Abstract: Systems and methods are disclosed for providing a trusted database system that leverages a small amount of trusted storage to secure a larger amount of untrusted storage. Data are encrypted and validated to prevent unauthorized modification or access. Encryption and hashing are integrated with a low-level data model in which data and meta-data are secured uniformly. Synergies between data validation and log-structured storage are exploited.

Abstract: The present invention provides an information authenticating apparatus and an authenticating station adapted to improve the probative value of data as evidence by ensuring a high objectivity of the data. The information authenticating apparatus comprises a digital camera and an authenticating information adding section which adds authenticating information to digital data entered by the digital camera. The authenticating station comprises, on the other hand, a communication unit which receives the digital data from the information authenticating apparatus, and a digital signature affixing section. The digital signature affixing section affixes the digital signature to the digital data received by the communication unit when authenticating that the digital data have been entered by the digital camera.

Abstract: A technique is provided for securely storing user data and generating user reports. The user data is input manually or automatically and is transmitted to a service provider via a network. The data is stored in a secure database operating in a processing space which is not directly accessible to the user directly. Based upon pre-established report templates, user data is extracted from the secure database, and is exported from the secure processing space for use in generating user reports. The reports are formed in a second processing space, by combining the data file with the report template. The report may then be transmitted to the user automatically or may be accessed by the user via the network.

Abstract: According to the present invention, a virtual network communication system is provided for effecting secure communications between user agents at different sites within said virtual network, comprising at least one Private Tuple Space within each of the sites for effecting intra-site communications between the agents, a Shared Tuple Space for effecting inter-site communications between different sites, and a Coordinator Manager within each of the sites for receiving user initiated communication requests from the Private Tuple Space to communicate between user agents at the different sites, authenticating the requests and in response dynamically creating and managing instances of Coordinators at each of the different sites which embed messages from the user agents in secure tuples using multi-layered encryption and exchange the secure tuples over the Shared Tuple Space.

Abstract: A system, method and article of manufacture are provided for affording a cryptographic service utilizing a server on a network. Initially, a client is identified utilizing the network. A first key is established, and a tunnel is generated on the network. Thereafter, information is received at the server from the client utilizing the tunnel. Such information is encrypted by the client using the first key. At the server, cryptographic work is performed using the first key.

Abstract: An evidence-based policy manager generates a permission grant set for a code assembly received from a resource location. The policy manager executes in a computer system (e.g., a Web client or server) in combination with the verification module and class loader of the run-time environment. The permission grant set generated for a code assembly is applied in the run-time call stack to help the system determine whether a given system operation by the code assembly is authorized. Both code assemblies and evidence may be received from a local origin or from a remote resource location via a network (e.g., the Internet). The policy manager may comprise execution modules for parsing a security policy specification, generating a one or more code hierarchies, evaluating membership of the received code assembly in one or more code groups, and generating a permission grant set based upon this membership evaluation.

Abstract: A digital image watermarking method is provided. The digital image watermarking method includes the steps of combining host image data sets and signature image data sets by a predetermined method for combining the sets to be linearly independent, and generating a watermarked image and a key from the combined image. A signature image embedded in a combined image is similar to the combined image in view of existence and durability.

Abstract: A defense against spoofing vandals is provided, where the defense enlists the network-addressable device whose identity is used by the vandal. A network-addressable device checks incoming messages for communication protocol violations that indicate that a spoofer is using the identity of the network-addressable device. When such a protocol violation is detected, the network-addressable device records attributes of the incoming message in a spoofing logbook database. Further, the network-addressable device increments a counter associated with the identity of the spoofer's target. The value of the counter is compared with a predetermined threshold, in order to determine if the supposed spoofing is an isolated incident or part of a persistent attack. When the value of the counter exceeds the threshold, the network-addressable device constructs a spoofing alert, and sends the spoofing alert to a network administrator. The network-addressable device then rejects the message associated with the protocol violation.

Abstract: A digital signature system includes a database holding access control rules that identify documents authorized users are allowed to have electronically signed and a signing system capable of receiving signature requests from a plurality of authorized users, each signature request including a document to be signed, wherein the signing system parses the document to be signed and compares information obtained thereby to the access control rules stored in the database to determine whether the authorized user is authorized to have the document signed, and wherein if it is determined that the authorized user is authorized to have the document signed, the signing system signs the document using authentication information unique to the signing system.

Abstract: A method for protecting a security data memory is described wherein external action on a component containing the security data memory is detected by sensors. Overshooting of a threshold on one of the sensors causes an attack to be signaled by reason of which the content of the security data memory is at least partly erased. The status of the sensors is permanently monitored and the status data of the sensors recorded.

