Abstract: Methods and a systems are described for processing recordable content in a broadcast stream sent to a receiver, wherein said broadcast stream is protected in accordance with a conditional access system and wherein said receiver is configured for storing and consuming content in said broadcast stream in accordance with a digital rights management system. In this methods and systems recording information is sent in one or more entitlement control messages over a broadcast network to a receiver. Using the recording information in the entitlement control messages the receiver is able to store recordable events in a broadcast stream on a storage medium and to consume said recorded events in accordance with a digital rights management system.

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for initiating data synchronization between devices. The method includes sending a host identifier and pairing record to a second device having a file system encrypted on a per file and on a per class basis for a set of classes, receiving from the second device a sync ticket containing encryption keys for the set of classes, and storing the sync ticket. Also disclosed is a method for synchronizing encrypted data between devices. This method includes receiving, at a first device having a file system encrypted on a per file and on a per class basis, a sync ticket containing encryption keys from a second device, retrieving an escrow key bag containing protection class keys, decrypting protection class keys based on the sync ticket, and synchronizing data with the second device based on the decrypted protection class keys.

Abstract: An encryption communications appliance provides data encryption management for a data storage library. The appliance is coupled to an encryption-capable storage device, a data storage library controller within the data storage library and with an encryption key manager (EKM). The encryption command communications appliance intercepts encryption key requests from the data storage device and transparently forwards the requests to the EKM. The appliance also forwards transparently communications between the library controller and the data storage device.

Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.

Abstract: A protocol provides authentication of peripheral devices by a computing device to which the peripheral device connects. Computing devices include a verifier with a public key that authenticates multiple associated private keys. Private keys are embedded on peripheral devices. When the verifier is able to authenticate a connected peripheral, particular functionality is enabled that may not be enabled for peripherals that do not authenticate.

Abstract: A Method and a terminal intended for securing information in a local memory device which is couplable to a terminal having a data link interface. At the terminal, the method divides the original data resulting in a first portion and a second portion. The method stores the first portion in the local memory device and sends the second portion for storage in a remote memory device. Upon obtaining an authorized read request targeted to the original data the method retrieves the second portion and combines the two portions. The method provides high data security if the data, is encrypted prior to the step of dividing. Another aspect of the invention comprises a terminal capable of at least combing the first and second data portions to reconstruct the original data, and preferably to perform the step required for dividing the data. The data may or may not be encrypted.

Abstract: Systems and methods for cloning a Wi-Fi access point. A determination is made by a network monitoring device to transition communications between a Wi-Fi device and a first access point (AP) to a second AP. The SSID and the security configuration information, and, optionally, network address translation (NAT) information of the first access point are acquired and provided to a second AP. The second AP instantiates the SSID and the security configuration information and, optionally, the NAT information. The networking monitoring device directs the first AP to cease using the SSID and the security configuration information and, optionally, the NAT information in response to receipt of confirmation that the second AP has instantiated the SSID and the security configuration information and, optionally, the NAT information of the first AP.

Abstract: An improved approach for classifying portable executable files as malicious (malware) or benign (whiteware) is disclosed. The invention classifies portable executable files as malware or whiteware after using Bayes Theorem to evaluate each observable feature of each file with respect to other observable features of the same portable executable file with reference to statistical information gathered from repositories of known whiteware and malware files.

Abstract: Some embodiments provide an advocate system to facilitate automated online presence verification for different entities on behalf of the entities. The advocate system places service providers on notice that profiles and information hosted by them and that form the online presence for a particular entity should first be verified with that particular entity. The advocate system further facilitates online presence verification by 1) directly or indirectly connecting the service providers that are placed on notice with the appropriate authoritative entities to facilitate the verification of the profiles and information, 2) selectively targeting service providers hosting profiles and information that are unverified, 3) automatedly verifying hosted profiles and information based on a verified profile lists and verified information that authoritative entities provide to a central repository.

Abstract: A method and apparatus for providing network security using security labeling is disclosed. The method includes comparing first security level information and second security level information, and indicating processing to be performed on the packet based on the comparing. The first security level information is stored in a security label of a packet received at a network node, while the second security level information is stored at the network node.

Abstract: Hardware of a playback apparatus includes a drive and a decoder, and firmware of the playback apparatus accesses a BD-ROM loaded on a drive, according to a BD-J application, to bring the decoder into AV playback operations. The drive unit constitutes a local storage. A benchmark score is built in the firmware in advance. The benchmark score shows a turn-around time from when a processing request is made to the hardware via the firmware to when a response returns. Such a benchmark score is written into an application data area in the local storage when the firmware is initially executed.

