Abstract: Methods are described for a data creator to securely send a data payload to another device in a transient symmetric key technology (TSKT) system, and for the other device to securely receive the payload data. One method includes receiving a first seed and a formula from a command and control server. A second seed is generated, and the first seed and the second seed are combined using the formula to create a data seed. A first key is generated using the first seed, and the second seed is encrypted using the first key to form an encrypted second seed. A second key is generated using the data seed, and the data payload is encrypted using the second key to form an encrypted data payload. The encrypted data payload and the encrypted second seed are combined in a secure container, and subsequently all keys and seeds and the formula are destroyed.

Abstract: Apparatus and methods for provisioning of customer premise equipment (CPE) equipped with a secure microprocessor to receive e.g., digital video content by entering unique identification of the CPE at one or more servers located at the headend or other location of a content-based network. In one embodiment, the CPE comprises a download-enabled (e.g., DCAS) host with embedded cable modem and embedded set-top box functionality, and the provisioning includes enabling DOCSIS functionality of the CPE, assigning an IP address to the CPE and providing the CPE with a client image for the conditional access system chosen by the network operator. In one variant, the network operator can deactivate a provisioned device while connected to the network, as well when disconnected from the network. The network operator can also add, delete or replace conditional access client image in a provisioned device.

Abstract: A data processing method based on an unmanned vehicle, the method including acquiring data generated in an unmanned vehicle operating environment of the unmanned vehicle and type information of the unmanned vehicle operating environment; acquiring a data transformation logic corresponding to the type information from a pre-stored adaption repository, which stores data transformation logics corresponding to different type information; and transforming a data structure of the data according to the data transformation logic corresponding to the type information to obtain data in compliance with a preset data structure. By transforming data generated in different unmanned vehicle operating environments into data in compliance with the preset data structure, the cloud server can be assisted in analyzing and consistently processing the data in compliance with the preset data structure after they have been transmitted to the cloud server, thus improving the data processing efficiency.

Abstract: Various embodiments are provided for securing data compression in a computer environment are presented. Encryption cycles of a data compression stream may be optimized by applying a first type of encryption on a first section and a last section of compressed data and a second type of encryption on a middle section of compressed data, the first type of encryption containing key information relating to the middle section of the compressed data.

Abstract: A method may include determining a location of an unmanned aerial vehicle (UAV); generating a set of mission plans based on the location of the UAV, each mission plan including respective mission plan parameters; receiving a selection of a mission plan of the set of mission plans; obtaining mission plan parameters for the selected mission plan; and transmitting the obtained mission plan parameters to the UAV to configure the UAV according to the obtained mission parameters.

Abstract: The present technology pertains to responding to a kernel level file event for a content item and presenting a file event window associated with the content item. A client device can detect the kernel level file event for the content item. This can be accomplished using a kernel extension on a client device that is networked with a content management system. The client device can then retrieve data associated with the content item, including an instruction for the content item. The client device can then perform the instruction. This instruction can be to retrieve collaboration data from the content management system and present the collaboration data in a file event window.

Abstract: An improved method or security solution for securing cryptographic keys in a virtual machine RAM. A security solution is proposed to hide cryptographic keys in the cloud, without the necessity of any architectural modifications. The present solution requires the availability of a Trusted Platform Module (TPM) capable of creating and holding a protected public/private key pair. It lends itself to security-as-a-service scenarios where third parties perform encryption or decryption on behalf of data owners. This allows the present solution to be easily integrated and coupled with other existing cloud architectures. A decrypt-scatter or gather-decrypt solution which allows users to carry out encryption or decryption while protecting keys from unauthorized peeks by the cloud administrators is proposed.

Abstract: An object of the present invention is to provide a technique that allows automatically generating a processing recipe from an inspection image even when the inspection image varies by being affected by an imaging condition of a processing device. A processing recipe generation device according to the present invention generates a converted image in which components relying on the imaging condition of the inspection image are reduced and generates a processing recipe using a target image generated using a conversion condition same as that of the converted image (see FIG. 2).

