Abstract: A data communication device that communicates with a storage device via a network includes an input unit for inputting user identification information, a log-in processing unit configured to enable a user to log in to access a storage area of the storage device associated with the user identification information, an accessing unit configured to access the storage area if the user logs in, a determining unit configured to determine whether data processing involving the accessed storage area is ongoing when an instruction is sent to cause the user to log out, and a controller unit configured to enable the user to log out and disable access to the storage area when the data processing is not ongoing, and, when the data processing is ongoing, enable access to the storage area even after the user has logged out until the data processing has been completed.

Abstract: Systems for methods for remote user authentication by using a cellular phone and an authentication system that generates and uses transient pass codes. The Authentication system is used to store a user's existing passwords; alternatively, the authentication system creates on demand a transient random pass code that is good for a limited duration. The transient pass codes may also be used in the packets that enable each packet to be individually authenticated in the firewall. When the user has forgotten the password in a traditional system, alternatively, without the need to create or remember passwords, user can use transient pass codes. The user retrieves the password or the pass code via a cell telephone call to the authentication system, before logging on to the system.

Abstract: A system for improved communication system for providing web analytics data between a first computing device and a second, remote computing device preferably encodes frequently requested data into code words, and also provides the remote client with a look-up table and decoding logic. In one embodiment, the present invention also includes a method for updating the local look-up table in the event the table does not have a data value for a given code.

Abstract: A method and apparatus for creating and/or using trustworthy timestamps and certifiable clocks using logs linked by cryptographic hashes. In one embodiment, the method comprises maintaining a first, chained-hash log; associating a first clock with the chained-hash log, and entangling the first log; with a second by adding a time-stamped synchronization entry to the chained-hash log, where the synchronization entry has a second time indication associated with the second log and a hash of one or more entries in the first log.

Abstract: A non-transitory computer readable medium storing a program causing a computer to execute a process including: accepting an instruction for verifying an electronic signature added to information; verifying the electronic signature on the basis of an electronic certification corresponding to the electronic signature in accordance with the accepted instruction; calculating, when it is determined that the information has not been tampered with, a hash value of a combination of the information, the electronic signature, and validity-period information indicating a validity period of the electronic certification; adding a time stamp to the calculated hash value; outputting the information, the electronic signature, the hash value, and the validity-period information to a storage device; and outputting, when it is determined that the information has not been tampered with, a verification result including information indicating that the information has not been tampered with.

Abstract: Embodiments of methods, apparatuses, systems and/or devices for processing a certificate are disclosed.

Abstract: A method, computer readable medium, and system for integrating security in network communications includes generating a private key and a public key by encrypting the private key with a first encryption. The generated private key and public key are provided in an initial response to an initial request over the secure connection. At least one additional received request is validated based on the public key and a requesting signature signed using the key received with the at least one additional request. An additional response with a responding signature signed using the private key is provided in response to the validated additional request.

Abstract: Systems and methods are disclosed for authenticating electronic messages. A data structure is generated by a computer server which allows for the authentication of the contents and computer server identity of a received electronic message and provides a trusted stamp to authenticate when the message was sent. Data which can authenticate the message, the computer server identity, and the time the message was sent is included into a data structure which is called an Electronic PostMark (EPM).

Abstract: A data processing system for distributing and authenticating documents from a plurality of parties to a recipient data processing apparatus is disclosed. The system comprises a plurality of document distribution devices each configured to generate an original hash value from the content of a file containing a document to be distributed. A recipient data processing apparatus is configured to generate an original super hash value from the plurality of the original hash values, and to distribute the original super hash value to each of the document distribution devices. The system provides assurance that distributed documents have not been tampered with during communication, by an unscrupulous distributing party, or by an unscrupulous recipient by only submitting a hash value of the document to be distributed. The hash value provides for assurance at the eventual recipient of the document that no changes to the document have been made.

Abstract: A generator uses a robust programming framework to create an electronic signature in association with a data item, wherein the electronic signature includes time stamps and/or countersignatures. The generator can create a signature object that computes a signature value of the electronic signature based on the data item. The generator also creates a signature timestamp object to obtain a timestamp of the signature value, wherein the timestamp is associated with the electronic signature. The generator can also invoke a countersignature service on the signature object to obtain a countersignature based on the signature value of the signature object, wherein the countersignature is associated with the electronic signature.

Abstract: Apparatus and methods are provided for embedding or embedding digital data into an analog host or cover signal. A distributed signal feature of the cover signal in a particular domain (time, frequency or space) is calculated and compared with a set of predefined quantization values corresponding to an information symbol to be encoded. The amount of change required to modify the signal feature to the determined target quantization value is calculated and the cover signal is modified accordingly to so change the feature value over a predefined interval. Information symbols are extracted by the opposite process. In one embodiment, the predefined value is a short term autocorrelation value of the cover signal.

