1588results about "Digital-analogue convertors" patented technology

System and methodology providing a secure workspace environment is described. In one embodiment, for example, in a computer system, a method is described for creating a secured workspace within an existing operating system for allowing users to run applications in a secured manner, the method comprises steps of: creating a policy for configuring the secured workspace, the policy specifying how information created during operation of the applications may be accessed; hooking particular functions of the operating system in order to obtain control over the information created during operation of the applications; during operation of the applications, encrypting the information to prevent unauthorized access; in response to a request for access to the information, determining whether the request complies with the policy; and if the request complies with the policy, satisfying the request by providing access to a decrypted copy of the information.

Data at a primary storage system is encrypted and remote copied to a secondary storage system. A Remote Copy Configuration Information (RCCI) is created that identifies the encryption mechanism, keys, data source volume, and target volume for the remote copy. The RCCI is backed up on a trusted computer system. In one embodiment, the secondary storage system is an off-site data storage system managed by a third party. Upon detection of a failure in the primary storage system, the encrypted data and RCCI are transferred to a tertiary server, which is optionally created upon detection of the failure, and operations of the failed primary server are resumed by the tertiary server. In one embodiment, the failure is detected by loss of a heart beat signal transmitted from the primary storage system to a management server that initiates the transfers to the tertiary server.

This invention provides an automatic authentication method and system in a print process, which can obviate the need for user's input operations of the user ID and password and can improve security since authentication is automatically done based on print information embedded in a file or information from an application program without any user's input.

In a print process that requires user authentication, a printer driver extracts information related to an application and/or a document for the print process as attribute information, and user authentication is made by comparing the attribute information with information stored in a user registration information database of a server. If user authentication has succeeded, the printer driver controls a printer to print, and the server manages and stores accounting information and the like for respective departments in a department management information database.

The objective of this invention is to provide continuous remote authenticated operations for ensuring proper content processing and management in remote untrusted computing environment. The method is based on using a program that was hidden within the content protection program at the remote untrusted computing environment, e.g., an end station. The hidden program can be updated dynamically and it includes an inseparable and interlocked functionality for generating a pseudo random sequence of security signals. Only the media server that sends the content knows how the pseudo-random sequence of security signals were generated; therefore, the media server is able to check the validity of the security signals, and thereby, verify the authenticity of the programs used to process content at the remote untrusted computing environment. If the verification operation fails, the media server will stop the transmission of content to the remote untrusted computing environment.

An information receiving apparatus receives identification information and encrypted identification information and makes a comparison between them to allow prevention of illegal utilization of contents data. Also, a data storage apparatus can record contents data encrypted by a content key and the content key so that the contents data can be reproduced on other apparatuses to improve versatility. Moreover, a management apparatus can manage the contents data in the data storage apparatus to allow other apparatuses to utilize it. And also, an information regulating apparatus can verify a signature on available data to prevent illegal utilization of the contents data. Furthermore, the data storage apparatus can store the content key, its handling policies, the contents data encrypted by the content key and its license conditions information so as to safely provide the contents data. In addition, an information recording apparatus can select favorite contents data and store it on the data storage apparatus. Furthermore, the information receiving apparatus can prevent utilization of provision-prohibited contents data by a provision prohibition list.

A system and method for providing, managing, and accessing a multi-user secure portable database using secure memory cards is provided. The database has a secure portion for storing security keys and a non-secure portion for encrypted data files. Access to the encrypted data files is controlled by assigning access rights through an access control matrix to each encrypted data file according to a hierarchical structure of users. A user requesting access is identified in the hierarchy, associated with a key for allowing the requested access, and the requested access allowed to a file in accordance with the rights allocated through the access control matrix. A patient can selectively grant access to encrypted medical records on his card to a physician. Authentication of the owner/patient is preferably required. Other records required by emergency medical personnel are readable from the same card without requiring permission from the patient.

