Abstract: An event condition is checked, using a computer and data content of the computer is additionally protected in relation to a normal data protection according to the event condition. The event condition is detecting by the computer a remote command and/or detecting a state according to a policy.

Abstract: Techniques for performing progressive boot to reduce perceived boot time for a wireless device are described. Program codes to be stored in a bulk non-volatile memory may be partitioned into multiple code images. A first code image may include program codes used to support basic functionality of the wireless device. A second code image may include the remaining program codes. For progressive boot, the first code image may be loaded first from the bulk non-volatile memory. Once the first code image has been loaded, the wireless device may be rendered operational and may appear as functional to a user. While the wireless device is operational, the second code image may be loaded from the bulk non-volatile memory as background task and/or on-demand as needed.

Abstract: A method of operating a VM server (VMS) is described, including (a) executing a VM instance (VMI) at the VMS, the VMI having a remote display within a terminal program of a client computer, the terminal program being configured to send commands received by the client from a user to the VMS to affect operation of the VMI, (b) running a browser within the VMI, the browser having a connection to a secure web application running on a web application server, the commands sent from the terminal program to the VMS allowing the user to interact with the web application via the terminal program and the browser running on the VMI, (c) at the VMS, asynchronously collecting information in connection with the commands sent from the user to the VMS, and (d) at the VMS, asynchronously sending the collected information to an analysis server to be analyzed for anomalous behavior.

Abstract: Provided is a method of registering an unregistered device in an access point (AP) by using a registered device registered in the AP, the method including: transmitting a control signal for controlling the registered device to the registered device so as to transmit a mode change request, which requests the AP to change a mode to an authentication approval mode approving an authentication operation with the unregistered device, to the AP; transmitting a mode confirm request, which confirms whether an operation mode of the AP is the authentication approval mode, to the AP; receiving a mode confirm response as a response to the mode confirm request from the AP that receives the mode change request; and selectively performing an authentication operation with the AP, based on the received mode confirm response.

Abstract: One embodiment of the invention is a method for providing media content while preventing its unauthorized distribution. The method includes transmitting from a client to an administrative node a request for delivery of an instance of media content (IMC); determining which content source (CS) of a plurality of CSs to provide delivery of the IMC, provided the client is authorized to receive the IMC; transmitting to the client an access key and a location of the IMC; transmitting from the client to the CS a second request and the access key; in response to receiving the second request and the access key, transferring the IMC from the CS to the client; transmitting from the client to the administrative node an indicator indicating a successful transfer of the IMC; and generating a transaction applicable to the client and associated with the transfer of the IMC to the client.

Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser may split or share a data set into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting an original data set into portions of data that may be communicated using one or more communications paths. Secure workgroup communication is supported through the secure distribution and management of a workgroup key for use with the secure data parser.

Abstract: Circuits, methods, and apparatus that provide for protection of configuration bitstreams from theft. One exemplary embodiment receives a scrambled configuration bitstream with an integrated circuit. The scrambled configuration bitstream is descrambled using a plurality of multiplexers under control of a security key. A configuration bitstream is received in portions. One specific embodiment uses a key stored in memory to control a bank of multiplexers that descramble each of the received portions of the configuration bitstream. Other embodiments store longer keys, and use portions of the keys to descramble one or more portions of their respective configuration bitstreams. The outputs of the multiplexers are then stored in configuration memory cells.

Abstract: An image reproducing apparatus includes: an image storage device that stores image data having been read into the image reproducing apparatus; an image output device that outputs the image data stored in the image storage device to a display device; an image selection device that selects an image from the image data; and an image extraction device that extracts from the image data a plurality of images satisfying a condition equivalent to a condition of the image having been selected by the image selection device.

Abstract: An apparatus including a key mixing circuit, an input circuit, a packet number circuit, and an encryption circuit. The key mixing circuit generates a plurality of encryption seeds, wherein each encryption seed is generated based upon a predetermined key, a transmitter address, and a corresponding value for a packet number. The input circuit receives a plurality of packets of data. The packet number circuit inserts, into each packet of data received by the input circuit, a different one of the corresponding values for a packet number. The encryption circuit encrypts each packet of data using the encryption seed that was generated based on the corresponding value for the packet number inserted into the packet of data. The key mixing circuit generates each of the plurality of encryption seeds prior to the input circuit receiving the plurality of packets of data.

