Abstract: A signal processing unit includes a feature quantity extracting unit, a segmentalizing unit, a clustering unit, an existence probability function deriving unit, an existence probability function similarity calculating unit, a cluster integrating unit and a cluster information output unit. The signal processing unit classifies the signal feature quantity which characterizes the content signal segmentalized into segments according to the similarity with respect to each other, obtains functions which indicate the existence probabilities for clusters of classified segments, and integrates the clusters whose obtained functions are at the high level of similarity.

Abstract: The present invention provides a method and system of detecting malicious behavior in a series of data transmission de-duplication requests of a de-duplicated computer system. In an exemplary embodiment, the method and system include, (1) if the series includes at least one particular de-duplication request for particular data and a reply to the particular request that the system does not have the particular data, processing at least one subsequent response and (2) determining the existence of the behavior from the at least one subsequent response.

Abstract: A method and apparatus for controlling the performance of a mount operation changing the logical association of a first file system with a second file system of an information handling system by a user who may not have general authority to perform such a mount operation. In response to a request by a user to perform a requested mount operation on the first file system, a determination is made of whether the user has general authority to perform the requested mount operation, either because the user has general superuser authority or because the user has superuser authority for mount operations. If the user has general authority to perform the requested mount operation, the requested mount operation is performed. If the user does not have general authority to perform the requested mount operation, the requested mount operation is performed only if the user has a predetermined access authority to the first file system.

Abstract: The invention provides a data management apparatus which can use data advantageously in terms of data capacity. A database server performs a registration process and a providing process. When a data registration request is received from a seller, the registration process registers audio data included in the received data registration request in association with data name information, password information, and the like. At the same time, the registration process transmits usage certificate data that includes the information to a user. When a data usage request is received from a portable terminal, and when a password of a record in which the same data name as that included in the received data usage request is registered matches a password included in the received data usage request, the providing process transmits audio data specified by the data name included in the received data usage request to the portable terminal.

Abstract: An image indicating a copyright and its related information are set through a setting input means and those settings are stored in a related information storing means in advance. Registration image data is recorded in a detachable registration image data recording medium in advance. When an arbitrary image signal is generated by an image generating means, an image combining control means receives the generated image signal and also receives, via a registration image data input means, the registration image data stored in the registration image data recording medium. Further, the image combining control means generates a registration image signal by referring to the setting information and combines it with the arbitrary image signal. In this state, if no corresponding registration image data exists in the registration image data recording medium, image signal combining is not performed.

Abstract: A method for enabling use rights on a file, which is stored on a storage medium together with at least one other file and is provided with an identifier, for use by a single computer system or by a limited number of local computer systems, wherein a central station calculates a first and second scrambled code PIN and ACW containing a key k, for decrypting the files stored in encrypted form, and a device identification number ID. The device identification number ID is changed with each new enabling operation. Once the two scrambled codes have been entered into the computer system, the computer system first calculates a new device identification number ID from stored data and uses this new device identification number ID and the first scrambled code PIN for the key k and uses the key k and the second scrambled code ACW to calculate an identifier AC for the file which is to be enabled.

Abstract: A system, method, and program code are given for secure communication. Multiple geographic cells are arranged in a hierarchical tree having a root node and internal nodes. The root node and each internal node in the tree have an associated node cryptographic key for secure communication with lower nodes in the tree. Each cell is associated with a leaf node of the tree and a cell cryptographic key for secure communications with devices located within the cell. A key management center is at the root node for determining an anticipated cell path of a mobile device from a current cell to a destination cell. The key management center distributes to the mobile device a set of cryptographic keys from the tree. This set contains a minimum number of cryptographic keys necessary to permit secure communications for the mobile device within each cell along the anticipated cell path, but no other cells.

Abstract: An entity which executes person authentication such as a service provider (SP) and a user device (UC) receives a request for person authentication from an entity which requests person authentication. The entity which requests person authentication can vary in form. The entity which executes person authentication decrypts the template by using a person identification certificate that can be owned by the entity which executes person authentication or provided from the outside, compares the template with sampling information input by a user and notifies the entity which requests person authentication of the result of comparison. The data for person identification is provided as encrypted information that can be decrypted only by the entity which executes person authentication, thereby performing safe authentication in various locations or devices, while preventing the template information from leaking out.

Abstract: A method and system for strong, convenient authentication of a web user makes use, for example, of a computing device, such as a user's personal computer (PC), coupled over a network, such as the Internet, to one or more servers, such as the host server of an authenticating authority, as well as one or more databases of the authenticating authority. The authentication process is broken into three phases, namely a registration phase, an enrollment phase, and a transaction authentication phase, with each phase being less intrusive and less secure than the preceding phase. In the registration phase, an authenticating authority registers the user based upon identification of the user using a strong authentication technique and provides an authenticating token to the user, which can be used in the enrollment phase to enroll one or more user devices for the user.