Abstract: A system and method for authenticating a device is disclosed. In one embodiment, the method comprises generating an anti-tampering secret (ATS) associated with customer specific information (CSI); providing the ATS for secure storage by the device; receiving a message from the device, the certificate signing request comprising a certificate signing request, the CSI, and an authentication tag derived at least in part according to the ATS and the CSI; and authenticating the received message according to a comparison of the received authentication tag and a another authentication tag generated at least in part according to the received CSI.

Abstract: A system and method for signing data is presented. In one embodiment, the method comprises: generating a data signing key; transforming the data signing key into a first subkey and a second subkey; encrypting the first subkey according to a secret key of an ODSS; generating a signature verification public key; providing the signature verification public key, the encrypted first subkey, and the second subkey for storage in a client device; accepting a request to sign the data, the request having a representation of the data and the encrypted first subkey; generating a partially computed signature of the data according to the representation of the data and the encrypted first subkey; and providing the partially computed signature of the data to the client device.

Abstract: A method and apparatus for detecting disablement of a data backup process disclosed. The system inserts and periodically updates authenticatable sentinel data objects in the primary system. After the backup occurs, the backup data with the sentinel data objects are read and the sentinel data objects are detected and authenticated. If any of the sentinel data objects are not detected or cannot be authenticated, the system informs an administrator that the data backup has failed at least in part.

Abstract: A system and method for signing data is presented. In one embodiment, the method comprises: generating a data signing key; transforming the data signing key into a first subkey and a second subkey; encrypting the first subkey according to a secret key of an ODSS; generating a signature verification public key; providing the signature verification public key, the encrypted first subkey, and the second subkey for storage in a client device; accepting a request to sign the data, the request having a representation of the data and the encrypted first subkey; generating a partially computed signature of the data according to the representation of the data and the encrypted first subkey; and providing the partially computed signature of the data to the client device.

Abstract: A system and method for authenticating a user device is disclosed. In one embodiment, the method comprises: transmitting a request for credentials from the user device, wherein the request comprises a user device identifier and the credentials comprise an asymmetric key pair having a public key and an associated private key, the private key being encrypted; receiving the credentials in the user device, the credentials comprising the encrypted private key and the public key; retrieving quick response (QR) code data associated with the user device identifier from a QR code data directory, the QR code data generated from the public key and stored in the QR code data directory according to the user device identifier by a secure online service; extracting the public key from the QR code data; and establishing an authenticated and encrypted communication session with the user device according to the extracted public key.

Abstract: A system and method for signing data is presented. In one embodiment, the method comprises: generating a data signing key; transforming the data signing key into a first subkey and a second subkey; encrypting the first subkey according to a secret key of an ODSS; generating a signature verification public key; providing the signature verification public key, the encrypted first subkey, and the second subkey for storage in a client device; accepting a request to sign the data, the request having a representation of the data and the encrypted first subkey; generating a partially computed signature of the data according to the representation of the data and the encrypted first subkey; and providing the partially computed signature of the data to the client device.

Abstract: A method is provided for secure and direct delivery of digital media content directly from a content server to a casting digital media player. In the method, the digital media player is provided with a custom URL that contains concatenated information related to the IP address associate with the location of a key on a mobile device used to commence a casting session.

Abstract: Systems and methods are provided for digital rights management of licensed media content. Client library components and server library components provide digital rights management services. A client-side hosting application accesses client library functionality through invocation of client application programming interfaces (APIs). A server-side hosting application accesses server library functionality through invocation of server APIs. Licenses for specific media content can be requested and issued, and appropriately licensed media content can be played. Client and server library components can function essentially absent direct communication, such as that employing a transport layer. Communications between client and server library components can be carried by the hosting applications.

Abstract: A method is provided for secure and direct delivery of digital media content directly from a content server to a casting digital media player. In the method, the digital media player is provided with a custom URL that contains concatenated information related to the IP address associate with the location of a key on a mobile device used to commence a casting session.

Abstract: A method is provided for delivering a streaming media asset to a client device. For the method, a request is received over a communication network from a client device for playing a media asset in accordance with a streaming media technique. Prior to fully authorizing the client device to play the media asset, the client device is provided with access to a first cryptographic key that decrypts a subset of the media asset so that the client device is able to render the subset of the media asset before completion of the authorization. The subset of the media asset is less than all of the media asset. Subsequent to successfully fully authorizing the client device to play the media asset, the client is provided with access to at least one additional cryptographic key that decrypts a remainder of the media asset.

Abstract: Systems and methods are provided for digital rights management of licensed media content. Client library components and server library components provide digital rights management services. A client-side hosting application accesses client library functionality through invocation of client application programming interfaces (APIs). A server-side hosting application accesses server library functionality through invocation of server APIs. Licenses for specific media content can be requested and issued, and appropriately licensed media content can be played. Client and server library components can function essentially absent direct communication, such as that employing a transport layer. Communications between client and server library components can be carried by the hosting applications.

Abstract: A method is provided for delivering a streaming media asset to a client device. For the method, a request is received over a communication network from a client device for playing a media asset in accordance with a streaming media technique. Prior to fully authorizing the client device to play the media asset, the client device is provided with access to a first cryptographic key that decrypts a subset of the media asset so that the client device is able to render the subset of the media asset before completion of the authorization. The subset of the media asset is less than all of the media asset. Subsequent to successfully fully authorizing the client device to play the media asset, the client is provided with access to at least one additional cryptographic key that decrypts a remainder of the media asset.