Abstract: A method of detaching a security device in a personal computer wherein original booting data of the boot sector of a hard disk is stored in a special file. A user's authorization is verified using a password, and if the user is authorized, the user may restore original booting data to the booting sector of the hard disk, to enable the computer to be booted without a security device.
Abstract: A combined remote access and security system for servicing a secure mainframe central processing unit having a console monitor. A secure dispatch central processing unit for receiving problem reports concerning the mainframe central processing unit is in communication with the console monitor. A field engineer's central processing unit is in communication with the dispatch central processing unit. A data encryption key is randomly generated and transmitted from the dispatch central processing unit to both the field engineer's central processing unit and the console monitor. The field engineer central processing unit is in communication with the mainframe central processing unit wherein data transmitted from the field engineer's central processing unit is encrypted and wherein the encrypted data is decrypted at the mainframe console monitor.
Abstract: A computer system has a program module verifier and at least first and second program modules. Each program module includes a digital signature and an executable procedure. The first program module furthermore includes a procedure call to the second procedure module, a procedure call to the program module verifier that is logically positioned in the first program module so as to be executed prior to execution of the procedure call to the second program module, and instructions preventing execution of the procedure call to the second program module when the procedure call to the program module verifier results in a verification denial being returned by the program module verifier.
Abstract: Frames of data are encrypted by combining each of the frames with a mask that varies from frame to frame. The mask is obtained by using a frame counter as the seed for a pseudo random number generator, generating n pseudo random numbers, where n is the number of bytes to be encrypted in each frame, and concatenating the most significant bytes of each of the n pseudo random numbers to form the mask. The encrypted frames are transmitted, received and decrypted by combining them with the mask, which is independently generated at the receiver. The frame counter is aperiodically reset to a new initial value that is a substantially random number with respect to a previous initial value.
Abstract: A information processing system providing archive/backup support with privacy assurances by encrypting data stored thereby. Data generated on a source system is encrypted, the key used thereby is separately encrypted, and both the encrypted data and encrypted key are transmitted to and maintained by a data repository system. The repository system receives only the encrypted data and key, while the source system retains the ability to recover the key and in turn, the data. The source system is therefore assured of privacy and integrity of the archived data by retaining access control yet is relieved of the physical management of the warehousing medium.
January 28, 1998
Date of Patent:
August 17, 1999
David Cane, David Hirschman, Philip Speare, Lev Vaitzblit
Abstract: A card-enabled processing system comprises a security module for securely exchanging data with cards, such as smart cards, and an application module for processing data from the smart cards. The security module encrypts and decrypts data using keys, which are securely stored in a secure memory. The security module also validates the cards before processing by the application module occurs and assists the card in validating the system. The application module provides a common platform in which different types of smart cards can be processed.
Abstract: When information to be recorded is encrypted by using an encryption key, an encryption key based on inherent information inherent in a recording medium is generated. The information to be recorded on the recording medium is encrypted based on the encryption key. The inherent information inherent in the recording medium is a specific information on a disk. When an encrypted information recorded on a recording medium is decrypted, there are reproduced from a recording medium a first file storing information encrypted by using an encryption key generated based on a random data to be inserted into a predetermined portion of the encrypted information to be recorded on a recording medium and a second file storing data indicative of a predetermined portion of the random data to be inserted into a predetermined portion of the encrypted information.
Abstract: An SRAM-based programmable logic device having decompression and decryption circuits between its EPROM nonvolatile programming data storage and its SRAM programming registers is secured against copying of the programming data because a would-be copyist would need to know the compression and encryption used. In a system and method for programming the device, a user station preferably contains a plurality of possible encryptions and a plurality of possible compression schemes. An encryption and compression scheme are selected, preferably at random, by the user or by the programming software in the user station. Data indicating which encryption and compression scheme were chosen are included in the programming data to allow decompression and decryption.
Abstract: An apparatus comprising a transmission system for transmitting an information signal, and a reception system including an information receiving unit for receiving the information signal, and an information recording/reproducing unit for recording/reproducing the received information signal on/from a recording medium.
Abstract: Apparatus and method is disclosed for providing user session continuity over several transactions being conducted on the internet. A secure token is made part of each HTML page sent to a user from the server computer and the token is returned to the server with each submitted transaction request. The token is compared with token information originally sent out. The submitted request is recognized as being from an authorized user if the token and a session table have the same information.
November 15, 1996
Date of Patent:
May 25, 1999
International Business Machines Corporation
Margaret A. Bachman, Brian D. Jessup, Timidthy Sanford McKnight, Don Cameron Shoff
Abstract: A computer-based system is provided for demonstrating software programs to a potential purchaser and for gathering marketing information related to the demonstration of the programs. The system enables the software programs for execution upon selection by a user, and allows the user to subsequently operate or sample the selected software program. The system maintains the selected software program in a locked state to prevent unauthorized duplication of the selected software program, and selectively disables the sampling, such as when the user completes the sampling or if the system detects that the user is attempting to copy the sampled application. A code is generated that identifies one or more particular software programs and contains information relating to sampling of the particular software programs by the user, such as which applications were sampled and how many times they were sampled.
