Abstract: A personal medical records retrieval system that allows a person to access their personal medical records from a remote medical records database 24 hours a day, 365 days a years from locations throughout the world. The remote medical records database has an Internet website and the person has a personalized access code for viewing his medical records from the database over the Internet. The database has a Firewall security and privacy/pirating protection system. A personalized access code can only be obtained by becoming a subscribing member to the personal medical records retrieval system. A subscriber may also receive a Smart Health Card that has a small computer (in the form of a computer chip with a memory embedded in it) that contains a person's medical history that can be read on a card reader in a physician's office, in a hospital, in emergency vehicles and any other place that is equipped with a card reader.

Abstract: A device authentication system, for example for consumer electronic products, uses a portable authenticator or key fob (16) to respond to periodic broadcast challenges from protected devices (10,12). Public key cryptosystem technology is used, with the owner's public key being stored within each of the protected devices, and the corresponding private key within the key fob. Each challenge issued by a protected device is encrypted using the public key, and on receipt decrypted using the private key. If decryption is successful, a verification message is sent from the key fob to the protected device, authorising the protected device to continue operation. If a verification message is not received by the device, the device ceases to operate.

Abstract: A personal computer transmits encrypted information identifying a transaction card, together with a serial number of an encryption unit in which the information way encrypted, over a public network to a payment server. The payment server generates a single-use credit card number, which is returned to the personal computer over the public network, and stores the single-use credit card number together with the serial number and the encrypted information. The personal computer then transmits the single-use credit card number to a merchant's server through which a transaction is to be made. The single-use credit card number is transmitted to the payment server, which is identified according to a portion of the single-use credit card number. The payment server then decodes a portion of the encoded information according to a cryptogram located within a data base according to the serial number stored with the single-use credit card number.

Abstract: A method of securely receiving data on a user's system from a web broadcast infrastructure with a plurality of channels. The method comprising the steps of: receiving promotional metadata from a first web broadcast channel, the promotional metadata related to data available for reception; assembling at least part of the promotional metadata into a promotional offering for review by a user; selecting by a user, data to be received related to the promotional metadata; receiving data from a second web broadcast channel, the data selected from the promotional metadata, and wherein the data has been previously encrypted using a first encrypting key; and receiving the first decrypting key via a computer readable medium, the first decrypting key for decrypting at least some of the data received via the second web broadcast channel.

Abstract: A method for carrying out multi-party transactions in which at least one party or user has information which he considers private, the method comprising: a first determining step, in which it is determined which parties will take part in the transaction; a second determining step, in which it is determined, for each party taking part in the transaction, what information about the user that party requires in order to complete the corresponding part of the transaction; a selecting step, which may occur before or after the determining steps, in which one or more nonces, GUIDs, or other tokens are selected, to represent the user in the course of the transaction; a providing step, in which each party determined in the first determining step is provided with information comprising the corresponding information about the user determined in the second determining step, and one or more of the nonces, GUIDs, or other tokens selected in the selecting step; an execution step, in which the parties to the transaction compl

Abstract: A program distribution system is disclosed for the simultaneous release of a program at a plurality of locations. The locations may include local broadcasters, or even individual devices. A program is modified so that it cannot be played without a release control signal and is then copied and distributed .either fixed in a media or electronically, i.e. via private network, the Internet, etc.) At the receiver the receiver first detects the release control signal and then replays the program at will. The program may include a time stamp in which case the receiver cannot replay the program until a control indicative of a current time/date corresponding to the date stamp. Alternative the program can be encrypted in which case the release control signal includes the decryption key. The release control can be broadcast over a tv channel, a radio channel and so on and is preferably imbedded into the signals of the standard tv or radio signals.

