Abstract: A method of initializing and personalizing a chip card (100) and to a chip card (100) for this purpose. In accordance with the present invention, there are created in the data memory (102) of the chip card (100) data structures (200, 210, 300) which enable the personalizing data which is to be transmitted to the chip card (100) at the time of personalization to be unambiguously assigned to the various chip card applications and thus to the providers of these applications. As a result, the chip card applications are securely isolated from one another at the time of personalization.

Abstract: A method and apparatus for the user-defining, configuring and starting of an application or software components to form an application by means of a token and in particular a chip card. Via the service identifiers stored in the chip card which represent applications or software components to form applications, the chip card user can install the desired application. The card agent accepts the request for an application, checks the register to see if the application is present and if it is not, makes a connection to communicate with the server in order to download the application to the user system.

Abstract: The present invention provides encryption schemes and apparatus which securely generate a cipher-text which in itself contains checks for assuring message integrity. It also provides compatible decryption schemes confirming message integrity. The encryption scheme generates a cipher-text with message integrity in a single pass with little additional computational cost, while retaining at least the same level of security as schemes based on a MAC. One embodiment encrypts a plain-text message by dividing the plain-text message into a multitude of plain-text blocks and encrypting the plain-text blocks to form a multitude of cipher-text blocks. A single pass technique is used in this process to embed a message integrity check in the cipher-text block. A message integrity check is embedded in the cipher-text blocks by embedding a set of pseudo random numbers, which may be dependent, but are pair-wise differentially uniform. We also describe an embodiment which is highly parallelizable.

Abstract: Methods, system and apparatus are provided for advertising service offerings in a communication system. An example embodiment comprises at least one device. A first device broadcasts a message of a first type, chooses a value for a time limit and listens for a message sent by a second device. If no message has been received before time limit, elapse, it again broadcasts a message of a first type. Otherwise, the message received from said second device is analyzed and if said message includes valid information about said first device chooses a value for the time limit. However, if said message received does not include valid service description about said first device, a message of a second type is broadcast. This reduces useless broadcast of a complete service list. Broadcast may be initiated more often and, service discovery for new devices coming into proximity takes less time.

Abstract: Methods, systems and apparatus which resample a primal mesh signal composed of primal points associated with primal mesh vertices of a primal mesh connectivity of a primal mesh producing a dual mesh signal composed of dual points associated with primal mesh faces of said primal mesh connectivity. The dual points are computed by minimizing a quadratic energy function. The quadratic energy function is composed of a sum of square terms. The invention also constructs a dual mesh from a primal mesh, with the dual mesh signal constructed with the resampling method. It also smoothes a primal mesh signal of a primal mesh. It also constructs a primal-dual mesh from a primal mesh, with the primal-dual mesh connectivity of said primal-dual mesh constructed using a prior art method, and the primal-dual mesh signal constructed by concatenating said primal mesh signal and a dual mesh signal computed with the resampling method.

Abstract: Provides point label placement determining methods, apparatus and systems. A point label placement determining method and system are used in map browsing service based on session mode. In an example embodiment, initial label placement data in a scale is calculated by a static point label determining method. When a user requires a map browsing service, the requirement are met by using an incremental label placement method on the base of said initial label placement data. The incremental point label placement method dramatically reduces the cost for service process. Therefore, the simultaneous requirements of a large number of users can be met. The present invention is successfully used in location based service systems.

Abstract: A system and method for unique authentication of each replication of a plurality of soft-copy documents, forming a group. One soft-copy document, out of the group, becomes a carrier for an authentication code aimed at protecting the group. The authentication code is computed from the concatenation of the plurality of soft-copy documents and a key. A random number is also generated for each replication of the group of files. The random number is combined with the authentication code to mark the soft-copy document which has been selected to become the carrier. Thus, the invention introduces randomization in the insertion of the authentication code so that for each replication of an identical group of data files, unique authentication data can be associated, merged and hidden in the transmitted information.

Abstract: The present invention provides a collaboration technique for synchronizing display scrolling and the locations of remote pointers in the windows of web browsers, independent of the types and the setups of the web browsers. An example embodiment of an information processing system comprises: a collaboration server to be connected to a web server, and a plurality of terminals, for obtaining web content from the collaboration server and for performing a cooperative operation. Terminal devices includes a web browser for displaying web content, and obtains identification information for an object selected as a synchronization reference among objects in the web content, and transmits the information to the other terminal, with which it performs a cooperative operation. The terminal employs the identification information for a predetermined object that it receives, calculates the location of the pertinent object, and controls the web browser in accordance with the location of the object.

Abstract: This invention describes methods, apparatus and systems for virtualization of iSCSI storage. Virtual storage isolates the clients from the management of physical storage resources. In this invention, each physical storage device supports multiple logical units (LUNs). Each supported LUN is associated with a separate TCP port number and iSCSI commands received on a given port implicitly refer to the associated LUN. An iSCSI host addresses each logical unit of storage (LUN) with a virtual IP address and port number. Using an address translation table, the virtualization gateway rewrites the destination IP address in the header of an incoming packet as well as the destination port number to correspond to the target physical LUN. Migration of logical units across physical storage devices is supported by changing the address translation entries at the gateway; and the gateway can be provided by a standard network router with support for address translation.

Abstract: Methods and apparatus for achieving agreement among participating network devices in an asynchronous network for deciding on a common value is disclosed, whereby the common value is validated by a justification and both together satisfy a predetermined predicate. Moreover, a method for reliably broadcasting messages in an order within the asynchronous network is described. Up to one third or more of the participating network devices might be faulty in arbitrary ways.

