Abstract: The invention provides a method for managing access to a network resource on a network from a mobile device, the method including the steps of intercepting a data stream from the mobile device attempting to access the network resource, extracting information from the intercepted data stream relating to at least one of the mobile device or a user of the mobile device, accessing at least one of enterprise service based information and third party information regarding at least one of the mobile device or the user of the mobile device, determining whether the mobile device is authorized to access the network resource, preparing an access decision that specifies whether the mobile device is authorized to access the network resource, and storing the access decision in a database on the network.

Abstract: A policy proxy intercepts a data stream between a data server and a user or other device, identifies the user device, and identifies a policy in an integrated policy server applicable to the user device based on the identity of the user device. The policy proxy may identify one or more of the policy elements based on the user device, and translate the policy elements into actions involving the data stream between the data server and the user device so as to implement at least one aspect of the identified policy. The actions can comprise permitting normal exchange of data between the data server and the user device, preventing communication between the data server and the user device, or modifying the data stream between the data server and the user device.

Abstract: Policy is provided from an integrated policy server to a mobile device, comprising identifying a policy in an integrated policy server applicable to the mobile device and supplying policy elements to policy transports for transmission to the mobile device. Policy can also be provided from an integrated policy server to a mobile device, including identifying a policy in the integrated policy server applicable to the mobile device, determining whether the mobile device is in compliance with the policy, and supplying policy elements to policy transports for transmission to the mobile device when the mobile device is not in compliance with the policy. Access to a data server by a mobile device can be controlled, including identifying a policy in an integrated policy server applicable to the mobile device, and determining whether the mobile device is in compliance with the policy.

Abstract: The invention relates to providing policy from an integrated policy server to a mobile device, comprising identifying a policy in an integrated policy server applicable to the mobile device and supplying policy elements to policy transports for transmission to the mobile device. The invention also relates to providing policy from an integrated policy server to a mobile device, including identifying a policy in the integrated policy server applicable to the mobile device, determining whether the mobile device is in compliance with the policy, and supplying policy elements to policy transports for transmission to the mobile device when the mobile device is not in compliance with the policy. The invention further relates to controlling access to a data server by a mobile device, including identifying a policy in an integrated policy server applicable to the mobile device, and determining whether the mobile device is in compliance with the policy.

Abstract: The invention relates to providing policy from an integrated policy server to a mobile device, comprising identifying a policy in an integrated policy server applicable to the mobile device and supplying policy elements to policy transports for transmission to the mobile device. The invention also relates to providing policy from an integrated policy server to a mobile device, including identifying a policy in the integrated policy server applicable to the mobile device, determining whether the mobile device is in compliance with the policy, and supplying policy elements to policy transports for transmission to the mobile device when the mobile device is not in compliance with the policy. The invention further relates to controlling access to a data server by a mobile device, including identifying a policy in an integrated policy server applicable to the mobile device, and determining whether the mobile device is in compliance with the policy.

Abstract: The invention relates to providing policy from an integrated policy server to a mobile device, comprising identifying a policy in an integrated policy server applicable to the mobile device and supplying policy elements to policy transports for transmission to the mobile device. The invention also relates to providing policy from an integrated policy server to a mobile device, including identifying a policy in the integrated policy server applicable to the mobile device, determining whether the mobile device is in compliance with the policy, and supplying policy elements to policy transports for transmission to the mobile device when the mobile device is not in compliance with the policy. The invention further relates to controlling access to a data server by a mobile device, including identifying a policy in an integrated policy server applicable to the mobile device, and determining whether the mobile device is in compliance with the policy.

Abstract: The invention provides a method for managing access to a network resource on a network from a mobile device, the method including the steps of intercepting a data stream from the mobile device attempting to access the network resource, extracting information from the intercepted data stream relating to at least one of the mobile device or a user of the mobile device, accessing at least one of enterprise service based information and third party information regarding at least one of the mobile device or the user of the mobile device, determining whether the mobile device is authorized to access the network resource, preparing an access decision that specifies whether the mobile device is authorized to access the network resource, and storing the access decision in a database on the network.

Abstract: A content distribution system and method which prevents unauthorized access to secured content such as movies and music. The system includes a source, a receiver, an authorized security device such as a conditional access module (CAM) for decrypting authorized content and an output device for outputting content. The system can also include a backend for managing accounts and system operations. One aspect of this invention is that the content data is derived from the Internet. The system allows for the verification of authorization to play secured content, the addition of watermarks to the secured content, the conversion of the secured content to a displayable form and the means for preventing output of the secured content.

Abstract: A system and method for performing an electronic transaction, including registration, audit and trusted recovery features. A transaction request message is received from a registered user that includes an unblinded validated certificate, and a blinded unvalidated certificate. If the unblinded validated certificate is determined to be legitimate, then a transaction can be performed, and the blinded unvalidated certificate is validated to obtain a blinded, validated certificate that is sent to the user. An audit protocol can be used to further verify the legitimacy of the transaction request message, and a user can recover from a broken connection by replaying a protocol run.

Abstract: A computer network security arrangement and method are disclosed which provides in a distributed complex computer network an authentication and authorization access for limiting access to network devices. The different levels of authentication involve the login/password process; comparison against access control lists; and mandatory program protocol control. Included are audit trails for authenticated calls and denied access calls.