Abstract: Techniques for zero-trust cloud deployment are described herein. In accordance with various embodiments, a device including a processor and a non-transitory memory derives a key from deployment metadata of a virtual machine, where the deployment metadata change with each deployment of the virtual machine. The device then encrypts secrets using the key to bind the key to the virtual machine. The device further deploys the virtual machine in a cloud using the deployment metadata, including loading the encrypted secrets to the deployed virtual machine in the cloud.

Abstract: Anti-piracy techniques described herein are performed on a server that includes one or more processors and a non-transitory memory. The server enters a state to accumulate a portion of a bitstream extracted from parts of a clip obtained from a pirate service. The server then identifies a set of suspected piracy devices for the piracy service based on a confidence score of suspected piracy calculated for each client using the accumulated portion of the bitstream exceeding a threshold set relative to the state. The server additionally determines whether or not the set of suspected piracy devices for the pirate service satisfies a stable collusion state criterion corresponding to the state. The server enters a next state to iteratively perform the accumulating and the identifying upon determining the set of suspected piracy devices for the pirate service not satisfying the stable collusion state criterion corresponding to the state.

Abstract: Techniques for securing client watermarks are described herein. In accordance with various embodiments, a server receives a request from a client device for authorizing rendering a media content item at the client device. A validation engine on the server obtains at least a portion of an image representing a screen capture of rendering the media content item including a client watermark and/or metadata associated with the rendering. The validation engine then validates the watermark based at least in part on at least the portion of the image and/or the metadata. Having invalidated the client watermark, the server causes disruption of rendering the media content item at the client device. On the client side, a watermark engine captures the image of rendering the media content item including the client watermark and requests the server to validate the client watermark and renew the authorization based on the validation.

Abstract: Techniques for adaptive validation and remediation are described. In some embodiments, the method includes determining, for a plurality of media service accounts, corresponding fraud suspicion values based on a model. The method also includes identifying a plurality of suspected accounts based on the corresponding fraud suspicion values. The method additionally includes identifying one or more suspected devices and predicting a likelihood of account takeover from each of the one or more suspected devices. The method further includes detecting a triggering event from a device of the one or more suspected devices associated with an account. The method additionally includes executing a validation and/or remediation procedure based on a trigger sensitivity value associated with the triggering event, a respective likelihood of account takeover from the device associated with the account, a respective device risk value associated with the device, and a respective fraud suspicion value associated with the account.

Abstract: Techniques for enhancing security for thin client devices in hybrid edge cloud systems are described. In accordance with various embodiments, the hybrid system includes a cloud computing platform (e.g., the cloud) and an edge device (e.g., the edge). The cloud extracts key(s) for authentication and session establishment. The cloud also utilizes the key(s) to establish a session between the edge and a client device. The cloud additionally authorizes a content request from the client device for a media content item over the session and extracts a content key upon successful authorization. The edge caches the key(s), obtains the content key at the time of receiving the content request from the client device and transmits the content key and the key(s) with the media content item to the client device.

Abstract: Techniques for embedding secure feature selection at content delivery network (CDN) edge are described. In accordance with various embodiments, server(s) in a cloud receive from a client device a request for a media URL associated with a media asset. The server(s) identify feature state(s) associated with the client device and the media asset on a CDN edge node hosting the media asset. The server(s) then selectively generate a unique token or a common token specifying the feature state(s) before sending the media URL including the unique token or the common token to the client device. Upon receiving the media URL, the CDN edge node in an edge node with features deployed, determines whether the media URL causes a cache miss. Upon determining that the media URL causes the cache miss, the CDN edge node changes a feature state of a feature, applies the feature, and provides the media asset.

Abstract: Techniques for embedding watermarks are described. In accordance with various embodiments, a server (e.g., a cloud in a core network) generates a profile for an encoded media content item and packages the profile as corresponding watermark metadata. The server then transmits the encoded media content item and the corresponding watermark metadata to at least one edge node in an edge cloud. A respective edge node in the edge cloud, upon receiving a request from a client device for the encoded media content item, where the request includes a client identifier associated with the client device, obtains a first portion of the encoded media content item and the corresponding watermark metadata. A watermark embedder of the edge node then embeds the client identifier in the embedded media content item according to the watermark metadata and transmits the watermark embedded media content item to the client device.

Abstract: Techniques for adaptive validation and remediation are described. In some embodiments, the method includes determining, for a plurality of media service accounts, corresponding fraud suspicion values based on a model. The method also includes identifying a plurality of suspected accounts based on the corresponding fraud suspicion values. The method additionally includes identifying one or more suspected devices and predicting a likelihood of account takeover from each of the one or more suspected devices. The method further includes detecting a triggering event from a device of the one or more suspected devices associated with an account. The method additionally includes executing a validation and/or remediation procedure based on a trigger sensitivity value associated with the triggering event, a respective likelihood of account takeover from the device associated with the account, a respective device risk value associated with the device, and a respective fraud suspicion value associated with the account.

Abstract: In one illustrative example, TV usage data associated with a residential set-top box (STB) are obtained and stored over a plurality of repeated (e.g. weekly) time periods. TV usage pattern data associated with the residential STB are derived based on the stored TV usage data. A suspected illegitimate use of the residential STB is identified based on identifying a match or correlation between the TV usage pattern data and one of a plurality of predetermined commercial TV usage patterns. Further, for each listing data of one or more published listings of business hours, types, and themes associated with one or more commercial establishments, a comparison or correlation is performed between the TV usage pattern data and the listing data. A commercial establishment associated with illegitimate use is identified based on identifying a match or correlation between the TV usage pattern data and the listing data associated with the commercial establishment.

