Abstract: A playback control device includes a selection means for selecting a moving picture of a moving picture file having a file name satisfying prescribed conditions or a moving picture of a moving picture file having a prescribed file format and a still picture in still pictures and moving pictures, and a playback control means for controlling playback of the still pictures and the moving pictures so that still pictures and the moving pictures selected by the selection means are played back sequentially in the prescribed order.

Abstract: Mobile network services are performed in a mobile data network in a way that is transparent to most of the existing equipment in the mobile data network. The mobile data network includes a radio access network and a core network. A breakout component in the radio access network breaks out data coming from a basestation, and performs one or more mobile network services at the edge of the mobile data network based on the broken out data. These services may require the use of keys. Keys are stored and retrieved from a non-volatile key storage in a way that assures subsystems that need the keys have access to the keys. The keys retrieved from the non-volatile key storage are stored in a shared memory in the requesting subsystem, which allows any applications that requires access to the keys to directly access the keys in the shared memory.

Abstract: The present invention provides a computer-implemented method, performed by a server system having one or more servers and memory storing one or more programs for execution by the one or more servers, the method comprising at the server system: receiving an access request to a network server from a terminal device; determining whether the access request matches a cached record stored in an substitute server; if the cached record is found, returning the cached record to the terminal device; if no cached record is found, processing the access request for security check; forwarding the processed access request to the network server; receiving a response from the network server; optimizing the response from the network server; and forwarding the optimized response to the terminal device.

Abstract: Provided is a two-actor user authentication system with a reduced risk of leakage of authentication information. The two-factor user authentication system is designed to use, as a password, a one-time-password derivation rule to be applied to certain pattern elements included in a presentation pattern at specific positions so as to create a one-time password, and further use, as a second authentication factor, information identifying a client to be used by a user. An authentication server is operable to generate a pattern seed value adapted to uniquely specify a presentation pattern in combination with a client ID, and transmit the pattern seed value to an authentication-requesting client. The authentication-requesting client is operable to create a presentation pattern based on a client ID acquired therefrom, and display the presentation pattern to allow a user to enter thereinto a one-time password based on the presentation pattern.

Abstract: Various methods and systems include exemplary implementations for a security-activated operational component. Possible embodiments include but are not limited to obtaining access to an object data file configured to implement various functional operation regarding one or more objects; verifying validity of an authorization code associated with the object data file; and controlling operation of the operational component to enable or prevent its activation pursuant to the authorization code in accordance with one or more predetermined conditions.

Abstract: A system for enforcing rights management policies in a collaborative environment is provided. The system may reside at a collaboration host and may include a session manager to manage a collaborative session associated with a plurality of participants, a shared view detector to detect a request to distribute shared content to participants of the collaborative session, a policy module to obtain a rights management policy associated with at least a portion of the shared content, a filter generator to generate a filter based on the obtained rights management policy, and a shared view distributor to distribute the shared content to the participants of the collaborative session together with the filter.

Abstract: The invention relates to a method of receiving and securely recording digital data comprising a step for recording said digital data on a secured disk by a recorder/receiver belonging to a determined secured domain comprising several equipment items and defined by an identifier, a step for recording on the secured disk the identifier of the domain of the recorder/receiver to define this domain as the only domain in which the reproduction/copying of the multimedia content is authorized, wherein it comprises a prior step for recovering a disk key from the secured disk, and in that the domain identifier is encrypted by said disk key and the digital data is scrambled by title keys, said title keys being encrypted by said disk key. The invention also relates to a method of securely distributing digital data, an access device and a recorder/receiver.

Abstract: A system and method for defining code by its functionality is disclosed. The technology initially accesses a portion of code. Once the portion of code is accessed at least one functional operation embedded in the code is determined. When the functional operation in the code is determined, the portion of code is then defined by the functional operation. In so doing, the portion of code can be defined by functional operation without requiring the consideration of any semantics related to the portion of code.

Abstract: This present application relates to, among other things, Key Caching, QoS and Multicast extensions and improvements to the Media-independent Pre-Authentication (MPA) framework, a new handover optimization mechanism that has a potential to address issues on existing mobility management protocols and mobility optimization mechanisms. MPA is a mobile assisted, secure handover optimization scheme that works over any link-layer and with any mobility management protocol.

Abstract: An editing apparatus that executes editing processing with an encoded stream as an edit material is disclosed. The apparatus includes: an input means for receiving an operation input for designating the edit material used for editing, an editing effect, and start and end timing of the editing effect; an editing processing unit setting means for setting an editing processing unit of the edit material such that the editing effect at least a part of which until the editing effect ends after starting of the editing effect overlaps is included in one editing processing unit; a minimum encoding section setting means for setting a minimum encoding section; and an after-editing stream creating means for creating a part of an after-editing encoded stream by decoding the edit material, giving the editing effect included in the editing processing unit, and performing encoding on the basis of setting of the minimum encoding section.

