Rebinding of content title keys in clusters of devices with distinct security levels
    1.
    发明授权
    Rebinding of content title keys in clusters of devices with distinct security levels 有权
    在具有不同安全级别的设备群集中重新绑定内容标题密钥

    公开(公告)号:US08391481B2

    公开(公告)日:2013-03-05

    申请号:US12651382

    申请日:2009-12-31

    IPC分类号: H04L29/06

    摘要: According to one embodiment of the present invention, a system, method, and computer program product is provided for rebinding title keys in clusters of devices with distinct security levels in broadcast encryption systems. The method includes receiving a new management key and unbinding an encrypted title key with a previously used management key, the title key having a security class and residing in a title key block for a device having a security class, the device being in a cluster of devices including devices having a plurality of security classes. If the device security class is lower that the title key security class, the unbound title key is partially rebound with the new management key. the partially rebound title key is then saved in the title key block for the device.

    摘要翻译: 根据本发明的一个实施例,提供了一种系统,方法和计算机程序产品,用于在广播加密系统中具有不同安全级别的设备群中重新标识标题密钥。 所述方法包括:接收新的管理密钥,并将加密的标题密钥与先前使用的管理密钥解除绑定,所述标题密钥具有安全级别,并且驻留在具有安全等级的设备的标题密钥块中,所述设备处于 设备包括具有多个安全等级的设备。 如果设备安全级别低于标题密钥安全级别,则使用新的管理密钥部分地弹出未绑定的标题密钥。 然后将部分反弹的标题密钥保存在设备的标题密钥块中。

    SYSTEM AND METHOD FOR PROTECTING DATA IN A SECURE SYSTEM
    2.
    发明申请
    SYSTEM AND METHOD FOR PROTECTING DATA IN A SECURE SYSTEM 有权
    用于保护安全系统中的数据的系统和方法

    公开(公告)号:US20090323970A1

    公开(公告)日:2009-12-31

    申请号:US12133658

    申请日:2008-06-05

    IPC分类号: H04L9/08 H04L9/14 G06F11/07

    摘要: A system for protecting data in a security system generates and encodes a backup key for encoding long-lived secrets. The system generates a distribution plan for distributing cryptographic splits of the encoded backup key to selected persons based on geographic and organizational diversity. The distribution plan specifies a number M of the cryptographic splits to be generated and a number N of the cryptographic splits required to recover the backup key. The system processes utilize an init file comprising system parameters and state files each comprising parameters reflecting a state of the secure system after a transaction. Any of the state files may be used for any of the system processes. The state files and the init file are encoded by the backup key, thus protecting the long-lived secrets.

    摘要翻译: 用于保护安全系统中的数据的系统生成并编码用于编码长寿命秘密的备份密钥。 系统生成分配计划,用于根据地理和组织多样性将所编码备份密钥的加密分裂分发给选定的人员。 分配计划指定要生成的密码分割数M,以及恢复备份密钥所需的密码分割数N。 系统过程利用包括系统参数和状态文件的初始化文件,每个文件包括在事务之后反映安全系统的状态的参数。 任何状态文件可用于任何系统进程。 状态文件和init文件由备份密钥编码,从而保护长命的秘密。

    De-identification in visual media data
    4.
    发明授权
    De-identification in visual media data 有权
    视觉媒体数据中的识别

    公开(公告)号:US09147178B2

    公开(公告)日:2015-09-29

    申请号:US13351141

    申请日:2012-01-16

    摘要: A visual media de-identification system is described. The system includes an image merger and a de-identifying engine. The image merger is configured to merge a sequence of images from a set of visual media data into an averaged image. The de-identifying engine is configured to: bound portions of the averaged image that are determined to be relatively fixed, wherein each bounded portion is identified by a corresponding position in the averaged image; generate a template comprising the bounded portions and the corresponding position for each bounded portion in the averaged image; and de-identify the sequence of images by obfuscating content in the bounded portions.

    摘要翻译: 描述了视觉媒体去识别系统。 该系统包括图像合并和去识别引擎。 图像合并被配置为将来自一组可视媒体数据的图像序列合并成平均图像。 去识别引擎被配置为:被确定为相对固定的平均图像的结合部分,其中每个有界部分由平均图像中的相应位置标识; 生成包含有界部分的模板和平均图像中每个有界部分的对应位置; 并通过在有界部分中混淆内容来去除识别图像序列。

    EXTENDING THE NUMBER OF APPLICATIONS FOR ACCESSING PROTECTED CONTENT IN A MEDIA USING MEDIA KEY BLOCKS
    5.
    发明申请
    EXTENDING THE NUMBER OF APPLICATIONS FOR ACCESSING PROTECTED CONTENT IN A MEDIA USING MEDIA KEY BLOCKS 有权
    使用媒体关键块扩展访问媒体中保护内容的应用数量