Abstract: A method may include transmitting a first public encryption key from to a control device and encrypting a first packet for a remote network device utilizing a first private encryption key correlated with the first public encryption key. The method may also include generating a second public encryption key and a second private encryption key and transmitting the second public encryption key to the control device. The method may additionally include receiving a first message from the remote network device that the remote network device received the second public encryption key from the control device, and after receiving the first message from the remote network device that the remote network device received the second public encryption key, encrypting a second packet utilizing the second private encryption key.

Abstract: This disclosure relates to method and system for providing explanation for output generated by artificial intelligence (AI) model. The method may include receiving encrypted input data and a public encryption key from a client device, wherein the encrypted input data is encrypted using the public encryption key. The method may further include generating an encrypted AI model by encrypting an AI model using the public encryption key. The method may further include generating an encrypted output and an encrypted feature data based on the encrypted input data using the encrypted AI model, and generating an encrypted explanation for the encrypted output based on the encrypted feature data. The method may further include providing the encrypted output and the encrypted explanation to the client device for rendering, wherein the encrypted output and the encrypted explanation are decrypted by the client device using a private encryption key.

Abstract: This disclosure relates to, among other things, systems and methods for the secure management and distribution of electronic content over broadcast communication channels. Certain embodiments disclosed herein may allow for implementation of a multi-tenant conditional access system whereby a client device may configure itself between multiple broadcast service operators. Robust key generation and management techniques are also described that may use a derived key structure to protect control words used to descramble broadcast content, providing additional measures of security and implementation redundancy.

Abstract: Described herein are a system and methods for obfuscating sensitive data during a data capture event in order to prevent unauthorized reproduction of that sensitive data. In some embodiments, an event listener detects an event likely to result in a data capture and notifies an obfuscation module. The obfuscation module then identifies sensitive data fields, determines an appropriate obfuscation technique for each data field, and obfuscates the identified data fields for the duration of the event. In some embodiments, any active data input actions may be canceled. In some embodiments, the data values within the obfuscated data fields may be revealed upon completion of the event.

Abstract: Methods and systems for accelerated input data conversion include partially parsing an input data set to convert the data set from a first format to a second format in an intermediate output having at least one unparsed portion to quickly perform a majority of the conversion. The partial parsing operates on portions of the input data set having a size less than a threshold size and leaves portions of the input data having a size greater than the threshold size unparsed. The intermediate output is parsed to convert at least one unparsed portion from the first format to the second format in a final output to complete the conversion such that a combined parsing time of the partial parse of the input data set and the parse of the intermediate output is accelerated relative to a single-stage parsing.

Abstract: Provided are a system and method of encrypting a folder in a device. The device for controlling access to the folder includes a communication part configured to transmit, to a server, an encryption key generation request with respect to the folder, and receive, from the server, an encryption key associated with the folder that is generated in response to the encryption key generation request, wherein the encryption key generation request includes an identification of the folder and authentication data of a user who accesses the folder is an authorized user; and a controller configured to authenticate the user by using the encryption key.

Abstract: A method includes obtaining, by a first computing device, a digital exchange item. The method further includes sending, to a server, a request to share the digital exchange item with a group of computing devices. The method further includes determining, by the server, whether the digital exchange item can be shared based on one or more of: an issuer agreement and exchange item rules. When the digital exchange item can be shared, the method further includes the server establishing secure custody rights for each computing device, determining haring rights regarding the digital exchange item, and generating replications of the digital exchange item. The method further includes the server uploading the replications and the sharing rights to digital wallets associated with the computing devices of the group.

Abstract: Some embodiments of the present disclosure may relate generally to a dynamic graphical user interface (GUI) architecture that helps provide a user-friendly and flexible capability for software users to create and manage software application rules. These rules may help with processing by a software service or software platform. Other embodiments may be disclosed and/or claimed.

