Abstract: Systems and methods for enhanced DOM and event mirroring and security in web applications provides an intermediate Master Browser between web content and client devices to improve security and other enhancements.

Abstract: In some embodiments, a method includes establishing a secured connection between a client device and a subordinate web service of a single sign-on service for a user, using a shared cryptographic key in a cookie stored on the client device that was transmitted over a different secured connection by a master web service of the single sign-on service, as part of authentication of the user for the single sign-on service.

Abstract: Systems and methods for enhanced DOM and event mirroring and security in web applications provides an intermediate Master Browser between web content and client devices to improve security and other enhancements.

Abstract: Systems and methods for enhanced DOM and event mirroring and security in web applications provides an intermediate Master Browser between web content and client devices to improve security and other enhancements.

Abstract: Various embodiments of a system and method for transparently authenticating a user to a digital rights management entity are described. In various embodiments, a digital rights management server may be configured to receive an authentication token from a first remote computer system. Such authentication token may indicate that a particular user of the first remote computer system was authenticated by a first content provider of one or more content providers. In various embodiments, the digital rights management server may also be configured to verify the authentication token by determining that one or more portions of the authentication token were generated based on respective authentication information issued to the first content provider. In various embodiments, the digital rights management server may also be configured to, in response to verification of the authentication token, issue to the first remote computer system one or more credentials.

Abstract: In some embodiments, a method includes establishing a secured connection between a client device and a subordinate web service of a single sign-on service for a user, using a shared cryptographic key in a cookie stored on the client device that was transmitted over a different secured connection by a master web service of the single sign-on service, as part of authentication of the user for the single sign-on service.

Abstract: A security component may be associated with a network-enabled application. The security component may initiate the display of an embedded region of a window drawn according to display information received from a relying party. The security component may define at least a portion of the appearance of the embedded region; the relying party may not define this portion. The security component may send the address of the relying party to a reputation service and query the reputation service about the reputation of the relying party. The reputation service may return reputation information about the relying party. The security component may display an indication of the relying party's reputation. If the reputation information indicates the relying party is reputable, the security component will allow the network-enabled application to exchange information with the relying party. Otherwise, the component may not allow the network-enabled application to exchange data with the relying party.

Abstract: Various embodiments of a system and method for transparently authenticating a user to a digital rights management entity are described. In various embodiments, a digital rights management server may be configured to receive an authentication token from a first remote computer system. Such authentication token may indicate that a particular user of the first remote computer system was authenticated by a first content provider of one or more content providers. In various embodiments, the digital rights management server may also be configured to verify the authentication token by determining that one or more portions of the authentication token were generated based on respective authentication information issued to the first content provider. In various embodiments, the digital rights management server may also be configured to, in response to verification of the authentication token, issue to the first remote computer system one or more credentials.

Abstract: Method and apparatus are described wherein, in one example embodiment, a public key certificate issued by a certificate authority includes at least one characteristic that conforms to at least one rule established for the operation of a public key infrastructure. An attribute certificate is issued to be used to modify the public key certificate in accordance with information contained in the attribute certificate to create a modified public key certificate wherein the at least one characteristic is modified so as to be non-conformant with the at least one rule. According to one example embodiment, the attribute certificates may be distributed by a certificate authority, or embedded in an application that includes an engine that is used to modify the conforming public key certificate.

Abstract: In one example embodiment, a method is illustrated that includes parsing seed data from digital content, the seed data identifying a signing entity, transmitting identifier data to the signing entity identified by the seed data, transmitting content information relating to the digital content to the signing entity, and receiving digitally signed content information relating to the digital content, the digitally signed content information signed by the signing entity. In another example embodiment, a method is illustrated as including parsing seed data from digital content, the seed data identifying a signing entity, transmitting identifier data to the signing entity identified by the seed data, receiving a credential from the signing entity, the credential used to sign the digital content, and signing the digital content using the credential.

Abstract: Embodiments of methods, apparatuses, systems and/or devices for processing a certificate are disclosed.

Abstract: Method and apparatus are described wherein, in one example embodiment, a public key certificate issued by a certificate authority includes at least one characteristic that conforms to at least one rule established for the operation of a public key infrastructure. An attribute certificate is issued to be used to modify the public key certificate in accordance with information contained in the attribute certificate to create a modified public key certificate wherein the at least one characteristic is modified so as to be non-conformant with the at least one rule. According to one example embodiment, the attribute certificates may be distributed by a certificate authority, or embedded in an application that includes an engine that is used to modify the conforming public key certificate.

Abstract: Method and apparatus are described wherein, in one example embodiment, a public key certificate issued by a certificate authority includes at least one characteristic that does not conform to at least one rule established for the operation of a public key infrastructure. An attribute certificate is issued to be used to modify the public key certificate in accordance with information contained in the attribute certificate to create a modified public key certificate wherein the at least one characteristic is modified so as conform to the at least one rule. According to one example embodiment, the attribute certificates may be distributed by a certificate authority, or embedded in an application that includes an engine that is used to modify the non-conforming public key certificate.

Abstract: Briefly, an embodiment of a method of certificate path processing is disclosed, which includes the following. A certificate is accessed. A first set of preferences is searched. Various preferences correlated to the certificate are identified. The correlated preferences include a preference set which is digitally or logically compatible with the specific computing system performing the processing. The preferences correlating to the specific computing system are merged with another set of preferences to form a third preference set.

Abstract: Method and apparatus are described wherein, in one example embodiment, a public key certificate issued by a certificate authority includes at least one characteristic that does not conform to at least one rule established for the operation of a public key infrastructure. An attribute certificate is issued to be used to modify the public key certificate in accordance with information contained in the attribute certificate to create a modified public key certificate wherein the at least one characteristic is modified so as conform to the at least one rule. According to one example embodiment, the attribute certificates may be distributed by a certificate authority, or embedded in an application that includes an engine that is used to modify the non-conforming public key certificate.