Abstract: A method for secure communication. The method includes receiving a request at a first device to communicate with a second device. The method also includes determining if an encryption key exists between the first device and the second device. Creation of the encryption key is initiated in response to a determination that that encryption key does not exist. The initiation of the creation of the encryption key occurs without user input. The method further includes communicating with the second device using the encryption key and performing user authentication of the communication.

Abstract: A password authentication mechanism is capable of determining whether a password has expired without referring to a database or other information repository. Additional information can be encoded in the password without unduly lengthening the password, so that the additional information can be extracted from the password when the user provides the password for authentication purposes. Thus, the password serves as an information-carrying data item as well as acting as an authentication mechanism. Such a password can be used, for example, to provide time-limited access to a vehicle in response to receipt of timely payment, and to disable the vehicle if payment is not made.

Abstract: A method is described that involves identifying a configuration file in response to a desire to obtain security services. The configuration file describes a security policy tailored for use in the environmental condition set under which the desire arose. The identifying is based upon at least a portion of the environmental condition set. The method also involves using information found within the configuration file to configure code that performs authentication and authorization services so that the code will implement the security policy.

Abstract: The present invention provides for the receipt of a heartbeat message transmitted from a software agent within a host machine to a server-based agent manager. The server-based agent manager analyzes the heartbeat message to determine the identity of the sending software agent. The server-based agent manager then determines what information is to be included in a response message to the software agent. The server-based agent manager prepares the response message to be sent to the software agent. The server-based agent manager transmits the response message to the software agent over a bi-directional communication link between the software agent and the server-based agent manager. The software agent receives the response message; deserializes the response message; reviews the instructions within the response message; and performs operations necessary to carry out the instructions delivered in the response message.

Abstract: Circuits, methods, and apparatus that provide for trusted transactions between a device and system memory. In one exemplary embodiment of the present invention, a host processor asserts and de-asserts trust over a virtual wire. The device accesses certain data if the host processor provides a trusted instruction for it to do so. Once the device attempts to access this certain data, or perform a certain type of data access, a memory controller allows the access on the condition that the host processor previously made the trusted instruction. The device then accepts data if trust is asserted during the data transfer.

Abstract: Methods, computer program products and apparatus for processing data packets are described. Methods include receiving the data packet, examining the data packet, determining a single flow record associated with the packet and extracting flow instructions for two or more devices from the single flow record.

Abstract: System and method for verifying the authenticity of executable images. The system includes a validator that determines a reference digital signature for an executable image using the contents of the executable image excluding those portions of the executable that are fixed-up by a program loader. The validator then subsequent to the loading of the executable image determines an authenticity digital signature to verify that the executable image has not been improperly modified. In addition, the validator ensures that each of the pointers in the executable image have not been improperly redirected.

Abstract: A recording or reproduction apparatus is provided which utilizes copyright information in operations to record content data onto a recording medium or reproduce content data from the recording medium. Copyright information for the contents includes information identifying an input source of the content data. The information identifying an input source is stored in the recording medium along with the content data. When the contents are reproduced from the recording medium, the input source information is acquired and used as a basis for determining whether the contents can be reproduced and output. Thus, it is possible to impose an output restriction on an operation to reproduce the contents in accordance with the input source.

Abstract: An exemplary implementation of a security gateway for online console-based gaming operates as a gateway between a public network (e.g., the Internet), and a private network (e.g., an internal data center network). The security gateway allows secure communication channels to be established with game consoles via the public network, and allows secure communication between game consoles on the public network and service devices on the private network.

Abstract: The present invention is directed to a system and methods for protecting a limited resource computer from malware. Aspects of the present invention use antivirus software on a general purpose computer to prevent malware from infecting a limited resource computer. Typically, antivirus software on the general purpose computer is kept “up-to-date” with the most recent software updates. When a connection is established between the limited resource computer and the general purpose computer, a signature of each application installed on the limited resource computer is transmitted to the general purpose computer. Then antivirus software on the general purpose computer compares the received signatures to known malware. Finally, the results of the scan are reported to the limited resource computer.

