Abstract: A system for selectively enabling a microprocessor-based system is disclosed. State information that describes the operating conditions or circumstances under which a user intends to operate the system is obtained. In the preferred embodiment of the invention, a valid hash value is determined, preferably based on the state information and preferably by locating the valid hash value within a table of valid hash values indexed by the state information. Candidate authorization information is obtained from the user, and a candidate hash value is generated by applying a hashing algorithm to the candidate authorization information, the state information, or a combination of the candidate authorization information and state information. The candidate hash value and the valid hash value are then compared, and the microprocessor-based system is enabled if the candidate hash value matches the valid hash value.

Abstract: A method and apparatus to quickly provide a plurality of customized deceptive web pages that is designed to feed an intruder with a number of intrusion opportunities are disclosed. For example, the present method receives a plurality of parameter of interest and “look and feel” information. The method then applies the plurality of parameter of interest and the look and feel information to automatically generate a plurality of web pages for use in a security system, e.g., a honeypot system.

Abstract: A data transfer device for transferring data to a removable data storage item. The data transfer device encrypts data to be stored using an encryption key, and additionally encrypts a copy of the encryption key using the encryption key. The data transfer device then stores the encrypted data and the encrypted encryption key to the removable data storage item.

Abstract: Attacks by computer viruses, worm programs, and other hostile software (‘malware’), have become very serious problems for computer systems connected to large communication networks such as the Internet. One potential defence against such attacks is to employ diversity—that is, making each copy of the attacked software different. However, existing diversity techniques do not offer sufficient levels of protection. The invention provides an effective diversity solution by applying tamper resistant software (TRS) encoding techniques, to the communications that take place between software components, with corresponding changes to the code handling those communications. These communications may include, for example, data passed between software routines via parameters or mutually accessible variables, light-weight messages, signals and semaphores passed between threads, and messages passed between software processes. Effective TRS encoding techniques include data-flow encoding and mass-data encoding techniques.

Abstract: The present invention provides an apparatus for securely acquire a circuit configuration information set corresponding to a new cryptosystem without increasing the number of reconfigurable circuits. A content playback apparatus 100 includes an FPGA 122 that is reconfigurable. The content playback apparatus 100 stores a decryption circuit program that shows the structure of a decryption circuit that executes decryption in accordance with a prescribed cryptosystem. The FPGA is reconfigured in accordance with the program to configure the decryption circuit. The playback apparatus 100 acquires, from outside, an encrypted file that has been generated by encrypting a file including a decryption circuit program corresponding to the new cryptosystem in accordance with the prescribed cryptosystem, and decrypts the encrypted file by the decryption circuit.

Abstract: Aspects of the invention provide a method, system and computer program product for managing multiple user identities for a user of an electronic commerce (e-commerce) site. The method comprises defining the e-commerce site as one or more security domains; and in response to a user's request to invoke an operation of the e-commerce site: determining a one of the one or more security domains to which the operation relates; performing one of a) creating a session and b) reusing a session for the user automatically in accordance with the determined security domain, said session associated with a user identity and a role indicating privileges for invoking operations of the e-commerce site in at least the determined security domain; and persisting said session for reuse. The user's request may be received in association with one or more sessions persisted for the user and a one of the sessions selected in accordance with the determined security domain. In response, either a session may be created or reused.

Abstract: An apparatus and a method for performing a hyperelliptic curve cryptography process at a high speed in a highly secure manner are provided. A base point D is produced such that the base point D and one or more of precalculated data in addition to the base point used in a scalar multiplication operation based on a window algorithm are degenerate divisors with a weight smaller than genus g of a hyperelliptic curve. An addition operation included in the scalar multiplication operation based on the window algorithm is accomplished by performing an addition operation of adding a degenerate divisor and a non-degenerate divisor, whereby a high-speed operation is achieved without causing degradation in security against key analysis attacks such as SPA.

Abstract: An intrusion detection system, and a related method and computer program product, for implementing intrusion detection in a remote, on-demand computing service environment in which one or more data processing hosts are made available to a remote on-demand user that does not have physical custody and control over the host(s). Intrusion detection entails monitoring resources defined by the on-demand user (or a third party security provider) for intrusion events that are also defined by the on-demand user (or security provider), and implementing responses according to event-action rules that are further defined by the on-demand user (or security provider). An intrusion detection system agent is associated with each of the data processing hosts, and is adapted to monitor the intrusion events and report intrusion activity. If there are plural intrusion detection system agents, they can be individually programmed to monitor and report on agent-specific sets of the intrusion events.

Abstract: The present invention provides a system, method, and program product for characterizing computer attackers by obtaining attack pattern information about computer attacks performed over time and generating an attacker signature for each attacker based on the attack pattern information.