Abstract: Aspects of the disclosure relate to preventing unauthorized screen capture activity. A computing platform may detect, via an infrared sensor associated with a computing device, an infrared signal from a second device attempting an unauthorized image capture of contents being displayed by a display device of the computing device. Subsequently, the computing platform may determine, via the computing platform, the contents being displayed by the display device. Then, the computing platform may retrieve a record of the contents being displayed by the display device. Then, the computing platform may determine a risk level associated with the infrared signal. Subsequently, the computing platform may perform, via the computing platform and based on the risk level, a remediation task to prevent the unauthorized image capture.

Abstract: A computerized exchange network enables verifying vehicle banner production and image alterations, such as altering images to include indicia for example. In an embodiment, verifying successful production of a vehicle banner by a printing device enables remittance of a cooperative advertising reimbursement. In another embodiment, verifying image alterations by a computing device enables remittance of a cooperative advertising reimbursement.

Abstract: An electronic device includes: a radio for reception of a broadcasted signal having a message, at least a part of the message has been encrypted with a first key, wherein the first key has been encrypted with a second key to result in an encrypted first key; an authenticator configured for authentication of the message by decrypting the encrypted first key with a third key, and decrypting the at least a part of the message with the first key; and a processing unit coupled to the radio; wherein the second key has a value that is different from a value of the third key; and wherein the message comprises (1) a first payload broadcasted with the encrypted first key, and (2) a second payload broadcasted without the encrypted first key.

Abstract: A first user saving a file f is detected. The file f is intercepted. A filename and one or more text strings entered as searchable metadata are also intercepted. An identifier id(f) is generated for the file f. The filename, the one or more text strings, and id(f) are stored together on a content address server. A symmetric encryption key KF is generated. File f is divided into n segments. An identifier id(si) is generated for each segment si. Each si is encrypted using KF, producing n encrypted segments esi=ESKF(Si). Each esi is stored with its id(si) on a peer device. For each esi, id(si) is stored on the content address server with id(f). A public key KU2 of a second user is retrieved, KF is encrypted with KU2, producing wrapped key KW2 EAKU2(KF), and KW2 is stored on the content address server with id(f).

Abstract: A federated smart user identification (ID) having embedded tiered/hierarchical entitlements. The federated smart user ID comprises an encrypted key having multiple key strings that create sub-zones/barriers within the key. Each key string includes logical code and is attached/associated with at least one of (i) a computing system, service, application or the like, and (ii) an entitlement zone of the system, service, application or the like. Thus, the individual key strings define which systems, services, applications and the like the user has access to and the entitlements/authorizations within those systems, services, applications that the user has. In addition, key strings can dynamically be added to or deleted from the key to thereby change system/service access authorization and/or system/service-level entitlement.

Abstract: Methods are provided. A method includes receiving, by a real-time visual media generation engine of a streaming server, a visual medium input to be formed into a living artwork. The method further includes generating, by the real-time visual media generation engine, variational versions of the visual medium input as the living artwork. Each of the variational versions has one or more image elements altered based on one or more variables. Each of the variational versions is unique with respect to each other and persists for a period of time while non-variational versions maintain static content.

Abstract: One embodiment described herein provides a system and method for isolating data written by different users on a cloud drive. During operation, the system receives a write request from a first user comprising to-be-written data, the to-be-written data being associated with a writer's identifier for the first user. The system then writes the to-be-written data bound with the writer's identifier into physical media associated with the cloud drive, thereby facilitating user data isolation by preventing a second user having a reader's identifier that is different from the writer's identifier of the first user from gaining access to the written data.

Abstract: A set-top box (STB), digital video recorder (DVR), video player or other host device receives and interacts with a transcode module to provide enhanced transcoding capabilities that may be useful in placeshifting or other applications. The transcode module includes a host interface that couples to and communicates with the host device. The transcode module also includes a processor that receives an encrypted media stream from the host device via the bus interface, decrypts the encrypted media stream, transcodes the encrypted media stream to a different format, re-encrypts the transcoded stream, and provides the re-encrypted media stream to the host device via the host interface. The transcoded media content may be placeshifted to a remote player, stored at the host, or used for any other purpose.

