Abstract: A system and method for establishing a connection on a mobile computing device includes generating a secret on a trusted platform of the mobile computing device. The secret is transported to a subscriber identity module (SIM)/Smartcard on the mobile computing device. A secure local communication channel is established between the trusted platform and the SIM/Smartcard using the secret.
Type:
Grant
Filed:
September 16, 2011
Date of Patent:
May 28, 2013
Assignee:
Intel Corporation
Inventors:
Selim Aissi, Sundeep Bajikar, Sameer Abhinkar, Scott Blum, Jane Dashevsky, Abhay Dharmadhikari, Benjamin Matasar, Mrudula Yelamanchi
Abstract: There is provided a system and method for distributors to use an interoperable key chest. There is provided a method for use by a distributor to obtain content access authorizations from a key chest or central key repository (CKR), the method comprising receiving a user request from a user device for access to an encrypted content identified by a content identification, transmitting a key request to the CKR including the content identification, receiving an encrypted first key from the CKR, decrypting the encrypted first key using a second key to retrieve the first key, and providing a DRM license for the encrypted content to the user device using the first key for use by the user device to decrypt the encrypted content using the first key. By generating such DRM licenses, distributors can unlock protected content even sourced from distributors using different DRM schemas.
Abstract: A method for managing an agent includes verifying an integrity of the agent in response to a registration request. Memory protection is provided for the agent dining integrity verification. An indication is generated when registration of the agent has been completed. According to one aspect of the present invention, providing memory protection includes having a virtual machine monitor limit access to the agent. Other embodiments are described and claimed.
Type:
Grant
Filed:
December 6, 2011
Date of Patent:
May 21, 2013
Assignee:
Intel Corporation
Inventors:
Uday Savagankar, Ravi Sahita, Prashant Dewan
Abstract: Methods and systems for DVB-C2 are disclosed and may include receiving data encoded utilizing variable encoding, variable modulation and outer codes via a physical layer matched to a desired quality of service. An error probability may be determined for said received data and retransmission of portions of said data with error probability above an error threshold may be requested. The variable modulation may include single carrier modulation, orthogonal frequency division modulation, synchronous code division multiple access, and/or from 256 QAM to 2048 QAM or greater. The variable encoding may include forward error correction code, which may include low density parity check code.
Type:
Grant
Filed:
November 12, 2008
Date of Patent:
May 7, 2013
Assignee:
Broadcom Corporation
Inventors:
Thomas Kolze, Robbert van der Wal, Bruce Currivan
Abstract: Embodiments disclosed allow authentication between two entities having agreed on the use of a common modulus N. The authentication includes generating a pseudorandom string value; generating a public key value based on the modulus N and the pseudorandom string value; generating a private key value corresponding to the public key value; receiving a verifier's public key value; generating a shared secret value based on the modulus N, the private key value and the verifier's public key value; calculating an authentication signature value using the shared secret value; and transmitting the authentication signature value for authentication. When the authentication signature is received, the public key value and the shared value are generated to calculate an authentication signature value. Thereafter, the authentication signature values are compared and authenticated.
Type:
Grant
Filed:
February 24, 2006
Date of Patent:
May 7, 2013
Assignee:
QUALCOMM Incorporated
Inventors:
Alexander Gantman, Gregory Gordon Rose, John W. Noerenberg, II, Philip Michael Hawkes
Abstract: A method and terminal for implementing hot-plug of a smart card are disclosed. The method includes: during the process of playing mobile multimedia, a descrambling library sending request information for obtaining a program key to a smart card driving module, which judges whether a smart card is in a plug-in state or a pull-out state after receiving the request information: if in the plug-in state, the smart card driving module forwarding the request information to the smart card, receiving response information returned by the smart card, forwarding the response information to the descrambling library, and meanwhile forwarding the response information to a virtual smart card module to save; if in the pull-out state, the smart card driving module forwarding the request information to the virtual smart card module, which returns the saved response information to the smart card driving module, which forwards the response information to the descrambling library.