Abstract: A computer-based self-launching system associated with a software program or other digital information is provided for distributing the software program or other digital information to a potential purchaser. The self-launching system is attached to a software program or other digital information and includes the ability to launch itself when a user selects the software program or other digital information. Upon launching itself, the system unlocks the software program or other digital information in response to a purchase request.
Abstract: A secure transaction system apparatus and method provide for the auditing of secure messages in a computer network. The secure transaction system includes an electronic commerce service which is in communication with multiple consumer computers and multiple merchant computers. The consumer computers initiate consumer transactions between the consumer computers and the merchant computers. Each consumer transaction can include different items, different merchants, different shipping methods and different payment instructions. An order object within the consumer computer stores summaries about the different items, the different merchants, the different shipping methods and different payment instructions during creation of each commercial transaction. While generating transaction data, the consumer computer also generates related audit data.
Abstract: An image pickup frame is divided into a plurality of areas. A contrast at each area is measured. An area where a main subject is located is detected by comparing contrasts at areas. A distance to a subject in the area where the main subject is located is measured. With this range finding technique, even if a main subject is not located at the central area of an image pickup frame, an area where the main subject is located can be identified and range finding can be performed only for that area.
Abstract: A method and apparatus for quasi-reprographically replicating a source document. The source document is digitized, appropriate locations for embedded code are detected, and any embedded code located in the digitized document along with the detected locations are forwarded to a decoder. The decoder forwards the decoded information to a control unit which processes this information and forwards it to a encoder whereafter it is inserted in the digitized document. The hardcopy replication of the source document being substantially visually identical to the source document, even though new or additional embedded machine-readable data has been added or existing data has been changed. The process occurs without intervention by an operator and without knowledge of the operator producing the replicated documents.
Abstract: A data processor (20) which flexibly encrypts data within different address ranges includes an encryption determination circuit (50) to monitor an address conducted on an internal address bus (22) and when the address is within certain predefined ranges, perform encryption or decryption of address and/or data. For example the encryption determination circuit (50) may be used to selectively enable a data encryption-decryption circuit (60). When the data encryption-decryption circuit (60) is disabled, data conducted on an internal data bus (23) becomes "cleartext", i.e., non-encrypted. In one embodiment, the data encryption-decryption is performed in partial dependence on the address itself, and the address conducted to the external address bus is itself selectively encrypted as well.
January 30, 1996
Date of Patent:
April 6, 1999
David L. Brown, Raul A. Pombo, Paul J. Polansky
Abstract: A system for generating authorization codes, such as personal identification numbers, at the point of distribution of certificates of value on which the authorization codes are to be printed or otherwise encoded. Because the authorization codes are generated in real time, there is no need to store and safeguard an inventory of preprinted certificates, or even an inventory of activated authorization codes. The principles of the invention apply both to systems for generating incentive award certificates and to systems for generating purchased certificates of value. The incentive awards or certificates of value are tokens of prepayment for a service, such as long-distance telephone service or other service. The authorization codes generated for inclusion with the value certificates are unique and seemingly random. They are generated by taking a non-random unique code, such as a sequence code, and encrypting it to obtain seemingly random, but unique, authorization codes.
Abstract: The encryption secured computer system (10) includes a server (12) that communicates with clients (14-20) across a public network (21) using a novel transaction coded decryption key technology that discourages wrongful redistribution of protected information such as digital musical scores, and allows for tracking of infringing activity. In one implementation, the server (12) distributes access software and partially encrypted musical scores to clients upon request. A client can sample the partially encrypted scores prior to consummating a transaction. When a score is selected, the client enters payment information and is assigned a password that is specific to the client and transaction. The password functions as a decryption key to enable use of the musical score by the client employing the access software. Any subsequent wrongful redistribution of the musical score together with the decryption password can be traced due to client identifying information encoded into the password.
Abstract: A computer-based system is provided for automatic sales of software programs. The system accesses a software program within a computer database and maintains the software program in a locked state in order to prevent unauthorized duplication of the software program. In response to a request to purchase the software program, the system unlocks a copy of the software program and distributes the unlocked copy. The system records how many copies of the software program have been distributed in response to the purchase requests for billing purposes.
Abstract: A personal computer having a security function, a security method therefor, and methods of installing and detaching a security device are provided. In the security method, a password is dispersedly stored in the personal computer and a hard disk is booted only when the password input by a user is valid and the boot data of a security device is the same as that of the hard disk. When recording a file on a floppy disk, the file is processed with an encryption function and an encryption table. Also, the file stored in the floppy disk is read using a decoding table. Further, when installing the security device, a partition is removed so as to prevent the hard disk from being used without any security device. Therefore, the password cannot be read by an unauthorized user and the hard disk cannot be booted without any security device. Also, due to the encrypting and decoding processes, a file is copied without permission cannot be read by another personal computer.