Abstract: A method distributes personalized circuits to one or more parties. The method distributes a generic circuit to each party, encrypts a unique personalization value using a secret encryption key, and transmits each encrypted personalization value to the corresponding party. Each party then stores the encrypted personalization value in their circuit. The stored encrypted personalization value allows a piece of software to be properly executed by the circuit. A semiconductor integrated circuit is arranged to execute a piece of software that inputs a personalization value as an input parameter. The circuit comprises a personalization memory arranged to store an encrypted personalization value; a key memory for storing a decryption key; a control unit comprising a cryptographic circuit arranged to decrypt the encrypted personalization value using the decryption key; and a processor arranged to receive the decrypted personalization value and execute the software using the decrypted personalization value.

Abstract: In an electronic device and method of protecting software, a software program of the electronic device is invoked. The media access control (MAC) address of the electronic device and a serial number of a hard disk drive that stores the software program in the electronic device are searched. The MAC address and the serial number are compared with MAC addresses and serial numbers included in the software program, to determinate whether it is licensed to run the software program in the electronic device. Usage logs of the software program are further obtained to determine whether running of the software program in the electronic device is expired.

Abstract: Determination is executed as to whether an electronic document has been edited after addition of a second signature added after addition of a first signature. When it is determined that editing is made after the addition of the second signature, a verification result of the electronic document is output without determining whether editing is made after the addition of the first signature. If it is determined that editing is not made after the addition of the second signature, determination is executed as to whether editing is made after the addition of the first signature and the verification result of the electronic document is output based on an obtained determination result.

Abstract: A system, method and computer program product are provided. In use, votes from a plurality of nodes for node categorization are monitored. Further, a pattern associated with the votes is identified. Thus, malicious nodes may be identified based on the pattern.

Abstract: A computer-implemented method for authenticating users may include identifying an image associated with a user for mutual assurance during an authentication process. The computer-implemented method may also include modifying the image based on a prompt message to create a modified image that displays the prompt message. The computer-implemented method may further include determining that user input comprises an expected response to the prompt message. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Techniques to perform fast motion estimation are described. An apparatus may comprise a motion estimator operative to receive as input a current frame and a reference frame from a digital video sequence. The motion estimator may generate and output a motion vector. The motion vector may represent a change in position between a current block of the current frame and a matching reference block of the reference frame. The motion estimator may utilize an enhanced block matching technique to perform block matching based on stationary and spatially proximate blocks. Other embodiments are described and claimed.

Abstract: Some embodiments of the invention provide a method of verifying the integrity of digital content. At a source of the digital content, the method generates a signature for the digital content by applying a hashing function to a particular portion of the digital content, where the particular portion is less than the entire digital content. The method supplies the signature and the digital content to a device. At the device, the method applies the hashing function to the particular portion of the digital content in order to verify the supplied signature, and thereby verifies the integrity of the supplied digital content.

Abstract: A web threat protection system may receive candidate uniform resource locators (URLs) from several URL sources. The candidate URLs may be received in a submission database. At least a portion of the candidate URLs is selected for further investigation by sending crawlers to retrieve objects from the selected URLs. The retrieved objects may be analyzed to determine whether they are malicious or good (i.e., not malicious). The result of the analysis may be used to build a security states database that includes security information of the selected URLs. Good URLs may be included in a safe URL sphere, which may be used to navigate to good websites on the Internet.

Abstract: Various embodiments of the present invention relate to systems, methods, and computer-readable medium providing licensing rights for media content that follows a subscriber so that the subscriber may experience the media content on various content distribution platforms. In particular embodiments, the systems, methods, and computer-readable medium transfer licensing rights for a user for particular media content that is associated with a first device on a first distribution platform so that the rights are associated with a second device on a second distribution platform. As a result, in various embodiments, the user is able to experience the particular media content with the use of the second device on the second distribution platform.

Abstract: A method includes: computing a first message authentication code for each of a plurality of sets of data blocks on a data storage medium, and authenticating the sets of data blocks by computing a second message authentication code for each of the sets of data blocks to be authenticated and comparing the first and second message authentication codes. An apparatus that performs the method is also provided.

Abstract: A method, system, and medium are provided for operating a computing device and a mobile device to access computer software with a secure access and to access a packet network, and for operating a computer software on a mobile device with different computing devices. A mobile device is used to authenticate a user's access to computer software. The computer software may reside on the mobile device, the user's computing device, or another computing device. A unique identifier is stored in the mobile device associated with the computer software to enable the authentication.

