Abstract: An apparatus and system provide a tamper-resistant scheme for portability of DRM-protected digital content. According to embodiments of the invention, a portable crypto unit may be utilized in conjunction with a VT integrity services (VIS) scheme as well as a Virtual Machine Manager (VMM) and a TPM to provide a secure scheme to protect digital content. Additionally, in one embodiment, the digital content may be partitioned into blocks comprising multiple segments to further enhance the security of the scheme.

Abstract: Embodiments of the present invention provide methods and systems for certifying components based on certification of the development and testing processes of the components. As noted above, traditional certification relies on the certification service or agent to specify the exact details of the development and testing processes performed on a component. In contrast, embodiments of the present invention rely on determining a standard required that should be satisfied by the processes performed on the component and certifying those processes that meet this standard. Hence, detailed specification of the individual actions performed in certified processes is unnecessary. This allows the various entities that develop or test (i.e., produce) a component to flexibly determine their own processes.

Abstract: Parties involved in a transaction in an E-marketplace identify characteristics of a transaction that they are willing to accept and/or that they can provide. To do this, an attribute certificate is created for each party that contains the attributes of a buyer, seller, or third-party participant who will be transacting business in the particular E-marketplace. The attributes pertain to specifics of the transaction. The party submitting the attribute also identifies alternative conditions which, if they exist would be acceptable for conducting the transaction. Once these criteria, in the form of the attribute certificates, are received by the E-marketplace, the E-marketplace verifies the attributes. A server in the E-marketplace is configured to determine various combinations of participants that can match the deal criteria. In this manner, the E-marketplace “choreographs” the transaction to meet the needs of all.

Abstract: Systems and methods are described herein for enabling users to select from available secure service providers (each having a Trusted Service Manager (“TSM”)) for provisioning applications and services on a secure element installed on a device of the user. The device includes a service provider selector (“SPS”) module that provides a user interface for selecting the secure service provider. In one embodiment, the SPS communicates with a key escrow service that maintains cryptographic keys for the secure element and distributes the keys to the user selected secure service provider. The key escrow service also revokes the keys from deselected secure service providers. In another embodiment, the SPS communicates with a central TSM that provisions applications and service on behalf of the user selected secure service provider. The central TSM serves as a proxy between the secure service providers and the secure element.

Abstract: A current version certificate is stored that includes a corresponding current version identifier. A current instance certificate is received from the certificate authority, wherein the current instance certificate includes the current version identifier of the current version certificate and a current instance public key corresponding to the current instance private key. The current instance certificate is sent to a local station, during a registration with the local station. A request for video content is generated and sent to the local station. First encrypted data is received from the local station, wherein the first encrypted data includes a content key that is encrypted via the current instance public key. Second encrypted data is received from the local station, wherein the second encrypted data includes the video content that is encrypted via the content key.

Abstract: Host devices present both the host certificate and the pertinent certificate revocation lists to the memory device for authentication so that the memory device need not obtain the list on its own. Processing of the certificate revocation list and searching for the certificate identification may be performed concurrently by the memory device. The certificate revocation lists for authenticating host devices to memory devices may be stored in an unsecured area of the memory device for convenience of users.

Abstract: An acquirer communicates with an intermediary transaction processing service to handle financial transaction requests received from multiple points of purchase. The acquirer receives an initial authorization request generated based on a transaction initiated by a customer at a point of purchase. The initial authorization request includes unique identifying information associated with the customer. The acquirer determines that the unique identifying information is associated with the intermediary service and provides at least part of the initial authorization request to the intermediary service. In response, the intermediary service provides account information to the acquirer. The acquirer then generates a modified authorization request based on the initial authorization request and the received account information and transmits the modified authorization to an issuing institution to request approval of the transaction.

Abstract: A system and method for controlling access to a computer provides for loose security within a local network while retaining strong security against external access to the network. In one embodiment, a user has access to trusted nodes in a secured group within an unmanaged network, without being required to choose, enter and remember a login password. To establish such a secure blank password or one-click logon account for the user on a computer, a strong random password is generated and stored, and the account is designated as a blank password account. If the device is part of a secured network group, the strong random password is replicated to the other trusted nodes. When a user with a blank password account wishes to log in to a computer, the stored strong random password is retrieved and the user is authenticated.

