Abstract: Tampering of electronic equipment may be detected by instructing the electronic equipment to perform at least one computational operation at the electronic equipment, such as hashing of at least some of the memory of the electronic equipment, to produce a result. The result is received from the electronic equipment. Tampering of the electronic equipment is detected if the result is not received within a constrained time of the instructing, even if the result is correct. Tampering also may be detected if the result is not correct.

Abstract: Disclosed herein are methods and systems for transmitting streams of data. The present invention also relates to generating packet watermarks and packet watermark keys. The present invention also relates to a computerized system for packaging data for transmission to a user. The system may utilize computer code to generate a bandwidth rights certificate that may include: at least one cryptographic credential; routing information for the transmission; and, optionally, a digital signature of a certificate owner; a unique identification code of a certificate owner; a certificate validity period; and pricing information for use of bandwidth. The present invention also relates to an electronic method and system for purchasing good and services by establishing an account whereby a customer is credited with a predetermined amount of bandwidth usage, and then charges are assessed against the account in an amount of bandwidth usage which corresponds to the agreed upon purchase value for the selected item.

Abstract: A method for integrating a plurality of content repositories into a virtual content repository (VCR), comprising providing credential information to each one of said plurality of content repositories, receiving authorization information from each one of said plurality of content repositories, wherein the authorization information indicates whether or not an authorization procedure succeeded, integrating into the VCR each one of said plurality of content repositories whose authorization information indicates successful authorization, and wherein each one of said plurality of content repositories exposes a first set of services to enable its integration into the VCR.

Abstract: There are various methods of securing programs and data on a processor. The external address enable pin of the processor is sampled upon a power-on or reset to the processor, to determine whether or not accesses to external memory are allowed. Other changes to the external address enable pin are thereafter ignored. In addition, if it is determined that an internal memory access is occurring, the contents of such an access can be masked to prevent unauthorized viewing of the memory contents via an external memory bus. In addition, a programmable security bit may be set to disable the dumping of flash memory contents, allowing only the erasing of the flash memory.

Abstract: A system for providing collaborative browsing of information and interactive communications on the worldwide web. A customer may use the system for a co-browsing session with a customer assistance representative by simply providing an access number from an accessed web site to the customer service representative. The customer is transparently switched from a normal web site to a co-browsing web site merely by clicking on a button to request assistance. The co-browsing site includes software to periodically poll a server for synchronization purposes.

Abstract: Encrypted music data and additional information necessary for accessing a server (30) are copied from a CD-ROM (200) onto a memory card (110). The memory card (110) receives via a digital portable phone network the distribution of a contents decoding key (Kc) necessary for decoding encrypted music data and control information data (AC1) for limiting the number of accesses to the memory card from the server (30).

Abstract: Access to a storage device, such as a disk, is controlled by performing a disk operation using a single cryptographic engine. Keys associated with each layer of a layered structure associated with controlling access to the storage device are combined. The resultant of this combination is used as the key to the cryptographic engine. Data to be retrieved from and written to the storage device are operated on by the cryptographic engine utilizing the combined key. Keys are combined by combining functions associated with layers of the layered structure. A combining function can include an exclusive or function, a cryptographic hash function, or a combination thereof.

Abstract: A system and method for concealing input parameters that are being loaded into a device. In one embodiment, the system provides a transformed interface, in which a device into which the parameters are loaded contains a series of inverse transformation keys. The parameters to be concealed are transformed using a particular key, along with a transformed index value to indicate the particular key that must be used to inversely transform the parameter.

Abstract: A computer implemented method, data processing system, and computer program product for reducing the overhead associated with distributed password policy enforcement operations using a proxy server. When a proxy server provides a request from a client to a backend directory server, the proxy server determines whether a password policy check is required to be performed at the backend directory server. If a password policy check is not required to be performed at the backend directory server, the proxy server sends the client request together with a skip password policy control to the backend directory server. This skip password policy control informs the backend directory server to skip the password policy check on the client request.

Abstract: To protect data from corruption due to restoration of an encryption key to a wrong storage system, there is provided a computer system including a first storage system and a second storage system, wherein: the first storage system, upon receiving a request to write first data to a first area in the first storage system, encrypts the first data by using a first key and writes the first data in the first area, and, upon receiving a request to write second data to a third area, encrypts the second data by using a second key and transmits a request to write the encrypted second data in a second area in the second storage system; and the computer system holds the first key, an identifier of the first storage system associated with the first key, the second key, and an identifier of the second storage system associated with the second key.

