Abstract: A method and device for scrambling video signals for broadcast in a proprietary television system includes modifying the vertical or horizontal synchronization pulses of the video signal to prevent unauthorized viewers from properly displaying the programming content. Preferably, the vertical sync pulses are removed from the signal prior to broadcast and replaced with horizontal sync pulses. A descrambler used with the receiving television uses the manner in which the false horizontal sync pulses were inserted into the video signal to recreate a sufficient approximation of the vertical sync pulses.

Abstract: An assembly comprising two micro-controllers (MC1, MC2) separately receiving specific and synchronous information (input states) in order to process it and supply respective outputs (S1, S2) and which are connected through links (C1, C2) to make the running of the programs consistent, and a comparator (K) receiving the outputs (S1, S2) from the micro-controllers (MC1, MC2) in order to transmit a signal in the event of nonconformity. A re-writable memory is respectively associated with each micro-controller (MC1, MC2). An interface common to the two micro-controllers (MC1, MC2) is connected to them through a common micro-controller MC3 in order to write the parameterization data for the functions of the two mic-o-controllers (MC1, MC2) by means of the common micro-controller (MC3).

Abstract: The invention relates to a security lock for devices connectable to a computer bus. The devices receives from the computer information as to the owner of the computer, and compares the information it receives from the bus to information regarding the legitimate owner, which is permanently stored in the device. When the information received from the bus is different from the information stored in the device, the operation of the device is restricted. The invention prevents use of a device on a computer other than the one of the legitimate owner. It discourages theft of the device.

Abstract: An apparatus including a protocol watcher adapted for use with a bus, a state machine adapted to detect known bug signatures on the bus, and a perturber adapted to intervene on the bus to prevent occurrence of bugs having those signatures. A system utilizing such includes a bus, a first agent coupled to the bus, a second agent coupled to the bus for communicating to the first agent according to a bus protocol, and the bus patcher coupled to the bus for monitoring a communication from the second agent to the first agent to identify an event which would cause an error in the apparatus, and for modifying the communication such that the event is avoided. Any of the protocol watcher, state machine, and/or perturber may be programmable.

Abstract: A key is generated to control the access to information on an information carrier. The key is derived from an M-bit master key and an information carrier key. Apparatus to read and/or write information on an information carrier generates the M-bit master key. The information carrier key is derived from the information carrier. The M-bit master key is derived from only a part of an N-bit string, the part being determined by a number p derived from an identifier R associated with recording information on the information carrier.

Abstract: A system, method, and article of manufacture is provided for tracking the distribution of content electronically. First, an electronic storage medium tracking identifier is incorporated onto an electronic storage medium and stored on a database. Next, a package tracking identifier is situated onto a package in which the electronic storage medium is stored. The electronic storage medium is then tracked while being shipped between various entities using the tracking identifier on the package. Further, the electronic storage medium may be identified using the tracking identifier on the electronic storage medium in order to afford authorized use of the information contained on the electronic storage medium.

Abstract: An information accessing method permits the user data belonging to a client-server system to be accessed by a user belonging to another client-server system under proper security and controls the permission for accessing the user data according to the security ranks of the user whose data is to be accessed and the user who wants to access the data. When a client unit issues a request for accessing the user data of the user belonging to the other client-server system, the request for access is sent to an ID conversion unit through a user ID management unit. The ID conversion unit operates to convert a user ID into a guest ID by referring to an ID conversion table, and then sends the request for access to a user ID management unit. The user ID management unit makes sure that the guest ID is registered by referring to the user ID table.

Abstract: The invention of the present application relates to method and system for implementing a secure private web site accessible to members only. The secure private web site has particular application with respect to interactive family communications. The secure private web site is created by a primary registrant, who designates additional subsequent registrants. The primary registrant can access all areas of the created secure private web site, whereas the subsequent registrants can access only a general access area. The general access area may comprise interactive communications features, gifting options, and consumer advisory services, among other features.

Abstract: A secure end-to-end communications system includes a vault controller based registration application for managing the issuance and administration of digital certificates for use in conducting electronic commerce in the system. The system includes an end user terminal and a registration authority terminal coupled to a vault controller through the system. A registration application executable in the controller utilizes SSL and dedicated vaults to process requests for digital certificates from end users on an automated or manual basis.

Abstract: An apparatus and method for communication between a host CPU and a security co-processor are disclosed, in which a bus having a bi-directional data and command bus, a bi-directional control line, and a uni-directional clock line, is coupled to the CPU and to the co-processor. The bus supports data transfer between the CPU and the co-processor, including read operations and write operations, where each such operation includes a command phase, a data transfer phase, and an error check phase. The CPU and the co-processor have a dual master slave mode wherein either may be master of the bus, while the other is the slave. The bi-directional data and command bus carries command information from the master to the slave 10 during the command phase, and carries data from the master to the slave during the data transfer phase for a write operation, and from the slave to the master for a read operation. The bi-directional control line specifies the start and end of each transfer.