Abstract: Provided are a method of tracing a device key in a user key management system using a hierarchical hash chain broadcast encryption scheme (HBES) algorithm, a user key management system for executing the method of tracing a device key, and a computer program for executing the method of tracing a device key. The method of tracing a device key of an illegal decoder in a user key management system for broadcast encryption includes: tracing a device key using a binary search; and revoking the traced device key. The technology according to the present invention can be applied to prevent exposure of the device keys to hacking. The present invention provides a method of tracing which can be applied to an HBES algorithm structure.

Abstract: An information processing apparatus for controlling use of a content recorded on a disc. The information processing apparatus includes: in reference to a certificate revocation list including invalidation information of a content owner providing the content, a data verification section verifying whether content-owner identification recorded in a content-owner certificate recorded on the disc as a certificate corresponding to the content owner is included in the certificate revocation list, and if included, the data verification section comparing a content-certificate time stamp which is stored in the content certificate recorded on the disc as a certificate corresponding to the content and a CRL time stamp which is invalidation date-and-time information corresponding to the content owner stored in the certificate revocation list; and a content-use control section prohibiting or restricting use of the content if the content-certificate time stamp has date-and-time data not earlier than the CRL time stamp.

Abstract: A source computer is associated with multiple certificates. The source signs each certificate with a separate private key. From time to time, the source generates (a) new key pair(s) to replace (an) old one(s). The source uses the new private key(s) to sign the associated certificate(s). The source then requests a connection to a destination computer, the request being associated with the multiple certificates which identify the source. The source also transmits the new public key(s). The destination receives the request, and checks the certificates for validity. If less than all but at least a threshold number of the certificates are valid, the destination notes that one or more new public keys are being distributed. The destination accepts the connection, receives the new public key(s) associated with the invalid certificate(s), and replaces the corresponding old public key(s).

Abstract: A certificate manager transmits a certificate service advertisement to a plurality of certificate clients. The certificate service advertisement identifies the certificate manager and includes segregation data. The segregation data indicates a set of services offered or a set of clients for which the certificate manager offers service. Responsive to the transmitting of the certificate service advertisement, the certificate manager receives a certificate service request from at least one certificate client of the plurality of certificate clients. The certificate manager verifies that the at least one certificate client is associated with the set of clients for which the certificate manager offers service, and the certificate manager fulfills the certificate service request.

Abstract: A single validity proof (ci(F)) may be provided to certificate owners for a set (F) of the certificates via a multicast transmission if a multicasting group (2010) is formed to correspond to the set.

Abstract: A method of validating a digital certificate comprises retrieving from a first data store a digital certificate, retrieving from a second data store a plurality of certificate revocation lists (CRLs), and selecting one of the plurality of CRLs to validate the digital certificate as of a date which is before the current date.

Abstract: A system and method are provided for pre-processing encrypted and/or signed messages at a host system before the message is transmitted to a wireless mobile communication device. The message is received at the host system from a message sender. There is a determination as to whether any of the message receivers has a corresponding wireless mobile communication device. For each message receiver that has a corresponding wireless mobile communication device, the message is processed so as to modify the message with respect to one or more encryption and/or authentication aspects. The processed message is transmitted to a wireless mobile communication device that corresponds to the first message receiver. The system and method may include post-processing messages sent from a wireless mobile communications device to a host system. Authentication and/or encryption message processing is performed upon the message. The processed message may then be sent through the host system to one or more receivers.

Abstract: An authentication agent may cryptographically identify a remote endpoint that sent a media initialization message even though intermediate devices may modify certain fields in the message after a signature is inserted. The originating endpoint's agent may create the signature over some fields of the message using an enterprise network's private key. The agent may insert the signature into the message and send the message to a recipient endpoint's authentication agent. The recipient agent may verify the signature, receive a certificate including a second public key, and challenge the identity of the originating endpoint in order to confirm that identity. This challenge may request a confirmation that the originating endpoint knows the private key corresponding to the second public key and may occur while running encrypted media at the endpoints. After the originating endpoint is authenticated, the endpoints may exchange encrypted and/or unencrypted media.

