Abstract: A method for using a network appliance to efficiently buffer and encrypt data for transmission includes: receiving, by an appliance via a connection, two or more SSL records comprising encrypted messages; decrypting the two or more messages; buffering, by the appliance, the two or more decrypted messages; determining, by the appliance, that a transmittal condition has been satisfied; encrypting, by the appliance in response to the determination, the first decrypted message and a portion of the second decrypted message to produce a third SSL record; and transmitting, by the appliance via a second connection, the third record. Corresponding systems are also described.

Abstract: A method and an apparatus for enciphering and deciphering content with symmetric and asymmetric cryptography with the use of the shadow numbering system where two or more shadow values are used with two or more base values with a two side equation, on one side the value to encipher is multiplied with one of the shadow value then the modulus taken with the base value, to decipher the enciphered value is multiplied with the shadow value that didn't take part of the first equation then the modulus is taken with the base value, thus, deciphering the enciphered value.

Abstract: An embodiment generally relates to a method of increasing user convenience. The method includes displaying a log-in user interface and receiving an authentication attempt in the log-in user interface. The method also includes determining a status of the authentication attempt and delaying a completion of an authentication attempt by a time-based function in response to a status being a failed authentication attempt.

Abstract: Enabling a client computer to perform an operation is disclosed. Login information is received from a client computer. The login information is confirmed by querying a trusted agent on the client computer.

Abstract: In a method for managing sequential access to secure content by a plurality of workflow participants, a key-map file for each of the participants is created. Each of the key-map files contains a subset of encryption and signature keys for the content. The key-map files are sorted in an order that is the reverse of a workflow order in which the workflow participants for which the key-map files were created are to access the secure content. An encrypted later wrap including a later key-map file for a later workflow participant along the workflow order and an encrypted first wrap including a prior key-map file for a prior workflow participant and the encrypted later wrap are created. In addition, the first wrap is incorporated into a document serialization for the content.

Abstract: Systems and methods are presented for automatically determining the security requirements of program code during the creation or modification of that program code and for presenting the necessary security permissions to a developer of the program code at the time of the creation or modification of the program code. A cache is established containing program code segments including library calls and application program interfaces that require security permissions at runtime. The cache also includes the security permissions associated with the stored program code segments. Program code editing is monitored in real time during the editing, and instances of edits that add, modify or delete the stored program code segments from the program code being edited are identified. The security permissions associated with the program code segments that are modified by the edits are retrieved from the cache.

Abstract: Disclosed is an apparatus and method to access privileges of Virtual Mobile Management (VMM) client in mobile device. A disclosed example method contains an assigning embedded stub to raise the access privilege of the tool on a mobile device, the embedded stub is integrated by an operating system of the mobile device with “root” privilege, determining via a secured key exchange algorithm that the VMM client and tools is authorized to be installed on the mobile device then, the VMM client and tools of a mobile device are authorized to access a network interface of the Communication Endpoint Gateway (CEG) server, configuring the embedded stub to install the key exchange procedure for the shared certification between the embedded stub, VMM client and the session mediation server, enabling the embedded stub to communicate through a secure link via VMM client.

Abstract: Information, such as audio visual information, is secured by self-decay of the information over time. For instance, a date stamp and decay rate embedded in an encrypted audio or visual digital media file can be applied to decrypt the file to a predetermined decayed state, such as a degraded playback quality. One or more keys can be included with the information to allow undecayed decryption but expire after use or a predetermined time period. In one embodiment, the decayed state can comprise gaps formed at intervals in the information, the gaps having increased length for decreased quality. In an alternative embodiment, the decayed state can be a reduced sample rate for a compressed digital media file.

Abstract: An information processing apparatus and method make it possible for persons at remote places to enjoy simultaneous playback of contents while promoting copyright and privacy protection. A copyright authentication section decides, based on a copyright restriction added to a content and license information stored in a license storage section, whether utilization of the content is permitted. An accounting processing section, in response to a result of the decision, cooperates with an authentication sever to perform accounting. A privacy authentication section decides, based on the privacy restriction and privacy information, whether utilization of the content is permitted. A permission request processing section, in response to a result of the decision, performs a communication process with a communication apparatus, which has a privacy management right in the content.

Abstract: A system, a method, and various software tools enable a video hosting website to automatically identify posted video items that contain spam in the metadata associated with a respective video item. A spam detection tool for user-generated video items based on keyword stuffing is provided that facilitates the detection of spam in the metadata associated with a video item.

Abstract: A method and an apparatus for identifying a Cryptographically Generated Address (CGA) public key, and a method, an apparatus, and a system for determining a CGA public key are disclosed. The method for identifying a CGA public key includes: receiving, by a receiving node, a first message protected using a public key from a sending node; obtaining a type of the public key according to the first message. The method for determining a CGA public key includes: receiving, by a receiving node, a first message protected using a public key from a sending node; obtaining, a type of the public key to be determined according to the first message; and judging whether the public key to be determined is supported by the receiving node according to the type of the public key to be determined; and, if the public key to be determined is supported by the receiving node, determining the public key as a public key supported by the receiving node.