Abstract: An improved solution for accessing a web application is provided. In an embodiment of the invention, a method for controlling access to a web application includes: receiving a request for a first web page application, wherein the first web application is connected to a second web page application via a link at the second web page application; determining if the request is likely from a book marked link to the first web page application or from the link at the second web page application; and providing one of the second web page application and the first web page application based on the determining.

Abstract: A manufacturing entity provides a blinded signature to a secure device and associates a time with the blinded signature. If a signing key is compromised, the manufacturing entity provides a time of the compromise and the time associated with the blinded signature to the replacement authority.

Abstract: A method, device, and system are disclosed. In one embodiment the method includes causing a processor to enter into a first power state. Then an interrupt is received that signals the processor to leave the first power state. The method continues by causing the processor to remain in the first power state if the interrupt was received less than a minimum dwell time after the processor entered the first power state.

Abstract: A fast batch verification method and apparatus are provided. In the method of batch-verifying a plurality of exponentiations, (a) a predetermined bit value t is set to an integer equal to or greater than 1; (b) a maximum Hamming weight k is set to an integer equal to or greater than 0 and less than or equal than the predetermined bit value t; (c) n verification exponents si are randomly selected from a set of verification exponents S (n is an integer greater than 1, i is an integer such that 1?i?n), where the set of verification exponents S include elements whose bit values are less than or equal to the predetermined bit value t and to which a Hamming weight less than or equal to the maximum Hamming weight k is allocated; (d) a value of verification result is computed by a predetermined verification formula; and (e) the verification of the signatures is determined to be passed when the value of verification result satisfies a pre-determined pass condition.

Abstract: A method performed in an intrusion detection/prevention system, a system or a device for determining whether a transmission control protocol (TCP) segment in a TCP connection in a communication network is acceptable. The TCP connection can include TCP segments beginning with a three way handshake. A TCP segment can include a field for a timestamp. A timestamp policy of plural timestamp policies is identified, the timestamp policy corresponding to a target associated with the segments in a TCP connection. A baseline timestamp is identified based on a three way handshake in the TCP connection. Segments in the TCP connection are monitored. The segments in the TCP connection are filtered as indicated in the timestamp policy corresponding to the target, the timestamp policy indicating whether the segments are to be filtered out or forwarded to the target by comparing the timestamp of the segments to the baseline timestamp.

Abstract: A method of and device for granting access to content on a storage medium, including obtaining cryptographic data from a property, such as a wobble, of the storage medium, reading helper data from the storage medium, and granting the access based on an application of a delta-contracting function to the cryptographic data and the helper data. The delta-contracting function allows the choice of an appropriate value of the helper data, such that any value of the cryptographic data which sufficiently resembles the original primary input value leads to the same output value. Substantially different values of the cryptographic data lead to different values of the output.

Abstract: An information processing system in which information transfers between communication devices through a network is limited within a prescribed range by registering unique information obtainable within the prescribed range into each device and permitting information transfer between devices which share common unique information, where the unique information is formed by a pair of public and secret unique information, a bridge device is controlled such that, upon receiving a proxy check request from a reception device, whether a transmission device is another bridge device or not is judged when the public unique information registered by the reception device is registered in the bridge device and one public unique information registered in the bridge device is registered by the transmission device. Then, the secret unique information registered by the reception device is transmitted to the transmission device when the transmission device is not another bridge device.

Abstract: The invention relates generally to a method and arrangement for real-time betting with an off-line terminal, and especially to the technological field of keeping reliable time in the off-line terminal when handling, within a communications system comprising a distributed domain and a central domain, electronic records that contain predictions of the outcome of a certain incident. Within the distributed domain a multitude of electronic records that contain predictions of the outcome of the incident are generated and furnished with a cryptographically protected proof of a certain moment of the distributed domain's local time associated with the generation of the electronic record.

Abstract: A manufacturing entity provides a blinded signature to a secure device and associates a time with the blinded signature. If a signing key is compromised, the manufacturing entity provides a time of the compromise and the time associated with the blinded signature to the replacement authority.

Abstract: Disclosed is an Internet based e-will management method in which a will is managed by making digital signatures using a certificate issued by a certificate authority through a will management server connected to a testator/testatrix terminal and a will executor terminal via a network, the method comprising: (a) making digital signatures on an application form and a will using a certificate by a testator/testatrix through the testator/testatrix terminal and transmitting the digitally signed application form and will to the management server by the testator/testatrix terminal; (b) receiving the digitally signed application form and will and verifying and storing the digital signatures of the application form and will by the management server; (c) confirming the death of the testator/testatrix by the management server; and (d) transmitting, upon confirmation of the death of the testator/testatrix, the digitally signed will to the will executor terminal by the management server.

