Abstract: A multimedia commerce brand offering environment is disclosed. Herein, a method for processing a multimedia commerce service includes the steps of storing service usage pattern data of a user using the multimedia commerce service, sensing a user action from a CPE of the user using the multimedia commerce service, comparing the sensed user action with the stored service usage pattern data of the user, extracting service usage pattern data of the user in accordance with the user action, and providing recommended commerce service information respective to the extracted service usage pattern data of the user.

Abstract: A method for providing access to media content from a media content provider is performed at an electronic device. The method comprises receiving, from a client device, a request for access to a media item. The method further comprises, in response to the request for access to the media item, initiating an analysis to determine whether the client device is authorized to access the requested media item based on detection of multiple different user identifiers using a same local-application universally unique identifier (UUID). A local-application UUID is assigned to each instance of an application provided by the media content provider. The method further comprises, in accordance with a determination that the client device is not authorized to access the requested media item based on detection of the multiple different user identifiers using the same local-application UUID, preventing access to the requested media item by the client device.

Abstract: A method for verifying positions of a plurality of monitoring devices includes selecting a second monitoring device by a first monitoring device. A first number of monitoring devices out of the plurality of monitoring devices is supervised, the plurality of monitoring devices being positioned such that each monitoring device of the plurality of monitoring devices can be monitored by at least one other monitoring device of the plurality of monitoring devices. Correct positions of the plurality of monitoring devices have been determined and stored prior to verification, and security information for secure communication has been exchanged between two of the plurality of monitoring devices for all of the plurality of monitoring devices.

Abstract: Implementations disclose an access control mechanism for peer-to-peer sharing technology. A method includes receiving, by a processing device of a first user device, an encrypted media item and a wrapped encryption key from a second user device via a peer-to-peer connection; transmitting, by the first user device, the wrapped encryption key and a request to a media server to determine whether the first user device is authorized to play the encrypted media item; receiving, from the media server, a response indicating the first user device is authorized to play the encrypted media item, the response comprising an encryption key derived from the wrapped encryption key; and decrypting the encrypted media item using the encryption key to play the media item.

Abstract: Gesture recognition systems that are configured to provide users with simplified operation of various controllable devices such as, for example, in-home controllable devices. In one implementation, the gesture recognition system automatically configures itself in order to determine the respective physical locations and/or identities of controllable devices as well as an operating mode for controlling the controllable devices through predetermined gesturing. In some implementations, the gesture recognition systems are also configured to assign boundary areas associated with the controllable devices. Apparatus and methods associated with the gesture recognition systems are also disclosed.

Abstract: Services from domainless machines are made available in a security domain under a virtual name. Each machine is not joined to the domain but can reach a security domain controller. The controller controls at least one security domain using an authentication protocol, such as a modified Kerberos protocol. One obtains a set of security domain credentials, generates a cluster name secret, gives the cluster a virtual name, and authenticates the machines to the domain controller using these items. In some cases, authentication uses a ticket-based protocol which accepts the cluster name secret in place of a proof of valid security domain membership. In some, the domain controller uses a directory service which is compatible with an active directory service; the cluster virtual name is provisioned as an account in the directory service. The cluster virtual name may concurrently serve clients on different security domains of the directory service.

Abstract: A secure computer architecture is provided. With this architecture, data is received, in a component of an integrated circuit chip implementing the secure computer architecture, for transmission across a data communication link. The data is converted, by the component, to one or more first fixed length frames. The one or more first fixed length frames are then transmitted, by the component, on the data communication link in a continuous stream of frames. The continuous stream of frames includes one or more second fixed length frames generated when no data is available for inclusion in the frames of the continuous stream.

Abstract: A system and method for sharing electronic content. A sending user can specify one or more criteria that a recipient memory device must have to store the content. The sending user can also specify a digital rights management control that can be associated with the content. The content can be transferred to the recipient if the recipient memory device has the specified properties. Software at the recipient can ensure that the content is handled in accordance with the digital rights management controls specified by the sender.