Abstract: According to the invention, a method for authorizing an online purchase between a customer and a vendor site is provided. In one step, transaction information is received from the vendor site. A new web browser window is automatically opened for the customer, where the new web browser window points away from the vendor site. Authenticating information is received from the customer. The customer's identity is authenticated. The vendor site is notified of authentication of the customers's identity. A transaction amount is presented in the new web browser window. Authorization of a transfer for the transaction amount is received in the new browser window from the customer, where the transfer corresponds to the online purchase. The vendor site is notified of authorization by the customer for the transfer of the transaction amount.

Abstract: A method for permitting the electronic delivery of digital content. Metadata is acquired which has been previously associated with content. Promotional metadata is extracted for use with a electronic store. At least one of the metadata is altered to create offer data. And at least one of the metadata is altered to create transaction data. In accordance with another aspect of the invention, a computer readable medium is described to carry out the above method.

Abstract: A reproducing apparatus for reproducing data from a record medium having a program area and a management area, the program area being used for recording a plurality of files, the management area being used for managing forging prohibition information against a particular file recorded in the program area is disclosed, the apparatus comprising a calculating means for calculating the forging prohibition information managed in the management area of the record medium whenever a file recorded in the recorde medium is reproduced, a comparing means for comparing a value calculated by the calculating means corresponding to a former reproduction command with a value calculated by the calculating means corresponding to a current reproduction command, and a controlling means for permitting the file corresponding to the current reproduction command to be reproduced when the value calculated corresponding to the former reproduction command is the same as the value calculated corresponding to the current reproduction comm

Abstract: A network system for key management including a server, a key management system providing process logic for key management system initialization located on the server, a key management system storage providing a secure data storage for the key management system, and an interface providing a means for inputting data into the key management system.

Abstract: Data moves between multiple, disparate data sources and the object-oriented computer programs that process the data. A data access server is interposed between the object-oriented programs and the data sources, and acts as an intermediary. The intermediary server receives requests for data access from object-oriented computer programs, correlates each request to one or more interactions with one or more data sources, performs each required interaction, consolidates the results of the interactions, and presents a singular response to the requesting computer program. The consolidated response from the intermediary server contains data items requested by the computer program, information regarding the hierarchical topology that relates the data items, and an indication of the possible object types that might embody the data items. The application program receives the consolidated response and builds an object hierarchy to embody the data items and to interface them to the rest of the application program.

Abstract: A method for generating a user-sharable network user interface is provided. A management interface is displayed. The management interface allows a user to select and manage information displayed on an information screen. The user is allowed to select information available in content sources. The selected information of the content source is marked and stored. The marked information is retrieved and displayed on the information screen. A second user is allowed to see the window of the information screen of the first user if the second user is authorized. The user is allowed to interact with customization tools via a wireless device for customizing the management interface. A pattern can be replayed for retrieving data for display. An application can be invoked for providing data for display. The information can also be translated.

Abstract: A method, a system and computer readable medium at an electronic digital content store, such as a web site, for associating advertisement with digital content. The geographic location of the end user device receiving the encrypted digital content is determined using an address verification system. Advertisement is selected to be associated with the delivery of encrypted digital content if the address verification system returns an address in a predetermined geographic region. The address verification system includes the IP address of the end user device, the country codes found in the trace routes to the IP address, and the billing address.

Abstract: Systems and techniques for improving the performance of a network system having one or more sending systems and one or more receiving systems may include determining the digital signature of a received digital file, comparing the digital signature against stored digital signatures of digital files accessible to the receiving system, and determining whether to store the received digital file and/or a location identifier for the stored version of the received digital file based on a result of the comparison.

Abstract: A tokenless identification system and method for authorization of transactions and transmissions. The tokenless system and method are principally based on a correlative comparison of a unique biometrics sample, such as a finger print or voice recording, gathered directly from the person of an unknown user, with an authenticated biometrics sample of the same type obtained and stored previously. It can be networked to act as a full or partial intermediary between other independent computer systems, or may be the sole computer systems carrying out all necessary executions. It further contemplates the use of a private code that is returned to the user after the identification has been complete, authenticating and indicating to the user that the computer system was accessed. The identification system and method of additionally include emergency notification to permit an authorized user to alert authorities an access attempt is coerced.

