公开(公告)号：EP1573545A4

公开(公告)日：2008-08-27

申请号：EP03774922

申请日：2003-10-22

Applicant: IBM

Inventor： JIN HONGXIA ,  LOTSPIECH JEFFREY B

IPC: G06F1/00 ,  G06F11/30 ,  G06F12/14 ,  G06F21/00 ,  H04L9/32

CPC classification number: G06F21/14 ,  G06F21/316 ,  G06F21/552 ,  G06F2221/2101

Abstract: Software intrusion is proactively detected using a dynamically evolving audit log (404) wherein log entries are generated in the audit log (404) and key values (406) are evolved based upon a one-way function (408) depending on both the previous log (404) entry and the previous key (406). The audit log (404) with the generated log entries and the final key value is transmitted to a clearinghouse (410) that detects software intrusion by analyzing these values. In an effort to reduce the size of the log (404) to be transmitted, the log entries are assigned identical values, thereby only needing to transmit one log entry and the last key value to the clearinghouse (410).

公开(公告)号：JP2004007476A

公开(公告)日：2004-01-08

申请号：JP2003071645

申请日：2003-03-17

Applicant: IBM

Inventor： BELKNAP WILLIAM R ,  BREW GLENN E ,  LOTSPIECH JEFFREY B ,  NUSSER STEFAN ,  WESTERINK PETER

IPC: H04N7/173 ,  H04L29/06

Abstract: PROBLEM TO BE SOLVED: To provide a system, a method and a computer readable medium for securely realizing the streaming of an IP(Internet Protcol) base by a method independent of a format. SOLUTION: Metadata are read out from an encoded medium file 402. Then the encoded medium file 402 including the metadta subsidiary to contents data is ciphered. A steaming server system divides the encoded/ciphered medium file into a plurality of data packets and performs streaming in accordance with at least one parameter in the metadata. Then the streaming server system streams the data packets to a client information processing system (i.e. a client) through a network. COPYRIGHT: (C)2004,JPO

公开(公告)号：JP2004048676A

公开(公告)日：2004-02-12

申请号：JP2003104102

申请日：2003-04-08

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： ERIC M FOSTER ,  LOTSPIECH JEFFREY B ,  PESTONI FLORIAN ,  PLOUFFE WILFRED E JR ,  SCHAFFA FRANK A

IPC: H04L9/08 ,  H04L9/36 ,  H04L29/06

CPC classification number: H04L9/0822 ,  G11B20/0021 ,  G11B20/00362 ,  H04L9/083 ,  H04L9/12 ,  H04L63/045 ,  H04L2209/603 ,  H04L2463/101

Abstract: PROBLEM TO BE SOLVED: To provide a method, a system and a program product for attaching a title key to an encrypted content for synchronized transmission to a recipient.
SOLUTION: The method and the system for attaching the title key to the encrypted contents for the synchronized transmission to, or storage by, the recipient are provided. Specifically, under the present invention, an elementary media stream is parceled into content units that each include a content packet and a header. The content packets are encrypted with one or a plurality of title keys. Once the content packets have been encrypted, the title keys are themselves encrypted with a key encrypting key. The encrypted title keys are then attached to the corresponding encrypted content packets for synchronized transmission to the recipient.
COPYRIGHT: (C)2004,JPO

公开(公告)号：JP2004048673A

公开(公告)日：2004-02-12

申请号：JP2003101580

申请日：2003-04-04

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： ERIC M FOSTER ,  LOTSPIECH JEFFREY B ,  PESTONI FLORIAN ,  PLOUFFE WILFRED E JR ,  SCHAFFA FRANK A

IPC: G11B20/00 ,  H04L9/08

CPC classification number: G11B20/0021 ,  G11B20/00086 ,  G11B20/00188 ,  G11B20/00195 ,  G11B20/00478 ,  G11B20/00528 ,  G11B20/00536 ,  H04L9/0822 ,  H04L9/0836 ,  H04L9/0891 ,  H04L2209/601