Abstract: A compliance checker to verify that a device complies with a policy is described. In one embodiment, the compliance checker comprises a compliance checker agent, to initiate the compliance check, in response to receiving the request, and an encryption checker upper driver above a level of a disk encryption driver, and an encryption checker lower driver, below the level of the disk encryption driver with a comparator to determine whether known data read from the upper driver is identical to known data read from the lower driver. The compliance checker plug-in in one embodiment verifies the compliance status of the device, based on the data from the comparator.

Abstract: A compliance checker to verify that a device complies with a policy is described. In one embodiment, the compliance checker comprises a compliance checker agent, to initiate the compliance check, in response to receiving the request, and an encryption checker to obtain an original data and a data stored on the storage. The system further comprising a comparator to determine whether known data read from the upper driver is identical to known data read from the lower driver. The compliance checker plug-in in one embodiment verifies the compliance status of the device, based on the data from the comparator.

Abstract: A computer system, such as a data storage system, implements techniques for deleting durably stored data without affecting the availability or durability of other data associated therewith. In some embodiments, data is encrypted prior to redundancy coding such that deletion of an encryption key used to encrypt the data renders that data inaccessible, but other data bundled in the same redundancy coded bundle remains available. In such embodiments, a shard containing deleted data may still be usable to regenerate other, non-deleted or live data still extant in the same bundle of shards.

Abstract: A content ingestion system and method allows a single pitch of media content and associated metadata to be provided by a content provider and processed into appropriate packages for different content distribution services or delivery platforms.

Abstract: A method and system are described for detecting unauthorized access to one or more of a plurality of networked victim computers in a victim cloud. The networked victim computers connect to one or more DNS servers. The system includes one or more decoy bot computers, which are operated as victim computers in the victim cloud. The system also includes one or more decoy control computers, which are operated as control computers that communicate with victim computers in the victim cloud. Threats are identified by analyzing data traffic communicated with the decoy bot computers and decoy control computers for information suspected of having being sent from a victim's computer without proper authorization, and by monitoring whether behavior of a DNS server deviates from expected behaviors.

Abstract: Systems and methods for protecting digital content using digital watermarks and for distributing that protected digital content are described. The digital watermark contains watermark information, fingerprint information, and any other information desired by the provider of the digital content. To insert the digital watermark in the digital content, a section of the digital content is selected, whether it is a random section or a desired section (such as the first or last section), and then that section is broken into a given number of individual slides. The digital watermark is created as an additional slide or frame and then placed between the slides of that section. These individual slides, which now contain the watermark, are re-combined and then re-attached to the remainder of the digital content when desired, such as on the fly or at the time of the user's purchase of the digital content.

Abstract: A video transmitting apparatus including: a first register that is set when receiving a CEC (Consumer Electronics Control) message which is transmitted by a video signal source and is reset in response to a leading edge of a predetermined voltage that is supplied from said video signal source; and a second register which reads an EDID (Extended Display Identification Data) of a video displaying apparatus, is set when a decision is made that said video displaying apparatus is a predetermined video displaying apparatus, and is reset when a state where an HPD (Hot Plug Detect) is in a state of low has continued for a predetermined period of time or longer, wherein when both of said first and second registers have been set, a determination is made that said video signal source, said video transmitting apparatus, and said video displaying apparatus have been connected.

Abstract: The disclosed subject matter relates to systems, methods, and media for media session concurrency management with recurring license renewals. More particularly, the disclosed subject matter relates to using recurring license renewals for concurrent playback detection and concurrency limit enforcement for video delivery services and managing server resources for handling such recurring license renewals.

Abstract: A method implemented in a computing system includes receiving communications from a client device to a first web server via the Internet. The communications are associated with a plurality of operations requested by the client device and to be performed by a web service implemented by both the first web server and a second web server. The method further includes, responsive to the received communications, arriving at a consensus between the first and second web servers regarding an agreed-upon order of operations to be performed in response to the requested operations and, upon arriving at the consensus, generating a response by performing the requested operations in the agreed-upon order at both the first and second web servers. The web service has the same state subsequent to performing the requested operations at the first and second web servers. The generated response is returned to the client device via the Internet.

