Including Authentication Patents (Class 380/232)
-
Patent number: 7464398Abstract: Systems and methods of mitigating attacks, such as Denial of Service (DoS) attacks, in a communications network are presented. Source addresses of packets received at network devices are monitored in relation to known reliable addresses stored in a decision engine. If the source address, as stored in a source table, is known as being legitimate the packets are placed in a high priority queue for transmission at the highest rate. Packets with an unknown address are placed in a lower priority queue, the source address stored in a different source table, and the packet is serviced at a lower rate. Packets that become known to be legitimate are moved from the unknown table to the table from which high priority queues are serviced. In this way, an attacker that employs spoofing techniques is prevented from overtaxing network resources.Type: GrantFiled: May 19, 2003Date of Patent: December 9, 2008Assignee: Alcatel LucentInventors: Jean-Marc Robert, Scott David D'Souza, Paul Kierstead
-
Patent number: 7437768Abstract: The CPU 11 of the personal computer 1 controls the CPU 32 of the adaptor 26 made of a semiconductor ID to compute a hash value of a content-managing music data base recorded in the HDD 21 and store it into the nonvolatile memory 34. When playing back a content recorded in the HDD 21, the CPU 11 computes the hash value of the music data base recorded in the HDD 21, compares it with hash values stored cumulatively in the nonvolatile memory 34, and controls the playback of the content from the HDD 21 based on the result of the comparison.Type: GrantFiled: October 19, 2005Date of Patent: October 14, 2008Assignee: Sony CorporationInventors: Itaru Kawakami, Ryuji Ishiguro, Mitsuru Tanabe, Yuichi Ezura
-
Patent number: 7424739Abstract: The present invention provides for validating that one or more modules reside on the same machine. When a second module wishes to establish communication with a first module, a shared memory that is accessible by the modules—but inaccessible by modules outside the machine—is used to store random data. The first module listens on a transport address corresponding to the random data for communication activity. The second module retrieves the random data from the shared memory, and then uses this data for determining the appropriate transport address to send information to when establishing the communication with the first module.Type: GrantFiled: October 29, 2004Date of Patent: September 9, 2008Assignee: Microaoft CorporationInventor: Janiv Pessach
-
Patent number: 7406599Abstract: Methods and apparatus, including computer program products, for presenting status of digital signatures. A digital document is received that defines a presentation structure and includes a digital signature. The digital document specifies a representation of the digital signature and a location in the presentation structure for the representation of the digital signature. A status is determined for the digital signature. A status representation is associated with the digital signature, where the status representation identifies the status determined for the digital signature. Without altering the representation of the digital signature, at least a portion of the digital document and the status representation of the digital signature are presented in a user interface, where the status representation is presented in the presentation structure at a location that depends upon the location of the digital signature.Type: GrantFiled: April 6, 2004Date of Patent: July 29, 2008Assignee: Adobe Systems IncorporatedInventors: James D. Pravetz, William Ie
-
Patent number: 7398395Abstract: Content material is protected with a variety of watermarking processes. Different subsets of the protected content material are submitted to different watermarking processes. At the rendering device, a watermark detector is configured to detect one or more different watermarks. Only if the particular watermark(s) that the rendering device is configured to detect is removed from the protected content material will the rendering device permit the rendering of the protected material. If the particular watermark(s) that the rendering device is configured to detect is unpredictable, or if the particular segment that is protected by a particular watermark is undetectable, a wholesale removal of specific watermarks from the watermarked material will neither be efficient nor economically viable.Type: GrantFiled: September 20, 2001Date of Patent: July 8, 2008Assignee: Koninklijke Philips Electronics N.V.Inventor: Michael Epstein
-
Patent number: 7386129Abstract: A computer-implemented method is described for processing multimedia channels comprising: encrypting a first group of multimedia channels using a first type of encryption to produce a first group of encrypted multimedia channels; encrypting the first group of multimedia channels using a second type of encryption to produce a second group of encrypted multimedia channels; concurrently transmitting the first group of encrypted multimedia channels with the second group of multimedia channels to a plurality of multimedia subscribers having multimedia receivers capable of decrypting the first group of encrypted multimedia channels and/or the second group of multimedia channels.Type: GrantFiled: May 30, 2001Date of Patent: June 10, 2008Assignee: Digeo, Inc.Inventor: Stephen G. Perlman
-