Abstract: A method for transmitting and receiving data of a terminal in a communication system and a communication terminal thereof are provided, which can minimize an exposure of authentication information. A communication terminal includes a rolling token generation unit for generating the rolling tokens; a memory for storing the generated rolling tokens; and a control unit for, if an authentication of the other terminal for performing a communication is completed, generating and transmitting a rolling token whenever a transmission to the other terminal is performed, and in case of receiving a specified rolling token from the other terminal, determining whether the rolling token currently received from the other terminal is identical to the rolling token most recently transmitted.

Abstract: Embodiments of the invention include apparatuses, methods, and computer-program products that provide for a unique financial transaction security system. In one embodiment, the financial transaction security system receives a security protocol from a user. The security protocol includes instructions for allowing transactions without authentication and security features for the user if authentication is necessary. The system then determines that the user is conducting a transaction, compares the transaction to the instructions, and determines whether the transaction can occur without authentication. If the user is required to authenticate his identity, the system requests input from the user, compares the input to the security feature, and determines if the user is authenticated. The user is able to customize both the instructions and the security features to provide greater control over financial transaction security.

Abstract: Exemplary embodiments of systems, methods and computer-accessible medium can be provided for obtaining and verifying a public key certificate status. In particular, it is possible to construct and send a certificate query request, construct and send a combined certificate query request, construct and send a combined certificate status response, deliver a certificate status response, perform a verification by the general access point, and/or perform a verification by the user equipment. The exemplary embodiments address some of the deficiencies of conventional methods which have a complicated implementation as well as likely inability of such conventional methods to be applied to the network architecture of user equipment, a general access point and a server.

Abstract: A system and method for providing roaming access on a network are disclosed. The network includes a plurality of wireless and/or wired access points. A user may access the network by using client software on a client computer (e.g., a portable computing device) to initiate an access procedure. In response, a network management device operated by a network provider may return an activation response message to the client. The client may send the user's username and password to the network provider. The network provider may rely on a roaming partner, another network provider with whom the user subscribes for internet access, for authentication of the user. Industry-standard methods such as RADIUS, CHAP, or EAP may be used for authentication. The providers may exchange pricing and service information and account information for the authentication session. A customer may select a pricing and service option from a list of available options.

Abstract: The invention provides a revocation information transmission method, revocation information reception method, revocation information transmitting apparatus, and revocation information receiving apparatus, wherein all the video output apparatuses such as STB may have a revocation list in common, and it is possible to exclude unjust display and to improve the security of the digital interface for connecting a video output apparatus to a display. The revocation information transmission method comprises at least a step of preparing integrated revocation information by integrating the revocation information of the contents transmitting equipment or contents receiving equipment, a step of packetizing the integrated revocation list and multiplexing it into a stream, and a step of transmitting the stream.

Abstract: Systems and methods for handling user interface field data. A system and method can be configured to receive input which indicates that the mobile device is to enter into a protected mode. Data associated with fields displayed on a user interface are stored in a secure form on the mobile device. After the mobile device leaves the protected mode, the stored user interface field data is accessed and used to populate one or more user interface fields with the accessed user interface field data for display to a user.

Abstract: A display enabled RFID tag (DERT) receives transaction details from the reader. DERT verifies that the details match their counterparts in the reader public key certificate. The process is aborted in case of a mismatch. DERT extracts and displays user-verifiable data. It then enters a countdown stage that lasts for a predetermined duration. A user observes the transaction information and, if the transaction amount and other details are deemed correct, presses an accept button provided on the DERT before the timer runs out. DERT signs the time-stamped transaction statement and sends it to the reader. This signed statement is then sent to the payment gateway and eventually to the financial institution that issued the payment DERT.

Abstract: A method of managing keys is provided. According to one exemplary method, digital content data encrypted with a first encrypting key is decrypted using a first decrypting key, and re-encrypted using a second encrypting key. A second decrypting key is encrypted using a third encrypting key to produce an encrypted second decrypting key. In some embodiments, an encrypted first decrypting key that was encrypted using a fourth encrypting key is received, and the encrypted first decrypting key is decrypted using a fourth decrypting key to reproduce the first decrypting key. An application for use on a computer system is also provided.

Abstract: A method and apparatus is provided that allows code signed by a master key to grant trust to an arbitrary second key, and also allows code, referred to as an antidote and also signed by the master key to revoke permanently the trust given to the second key.