Type:
Grant
Filed:
May 25, 2010
Date of Patent:
April 23, 2013
Assignee:
ZTE Corporation
Inventors:
Chengzhi Jiang, Weimei Yin, Chuanhui Wang
Abstract: A risk assessment system and method includes an information system configured to disclose information to a third party. A risk determination model is configured to compute identifiability risk for on one or more records in storage. The identifiability risk is compared to a threshold prior to being disclosed wherein the information system is informed of the identifiability risk exceeding the threshold prior to disclosure to the third party.
Type:
Grant
Filed:
July 27, 2012
Date of Patent:
April 23, 2013
Assignee:
International Business Machines Corporation
Inventors:
Weifeng Chen, Zhen Liu, Anton Riabov, Angela Marie Schuett
Abstract: An apparatus includes a data storage to store a window table storing a table value with an index value mapped to the table value, the index value having same number of bits as a window width, the table value being a sum of a basic table value and a non-zero table correction value, the basic table value being obtained by multiplying a point G on an elliptic curve. An arithmetic processor generates the index value by reading from a scalar value at a bit position assigned to each bit of the window with the window being shifted, reads the table value from the window table according to the index value, and performs a doubling operation and an addition operation using the read table value. A corrector performs a correction on arithmetic results with a specific correction value responsive to the table correction value.
Abstract: To perform, with a single circuit, decoding in association with various image encoding systems and improve universality, a coefficient selection processing section selects a DC coefficient and an AC coefficient of an adjacent block adjacent to a decoding target block, a coefficient arithmetic processing section applies arithmetic processing to the selected DC coefficient and AC coefficient, a coefficient comparison processing section calculates, based on the DC coefficient subjected to the arithmetic processing, inter-block correlations in horizontal and vertical directions, and a direction determination processing section determines a predicting method using the inter-block correlations.
Abstract: A system, method, and apparatus in an access network such as the Generic Access Network (GAN) for providing user-type information to a Security Gateway (SEGW) or for enabling the SEGW to obtain user-type information for different user types so that the SEGW can apply specific security functions based on the user type. The invention may also provide user-type information to a controller node such as a GAN Controller (GANC) or may enable the GANC to obtain user-type information for application of security settings toward GAN-clients. An Authentication, Authorization and Accounting (AAA) Server may create a user-type indication internally, or may obtain an indication from a Home Location Register and forward the indication to the SEGW. The SEGW may forward the indication to the GANC, or the GANC may determine the user-type information internally or retrieve it from a database.
Abstract: A method comprising: providing in a non-transitory machine readable storage device a first information structure that includes respective elements that each respectively represent one or more components or communication channels or a combination thereof of a system that includes one or more machines configured with computer software; wherein the first information structure associates at least one element with at least one of an attribute indicative of a mitigation of one at least one known vulnerability of the at least one component or communication channel or combination thereof represented by the at least one element; using a computer system to produce and to store within a non-transitory machine readable storage device an analysis of as-built code used to configure one or more machines to implement the system; wherein the produced analysis includes an output log with respective entries that include respective code references and respective indicia of attributes corresponding to respective observation point
Abstract: In an SS7 network, each of a plurality of Signal Transfer Points is fronted by a front-end processor (STP-FEP) that has a network presence. The STP-FEP implements at least the MTP2 layer of the SS7 protocol stack and implements security rules at the MTP2 and MTP3 layers.
Abstract: Error concealment is used to hide the effects of errors detected within digital video information. A complex error concealment mode decision is disclosed to determine whether spatial error concealment (SEC) or temporal error concealment (TEC) should be used. The error concealment mode decision system uses different methods depending on whether the damaged frame is an intra-frame or an inter-frame. If the video frame is an intra-frame then a similarity metric is used to determine if the intra-frame represents a scene-change or not. If the video frame is an intra-frame, a complex multi-termed equation is used to determine whether SEC or TEC should be used. A novel spatial error concealment technique is disclosed for use when the error concealment mode decision determines that spatial error concealment should be used for reconstruction.
