Abstract: A wireless communication system includes a plurality of terminals connected to at least one wireless network on the basis of authority of security configuration parameters shared by the plurality of terminals. Each of the plurality of terminals revokes security configuration parameters of the terminal itself or security configuration parameters of another terminal in accordance with an agreement with said another terminal.

Abstract: An information processing apparatus includes a verification unit for verifying validity of a certificate that certifies a communication party and a transmission unit for externally transmitting information for identifying the information processing apparatus and a result of verification of the certificate.

Abstract: Example embodiments are directed to a revocation lists management method, namely a verification method of a target device connected to a master device, the master device having means to receive a content transmitted by a broadcast centre via a data stream, the master device and the target device authenticating themselves by the exchange of a certificate having at least one certificate identifier. The method includes transmitting by broadcast a target device verification table containing a certificate identifier list, storing certificate identifier list in the master device, extracting a verification data associated to the content, the verification data including the activation or the deactivation of the verification of the target device. If the verification data includes the activation of the verification, the method includes verifying the certificate of the target device by the master device using at least one list stored to authorize or prohibit the exchanges of data with the target device.

Abstract: An object of this invention is to protect the right of a content holder without any necessity of a special storage medium incorporating a copyright protecting mechanism when the content holder does not coincide with a content creator. Information for encryption key generation is input. An encryption key is generated from the information for encryption key generation. Encryption key verification data is acquired from a storage medium, and the validity of the generated encryption key is authenticated based on the verification data. Generated data is encrypted by using the encryption key whose validity is authenticated by the authentication. The encrypted data is stored in the storage medium.

Abstract: The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node.

Abstract: A digital rights management system (1) includes a content server (30) that stores contents created by content creators, a mobile device (21, 22) that acquires and uses a desired content from the content server, and a data preservation server (40) that preserves the content used by the mobile device so as to enable the content to be uploaded and downloaded. The content server is configured to create rights information for the content, the rights information containing availability of backup saving of the content in the data preservation server, and to deliver the content and the rights information to the mobile device in response to a request from the mobile device. The mobile device is configured to create backup data when using the content based on the availability of backup saving and transmit the backup data to the data preservation server for preservation of the backup data.

Abstract: A system for creating a non-reputable chat log. An initial quote is performed of a value of a register in response to a secure chat session being initiated. The value of the register is extended to record a message measurement within the register for the secure chat session in response to a message being measured. A final quote is performed of the value of the register in response to the secure chat session being terminated.

Abstract: A need exists for a technology for guaranteeing the authenticity of an electronic document, and an information disclosure system, which can guarantee the authenticity of a disclosed document and delete information regarded as inappropriate for disclosure. An electronic document is divided into components, and a random number generated from a seed value is concatenated to each of the components. A hash value is calculated for each of the components with which the random numbers have been concatenated. The calculated hash values are further concatenated using a hash function to generate data to which an digital signature is applied.

Abstract: A power tool system with enhanced antitheft capability has a hand-held power tool and a wearable piece worn by the user. The wearable piece incorporates a certification unit which stores an identification code specifying the power tool and transmits the identification code to an authenticator incorporated in the power tool. The authenticator reads the identification code from the certification unit and to provide an authentication signal when the identification code is authenticated to be eligible for a privileged use of the power tool. The power tool is enabled only in response to the authentication signal, and otherwise disabled for avoiding unauthorized use. A communication is established between the certification unit and the authenticator for transmission of the identification code, while the user holds the power tool with the wearable piece carried on.

Abstract: A method for copy protecting a record carrier is disclosed, in which method the copy protected record carriers are provided with a pattern of logical errors which cannot be corrected by the error correcting rules predefined for said record carrier. The pattern of logical errors represents access control information. The logical errors are generated during decoding the bit sequence read from the record carrier. Bit errors may be positioned in the bit sequence so as to counteract de-interleaving which is part of an error decoding process in a reading device and accumulate in error words which are uncorrectable. Also a method for detecting access control information and a retrieval arrangement are disclosed, which retrieval arrangement serves to detect the access control information by selecting at least one error location, but not all error locations on the record carrier, and verifying the presence of an error by reading the selected error location via the reading means.

Abstract: An image-forming device comprises an identifier-storage unit for storing an identifier in correlation with one of a plurality of feeding units on which at least one sheet used for image-forming processing is loaded, a specification unit for specifying the feeding unit by using the identifier, and a usability-determination unit for determining whether use of the specified feeding unit is permitted, where the image-forming device forms an image by feeding the sheet from the specified feeding unit based on the determination result made by the usability-determination unit.