Abstract: When the computer is powered on, a POST program is executed, and in the setting for enabling a security function, an RFID chip 33 makes Removal Detect Enable a high level and outputs it to the control side of an analog switch 67 and one input of a NAND element 63. The removal of an RF antenna 37 causes a first short-circuit element 36 to be disconnected for shutting off a terminal 71 and a terminal 73, and an INTR signal for prohibiting the keyboard input is outputted by the high-level signal of the element 63 to prohibit access to the computer. If the RF antenna is removed while the power is off, the analog switch 67 is disconnected and the power supplied from a lithium battery to a CMOS memory 50 is shut off, whereby access to the computer can be prohibited.

Abstract: The invention relates to a method for storing information in information storage means of a security module and for operating on information units in a security module, and the associated security module, wherein two storage areas (41, 42) are defined, one of which (41) is for storing the information (a, b, c; d, e, f) in dispersed pieces (a, b, c), (d, e, f), the other of which (42) is for storing addresses (AA, 92) at which the pieces of information are located. The storage in the second storage area takes place in positions that are based on the addresses (83, 86) of the pieces of information in the first storage area (41), as defined before dispersion.

Abstract: An asymmetric key based method and system is provided for a tamper-proof storage of one or more records of an audit trail for a database. The asymmetric key based key exchange mechanism is employed to arrive at a common key, which is then used to obtain the authentication and the validation tokens. The method creates one or more authentication token values, and generates one or more validation token values from the authentication token values through a combination of a hashing process and an encryption process. Once the validation token values are created, they are further integrated into the records in the database. When an authorized person such as an auditor who needs to check the integrity of the records, he can detect a tampering of the records by comparing a validation token value newly computed by him independently with the validation token value integrated in the record.

Abstract: A system and method for tracking bootable devices are disclosed which provide significant advantages over current computer system device management techniques. A system incorporating teachings of the present disclosure may include one or more installed bootable devices and a computer readable medium storing identification data for each of the installed bootable devices. The identification data may include host bridge identification data.

Abstract: An apparatus and method for distributed intersystem lock optimization are provided. With the apparatus and method of the present invention, the time required to obtain an uncontested lock, meaning a lock that no other program or process in the distributed system is simultaneously attempting to acquire, is minimized. The apparatus and method of the present invention increases the speed with which locks are acquired by splitting the process of obtaining a lock into two separate operations: a test for contention, and then if contention exists, a full lock operation. The test for contention is made fast by associating each lock with a memory location, and using an atomic operation or the like, to atomically set the memory location associated with the lock to a different value. If the lock is found to be contested, meaning that another program or process has already locked it, control is turned over to a slower operation than ensures that the lock-requesting program or process will eventually be granted the lock.

Abstract: A method and an apparatus in a data processing system detects the presence of sensitive data and renders this data in a secured manner. The data processing system may be any device with information presentation capability which can receive data from a network. Detecting a need for secured rendering may include recognition that the data was encrypted, tags in the data indicating a level of secured rendering, or various forms of pre-arrangement between the sender and the recipient. Ways to determine if the recipient is in a secured environment include detection of conversations in the environment, video images showing people in the environment, analysis of infrared signals, determining the location of the data processing system using GPS or similar means, or interaction with an authenticated user.

Abstract: State information for a call between a calling party and a called party is established without maintaining the state information at a gate controller. A setup request for the call is received at an originating gate controller. The originating gate controller is connected to a trusted network. The calling party is associated with an originating interface unit coupled to an untrusted network. The setup request for the call is authorized. The authorized setup request is sent to the called party. State information for the call is formatted based on a setup acknowledgment message received from the calling party. The state information for the call is sent from the originating gate controller to the originating interface unit without maintaining the state information at the originating gate controller.

Abstract: Residue calculating sections respectively obtain residues which take a plurality of integers as modulus, with respect to a user ID. The plurality of integers are stored in modulus storage sections and are prime to each other. Based on these residues and parameters stored in a coding parameter storage section, component codes constructed by continuous sequences of 1 and 0 using a predetermined number of bits as a unit are respectively generated by component code generating sections. These component codes are concatenated by a concatenating section, thereby to obtain a code to be embedded, which constructs watermark information.

Abstract: A programmable data bus 18,33 for allowing more than one cryptographic mode to be used by the same crypto-engine. The programmable data bus 18,33 has pre-configured parameters electronically stored that are accessed by a message request. Each cryptologic mode has parameters for each component of an encryption module 24. The encryption module is reconfigured based on the parameters stored by a command vector table processor 20. At least one array 32 is configured base on the parameters stored in the command vector table processor 20 to redefine connections between components on the encryption module 42 thereby re-configuring an existing encryption configuration.

Abstract: The present invention provides an information processing system, including an information processing apparatus for executing a program by reading a program recorded in a recording medium, and a peripheral apparatus connected to the information processing apparatus, wherein the peripheral apparatus stores a security code and operation of the peripheral apparatus stops unless the same security code as the security code recorded in a recording medium is sent from the information processing apparatus.