Abstract: PROBLEM TO BE SOLVED: To provide a method, a system, and a program product for managing a size of a key management block (KMB), when the KMB is a form called logical key hierarchy (LKH) in conventional technology. SOLUTION: The method, the system and the program product for managing the size of the KMB during the contents distribution are provided. Specifically, a first KMB corresponding to the first subtree of devices is received along with contents as encrypted with a title key. If a size of the first KMB exceeds a predetermined threshold, a second subtree is created. A second KMB corresponding to the second subtree of devices is then generated. The second KMB includes an item canceling the entire first subtree of devices, and it is smaller than the first KMB. All compliant devices from the first subtree are migrated to the second subtree. COPYRIGHT: (C)2004,JPO

公开(公告)号：CA2505477A1

公开(公告)日：2004-07-22

申请号：CA2505477

申请日：2003-10-22

Applicant: IBM

Inventor： LOTSPIECH JEFFREY B ,  JIN HONGXIA

IPC: G06F11/30 ,  G06F12/14 ,  G06F21/00 ,  H04L9/32

Abstract: Software intrusion is proactively detected using a dynamically evolving audi t log (404) wherein log entries are generated in the audit log (404) and key values (406) are evolved based upon a one-way function (408) depending on bo th the previous log (404) entry and the previous key (406). The audit log (404) with the generated log entries and the final key value is transmitted to a clearinghouse (410) that detects software intrusion by analyzing these value s. In an effort to reduce the size of the log (404) to be transmitted, the log entries are assigned identical values, thereby only needing to transmit one log entry and the last key value to the clearinghouse (410).

公开(公告)号：DE60315726T2

公开(公告)日：2008-06-05

申请号：DE60315726

申请日：2003-12-19

Applicant: IBM

Inventor： LOTSPIECH JEFFREY B ,  SRINIVASAN SAVITHA ,  SIGFREDO NIN I ,  DALIT NAOR ,  RAM REDDY ,  BLAKELEY BURNETTE D

IPC: G07F19/00 ,  G06Q20/00 ,  G07F7/00 ,  H04L9/00 ,  H04L29/06

Abstract: A system, method, business method, and computer program product for conducting electronic transactions with a potentially untrusted server while maintaining user anonymity and transaction privacy, yet allowing the server to verify the user is a valid subscriber entitled to participate in the transaction. Anonymous service requests are sent to the server. The server transmits responses that have been encrypted such that only valid subscribers can decrypt them. Broadcast encryption schemes that enable selective revocation of misbehaving subscribers will tip off requestors that the server is trying to identify them. Transaction and content quantity can be monitored for usage-based billing while maintaining anonymity. Each content item may be uniquely encrypted with a content key that is then encrypted by a session key and included in encrypted form with a response, to reduce the computational workload.

公开(公告)号：AT340379T

公开(公告)日：2006-10-15

申请号：AT00305655

申请日：2000-07-05

Applicant: IBM

Inventor： HURTADO MARCO M ,  MILSTED KENNETH L ,  GRUSE GEORGE G ,  DOWNS EDGAR ,  LEHMAN CHRISTOPHER T ,  SPAGNA RICHARD L ,  LOTSPIECH JEFFREY B

IPC: G06F21/24 ,  G06F1/00 ,  G06F15/00 ,  G06F21/00 ,  G06Q20/38 ,  G06Q20/40 ,  G06T1/00 ,  G09C1/00 ,  G10K15/02 ,  H03M7/30 ,  H04L9/08 ,  H04L9/10 ,  H04L29/06 ,  H04L29/08 ,  H04N7/167 ,  H04N7/173

Abstract: A method to delivery encrypted digital content to a end user system for playing the content comprising the steps of: reading from a computer readable medium metadata which has previously associated with the content. A user selects from the metadata associated content to decrypt and the end user system establishes a secure connection with an authorisation authority for decrypt ing the content. The end user system receives a secure container containing the decrypting key for decrypting at least part of the previously encrypted content as permitted. The system creates a secure container using the encrypting key from a clearing house, wherein the secure container has an encrypting key therein from the end user system; transferring the secure container to the clearing house for authentication of permission to decrypt the content. The system receives from the clearing house, a secure container encrypted using the encrypting key of the end user system containing the decrypting key for decrypting at least part of the previously encrypted content stored on the computer readable medium as permitted; and playing at least part of the previously encrypted content by decrypting the secure container using the encrypting key of the end user system to access the decrypting key for decrypting at least part of the encrypted content.