Abstract: Autonomous embedded data cognition enables data to perform real-time environmental configuration control, self-manage, perform analyses, determine its current situation, and evaluate behavior to respond accordingly. When created, security measures, and access controls are selected. Highly sensitive data can be extracted and substituted with creator label and/or functional representation. Data-to-data reasoning and analysis can be performed. The processing method comprises autonomous monitoring for a state change and analyzing the current user to determine if the instantiation should exist. If affirmed, the cognition engine automatically configures the computational environment in which it resides. If denied, environmental behavior is further analyzed for security problems or an erroneous situation. If detected, the creator is alerted and provided with incident information enabling remote creator control of the data. Cognitive data can decide to self-destruct mitigating risk of undesirable instantiations.

Abstract: A method for decreasing the risk of unauthorized access to an embedded node in a secure subsystem of a process control system includes receiving a message comprising a message header and a message payload, and determining that the message is an unlock message configured to access one or more protected functions of the embedded node, at least by analyzing a bit sequence of one or more bits in the message header. The method also includes determining whether a manual control mechanism has been placed in a particular state by a human operator, and, based upon those determinations, either causing or not causing the embedded node to enter an unlocked state in which one or more of the protected functions are accessible.

Abstract: A software license and a software installation process are managed. A status of the license can be one of at least a third party reserved status, a requester reserved status, a requester allocated status, and an available status. A first module can be operative to change the status of the license from the third party reserved status to the requester allocated status in response to receiving a mode selection. The mode selection can correspond to one of one or more modes. The modes can comprise a reserve license mode, a remove reserve mode, a request license allocation mode, a return excess license to inventory mode, an ordering mode, and an add license to inventory mode. The first module can be operative in at least one of the modes.

Abstract: A technique and system protects documents at rest and in motion using declarative policies, access rights, and encryption. Methods, techniques, and systems control access to documents and use of content in documents to support information management policies.

Abstract: Examples of the present disclosure describe systems and methods for implementing an external module comprising new and/or offloaded processing functionality. In aspects, an external module may be configured to be selectively and communicatively coupled to an information appliance device. The external module may be configured with or receive hardware, software, data and/or instructions for processing content and operations received by the information appliance device. When operations are received by the information appliance device, the information appliance device may parse the operations into commands to be performed by the information appliance device and commands to be performed by the external module. The information appliance device may transmit the commands to be performed by the external module to the external module. The external module may then process and/or perform the received commands and render the resulting content to a display device.

Abstract: An embedded picture can be embedded with secret embedded payloads. A method is disclosed for performing trusted binding between a first participant and a second participant based on RSA cryptosystem using the embedded picture having a first area assigned to the first participant for a first secret embedded payload, and a second area assigned to the second participant for a second secret embedded payload. Multiple payloads may be embedded in the embedded picture by multiple participants. Each payload can only be encrypted and decrypted by its corresponding participant. Multiple participants may form a trusted network, in the network each participant can be recognized and validated digitally. Accordingly, various activities such as transaction of digital credit card, verification of digital identification (ID) card, transaction of digital currency note may be performed using the trusted network.

Abstract: The disclosed method for assuring authenticity of electronic sensor data may include (i) capturing, using a sensor within a device, electronic sensor data, and (ii) digitally signing, using a cryptoprocessor embedded within the device, the electronic sensor data to create a digital signature that verifies that the signed electronic sensor data has not been modified since the electronic sensor data was captured by the sensor. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A method for identifying a peripheral device from a digital content having been received by said peripheral device from a master device located at a user end, said master device being further configured to be connected to a server located at a back end, said method comprising the steps of: receiving, by the master device from the peripheral device, at least peripheral identification data; generating, at the master device, a first mark as a function of at least a part of said peripheral identification data; and watermarking said digital content using said first mark before transmitting said digital content to said peripheral device.