Abstract: A method and an electronic apparatus for rolling over from a first to second trusted certificate in the electronic apparatus. Information containing identification data for identifying the second trusted certificate is acquired in the electronic apparatus. Also, the second trusted certificate, which is preinstalled in the electronic apparatus, is activated based on said identification data.

Abstract: A computer implemented method for registering user accounts that includes sending a first request to an online service wherein the first request includes a telephone number, sending a second request to the online service wherein the second request includes an invitation code received via a telephone associated with the telephone number, and upon acceptance of the invitation code by the online service, receiving an invitation from the online service, to register a user account.

Abstract: A system and method for data storage and removal includes providing databases and providing encryption keys. Each database is associated with a database time period and each encryption key is associated with an encryption time period. Data items are received and each data item is encrypted using the encryption key associated with the encryption time period that corresponds to a time associated with the data item. Each encrypted data item is stored in the database associated with the database time period that corresponds to the time associated with the data item. Each encryption key is deactivated at a predetermined time after the associated encryption time period ends. Each database is made irretrievable upon a determination that all of the encryption keys associated with the data items stored in that database have been deactivated.

Abstract: Electronic document classification is disclosed. A toolbar adds the ability to classify documents based on specific properties such as security classification, information type, document type, document retention, document caveats, and the like associated. The toolbar through dropdown selections allows users to select the appropriate classification and properties based upon the content of the document and have appropriate classifiers added to the document. Document classification properties are generated that are associated with the document in the document properties and by inserting visual markings that allow users to quickly identify the security, sensitivity, intended distribution or retention. By utilizing the classification toolbar a user can classify an document by one or more classification levels and be ensured that the classification will be visible to any person viewing the document.

Abstract: Techniques for protecting the security of digital representations and of analog forms made from them, including a technique for authenticating an analog form produced from the digital representation, an active watermark that contains program code that may be executed when the watermark is read, and a watermark agent that reads watermarks and sends messages with information concerning the digital representations that contain the watermarks. A watermark agent may be a permanent resident of a node in a network or of a device or it may move from one network node to another. The watermark agent executes code which examines digital representations residing in the node or device for watermarked digital representations that are of interest to the watermark agent. The watermark agent then sends messages which report the results of its examination of the digital representations. If the watermarks are active, the agent and the active watermark may cooperate.

Abstract: A communication apparatus includes an authentication part for authenticating another communication apparatus with a first digital certificate, and a certificate transmission part for transmitting a second digital certificate when the authentication part succeeds in authenticating the other communication apparatus with the first digital certificate.

Abstract: A data communication apparatus which is capable of easily selecting a desired encryption scheme that is appropriate to the size of data that is to be transmitted. A key to be used for encryption is acquired. An encryption means corresponding to the acquired key is searched. The period of time required for encryption of data to be transmitted by the searched out encryption scheme is calculated. Encryption means candidates for encrypting data to be transmitted are determined based on the calculated period of time required for encryption. A user is notified of the determined encryption means candidates in a selectable manner together with the period of time required for encryption.

Abstract: A method and apparatus for creating and/or using trustworthy timestamps and certifiable clocks using logs linked by cryptographic hashes. In one embodiment, the method comprises maintaining a first, chained-hash log; associating a first clock with the chained-hash log, and entangling the first log; with a second by adding a time-stamped synchronization entry to the chained-hash log, where the synchronization entry has a second time indication associated with the second log and a hash of one or more entries in the first log.

Abstract: A high definition video transmitter and receiver are disclosed. The transmitter provides high definition video to a one-point receiver or to multipoint receivers. The transmission network is asynchronous and the receiver re-synchronizes the video. The transmission can be wired or wireless.

Abstract: A subscription-based computing device has hardware and a subscription enforcer implemented in the hardware. The enforcer has an accumulator that accumulates a usage value as the computing device is being used and an expiration value register that stores an expiration value. The enforcer allows the computing device to operate in a subscription mode without hindrance and with full use when the usage value is less than the stored expiration value, and allows the computing device to operate in an expiration mode with hindrance and without full use when the usage value reaches the stored expiration value to signal that the subscription for the computing device has expired.

Abstract: A method and system facilitating the development and distribution of software is provided. The system includes a database provided on a computing device, the computing device configured to enable users to provide an update to an element of the database, wherein the element is associated with an object. The system further includes time stamp tracking software configured to enable revisions to elements of the database by establishing time stamps for each stored element changed at a specified time and an assembler configured to enable a user to assemble elements for execution based on time stamping.