Patent number: 7380135Abstract: A method of transmitting contents, which are to be received at a reception side where a portion of the contents is previewed while the contents are not accessible for playing other than for a preview purpose, includes the steps of encrypting the contents by a first encryption key, generating information indicative of an elapsed time of the contents that indicates a relationship between positions on a time axis of the contents representing an amount of time that passes as the contents are played and a time count that accrues as a preview time when the contents are previewed, encrypting the first encryption key and the information indicative of an elapsed time of the contents by a second encryption key, thereby generating first encrypted information, encrypting the second encryption key and content-usage control information by a third encryption key, thereby generating second encrypted information, the content-usage control information indicating usage of the contents on the reception side, and transmitting theType: GrantFiled: August 15, 2003Date of Patent: May 27, 2008Assignee: Nippon Hoso KyokaiInventors: Yusei Nishimoto, Tatsuya Kurioka, Seiichi Namba
-
Patent number: 7370210Abstract: The present invention provides a data processing apparatus and method for managing processor configuration data. The data processing apparatus comprises a processor operable in a plurality of modes and a plurality of domains, said plurality of domains comprising a secure domain and a non-secure domain, said plurality of modes including at least one non-secure mode being a mode in the non-secure domain, at least one secure mode being a mode in the secure domain, and a monitor mode. The processor is operable such that when executing a program in a secure mode the program has access to secure data which is not accessible when said processor is operating in a non-secure mode.Type: GrantFiled: November 17, 2003Date of Patent: May 6, 2008Assignee: Arm LimitedInventor: Dominic Hugo Symes
-
Patent number: 7363504Abstract: The present invention discloses a system and methods for biometric security using keystroke scan biometrics in a smartcard-reader system. The biometric security system also includes a keystroke scan sensor that detects biometric samples and a device for verifying biometric samples. In one embodiment, the biometric security system includes a smartcard configured with a keystroke scan sensor. In another embodiment, the system includes a reader configured with a keystroke scan sensor. In yet another embodiment, the present invention discloses methods for proffering and processing keystroke scan samples to facilitate authorization of transactions.Type: GrantFiled: July 1, 2004Date of Patent: April 22, 2008Assignee: American Express Travel Related Services Company, Inc.Inventors: David S. Bonalle, Glen Salow
-
Patent number: 7363494Abstract: A time-based method for generating an authentication code associated with an entity uses an authentication code generated from a secret, a dynamic, time-varying variable, and the number of previous authentication code generations within the particular time interval. Other information such as a personal identification number (PIN) and a verifier identifier can also be combined into the authentication code.Type: GrantFiled: December 4, 2001Date of Patent: April 22, 2008Assignee: RSA Security Inc.Inventors: John G. Brainard, Burton S. Kaliski, Jr., Ronald L. Rivest
-
Patent number: 7353540Abstract: The present invention is intended to prevent sold digital information from being used in a non-compliant manner. Digital information accumulation capability 212 accumulates digital information 6 to be sold. License generating capability 227 generates the usage conditions for digital information 6. Encryption capability 229 encrypts digital information 6. Digital information key generating capability 228 generates a cryptographic key for decrypting encrypted digital information 6. Authentication capability 214 authenticates recording medium with license management capability 102-1 loaded in digital information vending apparatus 101. Licensed digital information writing capability 230 writes encrypted digital information and its usage conditions and cryptographic key onto authenticated recording medium with license management capability 102-1.Type: GrantFiled: March 30, 2001Date of Patent: April 1, 2008Assignee: Sony CorporationInventors: Haruhiko Kishi, Akira Kurihara
-
Patent number: 7346779Abstract: A method for securing an electronic document (22) comprising attaching a biometric characteristic (20) and the electronic document (22) to form a biometric characteristic-document combination and encrypting the biometric characteristic-document combination to form an encrypted data package (24).Type: GrantFiled: February 23, 2001Date of Patent: March 18, 2008Assignee: Birmingham Systems LimitedInventor: Kim Leeper
-
Publication number: 20080028437Abstract: A system that eliminates some of the security vulnerabilities in the prior art systems by using a new sequence of steps to perform initialization of the cable modem: Instead of performing authentication after the cable modem has been registered, the cable modem authentication step is performed immediately after the cable modem completes ranging. Thus an early authentication method and system are provided. The control of authentication is shifted from the cable modem to the CMTS. Instead of the CMTS relying on a Registration Request message (REG-REQ) to determine whether a cable modem must perform authentication (that is to determine if BPI+ is enabled) the CMTS configuration is what determines whether a cable modem must perform authentication.Type: ApplicationFiled: July 27, 2006Publication date: January 31, 2008Applicant: CISCO TECHNOLOGY, INC.Inventor: SHENGYOU ZENG
-