Abstract: The present invention provides a watermarking method, apparatus and system for embedding additive information in digital data, in which one frame is defined as including samples extracted from digital data and a current frame is defined as a frame that is overlapped by samples of a preceding frame. Included are: a transformation unit, for multiplying a frame extracted from digital data by a window function and performing a Fourier transform on the digital data; an embedding unit, for employing bit information and a frequency band to change the amplitude of the frequency component in the digital data; a transformation unit, for performing an inverse Fourier transform to return the frequency component whose amplitude has been changed by the frequency domain embedding unit; and a frame generator, for multiplying the time domain signal and superimposing overlapped frames to generate a frame wherein the additive information is embedded.

Abstract: This invention provides methods, apparatus and article of manufacture used as a countermeasure to image distorting. The present invention involves automatically detecting the presence of distortion in a presumed distorted image, measuring the magnitude and type of distortion, and finally creating a realigned image. Once image distortion is removed, conventional invisible watermark extraction methods are employed to extract the watermark from the realigned image. The automatic method does not depend on a process of visually examining a composite image and recording the coordinates of pixel locations closest to common image features in a distorted image and reference image. Generally, the presumed distorted image is resized to the same size as the reference image. Reference centers at at least three distinct points that do not form a straight line are selected. At each reference center, a sub-image is excised.

Abstract: A method, apparatus and computer product that enables a processor associated with a node in a computer system having various nodes, the nodes having sensors which provide data, and the nodes being connected by a communications facility acquiring local data from the sensor and remote data from other nodes via the data transfer facility. The nodes process data from a local sensor at the node and from remote sensors at other nodes; and analyze the local data, data from other nodes and local decisions made at and received from other nodes to make a local decision for action at the node. A local decision made at a node is in turn communicated to other nodes.

Abstract: A system for proving ownership of digital media works. Proof of ownership of such type of work is provided by a protocol for registering a work with a registration center thus providing the rightful owner or copyright holder of the work with an ownership certificate. There is also provided a protocol for proving to another party who is a prospective buyer or licensee, that an ownership claim is correct and valid by providing the ownership certificate when required. Another protocol is utilized for showing to a third party, a prospective buyer or licensee, that a second party has correctly obtained the corresponding work from the rightful copyright owner.

Abstract: This invention provides methods and apparatus for validating that transformations that are expected to occur in an IP network are indeed occurring as expected. Generally, these transformations establish logical communication tunnels within an IP network between the devices that perform the transformation and the devices that perform the reverse transformation. The invention is useful to validate the configuration of devices that support a variety of IP transformation methods, including IP-security protocols using the standard Encrypted Secure Payload protocol and Authenticated Header protocols as defined by the IETF. The invention is particularly useful to validate cases in which transformations occur on the full path of a packet traversing between two machines in an IP network, or when the transformations only occur on part of this path.

Abstract: The present invention provides methods and apparatus for generating a TCR-commitment having properties differing from the properties of a regular commitment. It provides solutions to the problem of packet authentication for multicast and other scenarios requiring fast, compact digital signature/commitment for E-commerce protocols. It also provides a relatively high level of security guarantees required for packet authentication in a way that can handle multiple independent flows, produces authentication fields of fixed size, works in the fully unreliable setting, does not require any packet delays and has the additional property of being able to withstand and smooth over irregular processor loading and bursty packet output rate. In an embodiment, it uses a hybrid approach consisting of the commiter/signer/bidder creating a certificate for the public key of an efficient k-time signature scheme using a regular signature key.

Abstract: A task management system, method and computer program product for determining optimal placement of task components on multiple machines for task execution, particularly for placing program components on multiple computers for distributed processing. First, a communication graph is generated representative of the computer program with each program unit (e.g., an object) represented as a node in the graph. Nodes are connected to other nodes by edges representative of communication between connected nodes. A weight is applied to each edge, the weight being a measure of the level of communication between the connected edges. Terminal nodes representative of the multiple computers are attached to the communication graph. Independent nets may be separated out of the communication graph. A cut is made at each terminal node and the weights of the cut edges are summed.

Abstract: The present invention provides apparatus and methods for determining a propagation time of a signal transmitted from a first location to a second location as a request signal and received as a response signal by the first location via a channel. In an example embodiment, a method comprises the step of determining the propagation time of the signal based on a local counter value that represents the time between transmission of the request signal and reception of the response signal, a remote counter value that depends on the request signal and being known to the first location, and a determinable time-delay value. The remote counter value represents an inter-time-delay between the reception of the request signal and the start of transmission of the response signal at the second location.

Abstract: To obtain an electric power unit, an electric power controller, and an electric power controlling method that can know a date for starting use of an electric power unit respectively, as well as to obtain a computer that can know a date for starting the use of the built-in electric power unit. There is provided a main battery 64A, which is an electric power unit, with a memory 104 for storing data denoting a date for starting the use of the main battery 64A so as to store the data of the battery use starting date in the memory 104 via a CPU 102 just once when using of the main battery 64A is started actually by the embedded controller 80. To know the date on which using of the main battery is started, the embedded controller 80 is used to read the date from the memory 104.

Abstract: The present invention provides methods, apparatus and systems for defining variables to be used in a multi-lingual presentation system accessed by the Internet network wherein a plurality of visual objects such as charts and/or slides controlled by a third party in a server can be accessed by any user of the Internet network having a workstation. In an example embodiment, visual objects are each associated with an audio recording in any language selected amongst several predetermined languages. This method generally includes creating a control file having variables defining all the parameters of a presentation requested by a user of the Internet network. The variables are defined in the control file previously to the presentation.