Abstract: Embodiments of methods, apparatuses, devices, and/or systems for data copyright management are described. According to one embodiment of this disclosure, data copyright management may include displaying, storing, copying, editing, and/or transferring digital data. According to an embodiment, data copyright management may include protecting digital data copyrights. Various embodiments of this disclosure may use cryptographic keys to implement portions of the data copyright management disclosed.

Abstract: A computer-readable, non-transitory medium recording an access control data editing support program for causing a computer to implement a procedure. The procedure includes changing log information containing a record having an authorization result of first access authorization determined based on access control data and a content utilized for determining the first access authorization every time an access agent accesses an access target, and changing the access control data based on the changed log information, and determining second access authorization by applying the changed access control data to the content utilized for determining the first access authorization indicated by the log information and generating determination result information containing an authorization result of the second access authorization and a content utilized for determining the second access authorization.

Abstract: Various exemplary embodiments relate to a method and related network node including one or more of the following: retrieving a record of a first transaction, wherein the first transaction is associated with personally identifiable information of an owner; determining a first privacy risk value based on: a first transaction security metric associated with the first transaction, wherein the first transaction security metric includes a first set of security parameters, and a first set of weights correlated to the first set of security parameters; determining the current security status based on the first privacy risk value; and transmitting the current security status to the entity.

Abstract: A system for mapping and translating address information in a network is provided. The system includes a client-side address translator (120) and a server-side address translator (140). The client-side address translator (120) is configured to receive a data packet from a client (110). The data packet includes a first destination address representing the real destination address. The client-side address translator (120) maps the first destination address to another address using a mapping algorithm and transmits the data packet with the via the network (160). The server-side address translator (140) receives the data packet, translates the mapped address information back to the real destination address and forwards the data packet using the real destination address.

Abstract: In one exemplary embodiment, a method includes: storing a key on a storage medium of a first apparatus, where a value of the key varies over time, where the key is configured to enable decryption of encrypted information; and sending a plurality of communications from the first apparatus to a second apparatus, where each communication comprises at least one portion of the key, where no single communication comprises an entirety of the key. In further exemplary embodiments, the encrypted information is encrypted in accordance with a threshold-based encryption scheme having a threshold such that the encrypted information is configured to be decrypted only if a decryptor is in possession of sufficient accurate portions of the key as compared to the threshold.

Abstract: Operator authorizations are autonomically adjusted in many ways to automatically account for many different variables. Operator authorization may be adjusted according to an operator's past activity record so previous experience is not lost when the operator is rehired. Operator authorization may be adjusted according to the operator's quality and performance. Operator authorization may also be adjusted by recognizing similar operations to those the operator is authorized to perform, and authorizing the operator to perform one or more similar operations. Operator authorization may also be adjusted to a lesser level or may be revoked for an operation based on the passage of time. A manufacturing system may efficiently track operators taking into account different activity periods, the passage of time, the operator's performance, and similar operations to autonomically adjust the authorization of the operators as needed.

Abstract: A computer system includes a network. The system includes a first client device in communication with the network having a transaction description for a transaction t. The first client device sends the transaction description to a second client device. The second client device receives the transaction description from the first client device. One of the first or second client devices executes the transaction description and creates a second transaction description for transaction t and then sends the second transaction description to a client device. A client device of a computer system having a network and a second client device. A method of a computer system. A method of a client device of a computer system having a network and a second client device.

Abstract: In some embodiments, the invention involves using a dedicated service processor with out-of-band capabilities to enable a secure boot using biometric data to authenticate the user. In some embodiments, at least a secondary token is used enhance the secure boot. An off-line database may be accessed by the service processor during boot to store or retrieve biometric templates to compare with scanned, live, biometric data. Other embodiments are described and claimed.

Abstract: Systems and methods for providing compressed video with layered graphics to at least one screen are described herein. An On Screen Display (OSD) system receives a command from a remote set top box coupled to a screen. The command instructs the OSD system to process the input video stream according to various processing functions including layering at least one graphics plane on top of the video stream. The OSD system processes the input video stream to generate an output video stream with the layered graphics planes and outputs, in a compressed format, the output video stream to the screen. The system advantageously provides a central OSD processing unit that can output video with layered graphics in a compressed format to multiple displays.

Abstract: An information processing apparatus that processes data to be protected is provided. The information processing apparatus includes a first storage unit, a second storage unit, and a cache control unit configured to cache data stored in the first storage unit into the second storage unit. The cache control unit is configured to lock a cache region in the second storage unit to thereby prevent cache data of the stored data from being written back into the first storage unit, the cache data being obtainable from the cache region in the second storage unit in which the stored data is cached, and write the data to be protected different from the stored data into the cache region in the second storage unit, after the cache region in the second storage unit is locked.