Patent number: 7320138Abstract: A system classifies an image file into a first group if authentication data included in the image file has been generated using a private key cryptosystem, and classifies the image file into a second group if the authentication data included in the image file has been generated using a public key cryptosystem. The system authenticates whether or not image data included in the image file has been altered using the authentication data. The system displays an indication of whether or not the image data included in the image file has been altered in a display area corresponding to the first group, if the image file is classified in the first group. The system displays an indication of whether or not the image data included in the image file has been altered in a display area corresponding to the second group, if the image file is classified in the second group.Type: GrantFiled: September 23, 2003Date of Patent: January 15, 2008Assignee: Canon Kabushiki KaishaInventors: Satoru Wakao, Takami Eguchi
-
Patent number: 7315621Abstract: A characteristic amount is retained and calculated from an entered video signal. Embedment intensity is retained and calculated from the retained characteristic amount. Embedment information is embedded as digital watermarks into the entered video signal in accordance with the retained embedment intensity of the previous frame or field that is located at a position earlier in time than a target image subject to digital watermark embedment. As a result, an output signal of video having the digital watermarks embedded therein is produced. The digital watermarks are embedded into the target image with reference to another image located at a position earlier in time than the target image. Such digital watermark embedment suppresses a delay in output of an output image with reference to an input image.Type: GrantFiled: May 8, 2003Date of Patent: January 1, 2008Assignee: Matsushita Electric Industrial Co., Ltd.Inventors: Kenichi Noridomi, Hisashi Inoue, Takashi Katsura, Takanori Okada
-
Patent number: 7305366Abstract: Content revocation is achieved by disabling licenses issued to a computing device for the content. A content revocation is delivered within a license to the computing device. Upon license storage the content revocation is recognized, validated, and stored in a secure state store under the public key of the content server (PU-CS) that issued the content. Each license has a (PU-CS) therein, and each license evaluation considers each content revocation stored in the state store and having the same (PU-CS). The license is disabled or otherwise affected based on the considered content revocation. A content revocation is one form of a license modification that may be delivered within a license.Type: GrantFiled: November 3, 2005Date of Patent: December 4, 2007Assignee: Microsoft CorporationInventors: Charlie David Chase, Jr., Krishnamurthy Ganesan, Philip J. Lafornara, Jeffrey Richard McKune, Clifford Paul Strom, Vijay K. Gajjala
-
Patent number: 7305555Abstract: A system is described for uniquely mating components of a communication network such as a smartcard and a set-top box. When mated, the smartcard and set-top box are tied together and have a single identity. Further, the smartcard operates properly only when inserted into an authorized set-top box. Exchanges of information between both components are secured by encryption and authentication to guard against piracy of the exchanged information. The system provides the same authentication key to the set-top box and the smartcard. This key is used for authenticating communication between the set-top box and the smartcard. First, the authentication key is encrypted by a set-top box mating key. The set-top box employs this mating key to decrypt the authentication key. After it is derived, the authentication key is stored in the set-top box's memory. Further, the same authentication key is encrypted by a smartcard mating key.Type: GrantFiled: March 27, 2002Date of Patent: December 4, 2007Assignee: General Instrument CorporationInventors: John I. Okimoto, Eric J. Sprunk, Lawrence W. Tang, Annie On-yee Chen, Bridget Kimball, Douglas Petty
-
Patent number: 7302578Abstract: An information processing apparatus has a detection unit to detect a recording medium and initiates a program read from the recording medium detected by the detection unit. In the information processing apparatus, an operation check unit performs an operation check of the recording medium detected by the detection unit. An authentication check unit performs an authentication check of the recording medium detected by the detection unit. An error notification unit notifies an operator of an error of the recording medium if at least one of a result of the operation check and a result of the authentication check is an error.Type: GrantFiled: March 16, 2004Date of Patent: November 27, 2007Assignee: Ricoh Company, Ltd.Inventor: Ayako Kobayashi
-
Patent number: 7299355Abstract: Provided is an architecture (hardware implementation) for an authentication engine to increase the speed at which SHA1 multi-loop and/or multi-round authentication algorithms may be performed on data packets transmitted over a computer network. As described in this application, the invention has particular application to the variant of the SHA1 authentication algorithms specified by the IPSec cryptography standard. In accordance with the IPSec standard, the invention may be used in conjunction with data encryption/encryption architecture and protocols. However it is also suitable for use in conjunction with other non-IPSec cryptography algorithms, and for applications in which encryption/decryption is not conducted (in IPSec or not) and where it is purely authentication that is accelerated. Among other advantages, an authentication engine in accordance with the present invention provides improved performance with regard to the processing of short data packets.Type: GrantFiled: January 8, 2002Date of Patent: November 20, 2007Assignee: Broadcom CorporationInventor: Zheng Qi
