Abstract: System and method for auditing for usage of licensed software in which a client executing the software generates and transmits a license key and a covert key to a server via network connection. The license key is transmitted to the server upon activation of the licensed software at the client. The covert key is generated based on at least a portion of the software code activated at the client and is transmitted to the server at random or at predetermined time intervals after transmission of the licensed key so as to avoid detection by a user. The license and covert keys are each associated with a device fingerprint that uniquely identifies the device transmitting each one of the respective keys. Unauthorized software usage at a client is determined at least when a covert key does not correspond to a device fingerprint having an associated license key.

Abstract: A system for tracking user activities on a computing network and generating a peer-group score based on those activities may be implemented in hardware and software that when executed performs steps for receiving at a server information including a device identifier, a user score associated with the device identifier, and content provider information from a content provider, the device identifier being based on one or more of user-configurable and non-user-configurable parameters of a user device used to access network-accessible content of the content provider, categorizing the content provider as belonging to one or more classes of service based on the received information, retrieving from a database one or more provider-generated user scores belonging to an identical one of the one or more classes of service and being associated with an identical device identifier, and generating a peer-group score for the received device identifier based on the received user score and the one or more retrieved provider-ge

Abstract: A method for selectively allowing participation in an auction, implemented at one or more servers, includes steps for receiving a request to participate in the auction, receiving machine fingerprint data related to the request to participate in the auction, saving the machine fingerprint data in a memory, comparing the machine fingerprint data with previously stored machine fingerprint data, and determining, using the machine fingerprint data, whether to allow the participation in the auction.

Abstract: A network security system includes a server configured to receive an access request via a network from a remote computing device, a database storing customer account information accessible by the server, and memory accessible by the server and storing a customer notification program. When executed by the server, the program identifies the remote computing device by a device fingerprint and requesting location, determines whether the device fingerprint matches any authorized device fingerprints stored in the database, and sends, responsive to a mismatch between the device fingerprint and the authorized device fingerprints, a notification of the request to a customer-specified address. The notification indicates the request, the identity of the remote computing device, and the requesting location. The program may resolve the request responsive to a reply to the notification from the customer-specified address.

Abstract: A system and method for preventing piracy of a given software application limits the number of times that such software application is activated. A given software application must be activated in order to become fully functional. The user must provide a unique software identification code, relating to the specific software which the user is attempting to activate, to a remote provider. The remote provider determines the number of times that such specific software has already been activated, and provides an activation code to the user unless the number of activations exceeds a predetermined threshold. Once activated, the software becomes fully operational, and the user is allowed complete access to its functions.

Abstract: A network security system includes a server configured to receive an access request via a network from a remote computing device, a database storing customer account information accessible by the server, and memory accessible by the server and storing a customer notification program. When executed by the server, the program identifies the remote computing device by a device fingerprint and requesting location, determines whether the device fingerprint matches any authorized device fingerprints stored in the database and sends, responsive to a mismatch between the device fingerprint and the authorized device fingerprints, a notification of the request to a customer-specified address. The notification indicates the request, the identity of the remote computing device, and the requesting location. The program may resolve the request responsive to a reply to the notification from the customer-specified address.

Abstract: A device reputation server recognizes malicious devices used in prior attacks and prevents further attacks by the malicious devices. Server computers require a digital fingerprint of any client devices prior to providing any service to such client devices. Logging of network activity include the digital fingerprint of the device perpetrating the attack. When an attack is detected or discovered, the attacked server reports the attack and the digital fingerprint of the perpetrating device to a device reputation server. The device reputation server uses the report to improve future assessments of the reputation of the device associated with the reported digital fingerprint.

Abstract: A device authentication server authenticates a remotely located device using data representing pixel irregularities of a display of the device. Since each display will deteriorate in a unique and randomized way, a unique mapping of pixel irregularities of a display of a device will be unique. By combining unique map of pixel irregularities of a display of the remotely located device, the device can be distinguished from similar devices when other attributes alone are insufficient to uniquely identify the device.

Abstract: As system for locating a network node may be implemented as a static network device for determining location of a mobile node. The system includes a transceiver for receiving a device identifier over a public network from the mobile node, the device identifier based on a user-configurable parameter and a non-user-configurable parameter of the mobile node, and a processor coupled to the transceiver and to memory containing executable code. When executed, the code effects method steps for: accessing, in response to the transceiver receiving the device identifier, a database of authorized device identifiers corresponding to known mobile nodes, establishing, in response to the device identifier matching one of the authorized device identifiers, a secure private network with the mobile node, and communicating with two additional static network devices, the three static network devices implementing triangulation to determine a location of the mobile node.

Abstract: A test person is compared to a reference person by comparing detailed information regarding the configuration, capabilities and usage of computers—such as installed hardware devices, makes and models and firmware versions of such hardware devices, installed software, versions of installed software, and usage logs—used by the respective individuals. In effect, each person's computer is considered a proxy for the person herself, representing countless purchasing, maintenance, pastime choices in the configuration and use of a thoroughly complex personal and professional tool.

