to a display unit.

Abstract: A content display device includes a content setting storage means 106 for storing a content setting which associates a content selection request with a content which an external device has, a content setting server means 107 for accepting a content setting from a content setting client 108 on a network to update and manage content settings stored in the content setting storage means 106, and a display content management means 109 for reading a content setting corresponding to the content selection request from the content setting storage means 106 to present the content which the content setting client 108 has to a display means 102, or, when the content setting corresponding to the content setting request does not exist, displaying a method of accessing the content setting server means 107 and identification information for identifying the content setting client 108 on the display means 102.

Abstract: A method and system for coordinating energy management in a virtualized data center including a plurality of physical servers and a plurality of virtual machines (VMs), includes analyzing status information about the virtualized data center; determining server utilization target settings for server consolidation from the analyzed status information; and executing the server consolidation according to the determined server utilization target settings. Server consolidation can be executed by determining an effective size of each of the VMs and placing the VMs on the servers in a selective manner using an independent workload VM placement process, a correlation-aware VM placement process, or a migration-cost and correlation-aware VM placement process.

Abstract: When a plurality of information processing apparatuses that have an authentication function cooperate to execute a job, user authentication information is transmitted from a cooperative information source processing apparatus to a destination cooperative information processing apparatus that execute the cooperative job. A user account is created at the destination cooperative information processing apparatus based on the transmitted authentication information. When the cooperative information source processing apparatus notifies execution of a cooperative job to the destination cooperative information processing apparatus, authentication information that is authenticated at the cooperative information source processing apparatus is transmitted to the destination cooperative information processing apparatus. The destination cooperative information processing apparatus creates a user account based on the authentication information, and executes the cooperative job using the created user account.