-
Patent number: 7299504Abstract: A database-modeled security policy includes policy statements stored in a database. Each policy statement has associated standards, guidelines, and procedures. Policy statements are grouped together into tag groups, which are in turn grouped together to form metapolicies. A security administrator uses a security policy management application to create metapolicies for specific audiences. A lightweight directory access protocol module manages access to the security policy. The security policy management application also provides scoring, reporting, and project management functionalities.Type: GrantFiled: March 8, 2002Date of Patent: November 20, 2007Assignee: Lucent Technologies Inc.Inventors: James Tiller, Bryan Fish, Theodore Baker
-
Patent number: 7287157Abstract: A specific client computer acquires content that has been stored in a content server. To accomplish this, the ID of the client computer is registered with the content server. The IP address, etc., of the content server is encrypted to obtain a check code and the check code is transmitted to the client computer and to a center server. The check code, etc., is transmitted from the client computer to the center server. The center server decrypts the check code transmitted from the client computer and the check code transmitted from the content server. The IP address, etc., of the content server is obtained by the decryption. If the IP address, etc., obtained from the check code transmitted from the client computer and the IP address obtained from the check code transmitted from the content server agree, the center server decides that the client computer is an authorized computer and transmits the IP address of the content server to the client computer.Type: GrantFiled: April 11, 2003Date of Patent: October 23, 2007Assignee: Fujifilm CorporationInventor: Kazuto Washio
-
Patent number: 7287270Abstract: When a network connection request is sent from a user's personal computer (2) to a server (1) on the Internet (5), the server (1) sends an authentication confirmation number generated by a random number generating unit (13) to the personal computer (2) of the connection requester. The connection requester connects a portable telephone (3) to a modem (4) and enters the authentication confirmation number displayed on the personal computer (2) through operation of keys of the portable telephone (3). An authentication unit (16) authenticates the connection request of the connection requester to set up connection to the network if the telephone number of the portable telephone (3) stored in a user information storage unit (12) agrees with the telephone number sent to the modem (4) and if the authentication confirmation number entered through the portable telephone (3) is correct.Type: GrantFiled: October 30, 2001Date of Patent: October 23, 2007Assignee: ARKRAY, Inc.Inventor: Akinori Kai
-
Patent number: 7281267Abstract: A software audit system is provided in conjunction with an anti-virus system. A computer virus scan request received by the anti-virus system (16) is used to trigger an audit data generator (18) to generate audit data. The audit data generator (18) may also serve to ban certain computer programs from execution and monitor the concurrent usage of other computer programs.Type: GrantFiled: February 20, 2001Date of Patent: October 9, 2007Assignee: McAfee, Inc.Inventors: Lee Codel Lawson Tarbotton, Daniel Joseph Wolff, Timothy James Page
-
Publication number: 20070230698Abstract: Systems and methods are disclosed for using an arbitrary fixed channel to carry third-party information. In one embodiment, the present invention provides systems and methods for enabling existing content rendering devices to accept content encoded in a proprietary format, such as an encoding format used by a digital rights management system. The encoded content is rendered by the device in the normal manner, and decoded by a retrofitting appliance connected to the device's output. The retrofitting appliance may apply decoded rules and controls to the decoded content, thereby managing use of the content.Type: ApplicationFiled: March 12, 2007Publication date: October 4, 2007Applicant: Intertrust Technologies CorporationInventor: Talal G. Shamoon
-
Patent number: 7272718Abstract: In a signal processing device and its method as well as a program storing medium, psychological auditory sense analysis of the survival state of an input signal of the time when the input signal has been compressed is performed in response to the compression processing, and the result of the very analysis is outputted as the psychological auditory sense encoded information, and digital watermarking information is superimposed on the input signal on the basis of the psychological auditory sense encoded information, so that it is possible to easily realize digital watermarking information that has large compression resistance and digital watermarking information that has small compression resistance.Type: GrantFiled: October 27, 2000Date of Patent: September 18, 2007Assignee: Sony CorporationInventors: Yuuki Matsumura, Hideo Sato
-
