Abstract: Devices, methods, and computer-readable medium for secure frame management. The techniques disclosed herein provide an intelligent method for detecting triggering items in one or more frames of streaming video from an Internet Protocol camera. Upon detection, the camera transmits one or more frames of the video over a network to a computing device. Upon detecting a triggering item in a frame of the video stream, the computing device can begin a streaming session with a server and stream the one or more frames of video and accompanying metadata to the server. The frames, metadata, and associated keys can all be encrypted prior to streaming to the server. For each subsequent segment of video frames that includes the triggering item, the server can append the frames of that segment to the video clip in an encrypted container. Once the triggering item is no longer detected, the streaming session can be closed.

Abstract: A terminal device that acquires record information recorded on an IC card and performs information processing includes: a terminal key acquisition unit configured to acquire a terminal key from a terminal key card different from the IC card; and an authentication unit configured to perform connection authentication with a server performing the connection authentication with the own terminal device using the terminal key.

Abstract: A device bootstrap method and a terminal configured to send a bootstrap request to a server, wherein the bootstrap request includes a node identifier (ID) and a transmission channel parameter of the terminal, receiving an acknowledgment message carrying a transmission channel selected by the server, where the transmission channel is determined based on the transmission channel parameter, receiving a temporary ID indication message including a temporary ID and a temporary key sent by a forwarding apparatus, where the forwarding apparatus is a network element that is configured to send a message to the terminal through the transmission channel selected by the server, and wherein the terminal is further configured to establish a secure communication channel with the server according to the temporary ID and the temporary key.

Abstract: Methods and apparatus for dynamic pricing and scheduling of network data transfers are disclosed. A system a plurality of network-accessible resources and a data transfer coordinator. In response to a client request for a network transfer of a data set, the coordinator determines, based at on a network-related metric of one or more resources, at least one time window during which a portion or all of the data set is transferable for a pricing rate below a threshold. The coordinator notifies the client of the time window and provides a duration-limited token authorizing data transfer during the window. The coordinator determines whether a network transmission of data on behalf of the client is valid based at least in part on a time at which the transmission is initiated and at least in part on a use of the token.

Abstract: A system for tracking events of interest can include at least one volatile counter; a nonvolatile storage coupled to the at least one volatile counter, the nonvolatile storage storing a bit for each top volatile count number of events identified by the at least one volatile counter; a backup power source coupled to the at least one volatile counter; and readout circuitry and control logic coupled to the one or more of the at least one volatile counter and to the nonvolatile storage, the readout circuitry and control logic being configured to control operations of the at least one volatile counter during an error event and determine a total number of events.

Abstract: In some implementations, a system is capable of managing keys for encrypting media streams over UDP communications between a media source and an associated server. A key is initially generated for encrypting a media stream captured by a media source device associated with a monitoring system of a property. A first instruction is provided to the media source device and over a secure communication channel. The first instruction causes the media source device to encrypt the media stream using the key when received by the media source device. A second instruction is generated for decrypting the encrypted media stream. The second instruction is provided to a computing device associated with the property. The second instruction causes the computing device to decrypt the encrypted media stream when received by the computing device.

Abstract: A card activation device includes a first control unit and a central control unit. In response to a first control command, the central control unit provides first authentication data to the first control unit and the first control unit transmits the first authentication data to the data storage device. After the first authentication data is transmitted to the data storage device, the central control unit provides second authentication data to the first control unit and the first control unit transmits the second authentication data to the data storage device. After the second authentication data is transmitted to the data storage device, the card activation device enters a fully locked state and performs an authentication procedure for authenticating the data storage device. Before the data storage device has passed the authentication procedure, the central control unit is not allowed to transmit any data to the data storage device.

Abstract: A system for tracking events of interest can include at least one volatile counter; a nonvolatile storage coupled to the at least one volatile counter, the nonvolatile storage storing a bit for each top volatile count number of events identified by the at least one volatile counter; a backup power source coupled to the at least one volatile counter; and readout circuitry and control logic coupled to the one or more of the at least one volatile counter and to the nonvolatile storage, the readout circuitry and control logic being configured to control operations of the at least one volatile counter during an error event and determine a total number of events.