Abstract: A method and system for managing payment card transaction instructions at a point of interaction (POI) device. The method includes storing one or more payment card transaction instructions received from an entity responsible for a plurality of payment cards usable with the POI device wherein the payment card transaction instructions are associated with at least one of a brand and a product of the entity. The method further includes receiving, from a merchant, a payment card identifier before or during a payment card transaction, the payment card identifier including a plurality of fields. The method also includes communicating to the central store at least a portion of one or more of the plurality of fields and transmitting the one or more payment card transaction instructions to the POI device, from the central store, that correspond to the one or more payment card transaction instructions associated with the payment card identifier.

Abstract: According to one embodiment, a re-encryption key generator which generates the re-encryption key based on the first private key, the second re-encryption key generation key, and a plurality of random numbers. The second re-encryption key generation key comprises a plurality of system-specific values and the second private key. The re-encryption key includes an exponent having a numerator portion and a denominator portion or a scalar having a numerator portion and a denominator portion. The numerator portion is in form of a linear coupling of the second private key on which at least one of a plurality of private values specifying relations between the system-specific values and the random numbers is allowed to act. The denominator portion is the first private key.

Abstract: A data transmission method includes requesting, by a plurality of transceivers, an authentication to a main controller, transmitting an authentication acceptance signal and separate decoding keys from the main controller to the transceivers, transmitting an encoded data bundle from the main controller to the transceivers and extracting, by each of the transceivers, some of data in the at least one encoded data bundle using the decoding key.

Abstract: A network information system, and a method of operation thereof, includes: an extraction module for extracting a unique device identification for sending to an e-commerce server, wherein the unique device identification is extracted from a network-connected device with a software application installed and not activated on the network-connected device; a settlement process module, coupled to the extraction module, for generating a notification based on the unique device identification for sending to a license server; and a key generation module, coupled to the settlement process module, for generating a product key for the unique device identification based on the notification for activating the software application to run on a computing device.

Abstract: A digital medium such as a DVD disk, may contain hidden content and apparent content. When loaded, a main or title menu may appear to provide an apparent link to apparent content and a non-apparent link to non-apparent content. The non-apparent link may require a user to perform a sequence of non-apparent control actions before providing access to the non-apparent content.

Abstract: A method of distributing media content using mobile communication devices including providing media access cards which promote selected media content to users of such devices whereby a user may access a web server associated with the media access cards and download application software enabling access to selected media content via a mobile device, the media access cards including a machine readable identification number code that identifies media content associated with the card whereby the application software facilitates reading and transmitting the code to a web server via the mobile device, receiving the identification number with the web server and using the identification number to locate a table value in a database wherein a plurality of media access cards identification numbers are associated with a media content table value, using the table value to identify media codes associated with the selected content server which transmits media to the mobile device.

Abstract: A method and system for receiving, processing, storing and sending data of internet connected devices, within an individual encrypted user environment. In a setup process the device sends a request to a server system to connect to the user environment. The server then presents a web page to the user containing the details of this request. The user can subsequently allow or not allow the device to connect to the user environment. If the user allows the device to send data, the application is searched within the user environment on the server system for correctly receiving and sending data from and to this device. In a use example an application running within the individual environment on the server system collects, processes or sends sensor data from devices connected to the individual environment and other applications within the same user environment.

Abstract: A system and method for embedding digital audio watermarks in audio source information based at least upon identified video content are described. An audio/video processing system receives audiovisual data. A video content analyzer within the system analyzes video source information of the audiovisual data, determines video content depicted by data in the video source information, and generates an indication of the video content. An audio watermark embedder of the system receives the indication, and based at least in part on the indication, adjusts watermark embedding parameters used for embedding the audio watermark in the audio source information.