Patent number: 7260721Abstract: A client receives encrypted content from content server. The header of the content includes license-identifying information for identifying a license required to utilize the content. The client requests a license server to transmit the license identified by the license-identifying information. When receiving the request for a license, the license server carries out a charging process before transmitting the license to the client. The client stores the license received from the license server. The stored license serves as a condition for encrypting and playing back the content. As a result, content can be distributed with a high degree of freedom and only an authorized user is capable of utilizing the content.Type: GrantFiled: February 8, 2002Date of Patent: August 21, 2007Assignee: Sony CorporationInventors: Koichi Tanaka, Itaru Kawakami, Yoshisuke Kuroda, Ryuji Ishiguro
-
Patent number: 7260726Abstract: An apparatus to enable operation of a computer by authorized users when in a secure mode of operation is provided. One exemplary apparatus includes a hub configured to be in communication with the computer. The hub includes a card reader, a card microprocessor and an encryption engine. The apparatus also includes a card configured for insertion into the card reader. The card includes a card microprocessor. In addition, the apparatus includes a user authentication device configured to validate the user as an authorized user of the card. If the user is validated as the authorized user, then the card microprocessor passes a key to the hub microprocessor in response to the validation of the user as the authorized user of the card. The encryption engine of the hub is then activated to operate in a secure mode of operation.Type: GrantFiled: December 6, 2001Date of Patent: August 21, 2007Assignee: Adaptec, Inc.Inventors: Kin Doe, Leigh Perona, Francis L. Nguyen
-
Patent number: 7257710Abstract: The present invention provides an additional-watermark embedding apparatus for embedding predetermined additional data into original data. The additional-watermark embedding apparatus includes an adder for summing the original data and the additional data, a first amplifier for amplifying the original data according to a predetermined non-linear input-output characteristic, a second amplifier for amplifying the summed data supplied from the adder according to a predetermined non-linear input-output characteristic, a subtractor for taking the difference between the amplified data obtained by the second amplifier and the amplified original data obtained by the first amplifier, and an embedder for embedding modified additional data which is obtained by modifying the waveform of the additional data according to the original data and which is supplied from the subtractor into the original data.Type: GrantFiled: August 19, 2002Date of Patent: August 14, 2007Assignee: Sony CorporationInventors: Jun Hirai, Yoonki Choi
-
Patent number: 7246234Abstract: A memory stores a hash value of content management data. When an IEEE1394 interface authenticates a personal computer connected thereto via a network, the IEEE1394 transmits content management data to the personal computer while receiving a hash data of the content management data from the personal computer. The IEEE1394 interface then determines whether the received hash value of the content management data matches the stored hash value of the content management data. This arrangement prevents the unauthorized copying of content data, and limits the number of uses of the content data.Type: GrantFiled: August 18, 2000Date of Patent: July 17, 2007Assignee: Sony CorporationInventors: Ryuji Ishiguro, Munetake Ebihara
-
Patent number: 7237123Abstract: Theft, distribution, and piracy of digital content (software, video, audio, e-books, any content of any kind that is digitally stored and distributed) is generally accomplished by copying it, if possible, or, if it is protected from being copied in any fashion, such piracy is based upon a number of reverse engineering techniques. Aside from the straightforward copying of unprotected content, all of these other methods require first an understanding of the protective mechanism(s) guarding the content, and finally an unauthorized modification of that protection in order to disable or subvert it. Methods that prevent a skilled individual from using reverse engineering tools and techniques to attain that level of understanding and/or prevent anyone from performing such modifications can offer significant advantages to content creators who wish to protect their products.Type: GrantFiled: November 20, 2001Date of Patent: June 26, 2007Assignee: ECD Systems, Inc.Inventors: Richard B. LeVine, Andrew R. Lee, Daniel G. Howard, Daniel M. Goldman, John J. Hart, III
-
Patent number: 7228430Abstract: A security system for preventing unauthorized use of a computer device. An extractable security piece includes an extractable main private key and a main PC public key. A PC security area which is a non-extractable part of the computer device includes a PC private key and an extractable main public key, which, together with the keys of the extractable security piece, constitute a Public Key Infrastructure. The extractable security piece and the PC security area include processing means for mutual authentication of the extractable security piece and the PC security area after the extractable security piece, which had been previously removed, has been reinserted in the computer device, thereby enabling the authorized user to access data stored in the computer device.Type: GrantFiled: January 11, 2002Date of Patent: June 5, 2007Assignee: Lenovo Singapore Pte. LtdInventors: Alain Benayoun, Jacques Fieschi, Jean-Francois Le Pennec, Pascal Roy
-