Abstract: A method implemented on an electronic computing device for authenticating a user includes receiving authentication information from the user. The authentication information is processed to generate a transformed authentication value, such that the received authentication information is unrecognizable from the transformed authentication value. A reference authentication value is obtained. The reference authentication value is unrecognizable from the received authentication information. The transformed authentication value is compared with the reference authentication value. When the transformed authentication value matches the reference authentication value, the user is authenticated.

Abstract: A video encoder (2) is disclosed for sending video data to a server (4) over a channel. A video compressor (16) can compress video data using an adjustable compression factor. A multiplexer/pack constructor (18) can receive compressed video from the compressor, together with non-video data, and can queue data for transmission. A bandwidth monitor (20) is provided for monitoring the performance of the channel based on the behaviour of transmitted data packets, including their round-trip travel time to and from the server (4). The compressor (16) can modify the adjustable compression factor based on the performance of the channel, as determined by the bandwidth monitor, and the amount of non-video data received by the packet constructor. This can permit transmission of non-video data without disrupting the live video feed or introducing any delay.

Abstract: A computer-implemented method includes: monitoring and receiving, by a computing device, metadata relating to a musical project, wherein the metadata includes information identifying a plurality of individual contributors involved in the production of the musical project; storing, by the computing device, the metadata; receiving, by the computing device, a query related to the musical project; accessing, by the computing device, the stored metadata to generate a response to the query based on the stored metadata; and providing, by the computing device, a response to the query for display to a user.

Abstract: A method of renormalizing high-resolution oscillator peaks, extracted from windowed samples of an audio signal, is disclosed. Feature vectors are generated for which variations in both fundamental frequency and time duration of speech are substantially mitigated. The feature vectors may be aligned within a common coordinate space, free of those variations in frequency and time duration that occurs between speakers, and even over speech by a single speaker, to facilitate a simple and accurate determination of matches between those AFDVs generated from a sample of the audio signal and corpus AFDVs generated for known speech at the phoneme and sub-phoneme level. The renormalized feature vectors can be combined with traditional feature vectors such as MFCCs, or they can be used exclusively to identify voiced, semi-voiced and unvoiced sounds.

Abstract: In one embodiment, an apparatus includes a processor circuit; a media distribution component for execution on the processor circuit to manage presentation of a media presentation on multiple electronic displays, the media presentation comprising a video part and an auxiliary data part, the auxiliary data part comprising sensor data corresponding to the video part, the media distribution component to manage presentation of the video part on an external display and the auxiliary data part on an integrated display. Other embodiments are disclosed and claimed.

Abstract: The present invention discloses a system and method for confidential data management, which is adapted for managing confidential data saved at a private space of a USB disk. The private space is needed to have a specific password to decrypt. The method comprises the following steps: determining that character strings inputting by a user matches the specific password or not; if matches, decrypting the private space; capturing an IP address of a computer device connected to the USB disk; transmitting the IP address to a remote management server; analyzing the IP address by the remote management server so as to locate a current position of the USB disk.

Abstract: A content reproducing device decrypts and outputs an encrypted content encrypted by a content key received from a content transmitting device. The content reproducing device includes a content key obtaining unit for obtaining the content key, and a storage unit for storing the key unique to the content transmitting device, usage restriction information to restrict the usage of the key unique to the content transmitting device, and link information indicating linking of the content transmitting device and the content reproducing device. The content reproducing device also includes a key decryption unit for decrypting the content key with the key unique to the content transmitting device in the event that the content reproducing device is included in the stored link information unit, and a usage control unit for restricting usage of the key unique to the content transmitting device, based on the stored usage restriction information.