    公开(公告)号:US20140052996A1

    公开(公告)日:2014-02-20

    申请号:US13586861

    申请日:2012-08-15

    IPC分类号: G06F21/24

    CPC分类号: G06F21/10

    摘要: Embodiments of the invention relate to digital content protection for recordable media using encryption and decryption based on device keys in the media. The invention increases the number of extended applications supported the media key blocks and facilitates the assignment of the applications to the media key blocks. One aspect of the invention concerns a method that comprises assigning a first media key block in a protected area of the media for extended applications accessing protected content, processing the first media key block with a first device key set to generate a first media key, and for each extended application, creating a second media key block in a protected area of the media. The second media key block is processed to generate a second media key. A content-accessing device processes the first and second media keys in order to access protected content.

    摘要翻译: 本发明的实施例涉及使用基于媒体中的设备密钥的加密和解密的可记录介质的数字内容保护。 本发明增加了支持媒体密钥块的扩展应用的数量,并且有助于将应用分配给媒体密钥块。 本发明的一个方面涉及一种方法,其包括在媒体的保护区域中分配第一媒体密钥块以用于访问受保护内容的扩展应用,利用第一设备密钥集来处理第一媒体密钥块以生成第一媒体密钥,以及 对于每个扩展应用,在媒体的保护区域中创建第二媒体密钥块。 第二媒体密钥块被处理以产生第二媒体密钥。 内容访问设备处理第一和第二媒体密钥以访问受保护的内容。

    DE-IDENTIFICATION IN VISUAL MEDIA DATA
    6.
    发明申请
    DE-IDENTIFICATION IN VISUAL MEDIA DATA 有权
    视觉媒体数据中的识别

    公开(公告)号:US20130182006A1

    公开(公告)日:2013-07-18

    申请号:US13351141

    申请日:2012-01-16

    IPC分类号: G09G5/00

    摘要: A visual media de-identification system is described. The system includes an image merger and a de-identifying engine. The image merger is configured to merge a sequence of images from a set of visual media data into an averaged image. The de-identifying engine is configured to: bound portions of the averaged image that are determined to be relatively fixed, wherein each bounded portion is identified by a corresponding position in the averaged image; generate a template comprising the bounded portions and the corresponding position for each bounded portion in the averaged image; and de-identify the sequence of images by obfuscating content in the bounded portions.

    摘要翻译: 描述了视觉媒体去识别系统。 该系统包括图像合并和去识别引擎。 图像合并被配置为将来自一组可视媒体数据的图像序列合并成平均图像。 去识别引擎被配置为:被确定为相对固定的平均图像的结合部分,其中每个有界部分由平均图像中的对应位置标识; 生成包含有界部分的模板和平均图像中每个有界部分的对应位置; 并通过在有界部分中混淆内容来去除识别图像序列。

    System and method for protecting data in a secure system
    7.
    发明授权
    System and method for protecting data in a secure system 有权
    用于在安全系统中保护数据的系统和方法

    公开(公告)号:US07860246B2

    公开(公告)日:2010-12-28

    申请号:US11555605

    申请日:2006-11-01

    IPC分类号: H04L9/00 H04N7/167

    摘要: A system for protecting data in a security system generates and encodes a backup key for encoding long-lived secrets. The system generates a distribution plan for distributing cryptographic splits of the encoded backup key to selected persons based on geographic and organizational diversity. The distribution plan specifies a number M of the cryptographic splits to be generated and a number N of the cryptographic splits required to recover the backup key. The system processes utilize an init file comprising system parameters and state files each comprising parameters reflecting a state of the secure system after a transaction. Any of the state files may be used for any of the system processes. The state files and the init file are encoded by the backup key, thus protecting the long-lived secrets.

    摘要翻译: 用于保护安全系统中的数据的系统生成并编码用于编码长寿命秘密的备份密钥。 系统生成分配计划,用于根据地理和组织多样性将所编码备份密钥的加密分裂分发给选定的人员。 分配计划指定要生成的密码分割数M,以及恢复备份密钥所需的密码分割数N。 系统过程利用包括系统参数和状态文件的初始化文件,每个文件包括在事务之后反映安全系统的状态的参数。 任何状态文件可用于任何系统进程。 状态文件和init文件由备份密钥编码,从而保护长命的秘密。

    System for directing relevance-ranked data objects to computer users
    8.
    发明授权
    System for directing relevance-ranked data objects to computer users 失效
    将相关性排名的数据对象引导到计算机用户的系统

