Abstract: A system and method for managing digital rights includes receiving a Universal Resource Identifier (URI). The URI is used to identify a location for a user selected digital media item. The digital media item is to be played in a local area network (LAN). The selected digital media item is retrieved from a content server over a network connection. If the selected digital media item is encrypted, a license to decrypt the selected media item is obtained. Access to the license is based on a plurality of access rules, which are based on the terms of the license. The plurality of access rules may also include personal owner rules. If a request for the license adheres to the access rules, the license is received via a secure out of band transfer and the selected digital media item is decrypted for playback via one or more media rendering devices.

Abstract: A system and method to support identity theft protection and, in particular, to a system and method for supporting identity theft protection as part of a distributed service oriented ecosystem in Internet protocol (IP) multimedia subsystem (IMS) and non-IMS networks. The system includes an identity session initiation protocol (SIP) application server configured to act as a security assertion markup language (SAML) bridge, which allows an SIP enabled device or a non-SIP enabled device to attach to a telecommunications service provider network. A user may accept or reject an authorization request using the SIP enabled device or non-SIP enabled device.

Abstract: A server is operable to receive a media device identifying number (ID) and establish an association between a media device and a payment account and, in one embodiment, supports at least one of payment authorization and payment clearing based at least in part on the media device ID and the payment account. A network and system includes a payment card processor server that is operable to receive a payment authorization request and to determine if an authorized media device generated a purchase selection message and to determine to approve a received payment authorization request based, in part, if the media device was authorized for the purchase selection based upon a received media device ID.

Abstract: Apparatus, method, and media for controlling utilization of content. An exemplary method comprises associating one or more usage rights with content, wherein the usage rights are based at least in part on a usage rights grammar, and wherein each of the usage rights corresponds to a permitted utilization of the content and one or more conditions which must be satisfied in order for the respective usage right to be exercised, receiving from an external computing device external, a request to access the content, the request corresponding to a utilization of the content, determining whether the requested utilization corresponds to at least one of the usage rights associated with the content, and transmitting to an external a computing device, at least one of the usage rights based at least in part on a determination that the requested utilization corresponds to at least one of the usage rights.

Abstract: Apparatus, method, and media for permitting use of content. An exemplary method comprises associating a transfer right with content, the transfer right specifying that the content is permitted to be transferred from a first computing device to a second computing device, transferring the content from the first computing device to the second computing device in accordance with the transfer right, updating information associated with the transfer right based on the transfer of the content from the first computing device to the second computing device, and associating a usage right with the content, the usage right corresponding to a utilization of the content, wherein the first computing device includes at least a server mode of operation, and wherein the second computing device includes both a requester mode of operation and a server mode of operation.

Abstract: Systems and methods to provide and maintain secure financial transaction conducted with a credit card or other cashless payment mechanism at a vending machine or other potentially unattended vending or point of sale device. Encapsulated card readers providing end-to-end encryption capabilities encrypt transaction data for secure transmission to a transaction host or server. Pre-authorization transaction data checking maintains account numbers in a secure encrypted format further enhancing security. Protection mechanisms that guard against, and provide warnings of equipment tampering, while also providing a visual indication to customers regarding the security of the system.

Abstract: A method, device, and system for conducting trusted payment transactions including establishing a trust relationship between a first mobile computing device and a second mobile computing device. The first mobile computing device may initiate a payment transaction with a point-of-sale device, communicate with the second mobile communication device to retrieve payment information from the second mobile communication device, and complete the payment transaction with the point-of-sale device using the payment information. The second mobile computing device is configured to verify the user and identity of the first mobile computing device prior to providing the payment information. Communications between the mobile computing devices may be encrypted using pre-determined encryption techniques.

Abstract: Systems and methods for authorizing a customer premise equipment (CPE) device to join a network through a network termination unit (NTU). The CPE device can send an encrypted connection request, and an authorization server can decrypt the connection request and provide a network membership key (NMK) associated with the CPE device to the NTU. The authorization server can encrypt the NMK associated with the CPE device using a device access key (DAK) associated with the NTU.

Abstract: Techniques for automated mobile transaction processing are provided. A consumer traverses to a web portal or other type of enterprise terminal device of an enterprise and proceeds to shop. During checkout, the portal contacts a transaction service and is delivered back an identifying barcode or Quick Response (QR) code. The consumer uses a mobile device to scan the code and send it to the transaction service. Previously registered payment details of the consumer are located and payment is received from the consumer. The portal is notified that payment is completed by the transaction service.

Abstract: A voucher verification system is based on SMS message-based processing of voucher verifications by a central verification authority. Merchants may establish an account with the system and then register mobile communication devices and those of employees by sending an SMS-based registration request to the system. Once registered, the merchant and employees may verify the status of vouchers by sending SMS-base verification requests to the system. Verifications of voucher status are returned to the merchant mobile device via SMS messaging.