Abstract: The present invention is directed towards systems and methods for maintaining Certificate Revocation Lists (CRLs) for client access in a multi-core system. A first core may generate a secondary CRL corresponding to a master CRL maintained by the first core. The CRLs may identify certificates to revoke. The first core can store the secondary CRL to a memory element accessible by the cores. A second core may receive a request to validate a certificate. The second core can provisionally determine, via access to the secondary CRL, whether the certificate is revoked. The second core may also determine not to revoke the certificate. Responsive to the determination, the second core may request the first core to validate the certificate. The first core can determine whether to revoke the certificate based on the master CRL. The first core may send a message to the second core based on the determination.

Abstract: The present invention involves establishing a top-level key and optionally also a verification tag. The top-level key is used as the MDP key for encrypting a broadcast medium. Only the part of the key message that contains the encrypted top-level key is authenticated, e.g. using a signature or a Message Access Code (MAC). Any known group-key distribution protocol can be used that is based on the creation of a hierarchy of keys. Examples of such methods are the LKH and SD methods. The group-key distribution protocol output key H, traditionally used as the MDP key, or a derivative thereof is used to encrypt the top-level MDP-key. The invention, further, includes optimization of a group-key message by eliminating unnecessary message components relative a specified group or sub-group of users. The optimization can be made in dependence of contextual data such as user profile, network status, or operator policies.

Abstract: The present invention advantageously provides a system and method for management of cryptographic keys and certificates for a plurality of vehicles. Each vehicle of the plurality of vehicles generates public/private key pairs, requests multiple time-distributed certificates, creates an encrypted identity, and surrenders expired certificates. An assigning authority receives the public/private key pairs, the request for multiple time-distributed certificates, the encrypted identity, and the expired certificates from said vehicle. The assigning authority authorizes the vehicle with an authorizing authority, validates the expired certificates, proves ownership, and distributes the requested time-distributed certificates to said vehicle. Validation can comprise checking expired certificates against misused, compromised and/or previously surrendered certificates.

Abstract: A service providing system is disclosed. The service providing system includes an information processing apparatus and a service providing server, each having an authentication mechanism, that are connected via a network, wherein the information processing apparatus and the service providing server provides a service in response to a request by an authenticated user. The information processing apparatus includes: an information obtaining part for obtaining authentication information for performing authentication in the service providing server wherein the authentication information is associated with a user authenticated in the information processing apparatus; and a process request part for sending a process request including the authentication information to the service providing server.

Abstract: An authentication device that the user wears reads biometrics information and executes individual authentication by verification. Only when the individual authentication has been successfully performed, authentication with an external unit (such as a server) can be started. Then, only when both the individual authentication based on the biometrics information and the mutual authentication between the external unit (such as a server) and the authentication device have been successfully performed, subsequent data processing, such as payment processing, can be executed. Therefore, even if a fraudulent third party uses a stolen authentication device, because the party cannot satisfy the start condition of authentication with the external server or a PC, fraudulent transactions and other illegitimate behaviors are effectively prevented.

Abstract: Digital cash token protocols employ two pairs of private and public keys. Each public key is certified separately and the protocols do not use any blind signature schemes. As a result, the digital cash token protocols provide strong protection of user privacy by using two certified public keys instead of a blind signature. One pair of certified keys consists of one master user private key and one master user public key. A second pair of certified keys consists of one pseudonym user private key and one pseudonym user public key. The use of a master key pair and a pseudonym key pair circumvents the need for blind signatures. As a result, the proposed protocols do not require blind signatures and do not add additional overhead and security requirements necessitated by conventional blind signature schemes. The protocols use public key protocols and digital signatures and symmetric key protocols, which may be readily implemented in standard information security based systems based on cryptographic constructs.

Abstract: A distributed certificate authority includes a CA and a number of Sub-CAs (2610). The Sub-CAs have secret certificate validation data, but different data are provided to different Sub-CAs for each certificate. If a Sub-CA is compromised, the Sub-CA validity proof will be withheld by the CA to alert the verifiers not to use the data from this Sub-CA. Also, the secret data are encrypted when distributed to the Sub-CAs. A decryption key (DK.j.k) for each “partition” of time is distributed to each Sub-CA at or shortly before the start of the partition. A compromised Sub-CA can be reactivated at the end of the partition because the adversary does not get the decryption keys for the future partitions.