Abstract: This technology manipulates both the plaintext and ciphertext before and after encryption respectively and prior to dissemination to recipients. The manipulation mitigates the possibility of discovery of the encryption key(s) and/or encryption parameters. Even if all of the encryption parameters are known and the encryption key is made available, considerable information would still need to be obtained to enable the recipient to be able to properly decrypt an encrypted message.

Abstract: A display apparatus, a broadcast signal receiving apparatus and methods thereof are provided. The display apparatus includes a signal receiver configured to receive data of content, a display configured to display an image, an interface comprising interface circuitry configured to communicate with a security processing module, and a processor configured to transmit first data of the content to the security processing module in response to a recording event of the content, to receive and store second data and information of a security identifier of the content from the security processing module, and to display an image of the content to which the security identifier is added based on the stored second data and information in response to a play-back event to the content.

Abstract: A video identifier uniquely identifying a video captured by a camera is generated. The video includes video frames and optionally concurrently captured audio as well as video metadata describing the video. Video data is extracted from at least two of the video's frames. By combining the extracted video data in an order specified by an identifier generation protocol, an extracted data object is generated. The extracted data object is hashed to generate the unique media identifier, which is stored in association with the video. The identifier generation protocol may indicate the portions of the video data to extract, such as video data corresponding to particular video frames and audio data corresponding to particular audio samples. The extracted data object may include a size of particular video frames, a number of audio samples in the video, or the duration of the video, for example.

Abstract: Implementations disclose merged video streaming, authorization, and metadata request. A method includes receiving, by a streaming server, a first request to view a media item from a client device via a connection between the client device and the streaming server, and sending a second request to an authorization server to verify that the client device is authorized to play the media item. The method further includes: prior to receiving a response from the authorization server, providing an encrypted portion of the media item to the client device via the connection, receiving, from the authorization server, a verification that the client device is authorized to play the media item, and sending, via the connection between the client device and the streaming server, a cryptography key for decrypting the encrypted portion of the media item to the client device.

Abstract: A server that includes an interface configured to receive a registration request from a control unit. The server further includes a processor configured to authenticate the control unit based on the registration request. The server is further configured to register a primary user device associated with the control unit and register a secondary user device associated with the control unit. The server is further configured to establish a control link between the control unit and the primary and secondary user devices. The control links facilitate control commands between the control unit and the primary and secondary user devices. The server is further configured to store the installation report in a server database.

Abstract: The disclosed embodiments provide security extensions for memory (e.g., non-volatile memory) by means of address and data scrambling and differential data storage to minimize exposure to side channel attacks and obfuscate the stored data. The scrambling function maximizes reverse engineering costs when recovering sequences of secret keys.

Abstract: The embodiments provide for binding files to an external drive, a secured external drive, or portable data locker. The files are bound in order to help restrict or to prevent access and modification by certain computers or users. Computers or users that are authorized or within the authorized domain are permitted full access. The files stored on the external drive may be bound in various ways. The files may be encapsulated in a wrapper that restricts the use and access to these files. The bound files may require execution of a specific application, plug-in, or extension. A computer may thus be required to execute program code that limits the use of the secured files. In one embodiment, the external drive provides the required program code to the computer. In other embodiments, the required program code may be downloaded from a network or provided by an external authority.

Abstract: A method is disclosed for offering transaction account consumers with payment term options to pay a minimum amount due early, defer payment into the following payment cycle, and pay a standard amount when due. When generating a periodic billing statement, the invention determines a consumer's eligibility to elect early payment, deferred payment, and regular payment. When a consumer is eligible for early payment, a received payment is compared to a discount rate tier, then a discount amount is calculated and credited to the consumer's account. When the consumer is eligible for deferred payment, the system calculates a new current minimum payment due by multiplying the current non-deferred balance by a predetermined percentage amount and adding the result to the deferred balance. When the consumer is not eligible for deferred payment, the system calculates a new current minimum due by summing the current non-deferred balance with the deferred balance.

Abstract: A secure computer architecture is provided. With this architecture, data is received, in a component of an integrated circuit chip implementing the secure computer architecture, for transmission across a data communication link. The data is converted, by the component, to one or more first fixed length frames. The one or more first fixed length frames are then transmitted, by the component, on the data communication link in a continuous stream of frames. The continuous stream of frames includes one or more second fixed length frames generated when no data is available for inclusion in the frames of the continuous stream.

