The objective of this invention is to provide continuous remote authenticated operations for ensuring proper content processing and management in remote untrusted computing environment. The method is based on using a program that was hidden within the content protection program at the remote untrusted computing environment, e.g., an end station. The hidden program can be updated dynamically and it includes an inseparable and interlocked functionality for generating a pseudo random sequence of se...

A method and system looks for patterns in a series of data samples to determine consistency or inconsistency within the data sample. One embodiment includes computer authentication using a unique biometric algorithm that provides biometrically enhanced computer-based authentication using a software only solution. In this embodiment, the system and method provides a mechanism to gather user keystroke timing data, and to analyze and abstract the data into a non-repudiated template against which fu...

Digital rights are associated with a semi-unique node identifier obtained or calculated from characteristics of a mobile device attached to a consumer device, rather than with the node identifier of the consumer device itself. The user of the consumer device may access the digital rights management encrypted content (which may come from local persistent storage or a network) by attaching the mobile device to the consumer device. In this way, the rights can be associated with the node identifier ...

Strategies are described for sanitizing a data set, having the effect of obscuring restricted data in the data set to maintain its secrecy. The strategies operate by providing a production data set to a sanitizer. The sanitizer applies a data directory table to identify the location of restricted data items in the data set and to identify the respective sanitization tools to be applied to the restricted data items. The sanitizer then applies the identified sanitization tools to the identified re...

A system and method for authenticating digital content is described. In one implementation, digital content recorded by a recording device is stored in a secure section of a memory device. A control system is configured to block access to the digital content stored in the secure section except to permit one or more portions of the digital content to be transmitted to a certification and validation authority where the one or more portions of the digital content is maintained in a secure repositor...

A copy protection method and a copy protection system are disclosed. The system includes a private key verifier receiving a media certificate that includes a private-key identification of a compliant playing device and searching for an actual private key by checking whether each of available private keys of the playing device corresponds to the private-key identification, a media key decryptor receiving an encrypted media key and decrypting the media key with the actual private key, and a media ...

A system in accordance with an embodiment of the invention includes a vulnerability detection system (VDS) and an intrusion detection system (IDS). The intrusion detection system leverages off of information gathered about a network, such as vulnerabilities, so that it only examines and alerts the user to potential intrusions that could actually affect the particular network. In addition, both the VDS and IDS may use rules in performing their respective analyses that are query-based and that are...

A worm detection manager detects computer worms when they arrive at target computers via open network shares. The worm detection manager monitors incoming file system traffic, and determines the source of incoming files. The worm detection manager determines that an incoming file is infected with a worm, responsive to circumstances such as substantially the same file being written to the target computer by a requisite plurality of computers; substantially the same file being written to the targe...

From a first information handling system ("IHS") to a second IHS, in response to a request for initiating an online transaction, a program is downloaded for detecting malicious code on the second IHS.

The present invention allows for remotely and securely configuring settings for targeted devices within a network with multiple security-trust boundaries. Configuration information is encoded in messages that are digitally signed to ensure the integrity of the configuration information and sent in accordance with a standard messaging transport protocol. By utilizing an already existing port of the standard messaging transport protocol, e.g., SMTP, the number of open ports for configuration purpo...