Abstract: A trust propagation system is disclosed that propagates trust data based on established trust relationships. The trust system may automatically propagate trust data between parties A and C based on trust relationships with a common party B. Trust data may include authentication data such as biometric data, encryption data, passwords, etc. that may be used to conduct exclusive communications.

Abstract: There can be problems with the security of social networking communications. For example, there may be occasions when a number of friends wish to communicate securely through a social network infrastructure, such that non-trusted 3rd-party entities, such as a Social Network Operator or host that provides the application infrastructure, does not overhear the communication. In response to the above problems, embodiments presented propose a set of innovative, lightweight solutions, considering that in certain scenarios the Social Network Operator may not be a trusted entity. Embodiments of the present invention are directed to methods and apparatuses for secure information sharing in social networks using random keys.

Abstract: A requester node requesting a service in a peer-to-peer network transmits a request to a service provider node. The request may include a communication history of the requester node identifying other nodes with which the requester node has previously communicated. The service provider node authenticates the requester node based on the communication history. The service provider node may ask other nodes with which the requester node has communicated for evaluation of the requester node. The other nodes may calculate a trust metric of the requester node and provide this metric to the service provider node. The service provider node may use this trust metric in combination with a similarity calculation of the requester node and the service provider node to make a determination whether the requester node is to be authenticated. The service provider node may evaluate the requester node and store the evaluation in its communication history.

Abstract: A method of manufacturing a security document is provided, comprising: providing a first security element article having a corresponding predetermined first unique identification code which is detectable from the first security element article; incorporating the first security element article into a document; generating a machine-readable security feature containing document data representative of the first unique identification code corresponding to the first security element article and of at least a second unique identification code corresponding to a second security element applied to the document; and applying the machine-readable security feature to the document.

Abstract: Systems and methods for partitioning memory into multiple secure and open regions are provided. The systems enable the security level of a given region to be determined without an increase in the time needed to determine the security level. Also, systems and methods for identifying secure access violations are disclosed. A secure trap module is provided for master devices in a system-on-chip. The secure trap module generates an interrupt when an access request for a transaction generates a security error.

Abstract: A data transmission and reception method for ensuring privacy and security and a method for identifying a Mobile Station (MS), while ensuring the location privacy of the MS in a wireless access system are disclosed. The MS identification method includes transmitting a ranging request message including a hashed Medium Access Control (MAC) address to a Base Station (BS), for initial ranging, and receiving a ranging response message including a temporary station Identifier (ID) from the BS. The temporary station ID is used to provide security to a MAC address or station ID by which the BS uniquely identifies the MS.

Abstract: Systems and methods for providing a login context operate a virtual machine, wherein the virtual machine includes an open services platform and an authentication service, wherein the authentication service includes a classloader, and an initial classloader is designated as the classloader of the authentication service, register a login module, receive an authentication request from a first application, and responsive to receiving the authentication request designate a classloader associated with the login module as the classloader of the authentication service, generate a login context of the login module, and provide the login context of the login module to the first application, whereby the first application uses the login context to perform an authentication.

Abstract: A method for authenticating vehicle devices that can conduct dedicated short-range communications with beacons of a road tolling system. The beacons have a system-wide key and the vehicle devices only have individual keys. A supply of pairs of individual keys and associated derivation identifiers is stored in the vehicle device, and for consecutive communications the vehicle device selects a different pair from the supply in each case and uses said pair for the respective communication. The vehicle device is triggered by an interrogation device to perform at least the part of a radio communication in which the vehicle device sends the selected derivation identifier, and the selected derivation identifier is received in the interrogation device and is compared with derivation identifiers of the supply stored in the interrogation device. The vehicle device is then authenticated in the case of consistency of the comparison.

Abstract: A method for preventing a recipient of an electronically transmitted message from taking at least one action in relation to the message is disclosed. The message has at least two parts with one of the parts having a higher level of security than the other part. The method includes the step of extracting information from the message. The information indicates that the higher level security part is not permitted to have the action taken on it while the other part is so permitted. The method also includes the step of preventing the higher level security part from having the action taken on it in reaction to said recipient making an offending request.

Abstract: A voice-over-Internet-Protocol (VoIP) client codes audio data as printable ASCII characters, then embeds the ASCII audio data inside a cookie that is sent over the Internet within an HTTP GET message. The GET message is sent to a server acting as a call proxy or external manager that forwards the audio data to a remote client. Return audio data is sent back to the client in the normal data field of an HTTP response message from the server. When the client receives the HTTP response, it sends another GET message without audio data, allowing the server to send another response. This empty GET allows VoIP to pass through strict firewalls that pair each HTTP response with a GET. For secure-sockets layer (SSL), client and server exchange pseudo-keys in hello and finished messages that establish the SSL session. Audio data is streamed in SSL messages instead of encrypted data.

