Abstract: A method of securing a network from vulnerability exploits, including the steps of a traffic analysis engine receiving a plurality of packets destined for an internal operating system; the traffic analysis engine selectively forwarding the packets to at least one virtual machine emulating the internal operating system; the virtual machine processing each forwarded packet; a rapid analysis engine identifying a malicious packet from the processed packets; and the rapid analysis engine creating a new signature to identify the malicious packet.

Abstract: Methods, systems and computer readable mediums storing computer executable programs for managing network traffic within a virtual network system. A virtual network system defined within a physical network device is identified. A first virtual network device defined within the virtual network system is identified. A virtual network appliance within the physical network device is defined. The virtual network appliance is communicatively coupled to the first virtual network device. The virtual network appliance is communicatively coupled to the virtual network system. The virtual network appliance is operable to manage network traffic associated with the first virtual network device.

Abstract: Methods, systems and computer readable mediums storing computer executable programs for managing network traffic within a virtual network system. A virtual network system defined within a physical network device is identified. A first virtual network device defined within the virtual network system is identified. A virtual network appliance within the physical network device is defined. The virtual network appliance is communicatively coupled to the first virtual network device. The virtual network appliance is communicatively coupled to the virtual network system. The virtual network appliance is operable to manage network traffic associated with the first virtual network device.

Abstract: A method of securing a network from vulnerability exploits, including the steps of a traffic analysis engine receiving a plurality of packets destined for an internal operating system; the traffic analysis engine selectively forwarding the packets to at least one virtual machine emulating the internal operating system; the virtual machine processing each forwarded packet; a rapid analysis engine identifying a malicious packet from the processed packets; and the rapid analysis engine creating a new signature to identify the malicious packet.

Abstract: In Authorized Domains the management of which devices that can access content is a key issue. The Authorized Domain must be limited to a relatively small group of devices to get a solution that is acceptable to both content providers and users. However, current solutions are typically either to rigid to be future proof and user friendly or not effective enough in limiting the size of the Authorized Domain. This invention provides a user-friendly, flexible and yet effective method of managing the size of an Authorized Domain. The method proposes to group devices in the Authorized Domain into clusters, if a predetermined requirement is met, and to limit the number of clusters. Such a predetermined requirement could be a proximity requirement.

Abstract: This invention relates to a method of processing rights relating to content, that can be communicated between devices. Typically, a Digital Rights Management (DRM) system imposes limitations of use and distribution, imposed by the service provider, content provider or distributor. The method of the invention renders it possible for a user who has received DRM rights to restrict the right further. The invention is more particularly related to the receipt of DRM rights to Authorized Domain Digital Rights Management (AD-DRM) systems and the introduction of user attributed rights in the form of further restrictions introduced to the received DRM rights. The invention further relates to a Rights Program Template (RPT) facilitating the introduction of such further restrictions in a user friendly way. Finally, the invention relates to a system supporting the method of the invention.

Abstract: The invention relates to a data carrier (DC) for carrying a data content (CONT) belonging to an authorized domain (AD). Said data carrier (DC) comprises a data carrier data right management system (M-DRM) ruled by first rights (R1) of exporting said data content (CONT) to a reading apparatus (RA). Said authorized domain comprises a domain data right management system (AD-DRM) ruled by second rights (R2) of exporting said data content (CONT) to a reading apparatus (RA), said second rights depending on whether the reading apparatus belongs to the authorized domain. The data carrier (DC) comprises said data content (CONT) stored within a data carrier data content file (CCF) having a data carrier format specified by said data carrier data right management system (M-DRM), a data carrier license (ML) comprising said first rights (R1) and a domain license (DL) comprising said second rights (R2), said domain license (DL) being stored as a data carrier domain license file (CDLF) having said data carrier format.

Abstract: This invention relates to a system and a method of generating an Authorized Domain (AD) by selecting a domain identifier, and binding at least one user (P1, P, PN1), at least one device (D1, D2, . . . , DM), and at least one content item (C1, C2, . . . , CNZ) to the Authorized Domain (AD) given by the domain identifier (Domain ID). Hereby, a number of verified devices (D1, D2, . . . , DM) and a number of verified persons (P1, P2, . . . , PN1) that is authorized to access a content item of said Authorized Domain (100) is obtained. In this way, access to a content item of an authorized domain by a user operating a device is obtained either by verifying that the content item and the user is linked the same domain or by verifying that the device and the content item is linked to the same domain. Thereby, enhanced flexibility for one or more users when accessing content in an authorized domain is obtained while security of the content is still maintaining. This is further done in a simple, secure and reliable way.

Abstract: The present invention relates to a method, for a controller (103) for invoking actions on a device (105), of determining which actions are authorized to be invoked on said device (105). The controller (103) is adapted for invoking actions on the device (105) by sending an action command (A1, A2, A3, A4) to said device (105). Each of said predefined action commands (A1, A2, A3, A4) can be sent to invoke a specific action on the device (105). The method comprises the step of transmitting an checking-checking query (107, 109, 111, 113) to determine authorizations related to at least one of said actions that can be invoked on the device (105) by said action commands. The method further comprises the step of receiving an indication (115, 117, 119, 121) of authorizations related to the at least one of said actions being invoked on the device (105). Thereby a controller can know in advance, which actions are authorized to be invoked on the device.

Abstract: The present invention relates to a method, a system and a central device for secure content distribution among devices in a network. The invention is based on the idea that an authorized domain is set up with a central device administering the network. When a device enters the network, the central device registers the entering device and issues at least one certificate to the entering device. The registration to ensure that the entering device is an authorized device, meaning that an authorized device manufacturer has provided the device. Due to network security, non-authorized devices are not accepted in the network. Content is distributed among the devices in the network based on authentication by means of the at least one certificate issued to each device. The distribution of content from a first device to a second device is enabled by the first device authenticating the second device, by means of the at least one certificate of the second device and vice versa.

Abstract: A living free-radical polymerization process for preparing polymers from vinyl aromatic monomers comprising polymerizing the vinyl aromatic monomer in the presence of a difunctional nitroxyl initiator.

Abstract: A living free-radical polymerization process for preparing polymers from vinyl aromatic monomers comprising polymerizing the vinyl aromatic monomer in the presence of a difunctional nitroxyl initiator.

Abstract: A process of polymerizing a monomer capable of undergoing free radical polymerization, comprising contacting the monomer with a diradical initiator at a temperature sufficient to initiate free radical polymerization, wherein said diradical initiator contains sites of C--C unsaturation which cyclize to form a diradical.

Abstract: Ortho-aromatic diaryl ethers, such as o-biphenylyl phenyl ether, are hydrolyzed to corresponding phenolic compounds, such as o-phenylphenol and phenol, when contacted with water in the presence of ceria or thoria at a temperature of between about 250.degree. C. and 700.degree. C.

Abstract: Impact-resistant transparent polymeric compositions are prepared comprising particulate diene-monovinylidene aromatic block copolymer elastomer dispersed in a matrix comprising polymerized monovinylidene aromatic and acrylate monomers. These compositions can be advantageously prepared by adding the elastomeric block copolymer to an agitated polymerization system at a point where the elastomer will become dispersed as particles immediately or nearly immediately after addition.