Abstract: Access to content addressable data on a network is facilitated using digital information storing devices or data repositories (“silos”) that monitor broadcast data requests over the network. A number of silos automatically monitor both data requests and data itself that are broadcast over a network. The silos selectively store data. Each silo responds to data requests broadcast over the network with data the silo has previously intercepted. A content addressable file scheme is used to enable the data repositories to reliably identify data being requested. When a data request is received, each silo evaluates whether it has all or a portion of the data being requested and responds to requests when it has the data. Requests for data are implemented by broadcasting a cryptographic has data identifier of the data file needed. The data identifier is used by a silo to determine which data to receive and store.

Abstract: A communications system in which a sending computer encrypts a message using a key associated with the computer which is to receive the message; and the receiving computer uses a key associated with the sending computer in the decryption process. The sending computer is equipped with a set of keys and each key within the set may be used for the encryption process, depending on the destination of the message; and the receiving computer chooses its key based on who the sending computer is.

Abstract: The present invention provides a mobile equipment for non stationary use. The mobile equipment includes a real time clock (RTC) integrated in the mobile equipment for generating a real time information, a system time generator integrated in the mobile equipment for generating a system time information by adding an offset to the real time information given by the RTC, a non-volatile memory for the permanent storage of data and an input means for inputting instructions for changing the system time information. The possible changes of the system time information generated by the system time generator may be limited to a preset time range and the possible reset value of the RTC may be limited according to the data stored in the non-volatile memory.

Abstract: The present invention is a platform of software which is a single, customizable, complete distributed computing security solution designed to be integrated into an enterprise computing environment. Digital Network Authentication (DNA) is the centerpiece of the system of the present invention. It is a unique means to authenticate the identity of a communicating party and authorize its activity. The whole mechanism can be thought of as a trusted third party providing assurances to both clients and servers that each communicating entity is a discrete, authenticated entity with clearly defined privileges and supporting data. Furthermore, the level of trust to be placed in the authorization of every entity communicating within the system is communicated to every entity within a distributed computing environment.

Abstract: The present invention relates generally to controlling rendering of video to particular audiences, e.g., children. For example, one claim recites a method including: obtaining video or image data, the video or image data comprising information steganographically hidden in data representing perceptual portions of the video or image data; analyzing the video or image data to obtain the hidden information, the information comprising data associated with suitability for viewing of the video or image data for a particular demographic; comparing the data to predetermined information; and based at least on said act of comparing, determining whether to render the video or image data for display. Of course, other claims are provided too.

Abstract: Embodiments of methods and apparatus for providing a key management system for wireless communication networks are generally described herein. Other embodiments may be described and claimed.

Abstract: A hierarchical identity based cryptographic system (“HIBC”) is integrated with the domain name system (“DNS”). A private key is assigned to each of the top level domain name authorities responsible for assigning the top level domain names (e.g., .net, .com, etc.). The private key is generated according to an HIBC system, wherein the corresponding public key is based on the identity of the particular domain authority. When user requests a domain name from one of the top level domain name authorities, the user is issued a private key that is generated by the top level domain authority using its private key and the identity of the user according to the particular HIBC system implemented. The user's corresponding public key can be derived from the identity of the user and the public key of the top level domain name authority.

Abstract: The computer system comprises a local network domain of communicating computers and a connection for communication with an external network. A gate device coupled between the local network and the connection is arranged to check files sent from the local network to the connection for the presence of a security tag in the file, and to send or not send on each file to the connection depending on detection of the presence or absence of the security tag in the file.

Abstract: A client-server relational database system, wherein data from the client computer is encrypted by the client computer and hosted by the server computer, the encrypted data is operated upon by the server computer, using one or more operators selected from a group of operators comprising: (a) inequality logic operators, (b) aggregation operators, and (c) wildcard matching operators, to produce an intermediate results set, the intermediate results set is sent from the server computer to the client computer, and the intermediate results set is decrypted and filtered by the client computer to produce actual results. The group of operators is limited because the encrypted results set, when decrypted, includes inaccuracies therein. The client computer applies a set of correction procedures to the decrypted results set to remove the inaccuracies therein.

Abstract: A copy protection system and method enabling storage of copy protection information separately from protected content is disclosed. One embodiment includes a mechanism for playing a recording medium, the recording medium having stored thereon a digital content file and a copy protection information file, the mechanism producing a digital content signal from the digital content file and a copy protection signal from the copy protection file; a digital to analog converter operatively connected to the mechanism for converting the digital content signal to an analog signal; a copy protection detector connected to the mechanism for detecting a copy protection trigger present in the digital content signal; and a signal modifier connected to the copy protection detector for modifying the analog signal to include the copy protection signal in response to detection of the copy protection trigger.

