Abstract: One embodiment of the present invention provides an enhanced authentication system. During operation, the system can obtain, from a remote device of a client, an authentication request prior to the exchange of application layer web traffic associated with a piece of resource protected by the system. The system can then determine, in the authentication request, an indicator indicating whether certificate-based authentication is enforced for the client. If certificate-based authentication is enforced for the client, the system can initiate certificate-based authentication for the client. On the other hand, if certificate-based authentication is not enforced for the client, the system can send information associated with a user interface to the client. The user interface can allow the client to select an authentication method from a set of authentication methods supported by the system.

Abstract: According to an aspect, a first digital system splits a cryptography key into a first key part (S1) and a second key part (S2), stores S1 in a policy-controlled storage which permits storage according to access policies and stores S2 in a local storage of the first digital system. Upon identifying a requirement in a second digital system for the cryptography key, the first digital system configures for the policy-controlled storage a first policy permitting access of S1 to the second digital system and then sends S2 directly to the second digital system. The second digital system reconstructs the cryptography key by retrieving S1 from the policy-controlled storage based on the first policy and forming the cryptography key from the retrieved S1 and S2 received from the first digital system. Thus, a cryptography key is securely stored and used, without having any single point of attack.

Abstract: The present disclosure relates to systems and methods to generate, in real-time, copy suggestions for a directed content for interactive design operations of copy. A generative deep learning model encodes content of the website into an embedded form with context of the content. The model decodes the encoded form of the content based on the user input to generate copy suggestions. Used in conjunction with an interactive copy design client, the present disclosure interactively receives user input to iteratively modify the copy suggestions in real-time while validating a quality of the copy suggestions. The real-time, interactive design of copy for the directed content improves timing, accuracy, and productivity of the design operations.

Abstract: According to an aspect, a first digital system splits a cryptography key into a first key part (S1) and a second key part (S2), stores S1 in a policy-controlled storage which permits storage according to access policies and stores S2 in a local storage of the first digital system. Upon identifying a requirement in a second digital system for the cryptography key, the first digital system configures for the policy-controlled storage a first policy permitting access of S1 to the second digital system and then sends S2 directly to the second digital system. The second digital system reconstructs the cryptography key by retrieving S1 from the policy-controlled storage based on the first policy and forming the cryptography key from the retrieved S1 and S2 received from the first digital system. Thus, a cryptography key is securely stored and used, without having any single point of attack.

Abstract: One embodiment of the present invention provides an enhanced authentication system. During operation, the system can obtain, from a remote device of a client, an authentication request prior to the exchange of application layer web traffic associated with a piece of resource protected by the system. The system can then determine, in the authentication request, an indicator indicating whether certificate-based authentication is enforced for the client. If certificate-based authentication is enforced for the client, the system can initiate certificate-based authentication for the client. On the other hand, if certificate-based authentication is not enforced for the client, the system can send information associated with a user interface to the client. The user interface can allow the client to select an authentication method from a set of authentication methods supported by the system.

Abstract: Systems and methods for enhanced DOM and event mirroring and security in web applications provides an intermediate Master Browser between web content and client devices to improve security and other enhancements.

Abstract: Methods, computer-implemented systems, and apparatus provide for a DRM Migrator that extracts embedded first license information that enables licensed access to content according to a first licensing system. The DRM Migrator sends the first license information to a server compatible with a second licensing system. After sending the first license information to the server, the DRM Migrator receives second license information that enables an end user to create a request for a license that provides access to the content according to the second licensing system. Another embodiment of the DRM Migrator also receives the first license information from a source and generates the second license information. After generating the second license information, the DRM Migrator sends the second license information to the source to enable creation of a request for a license that provides access to the content according to the second licensing system.

Abstract: The present embodiments relate generally to integrated circuit design, and more particularly to techniques that automatically and dynamically create or adjust a highlight set in a graphical user interface for allowing designers to edit layouts in a hierarchical design in a more productive manner. According to certain aspects, in dense designs and/or designs having complete or partial overlapping shapes, embodiments allow for highlighting more than one hierarchy level with tuned parameters that improve the user experience and enhance user work productivity. According to other aspects, embodiments allow for highlighting shapes using colors and/or widths that allow both highlight and shape to be clearly visible and distinguishable.