Abstract: The present invention relates to a read-only disk containing sample data and a reproducing method thereof. According to the present invention full data is encrypted and recorded on a read-only disk with additional non-encrypted sample data, which is a part of the full data, and navigation data used for searching for the sample data is also recorded on the read-only disk. And, when the encrypted data on the read-only disk is requested to be reproduced the sample data found with reference to the navigation data is reproduced instead if there is not an authenticated decryption key Owing to the present invention, a user can confirm easily whether a read-only, disk has encrypted contents he or she wants, which will lead to purchase of its decryption key as a natural result.

Abstract: A method of managing content data and associated metadata. According to the method, the content data and the associated metadata are generated. The content data is transferred to a content host, and the metadata and usage condition data for the associated content are transferred to an electronic store. The metadata and/or the usage condition data are altered in order to form promotional data, and the promotional data is transferred from the electronic store to a customer's system. In one preferred method, the content data is encrypted with a first encrypting key before being transferred to the content host. The first encrypting key is encrypted with a second encrypting key, and the encrypted first encrypting key is transferred along with the metadata and usage condition data to the electronic store. Additionally, the encrypted first encrypting key is transferred along with the promotional data to the customer's system.

Abstract: A data item is identified by a code word that is build up from a sequence of code word components. This data item and code word is stored in a number of entries in a table (102), whereby each code word component is stored in a separate entry. The table 102 has a column 104 for storing the values of the code word components, a column 106 for storing the reference to a previously stored code word component, if present, and a column 108 for storing the data item.

Abstract: An initial PuK-linked account database is established by (a) maintaining the database in a secure environment, (b) recording in the database for each one of a plurality of devices manufactured in the secure environment, (i) a public key of a public-private key pair of the manufactured device, and in association therewith, (ii) a Security Profile of the manufactured device, the public key and Security Profile thereby being linked together, (c) distributing the manufactured devices from the secure environment to a plurality of users, and (d) identifying the database records of said distributed devices as the initial PuK-linked account database of the users. An initial PuK-linked account database record of a user is established with each one of a plurality of third-parties in similar manner.

Abstract: A method of gathering, analyzing, and reporting data about commercial fish stocks and fisheries. Under this method, individual commercial fishermen use a device specific to the type of fishing being done to record the number of fish brought aboard, the number kept or released, the reason for release, the date, time, and location of the catch, and the fishery conditions, such as water temperature, depth, and salinity at the time that fish are brought aboard the fishing vessel. The individual fishermen transfer the data, typically via telephone link, to a central data repository, or to a receiving station when the data is transferred to the central data repository at a later time. The data is encrypted during transfer and placed in fisherman files, each fisherman having his own, restricted-access file. Data from all individual fishermen, as well as from other sources, are placed in a composite data pool to be used as source data for a general fishery database on fishstocks and fisheries.

Abstract: The present invention provides methods and systems by which data is encrypted securely, stored within a host server, and retrieved upon request from a client system. In one embodiment, a first user, such as an architect, enters information including manufacturer model part numbers. A request is then sent to the host server to encode the manufacturer's model part numbers. The host server encodes and saves the encoded model part numbers in a project information database. A second user, such as a manufacturer, retrieves the project information by entering the encoded model part numbers and requesting the host server to decode the encoded part numbers. The host server then maps the encoded part numbers to the manufacturer part numbers and transmits the project information to the manufacturer.

Abstract: Apparatus and methods for authorization or authentication of data strings. The apparatus comprise a memory containing a stored list of cyclic redundancy check values each corresponding to a data string representing an authorized identifier; and stored programming configured to compare a cyclic redundancy check value for a data string subject to authorization to the stored list of cyclic redundancy check values and determine validity of the cyclic redundancy check value for the data string subject to authorization. The data strings representing the authorized identifiers may comprise data representing alphanumeric character strings indicative of authorized users, and the data string subject to authorization may comprise a user-entered identification string of alphanumeric characters.