Abstract: Devices of an individual's device-sphere recognize risky or undesirable behavior requested by devices outside of the device-sphere and allow the user to prevent the behavior. The user's decision is stored and used to protect all devices of the user's device-sphere from similar risky behavior from the outside devices. If the choice is made for all devices of the user's device-sphere, the choice is broadcast to other devices of the user's device-sphere such that other devices can benefit from the choice made by the user.

Abstract: A device reputation server recognizes malicious devices used in prior attacks and prevents further attacks by the malicious devices. Server computers require a digital fingerprint of any client devices prior to providing any service to such client devices. Logging of network activity include the digital fingerprint of the device perpetrating the attack. When an attack is detected or discovered, the attacked server reports the attack and the digital fingerprint of the perpetrating device to a device reputation server. The device reputation server uses the report to improve future assessments of the reputation of the device associated with the reported digital fingerprint.

Abstract: A device such as a network appliance compares reference device attributes of the device obtained during manufacture to attributes of the device sampled at start-up to determine whether the device has been tampered with since manufacture. At manufacture, attributes of components of the device are measured, including attributes not normally measurable after manufacture. Upon initial power up in the field, the device measures the same attributes and compares the resulting measurements to the corresponding attribute values measured at manufacture. If any attribute has changed, the device determines that it may have been modified or tampered with and so indicates.

Abstract: A device authentication server authenticates a remotely located device using unique data associated with the user of the device stored on a remotely located server that has an established relationship with the device, such as client logic installed on the device and authentication data of the user stored on the device. The unique data can be unique metadata associated with inter-person messages. Since each user receives and sends a unique collection of messages, the unique message meta-data associated with a user's account is, in aggregate, unique.

Abstract: Devices of an individual's device-sphere cooperate with a device-sphere manager to improve continuity of the user's experience using any of the devices. When a device's state changes, the device reports the change to the device-sphere manager. The device-sphere manager modifies the device image for the reporting device and informs other devices of the device-sphere that corresponding changes should be made in the other devices as well. Each device image includes application records representing applications installed in the subject device. The device image for each device also includes partition images of each of one or more partitions of persistent storage of the device. A data image for the device-sphere represents data shared among the constituent devices of the device-sphere.

Abstract: A method for registering a computing device to a user account using at least one user-selected fingerprintable device externally accessible to the computing device including transmitting a registration information request to the computing device, receiving at least one device fingerprint of the at least one user-selected fingerprintable device accessible by the computing device, and primary identification data of the computing device, generating a skeleton key, recording the primary identification data, and associating the skeleton key and the primary identification data with the user account.

Abstract: Systems and methods are provided for controlling access to online services. For example, the system may include an application running on a user computer (130) that collects platform data (e.g. physical device parameters) and generates a machine fingerprint (stage 602). The computer (130) may send the machine fingerprint to the authentication server (110). The server (110) may associate the received machine fingerprint with the appropriate online account information received from a host server (120) or the like (stage 604). The authentication server (110) may send the appropriate registration status signal to the host server (120), which in turn may update the online profile information to include the user's registration status (stage 606).

Abstract: A forum server distinguishes credentialed professional users from other users while maintaining the anonymity of all users. All users supply information by which they are accurately and personally identified. Personally identifying information of credentialed professionals is used to very the credential of the user through a credential authority server. In a user forum, both lay and professionally credentialed users can participate. Lay users are prevented from rating messages posted by credentialed professional users. In a professional consultation forum, only credentialed professionals are permitted to participate. Credentialed professional users are provided with a user interface by which they can rate and comment upon messages posted by other credentialed professionals. Thus, the ratings of peers are well-informed ratings. When a credentialed professional user participates in either forum, the aggregate peer rating of the user is displayed.

Abstract: A forum server distinguishes credentialed professional users from other users while maintaining the anonymity of all users. All users supply information by which they are accurately and personally identified. Personally identifying information of credentialed professionals is used to very the credential of the user through a credential authority server. In a user forum, both lay and professionally credentialed users can participate. Lay users are prevented from rating messages posted by credentialed professional users. In a professional consultation forum, only credentialed professionals are permitted to participate. Credentialed professional users are provided with a user interface by which they can rate and comment upon messages posted by other credentialed professionals. Thus, the ratings of peers are well-informed ratings. When a credentialed professional user participates in either forum, the aggregate peer rating of the user is displayed.

Abstract: A server sends information to user devices based on not only the current location of those devices but also predicted future locations of those devices. A number of actions are associated with one or more predetermined locations, a predetermined maximum amount of time, and a predetermined minimum likelihood. When the server determines that a given user device is likely to be in one of the predetermined locations within the predetermined maximum amount of time with at least the predetermined minimum likelihood, the server performs the associated acts with respect to the user device. An example of such an action is sending a promotion or advertisement to the user device, e.g., as an SMS message.