Abstract: Provided is a method for securing cable modem (CM) following a Data Over Cable Service Interface Specification (DOCSIS) against physical security attacks. The method includes the steps of: a) classifying information to be stored in the DOCSIS CM based on a requirement degree of confidentiality and anti-alteration; b) storing the information in a non-volatile memory of the DOCSIS CM when the information is absolute confidential information, but processing a mechanism for deleting the information stored in the non-volatile memory in case that attacks by a hacker is sensed; c) storing the information in the non-volatile memory of the DOCSIS CM when the information is middle-level security information; and d) storing the information in a write-once (WO) memory of the DOCSIS CM when the information is absolute anti-alteration information.

Abstract: A security system that is associated with a customer network includes first, second, and third security perimeters. The first security perimeter includes a set of content delivery network (CDN) devices configured to provide first protection against a network attack associated with the customer network. The second security perimeter includes a set of mitigation devices configured to provide second protection in terms of mitigation services as a result of a network attack associated with the customer network. The third security perimeter includes a set of hierarchy devices configured to provide third protection against a network attack associated with the customer network.

Abstract: A secure data communications system with an enhanced function of preventing information leakage. The system includes a user terminal and a router. The router has a security condition definition unit and a storage unit to receive and store a set of security conditions. A packet parser identifies and parses a packet produced by a file transfer application protocol and extracts from that packet a destination address and a security condition ID that the sending user has specified for a file in the packet. The packet parser discards the packet to prevent information leakage if the extracted destination address does not satisfy the security condition corresponding to the user-specified security condition ID. The user terminal has a security condition user interface that requests the router to provide information about security conditions and gives a security condition ID to each file to indicate which security condition the sending user has specified.

Abstract: An apparatus for generating round-key words in accordance with a Rijndael algorithm. In one embodiment of the invention, the apparatus includes (a) a key expansion register block, having a key expansion register adapted to receive a final cipher key of a key expansion schedule in accordance with the Rijndael algorithm; (b) a round constant generator; (c) a first XOR adder adapted to add a first word of the key expansion register to a second word to generate and provide a first sum to the key expansion register block; (d) a transformation block adapted to generate a transformed word based on the first sum and the current round constant over four counts of a first cyclical counter; and (e) a second XOR adder adapted to add the transformed word to the first word of the key expansion register to generate and provide a second sum to the key expansion register block.

Abstract: A cryptographic key split combiner, which includes a number of key split generators for generating cryptographic key splits and a key split randomizer for randomizing the cryptographic key splits to produce a cryptographic key, and a process for forming cryptographic keys. Each of the key split generators generates key splits from seed data. The key split generators may include a random split generator for generating a random key split based on reference data. Other key split generators may include a token split generator for generating a token key split based on label data, a console split generator for generating a console key split based on maintenance data, and a biometric split generator for generating a biometric key split based on biometric data. All splits may further be based on static data, which may be updated, for example by modifying a prime number divisor of the static data. The label data may be read from a storage medium, and may include user authorization data.

Abstract: Documents and other items can be delivered electronically from sender to recipient with a level of trustedness approaching or exceeding that provided by a personal document courier. A trusted electronic go-between can validate, witness and/or archive transactions while, in some cases, actively participating in or directing the transaction. Printed or imaged documents can be marked using handwritten signature images, seal images, electronic fingerprinting, watermarking, and/or steganography. Electronic commercial transactions and transmissions take place in a reliable, “trusted” virtual distribution environment that provides significant efficiency and cost savings benefits to users in addition to providing an extremely high degree of confidence and trustedness. The systems and techniques have many uses including but not limited to secure document delivery, execution of legal documents, and electronic data interchange (EDI).

Abstract: A method of authorizing a user in communication with a workstation is disclosed. According to the method, a system automatically determines a plurality of available user information entry devices in communication with the workstation. The system then determines predetermined user authorization methods each requiring data only from available user information entry devices. The user then selects one of the determined authorization methods for use in user authorization. Optionally, each authorization method is associated with a security level relating to user access to resources. Once the authorization method is selected, the user provides user authorization information in accordance with a determined user authorization method and registration proceeds.

Abstract: The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node.

Abstract: In authentication using a plurality of cipher keys, the authentication time is shortened. In the case that an encipher key to encipher key are required to take an access to each area out of the area to area in a memory of an IC card, a plurality of areas to have an access is informed to the IC card from a reader writer, a plurality of cipher keys corresponding to these areas (for example, cipher key 1, cipher key 2, and cipher key 4) is read out, and reduction processing section generates one reduction key from these cipher keys. A random number which is generated from a random number generation section of the reader writer is transferred to the IC card, and an encipherment section enciphers the random number using the reduction key. The reader writer receives the enciphered random number from the IC card, and deciphers it using the reduction key, and judges the IC card to be proper if the deciphered random number is equal to the generated random number.