Abstract: The invention enables digital music content to be downloaded to and used on a portable wireless computing device. An application running on the wireless device has been automatically adapted to parameters associated with the wireless device without end-user input (e.g. the application has been configured in dependence on the device OS and firmware, related bugs, screen size, pixel number, security models, connection handling, memory etc. This application enables an end-user to browse and search music content on a remote server using a wireless network; to download music content from that remote server using the wireless network and to playback and manage that downloaded music content. The application also includes a digital rights management system that enables unlimited legal downloads of different music tracks to the device and also enables any of those tracks stored on the device to be played so long as a subscription service has not terminated.

Abstract: A video encoding method and apparatus, and a video decoding method and apparatus, which are capable of improving efficiency of encoding a luminance component video signal by predicting information on various encoding modes of the luminance component video signal by using a result obtained by encoding a chrominance component video signal, are provided. Accordingly, a block mode and an intra-prediction mode of the luminance component video signal are predicted from a previously encoded and recovered chrominance component video signal, and the predicted block mode and the predicted intra-prediction mode are used to encode the luminance component video signal.

Abstract: Provided are a lift-based wavelet transform apparatus and method, a scalable video coding apparatus and method using the same, and a scalable video decoding apparatus and method. The lifting-based wavelet transform apparatus includes: a prediction unit which performs bi-directional motion compensation on odd-indexed frames based on even-indexed frames and generates high-frequency frames using differential frames from which most of energy is removed; an update determination unit which, in the even-indexed frame, determines whether to update each target block at which a reference block indicated by a motion vector is placed; and an update unit which updates a target block of the even-indexed frame which is determined to be updated by adding the differential frame to each target sub-block included in the target block and generates low-frequency frames.

Abstract: A recording, recovering, and replaying method for real traffic is used for processing a plurality of network packets of a plurality of network connections. A recording procedure of the method includes the following steps. A recording parameter (N, M, P) is received. A header and a payload of each network packet of the network connections are completely recorded, and a payload accumulation value of each network connection is accumulated. When one of the payload accumulation values exceeds N, the header of each network packet and first M bytes of the payload are recorded for P consecutive network packets corresponding to the payload accumulation value. When one of the payload accumulation values exceeds N and after the P consecutive network packets of the network connection corresponding to the payload accumulation value are recorded, the header of each network packet is recorded for the network connection corresponding to the payload accumulation value.

Abstract: Provided is a data acquisition module. The data acquisition module includes a memory and a controller. The controller includes an encryption module configured to encrypt information written to the memory using a key included in the controller. The key is unique to the controller. Also provided is a method for processing identification information. The method includes encrypting information with a key included in a controller and storing the encrypted information. The key is unique to the controller.

Abstract: The mode is intended for application in simplex and duplex channels of arbitrary including low, quality with implementation of tasks for complex protection of information. The unified signal structure of stochastic q-ary (n, k, q, m)-code is used on the basis of any initial binary (n, k)-code with l-interleaving (q=2l) with m-fold repetition of blocks of the code (m=1, 2, . . . , mmax) with identical values of the data portion. Direct randomization of q-ary characters is performed on the transmitting side before transmission to the channel, on the receiving one—reverse randomization of q-ary characters. The code structure being applied represents ensemble of random codes varying for each block and q-ary character and ensuring transmission of any of all possible 2n signals to a data link on binary sequence of length n as result of change in the strategy in the course of fight against random interferences.

Abstract: Setup of a Voice over Internet Protocol (VoIP) call is initiated and an authentication token is received for the VoIP call that is set up, that indicates that the VoIP call is authorized. The authentication token is inserted into packets for the VoIP call. The packets, including the authentication token therein, are transmitted into an IP network. The authentication token may be placed in an IP version 6 (IPv6) flowID field.

Abstract: The invention relates to encoding and decoding pixel blocks of a video frame through a hybrid mode involving usage of a first prediction of a pixel block and at least a second prediction of the pixel block. An initial first weighting factor is modified using a factor modifier to generate a first weighting factor comprising multiple different factor values that are assignable to the different pixel-based first prediction values of the first prediction. The first weighting factor is applied to the first prediction and a second weighting factor is applied to the second block prediction. The at least two weighted predictions are then combined to form a hybrid prediction of the current pixel block.

Abstract: An archival storage cluster of preferably symmetric nodes includes a data privacy scheme that implements key management through secret sharing. In one embodiment, the protection scheme is implemented at install time. At install, an encryption key is generated, split, and the constituent pieces written to respective archive nodes. The key is not written to a drive to ensure that it cannot be stolen or otherwise compromised. Due to the secret sharing scheme, any t of the n nodes must be present before the cluster can mount the drives. Thus, to un-share the secret, a process runs before the cluster comes up. It contacts as many nodes as possible to attempt to reach a sufficient t value. Once it does, the process un-shares the secret and mounts the drives locally. Given bidirectional communication, this mount occurs more or less at the same time on all t nodes. Once the drives are mounted, the cluster can continue to boot as normal.