公开(公告)号：DE60030814D1

公开(公告)日：2006-11-02

申请号：DE60030814

申请日：2000-07-05

Applicant: IBM

Inventor： HURTADO MARCO M ,  MILSTED KENNETH L ,  GRUSE GEORGE G ,  DOWNS EDGAR ,  LEHMAN CHRISTOPHER T ,  SPAGNA RICHARD L ,  LOTSPIECH JEFFREY B

IPC: G06F1/00 ,  G06F15/00 ,  G06F21/24 ,  G06F21/00 ,  G06Q20/38 ,  G06Q20/40 ,  G06T1/00 ,  G09C1/00 ,  G10K15/02 ,  H03M7/30 ,  H04L9/08 ,  H04L9/10 ,  H04L29/06 ,  H04L29/08 ,  H04N7/167 ,  H04N7/173

Abstract: A method to delivery encrypted digital content to a end user system for playing the content comprising the steps of: reading from a computer readable medium metadata which has previously associated with the content. A user selects from the metadata associated content to decrypt and the end user system establishes a secure connection with an authorisation authority for decrypt ing the content. The end user system receives a secure container containing the decrypting key for decrypting at least part of the previously encrypted content as permitted. The system creates a secure container using the encrypting key from a clearing house, wherein the secure container has an encrypting key therein from the end user system; transferring the secure container to the clearing house for authentication of permission to decrypt the content. The system receives from the clearing house, a secure container encrypted using the encrypting key of the end user system containing the decrypting key for decrypting at least part of the previously encrypted content stored on the computer readable medium as permitted; and playing at least part of the previously encrypted content by decrypting the secure container using the encrypting key of the end user system to access the decrypting key for decrypting at least part of the encrypted content.

公开(公告)号：CA1165448A

公开(公告)日：1984-04-10

申请号：CA378672

申请日：1981-05-29

Applicant: IBM

Inventor： LOTSPIECH JEFFREY B ,  WOHLER WAYNE L

IPC: G06K9/34 ,  G06K9/82 ,  G06K9/62

Abstract: BO979038 An apparatus and method is provided for segmenting characters generated by an optical scanner. The apparatus also identifies underscores. The underscores are then masked and subsequent processing devices are informed of the existence of said underscores. Input video raster scans representative of a portion of a line of textual material are loaded into a video buffer. The video raster scans are broken up into a plurality of sections. The horizontal histogram (number of black pixel counts) associated with each section is determined. The baseline, vertical histogram and word location for each line of data to be segmented is determined. A find character unit finds the boundaries for each character. The character is sequentially transferred from the video buffer to a character output buffer.

公开(公告)号：CA2505477C

公开(公告)日：2009-10-13

申请号：CA2505477

申请日：2003-10-22

Applicant: IBM

Inventor： LOTSPIECH JEFFREY B ,  JIN HONGXIA

IPC: G06F11/30 ,  G06F12/14 ,  G06F21/00 ,  H04L9/32

Abstract: Software intrusion is proactively detected using a dynamically evolving audi t log (404) wherein log entries are generated in the audit log (404) and key values (406) are evolved based upon a one-way function (408) depending on bo th the previous log (404) entry and the previous key (406). The audit log (404) with the generated log entries and the final key value is transmitted to a clearinghouse (410) that detects software intrusion by analyzing these value s. In an effort to reduce the size of the log (404) to be transmitted, the log entries are assigned identical values, thereby only needing to transmit one log entry and the last key value to the clearinghouse (410).