Abstract: In one embodiment of the present invention a secure cryptographic device is provided. The device includes a power supply interface, a cryptographic processing block coupled to the power supply interface, a random number generator, and a complex multiplication circuit. The complex multiplication circuit has an output coupled to the power supply interface for modulating a power variation waveform detectable on the power supply interface. The complex multiplication circuit also has a first input coupled to an output of the random number generator and a second input coupled to the power supply interface.

Abstract: A non-transitory computer readable medium storing a program causing a computer to execute a process including: accepting an instruction for verifying an electronic signature added to information; verifying the electronic signature on the basis of an electronic certification corresponding to the electronic signature in accordance with the accepted instruction; calculating, when it is determined that the information has not been tampered with, a hash value of a combination of the information, the electronic signature, and validity-period information indicating a validity period of the electronic certification; adding a time stamp to the calculated hash value; outputting the information, the electronic signature, the hash value, and the validity-period information to a storage device; and outputting, when it is determined that the information has not been tampered with, a verification result including information indicating that the information has not been tampered with.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for prioritizing asset remediations. One method includes generating a risk metric for an asset and a threat, generating a remediation availability metric for the asset and the threat, and determining a remediation prioritization metric for the asset and the threat according to the risk metric and the remediation availability metric. The remediation prioritization metric specifies a priority of applying the remediation to the asset.

Abstract: A method and system are described of providing an electronic device with a software environment having a honeypot mode of operation to which the device is capable of switching upon recognition of a message from an external device or of a pre-determined internal state. Switching to the honeypot mode of operation may include instituting an automatic sending of reports based on usage of the electronic device to an external device, modifying the non-user-observable behavior of certain user-invokable operations, and manipulating data stored on the electronic device.

Abstract: One embodiment relates to a computer-implemented method for detecting malware-infected electronic mail messages. A server computer monitors an email account which is associated with a unique email address for receipt of an email message, the unique email address being associated with a unique contact in an address book on a client computer. The server computer determines that an email message addressed to the unique email address has been received and performs automated analysis to confirm that the email message contains malware. Other embodiments, aspects and features are also disclosed.

Abstract: After an initialization process (S10), the access controller of the external storage device performs authentication using a password (S20, S30). If authentication is successful, the successfully authenticated state is saved, and the host computer is notified that the HD storage portion is accessible (S40). Subsequently, it is decided whether SOF packets are being periodically sent from the host computer (S50), and if periodic sending has been interrupted (S50: NO), the connection to the host computer will be deemed lost, and the saved authenticated state will be deleted (S60).

Abstract: One embodiment of a method of authenticating data comprises: receiving, at a device, data in a plurality of indexed packets transmitted by a data server, the data of the indexed packets being at least a portion of a larger data stream; receiving, at the device, from a data authentication server connected to the device by a network, a server-computed authentication value based on a subset of the data transmitted by the data server, the data authentication server having access to the data that was transmitted from the data server to the device; and comparing a device-computed authentication value based on a subset of the received data, corresponding to the subset of the data transmitted by the data server, with the server-computed authentication value in order to determine whether the subset of the data received at the device is authentic.

Abstract: A DRM scheme that may be optionally invoked by the owner. With the DRM protection turned on, the media is encrypted before it is distributed in a P2P network, and is decrypted prior to its use (play back). The peers may still efficiently distribute and serve without authorization from the owner. Nevertheless, when the media is used (played back), the client node must seek proper authorization from the owner. The invention further provides a hierarchical DRM scheme wherein each packet of the media is associated with a different protection level. In the hierarchical DRM scheme of the invention there is usually an order of the protection level. As a result, in one embodiment of the invention, the decryption key of a lower protection layer is the hash of the decryption key at the higher protection level. That way, a user granted access to the high protection layer may simply hold a single license of that layer, and obtain decryption keys of that layer and below.

Abstract: A method, apparatus and system for providing pre-authentication and keep-authentication of content protected ports system employing a ratio of one decipher processing engine (e.g., HDCP engine) associated with multiple ports is disclosed is disclosed. In one embodiment, a receiving device is pre-authenticated by a transmitting device, wherein the receiving device to receive a data stream from the transmitting device via a first data path. Further, a first High-Definition Content Protection (HDCP) engine is associated with a first port in the first data path, the first HDCP engine coupled with a second HDCP engine. The second HDCP engine is associated with a plurality of ports in a second data path, each of the plurality of ports associated with a memory pipe having state information relating to each of the plurality of ports, the state information being used to pre-authenticate the receiving device.