Abstract: According to an embodiment, a reading apparatus is connectable with an information processing apparatus connected to a server apparatus. The reading apparatus includes an authenticator, a cryptographic processor, and a transmitter. The authenticator acquires a shared key by performing an authentication/key exchanging process with the server apparatus. The cryptographic processor acquires secret information and encrypts the secret information using the shared key. The transmitter transmits the encrypted secret information to the server apparatus.

Abstract: A method and system provide, using a microprocessor of computing device associated with a web publisher, content including a web page. The method includes accessing, by the web publisher, a list including at least one extension associated with a web browser rendering the content at a second computing device, and a key generated based on the content, the key being generated at a specific time after the providing. The method includes comparing a value associated with the key to an expected value to determine a difference between the key and the expected value.

Abstract: An apparatus and a method for encrypting and decrypting data in a device are provided. The apparatus includes a processor and a memory. The processor is configured to transmit a data command from an application to an encryption driver that executes in a kernel space, determine if the application is authenticated to perform the data command based on an access policy, transmit, when the application is authenticated, a first key to a cryptographic library that executes in an application space, and perform the data command based on the first key after receiving a response via the cryptographic library. The first key is stored in an encryption driver in the kernel space and is not available to applications in the application space.

Abstract: A user equipment (UE). The UE comprises a memory module, wherein the memory module is one of a subscriber identity module (SIM), a universal integrated circuit card (UICC), a universal subscriber identity module (USIM), or a removable user identity module (R-UIM), wherein clock signals from a second clock component are input to the memory module. The memory module comprises an application stored in a trusted security zone in the second non-transitory memory, that when executed by the second processor in the trusted security zone, wherein the second operating system accesses the second processor to implement instructions for applications in the second operating system, wherein the trusted security zone provides hardware assisted trust, compares a first mobile equipment identifier (MEID) stored in the first non-transitory memory with a second MEID stored in the memory module.

Abstract: A system for securely providing streaming media content on-demand may include a plurality of receiving devices in which each receiving device may request the same or different streaming media content (e.g., stored at a content storage system of a content delivery network) on-demand using VOD or other available on-demand services and/or applications associated with, in communication with or running on the respective receiving devices. In response, the content storage system of the content delivery network will encrypt the requested content uniquely for each received request (e.g., according to an encryption key that is unique for each or virtually each request) and deliver the encrypted requested content to the appropriate respective receiving device of the receiving devices.

Abstract: Methods and systems for scrubbing confidential insurance account information are provided. According to embodiments, a scrubbing server can receive a request to scrub confidential insurance data that includes the contents of an insurance account information database and an indication of the category of confidential data stored in the database. The scrubbing server can scrub the valid data contained in the received database, replacing confidential information with “scrambled” data that is not confidential. The scrubbing server can transmit the contents of the scrubbed database back to the requesting party.

Abstract: A system, method, and computer program is provided which monitors a plurality of digital media devices that are at a remote location. Each of the plurality of digital media devices is associated with a respective plurality of functions. While monitoring the plurality of digital media devices, data is received indicating that a lock mode is to be enabled for the plurality of digital media devices such that a subset of the plurality of functions is disabled. Based on the received data indicating that the lock mode is to be enabled, a command is transmitted to at least one of the plurality of digital media devices to disable the subset of the plurality of functions.

Abstract: The present application describes dashboard user interfaces, methods, systems, and transactional environments for automated reinsurance negotiation, benchmarking, compliance, and auditing. During the automated process, in some embodiments, a quote template engine aids the user in customizing quote requests and follow-on quote information based upon learned parameters used in past negotiations, a real-time notification engine alerts parties to the negotiation when new information is available and/or automatically presents updating information for user review, and an audit trail management engine tracks information shared during the negotiation and stores the steps of the negotiation for later audit review. Further, a data mining engine may analyze the audit trail information to identify negotiation metrics related to the parties participating in the transactional environment.

