Abstract: Apparatus and a method are described for providing, for recordal onto a recording medium, recording data having content data and control data for enabling a player playing such a recording medium to navigate through the content data. The apparatus has a copy protector to copy-protect the recording data by controlling the production of parameters that are associated with items of data in the recording data but that are not checked by a physical testing device such that a parameter associated with an item of the recording data that is not on the navigation path is inconsistent with that item of data, or is otherwise not as expected, to cause a copying device reading that the item of data to report an error, thereby inhibiting copying by that copying device.

Abstract: A method for locking the application program includes: when running a application program stored in a terminal, it judges whether a first unlocking key of the application program exists in the terminal; in the case that the first unlocking key does not exist, the terminal generates and stores the first unlocking key, and sends it to a device; judging whether the device has locked the application program, in the case that the result of judgment is no, proceeding to the first step, otherwise proceeding to the second step: the first step, the device locks the application program, generates a second unlocking key, and notifies the second unlocking key to a user, proceeding to the second step; the second step, performing the authentication process for the user; in the case that the first unlocking key exists in the terminal, the first unlocking key is sent to the device, judging whether the device has locked the application program or not, if not, proceeding to the third step, otherwise proceeding to the forth ste

Abstract: A portable device may be roamed from one host to another. In one example, the portable device stores software that is to be executed by a host. The host may maintain a policy that governs which software may be executed on the host. When the portable device is connected to a host, the host checks the software version installed on the guest to determine whether that software version is compatible with the host's policy. If the guest's software does not comply with the host's policy, then the host installs a compatible version. If the guest's version complies with the policy and is newer than the host's version, then the host copies the guest's version to the host and propagates it to other guests. In this way, newer versions of software propagate between hosts and guests, while also respecting specific execution policies of the various hosts.

Abstract: A record carrier for storing at least one stream of linked content cells thereon, which linking is performed based on navigation data. The record carrier includes modified navigation data and/or a stream arrangement of at least one stream of linked content cells, so that an access of the at least one stream of linked content cells on the record carrier under consideration of the navigation data is not disturbed, whereas a generally linear access of the at least one stream of linked content cells on the record carrier is disturbed.

Abstract: An anti-debugger comprises spatially and temporally separate detection and response portions. In an example configuration, the anti-debugger is implemented into a game system for detecting and responding to a debugger attached to a game application. The detection portion is implemented on one thread of the system and the response portion is implemented on another thread of the system. When a debugger is detected, a message indicative of the detection is provided to a thread interface. The thread interface provides the message to the response portion. After a period of time has elapsed, the response portion disables the functionality of the game application, such as by halting the game execution and/or obfuscating game performance.

Abstract: An information processing apparatus in which an application managed by a license based on license data operates. The information processing apparatus includes a recording unit to record transfer information indicating that the license data is transferred from the information processing apparatus to a second information processing apparatus, and a prohibition unit to prohibit use in the information processing apparatus of the license data corresponding to the transfer information when the transfer information indicates that the license data has been transferred from the information processing apparatus to the second information processing apparatus.

Abstract: In accordance with one or more aspects of the separating keys and policy for consuming content, content has a corresponding leaf license, and the leaf license has one or more associated root policy addenda. Each root policy addenda includes policy identifying when it is permissible to decrypt and consume the content, but excludes a content key to decrypt the content. The content can be decrypted and consumed only if the policy identifies that it is permissible to decrypt and consume the content.

Abstract: A method and devices for a control of usage of content is disclosed. In one embodiment, a user device performs the steps of obtaining the content, defining usage rights, generating integrity protection information for defined usage rights, encrypting the content with a content encryption key, encrypting the content encryption key with a key encryption key associated with a recipient device and/or an operator of the recipient device, communicating the encrypted content, the defined usage rights, the encrypted content encryption key, and the integrity protection information to the recipient device.

Abstract: A system for protecting software against piracy while protecting a user's privacy enables enhancements to the protection software in a user device and extended protections against piracy. The protection system allows the user device to postpone validation of purchased tags stored in a tag table for installed software and to re-establish ownership of a tag table to recover from invalidation of a tag table identifier value resulting from revelation of a tag table identifier value. Continued use of the tag table is provided by the use of credits associated with a tag table. A protection center is protected against denial of service attacks by making calls to the protection center cost time or money to the attackers.

