Abstract: A method, article of manufacture, and apparatus for efficiently processing information are disclosed. In some embodiments, a first signature index is received. The first signature index is compared to a second signature index. A negative signature match is based on the comparison. A file is flagged based on the negative match.

Abstract: A method and apparatus for determining whether a second computing system meets a minimum level of protection for a DLP policy of a first computing system are described. A DLP agent may monitor outbound data transfers performed by the first computing system, and determines a violation of a DLP policy in a current one of the outbound data transfers to a second computing system. The DLP agent initiates a handshake protocol with the second computing system to determine whether the second computing system meets a minimum protection level for the DLP policy. If the second computing system does not meet the minimum protection level for the DLP policy, the DLP agent prevents the current data transfer to the second computing system; otherwise, the DLP agent permits the current data transfer.

Abstract: Secure telephone devices, systems and methods are provided for carrying out secure communications utilizing a telephone device that includes cryptographic storage and processing components, the cryptographic processing components including intercepting and injecting capabilities for intercepting an incoming signal, cryptographically processing the signal and injecting the system for delivery to the output of the telephone device, wherein the system and method may utilize the telephone operating system, and wherein embodiments are provided where an exchange component regulates the cryptographic information so that users engaging in secure cryptographic communications do not need to provide encryption key information to each other.

Abstract: At least one trickplay source file is generated from original media content. Trickplay view files for rendering particular trickplay view rates are then generated from the trickplay source file.

Abstract: Techniques for identity-based Peer-to-Peer (P2P) Virtual Private Networks (VPN's) are provided. First and second principals authenticate to a trusted third party. The first principal subsequently requests a P2P VPN with the second principal. The second principal is contacted on behalf of the first principal and permission is acquired. The first and second principals are then sent commands to directly establish a P2P VPN communication session with one another.

Abstract: An image forming apparatus includes: an authentication unit that can execute a login process and a logout process; an operation unit that receives an instruction for the logout process from the user; a user attribute storage unit that stores the identification information of a non-logged-out user; a determination unit that determines whether a logged-in user, who is a user for whom the login process is executed by the authentication unit, is the non-logged-out user, based on the identification information stored in the user attribute storage unit; and a forced logout processing unit that, in a case in which the logged-in user is determined to be the non-logged-out user by the determination unit, instructs the authentication unit to execute the logout process when a predefined particular process among the plurality of processes is executed and completed by the processing unit.

Abstract: In one example embodiment, an information processing apparatus determines whether a target ID is a unique ID or a partial randomization ID that includes a first part being replaced by a different number and a second part being generated based on the unique ID. In response to the target ID being the partial randomization ID, the information processing apparatus generates an access key based on the second part of the partial randomization ID and a key. The information processing apparatus executes a mutual authentication process using the generated access key.

Abstract: A method and system is provided to analyse receiver indicia of location for a set of at least one receivers to determine whether a receiver has an erroneous indicator of location. The embodiment may take further steps to confirm whether or not inappropriate usage has occurred. The method and system includes identifying a first indicia of location for a set of one or more receivers, identifying a second indicia of location for one or more receivers from the set, and determining if the first and second indicia of location are mutually inconsistent. Indicia of location include indicators of receiver location, inventory state, communication path and definition on systems. The method and system may optionally include action to report or correct the location error.

Abstract: A request is received to install control rules before having received a corresponding QoS Authorization, especially where the QoS Authorization requires a prior reservation of resources. The request for a bearer resource is pre-authorized before having received a QoS authorization for said request, by receiving a request for a bearer resource; determining that a QoS authorization has, not been received yet; pre-authorizing said request for the bearer resource by installing initial control rules; and updating the previously installed initial control rules with final control rules upon receipt of the QoS authorization. This pre-authorization and the submission of initial control rules are carried out from a PCRF server towards a PCEF device, before having received the QoS authorization. In particular, the pre-authorization may be triggered from a P-CSCF at the originating or destination side, or at both.

Abstract: Systems and methods for providing privacy settings for applications associated with a user profile are provided. Exemplary methods include receiving a request from a member of a web-based social network to install an application in association with a member profile, installing the requested application, providing privacy settings selections to control access to data associated with the installed application, receiving a privacy settings selection from the member, and displaying data associated with the application based on the privacy settings selection.