An arbitrary waveform generator (AWG) for producing an analog output current signal includes a random access memory (RAM), a programmable logic device (PLD), a programmable pattern generator, several digital-to analog converters (DACS) and a current multiplexer. The RAM store data sequences representing the analog waveform to be generated. The pattern generator read addresses the RAM causing it to sequentially read out its stored data sequence to the PLD. The PLD routes selected fields of each data sequence word to one or more of the DACs in response to timing signals provided by the pattern generator. Each DAC produces an output current of magnitude determined by its input waveform and range data. The pattern generator also signals the analog multiplexer to sum currents produced by one or more selected DACs to produce the AWG output waveform. The nature of the AWG output waveform is flexibly determined by the nature of the data sequence and the frequency at which it is read out of the RAM, the manner in which the PLD routes the data sequence to the DACs, the value of the range data supplied to each DAC, and the output pattern generated by the pattern generator. The flexible AWG architecture permits the AWG to be appropriately configured for various combinations of output waveform frequency, bandwidth and resolution requirements.

A method for executing on a first computer an application having an installed image prepared on a second computer, wherein the installed image is virtually installed on the first computer, is disclosed. The method includes emulating on the first computer a native environment of the second computer. The method further includes detecting an operation of the application upon data, wherein the operation requires an operation on data located on the first computer, and wherein a copy of the data is located in the virtually installed image. The method further includes directing the operation of the application to operate on the data located in the virtually installed image.

Disclosed is a method of authorizing access to an item that maintains a lockout count and blocks access to the item if the lockout count exceeds a predetermined value. One feature is that the invention “variably” increments the lockout count if the presented password fails to exactly match the stored password. In this process the invention increments the lockout count different amounts depending upon how closely the presented password matches the stored password. The invention also provides a methodology that allocates a plurality of the same passwords to a plurality of users who share the same userid. The invention allows continuous operation of the item being accessed by providing that each of the passwords has a different expiration date. Also, when dealing with situations where a plurality of users who share the same userid also share the same password, the invention maps information associated with the users to the password in a data file and periodically updates the data file.

A system and methods for providing digital content on mobile devices is described. User interfaces and methods for requesting, presentation, communication and storage of digital content are also described.

A piracy protection system incorporates tamper detection capabilities into a protected copy of an application by disassembling a statically linked binary of the application, modifying some of the instructions in the application, and then rewriting all of the modified and unmodified instructions to a new executable file, a protected copy. The piracy protection system comprises an offline tamper detection technique in which the software itself detects the tampering and causes the program to fail, therefore protecting itself from malicious attacks. The system further comprises a dynamic software-watermarking process that incorporates code obfuscation to prevent reverse engineering.

A method and apparatus for generating user group identifiers using a permissions matrix is disclosed. The permissions matrix includes an entry that is associated with a row and a column of the permissions matrix. The row of the permissions matrix is indexed with a first role and the column of the permissions matrix is indexed with a second role. A data structure implementing such a method can include, for example, a user group identifier matrix. Alternatively, a method is disclosed in which the expiration of a user group identifier is detected. In such a case, the user group identifier is updated by accessing a user group identifier matrix.

The invention relates to a method of preparing signals (X and Y) to be compared to establish predistortion at the input of an amplifier (12), the signals comprising a signal (X) before amplification and a signal (Y) after amplification by said amplifier. Preparation includes time aligning (22) the signal before amplification (X) with the signal after amplification (Y) before using them to establish said predistortion. The invention preferably operates in two stages, namely a stage of coarse time alignment, in which the signal before amplification (X) is subjected to a time delay comprising an integer number of first time units, and a stage of fine time alignment, in which a delay or advance value of a fraction of the first time unit is determined.

A secure e-mail service, executable on a recipient e-mail server or associated computer system, implements inverted security control over recipient content stored by the recipient e-mail server. Recipient content is received in conjunction with e-mail messages transmitted directed to recipients from sender computer systems unassociated with the secure e-mail service. The secure e-mail service includes a policy engine that operates on e-mail messages, as received from a communications network, to evaluate metadata features of the message and select a corresponding encryption key. The service further includes a content processing engine that operates to encrypt a portion of the message in a manner that allows subsequent decryption of said portion using the selected encryption key. A service interface enables transfer of the e-mail message, including the portion as encrypted, to the recipient e-mail server, which supports access by the recipients.

A method for managing access to electronic documents, wherein the documents include code scripts executable by, the documents being viewable by recipients only when viewed in a the document viewer upon satisfaction of an access policy embedded in the document, the method comprising the steps of opening the document for viewing in the document viewer by the recipient; executing the code to obscure viewing of selected pages of a the document upon the document being opened; communicating with an authentication server, by the viewer, for authenticating the recipient upon the recipient attempting to read the document; and unobscuring the selected pages by the viewer upon receipt of the recipient authentication.