Abstract: Methods, systems, and computer program products are provided for securing resource stores with claims-based security. From policy information, a resource store populates a security table of permissions. The permissions authorize resource access based on received claims. Sessions submit claims to the resource store. The resource store accumulates claims for a session into a claims list. From the claims list and the security table, the resource store filters out a subset of metadata including resource IDs for resources the session is authorized to access. Since the metadata corresponds to the session, any application using the session is given similar access to resources at the resource store.

Abstract: A client communicates with private websites and/or public websites via a network. The client includes a security engine that prevents a user from unknowingly exposing private information. The security engine monitors web browsing for user submittal of information to a website. The security engine determines a category for the website and analyzes the information submitted to the website. The security engine determines if there is a risk of exposing information from the submittal and performs enforcement if it is determined that there is a risk.

Abstract: A system and method for managing communication. The system and method applying to but not limited to settop boxes (STBs) and other devices used to interface services. The management including any number of features and processes associated with achieving Quality of Service (QoS) across different domains and according to network limitations associated with the same.

Abstract: There is disclosed a video encoder and corresponding method for encoding video data for an image block. The video encoder performs a mode decision by performing initial motion estimation on only a subset of possible block sizes to output motion information corresponding thereto, and determining, based upon the motion information corresponding to only the subset of possible of block sizes and upon other image-related analysis data, whether other block sizes are to be evaluated.

Abstract: A server includes a limitation database, a monitor module, and a notification module. The limitations database is configured to store control limits for a user device. The monitor module is in communication with the limitations database. The monitor module is configured to monitor usage of the user device and to determine that one of the control limits for the user device has been exceeded. The notification module is in communication with the monitor module. The notification module is configured to notify a master device that the one of the control limits for the user device has been exceeded, to receive a request to disable the user device, and to disable the user device in response to the request.

Abstract: A system that enables network authorization status to be conveyed to the device requesting network services within or outside the scope of an authentication exchange is provided. The authorization status notification or information can be automatically generated or otherwise triggered by a request from the user or device. For instance, a query can be employed to solicit device authorization status related to a particular service or group of services. Additionally, authorization status notification can be automatically triggered based upon a change in the device authorization state.

Abstract: A rootkit scanning system, method, and computer program product are provided. In use, at least one hook is traversed. Further, code is identified based on the traversal of the at least one hook. In addition, the code is scanned for at least one rootkit.

Abstract: The invention relates to a method for providing an assertion message (200) from a proving party (20) to a relying party (40), the method comprising the steps of: —creating an assertion (A) comprising one or more statements, —creating an assertion proof (p A), —creating a temporary private key and a corresponding temporary public key (K) from the assertion (A) and the assertion proof (p A), —creating a key proof (PK) for the temporary public key (K), —creating an assertion message signature (S) by means of the temporary private key, —creating the assertion message (200) comprising the temporary public key (K), the assertion proof (PA), the key proof (PK), the assertion (A), a message body (220) and the assertion message signature (S) to the relying party (40).

Abstract: A content aggregation server (CAS) establishes an IPSec tunnel with a gateway of a home network and discovers content on the home network. The CAS generates a web page that a user of the home network can access remotely to view an index of content hyperlinks, organize the content on the home network, and if desired select a hyperlink to access the content directly through the gateway, not the CAS, which thus is used for listing and managing content but not for hosting the content.

Abstract: Websites used for phishing are detected by analyzing end user confidential data submission statistics. A central process receives data indicating confidential information submitted to websites from a plurality of user computers. The received data is aggregated and analyzed, for example through statistical profiling. Through the analysis of the aggregated data, anomalous behavior concerning submission of confidential information to websites is detected, such is an unexpected, rapid increase in the amount of confidential information submitted to a given website. Responsive to detecting the anomalous behavior, further action is taken to protect users from submitting confidential information to that website. For example, an alert can be sent, a protective measure against the site can be published, the site can be added to a blacklist or a procedure to have the site shut down can be initiated.

Abstract: Method for the dynamic secure management of an authenticated relational table forming part of a database; the method comprises the following steps: store the authenticated relational table in a secondary memory' with a high storage capacity and a slow data access time; maintain an authenticated skip list within the authenticated relational table in order to create an authentication superstructure; determine a signed hash or basis value which characterizes the entire authenticated relational table; authenticate the presence or otherwise of a set of elements belonging to the skip list via a root path suitable for calculating a check hash value comparable to the signed hash value which characterizes the entire authenticated relational table; and validate the result of the authentication step by checking that the check hash value calculated by means of the root path is equal to the signed hash value that characterizes the entire authenticated relational table.