Abstract: A system and method are introduced for a virtual application infrastructure (VAI) that executes apps remotely for users to interact with, preferably within a cloud-based container, while focusing on the user interactivity with these remote apps. A core innovation of the VAI lies in a novel method called ‘raining,’ designed to enable real-time interaction with remote applications, with a name that differentiates it from streaming. Unlike traditional streaming media, ‘raining’ an app requires only the discrete data of the current image of the app displayed in the cloud, eliminating the need for a history of previous data, such as required for audio and video. This innovative approach enables users to interact with remote apps efficiently, even when network bandwidth fluctuates. Additionally, the VAI may be offered as a service (VAI SaaS), which extends the advantages of traditional cloud deployments.

Abstract: A system and method is introduced for separating computing devices that work together. The computing devices appear to the user as a single device such as through using a single display and other I/O means. The output of computing devices such as the display output, may be monitored for unwanted display output to the user which may be filtered from the user. The device displaying unwanted content may then be reverted to a known state. Computing devices may communicate among themselves using display data while remaining separated. Secure services from the cloud to a user device may be offered through the separated computing devices that work together, services that utilizes separating and securing the user I/O from internet connected devices, while allowing to monitor and filter the internet connected devices. These services preferably use a key that is non-extractable for communicating with the secure cloud.

Abstract: A system and method is introduced for extracting application data and binding the application data and external existing data for generating actions and events. The scanning of application output data may be done independently of the applications and no data is revealed to the applications solving privacy issues, security issues as well as revenue sharing issues. Furthermore, application behavior is monitored based on its output to reveal anomalies. Such anomalies may be mitigated or sent to SOC for whitelisting or blacklisting. This mitigation may allow time to handle crisis situations and buy time for security firms to solve problems while allowing messages to arrive from the vendor rather than from an attacker. User input may be added to the extracted application data to reveal application bugs, issues and hacking attempts. Digital signs may be monitored and their display mitigated in case of a hacking attacks on the content displayed by the digital signs.

Abstract: A system and method is introduced for communicating over the internet with no internet attack surface using internet connected devices. An isolated device referred to as a dc device, is introduced to function as a place for carrying out computations in isolation from internet connected devices as well as from other instances within the dc device. A user is able to interact with the dc device through a dc terminal. The dc terminal may make use of the input/output interfaces of the user internet connected device, while maintaining the isolation of the dc device. A dc server is introduced for communicating with the dc device over the internet with no internet attack surface. Having introduced the dc device, the dc terminal and the dc server, a dc domain is defined where communication between devices and between users and devices takes place in the dc domain over the internet with no internet attack surface.

Abstract: A system and method is introduced for separating computing devices that work together. The computing devices appear to the user as a single device such as through using a single display and other I/O means. The output of computing devices such as the display output, may be monitored for unwanted display output to the user which may be filtered from the user. The device displaying unwanted content may then be reverted to a known state. Computing devices may communicate among themselves using display data while remaining separated. Secure services from the cloud to a user device may be offered through the separated computing devices that work together, services that utilizes separating and securing the user I/O from internet connected devices, while allowing to monitor and filter the internet connected devices. These services preferably use a key that is non-extractable for communicating with the secure cloud.

Abstract: A system and method is introduced for communicating over the internet with no internet attack surface using internet connected devices. An isolated device referred to as a dc device, is introduced to function as a place for carrying out computations in isolation from internet connected devices as well as from other instances within the dc device. A user is able to interact with the dc device through a dc terminal. The dc terminal may make use of the input/output interfaces of the user internet connected device, while maintaining the isolation of the dc device. A dc server is introduced for communicating with the dc device over the internet with no internet attack surface. Having introduced the dc device, the dc terminal and the dc server, a dc domain is defined where communication between devices and between users and devices takes place in the dc domain over the internet with no internet attack surface.

Abstract: Various embodiments include an apparatus, system, and method to control the distribution and usage of copyrighted digital content. The processing of a data file received over a communications network such as the Internet occurs both in a host digital appliance, such as a personal computer, notebook computer, audio player, video player, and the like, and in a very small digital rights management (DRM) module that is removably connected with the host. The processing makes it extremely difficult for the content of the data file to be obtained by an unauthorized person and/or utilized with an unauthorized DRM module.

Abstract: A system and method is introduced for combining a secure device with a non secure user machine for using and sharing secure data seamlessly through the non secure user machine. The secure device runs in a separate, “parallel world” to the user machine so that the user machine cannot access secure data while it is being used. Even if the user machine is already compromised, the secure data and its usage remain protected from the likes of key logging and screen captures. The secure device authenticates secure data handling to the user so that the user is able to differentiate between a secure and a non secure data usage, as well as identify false imitations of the secure environment.

Abstract: A system and method is introduced for combining a secure device with a non secure user machine for using and sharing secure data seamlessly through the non secure user machine. The secure device runs in a separate, “parallel world” to the user machine so that the user machine cannot access secure data while it is being used. Even if the user machine is already compromised, the secure data and its usage remain protected from the likes of key logging and screen captures. The secure device authenticates secure data handling to the user so that the user is able to differentiate between a secure and a non secure data usage, as well as identify false imitations of the secure environment.