Abstract: A serial number for a software product is secured with an authenticator value. The authenticator value and the serial number are evaluated entirely by a remote authentication server such that no cryptographic authentication occurs on a local computer on which the software product is being installed. An abbreviated portion of the authenticator value is used for offline authentication.

Abstract: The present invention relates to data rights management and more particularly to a secured system and methodology and production system and methodology related thereto and to apparatus and methodology for production side systems and are consumer side systems for securely utilizing protected electronic data files of content (protected content), and further relates to controlled distribution, and regulating usage of the respective content on a recipient device (computing system) to be limited strictly to defined permitted uses, in accordance with usage rights (associated with the respective content to control usage of that respective content), on specifically restricted to a specific one particular recipient device (for a plurality of specific particular recipient devices), or usage on some or any authorized recipient device without restriction to any one in specific, to control use of the respective content as an application software program, exporting, modifying, executing as an application program, viewing,

Abstract: A playback device reads an application and a digital stream from a recording medium to execute the application with playback of the digital stream. The playback device includes a management unit operable to verify authenticity of the application by judging whether a disc root certificate is identical to a first root certificate, and an execution unit operable to execute the application if authenticity of the application is verified by the management unit. The playback device also includes a storage unit having a storage area that is specified by a file path that uses the provider ID and a hash value of a second root certificate, and a playback unit operable to play back the digital stream in accordance with the playlist information.

Abstract: Apparatus and methods for decoding streaming data containing one or more coded pictures in which each picture contains a plurality of slices and each slice containing a plurality of macroblocks are disclosed. A first decoding subtask is performed on all macroblocks in the coded picture or a section thereof. After performing the first decoding subtask on all macroblocks in the coded picture or a section thereof, a second decoding subtask is performed on all the macroblocks in the coded picture or section thereof. One or more of the first and second tasks includes examining a slice or macroblock within the coded picture to determine if there are any errors, and if an error is present, handling the error.

Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for generating a device dependent cryptographic key in a rate-limited way. A system configured to practice the method first receives data associated with a user. The data associated with the user can be a password, a personal identification number (PIN), or a hash of the password. Then the system performs a first encryption operation on the user data based on a device-specific value to yield first intermediate data and performs a second encryption operation on the first intermediate data based on the device-specific value to yield second intermediate data. Then the system iteratively repeats the second encryption operation until a threshold is met, wherein each second encryption operation is performed on the second intermediate data from a previous second encryption operation. The iterations produce a final cryptographic key which the system can then output or use for a cryptographic operation.

Abstract: The present invention relates to an encoding apparatus, an encoding method, an encoding program, a decoding apparatus, a decoding method and a decoding program for adaptively controlling an encoding bit rate. Coefficient data obtained using wavelet transform is quantized, and segmented into bit planes. The coefficient data is entropy encoded from the bit plane of the MSB in a direction from an upper bit position to a lower bit position. Entropy encoding is stopped at a bit position where an amount of code has reached a target amount. On the bit plane, the coefficient data is entropy encoded from a lower frequency region to a higher frequency region. Data greatly affecting subjective image quality of a decoded image is selectively output while the amount of code is easily controlled.

Abstract: When a user successfully authenticates into a website associated with an institution system, a cookie may be created and set on the web browser, and cookie information and additional information such as the associated internet protocol (IP) address or network interface card (NIC) identifier may be stored at the institution system. Later, when the user accesses the website again, the website may use the cookie, the cookie information, and additional information such as the stored IP address or NIC identifier to identify the user. After the user is identified, one or more pages of content may be personalized to the user, and provided to the user via the user's computing device.

Abstract: A mechanism is provided for synchronizing a first user session and a second user session in a client-server system. The first user session is between a first Web service and a client and the second user session is between a second Web service and the same client. A request is received with a first session value by the second Web service. An indicator of the first session value is assigned to a shadow, and the shadow is sent in a response to the client. A subsequent request with the shadow and a subsequent session value is received from the client. The indicator is used to verify the subsequent session value at the second Web service. The second user session is terminated if the indicator in the shadow does not correspond to the subsequent session value.

Abstract: A computer program product has a computer-readable storage medium having computer program instructions embodied therein for performing a method for implementing a privacy policy for a user. The method may include the user developing rules that determine whether another user (requester) can access information related to the user. The rules may be stored in a database coupled to a server and evaluated when a request is received from the requester to access the information. If a rule is satisfied by the requester, the server can return the information to the requester. The information can be returned at a level of granularity specified by the user in the satisfied rule. A privacy level can be set by the user to allow access to requesters based on the rules or to deny access to any requesters.