Abstract: In some embodiments, techniques for computer security comprise displaying an electronic document, detecting a request to traverse a link, such as a hyperlink or a form submission, wherein the link is associated with an element of the document, evaluating an attribute, wherein the attribute is associated with the element of the document, and determining whether to perform the action based on the evaluation. Applications of these techniques include mitigating the effect of an attempt to modify web pages for fraudulent purposes, such as by a “phishing” attack incorporating malicious scripting.

Abstract: A method for accessing a service on a network, via a user terminal (30), includes a subscription phase wherein: a container is generated, including a first set of authentication data for accessing the service and a second set of useful data relating to access rights to the service the first and second sets of data being encrypted, the container is transmitted securely from the user terminal, and an access phase wherein: the container is transmitted securely from the terminal to a management server connected to the network, during a request for access, after decryption of the constituent data of the container, the server verifies the validity of the first set of data and, in the event that verification is successful, authorizes access to the service for its execution, based on the access rights.

Abstract: A method and system to enhance the protection of the data in an user equipment and secure real time streaming of the data in the user equipment is disclosed. The method and system includes sending request by at least one user to access at least one application server. The user is provisioned to download a appropriate CMSC and a mapper into the user equipment from the application server. The method and system further comprises user sending request via an IMS network to download a data to the user equipment. The data is encrypted in the application server and is downloaded into the user equipment. The mapper identifies the appropriate CMSC, which may decrypt the data. Further, the data undergoes double decryption in real time within the user equipment before being presented in user interface. The double decryption is provisioned using the valid CMSC downloaded in the user equipment.

Abstract: A method, system and software for permitting use of digital works having rights associated therewith in a system having repositories configured to enable use of the digital work in accordance with the rights, including associating a transfer right with a digital work, the transfer right specifying that the digital work is transferred from a first repository to a second repository; transferring the digital work from the first repository to the second repository in accordance with the transfer right; and in response to the transferring, step updating transfer right information in respect of the digital work.

Abstract: When a conflict occurs among usage rules for content data, a verification on the content data is made in accordance with the conflict solution policy defined in the usage rule for each of the content data. Available content data are determined in correspondence with a combination of grant verification results individually made on the content data.

Abstract: A method for automatically linking an anonymous electronic trade order having an order quantity (q) to an identity of a trader by providing an identity marker (s) of the trader; embedding the identity marker (s) by splitting the anonymous trade order into a number (n) of trade orders each having a corresponding order quantity x (i) to generate a trade order set; and placing the generated trade order set in an electronic order book.

Abstract: Transactions such as sales and exchanges of resources are managed in a virtual environment. A transaction manager receives a request for a transaction which involves multiple entities in the virtual environment. The request identifies the entities, as well as resources, such as objects and virtual currency, to be exchanged among the entities in the transaction. The request is first validated. Next, the resources which are to be contributed by the entities are gathered. An object is gathered from a first entity by updating a database record to render the object inaccessible. A new database record associates the object with a second entity, and renders the object inaccessible. A reserve can be imposed on a virtual currency account. The resources are then delivered to the entities, e.g., by updating the new database record to render the object accessible to the second entity. If the gathering fails, an undo phase is entered.

Abstract: In a franking method and a mail transport system, a franking image is calculated before generation thereof on a mail piece. The franking image includes a franking image key, and for each new franking image, the franking image key therefor is derived from a predecessor franking image key according to a first crypto-algorithm. An integrity check code is also generated based on the new franking image key, a key generation number, an apparatus identifier of the franking device, and a second crypto-algorithm. The franking image includes at least the device identifier, the key generation number and the integrity check code. Upon transport of the mail piece to a sorting center, the franking image is scanned and fees for billing are generated based thereon.

Abstract: One implementation provides a computer program product tangibly embodied in an information carrier. The computer program product includes instructions that, when executed, perform a method for processing a message related to an electronic document. The method includes transmitting an electronic document having a unique identifier from a first system to a second system and receiving at the first system a message from the second system related to content contained in the electronic document. The message includes a predetermined field for the unique identifier that links the message to the electronic document. The method may also include notifying a user of the first system that the first system received the message. The notifying may include updating a list of tasks. One of the tasks may indicate that the user may view the received message on the first system.

Abstract: An apparatus is designed for using a music content composed of at least one content material in accordance with security information of the music content. In the apparatus, a reading section reads a recording medium which records a data file of the music content having a chunk structure including a content material chunk and a security information chunk. The content material chunk contains substantial data of the content material and identification information for uniquely identifying the content material. The security information chunk contains security information of the content material and identification information for uniquely identifying the content material. A using section permits use of the content material when the identification information read from the content material chunk coincides with the other identification information read from the security information chunk.