Abstract: The subject innovation relates to systems and/or methodologies for using randomly positioned electromagnetic scatterers deposited into a predetermined region of an optical storage medium (e.g., Blue Ray DVD, HD DVD, CD, etc.) as a distinct three dimensional (3D) hard-to-copy digital rights management feature. A scatterers' topology is scanned using a matrix of antennas that sense the scatterers' electromagnetic response as the optical disc revolves at near-constant angular speed. The response, f, called an RF fingerprint, is then concatenated with an arbitrary text, t, that defines the digital rights management information imposed by the disk publisher.

Abstract: The invention relates to solutions of Lewis acids selected from the halogen-containing Lewis acids of the elements of groups 12 and 13 from the periodic table of elements, or mixtures of said Lewis acids, in aprotic, asymmetrically substituted ethers or in solvent mixtures that contain asymmetrically substituted ethers and hydrocarbons, to the production of the solutions according to the invention, and to the use in inorganic, organic and organometallic syntheses.

Abstract: A compressor unit includes a motor and a compressor in a casing of a gastight form. The casing houses the motor and the compressor. The motor includes a rotor surrounded by a stator which has an encapsulation formed on the inner diameter as a separating can, so that a medium being handled does not damage the stator. The separating can includes a polymer matrix which is reinforced using a plurality of fibers. The polymer matrix is at least partly a ceramic fiber reinforced polymer matrix. The plurality of fibers are formed as continuous filaments. The continuous filaments include the length of at least 30 mm.

Abstract: A separating can is provided. Fluid flow engines and drive motors can be encased in a housing, if a separation is made in the electric motor by a tube-shaped component, known as the separating can. The separating can must be sufficiently large to be strong and electrically non-conductive. The separating can is made at least partially of a ceramic or glass-like material, or is made at least partially of a polymer matrix reinforced using fibers.

Abstract: An evidence-based policy manager generates a permission grant set for a code assembly received from a resource location. The policy manager executes in a computer system (e.g., a Web client or server) in combination with the verification module and class loader of the run-time environment. The permission grant set generated for a code assembly is applied in the run-time call stack to help the system determine whether a given system operation by the code assembly is authorized. The policy manager may determine a subset of the permission grant set based on a subset of the received code assembly's evidence, in order to expedite processing of the code assembly. When the evidence subset does not yield the desired permission subset, the policy manager may then perform an evaluation of all evidence received.

Abstract: A host intercepts calls between two executables and determines whether the calls are permissible according to the host's security model which can be identify based, such as user identity based—for instance, mapping access rights within a specific data base user context to database object access. Such an identity security model differs from a common language runtime security model where managed code uses Code Access Security to prevent managed assemblies from performing certain operations. Managed assemblies registered with the host are host objects from the host's perspective for which access rights can be defined via security rules, such as are defined for individual user identities. A host can decide access between managed executables based on the host's identity based access rules by trapping any cross assembly calls and deciding whether such calls should proceed or be blocked from taking place based on the corresponding identity security settings.

Abstract: The invention relates to a highly reactive zinc form, to a method for the production thereof, and to the use of said highly reactive zinc form in synthetic chemistry.

Abstract: A diorganomagnesium-containing synthesis means, a method for its preparation and its use.

Abstract: All execution paths of one or more assemblies in managed code are simulated to find the permissions for each execution path. The managed code can correspond to a managed shared library or a managed application. Each call in each execution path has a corresponding permissions set. When the library or application has permissions to execute that are not less than the required permission sets for the execution paths, any dynamic execution of the library or application will not trigger a security exception The simulated execution provides a tool that can be used to ensure that code being written will not exceed a maximum security permission for the code. A permission set can be determined by the tool for each assembly corresponding to an application and for each entry point corresponding to a shared library.

Abstract: The subject innovation relates to systems and/or methodologies for using randomly positioned electromagnetic scatterers deposited into a predetermined region of an optical storage medium (e.g., Blue Ray DVD, HD DVD, CD, etc.) as a distinct three dimensional (3D) hard-to-copy digital rights management feature. A scatterers' topology is scanned using a matrix of antennas that sense the scatterers' electromagnetic response as the optical disc revolves at near-constant angular speed. The response, f, called an RF fingerprint, is then concatenated with an arbitrary text, t, that defines the digital rights management information imposed by the disk publisher.

