Abstract: A system for protecting a database against a ransomware attack includes a database backup handler configured to selectively output database backup data associated with a database to a storage device. A ransomware detector is configured to monitor changes to the database and to detect data changes to the database resulting from a ransomware attack. A ransomware remediator communicates with the ransomware detector and the database backup handler and is configured to restore data in the database to a point prior to the ransomware attack based upon the backup data in the storage device.

Abstract: A system for protecting a database against a ransomware attack includes a database backup handler configured to selectively output database backup data associated with a database to a storage device. A ransomware detector is configured to monitor changes to the database and to detect data changes to the database resulting from a ransomware attack. A ransomware remediator communicates with the ransomware detector and the database backup handler and is configured to restore data in the database to a point prior to the ransomware attack based upon the backup data in the storage device.

Abstract: Various embodiments relating to validating a user's entitlement to play a game are provided. In one embodiment, a request for a user to play a game is received at a validation service. The request may include an obfuscate-encoded bundle including a signed user ID identifying the user, a signed hardware ID of a computing machine on which the game is requested to be played, and a signed receipt. The obfuscate-encoded bundle may be decoded and the request may be validated according to a plurality of security checks including determining that one or both of the signed hardware ID or the signed user ID respectively match a hardware ID and/or a user ID included in the signed receipt. If the request to play the game is valid, an authentication token may be sent to the computing machine that allows the user to play the game on the computing machine.

Abstract: Various embodiments relating to validating a user's entitlement to play a game are provided. In one embodiment, a request for a user to play a game is received at a validation service. The request may include an obfuscate-encoded bundle including a signed user ID identifying the user, a signed hardware ID of a computing machine on which the game is requested to be played, and a signed receipt. The obfuscate-encoded bundle may be decoded and the request may be validated according to a plurality of security checks including determining that one or both of the signed hardware ID or the signed user ID respectively match a hardware ID and/or a user ID included in the signed receipt. If the request to play the game is valid, an authentication token may be sent to the computing machine that allows the user to play the game on the computing machine.

Abstract: A revocation determination service determines for a client whether a particular digital certificate as issued by a particular certificate authority (CA) has been revoked by such CA. In the service, an engine receives a query from the client, where the query identifies the particular certificate and the CA that issued the particular certificate. At least one provider is resident at the service, where each provider corresponds to a revocation information repository and represents the corresponding repository at the service, and connects to the corresponding repository. Each repository has revocation information from at least one CA. A configuration store includes a configuration information record corresponding to each provider resident at the service. Each configuration information record includes an identification of the provider and of each CA that the repository corresponding to such provider has revocation information for.

Abstract: Software is governed by a digital license that specifies a certificate that must be present in order for the software (or certain features thereof) to be used. A root authority authorizes a license server to issue certificates that are called for in the digital license for an item of software. The software and the digital license are installed on a machine, and the machine enrolls with the license server to obtain the certificate. When the software is run, an enforcement component evaluates the license to determine what certificate is required, and then evaluates the certificate to determine whether it meets the requirements of a license. If the certificate is invalid, the enforcement component may disable the software, or may disable certain features of the software.

Abstract: Software is governed by a digital license that specifies a certificate that must be present in order for the software (or certain features thereof) to be used. A root authority authorizes a license server to issue certificates that are called for in the digital license for an item of software. The software and the digital license are installed on a machine, and the machine enrolls with the license server to obtain the certificate. When the software is run, an enforcement component evaluates the license to determine what certificate is required, and then evaluates the certificate to determine whether it meets the requirements of a license. If the certificate is invalid, the enforcement component may disable the software, or may disable certain features of the software.

Abstract: A revocation determination service determines for a client whether a particular digital certificate as issued by a particular certificate authority (CA) has been revoked by such CA. In the service, an engine receives a query from the client, where the query identifies the particular certificate and the CA that issued the particular certificate. At least one provider is resident at the service, where each provider corresponds to a revocation information repository and represents the corresponding repository at the service, and connects to the corresponding repository. Each repository has revocation information from at least one CA. A configuration store includes a configuration information record corresponding to each provider resident at the service. Each configuration information record includes an identification of the provider and of each CA that the repository corresponding to such provider has revocation information for.