Abstract: A system and method for wirelessly exchanging an encryption key between a first device and a second device. The system generally includes: a transmitter, provided to the first device, for transmitting a signal that is strong enough to transmit over a predetermined distance while having a strength that decreases exponentially with distance, for example a magnetic field signal; a receiver, for example a Hall effect switch, provided to the second device, for receiving the signal; and a controller for determining when the first device and the second device are within the predetermined distance and controlling the transmitter to transmit the encryption key based on the determination.

Abstract: A network security system having a hierarchical configuration is provided. In one embodiment the present invention includes a plurality of subsystems, where each subsystem includes a plurality of distributed software agents configured to collect security events from monitor devices, and a local manager module coupled to the plurality of distributed software agents to generate correlated events by correlating the security events. Each of the subsystems can report the correlated events to a global manager module coupled to the plurality of subsystems, and the global manager module can correlate the correlated events from each manager module.

Abstract: Access to content may be administered by storing content, the content comprising one or more selections, accessing a passive optical out-of-band token associated with the content, determining an access right for the content based on the passive optical out-of-band token, and enabling access to the content in accordance with the access right.

Abstract: Systems for instant messaging private tags preferably comprise a parser for parsing an instant message for sensitive data and an encryption engine for encrypting the sensitive data. A modified uuencoder is also preferably included for converting the encrypted sensitive data into a data stream that complies with an XML format. Other systems and methods are also provided.

Abstract: A movie anti-piracy system with sensing and reporting is provided. An anti-piracy subsystem is utilized to preclude, interfere with and/or prevent copying of the movie. Anti-piracy compliance sensing selectively provides compliance violation signals respectively to a sensor response controller. The controller is responsive to the compliance violation signals to provide a violation status (and other data) signal output to a control center. The control center responds to the violation status and other data signals, from one or a plurality of theaters, and provides for reporting of information (such as security compliance, attendance, etc.) to one or multiple reporting sites (such as movie distribution studios, etc.). In a preferred embodiment, the control center determines whether there are violations of providing of anti-piracy protection within a theater (or theaters) and provides reporting on the anti-piracy compliance status and data.

Abstract: A network apparatus which is detachable from a data processing apparatus and is mounted in the data processing apparatus to connect the data processing apparatus and a network installs an application and stores authentication information corresponding to the application in the storage of the network apparatus. The network apparatus acquires authentication information corresponding to the application from the storage of the network apparatus and the data processing apparatus in accordance with an application activation request. The network apparatus determines, on the basis of the acquired authentication information, whether to permit activation of the application.

Abstract: Computer implemented methods, apparatus, and computer-readable media for detecting suspected spam in e-mail (24) originating from a sending computer (21). A method embodiment comprises the steps of determining (11) the actual IP address (23) of the sending computer (21); converting (12) the actual IP address (23) into geo-location data; and, using the geo-location data, ascertaining (13) whether the e-mail (24) contains suspected spam.

Abstract: A system and method for providing persistence in a secure network access by using a client certificate sent by a client device to maintain the identity of a target. A security handshake is performed with a client device to establish a secure session. A target is determined. A client certificate is associated with the target. During subsequent secure sessions, the client certificate is used to maintain persistent communications between the client and a target. A session ID can be used in combination with the client certificate, by identifying the target based on the session ID or the client certificate, depending on which one is available in a client message.

Abstract: Imagery, video, maps or signs are embedded with plural-bit data in the form of digital watermarking. In one embodiment, a method includes obtaining a media signal representing an image or video; introducing digital watermarking into the media signal, the digital watermarking slightly altering samples of the media signal; and the digital watermarking changing across the media signal so as to convey first information related to at least a first area depicted in the image or within data representing a first portion of the video in the media signal and second, different information related to at least a second area depicted in the image or within data representing a second portion of the video in the media signal. Other embodiments are provided as well.

Abstract: Generating a unique URL key for a web document according to an obtained key generating policy. The URL of a web page is parsed according to the policy in order to generate the URL key. Preferably, the key generating policy is obtained from a well known source associated with the web page.