Abstract: The present embodiments relate generally to integrated circuit design, and more particularly to techniques for providing enhanced visual information about a shape of interest in a hierarchical design. For example, embodiments relate to automatically and dynamically creating or adjust a highlight set in a graphical user interface for providing hierarchical information about shapes in a hierarchical design in a more productive manner, and possibly concurrently with other textual information about shapes that is being displayed. In these and other embodiments, these automatic and/or dynamic highlight sets can be based on the relationship between a current cursor position and shapes of a hierarchical design that is currently being edited using a GUI of a layout editor tool that is adapted with the functionality of the present disclosure.

Abstract: A back brace comprising: a pelvic member configured to be secured to a user such that said pelvic member is essentially immobilized relative to the pelvis of said user; a thoracic member configured to around the user such that said thoracic member is essentially immobilized relative to the thorax of said user; and one or more compliant connectors between said pelvic member and said thoracic member and configured to provide a resistive force between said pelvic member and said at least one thoracic member.

Abstract: In some embodiments, a method includes establishing a secured connection between a client device and a subordinate web service of a single sign-on service for a user, using a shared cryptographic key in a cookie stored on the client device that was transmitted over a different secured connection by a master web service of the single sign-on service, as part of authentication of the user for the single sign-on service.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for document authentication. An electronic document is presented to a user. The electronic document has data representing a signed state and a current state. A disallowed difference between the signed state and the current state is detected, based on one or more rules that are associated with the electronic document. A digital signature associated with the electronic document is invalidated in response to the detecting.

Abstract: Systems and methods for enhanced DOM and event mirroring and security in web applications provides an intermediate Master Browser between web content and client devices to improve security and other enhancements.

Abstract: Systems and methods for enhanced DOM and event mirroring and security in web applications provides an intermediate Master Browser between web content and client devices to improve security and other enhancements.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for document authentication. An electronic document is presented to a user. The electronic document has data representing a signed state and a current state. A disallowed difference between the signed state and the current state is detected, based on one or more rules that are associated with the electronic document. A digital signature associated with the electronic document is invalidated in response to the detecting.

Abstract: A security component may be associated with a network-enabled application. The security component may access a secure store, which may include customization information, which may include one or more graphical user interface customizations defined by a user, and one or more instances of card information. The card information may specify how to authenticate a user's credentials to access a relying party (e.g., web site). The security component may initiate the display of an embedded region of a window drawn by the network-enabled application. At least a part of the appearance of the embedded region of the window may be defined according to the customization information and not by the relying party. The embedded region may provide a user interface for determining user authentication credentials. The customization information and the one or more instances of card information may not be accessible to the relying party.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for document authentication. An electronic document is presented to a user. The electronic document has data representing a signed state and a current state. A disallowed difference between the signed state and the current state is detected, based on one or more rules that are associated with the electronic document. A digital signature associated with the electronic document is invalidated in response to the detecting.

Abstract: Various embodiments of a system and method for a single request and single response authentication protocol are described. A client may send to an authentication server a request to authenticate the identity of a user attempting to access an electronic document protected by a rights management policy. The single request may be generated according to rights management configuration information included within the document. Such rights management information may include one or more parameters for requesting authentication from an authentication server. In response to the request, an authentication server may send a single response to the client. The single response may include information indicating that the identity is authenticated (e.g., a license to access the document, or an encryption key to decrypt the document). The client system may be configured to, in response to the single response, provide access to the document according to the rights management policy.

Abstract: Video media subscribers attempt to circumvent embedded ads in downloads by modifying the media files to render only the content feature. A media program is defined as an integrated set of media files including the requested content feature and the accompanying promotional materials. Media files associated with a particular content feature are stored as an integrated whole, and security tokens computed on selected random portions of the collection of media files that define the media program (content feature and interspersed ads). A hash engine computes a security token on selected blocks of the media files. The security tokens and corresponding metadata are stored in a secure repository. Before rendering the content feature, the hash values are recomputed on the downloaded media program; and compared to the corresponding locations from the stored hash values and metadata.

Abstract: A device and method for assisting a user to articulate a limb. The device has an upper section, a lower section, and at least one joint between the upper and lower section. The device comprises an exoskeleton with a first cuff coupled to the lower section of the user's limb, a second cuff coupled to the upper section of the user's limb and a third cuff coupled to a portion of the user's body above the upper section of the limb. At least one cable is attached to the first cuff and at least one cable is attached to the second cuff. A series of drivers located remotely from the exoskeleton are attached to cables and are connected to a processor. The processor transmits signals to the drivers to vary the lengths of the cables to guide articulation of the user's limb.