Abstract: According to one aspect of the invention, a method of creating a trial software product on a target system is provided. The method consists of intercepting file system calls from an installation process associated with a full software product and, responsive to a write request from the installation process, encrypting data associated with the write request if the write request is associated with one of a predetermined set of critical product files. The predetermined set of critical product files including those product files comprising the full software product that have been identified as files to which access is to be controlled.

Abstract: A user interface is for controlling a computer network. The user interface comprises a device menu, a device selection identifier, function menus, a function selection identifier, and a results screen. The device menu identifies at least some of the devices that comprise the computer network. The device selection identifier provides for selecting one of the devices. The function menus correspond to the devices and identify at least some functions that can be performed in connection with the devices. The function selection identifier corresponds to the function menus that allow an entity to select one of the functions. The user may select one of the devices, and may select one of the functions corresponding to the device that is selected. The results screen displays a result corresponding to a selected function. The user interface can be used in connection with wireless devices or an existing network management systems.

Abstract: Disclosed is an electronic payment device and its method using an balanced binary tree for calculating a first data Xk of current consumption or a plurality of root values Rq from an initial value Xn of the amount of money that user purchases. The first data Xk is correspondent to a position value j with a respective relation of j=n−k+1. The first data Xk is generated according to the value of the binary code dm−1dm−2 . . . d1d0 of the position value j being a 0 or 1, by formula Xk=hd0(. . . (hdm−2(hdm−1(Xn)))). If the binary code di=0, i=m−1, m−2, . . . , 1, 0, then the first one-way function h0 is used as an operating function. Otherwise, the second one-way function h1 is operated when the binary code di=1. Moreover, a function operating device for an electronic payment using an balanced binary tree is also disclosed. The present invention requires less calculation than that in the prior art, and thus is more effective.

Abstract: An information processing device that can provide digital information that is unalterable, reliable and has high admissibility, while reducing processing burden on the user. The information processing apparatus is capable of exchanging digital information with an external device via a communication device. The information processing apparatus include an information obtaining module that obtains digital information, a certification obtaining module that requests a certification issuing authority that issues a digital certification for a given digital information to issue the digital certification, and obtains the digital certification via the communication device, and a storage control module that correlates the digital certification obtained to the digital information obtained by the information obtaining module and stores the digital certification in a storage medium.

Abstract: A user registers a user public key PKU as a pseudonym at a trustee or issuer and obtains an signature for the pseudonym as a license. The sends the pseudonym, PKU identification information IdU and the amount of withdrawal x to the issuer institution. The issuer increments a balance counter of the pseudonym by x, then generates an issuer signature SKI(PKU, x) with a secret key SKI, and sends the issuer signature as an electronic cash to the user. The user verifies the validity of the issuer signature with a public key SKI, and if valid, increments an electronic cash balance counter Balance by x. At the time of payment, user sends the public key PKU and the license to a shop, and the shop verifies the validity of the license, and if valid, sends a challenge to the user. The user attaches a signature to the challenge with user secret key SKU, then sends it to the shop together with the amount due y, and decrements the electronic cash balance counter by y.

Abstract: An interactive rapid response Internet accessed air travel management system. The system includes a web-based planning and reservation interface system and an interactive access device. The system responds to details of a member's desired travel, to thereafter act in real time to contact the domains of associated travel service providers to arrange for every aspect of the member's trip, from airline and hotel reservations, ticket issuance, and ground transportation, to restaurant and theater reservations, and any other travel related needs of the member. The system stores identification information to verify access device possession to prohibit unauthorized use of the system and to provide security pre-clearance to system members.