Abstract: Evidence-based application security may be implemented at the application and/or application group levels. A manifest may be provided defining at least one trust condition for the application or application group. A policy manager evaluates application evidence (e.g., an XrML license) for an application or group of applications relative to the manifest. The application is only granted permissions on the computer system if the application evidence indicates that the application is trusted. Similarly, a group of applications are only granted permissions on the computer system if the evidence indicates that the group of applications is trusted. If the application evidence satisfies the at least one trust condition defined by the manifest, the policy manager generates a permission grant set for each code assembly that is a member of the at least one application. Evidence may be further evaluated for code assemblies that are members of the trusted application or application group.

Abstract: A host operating in a managed environment intercepts a call from a managed caller to a particular callee and determines whether the call is permissible according to the host's prior configuration of a plurality of callees. The particular callee, which provides access to a resource that the host can be protecting, can have been previously configured by the host to always allow the call to be made, to never allow the call to be made, or to allow the call to be made based upon the degree to which the host trusts the managed caller.

Abstract: Various mechanisms are disclosed for protecting the security of memory in a computing environment. A security layer can have an encryption layer and a hashing layer that can dynamically encrypt and then dynamically hash sensitive information, as it is being loaded to dynamic memory of a computing device. For example, a memory unit that can correspond to a memory page can be processed by the security layer, and header data, code, and protect-worthy data can be secured, while other non-sensitive data can be left alone. Once such information is secured and stored in dynamic memory, it can be accessed at a later time by a processor and unencrypted and hash checked. Then, it can be loaded back onto the dynamic memory, thereby preventing direct memory access attacks.

Abstract: Techniques for migrating content from a first set of conditions to a second set of conditions are disclosed herein. In particular, a content migration certificate is utilized to enable content migration and set forth under what conditions content may be accessed after migration. The content migration certificate may, for example, be stored as a file in a removable storage unit or transferred online once an indication that conditions have changed is received. The change in conditions may involve a new device attempting to access the content file, a new user attempting to access the content, or any other similar conditions. Access to the information in the content migration certificate may be protected by encryption so that only devices and/or users meeting the conditions of the certificate are permitted to transfer content. By accessing the content migration certificate in the prescribed manner, migration of content is enabled in a controlled and easy process.

Abstract: A one-time-settable tamper resistant software repository may be used in any computing system to store system information such as security violations and policies for responding to them. A one-time-settable tamper resistant software repository may be cryptographically signed, encrypted with a per device key and accessible by only the most privileged software executed by a computing device, e.g., hypervisor or operating system kernel. A one-time-settable tamper resistant software repository may be mirrored in RAM for performance. Recordable event fields in a software repository may be one-time-settable without the ability to reset them in a field operation mode whereas they may be resettable in a different mode such as a manufacturing mode.

Abstract: An individualized per device initialization of a computing device is unique relative to the initialization of other computing devices. A common initialization program, common to all computing devices of a particular type such as a game console, may be modified to be unique for each computing device. Modification may comprise the application of at least one individualized per device secret, e.g., key, to at least a portion of the common initialization program such as at least one initialization stage. Initialization is tied to one or more device specific identities. In this way, initialization vulnerabilities discovered on a particular device cannot be exploited en masse on other computing devices because each initialization program stored in each computing device is unique. The device specific nature of the initialization program may be extended to other information input to the computing device in order to prevent unauthorized sharing of information with other computing devices.

Abstract: Various techniques are described to protect secrets held by closed computing devices. In an ecosystem where devices operate and are offered a wide range of services from a service provider, the service provider may want to prevent users from sharing services between devices. In order to guarantee that services are not shared between devices, each device can be manufactured with a different set of secrets such as per device identifiers. Unscrupulous individuals may try to gain access to the secrets and transfer secrets from one device to another. In order to prevent this type of attack, each closed computing system can be manufactured to include a protected memory location that is tied to the device.

Abstract: Various embodiments of the present disclosure describe techniques for enforcing a subcomponent related security policy for closed computing systems. A closed computing system can include a list of subcomponents that identify the subcomponents it was manufactured with. The list can be used to determine if any currently attached subcomponents are different than the original ones. If a new subcomponent is detected, the device can perform a predetermined action in accordance with a security policy.

Abstract: Systems, methods, and computer readable media are disclosed for making dictionary based attacks difficult and/or time consuming for attackers. In one example embodiment, this can be accomplished by equipping a security service with software and/or circuitry operable to select security questions from different partitions of a question table.

Abstract: The invention relates to a highly reactive zinc form, to a method for the production thereof, and to the use of said highly reactive zinc form in synthetic chemistry.