Abstract: Systems and techniques of the management of the metadata of a database are presented. A provider is in communication with a database and a set of consumers of the database. Data may be changed by addition, editing or deletion from the database and such changes are recorded and/or maintained by the provider on a list of changes. The changes on this list may be associated with a sync token. The provider may also maintain a list of consumers and associate with each consumer a last sync token which describes when the last sync request and update on the database was made with the consumer. Data which is deleted from the database is recorded with a tombstone. The tombstone is maintained on the list of changes until all consumers have been made aware of the deletion—then the tombstone may be deleted from the list of changes.

Abstract: A method and system for tracking a marketing channel of an application is disclosed. A marketing channel tracking method includes generating identification information for identifying an editor and an application corresponding to the editor that provides a marketing channel of the application, transferring the identification information from the editor through a user terminal, and storing the identification information corresponding to a user terminal in response to the user terminal downloading the application through the marketing channel.

Abstract: An image processing device for recognizing an object corresponding to a registered image registered beforehand from an imaged image, comprising: an obtaining unit configured to obtain the imaged image; a recognizing unit configured to recognize an object corresponding to the registered image from the imaged image; and a detecting unit configured to detect, based on a registered image corresponding to an object recognized from the imaged image thereof, an area where another object is overlapped with the object corresponding to the registered image thereof.

Abstract: A method of setting function includes first to fourth steps. The first step connects a recording medium to a first electrical apparatus having an optional function either disabled or temporarily enabled, the recording medium containing license information to enable the optional function. The second step allows first electrical apparatus to authenticate the license information. The third step, subsequent to the second step, enables the optional function of the first electrical apparatus. The fourth step, subsequent to the third step, records the optional function as having been authenticated in the license information.

Abstract: Embodiments are directed to a secure MapReduce model for distributed processing and decoding of big data streams. An encoding engine may be employed to divide a data stream into equally sized segments. The segments may be encoded using a document key provided in a set of bundles. The bundles may contain encoded segment metadata, including the document key used to encode the stream. The document key and segment metadata may be encrypted using public key cryptography, and optionally included in the bundles. The encrypted bundles may be embedded into the encoded segments which may be provided to other network computers that include a decoding engine and an application engine. The encrypted bundles may be decrypted to obtain the document key for each encoded segment. The encoded segments may then be decrypted using the document key. And, each decoded segment may be provided to an application engine for further processing.

Abstract: Business rule statements written in a natural language are automatically converted into DRL language sentences. A language conversion apparatus 10 includes: a storage device 16 that stores syntax definition information 30 for defining syntaxes to convert a business rule statement written in a natural language into a DRL language sentence on a syntax basis, and conversion information 40 for converting element variables of the business rule statement into element variables of the DRL language sentence; and a CPU 11 that analyzes a syntax of the business rule statement by comparing the business rule statement with the syntax definition information 30 and converts the business rule statement into the DRL language sentence by referring to the conversion information 40.

Abstract: Systems and methods of securely storing and retrieving data are disclosed. A database may include a table of data with rows and columns and encrypted at rest. The data may be desired to be accessed by users. However, each user may have different access permissions and each row or column may have different characteristics, such as encryption, data type, and/or the like. As such, access to the data may be controlled in according to the characteristics of the data, the access permissions of the user, and/or the encryption of the data.

Abstract: Aspects relating to client server interactions using cookies are provided. A computer-implemented method is provided that includes receiving a request from a user for a first advertisement associated with a first advertiser, the request including first cookie data, the first cookie data including a first identifier specified for a first cookie, the first cookie being associated with a first group of advertisers including the first advertiser and a third advertiser, receiving a request from the user for a second advertisement associated with a second advertiser, the request including second cookie data, the second cookie data including a second identifier specified for a second cookie, the second cookie being associated with a second group of advertisers including the second advertiser and where the advertisers of the second group of advertisers are distinct from the advertisers of the first group of advertisers.

