Abstract: In order to create and access a secure storage account in a non-volatile memory device, an account identification value is calculated. A memory identification value is read from a first non-volatile memory device. The memory identification value and the account identification value are transmitted to a second non-volatile memory device, and a calculated credential is received. A command is transmitted to create a secure storage account in the first non-volatile memory device, where the command contains the credential and the account identification value. To access the account, a sequence is transmitted, containing the account identification value and a value based on the credential. A secure storage system contains a first non-volatile memory device that stores a memory identification value and contains a secure partition accessible using a credential, a second non-volatile memory device that can compute the credential, and a host adapted to create and access the secure partition.

Abstract: A method for interpreting messages, user-defined alert conditions, voice commands and performing an action in response is described. A method for annotating media content is described. A method for presenting additional content associated with media content identified based on a fingerprint is described. A method for identifying that an advertisement portion of media content is being played based on a fingerprint derived from the media content is described. A method of one media device recording particular media content automatically in response to another media device recording the particular media content is described. A method of concurrently playing media content on multiple devices is described. A method of publishing information associated with recording of media content is described. A method of deriving fingerprints by media devices that meet an idleness criteria is described. A method of loading, modifying, and displaying a high definition frame from a frame buffer is described.

Abstract: A vehicle black box technique guarantees the integrity of vehicle data stored in a black box in real time by forming input data streams as block data and performing a signature using a signing key and nested hashing. Each vehicle black box includes a reliable unique signing key supporting a non-repudiation function. An error correction function is provided by a unique algorithm for generating integrity verification data even when an error occurs from the vehicle data.

Abstract: A computer security system comprises a secure platform adapted to receive sensitive data from an agent. The secure platform is also adapted to cooperate with a trusted platform module (TPM) to encrypt the sensitive data via a TPM storage key associated with the agent.

Abstract: Methods and devices provide a secure virtual environment within a mobile device for processing documents and conducting secure activities. The methods and devices create a secure application environment in which secure data and documents may be segregated from unsecured data using document encryption, allowing the application of security policies to only the secure application environment. The creation of a secure application environment allows users to access and manipulate secure data on any mobile device, not just specifically designated secure devices, without having to secure all data on the mobile device, while providing the corporate entity with necessary document security. The methods and devices provide for securing data on a mobile device at the data level using encryption.

Abstract: The present invention relates to an image encrypting/decrypting system and method devised in such a way that: a transmitter and a receiver for transmitting and receiving moving images share a seed for encrypting and decrypting the moving images; the transmitter transmits moving images after encrypting the moving images by dividing them into segment units and mixing the time sequencing of the images in each of the segments in accordance with a random number generated by means of the seed; and the receiver decrypts the moving images which it receives, by sorting them in segment units and then restoring the time sequencing of the images in each of the segments in accordance with the random number generated by means of the seed.

Abstract: Extensions to the Fragment Mapping Protocol are introduced which protect a disk array from malicious client access by exporting file system access information to the storage device. FMP requests received at the storage device can be authorized at a block granularity prior to completion, thereby limiting the exposure of the disk array to malicious clients. Client authorizations can be cached at the storage device to enable the permissions to be quickly extracted for subsequent client accesses to pre-authorized volumes.

Abstract: What is provided are a system and method which enables an organization or user to manage computational services in a cloud computing network for security, compliance and governance. The management including creating a trusted virtual network including encrypted data storage, encrypted data transport, and trusted instances of servers all communicatively coupled together forming a trusted cloud computing environment that is associated with the organization. A web portal running on a web server provides a point of access to the cloud computing environment. A workflow is accessed to implement one or more policies in trusted computing environment to manage the trusted cloud computing environment, the workflow customized to the organization. The access control; and to the trusted cloud computing environment is used to ensure access by users authorized by the organization to ensure compliance with adopted standards.

Abstract: Techniques are disclosed for hiding sensitive information from a provider of support services. In one embodiment, a first network device determines that network device information includes non-sensitive data and sensitive data. In response to the determining, the first network device generates mapping data that maps dummy information to the sensitive data. The first network device generates output data that comprises the non-sensitive data and the dummy data and sends the output data to a second network device. In other embodiments, the user may select the network parameters that are sensitive. The first network device may also receive first report data from the second network device that identifies a network problem and includes the dummy data and generate second report data by using the mapping data to replace the dummy information with the sensitive data.

Abstract: A programmable cryptography circuit includes memory-based cells defining the logic function of each cell, integrating a differential network capable of carrying out calculations on pairs of binary variables, including a first network of cells implementing logic functions on the first component of the pairs and a second network of dual cells operating in complementary logic on the second component of the pair. A calculation step includes a precharge phase, in which the variables are put into a known state at the output of the cells, and an evaluation phase in which a calculation is made by the cells. A phase of synchronizing the variables is inserted before the evaluation phase or the precharge phase in each cell capable of receiving several signals conveying input variables, the synchronization being carried out on the most delayed signal.