Abstract: The invention relates to a method of obtaining a copy protected optical record carrier carrying information in different blocks, a method of accessing such a copy protected optical record carrier and such an optical record carrier itself. Access devices for optical carriers return different results when retrieving blocks, which contain incorrect address data in the corresponding subcode fields. A copy protection key will be implemented during manufacture of an optical record carrier by modifying the subcode address information of a predetermined pattern of blocks. It is normally not possible to copy incorrect address data onto an optical record carrier, since the address data will be newly generated during the copy process. Therefore, such a key can be utilized to distinguish between an original disc and a copied or non original disc. The key is preset before manufacturing of the optical record carrier itself and can therefore be used to encrypt the data stored on the optical record carrier.

Abstract: Disclosed herein are computer-implemented methods and systems for securely carrying out electronic transactions including electronic drafts, wherein payment on at least one of the drafts is contingent upon the removal of an associated contingency. The method may include steps of establishing a secure computer site accessible only by authenticated parties to the transaction and by any authenticated contingency approver. The site includes a representation of the transaction that includes a representation of each of the plurality of drafts and an option to remove any contingencies associated therewith.

Abstract: A system and method are provided for maintaining a universal phonebook in a Home Network telephone system. The universal phonebook system comprises a gateway to transceive calls via external communication medium and to act as a bridge between the external communication medium and a plurality of endpoint communications devices, which are typically telephones but can also be fax machines, video-phones, modems, or the like. The gateway also maintains a universal phonebook that is accessible to all of the plurality of endpoints. The gateway establishes an out-of-band control channel between the gateway and each endpoint accessing the universal phonebook.

Abstract: A method of and system for generating revenue online, wherein the method comprises providing a secure and privacy protected Internet accessible web site to an online community having members with an interest in a particular professional association, and exchanging for value with one or more entities a right for a predetermined amount of time to provide to the members expertise related to the professional association via the online community. Preferably, the members comprise potential customers with whom the entities may develop personal relationships. The present invention allows two or more parties to network simultaneously with a great number of their professional peers. The parties will be solicited to join the community, provided they meet certain screening criteria. Certain parties may be granted an exclusive right to serve as a community expert.

Abstract: In a semiconductor manufacturing system, a decryption key is effectively protected, thereby protecting manufacturing data. A host computer (1) sends encrypted manufacturing data to an exposure apparatus (2) and sends to a mask stocker (10) mask identification information and decryption key data to be used to decrypt the encrypted manufacturing data. The mask stocker (10) specifies a mask (13) on the basis of the mask identification information and records decryption key data (K1) on the mask. The mask (13) is transferred to the exposure apparatus (2) by a transfer cart (30). The exposure apparatus (2) receives the mask (13) and reads the decryption key data (K1). The exposure apparatus (2) decrypts the encrypted manufacturing data in accordance with the decryption key data and executes exposure on the basis of the manufacturing data.

Abstract: A bearer document processing system includes preparation, verification, redeeming and depositing of the document. An encrypted symbol is imprinted on the document using ink that is not visible in invisible light. The symbol includes information used to authenticate the document and to identify the bearer of the document. The document is scanned at a transaction point. The symbol can be decoded at transaction points or at a remote central processing station. Accounts involved in transactions are credited and debited using information contained in the encoded symbol and other information provided by the bearer and the acceptor of the document. Transactions are performed in essentially real-time, and the bearer is provided with evidence of a successful transaction. Although applicable to any type of bearer document such as stock certificates, money orders, the system is particularly applicable to processing bank checks in real-time and with the possibility of fraudulent transactions being minimized.

Abstract: Power consumption in a portable computing device's receive-transmit subsystem is reduced when this subsystem receives streaming media data. The portable computing device receives a first portion of the media data via a first communication channel and a second portion of the media data via a second channel. The portable computing device may obtain the first portion well in advance of receiving the second portion and may use a wireless connection to receive the second portion. The portable computing device may terminate the wireless connection once the second portion has been received, thus reducing overall power consumption in wireless device. A client application on the portable computing device reassembles the media file from the first and second portions.