Abstract: Embodiments of the invention provide systems and methods for detection of tampering with an audit record for a database. According to one embodiment, a method for detection of tampering with an audit record for a database can comprise reading one or more audit records for a time period from an audit table. The one or more audit records can each include a time stamp and reading the one or more audit records can comprise reading audit records having a timestamp within the time period. An encrypted record, such as a message digest record, for the time period can be generated based on the one or more audit records and including the time stamps. The message digest record can be stored in a message digest table. In some cases, the message digest table can be maintained in a trusted data store.

Abstract: Computers and other electronic devices typically include a timing operation such as a clock in an operating system. It is anticipated that hackers may tamper with this clock. This tampering might be especially advantage in the context of systems which provide for rental of audio and video content, such as movies. Tampering with the system clock on the playing device would allow an extension of the rental period to the detriment of the provider of the rental content. Hence the present method is directed to detecting clock modifications both in terms of time shifting and clock rate tampering. This detection is done using digital signal processing.

Abstract: An information processing apparatus is provided. The information processing apparatus includes content verification means for executing a verification processing of a recording content recorded on an information recording medium, and content play means for executing a content play processing on a condition that validity of the recording content is checked on the basis of the verification processing. The content verification means acquires from the information recording medium a content hash table having registered therein hash values generated on the basis of legal recording content data and executes a processing for verifying a presence or absence of an illegal recording content whose hash value is not registered in the content hash table.

Abstract: A system, method and computer program product for auditing a message in a message stream are disclosed. Messages in a message stream are captured including at least one message in an extensible markup language (XML) format. Each message in the XML format is then extracted from the captured messages and has a timestamp applied thereto. Each timestamped message in the XML format is then stored in a memory.

Abstract: A time authentication device identifies clocks that show a time falling within the predetermined permissible range as compared with a time shown by the time authentication device. In a time authentication device embodied as a distribution device, a time-relation information storage unit stores a playback-device-time measured by a clock unit of a playback device, and also stores a distribution-device-time measured by a clock unit when the playback-device-time is acquired. The time authentication unit acquires from the playback device a target time measured by the clock unit, and also acquires an authentication time measured by the clock unit when the target time is received. The time authentication unit then calculates a first difference, a second difference, an authentication difference. If the authentication difference is smaller than or equal to a predetermined threshold, the time authentication unit judges that the clock unit of the playback device is valid.

Abstract: Methods and arrangements are provided for handling, within a communications system comprising a distributed domain and a central domain, electronic records that contain predictions of the outcome of a certain incident. Within the distributed domain there is generated, before the outcome of the incident is known, a multitude of electronic records that contain predictions of the outcome of the incident. The electronic records are conveyed from the distributed domain to the central domain. After the outcome of the incident is known, the central domain finds out which of the electronic records, if any, contain correct predictions of the outcome of the incident. Each of the electronic records is furnished, within the distributed domain, with a cryptographically protected proof of a certain moment of time associated with the generation of the electronic record.

Abstract: A time stamp updating apparatus includes: a time stamp obtaining unit configured to transmit hash value calculated from certification target data to an apparatus for time stamp authority when certification target data is input, to receive time stamp data from the apparatus for time stamp authority, to relate the received time stamp data to certification target data, and stored them in an evidence data storage unit; and a time stamp verification unit configured to calculate logical OR of a validity period of the time stamp data related to certification target data, and to output a period that can go back from time of verification as a period when the certification target data can be certified.

Abstract: A technique involves the use of an electronic device having a real-time clock (RTC) circuit. In particular, the technique involves obtaining an RTC value from the RTC circuit. The RTC value is based on a previous time value and being arranged to represent current time. The technique further involves generating an adjustment factor arranged to adjust for imperfection in an oscillator of the RTC circuit, and providing a new time value based on the RTC value and the adjustment factor. The new time value represents current time at least as accurately as the RTC value.

Abstract: Providing trusted time in a computing platform, while still supporting privacy, may be accomplished by having a trusted time device provide the trusted time to an application executing on the computing platform. The trusted time device may be reset by determining if a value in a trusted time random number register has been set, and if not, waiting a period of time, generating a new random number, and storing the new random number in the trusted time random number register. The trusted time random number register is set to zero whenever electrical power is first applied to the trusted time device upon power up of the computing platform, and whenever a battery powering the trusted time device is removed and reconnected. By keeping the size of the trusted time random number register relatively small, and waiting the specified period of time, attacks on the computing platform to determine the trusted time may be minimized, while deterring the computing platform from being uniquely identified.