Abstract: A method and system for authorizing a communication interface between a first and second module comprises detecting a coupling between a first module and a second module, certifying a first pairing certificate is valid between the first module and the second module, and issuing a first operating certificate and storing the first operating certificate on at least one of the first module and the second module.

Abstract: Techniques for Mobile IP bulk registration revocation are described herein. According to one embodiment, a first mobile agent of a mobile IP network sends a registration revocation message to a second mobile agent of the mobile IP network. The registration revocation message includes information identifying multiple home IP addresses of multiple mobile nodes whose registrations are to be revoked. In response to the registration revocation, the second mobile agent terminates bindings of services associated with multiple mobile nodes identified by the multiple home IP addresses and sends an acknowledgement message to the first mobile agent. Other methods and apparatuses are also described.

Abstract: A communication system includes a plurality of nodes, the communication system being arranged to assign each of the plurality of nodes a certificate by means of which it can authenticate itself to other nodes in the communication system and periodically distribute to the plurality of nodes an update formed by compressing a data set representing the validity of the certificates assigned to the plurality of nodes. The update is such that a node may not be able to unambiguously determine from the update whether or not a particular certificate is valid. The system further provides the plurality of nodes with a source of information about the validity of the plurality of certificates that is different from the update and by means of which a node may resolve an ambiguity in the update regarding a particular certificate's validity.

Abstract: A communication system includes a plurality of nodes, the communication system being arranged to assign each of the plurality of nodes a certificate by means of which it can authenticate itself to other nodes in the communication system. The communication system further includes an authentication node arranged to determine that a certificate should be revoked and to, responsive to that determination, write an indicator of that certificate's revocation to a location in the communication system that is external to the authentication node and to which the node assigned the revoked certificate is not permitted to write.

Abstract: Continuous strings of certificates in a certificate chain received by a memory device sequentially in the same order that the strings are verified. Each string except for the last may be overwritten by the next one in the sequence.

Abstract: Embodiments of an RFID security system and method are described herein. Embodiments include an RFID security server or appliance and RFID security software. In an embodiment, the RFID security server is placed between an RFID reader and an enterprise back-end. Thus the system operates at the point where the RFID data stream leaves the RF interface and enters a physical transmission medium before any other active components on the network (such as databases, middleware, routers). The RFID security server analyzes RFID tag data (including meta-data) received from the reader in-band and detects malware and errors in the data. RFID tag data containing malware or errors is blocked from entering the enterprise back-end. In an embodiment, analyzing RFID tag data includes generating a security stamp that is uniquely associated with the tag data. The security stamp is stored on the RFID tag, or alternatively, stored separately for later comparison in order to detect tampering.

Abstract: A system and method for automatic key and certificate management is disclosed. In particular, a key store in a base computer contains both new and previously viewed cryptographic keys. In one embodiment, for each new key, if a corresponding certificate matches an existing certificate, the new certificate may be automatically downloaded to a mobile communications device without prompting a user.

Abstract: A method of mutually authenticating between a local host and a software mobility device including an operating system virtualization layer, and a method of forming an input/output (I/O ) channel. The method of authenticating a local host in the software mobility device includes requesting a certificate from the local host in which an integrity value of the local host is stored, and receiving the certificate from the local host; receiving an integrity value measured in the local host and comparing the measured integrity value with the integrity value included in the certificate to verify the local host; and when the local host is verified, encrypting a security profile of the software mobility device and transmitting the encrypted security profile to the local host so as to provide secure communication between the local host and the software mobility device.

Abstract: A dual cryptographic keying system. In particular implementations, a method includes responsive to an initial session key negotiation, storing security association information for a tunnel in a security association memory; responsive to a session key renegotiation, storing security association information for the tunnel in a cache; decrypting received packets associated with the tunnel conditionally using the security association information in the cache or the security association information in the security association memory; and upon an expiration condition, overwriting the security association information, for the tunnel, in the security association memory with the security association information, for the tunnel, copied from the cache.