Abstract: Conditional access is used to prevent unauthorized use, for example, reception of signals. A conditional access apparatus performs a combination of scrambling and encryption to obtain these results. Known conditional access apparatuses use a control word generator to obtain the requested control words, and an encrypter to encrypt the control words. The encrypted control words are sent together with the information to make descrambling possible at the receiving side. The invention proposes the use of a table of control words and encrypted control words as entitlement control words for realizing scrambling and descrambling.

Abstract: A system and method of combined user logon-authentication provides enhanced logon performance by utilizing communications with a network access control server for user authentication to provide user account data required for user logon. When a user logs on a computer, the computer initiates a network access control process with a network access control server for obtaining access to network services, including the computer that the user is logging on. During the access control process, the network access control server authenticates the user and queries a directory service for the account data for the user. The network access control server includes the user account data in one of the communication packets sent to the computer in the network access control process. The computer retrieves the user account data from the communication packet and uses the data to complete the user logon.

Abstract: A secure push server is disclosed. The push server is used for sending notifications to different wireless clients on different wireless networks. The push server allows information service providers to send notifications to the wireless clients. The information service providers initiate a request to the push server that includes updated information. The request also includes a certificate from the information service provider. The push server authenticates the request from the information service provider by verifying the certificate. The push server also determines if the certificate was issued from an acceptable certificate authority by examining an acceptable certificate authority list. Finally, the push server checks the content of the notification to be sure it does not interfere with other information service providers. After performing the security checks, the push server processes the notification request.

Abstract: Security is provided for a docking station. Within the docking station a docking password is stored. Upon a portable computer being attached to the docking station, a password stored in the portable computer is compared to the docking password. If the password stored in the portable computer is equal to the docking password, the portable computer is allowed to access the docking station. If the password stored in the portable computer is not equal to the docking password, the portable computer is prevented from accessing the docking station.

Abstract: This invention provides an autonomous random dynamic cryptogram lock system which comprises a lock body and a key body. There are non-volatile memories in both the lock body and key body respectively and each memory stores a set of cryptogram corresponding. When unlocking the microprocessor in the lock body checks the cryptograms. If matching, the lock is unlocked, otherwise it gives up alarm. After unlocking, the microprocessor renews a set of the corresponding real random cryptogram in both memories for unlocking next time. It accomplishes one cryptoguard function every time.

Abstract: A method and computing system for extending access control of system objects in a computing environment beyond traditional rights such as read, write, create and delete. According to the invention, a system administrator or user application is able to create control rights that are unique to the type of object. Rights can be created that do not relate to any specific property of the object, but rather define how a user may control the object. A novel object, referred to as a control access data structure, is defined for each unique control right and associates the control right with one or more objects of the computing environment. In order to grant the right to a trusted user, an improved access control entry (ACE) is defined which holds a unique identifier of the trusted user and a unique identifier of the control access data structure.

Abstract: A scramble circuit for protecting data stored in a read only memory is provided including an initial value generator, a shift register, a logic circuit, an adder and a lock circuit. In said scramble circuit, the initial value generator is used to generate an initial value. The shift register is used to selectively load in the initial value and the data stored in the read only memory. The logic circuit is used to process the data stored in the shift register to generate an output transmitted back to the shift register. The adder is used to add the data stored in the read only memory and the data stored in the shift register having the same lengths, so as to obtain scrambled data. The lock circuit is used to output or lock the scrambled data according to a lock signal.

Abstract: A security module (95) for a transaction processing system is disclosed. The transaction processing system includes a transaction manager (20) which runs in a first process and is responsive to transaction requests from one or more applications (10, Page_1.htm) and a service provider layer (30, 36, 37) adapted to relay transaction requests passed from said transaction manager to associated hardware (14) for execution. The security module is adapted to communicate with a supervisor application to receive and store application rights to execute transaction requests and is responsive to requests from the service provider layer to determine an application's right to execute a transaction request.

Abstract: A system and method of combined user logon-authentication provides enhanced logon performance by utilizing communications with a network access control server for user authentication to provide user account data required for user logon. When a user logs on a computer, the computer initiates a network access control process with a network access control server for obtaining access to network services, including the computer that the user is logging on. During the access control process, the network access control server authenticates the user and queries a directory service for the account data for the user. The network access control server includes the user account data in one of the communication packets sent to the computer in the network access control process. The computer retrieves the user account data from the communication packet and uses the data to complete the user logon.

Abstract: A virus screening method includes steps of routing a call between a calling party and a called party of a telephone network, receiving computer data from a first party of the calling party and the called party, and detecting a virus in the computer data. In response to detecting the virus, a step of inhibiting communication of at least a portion the computer data to a second party of the calling party and the called party is performed. A virus screening system is also disclosed.