Abstract: A method for securely handling processing of information in a chip may include randomly selecting one of a plurality of data processes based on a random process index. A time interval may be randomly allocated on the chip, for processing the randomly selected one of the plurality of data processes. When the randomly allocated time interval has elapsed, the randomly selected one of the plurality of data processes may be initiated. The randomly selected one of the plurality of data processes may include one or both of accessing data and acquiring the data. Data may be verified by the randomly selected one of the plurality of data processes prior to the processing of the data. The data may be verified utilizing at least one digital signature verification algorithm, such as a Rivest-Shamir-Adelman (RSA) algorithm and/or a secure hash algorithm (SHA-1).

Abstract: A system for digitally signing electronic documents is disclosed. The system includes a mobile device, an application server and a database, the mobile device includes a requesting module and a digest encrypting module, the application server includes an obtaining module, a digest generating module and a merging module. The requesting module is configured for sending a request for a digital signature of an electronic document to the application server; the obtaining module is configured for obtaining the electronic document from the database; the digest generating module is configured for generating a digest of the electronic document, and sending the digest to the mobile device; the digest encrypting module is configured for encrypting the digest, generating an encrypted value, and sending the encrypted value to the application server; the merging module is configured for merging the encrypted value and the electronic document. A related computer-based method is also disclosed.

Abstract: When a document creation unit 1 is started, it calculates a hash value of each software piece therein and stores the hash value in a hash value holder 71 and a measurement log document holder 44. The document creation unit 1 accesses a time distribution unit plural times to receive time information therefrom, and records the time information in a log document and a measurement log document. The document creation unit 1 transmits the log document, the measurement log document, and digital signature-embedded hash value information (measurement auxiliary document) in a tamper-resistant device 63 to a document reception device. The document reception device verifies matching of the hash values or digital signature in the document group, confirms software operating environments in the document creation unit 1 from the hash values, and determines whether the time information is correctly managed within the unit 1.

Abstract: A system is provided for preventing recorded data from being illicitly read out and analyzed. An Internet connection interface transmits a program executed by an adapter to an authentication station, while receiving the program in an encrypted form from the authentication station. A hard disc records the encrypted program, received from the authentication station. An interface transmits the program recorded on the horizontal direction on the adapter.

Abstract: Disclosed herein are methods and systems for encoding digital watermarks into content signals. Also disclosed are systems and methods for detecting and/or verifying digital watermarks in content signals. According to one embodiment, a system for encoding of digital watermark information includes: a window identifier for identifying a sample window in the signal; an interval calculator for determining a quantization interval of the sample window; and a sampler for normalizing the sample window to provide normalized samples. According to another embodiment, a system for pre-analyzing a digital signal for encoding at least one digital watermark using a digital filter is disclosed.

Abstract: For the authentication of messages communicated in a distributed system from an originator to a destination a keyed-hashing technique is used according to which data to be authenticated is concatenated with a private (secret) key and then processed to the cryptographic hash function. The data are transmitted together with the digest of the hash function from the originator to the destination. The data comprises temporal validity information representing the temporal validity of the data. For example the setup key of a communication is therefore only valid within a given time interval that is dynamically defined by the communication originator. After the time interval is exceeded the setup key is invalid and cannot be reused again.

Abstract: A method for providing a time stamp by using a tamper-proof time signal via a telecommunications network includes the steps of: receiving, at a central system, a request from a network user for a time signal. The time signal is encrypted by the central system with at least one key. The encrypted time signal is transmitted to the network user via the telecommunications network. The network user is provided with the same at least one key. At the central system and the network user, the at least one key is synchronously generated.

Abstract: The invention disclose a method for verifying the validity of a user, making full use of a TID as the bridge for establishing confidence between a NAF and a user equipment, and the BSF assigning a term of validity for the TID, thereby extending the function of the TID, enabling the NAF to verify the term of validity for using the TID, and accordingly, achieving a further verification of the validity to the user. By using the method of the invention, it is possible to avoid the situation in which one TID is permanently valid for one or more NAFs, enhance the system security, decrease the risks caused by the theft of users' TID and corresponding secret keys, and at the same time, implement TID management by the NAF. In addition, a combination of the method with billing system makes it easy to implement the function of charging a user.

Abstract: According to one embodiment of the invention, a method is provided for receiving a timestamp from a caller via a telephone connection; receiving a device identifier from the caller, in which the device identifier identifies a device; determining a cryptographic key based on the device identifier; determining an indication of a time based on the timestamp and the cryptographic key; providing the indication of the time to the caller; determining an account; and charging a fee to the account.