Abstract: In a method for managing a Certificate Revocation List (CRL), a first device (31, 61) receives the CRL (33, 67) which comprises at least one revoked certificate identifier (SNi). An integrity field (MACi) associated to an entry of the CRL (371, . . . , 37p) is calculated using a secret data (KCRL), wherein an entry comprises at least one revoked certificate identifier of the CRL. The entry and its associated calculated integrity field are transmitted to a second device (32, 62), distinct from the first device and are stored into the second device. The method further comprises checking a validity of a certificate.

Abstract: A method is disclosed for obtaining certificate revocation information from a server, obtaining from a client a request for a revocation status of a certificate and notifying the client when the certificate identified in the client request has been revoked. The method may be performed by a networking device that is separate from the server and the client.

Abstract: A first entity (1) includes a secret encryption key (g1, ?) of an encryption diagram which can accept a plurality of encryption keys. A plurality of decoders have respective encryption keys, each incorporating a respective key index. The method comprises an encryption operation, wherein a value is taken as a variable element (s) and a ciphertext (C?) is calculated from the data to be transmitted (K) and at least from the value taken as the variable element and the secret encryption key. An operation for revoking a decryption key is integrated into an encryption operation performed with a value of the variable element (s) based on the index key (x?) of one of the decryption keys, which will be used during an operation for tracking illegitimate decoders.

Abstract: A wireless communication system includes a plurality of terminals connected to at least one wireless network on the basis of authority of security configuration parameters shared by the plurality of terminals. Each of the plurality of terminals revokes security configuration parameters of the terminal itself or security configuration parameters of another terminal in accordance with an agreement with said another terminal.

Abstract: A tag generation method for generating tags used in data packets in a broadcast encryption system is provided. The method includes detecting at least one revoked leaf node; setting a node identification (node ID) assigned to at least one node among nodes assigned node IDs at a layer 0 and to which the at least one revoked leaf node is subordinate, to a node path identification (NPID) of the at least one revoked leaf node at the layer 0; generating a tag list in the layer 0 by combining the NPID of each of the at least one revoked leaf nodes at the layer 0 in order of increment of node IDs of the corresponding at least one revoked leaf nodes; and generating a tag list in a lowest layer by repeatedly performing the setting and generation operation down to the lowest layer.

Abstract: Embodiments of the present invention provide a compression capability for compressing a CRL, such as an X.509 CRL, stored as a file, data structure or data object in a computer system having a certification authority (CA) and a security client. An exemplary method provides for accessing the CRL contents including a certificate revocation record and performing compression procedure, such as a lossless compression procedure on the contents of the CRL. The compressed CRL contents can be stored in another file, data structure or data object. A request for the compressed CRL is from a security client whereupon the compressed CRL is returned to the security client by transferring the compressed CRL contents to the security client. The security can client un-compress the compressed CRL contents. In some cases the uncompressed CRL contents can be transferred to the security client.

Abstract: A method of providing certificate issuance and revocation checks involving mobile devices in a mobile ad-hoc network (MANET). The wireless devices communicate with each other via Bluetooth wireless technology in the MANET, with an access point (AP) to provide connectivity to the Internet. A Certificate authority (CA) distributes certificates and certification revocation lists (CRLs) to the devices via the access point (AP). Each group of devices has the name of the group associated with the certificate and signed by the CA. A device that is out of the radio range of the access point may still connect to the CA to validate a certificate or download the appropriate CRL by having all the devices participate in the MANET.

Abstract: An image forming apparatus for attaching an electronic signature to image data read from a paper document is disclosed. Validity of a first public key certificate that certifies a first signature key is determined. A first electronic signature-for the image data is generated by using the first signature key. The first electronic signature is prevented from being generated in response to an event that it is determined that the first public key certificate is invalid.

Abstract: In some embodiments, an apparatus comprises a certificate store to store a current certificate associated with a key pair including a current public key and a current private key; a policy decision point (PDP) module to monitor the certificate store and to ascertain whether the current certificate has expired or is expiring; and a key manager, based at least in part on the PDP module determining that the current certificate has expired or is expiring, being adapted to identify encrypted information encrypted with an encrypting key of the key pair and to decrypt the encrypted information with a decrypting key of the key pair to obtain unencrypted information.