Abstract: A backup account recovery authentication of last resort using social authentication is described. The account holder requests trustees who have been previously identified to obtain an account recovery code. The account recovery system sends a communication to the trustee for information to verify the trustee as one of the previously identified trustees. The account recovery system then may transmit a link and code with instructions for the trustee to return the link. The account recovery system then transmits a situational query to the trustee to provide additional security. Finally, if all the communications have been completed for the required level of security, the account recovery code is transmitted to the trustee. The trustee sends the account recovery code to the account holder for access to an account.

Abstract: Provided are a channel server, a channel prediction server, a terminal, and a method for a fast channel switching. The channel server may generate at least one delay multicast stream from an original multicast stream by applying a different delay value based on channel preference information, and may determine an optimal multicast stream from the at least one delay multicast stream, and transmit, to a terminal, response information associated with the optimal multicast stream in response to query information associated with the original multicast stream received from the terminal.

Abstract: Two service signals are transmitted from a service server through a first network in such a way that users' terminal devices display personalized service data items. When service signals are filtered, a terminal device extracts common data items accessible for several terminal devices and a parameter type from a service signal identified by a stored identifier. An end address is determined by applying a stored parameter, related to the parameter type, to a pre-recorded or transmitted algorithm. The end address is transmitted, through a second network, to a server which transmits a first personalized file associated with the end address and bearing personalized data items displayed with the common data items in the device.

Abstract: Embodiments of the present invention provide a method for presenting reposted messages. The method includes: respectively establishing, in a server for each piece of original message X, a reposting chain, which takes the each piece of original message X as a root node, generating a piece of reposted message each time the original message X is reposted, and adding the reposted message to the reposting chain as a sub-node; and pulling needed reposted messages from the server when a client terminal device, at which a user locates receives an instruction instructing viewing the reposted messages corresponding to the original message X in a full amount message aggregation mode, and displaying the reposted messages on a page. Embodiments of the present invention also provide a system for presenting reposted messages. With the scheme of the present invention, a whole reposting chain of the original message may be presented to the user.

Abstract: Methods and systems of rendering content on a device having a native digital rights management (DRM) system are described. A device, such as an end-user device capable of executing or playing content, acquires content in a common content format file having standardized locations for specific types of data. A generic digital rights token associated with the content is obtained by utilizing one of the standardized locations in the content format file, where the rights token contains information sufficient to allow retrieval of the rights associated with the content. Utilizing data in another of the standardized locations, it is then determined whether the device is registered in a domain. A license server directory may be accessed utilizing data in another of the standardized locations in the common content format file and a domain identifier, a device identifier, or both are transmitted to the license server directory.

Abstract: Systems and methods to control access to multimedia are disclosed. A method includes receiving a request for multimedia content at a computing device, retrieving a destination address of a mobile communication device related to an authorized user of the computing device and determining whether the mobile communication device is located within a predetermined distance from the computing device. When the mobile communication device is located within the communicative distance from the computing device, the multimedia content is received at the computing device. When the mobile communication device is not located within the communicative distance from the computing device, an authorization-request message is transmitted via a network to the destination address of the mobile communication device, wherein the authorization-request message includes a request for authorization to receive the multimedia content at the computing device.

Abstract: Deterrence of device subversion by substitution may be achieved by including a cryptographic fingerprint unit within a computing device for authenticating a hardware platform of the computing device. The cryptographic fingerprint unit includes a physically unclonable function (“PUF”) circuit disposed in or on the hardware platform. The PUF circuit is used to generate a PUF value. A key generator is coupled to generate a private key and a public key based on the PUF value while a decryptor is coupled to receive an authentication challenge posed to the computing device and encrypted with the public key and coupled to output a response to the authentication challenge decrypted with the private key.

Abstract: Illustrative embodiments disclose receiving a command to play a selected audio visual media on a client device. The client device determines portions of audio visual media from elected audio visual media and a sequence identifying each portion of the portions in a particular order for playing the portions. The portions and the sequence are determined according to a policy for playing each portion on the client device. The client device retrieves the portions to play in sequence and plays at least a partially retrieved first portion of the portions of the selected audio visual media on the client device. The first portion is identified based on the particular order in the sequence.

Abstract: A method for validating a road traffic control transaction. The method includes: storing a cryptographic key assigned to a transaction receiver, in the transaction receiver; recording an image of a vehicle; reading an identification of the vehicle in the recorded image by OCR and generating a control transaction thereof in the control station; generating a random key and encrypting the recorded image into authentication data with the random key and the cryptographic key in the control station; transmitting the recorded image, the control transaction, the random key and the authentication data to the transaction receiver; in the transaction receiver, encrypting the received recorded image into nominal authentication data with the received random key and the stored cryptographic key; and comparing the received authentication data with the nominal authentication data. The received control transaction is then validated when the received authentication data and the nominal authentication data are identical.

Abstract: The replacement of secret keys is a central problem in key management. Typical solutions exchange handshaking messages, involve complex computations, or require the cooperation of trusted third parties. Disclosed herein is a key replacement method that exploits the randomness of Markov models to efficiently provide fresh keys to users. Unlike other methods, the proposed method removes the need for extra communications, intensive computation, or third parties. It is demonstrated that the proposed method has perfect forward secrecy as well as resistance to known-key attacks.