When settling a purchase price, a troublesome input is omitted and an input mistake or the like is prevented. The content data delivery server 42 makes the QR code generation unit 49 generate a QR code including encoded URL data of the settlement unit 70, a medium identifier data IDm and so forth. The QR code is displayed on a display 26.

After imaging the displayed QR code by a CCD camera 58, the QR code is analyzed and a data is read therefrom. It is transmitted to a settlement server 71 and a settlement request is performed.

According to the invention, a system and an apparatus to use the One-Touch button on a mobile hand-held device to generate one time passwords (OTP) are disclosed. Components of this system comprise: a mobile hand-held device, a built-in One-Touch button on the mobile device, a Global Authentication Server, and an OTP Generation engine installed and ran on the mobile device. The mobile device user only needs to push the One-Touch button and an OTP is generated. The OTP is generated on the mobile device by the OTP generation engine after a secure key exchange process is performed between the remote Global Authentication Server and the mobile device. The mobile device is registered to use online web services that recognize the OTP through the Global Authentication Service. Online web services require that the user enter a combination of the user's known password and OTP for identity assurance. As a result of this invention, users will quickly adopt the two-factor authentication method as a central means to identify themselves.

To provide a packet transmitter apparatus which can transmit contents protected by a content protection technique such as DTCP or the like, using packets such as IP packets which have become widespread.

The packet transmitter apparatus includes a transmitting condition setting management unit (404) which extracts at least one of charge information, playback control information and copy control information of AV data from the inputted non-AV data or AV data and generates, based on the extracted information, encryption mode information indicating an encryption mode which becomes a condition at the time of transmitting the AV data; an encrypted data generation unit (406) which generates encrypted data by encrypting, based on the transmitting condition, the inputted AV data and adding encryption information headers based on the encryption mode information to the encrypted AV data; and a packet generation unit (403) which generates packets by adding packet headers to the generated encrypted data. The transmitting condition is to be determined as a combination of input terminal information, data format information and attribute information.

A method for protecting content including providing a host, a player, a communications link between host and player for communicating content therebetween, a recordable medium adapted to be played by and recorded to by the player, and an encrypted item of content, and producing a secure content license corresponding to the content, the license including a key for accessing the content, a permission list for determining whether the host or the player is allowed to access the content under pre-defined circumstances, the circumstances including a type of use of the encrypted content, an identification of the recordable medium, the recordable medium identification generated in accordance with a predefined recordable medium identification generation algorithm, and describing at least one physical characteristic of the recordable medium, and an identification of the content, the item identification describing at least one data characteristic of the content.

A secure database appliance leverages database security in a consistent framework provides consistent, flexible, and adaptable security using mandatory access controls in addition to user and role based security for access control and accountability. A database system communicatively connected to a plurality of network domains, each network domain having a level of security, the database system comprises at least one database accessible from all of the plurality of network domains, the database comprising data, each unit of data having a level of security and access control security operable to provide access to a unit of data in the database to a network domain based on the level of security of the network domain and based on the level of security of the unit of data.

An enhancement that reduces the digital interface rate of analog-to-digital (A/D) and digital-to-analog (D/A) converters through the use of compression and decompression is described. The present invention improves A/D converters by compressing the sampled version of the A/D converter's analog input signal in real time, thereby significantly decreasing the required bit rate of the A/D converter's digital interface. Similarly, the present invention improves D/A converters by decreasing the required bit rate of the D/A converter's digital interface. D/A converters enhanced by the present invention include a decompressor that decompresses the D/A converter's compressed digital input in real time, prior to conversion to an analog output signal. The present invention's simplicity and its ability to be implemented using multiple compression and decompression elements allow its use in A/D and D/A converters with arbitrarily high sampling rates. By selecting a desired compression ratio during lossy compression, users of the present invention can precisely control the bit rate of the A/D and D/A converter's digital interface. Users of the present invention can dynamically choose the desired balance between the quality and the bit rate of A/D and D/A converters by adjusting various compression and decompression control parameters.

