Abstract: In accordance with one aspect, a client device is sent an indication of one or more types of information available for the client device. In response to the indication, a request is received from the client device to retrieve the information available for the client device. The information is identified and sent to the client device. In accordance with another aspect, one or more friends of the user are identified from persistent data, and a check made as to whether each of them is logged in to the system. For each of them that is logged in to the system, the user is subscribed to the friend's information and the friend is subscribed to the user's information. In accordance with another aspect, a user is allowed to be a friend of another user only if the other user is also a friend of the user.

Abstract: An exemplary implementation of a security gateway for online console-based gaming operates as a gateway between a public network (e.g., the Internet), and a private network (e.g., an internal data center network). The security gateway allows secure communication channels to be established with game consoles via the public network, and allows secure communication between game consoles on the public network and service devices on the private network.

Abstract: A network architecture for console-based gaming systems enables secure communication among multiple game consoles over a local area network. The system architecture supports a three-phase secure communication protocol. The first phase involves generating shared keys that are unique to an authentic game console running an authentic game title. In the second phase, a “client” console attempts to discover existing game sessions being hosted by a “host” game console by broadcasting a request over the local area network. The broadcast request is protected using the shared keys. If the host console agrees to let the client console play, the host console generates session keys that are returned to the client console. The third phase involves a key exchange in which the client and host consoles exchange data used to derive one or more secrets for securing future communications. The key exchange is protected using the session keys.

Abstract: An architecture is described to manufacture console-based gaming systems in a manner that allows them to be authenticated to a remote entity for online participation. The architecture involves placing pre-established secrets on the game console during console manufacturing that may be subsequently used to guarantee the authenticity of the game console during registration time.

Abstract: Methods and apparatus for synchronizing access control in a web server are described. A plurality of security scenarios are defined, each of which has one or more security settings associated therewith. The security settings are those that are associated with a plurality of access control mechanisms that control access to a web server or to resources that are used by the web server. One or more of the security settings for one or more of the access control mechanisms are set when a security scenario is selected. Thus, the security settings for a number of different access control mechanisms can be set contemporaneously by selecting one security scenario.

Abstract: A console-based multi-user authentication process allows multiple users of a game console to be authenticated together in a single request/reply exchange with an authentication entity. The results of which is the possession of a single ticket that can be used to prove authenticity of multiple authentication principals to one or more online services. Also described is a handshake process that can be used to initially establish an authentication account for each game console, in which the account creation server can trust that a genuine game console is making the request.