Abstract: Encryption and decryption of data stored from a computing system to a storage medium is disclosed wherein the processing employs a non-accessible encryption key that is unique to the computing system. The unique encryption key can be embedded in non-removable hardware of the computing system or generated, e.g., from identification numbers ascertained from non-removable hardware of the computing system. Processing includes establishing the unique encryption key, encrypting data using the unique encryption key and storing the encrypted data to the storage medium without storing the unique encryption key on the storage medium. The storage medium can comprise any non-removable or removable storage medium, including for example a computer hard drive, floppy diskette, or recordable compact disk.

Abstract: A system and method for providing secure communications between remote computing devices and servers. A network, device sends characteristics of a client computing device over the network. A network device receives characteristics of a client computing device over the network. A plurality of credentials are generated where at least one of the plurality of credentials based on both the received characteristics of the client computing device and a unique client key, and at least one of the plurality of credentials based on both the received characteristics of the client computing device and a generic key. A network device sends the plurality of credentials over the network. A network device receives the plurality of credentials via the network.

Abstract: A clock signal of a master clock of a sender is transmitted to a receiver through a classical channel and is returned from the receiver. The clock signal is transmitted with strong light from a sender-side quantum unit to a receiver-side quantum unit through a quantum channel. A sender-side synchronization section establishes phase synchronization between the clock signal returned from the receiver and the clock signal detected by the sender-side quantum unit, and generates a calibration clock signal. At the receiver as well, a receiver-side synchronization section establishes phase synchronization between the clock signal detected from the classical channel and the clock signal detected by the receiver-side quantum unit, and generates a calibration clock signal.

Abstract: A data reproducing method for a plurality of devices, for sending and receiving data by authenticating the plurality of devices with each other, said data reproducing method including: selecting, from a plurality of descrambling methods, a scrambling method corresponding to a type of said data, executing authentication by an authenticating method corresponding to the selected descrambling method, where the authenticating method is selected from a plurality of authenticating methods, and reproducing said data.

Abstract: A method and device is provided for making available security functions during the transmission of data from and to a subscriber terminal of a mobile communications network. A real-time analysis of the data flow from and to the subscriber terminal is carried out in a device of a network node of the mobile communications network during which data with contents defined beforehand by the subscriber or by a network operator/provider are identified and processed. This results in protecting the terminal and subscriber's devices connected thereto from external attacks.

Abstract: Common authentication and authorization (AA) between networks having disparate access technologies may enable a seamless user transition between the networks. A set of AA credentials from a user attempting to gain access to one of the networks may be received, and a subscriber database of another of the networks may be used to verify the set of AA credentials. A communication protocol common to the networks may be used. Additionally, the user may employ a single set of authentication and authorization (AA) credentials, usable over multiple communication protocol layers. Further, a user may perform a single authentication and authorization (AA) operation when roaming across two or more networks by gathering user's key material during an AA challenge and reply session at a data link layer. The gathered material may be used for an AA challenge at an upper network layer or another network as the user transitions between networks.

Abstract: According to an aspect of the invention, a management of each authentication subprocess assures the each authentication subprocess, and assurance contents can be verified by verification side, so that trustworthiness of the whole authentication process can be improved. An authentication system includes authentication entity devices which separately execute authentication subprocesses P1 and P2 and a verification device which verifies the executed contents of each of the authentication subprocesses P1 and P2. The entity device includes a confidential information management unit which manages confidential information, an authenticator generating unit which generates an authenticator using the confidential information, and a context generating unit which generates a specific context pursuant to a specific format from the authenticator and the executed contents.

Abstract: A data distribution system is provided which supplies customers with an executable for requested secured data files to provide the customer with fulfillment software, obviating the need for the customer to download fulfillment software prior to requesting secure data. The data distribution system is characterized by server technology which can dynamically encrypt secured data files just prior to a customer request to download the data file. A framework for building a universal data distribution infrastructure is provided which employs Requesters.

Abstract: A method of digital rights management for a broadcast-multicast service, the method comprising receiving a request from a terminal to join a service domain having a common group key; transmitting encryption of one or more service encryption keys using the common group key to the terminal that requested to join; and allowing the terminal to share the same contents and the same services with one or more other devices within the service domain.

Abstract: Unauthorized access from a network to a terminal is prevented. If a signaling packet received from an external terminal contains a virus, the signaling packet is discarded. If the signaling packet does not apparently contains a virus, an unnecessary part is deleted and the signaling packet is transferred to an internal terminal in response to a polling signal. A port number described in a response packet received from the internal terminal is translated to a different port number. If a session packet received from the external terminal does not conform to a predetermined protocol, the session packet is discarded. If the session packet received from the external terminal conforms to the predetermined protocol, a port number is subject to reverse translation and a resultant session packet is transferred to the internal terminal.