Abstract: The present disclosure relates to an apparatus for transferring a light emitting diode (LED). The apparatus for transferring an LED includes: a pick-up unit configured to pick up at least some of multiple light emitting diodes (LEDs) arranged on one substrate, and, according to a received control signal, put down LEDs selected from among the picked-up LEDs on another substrate; and a controller configured to transmit the control signal to the pick-up unit so as to enable the pick-up unit to individually pick up or put down each of the multiple LEDs.

Abstract: Methods and systems related to authoring and acquiring digital rights management (DRM) licenses are disclosed. For example, a computing device may generate or author a digital rights management license for a content asset that includes one or more usage restriction rules. A usage restriction may limit the maximum display resolution for a content asset. Another device may then receive the license and process the one or more usage restrictions prior to presentation of the content asset to a user.

Abstract: Methods and apparatus for real-time security monitoring on a computing device are presented. A system may define privileges to access hardware interfaces for each process of a plurality of processes executing on a computing device. The privileges may be defined in a privileged operating system level that controls root access to an operating system. In response to a determination that a process is attempting to access a hardware interface, the system may determine whether the process is privileged to access the hardware interface by checking the privileges. In response to determining that the process is not privileged to access the hardware interface, the intrusion detection agent may terminate the process.

Abstract: Methods, apparatuses, and systems are described for deriving secured keys and authenticating based on the derived keys. An entity may receive one or more derived keys and one or more key derivation algorithms associated with the one or more derived keys. A user device may derive, based on a key associated with the user device and unknown to the entity, a user key. The entity may derive, based on a first derived key and one of the key derivation algorithms, a second derived key, and may verify, based on the second derived key, the user key.

Abstract: Systems and methods are described that relate to authentication and/or binding of multiple devices with varying security profiles. In one aspect, a first device with a higher security profile may vouch for the authenticity of a second device with a lower security profile when the second device requests access for content from a content provider. The vouching process may be implemented by allowing the first device to overlay its digital signature on a registration request that has been signed and transmitted by the second device. The second device with the lower security profile may access content from the content provider or source for a predetermined time period, even when the second device does not access content through the first device.

Abstract: Methods and systems related to authoring and acquiring digital rights management (DRM) licenses are disclosed. For example, a computing device may generate or author a digital rights management license for a content asset that includes one or more usage restriction rules. A usage restriction may limit the maximum display resolution for a content asset. Another device may then receive the license and process the one or more usage restrictions prior to presentation of the content asset to a user.

Abstract: Groups of devices may be prevented from accessing content by encrypting the content. A plurality of secrets associated with a decryption key may be generated using a secret sharing algorithm. The plurality of secrets may be sent to one or more groups of devices to derive the decryption key. A non-restricted subset of the groups of devices may receive one or more secrets. Devices within the non-restricted subset of the groups may be able to use one or more secrets to determine the decryption key for the content. Groups that do not receive one or more secrets may be unable to determine the decryption key for the content.

Abstract: A server that creates a spatial model includes a derivation unit configured to derive boundary point information from a panoramic image of an indoor space; a point cloud creation unit configured to create a point cloud for the panoramic image; a division unit configured to divide the point cloud based on the boundary point information; a texture image creation unit configured to create a texture image by projecting the divided point cloud onto a plane corresponding to the divided point cloud; a mesh model creation unit configured to extract geometric information from the point cloud based on the boundary point information, and create a mesh model based on the extracted geometric information; and a spatial model creation unit configured to create the spatial model for the indoor space based on the texture image and the mesh model.

Abstract: Methods and apparatus for real-time security monitoring on a computing device are presented. A system may define privileges to access hardware interfaces for each process of a plurality of processes executing on a computing device. The privileges may be defined in a privileged operating system level that controls root access to an operating system. In response to a determination that a process is attempting to access a hardware interface, the system may determine whether the process is privileged to access the hardware interface by checking the privileges. In response to determining that the process is not privileged to access the hardware interface, the intrusion detection agent may terminate the process.

Abstract: Systems and methods are described that relate to authentication and/or binding of multiple devices with varying security profiles. In one aspect, a first device with a higher security profile may vouch for the authenticity of a second device with a lower security profile when the second device requests access for content from a content provider. The vouching process may be implemented by allowing the first device to overlay its digital signature on a registration request that has been signed and transmitted by the second device. The second device with the lower security profile may access content from the content provider or source for a predetermined time period, even when the second device does not access content through the first device.