Abstract: A method and terminal equipment for applying digital rights management are disclosed by the present disclosure. The method includes the following steps: performing encryption processing on a portion of the content of a multimedia file using a pre-generated key when downloading the multimedia file; and downloading the encrypted multimedia file to a designated terminal equipment. With the present disclosure, the downloading speed of the multimedia file can be increased, and the waiting time for playing the file can be decreased.

Abstract: Exemplary embodiments provide a system and method for securely transmitting video data to an electronic display. The video data may be transmitted using a wired or wireless application. Raw video data is encoded as a plurality of JPEG frames. A plurality of primary packets are created which may contain one frame or a portion of a frame of video. Each primary packet contains a unique header with information about the packet and a unique security key. A redundant packet and header are created for each primary packet and header. After transmission each packet and header may be analyzed to determine if it was transmitted properly. If the primary packet was not transmitted properly or was an unintended transmission, the system may discard the primary packet and proceed with the redundant packet. If the redundant packet was not transmitted properly or was an unintended transmission, the entire frame may be discarded and the previously accepted frame may be repeated within the video decoder.

Abstract: A method for managing a secured document. The method includes storing and retrieving the secured document based on hybrid fragmentation and replication scheme to provide user viewing of the secured document by (a) generating an image representing human discernible content of the secured document, (b) modifying the image to generate a modified image that is embedded with a digital watermark, where the digital water mark is human indiscernible and represents a security policy extracted from the secured document, and (c) sending, to a secured device for displaying to the requesting user, the modified image embedded with the digital watermark.

Abstract: A method for controlling access to protected computer resources provided via an Internet Protocol network that includes registering identity data of a subscriber identity module associated with at least one client computer device; storing (i) identity data of at least one access server, (ii) the identity data of a subscriber identity module, and (iii) authorization data regarding the protect computer resources; receiving the identity data of a subscriber identity module, and a request for the protected computer resources; authenticating (i) the identity data of the at least one access server, and (ii) the identity data of a subscriber identity module; authorizing the at least one client computer device to receive at least a portion of the protected computer resources; and permitting access to the at least the portion of the protected computer resources (i) upon successfully authenticating the identity data of the at least one access server and the identity data of a subscriber identity module associated with

Abstract: The present invention is related to a method of securing integrity and authenticating origin and privileges of a piece of code.

Abstract: The invention relates to methods and apparatus for Quantum key distribution. Such methods including authenticating a first node in a communications network with a remote node in the communications network. The authentication may include connecting an authentication device to the first node, agreeing a quantum key between the first node and the remote node based on a quantum signal transmitted or received by the first node and performing an authentication step between the authentication device and the remote node on an encrypted channel. Authentication between the authentication device and remote node may be taken as authentication of the first node.

Abstract: Aspects of a method and system for improved communication network setup utilizing extended terminals are presented. Aspects of the method may comprise configuring a wireless Ethernet terminal functioning as a client station by a configurator via a network. The configured wireless Ethernet terminal may wirelessly receives information from a wireless station, and communicate the wirelessly received information to at least one of a plurality of wired stations via at least one of a plurality of corresponding wired interfaces. Aspects of the system may comprise a collocated device functioning as a configurator that configures a wireless Ethernet terminal functioning as a client station via a network. The configured wireless Ethernet terminal may wirelessly receives information from a wireless station, and communicate the wirelessly received information to at least one of a plurality of wired stations via at least one of a plurality of corresponding wired interfaces.

Abstract: A method, apparatus and mobile terminal for a Challenge Handshake Authentication Protocol (CHAP) authenticating in a CDMA Evolution to packet Data Optimized (EVDO) network are provided in the present invention. It makes the authentication process of EVDO network be successful, even though an authentication server does not support the Message Digest 5 (MD5) authentication method.

Abstract: Systems and methods for providing a login context operate a virtual machine, wherein the virtual machine includes an open services platform and an authentication service, wherein the authentication service includes a classloader, and an initial classloader is designated as the classloader of the authentication service, register a login module, receive an authentication request from a first application, and responsive to receiving the authentication request designate a classloader associated with the login module as the classloader of the authentication service, generate a login context of the login module, and provide the login context of the login module to the first application, whereby the first application uses the login context to perform an authentication.

Abstract: The invention describes an electronic device and a method for operating the electronic device. The electronic device includes one or more circuit components. The electronic device further includes one or more fuses and one or more non-volatile memories to disable the access of at least one of the one or more circuit components. Each of the one or more non-volatile memories includes one or more firmware, which are used to program at least one bit to manage the access of the at least one circuit component. The method includes performing a power-up sequence in a power cycle for the electronic device. The method further includes determining a state of circuit and a state of a bit for selectively enabling a test function.