Abstract: This invention discloses a method and system for processing logic modules, each having a separate functionality, into a unique functionality that is to be executed in an interlocked mode as a unique functionality. The method is based on taking logic modules (programs and data) with known functionality and transforming them into a hidden program by integrating modules to execute together into a logic which is partially obfuscated and/or encrypted and/or physically hidden. The hidden program is being updated dynamically to strengthen it against reverse engineering efforts. The program includes the functionality for generating security signals, which are unpredictable by observers, such as a pseudo random sequence of security signals. Only elements that share the means for producing the security signals can check their validity. The modules include operational tasks and performance parameters for this operation.

Abstract: The objective of this invention is to provide continuous remote authenticated operations for ensuring proper content processing and management in remote untrusted computing environment. The method is based on using a program that was hidden within the content protection program at the remote untrusted computing environment, e.g., an end station. The hidden program can be updated dynamically and it includes an inseparable and interlocked functionality for generating a pseudo random sequence of security signals. Only the media server that sends the content knows how the pseudo-random sequence of security signals were generated; therefore, the media server is able to check the validity of the security signals, and thereby, verify the authenticity of the programs used to process content at the remote untrusted computing environment. If the verification operation fails, the media server will stop the transmission of content to the remote untrusted computing environment.

Abstract: An authenticated and metered flow control method provides a network interface with the capability to determine the authenticity of programs used to generate and send data packets, thereby ensuring that users who send data packets are well behaved. The method is based on using a hidden program that was obfuscated into the program used for generating and sending data packets. More specifically, the hidden program generates a pseudo random sequence of security signals that are included in the sequence of data packets that are sent from the user to the network interface. Only the network interface knows how the pseudo random sequence of security signals was generated, and therefore, the network interface is able to check the validity of the pseudo random sequence of security signals, and thereby verify the authenticity of the programs used to generate and send data packets.

Abstract: This invention discloses a method and system for communication that consist of an end station and a network interface, such that, the network interface is capable of determining the authenticity of the program used by the end station to generate and send data packets. The method is based on using a hidden program that was obfuscated and encrypted within the program that is used to generate and send data packets from the end station. The hidden program is being updated dynamically and it includes the functionality for generating a pseudo random sequence of security signals. Only the network interface knows how the pseudo random sequence of security signals were generated, and therefore, the network interface is able to check the validity of the pseudo random sequence of security signals, and thereby, verify the authenticity of the programs used to generate and send data packets. The method further comprises of means for coordinating the initialization of the end station and network interface.

Abstract: The objective of this invention is to ensure that programs that generate and send data packets are well behaved. This invention discloses a method and system that consist of an end station and a network interface, such that, the network interface is capable of determining the authenticity of the program used by the end station to generate and send data packets. The method is based on using a hidden program that was obfuscated within the program that is used to generate and send data packets from the end station. The hidden program is being updated dynamically and it includes the functionality for generating a pseudo random sequence of security signals. Only the network interface knows how the pseudo random sequence of security signals were generated, and therefore, the network interface is able to check the validity of the pseudo random sequence of security signals, and thereby, verify the authenticity of the programs used to generate and send data packets.

Abstract: This invention relates generally to a method and apparatus for timely forwarding, discarding, and delivering data packets over the network and to their destination nodes and the optimization of data transfer throughput through the network. The timely forwarding and discarding are possible thanks to the standard global common time reference (CTR) that is known as UTC (Coordinated Universal Time). UTC is available from GPS (Global Positioning System), Galileo, and GLONASS (Global Navigation Satellite System). Data transfer throughput optimization is pursued by taking advantage of the timely forwarding and discarding properties to improve the data packets transfer flow control mechanisms, such as the sliding window re-sizing algorithm implemented by the widely deployed Transmission Control Protocol (TCP).

Abstract: This invention discloses a method and system for detecting and reacting to unexpected communications patterns. The system consists of a plurality of end stations and a plurality of network interfaces, such that, the network interface is capable of determining the authenticity of the program used by the end station to generate and send data packets. The system further consists of a plurality of secure management servers, which continuously exchange management messages with the network interfaces. Consequently, the secure management servers have the information for detecting unexpected communications patterns. The method allows the control of end stations, and when an unexpected communication pattern is detected, selectively only packets from authenticated programs can be allowed to be transmitted.