Abstract: Embodiments of the invention relate to systems, methods, and computer program products for login initiated remote scanning of computer devices. The present invention detects login to the network via access management systems. The login data provides information that identifies the device so that the device can be checked against a scan database to determine if and when a previous scan occurred. Based on the findings in the scan database determinations are made as to whether to perform a scan. Additionally, the level of scanning can be determined based on previous scan dates and previous scan results, which may dictate customized scanning. In addition, the priority of the impending scan may be dictated by previous scan dates and results. Further embodiments provide for assessing risk, such as risk scoring or the like, concurrently or in near-real-time with the completion of the scan so that alerts may be communicated.

Abstract: A method for enabling security on a mobile terminal having a communication link with a circuit switched network against suspicious activities is provided. Activities performed at the mobile terminal are performed according to a security policy provided from the circuit switched network. Detection of a suspicious activity is alerted to the circuit switched network when the suspicious activity is detected. A policy manager server of the circuit switched network changes the security policy to cure the suspicious activity on the mobile terminal. Call traffic delivered to/sent from the mobile terminal is filtered out, which causes the suspicious activity according to the security policy. The mobile terminal enforces a security measure on a suspicious activity according to the security policy.

Abstract: Methods and apparatuses for performing secure incremental backup and restore operations are disclosed.

Abstract: A system, method, and computer program product are provided for directing predetermined network traffic to a honeypot. In use, predetermined network traffic originating from a node in a local area network and/or a virtual private network is identified. Further, the predetermined network traffic is directed to a honeypot.

Abstract: A method and apparatus for safe and secure access to dynamic domain name systems. In one embodiment a method comprises transmitting a DNS query to a dynamic DNS server. The DNS query comprises a domain name. A DNS answer is received from the dynamic DNS server in response to transmitting the DNS query. The DNS answer comprises an IP address. A request is transmitted to a host at the IP address in response to receiving the DNS answer. A digital certificate is received in response to transmitting the request. The received digital certificate is then compared with each of a plurality of digital certificates stored in memory. The IP address is transmitted to a client computer system if the received digital certificate compares equally with one of the plurality of digital certificates.

Abstract: A method for securing intellectual property includes establishing contact between an IP server and a client. At least two component codes are shared and pre-stored in both the player and the server prior to ordering the intellectual property. The IP server accepts an order for an intellectual property product from the client. The IP server creates a shared private key based on the pre-stored shared component codes and an additional shared component code at the time the intellectual property product is ordered. The shared private key is not distributed to the player software. The IP server encrypts the intellectual property product with the created shared private key prior to distribution to the client. The intellectual property product further comprises content data and rights data in digital form. The IP server electronically distributes the intellectual property product to the client in encrypted form without the shared private key.

Abstract: An apparatus providing for a secure execution environment. The apparatus includes a microprocessor and a secure non-volatile memory. The microprocessor is configured to execute non-secure application programs and a secure application program, where the non-secure application programs are accessed from a system memory via a system bus. The secure non-volatile memory is coupled to the microprocessor via a private bus. The secure non-volatile memory is configured to store the secure application program, where transactions over the private bus between the microprocessor and the secure non-volatile memory are isolated from the system bus and corresponding system bus resources within the microprocessor.

Abstract: The present invention relates to a data scanning circuit and method. According to the present invention, a memory circuit stores a plurality of codes. Each of the code corresponds to a sub-rule. The memory circuit outputs at least first bit and at least second bit of each code, respectively, according to a first and a second data items. An operational circuit performs logic operations on the first and second bits, and produces an operated result. A decision circuit decides whether the input data satisfies the scanning rule according to the operated result.

Abstract: An authorization engine is provided in a remote device for mobile authorization using policy based access control. To ensure that remote devices can enforce consistent authorization policies even when the devices are not connected to the server, the remote device downloads the relevant authorization policies when the business objects are downloaded and enforces the policies when operations are invoked. The memory footprint of downloadable authorization policies is reduced to fit onto a resource-constrained remote device. A policy evaluation engine interprets and enforces the downloaded policies on the remote device using only the limited computational resources of the remote device.

Abstract: A system for secure information storage and delivery includes a vault repository that includes a secure vault associated with a user, wherein the secure vault is configured to receive at least one data entry. A mobile vault server coupled to the vault repository creates a mobile vault on a mobile device based on the secure vault and is capable of authenticating the mobile device based on user authentication information. The mobile vault server includes a mobile device handler that communicates with the mobile device. A synchronization utility determines whether the at least one data entry on the secure vault is transferable to or storable on the mobile vault. and transfers the data entry from the secure vault to a corresponding data entry on the mobile vault if the at least one data entry on the secure vault is determined to be transferable to or storable on the mobile vault.