Abstract: Described is a process for securely authorizing access to media content from a first device to a second device. Access to content may be authorized by performing authentication from the first device. Information used for authentication (e.g. login information) is not shared with the second device. Instead, a token may be used to authenticate the second device. The authorization process may be done in a secure manner by sharing only the generated token with the second device. Authentication information may not be derived from the token, and accordingly, even if the second device is not secure or the token is exposed, authentication information remains secure.

Abstract: A method of renormalizing high-resolution oscillator peaks, extracted from windowed samples of an audio signal, is disclosed. Feature vectors are generated for which variations in both fundamental frequency and time duration of speech are substantially mitigated. The feature vectors may be aligned within a common coordinate space, free of those variations in frequency and time duration that occurs between speakers, and even over speech by a single speaker, to facilitate a simple and accurate determination of matches between those AFDVs generated from a sample of the audio signal and corpus AFDVs generated for known speech at the phoneme and sub-phoneme level. The renormalized feature vectors can be combined with traditional feature vectors such as MFCCs, or they can be used exclusively to identify voiced, semi-voiced and unvoiced sounds.

Abstract: A computer system includes a mechanism supporting a Secure Object that includes information that is cryptographically protected so that other software on the computer system cannot access or undetectably tamper with the information, thereby protecting both a confidentiality and an integrity of the Secure Object information from other software while making an unencrypted form of the Secure Object information available to the Secure Object itself during execution of the Secure Object. The Mechanism includes a crypto engine that decrypts and integrity-checks Secure Object information as the Secure Object information moves into the computer system from external storage and encrypts and updates an integrity value for Secure Object information as the Secure Object information moves out of the computer system to the external storage.

Abstract: A system, method, and computer program for remotely managing a digital device is provided. One or more digital devices are monitored. At least one matter associated with the one or more digital devices is identified. A resolution to address the at least one matter is generated. The resolution is then distributed from a remote location.

Abstract: A method substantially as shown and described the detailed description and/or drawings and/or elsewhere herein. A device substantially as shown and described the detailed description and/or drawings and/or elsewhere herein.

Abstract: Methods and systems for scrubbing confidential insurance account information are provided. According to embodiments, a scrubbing server can receive a request to scrub confidential insurance data that includes the contents of an insurance account information database and an indication of the category of confidential data stored in the database. The scrubbing server can scrub the valid data contained in the received database, replacing confidential information with “scrambled” data that is not confidential. The scrubbing server can transmit the contents of the scrubbed database back to the requesting party.

Abstract: A camera includes logic to capture images and video (collectively, ‘media’) and to store the captured media internally to the camera in an encrypted format; the encrypted format including multiple regions encrypted with different keys, each key corresponding to a human subject or object identified in the media.

Abstract: Implementations for a secure remote kernel module signing are disclosed. In one example, the method includes receiving an indicator of a public key associated with a client computing device, determining that the public key associated with the client computing device is in common with a public key associated with a first server computing device, compiling the script, signing the compiled script with a private key that is associated with the public key that is in common with the client computing device and the first server computing device without generating a new private key, and sending the signed compiled script to the client computing device.

Abstract: To aim provide a software update apparatus including an install module group composed of a plurality of install modules. Each of the install modules has a function of receiving, from an external server, a replacement protection control module to be used for updating a protection control module having a function of verifying whether a predetermined application has been tampered with. Each of the install modules simultaneously running is verified by at least another one of the install modules simultaneously running, as to whether the install module has a possibility of performing malicious operations. If any of the install modules is verified as having the possibility of performing the malicious operations, any another one of the install modules that is verified as not having the possibility revokes the any install module verified as having the possibility.

Abstract: Computationally implemented methods and systems are described herein that are designed to, among other things, accepting an output of a surveillance device; encrypting at least a part of the output of the surveillance device with a level-one encryption key whose decryption key is inaccessible by a level-one encryption entity; and transmitting a level-one encrypted output of the surveillance device.