Abstract: A method for authorizing information flows based on security information associated with information objects is provided. A hash key is generated based on an information object and a lookup operation is performed in a hash table based on the hash key. A determination is made whether an entry in the hash table at an index corresponding to the hash key identifies a labelset for the information object. A labelset, identifying a sensitivity of the information object, is stored in the entry at the index corresponding to the hash key for the information object if a labelset for the information object is not identified in the entry in the hash table. Information flows involving the information object are authorized based on a lookup of the labelset associated with the information object in the hash table. The hash table may be a multidimensional hash table.

Abstract: Synchronous validation and acknowledgment of electronic data interchange (EDI) transactions. A connection session on a communication network is established for handling EDI transactions from a source. A collection of EDI transactions is received via the communication network. A receipt acknowledgement is returned to the source indicating the EDI transactions have been received. The EDI transactions are validated as the EDI transactions are received. A validation acknowledgement is transmitted via the communication network to the source before the connection session is terminated. The validation acknowledgement indicates the EDI transactions have been validated.

Abstract: A method, system and article for encrypting data by applying an encryption process, wherein the encryption process includes storing progress data relating to the progress of the encryption process so that the encryption process may be resumed after an interruption. Even more specifically, after the interruption, progress data relating to the progress of the encryption process is accessed. Portions of the progress data are compared to determine the last encrypted data segment. After the last encrypted data segment, the encryption process at the data segment is resumed.

Abstract: A generic RootKit detector is disclosed that identifies when a malware, commonly known as RootKit, is resident on a computer. In one embodiment, the generic RootKit detector performs a method that compares the properties of different versions of a library used by the operating system to provide services to an application program. In this regard, when a library is loaded into memory, an aspect of the generic RootKit detector compares two versions of the library; a potentially infected version in memory and a second version stored in a protected state on a storage device. If certain properties of the first version of the library are different from the second version, a determination is made that a RootKit is infection the computer.

Abstract: A data encryption-decryption method includes the steps of receiving a data byte N and performing a triple-churning operation on byte N to obtain an encrypted byte N. Preferably, the triple-churning operation includes performing a first churning operation to obtain a first churned output, bit-wise XORing the first churned output with two values to obtain a first XOR result, performing a second churning operation on the first XOR result to obtain a second churned output, bit-wise XORing the second churned output with two values to obtain a second XOR result, and performing a third churning operation on the second XOR result to obtain encrypted byte N.

Abstract: A security mechanism affords data recovery engineers the ability to access and recover secure data from user files without knowledge of the user's password. The mechanism uses a launcher application to access the database by establishing a temporary, restricted user session. The launcher application also passes a handle to an industry standard database tool, allowing the data recovery engineer to recover the user file data. The recovered data then can be accessed by the software application.

Abstract: A system that facilitates efficient code construction comprises a component that receives a first code and a transformation component that transforms the first code to a new code. The new code has essentially same length parameters as the first code but is hidden to a computationally bounded adversary. The first code can be designed in the noise model and appear random to a computationally bounded adversary upon transformation.

Abstract: An integrated circuit is embodied on a monolithic substrate and incorporates a tuning module of the direct sampling type that is able to receive satellite digital television analog signals composed of several channels, as well as several channel decoding digital modules connected at the output of the tuning module so as to deliver respectively simultaneously several streams of data packets corresponding to several different selected channels.

Abstract: In a first aspect the present invention provides a method for verifying that a secure association has been formed between a first device and a second device. The method includes, enabling a user of the first device to select a verification indicator, and encrypting the verification indicator using an encryption key of the first device to form cipher text. The cipher text is then communication to the second device using a multi-part communication protocol, and decrypted using an encryption key of the second device to obtain a received verification indicator. The method includes verifying the association is secure if the received verification indicator is the same as the selected verification indicator.

Abstract: A system and method for detecting and responding to device tampering in an Energy Management (“EM”) device is disclosed. The EM device is provided with mechanisms to detect and indicate unauthorized tampering with the device. Further, in response to detected unauthorized tampering, the device may take actions to protect the integrity of data generated by the device as well as protect any confidential data stored within the device. Such actions may include preventing further device operation, generating warnings to the device owner/user, marking subsequently generated data as suspect, destroying stored confidential data, etc.