Abstract: A program capable of improving security of an information processing device handling a plurality of transactions. User identification information input section receives user identification information input thereto and identifying a user, and certificate acquiring section acquires a certificate certifying authenticity of the user. Correspondence storing section stores information indicating the correspondence between the user identification information and the certificate. When accessed from a certain user, certificate identifying section identifies, based on the user identification information from the user, a corresponding certificate. Based on the certificate identified by the certificate identifying section, user certification section verifies whether or not the user is an authentic user.

Abstract: The invention relates to a rental system of software through Internet. The system includes a server (4) provided only with the solver modules (10) and the computer terminals (6) provided with pre-processor modules (8) and post-processor modules (12) of the softwares (8,10.12), in such a manner that inputting of data in the pre-processor module (8) at a computer terminal (6), and accessing to the internet server (4) through internet and then transmission of the customer's ID and password through the computer terminals (6) by the action of a user cause the mutual communication between the computer terminal (6) and the server (4), with the result that the solver module (10) processes the data input in the pre-processor (8) and transfers the result of the operation to the computer terminal (6), and then the post-processor module (12), on the other hand, transforms the result of the operation received into a diagram or graph or displaying on the monitor of the computer terminal (6).

Abstract: Universally available preprinted forms are used in a general purpose printing device to allow for the subsequent verification of the authenticity of a printed document such as a ticket, stamp, check, or money order. In operation, the user accesses the seller of the goods/services and during an information exchange with the seller there is inputted at least a portion of the preprinted data from the form. The seller then uses this information to formulate a printable control indicia which is then printed on the form at the user's location. When the form is subsequently presented to the seller, for example when the user uses the form he/she printed, the preprinted portion of the form is used to obtain a decipher key which in turn is used to decipher the control indica. If desired, a special security marking may be associated with the form for additional security. Inability to decode the control indicia indicates that the printed material on the form may not be authentic.

Abstract: A method and system for making available syndicated content on-line from a variety of content providers while enforcing the exclusivity requirements for each of the content providers. The method prevents conflict between the exclusivity requirements, expressed as distribution parameters, of the different content providers by examining the proposed distribution parameters before the content is accepted for distribution. New content is rejected if its distribution parameters are in conflict with the existing content. The content is distributed to a purchaser if there are no conflicts between the distribution parameters for the requested contents and purchaser properties. Purchaser properties may include such items of information as purchaser identification, geographical location, income, age, business classification, demography or combinations thereof.

Abstract: A method and apparatus for providing network dependent application services is provided. In accordance with one embodiment of the invention, a first group of one or more application service contracts specifying subscriptions to one or more application services are provided to a community of one or more subscriber application routers (SAR) by a first application service Provider. One or more application delivery transports are then automatically provisioned in accordance with the one or more application service contracts, and selected ones of the application services are delivered through selected ones of said application delivery transports.

Abstract: In a process of developing software applications from software components, the validity of component interactions is automatically validated by a program that determines a permission statement for any given utilization of a server component (305) by a client component (307). In a predefined structure (211-272), descriptors (211-219) are assigned (231-239) to components (301-309), descriptors (220-225) are assigned (241-255) to descriptors (211-224), some descriptors (223) have declarations to components (305), and some descriptors (217) have declarations to descriptors (223). The permission statement is true when 4 predefined conditions are all in compliance. The conditions are defined in relation to a common descriptor (225), to client (217) and server (223) intermediate descriptors, and to first (261) and second (262) declarations.

Abstract: An electronic payment device and its method using an unbalanced binary tree are disclosed. The total unit n of the amount of money that user purchases is decomposed first into a Matrix of p rows×q columns. Then, a first one-way function h1 and a second one-way function h2 serve to define the one-way function operation of the first row and each column, respectively. When two numbers of operation times a and b are calculated by their formulas respectively, they are substituted into formula Xk=h2b(h1a(Xpq)). Namely, by the first one-way function h1, a times of operation is performed, and then by the second one-way function h2, b times of operation is performed, thus, a first data Xk of current consumption can be derived rapidly. The present invention has only a few times of operation, thus the calculating efficiency is improved greatly.