Abstract: An electronic control device and method for operating an electric roller shutter include establishing a wireless connection between the electronic control device and an electronic device if a preset login password is input. The electronic control device provides an operation interface to the electronic device, and receives a function instruction from the electronic device if a function key on the operation interface is pressed. The electric roller shutter is operated by the electronic control device according to the received function instruction.

Abstract: An external storage device connectable to an information processing apparatus is provided. The storage device includes: an input/output interface via which data is exchanged with an information processing apparatus; a first storage region where data associated with first and second validity periods is stored; and a second storage region where a control program is stored. While the first validity period is used when the external storage device is connected to one information processing apparatus, the second validity period is used when the external storage device is connected to another information processing apparatus. The control program causes a processor to execute the steps of: establishing connection of the external storage device to an information processing apparatus; identifying any one of the validity periods as a validity period to be used for the data; and executing predetermined security protection processing on the data in accordance with the identified validity period.

Abstract: A media content printing method that includes storing encrypted media content data representing media content in a computing device, generating a file of print commands that include the encrypted media content data non-encrypted commands for printing the media content based on the encrypted media content data, and sending the file of print commands to an intermediate device that stores a cryptographic key. The method further includes sending the non-encrypted commands to a printing device, determining if the media content is authorized to be printed, and decrypting the encrypted media content data in the intermediate electronic device that corresponds to the authorized media content to produce decrypted media content data. The decrypted media content data is sent to the printing device for printing the media content based on the non-encrypted commands and the decrypted media content.

Abstract: A security memory device includes a memory cell array that stores a plurality of contents, including a mine, which is stored as a portion of the plurality of contents. The mine is triggered when it is accessed, typically such that the mine erases the memory contents. Also, control logic is included that controls access to the plurality of contents. In one aspect, the memory cell array can include a protected-cell zone and a free-cell zone. In this aspect, the security memory device can further include a lock that provides protection for contents stored in the protected-cell zone from access and a key that is capable of unlocking the lock.

Abstract: Provided is a device that prevents unauthorized copying of a document to which copy inhibition information is added.

Abstract: A method and system for determining the level of allowed communication between devices. By addition of one or more tamper-resistant proximity check server(s), round-trip time measurements to estimate the distance between the communication devices are performed in order to determine the amount of communication allowed between these devices. In one embodiment, a single tamper-resistant proximity server computes the distance between communication devices that are implemented as trusted applications on open platforms.

Abstract: Systems, method and apparatus are described for reducing unauthorized usage in a television distribution system. A television receiver communicates with base stations of a wireless communication network. Based on the communications with the base station, the television receiver identifies its location and transmits the location information to a data collection system through the wireless communication network. The data collection system utilizes the location information to identify unauthorized uses of the television receiver.

Abstract: In one embodiment, a method comprises identifying an identifiable video object from a video picture of a digital video having video content and commercial content, the video picture contained within the video content; encoding the identifiable video object as a video overlay object; encoding the commercial content based on generating a first key frame, and storing the video overlay object within the first key frame as an object that is not displayed as part of the commercial content; and encoding the video picture based on generating a second key frame that includes a default video object in place of the identifiable video object, the default video object including an overlay reference to the video overlay object within the first key frame, wherein unavailability of the video overlay object during rendering of the second key frame causes display of the default video object to visually corrupt the video picture.

Abstract: A play limit is set for a media file. The play limit can be, for example a date, or a number of times that the file has been played. When the file exceeds the play limit, the quality of the file playing is degraded.

Abstract: A method for preventing unauthorized installation of application software is disclosed wherein application software is distributed with a user-readable permanent password, one or more user-readable one-time disposable password, and a hidden password (hidden from users but accessible by the setup program). When the setup program is run, the user must enter the permanent password and disposable password(s). The setup program sends these passwords and the target computer serial number to a remote server which verifies their validity, stores the serial number, and returns a complex password and a new disposable password from a remote passwords folder stored on the remote server. The setup program displays the new disposable password to the user who records it for use in future installations. The complex password is used to enable installation of the software, and it is deleted after installation is complete.