Abstract: A method and system of software, firmware, and conditionally-transparent media to provide recorded visual image privacy through the use of flicker fusion-based obscuration. Such conditionally-transparent media possess the capability to display programmable image and pattern-based opacity gradations and adjustments which are invisible to the human eye and yet disrupt clear image capture with visual recording devices. Use of this invention will limit the gathering and generation of visually-discernable image content using visible light transparent materials, for the purpose of limiting the successful recording of imagery that a user wishes to obscure for the purposes of privacy.

Abstract: The present invention discloses methods and systems for tagged-signal verification.

Abstract: Hashing data using an image by performing a bit by bit concatenation of input text and hash key. The result is concatenated bit by bit with the salt. A two bit by two bit multiplication between the result and the reverse of the result is performed to get a next output. The bits of this output are used as coordinates to extract pixel and RGB values from an image. The extracted values are merged to form a string. The string is truncated to a desired length, and then split into two equal strings. A bit by bit concatenation is performed on the split strings to get a hash output.

Abstract: A method and system for Digital Right Management (DRM) enforcement on a client device is provided. The method includes: determining client requested digital content; retrieving DRM data associated with the requested digital content; bundling the associated DRM with the requested digital content; transmitting the bundled DRM and digital content to the client device; and enforcing the DRM on the client device. The system includes: a client device configured to issue a request for digital content; a content review module configured to retrieve DRM data associated with the requested digital content; a bundler module configured to bundle the associated DRM with the requested digital content; a connection module configured to transmit the bundled DRM and digital content to the client device; and an enforcement module configured to enforce the DRM on the client device.

Abstract: A display device includes: a display unit daisy-chain connected to a source device that outputs an image signal encoded with a prescribed version of a standard specified as a prescribed standard, displaying an image generated by decoding the image signal encoded with the prescribed version; a determination unit that determines the number of connected sink devices that are daisy-chain connected to the source device; and a setting unit that sets, from among the prescribed versions, a version in which the image that was generated by decoding the image signal encoded by the source device is displayable on the display units of all of the daisy-chain connected sink devices, depending on the number of connected sink devices.

Abstract: The present application discloses a video scrambling method and device with adaptive mode selection, a network camera and a readable storage medium, which are used for scrambling a video code stream. The video scrambling method with adaptive mode selection comprises: firstly acquiring a video code stream and determining the frame type of a current frame; and then scrambling, according to the frame type of the current frame, the data subjected to entropy decoding by using a scrambling method corresponding to the frame type. The video scrambling device with adaptive mode selection in the present application comprises a determination module and a scrambling module. According to the method and device of the present application, I-frames and P-frames are respectively scrambled, without changing the original coding standard format, effectively scrambling the video contents, and improving the security of video content information.

Abstract: A managed directory service receives a request to add a domain controller to a directory. In response to the request, the managed directory service determines, based on locations of other domain controllers of the directory, a location for the domain controller. The managed directory service provisions the domain controller at the location and associates the domain controller to the directory. The domain controller is activated in order to perform directory operations for the directory.

Abstract: Apparatuses, methods, and systems are disclosed for key refresh triggering. One apparatus includes a transceiver and a processor that starts a counter corresponding to a UE having a small-data traffic pattern. In response to the transceiver receiving small-data traffic associated with the UE, the processor determines if a security key is valid based on a value of the counter. If the value of the counter indicates the security key is invalid, then the processor triggers a key refresh procedure. The processor relays the small-data traffic in response to the UE having a valid security key.

Abstract: Systems and methods are disclosed for automating customer service for a monitored device (MD). A method for an Internet of Everything management device to automate customer service for a monitored device comprises collecting sensor data from a plurality of sensors, wherein the plurality of sensors comprises a first sensor that is not included in the MD, determining whether the MD is exhibiting abnormal behavior based on an analysis of the collected sensor data, and transmitting a report to a customer service entity associated with the MD in response to a determination that the MD is exhibiting abnormal behavior.