Abstract: Systems and methods are provided for securely providing a media stream from a server device to a remote player via a communications network. A request for a connection is received from the remote player at the server device via the communications network. In response to the request for the connection, an authorization credential is requested from a central server via the communications network. Further, in response to the authorization credential received from the central server, the media stream between the server device and the remote player can be established over the communications network. At least a portion of the media stream may be encrypted based upon the authorization credential.

Abstract: Systems and methods for providing one or more secure services are disclosed. One method can comprise authenticating and/or authorizing a user device to receive a security token. A request for information can be processed using the security token to facilitate the secure provision of services to the user device.

Abstract: Systems and methods are provided herein for automatically overriding an auto-skip command embedded in a media asset annotation when a user profile indicates a preference for content that is to be auto-skipped. To this end, a media guidance application may play back a media asset to a user, and detect therein a skip annotation that corresponds to a portion of the media asset that is to be played back. The media guidance application may, in response to detecting the skip annotation, access metadata indicating content of the portion, compare the metadata to entries of a profile of the user, and determine whether the user prefers the content based on the comparing. If the user prefers the content, the media guidance application may refrain from executing a skip command indicated by the skip annotation.

Abstract: Methods, systems, and devices are disclosed for providing control of an unmanned aircraft (UA). A server may receive an indication from a UA that a transition from autonomous flight to pilot controlled flight is required while the UA is in autonomous flight. The server may select a pilot station for providing pilot controlled flight of the UA. Selecting a pilot station for providing pilot controlled flight of the UA may be based on a pilot criterion associated with the pilot station. A UA may detect a condition that requires a transition from autonomous flight to pilot controlled flight and establish a pilot criterion for pilot controlled flight based on the detected condition. The UA may send a request for a pilot that includes the pilot criterion and information about the condition.

Abstract: Approaches for operating a network personal video recorder operated by a content provider. The network personal video recorder may be located at a head-end of a digital content provider. A network personal video recorder receives, from a user, authentication credentials that provide the network personal video recorder access, via the Internet, to a storage medium belonging to or associated with the user. After the user instructs the network personal video recorder to record a video program, the network personal video recorder stores a copy of the video program on the user's storage medium using the user-provided authentication credentials. Thereafter, when the user wishes to view the video program, the user can instruct the network personal video recorder to read the copy of the video program from the storage medium and play the video program on a device of the user.

Abstract: This disclosure relates generally to multi-factor authentication, and more particularly to method and system for multi-factor authentication. In one embodiment, the method includes receipt of an audio input at a device, and a plurality of authentication parameters from at least one of the device and a server communicably coupled to the device. The plurality of authentication parameters are encrypted to generate a plurality of encrypted authentication parameters. The plurality of encrypted authentication parameters are embedded as watermarks into the audio input to generate a watermarked audio signal. The watermarked audio signal are encrypted to generate an authentication audio signal. The authentication audio signal is transmitted to an authentication server over an audio communication channel to authenticate the access at the device.

Abstract: A system that incorporates the subject disclosure may perform, for example, receiving an over-the-air programming message that includes programming data for use by the mobile communication device, decrypting the over-the-air programming message utilizing a first keyset to generate a decrypted over-the-air programming message, determining a schedule for providing messages from a secure device processor to a secure element of the mobile communication device where the secure device processor is separate from the secure element and in communication with the secure element, and providing the decrypted over-the-air programming message to the secure element according to the schedule. Other embodiments are disclosed.

Abstract: Technologies to provide a secure data storage service in a cloud computing environment are generally disclosed. In some examples, a method comprises: partitioning a data resource into data particles, assigning logic groups to the data particles, assigning physical storage groups to the data particles, and/or storing each physical storage group at corresponding storage resource, receiving a request for the data resource, determining whether the request for the data resource is valid, and if the request is valid, transmitting the data particles of the data resource to the client. The method enables improved security for accessing data, and also improves the user experience in cloud computing environments.