Abstract: A method for transferring content from a server (2) onto a recording medium (14), said server (2) being accessible via a communication network (4), comprises the following steps: a) connecting said recording medium (14) to a networkable device (3), b) establishing a connection between the networkable device (3) and said server (2) via said communication network (4), and c) transferring content from said server (2) onto said recording medium (14) via said networkable device (3), wherein at least one of steps b) and c) is managed by an application which is provided on said recording medium (14) and which is activated or is activatable after said recording medium (14) has been connected to said networkable device (3).

Abstract: A method of provisioning entitlement including: receiving within a headend and at a policy management module first conditions and rules for content from a service provider or a third party device; and generating, for a point of presence (POP) device of a customer, a policy for entitlement and usage of content (merged policy). The generating of the merged policy includes: merging conditions and rules of policies including the first conditions and rules to generate the merged policy based on a predetermined hierarchy of the policies. Rules and conditions of the merged policy are multi-dimensional to include customer, POP device, and provider dimensions; and generating a configuration file including conditions or condition based parameters. The method further includes: presenting an offer for the content to the customer via the POP device; receiving an acceptance of the offer from the POP device; and enforcing the merged policy according to the configuration file.

Abstract: A server uses an encryption key to decrypt authentication information thereby facilitating communication with network-accessible applications that may be remotely located from the server. Servers can also use encryption keys to decrypt files containing sensitive data. The encryption key is obtained by a collection of software agents, each providing a portion of information necessary for generating the encryption key. Each software agent performs a respective examination, the results of which determine whether the respective portion of information is valid or not. A complete encryption key can be obtained only when all of the contributing portions of information are valid.

Abstract: A method and structure in a computer system, including a mechanism supporting a Secure Object that includes code and data that is cryptographically protected from other software on the computer system.

Abstract: A method is provided in one example and includes receiving video data captured by a camera at a location; comparing a portion of the video data to security information characteristics stored in a policy; and identifying a violation of the policy when the portion of the video data does not match at least one of the security information characteristics stored in the policy. In more particular instances, the method can include triggering an alert when the violation of the policy is identified.

Abstract: Systems and methods for authenticating subscribers of video signals are disclosed. In accordance with the various embodiments, a subscriber authentication system includes an encoder coupled to a source of video signals and a source of subscriber data. The encoder generates encoded video signals having at least a portion of the subscriber data encoded in the video signals. An authentication indicating apparatus operable to receive the encoded video signals and to decode the received signals generates an authentication status for the subscriber.

Abstract: An electronic apparatus is provided. The electronic apparatus include: a memory unit which downloads a CAS client from a server and stores the CAS client, a communication unit which receives a message to change a storage location of the CAS client from the server, and a controller which changes a storage location of the CAS client and stores the storage location according to the message received from the server. The method includes downloading a CAS client from a server and storing the CAS client in a memory; receiving from the server a message to change a storage location of the CAS client; changing a storage location of the CAS client, and storing the changed storage location according to the message received from the server.

Abstract: A system providing billing support for the exchange of media is disclosed. An embodiment of the present invention may provide for the authorization of and billing for the delivery of media from a media server to local storage for consumption on a television display. The media may be audio, still pictures, video, or data. Other embodiments may provide for the authorization of and billing for the transfer of media from a media peripheral to a media server for media backup or distribution. A media peripheral may be, for example, a digital camera, digital camcorder, personal computer (PC), personal digital assistant (PDA), multi-media gateway, and MP3 player. An embodiment may support pre-payment, payment at time of use, and post-use billing for the media exchange. In an embodiment of the present invention, the storing or accessing of media may be performed without identifying the user to the media server.

Abstract: At a high level, embodiments of the invention relate to augmenting video data with presence data derived from one or more proximity tags. More specifically, embodiments of the invention generate forensically authenticated recordings linking video imagery to the presence of specific objects in or near the recording. One embodiment of the invention includes video recording system comprising a camera, a wireless proximity tag reader, a storage memory and control circuitry operable to receive image data from the camera receive a proximity tag identifier identifying a proximity tag from the proximity tag reader, and store an encoded frame containing the image data and the proximity tag identity in the storage memory.