Patent number: 7209893Abstract: A terminal device, a memory module and a system for and method of distributing electronic content. A content provider stores a number of multimedia files. A first integrated circuit card interface receives a host integrated circuit card containing first authorization information, and a second integrated circuit card interface receives a user integrated circuit card containing second authorization information. An input device permits selection of one or more multimedia files from the stored of multimedia files. A control unit is responsive to insertion into the second integrated circuit card interface of a user interface card containing second authorization information compatible with the first authorization information contained in a host integrated circuit card inserted in the first integrated circuit card interface to actuate an output device to provide the content of multimedia files selected by the input device.Type: GrantFiled: November 30, 2000Date of Patent: April 24, 2007Assignee: Nokia CorporationInventor: Naoaki Nii
-
Patent number: 7200230Abstract: A system for providing rights controlled access to digital media comprises a server data processor and a client data processor connected by a communications network. The user data processor provides access to a data object in accordance with rules associated with the data object by the server data processor. The client data processor comprises a machine key device and a user key device. The machine key device is preferably an installed component of the client data processor that provides encryption, decryption, and authentication functionality for the client data processor. The user key device is preferably a removable, portable device that connects to the client data processor and provides encryption, decryption, and authentication functionality for the user. A method restricts the use of a data object to a particular user and a particular data processor through the use of additional layers of encryption.Type: GrantFiled: January 15, 2001Date of Patent: April 3, 2007Assignee: Macrovision CorporationInventor: Christopher L. Knauft
-
Patent number: 7197143Abstract: The Digital Video Authenticator (DVA) addresses law enforcement concerns for a means to authenticate digital video (DV) so that it will be admissible and trusted as evidence in court. The DVA is a peripheral device attached to a commercial digital video recording device whose purpose is to generate and record authentication data simultaneously as DV is recorded by the video recording device. Verification of the authenticity of a DV sample will be accomplished using non-real-time software tools. The DVA system and method reads digital video (DV) data from a digital video recording device; parses the DV data into elements representing video, audio, control and timing data; and creates digital signatures that can be used to validate the original DV tape. The combination of secure digital signatures and repeatability of the DV data stored on tape provides the basis for proving the original video has not been modified.Type: GrantFiled: January 16, 2003Date of Patent: March 27, 2007Assignee: The Johns Hopkins UniversityInventors: Thomas E. Duerr, Nicholas D. Beser, James H. Higbie, Donna C. Paulhamus, Michael A. Karls, Cash J. Costello, George R. Barrett
-
Patent number: 7190792Abstract: Systems and methods are disclosed for using an arbitrary fixed channel to carry third-party information. In one embodiment, the present invention provides systems and methods for enabling existing content rendering devices to accept content encoded in a proprietary format, such as an encoding format used by a digital rights management system. The encoded content is rendered by the device in the normal manner, and decoded by a retrofitting appliance connected to the device's output. The retrofitting appliance may apply decoded rules and controls to the decoded content, thereby managing use of the content.Type: GrantFiled: April 4, 2006Date of Patent: March 13, 2007Assignee: Intertrust Technologies Corp.Inventor: Talal G Shamoon
-
Patent number: 7190790Abstract: The present invention proposes an encryption/decryption method able to resist against various attack strategies such as Simple Power Analysis, Timing Analysis or Differential Power Analysis. The method is carried out by a plurality of encryption/decryption modules arranged in series, wherein an encryption/decryption module, different from the first module, starts encryption/decryption operations as soon as said module receives a part of the results of encryption/decryption operations from the immediately preceding encryption/decryption module.Type: GrantFiled: August 24, 2000Date of Patent: March 13, 2007Assignee: NagraCard S.A.Inventors: Michael John Hill, Marco Sasselli, Christophe Nicolas
-
Patent number: 7149721Abstract: Methods and apparatus for creating a license defining permissions to use electronic content. The methods include selecting a plurality of habitat types, each an aspect of a user environment to which a license can be bound, the selection based on input from a retail customer; determining one or more habitat values and relations for each selected type; and creating a license to use the electronic content, the license including an and-or logic expression of habitat terms, each term containing one of the selected types and its set of corresponding values and relations. Each habitat term may include a key for decrypting or unlocking the electronic content.Type: GrantFiled: September 5, 2000Date of Patent: December 12, 2006Assignee: Adobe Systems IncorporatedInventors: Richard L. Sites, James D. Pravetz
-