Abstract: A computer-implemented method detecting malware that includes providing a malware detection application and providing a search engine, the search engine being configured to receive data and commands from the malware detection application and to return data pertaining to search results to the malware detection application. The method also includes sending at least one of scan options and at least one malware-suggestive pattern from the malware detection application to the search engine. The method additionally includes searching, using the search engine and the at least one of scan options and the at least one malware-suggestive pattern, to obtain data pertaining to scan targets. The method also includes sending the data pertaining to the scan targets from the search engine to the malware detection application. The method further includes performing malware detection, using the malware detection application and the data pertaining to the scan targets, on the scan targets.

Abstract: A memory card receives an encrypted application program from a host apparatus. The memory card includes an Integrated Circuit (IC) card unit having a tamper resistant function, and a flash memory unit. The IC card unit also includes a tamper resistant storage unit, a program acquisition unit that acquires the encrypted application program from the host apparatus, a storage control unit which stores the acquired encrypted application program in the tamper resistant storage unit or the flash memory unit, and a move control unit. The memory control unit, when the application program stored in the tamper resistant storage unit is to be executed and the size of the application program to be executed in the decrypted form exceeds the size of free space of the tamper resistant storage unit, moves an arbitrary encrypted application program stored in the tamper resistant storage unit to the flash memory unit.

Abstract: A method and apparatus for downloading information content to a wireless terminal. The information content is obtained from a content provider that is accessible over a network, such as the World Wide Web. The information content, which is available on a subscription basis, is downloaded directly to the wireless terminal. Access to the network, access to the content provider, and downloading the information content is performed automatically according to a schedule, in accordance with the subscription.

Abstract: This invention relates to an information providing system which is designed to be able to realize secondary utilization of broadcasting contents, along with copyright of the broadcasting contents being protected. A broadcasting receiving and picture recording device 5-1 records broadcasting contents that a broadcasting device 4 broadcasted, and a terminal 6-1 edits the broadcasting contents which were recorded, and generates corresponding metadata. The metadata is transmitted from the terminal 6-1 to a metadata delivery server 2 through Internet 1, and registered. The metadata delivery server 2, on the basis of utilization availability information of broadcasting contents which is held in advance, in case that the broadcasting content that the metadata targets can be utilized, registers the metadata. The registered metadata is delivered through the Internet 1 on the basis of a request of a terminal 6-2. This invention is applied to an information providing system which delivers the metadata.

Abstract: Exemplary embodiments provide a method and system for providing a hybrid meta-directory for recording a grant of privileges. In one embodiment method and system aspects of the exemplary embodiment include: assigning a privilege identifier to each privilege stored in a privilege repository; in response to a granting of one of the privileges to a target user, storing the privilege identifier assigned to the granted privilege in an authoritative source domain record for the target user; and in response to receiving a query of the authoritative source domain based on a user ID, retrieving a list of privileges granted to the corresponding target user based on the privilege identifiers associated with the user ID.

Abstract: A method includes determining that a driver load address is in a system service dispatch table (SSDT) addressable area. The method further includes determining whether the driver is authorized to be in the SSDT addressable area. If the driver is authorized to be in the SSDT addressable area, the driver is loaded in the SSDT addressable area and is able to hook operating system functions. Conversely, if the driver is not authorized to be in the SSDT addressable area, the driver is loaded outside the SSDT addressable area and is not able to hook operating system functions. In this manner, only authorized drivers are allowed to hook operating system functions.

Abstract: There are disclosed processes and systems for establishing secure, communication channels between computing devices. The computing devices include respective agents which verify the relative identity of one another and thereby authenticate the communication channel. The agents continue to play a role in the communications to ensure that the communication channel is secure.

Abstract: A system and method for processing a digital audio signal is disclosed. The system includes an input to receive a digital audio signal and a first output to provide a first digital output signal. The digital audio signal has a first fidelity characteristic and the first digital output signal has a second fidelity characteristic. The second fidelity characteristic is determined in response to security information extracted from the digital audio signal. The first digital output signal is provided to a digital to analog converter.

Abstract: There are disclosed a method, computing device, and storage medium for establishing relative identity between a first agent on a first computing device and a second agent on a second computing device. An absolute key and a partial relative key may be generated for the first agent, wherein the absolute key and the partial relative key define a relative identity of the first agent, wherein the relative identity is unique for a relationship between the first agent and the second agent.

Abstract: An integrity hash is obtained of rights information stored at a client device. The rights information is associated with content stored at the client device. The integrity hash is encrypted using a client device key to generate an encrypted hash. The client device key is externally inaccessible from the client device. The encrypted hash is stored on the client device.

Abstract: An apparatus for processing data includes a processor operable in a plurality modes including at least one secure mode being a mode in a secure domain and at least one non-secure mode being a mode in a non-secure domain. When the processor is executing a program in a secure mode the program has access to secure data which is not accessible when the processor is operating in a non-secure mode. The processor is responsive to one or more exception conditions for triggering exception processing using an exception handler. The processor is operable to select the exception handler from among a plurality of possible exception handlers in dependence upon whether the processor is operating in the secure domain or the non-secure domain.