Abstract: A method for managing rights associated with data is described. A request to access encrypted data is intercepted. Credentials associated with the request are verified. The data is decrypted if the credentials are verified. The decrypted data is marked with an identifier. Predetermined operations directed to the decrypted data are monitored.

Abstract: A method, system, and apparatus for authenticating transactions and records is disclosed. An information-based indicium includes an article bearing a first identifier, wherein the first identifier substantially prevents a single user from accumulating multiple articles bearing the same first identifier, and a first digital certificate that is derived in part by encoding the first identifier, wherein the first digital certificate and the article may be presented together to authenticate the indicium by comparing the first digital certificate and the first identifier.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for controlling capabilities of a user software application. A user software application is provided, the user software application including a set of disabled operations. Content capable of being operated on by one or more of the disabled operations in the set of disabled operations is received. Application rights information operable to enable an operation in the set of disabled operations to operate on content within a context specified in the application rights information are received and the operation in the set of disabled operations is enabled to operate on the received content. Methods and apparatus for providing content to be operated on by a user software application and methods and apparatus for providing a configurable, context-dependent user software application are also described.

Abstract: A method for preventing rendering of content at overlapping time periods on more rendering devices than permitted by a license associated with the content is disclosed.

Abstract: Simultaneous tamper-proofing and anti-piracy protection of software is provided by splitting applications into two parts: an application, and an application launcher. The application is subject to the tamper-proofing protections deployed by a networked service, while the application launcher is subject to anti-piracy protections. To ensure that the application benefits from the anti-piracy protection of the application launcher, the application and application launcher share a trusted challenge-response relationship. The application includes a challenger library for issuing challenges to the application launcher, and the application launcher includes a responder library for responding to such challenges.

Abstract: Provided is a method of preventing digital content from being used despite the presence of copy control information. In the method, a security apparatus capable of restricting use of contents generates a nonce with respect to a storage device and stores the nonce in the storage device and a memory separated from the storage device when content is stored in the storage device; updates the nonces stored in the memory and storage device when movement of the content occurs; and permits use of the content only when the nonce of the storage device, which is stored in the memory, is equal to the nonce stored in the storage device if the content is requested for use, thereby preventing a disk cloning attack.

Abstract: In a content data reproducing apparatus having a temporary memory for stream reproduction, a content data acquisition section acquires content data from an external content provision server. A storage control section temporarily stores the content data acquired by the content data acquisition section in the temporary memory such that the stored content data should be erased from the temporary memory when a power supply is turned off. A reproduction condition acquisition section acquires reproduction condition data which defines a reproduction condition for reproducing the content data. A reproduction section reproduces the content data read from the temporary memory.

Abstract: An image output system includes a computer and a complex machine connected to the computer. A password generating section of the complex machine, in a case where a user ID transmitted from a transmitting section of the computer is stored in a HDD, generates a password which is different from the user ID, and the transmitting section transmits the password generated by the password generating section. A controller, in a case where the password received by a password receiving section and the password transmitted from the password transmitting section to the computer, controls an image forming section to output image data which is not combined with electronic watermark information by an electronic watermark information combining section.

Abstract: A content management system which can prevent a content from being copied exceeding the limited number of copies for the content. The content management system includes a first content management device and a second content management device. The first content management device stores period information that indicates an available period during which a first external device is permitted to use a copied content which has been copied from the content, and outputs the period information to the second content management device when the content is moved. Upon receiving the period information from the first content management device, the second content management device judges whether the available period of the copied content has expired, using the received period information, and if it is judges that the available period has not expired, it inhibits the content from being copied to the second external device.

Abstract: An embodiment may include circuitry that may be comprised in a host. The host may include memory and a host processor to execute an operating system. The circuitry may be to determine, independently of the operating system and the host processor, the authenticity of signature list information, based at least in part upon authentication information received by the circuitry from a remote server. The circuitry also may be to determine, independently of the operating system and the host processor, based at least in part upon comparison of at least one portion of the signature list information with at least one portion of contents of the memory, whether authorized and/or malicious data are present in the at least one portion of the contents of the memory. Of course, many variations, modifications, and alternatives are possible without departing from this embodiment.