Abstract: A computer implemented method, apparatus, and computer program product for creating secured file views of a protected file. The process receives a request to access the file, wherein the file is stored in a common location, and wherein the request includes a set of file viewing parameters. The process identifies a callback function associated with the file and calls the callback function with the set of file viewing parameters to form a set of virtual viewing parameters. Thereafter, the process generates a secured file view of the file using the virtual viewing parameters, wherein the secured file view is viewable by a user of an authorized partition.

Abstract: Disclosed herein is an image processing device for coding image data, which is divided by a given pixel count into macroblocks, on a macroblock-by-macroblock basis, the image processing device including: a quantization section configured to quantize image data on a macroblock-by-macroblock basis; a detection section configured to detect a macroblock containing a given color pixel from the image data; and a control section configured to control the quantization section, the control section including a distance calculation section configured to calculate the distance between a given image position in a picture of the image data and an image position in the macroblock detected by the detection section, and a bitrate control section configured to control the quantization section so that a higher bitrate is assigned with decreasing distance calculated by the distance calculation section.

Abstract: An access control apparatus including a memory section that stores information; an authentication information memory section that stores at least first stored user authentication information and second stored user authentication information corresponding to a user; an input section in which first inputted user authentication information and second inputted user authentication information are inputted; a judgment section that judges whether the first inputted user authentication information matches the first stored user authentication information; a registration section that stores a second inputted authentication information in the authentication information memory section, if the judgment sections judges that the first inputted authentication information matches the first stored user authentication information; and an approval section that approves access to the information stored in the memory section for a predetermined time period if the judgment section judges that: (1) the first inputted authentication

Abstract: A method and system providing access to electronic content includes receiving a request to access the electronic content from a user device, accessing a unique ID of the user device, and comparing the unique ID to a list of authorized user devices. The unique ID is used to determine if the user device is an authorized user device. If the user device is authorized, access is provided to the electronic content. If the user device is not authorized, determining if a maximum number of authorized user devices is reached. The user device is converted to an authorized user device, if the maximum number is not reached. If the maximum number of authorized user devices is reached, the user can be denied access to the electronic content or the system can request de-authorization of one of the authorized user devices to convert the user device to an authorized user device.

Abstract: A remote device may receive a policy definition, search a file system for files that are to be protected, and disposition identified files to protect the files. After completing the protection, a report is generated and transmitted to a centralized location. The policy definition may include keywords, directory paths, metadata, or other information that may be used to identify files for protection. After identification, the files may be dispositioned by removal, tagging, encrypting, applying rights management, or other actions.

Abstract: Architecture defining a secure virtual network of communities of two or more participants where security and business management reporting is a result of a network architecture and where participants can maintain absolute security and control over their services independent of any other participant according to implemented selection rules of the network architecture administration.

Abstract: A method and system for managing a policy includes, in response to determining the presence of a conflict, determining a semantic equivalence between a component of a policy rule and at least one additional policy rule. The determining a semantic equivalence is performed by using a semantic reasoning algorithm that includes the steps of determining a first policy target of a first policy rule and a second policy target of a second policy rule, determining a meaning of the first policy target and a meaning of the second policy rule, assigning a confidence value based on the determined meaning of the first policy, assigning a confidence value based on the determined meaning of the second policy, performing a semantic comparison between the first policy target and the second policy target, and determining, based at least in part on the semantic comparison, the presence of a conflict between the first and second policy targets.

Abstract: A security model is provided in a transactional logging infrastructure that is arranged as a protected subsystem built on an underlying secure file system. Files in the underlying file system used by virtual log streams are protected from direct user writes, and are written-to only through the protected subsystem that is brokered by a machine-wide principal so that virtual log files sharing the same multiplexed physical log are kept secure from each other. Log file handles and user- and kernel-mode objects are exposed to log clients through interfaces using consistent security semantics for both dedicated and virtual logs. Log clients are agnostic of the underlying secure file system and can only manipulate file system containers—abstract objects that implement the physical log and used to virtualize the file system by normalizing input/output operations—by using the interfaces brokered by the principal in the protected subsystem.

Abstract: Methods and apparatus for authenticating a user are disclosed. According to one aspect of the present invention, a method for authenticating a user includes displaying a first representation of a challenge. The challenge is based on a ruleset. The method also includes receiving a first input, determining if the first input furthers a successful completion of the first representation of the challenge, and determining if the first input completes the first representation of the challenge. If it is determined that the first input completes the first representation of the challenge and that the first input furthers the successful completion of the first representation of the challenge, the method further includes positively augmenting a security indicator.