Abstract: An image processing apparatus acquires restricted function data indicating functions whose execution is restricted, and acquires function data indicating a plurality of functions to be called by script data. The apparatus determines, based on the acquired function data, a realizable function by combining the functions indicated by the function data, and determines, based on the restricted function data and the realizable function, whether to permit execution of the script data corresponding to the function data.
Abstract: A terminal data loading device on a mobile platform includes a media unit for receiving a transportable media element containing media data and outputting a media signal to a control processor unit. The control processor unit outputs an information signal to a wireline communication unit. The wireline communication unit outputs a wireline signal to a network on the mobile platform.
Abstract: The present invention provides encryption techniques useful with digital watermarking payloads. One claim recites: a method to secure a first digital watermark payload and a second digital watermark payload through encryption of only one of the first digital watermark payload or the second digital watermark payload. The method includes: utilizing a multi-purpose computer processor configured to: provide information redundantly in the first digital watermark payload and the second digital watermark payload, yet the first digital watermark payload includes at least some information that is unique relative to at least the second digital watermark payload; encrypt the first digital watermark payload; embed a first digital watermark in media, the media representing audio, imagery or video, the first digital watermark comprising the encrypted first digital watermark payload; and embed a second digital watermark in the media, the second digital watermark comprising the second digital watermark payload.
Abstract: A system and method for optimizing a process of synchronization of a database of files checked by an anti-virus (AV) application implemented as a special AV driver. The database is updated by a special interface application using a log file and the AV driver cache. The AV driver monitors modifications of the files and records modification-related information in the context of the modified files. The AV driver creates and maintains a log of modified files. The AV driver supports a circular cache containing minimal required information about the modified files. This information is used for identification of the modified files by an application providing an interface between the AV driver and the database of checked files.
Abstract: In one embodiment, a technique for enhancing the inspection of data sent from a server is provided. By modifying a client request in an effort to prevent the transformation (e.g., encoding and/or compression) of data by the server, unencoded data may be received, which can be inspected without the overhead associated with first decoding the data. Further, in the event the data is encoded despite modifying the client request to prevent such encoding, the server may be untrustworthy and one or more appropriate actions may be taken.
Abstract: A system and method are provided for segregating access to dynamic content on multiple websites hosted by a web server. When a request is received for dynamic content from a website, a UserRetriever module identifies a path to the content and retrieves a username and password corresponding to the website, from a database that is separate from the web server and used for other purposes (e.g., billing). A UserImpersonator module requests a logon handle for that username from a logon cache manager. The logon handle is used to associate the request with the impersonated user account instead of the default anonymous user account with which the request was initially associated. The dynamic content is retrieved and served under the context of the restricted impersonated user account session, after which the applied logon handle is stripped off and the request is re-associated with the default anonymous user account.
Abstract: An improved network architecture employs a super authority having an identity catalog to direct login authentication tasks to appropriate authorities. Authentication tasks may be performed by authorities across namespace boundaries if so directed by the super authority, such that a principal account may be moved without alteration of the account ID. In an embodiment of the invention, the identity catalog comprises a listing associating account IDs with appropriate authenticating authorities.
Type:
Grant
Filed:
September 22, 2003
Date of Patent:
May 6, 2008
Assignee:
Microsoft Corporation
Inventors:
Jeffrey B. Parham, Brendan Dixon, Murli Satagopan, Richard Bruce Ward
Abstract: This invention allows the encryption side to set whether an image playback apparatus should play back image data in a scrambled state or a non-scrambled state. When a code-block of input image data is an object to be encrypted, it is encrypted. In playing back the data, it is determined whether playback is to be executed by using the encrypted code-block (the scrambling playback mode is to be set). To inhibit use of the encrypted code-block, a terminating marker is placed at the start of the code-block. To use the encrypted code-block, the terminating marker is placed at the end of the code-block.
Abstract: A “Design Zones” system provides a highly secure common resource computing environment or design zone with services on the common resource or design zone being protected by multiple layers of security to engagement boxes with the computing environment where the partners can work simultaneously in multiple teams, run simulation tests, emulate software problems and share in a secure zone with just the remote display going back to the engagement box and therefore to the partner outside the owner.
Abstract: A digital video camera includes an image sensor capable of producing a frame of video data representing an image viewed by the sensor, an image memory for storing video data such as previously recorded frame data in a video frame location of the image memory, a read circuit for fetching the previously recorded frame data, an encryption circuit having an encryption key input connected to receive the previously recorded frame data from the read circuit as an encryption key, an un-encrypted data input connected to receive the frame of video data from the image sensor and an encrypted data output port, and a write circuit for writing a frame of encrypted video data received from the encrypted data output port of the encryption circuit to the memory and overwriting the video frame location storing the previously recorded frame data.
Type:
Grant
Filed:
April 23, 2003
Date of Patent:
July 3, 2007
Assignee:
The United States of America as represented by the Administrator of the National Aeronautics and Space Administration
Abstract: When an encrypted program and a decryption program are inputted to a first memory, a semiconductor integrated circuit device causes a bus port to disable access from the outside and enables access to the first memory and to a second memory, thereby transferring the encrypted program and the decryption program from the first memory to the second memory. When the transfer is completed, the semiconductor integrated circuit device disables access to the first memory and gives, to a CPU, an instruction to decrypt the encrypted program by using a secret key held in a secret key holder and the decryption program and execute the decrypted program. After the execution of the decrypted program is completed, the semiconductor integrated circuit device disables access to the second memory.
Type:
Grant
Filed:
July 3, 2003
Date of Patent:
June 5, 2007
Assignee:
Matsushita Electric Industrial Co., Ltd.
Abstract: A method of authenticating a text document with links to a plurality of files by modifying at least a selected attribute of invisible characters on a plurality of inter-word intervals of the text document, this method comprising the steps of computing (step 10) a one-way hash function of each file in order to obtain a hash value composed of a subset of hash digits for each one, encoding (step 16) each subset of a plurality of subsets of space characters in the document by replacing in each subset of space characters, the value of the selected attribute for each space character by a corresponding encoded hash digit of each subset of hash digits corresponding to each file, computing (step 18) the electronic signature of the encoded text document by using a public-key algorithm composed of a subset of signature digits, and encoding (step 20) another subset of space characters in the encoded document by replacing the value of the selected attribute for each space character by a corresponding encoded signature dig
Type:
Grant
Filed:
June 4, 2002
Date of Patent:
October 3, 2006
Assignee:
International Business Machines Corporation