Patent number: 7134134Abstract: An electronic program guide (EPG) hardware card is disclosed. The card is insertable into a television tuning device having EPG capability. A non-volatile memory, such as flash memory, is situated within a case of the hardware card, and has data stored thereon representing one or more loader programs for the device. Each program corresponds to an EPG provider, and gives the device the capability to receive EPG information from this provider. The case of the hardware card may have a form factor such as a Smart Card, a Compact Flash, a Smart Media, or another form factor. Alternatively, the data stored on the card represents non-executable information corresponding to an EPG provider. A business model and a server-based embodiment are also disclosed.Type: GrantFiled: March 24, 2001Date of Patent: November 7, 2006Assignee: Microsoft CorporationInventors: Robert M. Fries, Michael E. Pietraszak
-
Patent number: 7127431Abstract: The information reproduction device for reproducing contents information based on license information added to the contents information and required for reproducing the contents information, includes a determining section for determining whether encrypted contents information is the officially copied contents information or privately copied contents information based on the contents of the license information, and a reproduction section configured to reproduce the contents information determined as the privately copied contents information by the determining section under more severe restriction than the officially copied contents information. Thus, the contents copied by the proper route (officially copied contents) can be distributed in a more advantageous form than the contents copied without proper authorization.Type: GrantFiled: May 6, 2003Date of Patent: October 24, 2006Assignee: Kabushiki Kaisha ToshibaInventors: Toru Kambayashi, Koichiro Akiyama, Yutaka Handa, Yoshihiro Ohmori
-
Patent number: 7110985Abstract: Content revocation is achieved by disabling licenses issued to a computing device for the content. A content revocation is delivered within a license to the computing device. Upon license storage the content revocation is recognized, validated, and stored in a secure state store under the public key of the content server (PU-CS) that issued the content. Each license has a (PU-CS) therein, and each license evaluation considers each content revocation stored in the state store and having the same (PU-CS). The license is disabled or otherwise affected based on the considered content revocation. A content revocation is one form of a license modification that may be delivered within a license.Type: GrantFiled: November 3, 2005Date of Patent: September 19, 2006Assignee: Microsoft CorporationInventors: Charlie David Chase, Jr., Krishnamurthy Ganesan, Philip J. Lafornara, Jeffrey Richard McKune, Clifford Paul Strom, Vijay K. Gajjala
-
Patent number: 7110543Abstract: At the time of moving a content from an e-book content receiving terminal 102 to a copyright protection medium 103, from among a plurality of usage rules set to the content, those defined by the copyright protection medium 103 is moved to the copyright protection medium 103 by a content moving section 106, and those not defined by the copyright protection medium 103 are transmitted to a usage rule management server 104 via a communications section 105. On the other hand, at the time of moving the content from the copyright protection medium 103 to the e-book content receiving terminal 102, the usage rules from the copyright protection medium 103 and the usage rules from the usage rule management server 104 are combined together. In this manner, even when a content is moved through a copyright protection medium in a which usage rules of the content are not fully defined therein, none of the usage rules is lost.Type: GrantFiled: May 21, 2002Date of Patent: September 19, 2006Assignee: Matsushita Electric Industrial Co., LtdInventors: Koji Miura, Stefan Walter, Masaya Yamamoto
-
Patent number: 7099473Abstract: There is provided an information processing apparatus/method characterized by inputting information data, generating security data to be used to protect the information data, encoding the information data to generate encoded data, extracting a unique predetermined code indicating a specific meaning from encoded data within a security section in accordance with the security data, superimposing the security data on the predetermined code, scrambling the encoded data except for the predetermined code within the security section, and outputting the superimposed predetermined code and the scrambled encoded data.Type: GrantFiled: January 18, 2001Date of Patent: August 29, 2006Assignee: Canon Kabushiki KaishaInventor: Mitsuru Maeda
-
Patent number: 7092930Abstract: A method and apparatus for protecting against a replay attack in a database system makes use of customer records including a counter, and freshness records that include the customer counters and a freshness record counter. The counter from the customer records, the customer records in the freshness records, and the freshness record counter are used by a cryptographic device together with a cryptographic device counter to verify the freshness of the customer record prior to updating the customer record with respect to a recent transaction.Type: GrantFiled: March 28, 2002Date of Patent: August 15, 2006Assignee: Pitney Bowes Inc.Inventors: Richard W. Heiden, David K. Lee
-