Abstract: The present invention involves a new system and process for allowing automatic disclosure of at least one common interest between at least two entities while keeping non-common interests undisclosed or secret from other entities. Further, unlike conventional schemes for disclosing or sharing common interests, such disclosure or non-disclosure of interests is accomplished in accordance with the present invention without the use of a third party, mediation, or trusted agent type application or process for comparing shared or common interests. Consequently, in accordance with the present invention, there is no database, application, process, etc. that is external to any entity to which the interests of that entity is disclosed or revealed for the purposes of determining whether any of the entities interests match those of any other entity.

Abstract: A method and apparatus for facilitating transfer of usage rights for digital content. The system comprises digital content, a usage rights module containing usage rights information associated with the content for a user, a transfer permission module containing transfer permission information for the content, a current user identification module containing identity information indicating the identity of the user, and means for manipulating the current user identification module to change the identity information. The content can be transferred form one user to another and the current user identification module can be manipulated to reflect the current user and to permit the current user to have usage rights in the document.

Abstract: A memory card (110) conducts an authentication process with a server based on data stored in an authentication data hold unit (1400). The memory card (110) extracts a first session key (Ks1) from a server by a decryption process and a transaction ID from the data applied on a data bus (BS3). The memory card (110) generates a second session key (Ks2) through a session key generation unit (1418), and transmits to the server, as the keys to encrypt content data in receiving decryption of content data, the second session key (Ks2) and a key (KPm(1)) unique to the memory card (110) in an encrypted state with the first session key (Ks1). The transaction ID and the second session key (Ks2) stored in the log memory (1460) are used in the redistribution process.

Abstract: According to the present invention, when electronic money is sent from a given network to another network, a money change apparatus performs a money change process to change electronic money current on the given network into electronic money current on another network, and therefore when a user of the given network uses a settling process, by managing this money change process, it is possible to manage the interchange of electronic money between each of the users of the given network and each of the users of another network without affecting the working environment of electronic commerce. Electronic money current on LAN20 is referred to as local electronic money current only on the network.

Abstract: A system and method for providing call accounting services in a secure, cost-effective manner. A network enterprise includes an intelligent ticket collector (ITC) that retrieves call detail record (CDR) data generated by one or more private branch exchange units. The ITC retrieves the CDR data and transmits it, through encrypted email or other encrypted means, to a service provider over the Internet. The service provider receives, decrypts, and processes the CDR data for generating a call accounting report.

Abstract: Managing a digital certificate includes a landlord providing a digital certificate, a secure hardware device generating a series of n hash values, the secure hardware device providing an nth hash value to the landlord, wherein other hash values are not readily available to the landlord, the landlord placing the nth hash value in the certificate, the landlord digitally verifying the certificate containing the nth hash value to obtain a digitally signed certificate, a tenant obtaining the digitally signed certificate, the tenant obtaining the n hash values and the tenant managing the certificate by periodically issuing a previous hash value in the series of n hash values in response to the certificate being valid when the previous hash value is issued.

Abstract: A remote adjustable fuel dispenser for dispenser diagnostics and remote telecommunication. The fuel dispenser contains a remote communication system for communication between the fuel dispenser and a remote telecommunication device. A wireless input device, such as a keyboard, mouse, or hand-held computer is in wireless communication with a fuel dispenser for use during fuel dispenser diagnostics.

Abstract: A computer network method for conducting payment over a network by crediting and debiting telecommunication accounts. The computer network includes a computer connected to the Internet, which performs the following functions: (1) receiving a payment request from a prospective payer; (2) confirming the request and assigning an unique transaction identifier; (3) receiving an electronic authority from the payer's telecommunication service computer indicating whether or not such request has been approved; (4) crediting and debiting payer's and payee's telecommunication accounts with their respective telecommunication service providers and (5) confirming this transaction by responding a receipt to the payer's mobile device and to payee's server.