Abstract: Redirecting function calls through a protected environment to effect secure linkage of program modules. In one embodiment, a program module, such as a player application for example, may make function calls to secure functions instead of to insecure operating system (OS) services, thereby deterring attacks on the player's calls to OS services. In one embodiment, the new secure functions provide similar functionality to the replaced OS services. Providing a securely loaded function for calling by a program module in place of calling an insecure OS function includes obtaining object code for the securely loaded function from a signed binary description file, performing signature and integrity verification of the program module using the signed binary description file, loading the object code for the securely loaded function into memory, and updating an address for calling the securely loaded function by the program module.

Abstract: Providing adaptive security for access to content on a system may be accomplished by determining if a user has rights to access the content according to a content license associated with the content, and when the user has rights to play the content, performing the following actions. The system reads a data structure in the content license defining at least one security factor ID and an associated factor value, sets a security factor value for a security factor, the security factor corresponding to the security factor ID, to the associated factor value from the data structure, allows access to the content, and performs security processing by the system at a level based at least in part on the security factor value. In one embodiment, the security factor IDs and associated factor values are set by a content owner or distributor at the time of manufacturing or distributing the content.

Abstract: Deterring an attack on a tamper-resistant application program may be accomplished by loading a plurality of agents and starting a plurality of processing threads, each thread executing one of the agents, concurrently executing each agent substantially in parallel to produce a processing result for each agent for an iteration of a stage of protocol processing, storing each processing result in an entry in a buffer associated with each agent, and repeating the executing and storing actions for multiple iterations of the protocol processing. When one of the agents stores a processing result in a last entry of the agent's buffer, the processing results from the first entries in the buffers are combined to produce a combined result, and if the combined result indicates an error, failure semantics may be executed.

Abstract: A system and method for verifying integrity of a system with multiple components includes a plurality of related object components that forms the software system, a signed binary description file manager that generates a signed binary description file (SBDF) to store verification and license information of the plurality of related object components, and a verification agent that verifies itself and the plurality of related object components. The manager associates unique identification (ID) names that represents the related object components with corresponding sets of component license information, and stores the associations in the signed binary description file. The verification agent retrieves license information pertinent to itself and each of the related object components utilizing the SBDF. The verification agent verifies the related object components after verifying its own integrity.

Abstract: Where at least two digital images overlap at a first resolution level is identified. Overlapping areas of the at least two digital images at a second resolution level higher than the first resolution level are obtained. Where the overlapping areas overlap at the second resolution level is identified.

Abstract: Deterring an attack on a tamper-resistant application program may be accomplished by loading a plurality of agents and starting a plurality of processing threads, each thread executing one of the agents, concurrently executing each agent substantially in parallel to produce a processing result for each agent for an iteration of a stage of protocol processing, storing each processing result in an entry in a buffer associated with each agent, and repeating the executing and storing actions for multiple iterations of the protocol processing. When one of the agents stores a processing result in a last entry of the agent's buffer, the processing results from the first entries in the buffers are combined to produce a combined result, and if the combined result indicates an error, failure semantics may be executed.

Abstract: Providing adaptive security for access to content on a system may be accomplished by determining if a user has rights to access the content according to a content license associated with the content, and when the user has rights to play the content, performing the following actions. The system reads a data structure in the content license defining at least one security factor ID and an associated factor value, sets a security factor value for a security factor, the security factor corresponding to the security factor ID, to the associated factor value from the data structure, allows access to the content, and performs security processing by the system at a level based at least in part on the security factor value. In one embodiment, the security factor IDs and associated factor values are set by a content owner or distributor at the time of manufacturing or distributing the content.

Abstract: Redirecting function calls through a protected environment to effect secure linkage of program modules. In one embodiment, a program module, such as a player application for example, may make function calls to secure functions instead of to insecure operating system (OS) services, thereby deterring attacks on the player's calls to OS services. In one embodiment, the new secure functions provide similar functionality to the replaced OS services. Providing a securely loaded function for calling by a program module in place of calling an insecure OS function includes obtaining object code for the securely loaded function from a signed binary description file, performing signature and integrity verification of the program module using the signed binary description file, loading the object code for the securely loaded function into memory, and updating an address for calling the securely loaded function by the program module.

Abstract: An apparatus for use within a video conferencing system comprising an image analysis circuit and a control circuit is presented. As described herein, the image analysis circuit is operative to analyze at least a video frame of video conferencing signals of a video conference. The control circuit, coupled to the image analysis circuit, is operative to control a remote video camera of a remote conferencing apparatus communicatively coupled to the video conferencing apparatus to conduct the video conference, responsive to the results of said analysis.

Abstract: A system and method for verifying integrity of a system with multiple components includes a plurality of related object components that forms the software system, a signed binary description file manager that generates a signed binary description file (SBDF) to store verification and license information of the plurality of related object components, and a verification agent that verifies itself and the plurality of related object components. The manager associates unique identification (ID) names that represents the related object components with corresponding sets of component license information, and stores the associations in the signed binary description file. The verification agent retrieves license information pertinent to itself and each of the related object components utilizing the SBDF. The verification agent verifies the related object components after verifying its own integrity.