Abstract: A computer program for enabling biometrically secured, transparent encryption and decryption provides a user interface that allows a user to drag and drop files into and out of a secure repository, wherein the program automatically encrypts files transferred into the repository and automatically decrypts files transferred out of the repository. The user can transfer file folders into the repository, wherein the program encrypts all of the files within the folder and retains the original file/folder structure, such that individual files can be moved within the repository, moved out of the repository, and opened or executed directly from the repository. The program requires the user to submit biometric data and grants access to the secure repository only if the biometric data is authenticated. The program generates an encryption key based at least in part on biometric data received from the user.

Abstract: The invention provides a method and system of receiving communications from a network device in a network to a source of network data and establishing a secure and/or authenticated network connection between the network device and the source that appears to the network device as a direct connection to the source of network data. Broadly conceptualized, the method and system may also include a parsing module that modifies the network data passing back and forth between the network device and the source of network data.

Abstract: A method, apparatus, and system are directed towards employing transferable entitlements using EMMs for enabling a purchase of content using a mobile device, and redeeming for access the content using a different network device. An existing billing infrastructure may be used during a purchase transaction to identify the purchasing device. Upon billing authorization, a transferable EMM (XEMM) may be sent to the purchasing device. The purchasing device may then provide the XEMM to another network device. The other network device may send the XEMM to a redeeming service when requesting access to the content. Upon authorization, an EMM with an access key to the content may be sent to the other network device.

Abstract: Subject matter disclosed herein relates to memory devices and security of same.

Abstract: Embodiments of the invention generally relate to apparatus, systems and methods for authentication, in particular, apparatus, systems and methods for authenticating an entity for computer and/or network security, secure authorization of a payment or for funds transfer and for selectively granting privileges and providing other services in response to such authentications. In addition, embodiments of the invention relate generally to apparatus, systems and methods for the communication of information between a mobile user-device and a point-of-sale device to securely provide authorization for a financial transaction.

Abstract: A system, which comprises an authorization controller operable for regulating establishment of user sessions over a data network; a processing subsystem operable for monitoring the user sessions and applying a walled garden policy, wherein application of the walled garden policy respectively associates each user in a certain subset of users with a respective walled garden selected from a common plurality of walled gardens; and a database for storing, in association with each said user in the certain subset of users, a respective identifier corresponding to the respectively associated walled garden.

Abstract: The invention relates to a method for creating a second asymmetric cryptographic pair of keys (206), wherein a first private key (G0, 154) together with a first public key (O0, 126) forms a first asymmetric cryptographic pair of keys (K0, 218), wherein the method comprises the following steps: receiving a user identifier; calculating a second private key (G1), wherein a random value (z) and the user identifier are considered in the calculation; calculating a second public key (O1) from the second private key using an asymmetric cryptographic key creation method, wherein the second private key and the second public key form the second asymmetric cryptographic pair of keys (K1, 206); creating a first ciphertext (C_G0—O1, 212; 186) by encrypting the first private key (G0) with the second public key (O1); storing the first ciphertext (C_G0—O1, 212; 186).

Abstract: Systems and methods that support storage device content authentication are provided. A system that verifies storage device content received from a storage device may comprise, for example, a security processor coupled to the storage device. The security processor may be adapted to receive a partitioned storage device region from the storage device. The partitioned storage device region may comprise, for example, regional content and first hashed regional content. The security processor may generate, for example, second hashed regional content by performing a hashing function on the regional content received by the security processor. The security processor may compare, for example, the first hashed regional content to the second hashed regional content. The security processor may verify the regional content received by the security processor if the first hashed regional content is the same as the second hashed regional content.

Abstract: In a communication system wherein a device and a client communicate data with each other through a network, the device holds a root certificate including a public key in a pair of the public key and a private key and signed with the public key. When data is sent, a certificate creator creates a second certificate including the root certificate designated as a certificate authority at a higher level and signed with the root certificate, and the second certificate is sent to the client. In the client, the root certificate has been stored beforehand, and a verifier verifies the signature of the second certificate with the root certificate.

Abstract: An access management system receives an access request for a target computer from a client computer. The access request comprises a digital certificate belonging to a user. The access management system verifies the identity of the user by validating the digital certificate. When so verified, the user receives access privileges from a policy database. The access privileges contain one or more access attributes. The access management system evaluates the access request based the one or more access attributes and grants the user access to the target computer if all the one or more access attributes are satisfied.

Abstract: Systems and methods for identifying content in electronic messages are provided. An electronic message may include certain content. The content is detected and analyzed to identify any metadata. The metadata may include a numerical signature characterizing the content. A thumbprint is generated based on the numerical signature. The thumbprint may then be compared to thumbprints of previously received messages. The comparison allows for classification of the electronic message as spam or not spam.