Abstract: A system and method for conducting electronic commerce are disclosed. In various embodiments, the electronic transaction is a purchase transaction. A user is provided with an intelligent token, such as a smartcard containing a digital certificate. The intelligent token suitably authenticates with a server on a network that conducts all or portions of the transaction on behalf of the user. In various embodiments a wallet server interacts with a security server to provide enhanced reliability and confidence in the transaction. In various embodiments, the wallet server includes a toolbar. In various embodiments, the digital wallet pre-fills forms. Forms may be pre-filled using an auto-remember component.

Abstract: A device, method, and computer-readable medium are disclosed. In one embodiment, the device includes an inbound port to receive information from an information retrieval peripheral. The device also includes an outbound port to send information to a local computing device. The device includes masking logic to cause the local computing device to recognize the portable security device as at least one of a plurality of endpoint devices. The device also includes data obfuscation logic that is capable of obfuscating simple data format data, received from the information retrieval peripheral, obfuscating that data into a non-simple data format, and sending the obfuscated data to the local computing device. The non-simple data format includes at least one frame of video.

Abstract: A method is disclosed for generating a read error during standard DVD disc manufacturing. The method generates a read error in an error correction code (ECC) block including a specific error generation data pattern, when main data of 2,048 bytes is generated using the specific error generation data pattern according to a DVD standard. The error-pattern original data is inserted into the main data that is scrambling based on a DVD standard. The scrambled data is recorded in data sectors. The scrambled data including an error pattern which causes a read error is consecutively recorded in the data sectors included in the ECC blocks, in a process in which the data sectors are grouped based on 16 units to form the ECC blocks.

Abstract: Federated systems for issuing playback certifications granting access to technically protected content are described. One embodiment of the system includes a registration server connected to a network, a content server connected to the network and to a trusted system, a first device including a non-volatile memory that is connected to the network and a second device including a non-volatile memory that is connected to the network. In addition, the registration server is configured to provide the first device with a first set of activation information in a first format, the first device is configured to store the first set of activation information in non-volatile memory, the registration server is configured to provide the second device with a second set of activation information in a second format, and the second device is configured to store the second set of activation information in non-volatile memory.

Abstract: In an information processing apparatus, a first display screen is displayed to allow for specifying whether to form a copy-forgery-inhibited unit pattern or an array of copy-forgery-inhibited unit patterns, and a second display screen is displayed to allow for specifying a position at which to form the copy-forgery-inhibited unit pattern by selecting the position from a plurality of candidates.

Abstract: An electromechanical system consists of a memory storage unit in which the licensed video files are stored. The function of this device is to recognize the requested data and thereby allow the video file contents from the memory storage unit according to the instructions set to this device. It is an effective means for protecting the video files in the device from non-duplication.

Abstract: A method and computer-readable medium for deterring software piracy in a volume license environment. An activation bypass message is generated and sent. Information contained in the activation bypass message is compared to a list of machine identifiers. A binding service message contains a count of the machine identifiers in the list. Once the count reaches a predetermined threshold, software activation bypass may occur.

Abstract: A method for moving a rights object (RO) between devices, a method of using a content object based on the moving method, and devices using the methods are provided. The moving method includes performing authentication between two devices; securing a connection between the devices; and communicating the rights object between the two devices. The using method includes two devices communicating with each other, the first device having use permission of content objects and the second device including the content objects and corresponding rights objects; the first device searching for the content objects; and the first device using the content object that was found. The device includes an authentication module to authenticate another device; a security formation module to secure a connection for the other device; and a transceiving module which communicates a rights object for which the connection has been secured.

Abstract: Various aspects as described herein are directed to systems, method, apparatuses, and software for intercepting requests to copy content, paste content, clip content, cut content, or perform a print screen operation, and either allowing the requested operation to occur or preventing the operation depending upon whether the content is sourced from a streamed application or a non-streamed application, and/or depending upon a streamed application-based policy. This may be performed by, for instance, hooking an appropriate function call to the operating system.

Abstract: Techniques for encryption key destruction for secure data erasure via an external interface or physical key removal are described. Electrical destruction of key material retained in a memory of a storage device renders the device securely erased, even when the device is otherwise inoperable. The memory (e.g. non-volatile, such as flash) stores key material for encrypting/decrypting storage data for the device. An eraser provides power and commands to the memory, even when all or any portion of the device is inoperable. The commands (e.g. erase or write) enable zeroizing or destroying the key material, rendering data encrypted with the destroyed key material inaccessible, and therefore securely erased. Alternatively, the memory is a removable component (e.g. an external security device or smartcard) coupled to the device during storage operation. Removing and physically destroying the memory renders the device securely erased. The device and/or the memory are sealed to enable tamper detection.