Abstract: A system and method for brokering messages in a distributed system is disclosed, in which a resource, such as a hypertext file specified by a user agent, is preprocessed to request the services of a message broker configured to communicate messages among a plurality of non-compatible clients and servers for sending a message to an application at an application server in a protocol not supported by the user agent. In response, markup is generated and sent back to the user agent.

Abstract: Methods, apparatuses, and systems directed to write command processing in distributed file caching systems. Implementations of the invention allow for write operations to identified files to proceed, while information regarding the identified file is fetched from a remote host and a locally cached version of the file is constructed. Implementations of the present invention can be configured to improve the performance of wide area network file systems, while preserving file consistency.

Abstract: A method for verifying the integrity of a key implemented in a symmetrical ciphering or deciphering algorithm, including the steps of complementing to one at least the key; and verifying the coherence between two executions of the algorithm, respectively with the key and with the key complemented to one.

Abstract: A computing device capable of instant messaging (IM) contains IM anti-malware software for preventing the transmission of malware-created IMs and opening potentially harmful IMs that it receives. When transmitting an IM, the software checks to ensure that the message being sent was created by the user (a human being) and not by IM malware, such as an IM BOT. This is done by copying details of a message as it is being typed by a user into a database and searching for that data before an IM is transmitted from the device. The software also ensures that when it receives an IM from an outside source, that the message contains a special encrypted signal that was inserted into the message by the source when the source has determined that the message was created by a human being. If the special signal is not found, it is presumed that the message was created by malware and may be discarded.

Abstract: A real-time asynchronous event aggregation system, method, and network device are configured to capture real-time asynchronous events, and to pass them as input to one or more aggregation engines to determine a reputation for a target. The aggregation engine(s) may then send out notifications where a reputation category changes for a target, indicating that an action may be taken to inhibit spam messages from the target, highlight a display of content from the target, or the like. As such, the event-driven aggregation engines may be designed to capture real-time asynchronous events, such as reputation reports for a wide variety of activities, including, but not limited to spam and/or not-spam messages, determining a reputation on a posting of comments to a movie, a blog posting, a play list posting, or the like. In one embodiment, a reputation of the sender of the reputation event may also be determined.

Abstract: A privacy-preserving device-tracking system and method to assist in the recovery of lost or stolen Internet-connected mobile devices. The function of such a system seem contradictory, since it is desirable to hide a device's legitimately-visited locations from third-party services and other parties to achieve location privacy, while still enabling recovery of the device's location(s) after it goes missing by tracking the device to determine its location. An exemplary embodiment uses a DHT for storing encrypted location information and other forensic information in connection with indices that are successively determined based on initial pseudorandom seed information (i.e., state) that is retained by the owner of the device. Using the seed information, the software can determine indices mapped to location information stored after the device went missing, enabling the device to be located.

Abstract: To provide a pairing system which requires no special hardware and is capable of easily pairing terminals intended by a user. A pairing management device includes a pairing control module which receives pairing requests from communication terminals and data terminals, and generates tentative pairs from the communication terminals and the data terminals which transmitted the pairing request, and a confirmation data control module which allots and transmits pair confirmation data which corresponds on one-on-one basis to the communication terminals and the data terminals forming the tentative pairs, and allows the pairing control module to update the tentative pairs to final pairs when the pairing control module receives pair alteration data corresponding to the pair confirmation data from the communication terminals or the data terminals.

Abstract: An image processing apparatus sections an image to be processed into a plurality of blocks, rearranges the blocks into positions specified by an encryption key that uniquely specifies the positions of the blocks in the image, determines a computing method used to convert pixel values of pixels that form a minimum area included in each of the blocks after the blocks are rearranged based on the pixel values of predetermined pixels that do not belong to the minimum area, and converts the pixel values based on the computing method.

Abstract: Some embodiments of the present invention provide middleware functionality integrated into a module of a network device, such as a router or switch, that is configured to provide application-oriented network (“AON”) services. Some preferred implementations of the invention provide policy-based application services for RFID data, such as conditional routing, security (encryption, identification, authentication and authorization), data translation and/or transformation, data compression, data caching, etc. Some preferred implementations can interpret an application request and route to an appropriate network address of an RFID reader. Preferably, ALE (application-level event) aggregation and filtering can also be performed on behalf of the application. Some methods of the invention allow event data to be sent to applications (including but not limited to business applications) as request-response messages.

Abstract: A system and method for communicating transaction information includes a plurality of client application devices distributed among one or more local client application devices and one or more remote client application devices, and a plurality of gateways distributed among one or more local gateways and one or more remote gateways. The one or more local gateways are configured to communicate the transaction information with the one or more local client application devices, with which the one or more local gateways are associated, using one or more local data formats. The one or more remote gateways are configured to communicate the transaction information with the one or more remote client application devices, with which the one or more remote gateways are associated, using one or more remote data formats.