Abstract: Systems and methods are for content security may comprise transmitting a request for authorization to access secured content. A content key for the secured content may be received and stored to a restricted region of a memory. A device security module may have access to the restricted region and may decrypt, based on satisfaction of a use condition and using the content key, the secured content. An encryption key associated with a secure media system authorized to access the secured content may be received. The device security module may encrypt, using the encryption key, the secured content and route the secured content to the secure media system.

Abstract: Methods, apparatuses, and systems are described for deriving secured keys and authenticating based on the derived keys. An entity may receive one or more derived keys and one or more key derivation algorithms associated with the one or more derived keys. A user device may derive, based on a key associated with the user device and unknown to the entity, a user key. The entity may derive, based on a first derived key and one of the key derivation algorithms, a second derived key, and may verify, based on the second derived key, the user key.

Abstract: Systems and methods are for content security may comprise transmitting a request for authorization to access secured content. A content key for the secured content may be received and stored to a restricted region of a memory. A device security module may have access to the restricted region and may decrypt, based on satisfaction of a use condition and using the content key, the secured content. An encryption key associated with a secure media system authorized to access the secured content may be received. The device security module may encrypt, using the encryption key, the secured content and route the secured content to the secure media system.

Abstract: Groups of devices may be prevented from accessing content by encrypting the content. A plurality of secrets associated with a decryption key may be generated using a secret sharing algorithm. The plurality of secrets may be sent to one or more groups of devices to derive the decryption key. A non-restricted subset of the groups of devices may receive one or more secrets. Devices within the non-restricted subset of the groups may be able to use one or more secrets to determine the decryption key for the content. Groups that do not receive one or more secrets may be unable to determine the decryption key for the content.

Abstract: Groups of devices may be prevented from accessing content by encrypting the content. A plurality of secrets associated with a decryption key may be generated using a secret sharing algorithm. The plurality of secrets may be sent to one or more groups of devices to derive the decryption key. A non-restricted subset of the groups of devices may receive one or more secrets. Devices within the non-restricted subset of the groups may be able to use one or more secrets to determine the decryption key for the content. Groups that do not receive one or more secrets may be unable to determine the decryption key for the content.

Abstract: Systems and methods for managing group encryption are described. In certain methods, a content asset may be encrypted with an asset key. An account key may be determined. Using the account key, an encrypted content asset package may be generated comprising at least the asset key, wherein the encrypted content asset package is decryptable with the account key. The encrypted content asset package and an identifier associated with the account key may be transmitted, for example to a playback device.

Abstract: Systems and methods for managing group encryption are described. In certain methods, a content asset may be encrypted with an asset key. An account key may be determined. Using the account key, an encrypted content asset package may be generated. The asset key may make up at least a portion of the encrypted content asset package. The encrypted content asset package is decryptable with the account key. The encrypted content asset package and an identifier associated with the account key may be transmitted, for example to a playback device.

Abstract: Systems, apparatuses, and methods are described for causing output of content via an output device such as a casting device. The output device may be associated with a device identity token indicating an identity for the output device. Another computing device may obtain, based on the device identity token, an output authorization token indicating a content item and the identity of the output device. The output device may, based on the output authorization token, obtain authorization data for output of the content item.

Abstract: The present disclosure relates to an apparatus for transferring a light emitting diode (LED). The apparatus for transferring an LED includes: a pick-up unit configured to pick up at least some of multiple light emitting diodes (LEDs) arranged on one substrate, and, according to a received control signal, put down LEDs selected from among the picked-up LEDs on another substrate; and a controller configured to transmit the control signal to the pick-up unit so as to enable the pick-up unit to individually pick up or put down each of the multiple LEDs.

Abstract: Groups of devices may be prevented from accessing content by encrypting the content. A plurality of secrets associated with a decryption key may be generated using a secret sharing algorithm. The plurality of secrets may be sent to one or more groups of devices to derive the decryption key. A non-restricted subset of the groups of devices may receive one or more secrets. Devices within the non-restricted subset of the groups may be able to use one or more secrets to determine the decryption key for the content. Groups that do not receive one or more secrets may be unable to determine the decryption key for the content.