    公开(公告)号:US5724567A

    公开(公告)日:1998-03-03

    申请号:US231656

    申请日:1994-04-25

    IPC分类号: G06F17/30

    摘要: An information access system stores items of information in an unstructured global database. When a user requests access to the system, the system delivers to that user an identification of only those items of information which are believed to be relevant to the user's interest. The determination as to the items of information that are relevant to a user is carried out by ranking each available item in accordance with any one or more techniques. In one approach, the content of each document is matched with an adaptive profile of a user's interest. In another approach, a feedback mechanism is provided to allow users to indicate their degree of interest in each item of information. These indications are used to determine whether other users, who have similar or dissimilar interests, will find a particular item to be relevant.

    摘要翻译: 信息访问系统将信息项存储在非结构化全局数据库中。 当用户请求访问系统时,系统向该用户提供仅被认为与用户兴趣相关的那些信息项的标识。 通过根据任何一种或多种技术对每个可用项目进行排序来执行与用户相关的信息项的确定。 在一种方法中,每个文档的内容与用户兴趣的自适应简档相匹配。 在另一种方法中,提供反馈机制以允许用户在每个信息项中指示他们的兴趣程度。 这些指示用于确定其他具有相似或不同利益的用户是否会发现特定项目是相关的。

    Extending the number of applications for accessing protected content in a media using media key blocks
    9.
    发明授权
    Extending the number of applications for accessing protected content in a media using media key blocks 有权
    使用媒体密钥块扩展访问媒体中受保护内容的应用数量

    公开(公告)号:US08782440B2

    公开(公告)日:2014-07-15

    申请号:US13586861

    申请日:2012-08-15

    CPC分类号: G06F21/10

    摘要: Embodiments of the invention relate to digital content protection for recordable media using encryption and decryption based on device keys in the media. The invention increases the number of extended applications supported the media key blocks and facilitates the assignment of the applications to the media key blocks. One aspect of the invention concerns a method that comprises assigning a first media key block in a protected area of the media for extended applications accessing protected content, processing the first media key block with a first device key set to generate a first media key, and for each extended application, creating a second media key block in a protected area of the media. The second media key block is processed to generate a second media key. A content-accessing device processes the first and second media keys in order to access protected content.

    摘要翻译: 本发明的实施例涉及使用基于媒体中的设备密钥的加密和解密的可记录介质的数字内容保护。 本发明增加了支持媒体密钥块的扩展应用的数量,并且有助于将应用分配给媒体密钥块。 本发明的一个方面涉及一种方法,其包括在媒体的保护区域中分配第一媒体密钥块以用于访问受保护内容的扩展应用,用第一设备密钥集处理第一媒体密钥块以生成第一媒体密钥,以及 对于每个扩展应用,在媒体的保护区域中创建第二媒体密钥块。 第二媒体密钥块被处理以产生第二媒体密钥。 内容访问设备处理第一和第二媒体密钥以访问受保护的内容。

    REBINDING OF CONTENT TITLE KEYS IN CLUSTERS OF DEVICES WITH DISTINCT SECURITY LEVELS
    10.
    发明申请
    REBINDING OF CONTENT TITLE KEYS IN CLUSTERS OF DEVICES WITH DISTINCT SECURITY LEVELS 有权
    在具有不同安全级别的设备集群中重新配置内容标签

    公开(公告)号:US20110158404A1

    公开(公告)日:2011-06-30

    申请号:US12651382

    申请日:2009-12-31

    IPC分类号: H04L9/00

    摘要: According to one embodiment of the present invention, a system, method, and computer program product is provided for rebinding title keys in clusters of devices with distinct security levels in broadcast encryption systems. The method includes receiving a new management key and unbinding an encrypted title key with a previously used management key, the title key having a security class and residing in a title key block for a device having a security class, the device being in a cluster of devices including devices having a plurality of security classes. If the device security class is lower that the title key security class, the unbound title key is partially rebound with the new management key. the partially rebound title key is then saved in the title key block for the device.

    摘要翻译: 根据本发明的一个实施例,提供了一种系统,方法和计算机程序产品,用于在广播加密系统中具有不同安全级别的设备群中重新标识标题密钥。 所述方法包括:接收新的管理密钥,并将加密的标题密钥与先前使用的管理密钥解除绑定,所述标题密钥具有安全级别,并且驻留在具有安全等级的设备的标题密钥块中,所述设备处于 设备包括具有多个安全等级的设备。 如果设备安全级别低于标题密钥安全级别,则使用新的管理密钥部分地弹出未绑定的标题密钥。 然后将部分反弹的标题密钥保存在设备的标题密钥块中。