Abstract: Embodiments of the invention generally provide a method and apparatus for enabling digital rights management in file transfers. One embodiment of a method for transferring digital content from a first user to a second user, includes transferring ownership of an instance of the digital content to the second user, where the instance of the digital content resides on a first device belonging to the first user. Copies of the digital content are then deleted from one or more additional devices belonging to the first user (including at least one offline device).

Abstract: An automated system and method for piracy control based on user generated updates is described. The system and method described renders human intervention for piracy control superfluous and, therefore, is cost-effective, and consumes less time. The automated system and method for piracy control based upon update requests significantly reduces the number of update requests by pirated copies of the software, reduces the burden on the update server and smoothens the overall user experience for the legitimate users of the software.

Abstract: A novel method and apparatus for protection of streamed media content is disclosed. In one aspect, the apparatus includes control means for governance of content streams or content objects, decryption means for decrypting content streams or content objects under control of the control means, and feedback means for tracking actual use of content streams or content objects. The control means may operate in accordance with rules received as part of the streamed content, or through a side-band channel. The rules may specify allowed uses of the content, including whether or not the content can be copied or transferred, and whether and under what circumstances received content may be “checked-out” of one device and used in a second device. The rules may also include or specify budgets, and a requirement that audit information be collected and/or transmitted to an external server. In a different aspect, the apparatus may include a media player designed to call plugins to assist in rendering content.

Abstract: A document managing system includes: an image forming device that includes an image forming part, and forms a document on a prescribed output medium; a discarding device that includes a document discarding part that discards the document formed on the output medium by the image forming device; and a discard certificate issuing device that includes a discard certificate issuing part, and issues a certificate of a discarding process in the discarding device.

Abstract: A medical information system includes a portable device and remote authentication computing device. The portable device stores a person's personal medical information, which it does not allow to be accessed without authentication, and has an activation mechanism and a computing device communication mechanism. The remote authenticating computing device is connected to a computing device network and stores authentication information and has an authentication software module and a diagnostic software module. The activation mechanism communicates the device with the remote authenticating computing device. The authentication software module requests authentication information from a user, receives input authentication information, verifies received authentication data against the stored authentication information, and after successful verification allows the medical information to be accessed by a computing device.

Abstract: A system consisting of a memory storage unit in which the licensed audio files are stored. The function of this device is to recognize the requested data and thereby allow the audio file contents from the memory storage unit according to the instructions set to this device. It is an effective means for protecting the audio files in the device from duplication.

Abstract: A method for detecting an attempted attack on a security system. In one preferred embodiment of the present invention, the method includes the step of retrieving a parameter from a hardware system, wherein the parameter changes during an operation of the hardware system. Then, comparing the retrieved parameter with a previously stored parameter; and, detecting a lack of change between the retrieved parameter and the previously stored parameter. An apparatus and an article of manufacture for detecting an attempted attack on a security system is also disclosed.

Abstract: A new media device including a decryption device that is operable to create a decryption key to read media. The decryption device is itself a read/write device that allows reducing or decrementing each time the decryption key is used.

Abstract: A mechanism is provided for identifying a snooping device in a network environment. A snoop echo response extractor generates an echo request packet with a bogus MAC address that will only be received by a snooping device. The snoop echo response extractor also uses an IP address that will cause the snooping device to respond to the echo request. Non-snooping devices discard the echo request packet. Upon receiving the response packet, the snooping device is identified.

Abstract: A security system includes an appliance to be secured, including a processor and a first wireless transceiver for accessing a data network with a first power requirement; and a second wireless transceiver receiving power to operate even if the appliance is off, hibernates or sleeps, the second wireless transceiver operating at a second power requirement lower than the first power requirement, the second wireless transceiver communicating a signal indicating a security status of the appliance.

Abstract: Disclosed herein is an information processing apparatus including: a unit information acquisition section; an identification information acquisition section; a secondary version information acquisition section; a comparison section; and an operation control section.