Abstract: System and methods are provided to cache encoded graphical objects that may be subsequently combined with other encoded video data to form a data stream decodable by a client device according to a format specification. Paint instructions relating to a graphical object are sent from a layout engine to a rendering library. A shim intercepts these instructions and determines whether the graphical object already has been rendered and encoded. If so, a cached copy of the object is transmitted to the client device. If not, the shim transparently passes the instructions to the rendering library, and the object is rendered, encoded, and cached. Hash values are used for efficiency. Methods are disclosed to detect and cache animations, and to cut and splice cached objects into encoded video data.

Abstract: A video processing device is presented for processing video data. This video processing device protects the security of data via encryption when it is stored on a memory device during processing. In particular, memory input/output (I/O) includes encryption and decryption as part of an atomic operation to receive and format or de-format and either encoded or decode the video data.

Abstract: Real-time access by a public authority emergency responder to surveillance video of a privately-controlled source is conditionally pre-authorized dependent on the existence of at least one pre-specified emergency condition, and recorded in a data processing system. A public authority emergency responder subsequently requests real-time access to the surveillance video (e.g., during an emergency), and if the pre-specified emergency condition is met, access is automatically granted, i.e., without the need for manual intervention. A pre-specified emergency condition could, e.g., be an alarm condition detected by a sensor at the site of the video surveillance, or a declared state of emergency, properly declared by an appropriate public official.

Abstract: A method for protecting a key intended to be used by an electronic circuit in an encryption or decryption algorithm, including the steps of: submitting the key to a first function taking a selection value into account; storing all or part of the result of this function in at least two registers; when the key is called by the algorithm, reading the contents of said registers and submitting them to a second function taking into account all or part of the bits of the registers; and providing the result of the combination as an input for the algorithm, the second function being such that the provided result corresponds to the key.

Abstract: A method and apparatus for brokering the enablement of the communication of encrypted media programs from a plurality of independent broadcasters to a plurality of receivers is disclosed. The system makes use of a pairing key for each provided service, which is differently encrypted by a pairing server and by the broadcaster providing the service. The encrypted versions of the pairing key are decrypted in a first receiver module using information known to the pairing service but not the broadcaster and in a second receiver module using information known to the broadcaster. The pairing key is used to cryptographically bind the first and second receiver modules.

Abstract: Metering is enabled through an arrangement in which a metering certificate is communicated to a mobile device using an over-the-air protocol. A metering trigger provides the metering certificate that includes a location to which metering data is posted by the mobile device and a public key of a public-private key pair, or alternatively provides a link to such metering certificate. A metering helper passes the metering certificate to a DRM system on the mobile device which collects metering data associated with the metering ID and uses the public key to encrypt the metering data into a metering challenge. The metering helper posts the metering challenge to the location. The metering service extracts the metering data from the metering challenge using a private key and generates a metering response that is received by the metering helper which prompts the DRM system to reset at least a portion of a data store in which the metering data is stored.

Abstract: According to one embodiment, an authentication method includes generating, by the memory, first authentication information by calculating secret identification information with a memory session key in one-way function operation, transmitting encrypted secret identification information, a family key block, and the first authentication information to a host, and generating, by the host, second authentication information by calculating the secret identification information generated by decrypting the encrypted secret identification information with the host session key in one-way function operation. The method further includes comparing, by the host, the first authentication information with the second authentication information.

Abstract: A technique for accessing features of a hardware adapter includes reading a first key from a hardware adapter and attempting to decrypt the first key with a second key. In response to the second key successfully decrypting the first key: encrypted code from the hardware adapter is read; the encrypted code is decrypted with the decrypted first key to generate unencrypted code; and a default code in an executable flash sector of the hardware adapter is over-written with the unencrypted code. In this case, the unencrypted code facilitates access to at least one feature of the hardware adapter that is customer specific. In response to the second key not successfully decrypting the first key, the default code in the executable flash sector of the hardware adapter is not over-written. In this case, the default code facilitates access to one or more features that are not customer specific.