Abstract: A method, data processing system, and computer program product for managing user identification information. A determination is made whether an instance of security information in use on the first application server and referenced by a token that has expired was generated by an application server compatible with a first application server in response to receiving the token. A determination is made whether the instance of the security information is managed by a set of rules for a group of users of the first application server. A determination is made whether a user identifier from the token is authorized to access the first application server. The token is renewed in response to determining that the user identifier is authorized to access the first application server.

Abstract: Upon providing (101) message content (such as a remote control instruction) to be transmitted, and in conjunction with provision (102) of a plurality of different transmission characteristics (as correspond, for example, to different types of transmission) and a corresponding plurality of correlated recovery identifiers (103), a particular transmission characteristic is selected (104) and used to transmit (105) a joint message. n particular, in a preferred approach, the selected transmission characteristic (106) is used when transmitting at least a portion of the message content portion of the joint message while another part of the joint message carries the recovery identifier to thereby facilitate selection of an appropriate reception technique by a receiver when receiving the joint message.

Abstract: An image forming apparatus includes a unit for receiving process information indicating a list of processes used in a process flow requested by an information processing apparatus connected via a network; a unit for executing a process that the image forming apparatus is requested to execute, and recording charging information, which is relevant to the executed process, in charging information record data of the process flow; a unit for transferring the charging information record data to a service providing device that is requested to execute another process; a unit for receiving the charging information record data in which charging information, which is relevant to the other process executed by the service providing device, has been recorded by the service providing device; and a unit for recording, in a storage unit, the charging information record data in which charging information are recorded in association with the corresponding processes in the list.

Abstract: A method, system and computer program product for automatically displaying the potential risk associated with cracking a password. While creating or modifying a password, feedback is provided describing the risk associated with cracking the password. Risk assessment may be presented as a percentage, accompanied by an explanation of why the value was ascertained. Risk feedback during password creation provides an opportunity to improve computer, document, and file security.

Abstract: A system and method for are described for securely linking a phone number and user identification code in a directory database. A computer-implemented method comprising: receiving a first request from a first user device to register with a first service, the request identifying a phone number of the user device and including a fingerprint code uniquely identifying the first user device; registering the phone number in a directory service; receiving a second request from the first user device to register with a second service, the request including a user identification code which is not a phone number and the fingerprint code; registering the user identification code in the directory service; detecting that the first request and second request are from the same mobile device using the fingerprint code; and responsively linking the phone number and the user identification code in the directory database.

Abstract: Methods, apparatus, and articles of manufacture to provide firewalls for process control systems are disclosed. An example method includes analyzing a network communication to identify a first service, an address associated with the first service within a secured portion of a network, and a subset of ports used by the first service, the network communication originating from within the secured portion of the network and to be transmitted to a destination outside of the secured portion of the network, and storing an identifier of the first service, the address, and the subset of the ports when the network communication includes the identifier, the address, and the subset of the ports.

Abstract: A method for encrypting a file using a combination of an electronic device and a protection communication-enabled (PCE) wireless device is provided. The method includes using an encryption/decryption engine executing on the electronic device to encrypt a first flag string, which is a binary string stored in a header of the file, with a digest value to create an encrypted flag string. The digest value is associated with the PCE wireless device, which is a device having a transmission application program installed thereon for enabling interaction between the PCE wireless device and the encryption/decryption engine. The method also includes encrypting at least a portion of the file using the digest value and a first password provided by a user, thereby generating an encrypted file that includes an encrypted version of at least a portion of the file, the encrypted flag string, and the first flag string.

Abstract: A security management system can log, investigate, respond, and track computer security incidents that can occur in a networked computer system. In other words, the security management system can produce a security record of information related to the tracking of suspicious computer activity or actual computer security threats, such as denial of service attacks or other similar compromises to computers or computer networks. The security record can include, but is not limited to, date and times of computer security incidents, a name for a particular security incident, a security management system user, and a potential source of the computer security incident. The security record can be designed as a running log that saves or records all activity of a computer incident source as well as the activity of the security team responding to the computer incident source.

Abstract: A process for distributing digital audio sequences according to a nominal stream format that include a succession of frames, each of which includes at least one digital audio block grouping a plurality of coefficients corresponding to digitally coded audio elements, including modifying at least one block of an original stream of sequences, in an adaptive manner on the original stream as a function of at least a part of characteristics representative of the structure, content and parameters of the original stream, a target profile and external events.

Abstract: Systems and methods are for registering and authenticating an unmanaged IP device to an IP multimedia subsystem (IMS). An exemplary method includes implementing a system from which an unmanaged IP device retrieves IMS credentials needed to register and authenticate to the IMS. The system is remote to the unmanaged IP device and is accessible to the unmanaged IP device through an IP access network. The method further includes permitting the unmanaged IP device to register and authenticate to the IMS with the IMS credentials received from the system.