Abstract: A system and method is introduced for combining a secure device with a non secure user machine for using and sharing secure data seamlessly through the non secure user machine. The secure device runs in a separate, “parallel world” to the user machine so that the user machine cannot access secure data while it is being used. Even if the user machine is already compromised, the secure data and its usage remain protected from the likes of key logging and screen captures. The secure device authenticates secure data handling to the user so that the user is able to differentiate between a secure and a non secure data usage, as well as identify false imitations of the secure environment.

Abstract: A system and method is introduced for combining a secure device with a non secure user machine for using and sharing secure data seamlessly through the non secure user machine. The secure device runs in a separate, “parallel world” to the user machine so that the user machine cannot access secure data while it is being used. Even if the user machine is already compromised, the secure data and its usage remain protected from the likes of key logging and screen captures. The secure device authenticates secure data handling to the user so that the user is able to differentiate between a secure and a non secure data usage, as well as identify false imitations of the secure environment.

Abstract: A system and method is introduced to facilitate the handover process of performers who are using digital vinyl systems (DVS). A DVS may be connected to an existing audio setup during the playing of another performer without interrupting the other performer and without disconnecting any connections in the existing audio setup. When the DVS is connected and a handover process is required, a switch is activated to select the DVS as the current active device for use. A DVS may be disconnected from an existing audio setup without interrupting another performer. The system may be implemented as part of an audio device or as a separate stand alone device.

Abstract: A system and method is introduced for protecting software from being altered, duplicated, inspected or used in an unauthorized manner. An autonomous software protection device is presented, containing encryption and decryption unit along with an independent execution environment such as a Java Virtual Machine to carry out computations in a protected environment. The software protection device carries out protected code and may make use of protected data to carry out protected computations. Unsecured memory may be used securely by software protection device through an internal virtual memory mechanism managed by the independent execution environment. The software protection device may serve an external computing device for making computations that are protected from software and data alteration and inspection while preventing duplication and usage not as intended by the software and data owner.

Abstract: An autonomous data storage device for storing data files via an external file interface, the external file interface being controllable from an external device, the device comprising: a physical file storage for homogenous storage of files; the external file interface configured to allow sector level access to at least part of the physical file storage to support standard operating file system calls; an internal sector policy management unit located in between the external file interface and the physical file storage for sector level policy enforcement of the physical file storage, for one or more of the sector level managed sectors, the unit having an input for receiving instructions from the external file interface for sector oriented operations, and being configured to carry out sector policy management operations in accordance with.

Abstract: A system and method is introduced for implementing a storage firewall for protecting files when a storage device connects to a digital appliance. A storage device may connect to a number of appliances and is therefore at risk of getting infected with viruses and other malware risking subsequent transfer of these infections to other appliances. The storage device is further at risk of leaking sensitive information or loosing critical information. The storage firewall protects data on a storage device that connects to a digital appliance in various manners using a standard, unencrypted partition and a standard file system. Protected and unprotected files may reside homogeneously on the file system of the storage device. Using the storage firewall, files on digital appliance may be protected from infected files residing on storage device connected to digital appliance. No application is required to be activated on digital appliance when storage device connects to digital appliance.

Abstract: A method and system is introduced for implementing a virtual memory mechanism that works internally to computer languages that prevent direct memory access. Virtual memory mechanism is implemented in a manner that is independent of executing environment. Virtual memory mechanism may include security features preventing program code and execution environment from being altered, viewed or copied.

Abstract: A system and method is introduced to facilitate the handover process of performers who are using digital vinyl systems (DVS). A DVS may be connected to an existing audio setup during the playing of another performer without interrupting the other performer and without disconnecting any connections in the existing audio setup. When the DVS is connected and a handover process is required, a switch is activated to select the DVS as the current active device for use. A DVS may be disconnected from an existing audio setup without interrupting another performer. The system may be implemented as part of an audio device or as a separate stand alone device.

Abstract: A method and system is introduced to allow expanding the storage capacity of a storage device using other storage device units in a dynamic manner. The expanded device may emulate a single large capacity media device. Files existing on device prior to device expansion may remain valid following device expansion. Capacity of storage devices and digital appliances making use of storage devices may be expanded. Instead of replacing a device with a larger capacity device, storage capacity can be expanded. The device may allow implementing file access policies to protected files.

Abstract: A system and method is introduced for using a physical keyboard with a computing device that has a display which may be a touch sensitive display. In the preferred embodiment the keyboard may be situated on top of the display covering part of the display or rotated behind the display allowing the entire display to be used. When the keyboard is placed over part the display the computing device automatically resizes the displayed information according to the visible part of the display and when the keyboard is rotated to the back of the device the computing device resizes the displayed information to make use of the entire display. The preferred embodiment provides a natural intuitive way to use a physical keyboard with a touch screen device in a similar manner to the operation of virtual keyboards on such devices.

Abstract: Various embodiments include an apparatus, system, and method to control the distribution and usage of copyrighted digital content. The processing of a data file received over a communications network such as the Internet occurs both in a host digital appliance, such as a personal computer, notebook computer, audio player, video player, and the like, and in a very small digital rights management (DRM) module that is removably connected with the host. The processing makes it extremely difficult for the content of the data file to be obtained by an unauthorized person and/or utilized with an unauthorized DRM module.