Patent number: 7088823Abstract: A method for controlling access to digital information is performed based on a plurality of decryption keys sent by the information provider. A first type of decryption key instructs a user's host system to reproduce the digital information in accordance with a first level of reproduction quality degradation. Additional keys may specify other degradation levels. The quality of the digital information may be degraded based on a time condition or a use condition. Alternatively, only a portion of the information may be made viewable by a user. In order to obtain full and unrestricted access, the user must obtain a type of decryption key from the provider which removes all previous limitations on reproduction quality degradation.Type: GrantFiled: January 9, 2002Date of Patent: August 8, 2006Assignee: International Business Machines CorporationInventor: John E. Fetkovich
-
Patent number: 7080043Abstract: Content revocation is achieved by disabling licenses issued to a computing device for the content. A content revocation is delivered within a license to the computing device. Upon license storage the content revocation is recognized, validated, and stored in a secure state store under the public key of the content server (PU-CS) that issued the content. Each license has a (PU-CS) therein, and each license evaluation considers each content revocation stored in the state store and having the same (PU-CS). The license is disabled or otherwise affected based on the considered content revocation. A content revocation is one form of a license modification that may be delivered within a license.Type: GrantFiled: March 26, 2002Date of Patent: July 18, 2006Assignee: Microsoft CorporationInventors: Charlie David Chase, Jr., Krishnamurthy Ganesan, Philip J. Lafornara, Jeffrey Richard McKune, Clifford Paul Strom, Vijay K. Gajjala
-
Patent number: 7050586Abstract: Systems and methods are disclosed for using an arbitrary fixed channel to carry third-party information. In one embodiment, the present invention provides systems and methods for enabling existing content rendering devices to accept content encoded in a proprietary format, such as an encoding format used by a digital rights management system. The encoded content is rendered by the device in the normal manner, and decoded by a retrofitting appliance connected to the device's output. The retrofitting appliance may apply decoded rules and controls to the decoded content, thereby managing use of the content.Type: GrantFiled: June 19, 2001Date of Patent: May 23, 2006Assignee: Intertrust Technologies CorporationInventor: Talal G. Shamoon
-
Patent number: 7051212Abstract: The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node.Type: GrantFiled: May 30, 2002Date of Patent: May 23, 2006Assignee: Intertrust Technologies Corp.Inventors: Karl L. Ginter, Victor H. Shear, Francis J. Spahn, David M. Van Wie
-
Patent number: 7046807Abstract: Data administration method which prevents the infringement of a copyright by encrypting and distributing digital content, and readily grasps which contents are contained in the digital content included in the data. Preparing symbol information symbolized so as to visually and auditorily recognize the contents of the digital content that conduct distribution (Step S12), embedding the symbol information in a header data section (Step S13), encrypting the digital content (Step S15), embedding consent information including the information on the contents key in the header data section as an electronic watermark (Step S16), and compositing the real data section and the consent-information-added header data section and distributing the composite data (Step S17).Type: GrantFiled: March 20, 2001Date of Patent: May 16, 2006Assignee: Fujitsu LimitedInventors: Hideyuki Hirano, Shinji Hashimoto, Eiki Hattori, Shigetoshi Mochizuki
-
Patent number: 7043453Abstract: A method and apparatus for establishing a secure communications channel between a first repository and a second repository using a repository transaction protocol. A registration identifier and registration message including an identification certificate, and an identifier of a master repository that encrypted the identification certificate are generated by the first repository. The registration identifier and message are sent to the second repository and the identity of the first repository by is verified by verifying the identification certificate. Messages containing at least one session key are exchanged between the first and second repositories and a usage transactions related to a digital work are conducted between the first repository and the second repository using the session keys.Type: GrantFiled: April 15, 2003Date of Patent: May 9, 2006Assignee: ContentGuard Holdings, Inc.Inventors: Mark J. Stefik, Peter L. T. Pirolli
-
Patent number: 7031472Abstract: A playback instructing unit in a disk playback controller has a function to instruct a CPU to play back an optical disk at different access positions in an absolute authentication process and an arbitrary authentication process. An absolute decision unit has a function to be activated by an absolute authentication instruction from the playback instructing unit and authenticate the decided result from an authentication decision means according to a first rule (which declares normal authentication based on a normal decision). An arbitrary decision unit has a function to be activated by an arbitrary authentication instruction from the playback instructing unit and authenticate the decided result from the authentication decision unit according to a second rule (which declares normal authentication based on an abnormal decision).Type: GrantFiled: September 23, 1999Date of Patent: April 18, 2006Assignee: Sony Computer Entertainment Inc.Inventor: Shinji Noda