Abstract: Techniques for use in determining redress measures for a television (TV) service outage based on impact analysis are described. A TV service outage may be associated with a TV system apparatus including a TV user interface (UI). In one illustrative example, one or more subscribers impacted by the TV service outage are determined. An impact score is determined for each one of the subscribers. A redress measure for each one of the subscribers is then determined in accordance with their corresponding impact scores. An impacted subscriber and/or an impact score may be determined based at least in part on subscriber TV usage data or subscriber TV UI usage data.

Abstract: Techniques for use in determining redress measures for a television (TV) service outage based on impact analysis are described. A TV service outage may be associated with a TV system apparatus including a TV user interface (UI). In one illustrative example, one or more subscribers impacted by the TV service outage are determined. An impact score is determined for each one of the subscribers. A redress measure for each one of the subscribers is then determined in accordance with their corresponding impact scores. An impacted subscriber and/or an impact score may be determined based at least in part on subscriber TV usage data or subscriber TV UI usage data.

Abstract: In one illustrative example, TV usage data associated with a residential set-top box (STB) are obtained and stored over a plurality of repeated (e.g. weekly) time periods. TV usage pattern data associated with the residential STB are derived based on the stored TV usage data. A suspected illegitimate use of the residential STB is identified based on identifying a match or correlation between the TV usage pattern data and one of a plurality of predetermined commercial TV usage patterns. Further, for each listing data of one or more published listings of business hours, types, and themes associated with one or more commercial establishments, a comparison or correlation is performed between the TV usage pattern data and the listing data. A commercial establishment associated with illegitimate use is identified based on identifying a match or correlation between the TV usage pattern data and the listing data associated with the commercial establishment.

Abstract: Techniques for use in determining redress measures for a television (TV) service outage based on impact analysis are described. A TV service outage may be associated with a TV system apparatus including a TV user interface (UI). In one illustrative example, one or more subscribers impacted by the TV service outage are determined. An impact score is determined for each one of the subscribers. A redress measure for each one of the subscribers is then determined in accordance with their corresponding impact scores. An impacted subscriber and/or an impact score may be determined based at least in part on subscriber TV usage data or subscriber TV UI usage data.

Abstract: In one illustrative example, TV usage data associated with a residential set-top box (STB) are obtained and stored over a plurality of repeated (e.g. weekly) time periods. TV usage pattern data associated with the residential STB are derived based on the stored TV usage data. A suspected illegitimate use of the residential STB is identified based on identifying a match or correlation between the TV usage pattern data and one of a plurality of predetermined commercial TV usage patterns. Further, for each listing data of one or more published listings of business hours, types, and themes associated with one or more commercial establishments, a comparison or correlation is performed between the TV usage pattern data and the listing data. A commercial establishment associated with illegitimate use is identified based on identifying a match or correlation between the TV usage pattern data and the listing data associated with the commercial establishment.

Abstract: In one embodiment, a method includes receiving usage data regarding usage of a subscription-based media service account, generating a plurality of sharing scores based on the usage data, each of the plurality of sharing scores being indicative of a confidence that the usage of the subscription-based media service account is subject to a respective type of sharing, comparing each of the plurality of sharing scores to a respective threshold, and, in response to one of the plurality of sharing scores exceeding its respective threshold, presenting a challenge associated with the respective type of sharing.

Abstract: In one illustrative example, TV usage data associated with a residential set-top box (STB) are obtained and stored over a plurality of repeated (e.g. weekly) time periods. TV usage pattern data associated with the residential STB are derived based on the stored TV usage data. A suspected illegitimate use of the residential STB is identified based on identifying a match or correlation between the TV usage pattern data and one of a plurality of predetermined commercial TV usage patterns. Further, for each listing data of one or more published listings of business hours, types, and themes associated with one or more commercial establishments, a comparison or correlation is performed between the TV usage pattern data and the listing data. A commercial establishment associated with illegitimate use is identified based on identifying a match or correlation between the TV usage pattern data and the listing data associated with the commercial establishment.

Abstract: Techniques for use in determining redress measures for a television (TV) service outage based on impact analysis are described. A TV service outage may be associated with a TV system apparatus including a TV user interface (UI). In one illustrative example, one or more subscribers impacted by the TV service outage are determined. An impact score is determined for each one of the subscribers. A redress measure for each one of the subscribers is then determined in accordance with their corresponding impact scores. An impacted subscriber and/or an impact score may be determined based at least in part on subscriber TV usage data or subscriber TV UI usage data.

Abstract: In one embodiment, a method includes receiving usage data regarding usage of a subscription-based media service account, generating a plurality of sharing scores based on the usage data, each of the plurality of sharing scores being indicative of a confidence that the usage of the subscription-based media service account is subject to a respective type of sharing, comparing each of the plurality of sharing scores to a respective threshold, and, in response to one of the plurality of sharing scores exceeding its respective threshold, presenting a challenge associated with the respective type of sharing.

Abstract: A system for correlating a user's interests to media content, said system comprising: (a) at least one data store comprising media content data relating to people, works, and tags; (b) a relationship generator configured to generate direct relationships among said people, works and tags; (c) a connection module to generate connections between a primary person, work or tag and a first set of said people, works, and tags, wherein each person, work and tag of said first set has a direct relationship with said primary person, work or tag; and (d) a display module for causing the display of at least a portion of said first set of said people, works and tags.