Abstract: An apparatus for use within a video conferencing system comprising an image analysis circuit and a control circuit is presented. As described herein, the image analysis circuit is operative to analyze at least a video frame of video conferencing signals of a video conference. The control circuit, coupled to the image analysis circuit, is operative to control a remote video camera of a remote conferencing apparatus communicatively coupled to the video conferencing apparatus to conduct the video conference, responsive to the results of said analysis.

Abstract: An apparatus for use within a video conferencing system comprising an image analysis circuit and a control circuit is presented. As described herein, the image analysis circuit is operative to analyze at least a video frame of video conferencing signals of a video conference. The control circuit, coupled to the image analysis circuit, is operative to control a remote video camera of a remote conferencing apparatus communicatively coupled to the video conferencing apparatus to conduct the video conference, responsive to the results of said analysis.

Abstract: A method and apparatus are provided for transmitting images from a first processing system to a second processing system over a communication link during a multimedia teleconference. In response to a user input at the first processing system requesting transmission of the image, a communication device in the first processing system is queried for the current bandwidth of the communication link. The communication device returns an indication of the current bandwidth, and in response to the indication, a subset of an image file is selected. The subset corresponds to one of multiple possible levels of resolution of the image. The selected subset of the image file is then transmitted to the second processing system over the communication link, such that the second processing system can display the image at full size, but at a resolution less than the full resolution if necessary, given the current bandwidth.

Abstract: An apparatus and method for linking public and private pages in a conferencing system is disclosed. In a computer conferencing system having a plurality of participants coupled by a communication medium, a process for linking public and private pages comprises the steps of: 1) collecting public meeting information generated by any of the plurality of participants, the public meeting information including at least one public page of annotations; 2) collecting private meeting information from a local participant in which the meeting manager is resident, the private meeting information being different from the public meeting information, the private meeting information not accessible to the plurality of conference participants other than the local participant, the private meeting information including at least one private page of annotations; and 3) selectively linking the private page with the public page, the private page being implicitly accessed when the linked public page is explicitly accessed.

Abstract: A method, data conferencing system, and storage medium for inserting an annotation made by a node of a data conferencing system having a plurality of nodes, wherein only one node at a time is an arbiter node. According to a preferred embodiment, the node inserts at an index for indexing an indexed object a container object for containing the annotation. If the node is not the arbiter node, then the node requests to be the arbiter node. If the node is the arbiter node, then the node determines whether the current indexed object is identical to the container object. If the current indexed object is not identical to the container object, then the node merges the annotation with the current indexed object and deletes the container object.

Abstract: A method data conferencing system, and storage medium for arbitrating among requests for services affecting objects of a distributed data conference supported by the data conferencing system, the requests for services originating from a plurality of nodes of the data conferencing system. According to a preferred embodiment, a hierarchical conference object structure has objects at a plurality of levels, wherein a distributed data manager object exists at a first level of the conference and at least one public object store exists at a second level of the conference, wherein the distributed data manager object is for containing the at least one public object store and the public object store is for containing at least one object at a third level of the conference. A first arbiter object arbitrates requests that affect objects at the second level. A second arbiter object arbitrates requests that affect the at least one object at the third level that are contained by the at least one public object store.

Abstract: The present invention is an apparatus and method for joining participants in a conferencing system. In a computer conferencing system having a plurality of participants coupled by a communication medium, each participant of the plurality of participants having a meeting manager, a process and apparatus is disclosed for joining participants in the conferencing system. This process comprises the steps of: 1) collecting public meeting information generated by any of the plurality of participants, the public meeting information includes zero or more pages of annotations; 2) receiving a connection indication from a joining participant; 3) receiving joining meeting information from the joining participant; 4) comparing the public meeting information with the joining meeting information and generating a set of differences; and 5) selectively sending the set of differences to the joining participant or the plurality of participants or both the joining participant and the plurality of participants.

Abstract: An apparatus and method for lining public and private pages in a conferencing system is disclosed. In a computer conferencing system having a plurality of participants coupled by a communication medium, a process for linking public and private pages comprises the steps of: 1) collecting public meeting information generated by any of the plurality of participants, the public meeting information including at least one public page of annotations; 2) collecting private meeting information from a local participant in which the meeting manager is resident, the private meeting information being different from the public meeting information, the private meeting information not accessible to the plurality of conference participants other than the local participant, the private meeting information including at least one private page of annotations; and 3) selectively linking the private page with the public page, the private page being implicitly accessed when the linked public page is explicitly accessed.

Abstract: A method and apparatus for communication between agents in an electronic conferencing system is disclosed. In an electronic conferencing system wherein data is shared between a plurality of participants during an electronic conference, a method is disclosed for transferring large object data blocks among the participants during the electronic conference comprising the following steps: a) receiving an asynchronous request for large object data; b) placing the request in a request queue; c) receiving an asynchronous request for reprioritization of the request queue; d) determining a transport medium capability; e) partitioning the large object data into data blocks, a size of the data blocks being variable and corresponding to the capability of the transport medium; f) transferring the requested large object data to each of the participants via the transport medium; and g) removing the request from the request queue upon completion of the step of sending the requested large object data.

Abstract: A method and apparatus is disclosed for data communication between agents, such as those in an electronic conferencing system. In an electronic conferencing a system wherein data is shared between a plurality of participants during an electronic conference users, a method is disclosed for maintaining consistency of the data among the participants during the electronic conference users.