Abstract: An image of a negotiable instrument may be taken by a camera associated with a mobile device and provided from a user to a financial institution via the mobile device. The negotiable instrument may be deposited in a user's bank account based on the image. Any technique for sending the image to the financial institution may be used. The mobile device may process the image prior to sending the image to the financial institution. Additionally or alternatively, the financial institution may process the image.

Abstract: Methods and devices for operating protean water installation devices connected to water installation controlling apparatuses and comprising two or more water installation device profiles, wherein only one of the water installation device profiles is enabled at any given time are disclosed. Family descriptor files are associated with the protean water installation devices and with two or more virtual descriptor files. Each virtual descriptor file is associated with one water installation device profile of the water installation device; a registry location indicating the enabled water installation device profile is read at the protean water installation device and a virtual descriptor file, associated with the identified water installation device profile, is executed to operate the water installation device.

Abstract: An encryption method implemented by a terminal having an operating system that can be accessed by several users and an encryption module for encrypting data intended for another terminal. The method includes a detection step for detecting when a session for accessing the operating system is opened by a user. In response to the detection of such a session being opened, the method continues with a step of setting the parameters of the encryption module with an encryption key unique to the user for encrypting data intended for another terminal, in which the encryption key is generated by the terminal, or is stored in a memory of the terminal before the detection of a session accessing the operating system being opened.

Abstract: The invention relates to the technical field of cooking, in particular to a recipe program code generation method and a recipe compiling cloud platform system. The recipe program code generation method comprises the following steps: firstly, establishing equipment attribute and control description terms which are associated with corresponding attributes or cooking motions of equipment and also associated with a description keyword term bank; then, selecting corresponding cooking equipment and inputting a literal description recipe; finally, analyzing description keywords in the literal recipe by compiling software and associating the description keywords with the equipment attribute and control description terms of the cooking equipment of the corresponding type, so that recipe program codes are generated.

Abstract: Methods and systems for providing alternate content are disclosed. An example method can comprise determining a failure condition of a content stream. A channel identifier can be determined for the content stream, and alternate content streams associated with the channel identifier can be determined. The alternate content streams can be accessible via a different protocol, frequency, or network path than the content stream. For example, the alternate content streams can be accessible via a packet-switched network path instead a non-packet-switched network path used to access the content stream.

Abstract: A mechanism for providing secure feature and key management in integrated circuits is described. An example integrated circuit includes a secure memory to store a secret key, and a security manager core, coupled to the secure memory, to receive a digitally signed command, verify a signature associated with the command using the secret key, and configure operation of the integrated circuit using the command.

Abstract: A system and method to perform data management operations in a data management system assigns the data management request to one or more available data management resources. If the data management request fails, at least one data management resource at least partially responsible for the failure is determined, as is a category associated with the one data management resource at least partially responsible for the failure. Other data management requests are identified in a list of data management requests that request data management resources having the same category and the list of data management requests is updated to indicate that the data management system should not perform the other identified data management requests.

Abstract: Techniques are described for using sensor data derived from a monitoring system to drive personalized content. Sensor data captured by a monitoring system may be used to determine attributes of users of the monitoring system and/or attributes of a property monitored by the monitoring system. The determined attributes may be used to select content to present to users of the monitoring system. Content presentation may be made through the monitoring system and may be triggered based on events detected by the monitoring system.

Abstract: Methods, systems, and apparatus, including computer program products, for assuring application performance by matching the supply of resources (e.g., application resources, VM resources, or physical resources) with the fluctuating demand placed on the application. For example, the systems and methods disclosed herein can be used to ensure that the application is allocated sufficient resources when it is initially deployed to handle anticipated demand; dynamically alter the resources allocated to the application during operation by matching the resource requirements to the actual measured application demand; and predict future resource requirements based on planning assumptions related to future application demand.