Abstract: Secure functions may be accessed via an authentication process utilizing a password that may be generated within a chip integrated on a device. The password may be unique per chip location, per challenge and/or per chip. The location of the chip may be determined based on GPS information and securely stored and securely communicated to an external entity. Two or more of the chip location, a generated random number sample and a key from a table of keys may be passed to a hash function that may generate a password. An external entity attempting access may be challenged to respond with a password that matches the password generated by the hash function. The response may be compared with the password generated by the hash function and access to one or more secure functions may be granted based on the comparison.

Abstract: Implementing security access includes receiving a request to perform an activity over a network and administering a cognitive test responsive to the request. The administering includes randomly selecting a set of related images from a database of images, randomly selecting one image that is unrelated to the set of related images, displaying the set of related images along with the image that is unrelated to the set of related images, and prompting a user to identify the image that is unrelated to the set of related images. Implementing the security access also includes processing results of the cognitive test, and executing the activity when it is determined from the processing that the cognitive test has been successfully completed.

Abstract: A codec for encoding and decoding video data capable of downloading streaming video and data contents from a number of different types of sources (e.g., antennas, cable, and computer networks). The video files may thereafter be retrieved, processed, and provided for viewing (e.g., on a standard television set, a high-definition television set, flat panel display, computer monitor, or an equivalent output device). One embodiment of the invention enables a user to download new coder/decoder (Codec) software.

Abstract: A method is disclosed for adjusting a security interface display on an electronic device. The method comprises a user of an electronic device requesting a change in the display of an interface for entering security code information on the device. The device presents to the user a variety of options related to the manner in which the graphical elements of the security interface may be displayed. The user may select any one or more of the display options. The electronic device thereafter displays a security interface with graphical elements displayed according to the user's selection.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for monitoring the generation of link files by processes on a computer and performing protection processes based on whether the link files target malicious objects or are generated by malicious processes.

Abstract: When hardware connected to an image forming apparatus is detected, a check is performed as to whether the hardware was used with another image forming apparatus, and, if used, a license of an application that is operated by the hardware is automatically transferred so that the application can be used in the image forming apparatus to which the hardware is connected.

Abstract: Provided is a method for controlling an information processing system including a relay service device, an intermediate service device, and an authentication service device. The control method includes transmitting an authentication request from the intermediate service device to the intermediate service device; acquiring a first access token from the authentication service device that has made a success of authentication; storing the first access token; comparing the stored first access token with a second access token included in an execution request of an relation processing upon reception of the processing execution request from the relay service; and executing processing received from the intermediate service device when it is determined in the comparing that the first access token matches the second access token or not executing the processing when it is determined in the comparing that the first access token does not match the second access token.

Abstract: The invention relates to a method for the temporary personalization of a communication device (1). After producing a communication connection (4) between the communication device (1) and an authentication device (2), an authentication request (6) is transmitted from the authentication device (2) to the communication device (1). A unique feature (7) of the user is then acquired and transmitted to the authentication device (2) by acquisition means of the communication device (1), where it is compared to a stored reference feature (30). Upon correspondence, a user identification (10) is transmitted to the communication device (1). The invention further relates to a communication device and an authentication device which are implemented to carry out the method.

Abstract: A method and device for tracking error propagation and refreshing a video stream is provided. The proposed subject matter comprises of an error propagation tracking method that works in the sub-sampled domain to reduce computational cycles and memory bandwidth. Further, the tracking based update of the error propagation metric is done differently for static and non-static regions to avoid unnecessary refresh of static areas. Through suitable thresholding of the metric at a macroblock (MB) level, a set of refresh MBs are selected for each frame. These refresh MBs are coded either as an intra MB or as an inter MB that is predicted from one or more reliable reference frames (—frames that are known to be available at the decoder with negligible errors—). Such inter coding of refresh MBs improves the compression efficiency when compared to pure intra coding of refresh MBs.

Abstract: Methods and a tool or instrument for performing the methods of protecting a computer program with a parameter cloud are disclosed. A parameter cloud comprising a plurality of elements may be created. Called functions of a computer program may have defined expected parameter cloud states so that proper behavior of the called function is achieved when the parameter cloud state is the expected parameter cloud state. An expected parameter cloud state may include a selected set of elements of the parameter cloud having assigned values. Static portions of the called functions may depend on a current parameter cloud state, and calling functions may transform the parameter cloud state prior to calling their respective called functions. The methods and instrument may operate on original source code or post-binary targets of the computer program. A fingerprint may be used to identify a specific computer program from a sequence of state transitions.