Abstract: An apparatus and method for preventing an anomaly of an application program are provided. More particularly, an apparatus and method for preventing an anomaly of an application program that detect and stop an anomaly on the basis of a behavior profile for an application program are provided. The apparatus includes a behavior monitor that detects behavior of an application program in operation, an anomaly detector that determines whether the detected behavior of the application program is an anomaly on the basis of a behavior profile of the application program in operation, and an anomaly stopper that stops the behavior of the application program determined as an anomaly by the anomaly detector.

Abstract: A system is provided for detecting, analyzing and quarantining unwanted files in a network environment. A host agent residing on a computing device in the network environment detects a new file introduced to the computing device and sends the new file to a network service for analysis. The network service is accessible to computing devices in the network environment. An architecture for the network service may include: a request dispatcher configured to receive a candidate file for inspection from a given computing device in the network environment and distribute the candidate file to one or more of a plurality of detection engines, where the detection engines operate in parallel to analyze the candidate file and output a report regarding the candidate file; and a result aggregator configured to receive reports from each of the detection engines regarding the candidate file and aggregates the reports in accordance with an aggregation algorithm.

Abstract: A first terminal subscribes to at least one service using a service guide in which information necessary for reception of each service is stored, and sends the service guide and an identifier (ID) of the subscribed service to a smartcard. The smartcard stores the service guide and the ID of the subscribed service, and sends the service guide and the ID of the subscribed service to a second terminal through a response message to a request message used for acquiring TBK information, received from the second terminal. The second terminal receives the response message by sending the request message to the smartcard, acquires TBK information corresponding to a service that the second terminal intends to play back, from the service guide depending on the subscribed service's ID included in the response message, and acquires the TBK by performing an authentication process using the TBK information.

Abstract: A biometric authentication method for a computer system, the computer system comprising: a computer; and an authentication server, the biometric authentication method including steps of: extracting a first feature from the captured biometric information; generating a template polynomial for enrollment; extracting a second feature from the captured biometric information; generating a template polynomial for authentication; generating a correlation function for calculating a correlation between the template polynomial for authentication and the enrolled template polynomial; calculating a correlation value between the template polynomial for authentication and the enrolled template polynomial by using the generated correlation function, and determining based on the calculated correlation value whether or not the biometric information at the time of authentication coincides with the biometric information enrolled.

Abstract: A method and apparatus for providing a secure authentication process is described. In one embodiment, a method for a method for providing a secure authentication process includes monitoring login activity of at least one authentication process associated with a computer resource and analyzing the login activity to identify suspicious login activity associated with user credentials.

Abstract: A method of and system for digital rights management, in which access to a piece of content is granted in accordance with a license owned by a license owner to a client who is a member of a domain. This requires successfully verifying that a membership relation exists between the client and the domain as reflected in a first state variable, and that an association relation exists between the license owner and the domain as reflected in a second state variable. Both relationships are revoked by executing an online protocol between the parties in the relationship after which both remove the corresponding state variable. The domain controller propagates the state administration relating to the domain is propagated to the client so that the client can update its state administration.

Abstract: Nodes of a network are each provided with a seed value and a seed identifier. Each seed value has a corresponding unique seed identifier which is maintained within the system. Within each authorized node, the seed value is combined with a local node identifier, such as a serial number or other unique identifier, to form a cryptographic key that is then used by the node to encrypt and/or decrypt data transmitted and received by that node. The cryptographic key is never transmitted over the network, and each node is able to create a different cryptographic key for use in communicating with other nodes.

Abstract: Techniques and tools are described which provide control access mechanisms for contents made available by a service provider to a user. The user, after a registration process, uses a mobile application on a mobile device to generate a one-time content key. The content key is input into a set-top box which validates the key and provides access to the protected content. The mobile application allows for password protection for the user, as well as a recharging ability when its one-time content keys are exhausted.

Abstract: Image data obtained by photographing an object using a camera is stored in a storage medium that can be attached to and detached from the camera. The camera includes a device program storage unit and an information writing unit. A device program that can be executed by an information processing device, which is different to the camera, is stored in the device program storage unit. The information writing unit is constituted to be capable of writing the device program to the storage medium attached to the camera. While writing the device program to the storage medium, the information writing unit writes the device program in a format enabling the information processing device to read and execute the device program automatically when the storage medium is attached to the information processing device.

Abstract: According to one embodiment, an information processing apparatus includes an input to input a password, a biological authentication device including a storage unit for storing biological information and identification information, and an authentication controller. The authentication controller sets and holds identification information to be stored in the storage unit of the biological authentication device, and permits a password input using the input to be substituted by authentication using the biological authentication device when the identification information held by itself and the identification information stored in the storage unit of the biological authentication device match.