Abstract: A method and system to increase the security of messages transmitted over an otherwise unsecured network. A secure channel is established in a normal manner over the network. A demodularization module on the sender sends a demodularization method to the intended receiver over the secure channel. The sender encodes a message definition and message data separately consistent with the demodularization method. The message definition and message key is sent over the secure channel as one transmission and the message data with the message key is sent as separate transmissions over the secure channel. Other embodiments are also described and claimed.
Abstract: Exemplary embodiments provide a method and system for self-service resource provisioning having collaborative compliance enforcement. Method and system aspects of the exemplary embodiments include displaying a hierarchical list of resources for selection of at least one privilege associated with the resources; in response to a user selecting least one of the privileges from the hierarchical list, adding the selected privilege to a request cart to enable the user to initiate a request for the privilege; and in response to a user submitting the request cart, automatically invoking a workflow process to approve a request for the privilege, wherein the workflow is dynamically generated at least in part from the structure of the hierarchical list of resources and a location of the privilege within the hierarchical list.
Type:
Grant
Filed:
October 24, 2006
Date of Patent:
April 27, 2010
Assignee:
Avatier Corporation
Inventors:
Nelson A. Cicchitto, Scott L. Chiou, Billy J. Barron
Abstract: A stream of content has multiple sub-streams, where each sub-stream comprises a part of the content and is divisible into logical blocks bounded by intrinsic partitions. For each sub-stream, a specification of the logical blocks bounded by the intrinsic partitions is defined and the sub-stream is divided into the logical blocks bounded by the intrinsic partitions. Each divided logical block is encrypted and then divided into one or more portions to produce corresponding pieces of data, and each piece of data is placed into a data packet as a payload thereof. Each data packet is transmitted to a recipient thereof, and the recipient can retrieve the pieces of data from the payloads of the packets, reconstruct the encrypted logical blocks, and manipulate the sub-stream on a per-logical block basis without necessarily decrypting each encrypted logical block.
Type:
Grant
Filed:
May 27, 2005
Date of Patent:
March 23, 2010
Assignee:
Microsoft Corporation
Inventors:
Eduardo P. Oliveira, Geoffrey Dunbar, James M. Alkove
Abstract: Aspects for achieving individualized protected space in an operating system are provided. The aspects include performing on demand hardware instantiation via an ACE (an adaptive computing engine), and utilizing the hardware for monitoring predetermined software programming to protect an operating system.
Abstract: A method of manufacturing a series of integrated circuits having related functionality, the method including the steps of: (a) determining an identifier; (b) permanently storing the identifier on one of the integrated circuits; (c) repeating steps (a) and (b) for each integrated circuit in the series; and wherein the identifiers for the series are determined in such a way that knowing the identifier of one of the integrated circuits does not improve the ability of an attacker to determine the identifier of any of the other integrated circuits.
Abstract: According to one embodiment of the invention, a method is provided for receiving a timestamp from a caller via a telephone connection; receiving a device identifier from the caller, in which the device identifier identifies a device; determining a cryptographic key based on the device identifier; determining an indication of a time based on the timestamp and the cryptographic key; providing the indication of the time to the caller; determining an account; and charging a fee to the account.
Type:
Grant
Filed:
September 29, 2006
Date of Patent:
December 28, 2010
Assignee:
Walker Digital, LLC
Inventors:
Jay S. Walker, Bruce Schneier, James A. Jorasch, Dean P. Alderucci
Abstract: A method includes determining whether a key is traceable to one of a set of keys associated with a trusted source and determining whether the key is identified in a list of compromised keys. If the key is not identified as compromised and is traceable to one of the keys in the set, the key is assigned a trusted status.