An Organizational Role-based Access Controlled Management System capable of controlling role-based access within an organization allows system analysts or managers to build and control access roles for the various application systems within an organization. This system can also allow an end-user to choose the functions of the application systems and logon rights associated with the role. The system includes one or more personal computers and a server based on an event-driven mechanism. System analysts and end-users access synchronized data to manage the end-users' access roles. This system allows a system analyst to build and limit “set and set” relationships, as well as “member and set” relationships to pass information and manage organizational networks, roles, functions, privileges, etc. Different roles under various application systems can have different access rights and functions assigned. This system breaks away from the limitation of the conventional RBAC (Role Based Access Control) and allows system analysts to manage and adapt access roles according to the practical needs of different users and their complicated relationships to the organization and one another.

D/A converter of this invention including n+1 capacitors in total consisting of one terminating capacitor (C0) and n binary-weighted capacitors (C1-4) that are subjected to binary weighting ratio of 1:2:4: . . . :2⁽ⁿ⁻¹⁾, and, an inverting amplifier (INV1), further comprising: a feedback switching means (SWR5) provided between the input and output of the inverting amplifier (INV1); a switching means for terminating operation (SWR0) supplies one of two main reference voltages (VB,VT) to the terminating capacitor (C0), and then, makes connection of the terminating capacitor (C0) to the output of the inverting amplifier (INV1); a plurality of switching means for input operation (SWD1-4,SWR1-4) makes selection of one of the two main reference voltages (VB,VT) to be provided for the n binary-weighted capacitors (C1-4) depending on digital data (D1-4), and then, makes connection of the second terminal side of the n binary-weighted capacitors (C1-4) to the output of the inverting amplifier (INV1).

Systems and methods receive a digital signal and generate an analog signal indicative thereof. In one embodiment, a system includes a DAC that receives a multi-bit digital signal, generates at least two analog signals each indicative of the value of the multi-bit digital signal, and filters two or more of the at least two analog signals. In another embodiment, a system includes a DAC that receives digital input signals at an input data rate and outputs analog signals indicative of the digital signals to a signal conditioning stage at an output data rate different than the input data rate.

A DA converter includes a first DA conversion section for obtaining an analog output signal in accordance with a digital input signal value, and a second DA conversion section for obtaining an analog gain control output signal in accordance with a digital gain control input signal value. In the DA converter, the gain control of the analog output signal generated by the first DA conversion section is performed on the basis of the gain control output signal generated by the second DA conversion section.

A digital to analog converter includes a digital processor having an input port adapted to receive an input signal and an output port coupled to an input port of an analog filter wherein the digital processor includes a digital feedback loop which compares a reference digital voltage with a digital voltage provided by a digital model of the analog filter. Using a completely digital feedback loop which compares an input digital voltage with the digital voltage from the digital model of the analog filter results in a single bit digital to analog converter having improved accuracy for a given clock rate and filter. The next digital state of the converter (i.e. ‘0’ or ‘1’) is selected based upon a comparison of the input (or reference) voltage with the digital voltage provided by the digital feedback loop. The digital converter output is then fed to the analog filter. If the analog filter matches the digital model, then the analog voltage will match the digital voltage, and therefore the reference voltage.

A transmitter architecture includes an equalizer and a D/A converter, for high-speed transmission of data across a channel. The equalizer includes a two-tap MAC as part of an N-stage, two-way interleaved FIR filter. The two-tap MAC provides substantial power and area savings over conventional MAC-based FIR filter designs, and may be implemented in short or long communications channels. The D/A converter is decoupled from the equalizer. Its N-bit, binary-weighted driver includes matched unit current generation cells, all of which are fully utilized during each digital-to-analog conversion. The D/A converter remains unchanged, even when the characteristics of the equalizer are changed.

A multicasting authorization system comprises a streaming server, an authorization server, a user system and a distribution server. The distribution server provides a multicast data stream over multicast channels. A user system requests and receives an authorization code from an authorization server to receive the multicast data stream, and provides the authorization code to a streaming server. A streaming server, coupled to both an authorization server and a user system sends start up information for accessing the multicast data stream to the user system upon validation of the authorization code. The multicast datastream is encrypted and the user system maintains a connection with the authorization server which provides a cryptographic key for use in decrypting the encrypted multicast datastream.

A data processing device having data input unit for inputting data, a first processor, and a second processor. The first processor is set up for receiving and processing data which are input into the data input unit in a first data input mode, and the second processor is set up for receiving and processing data which are input into the data input unit in a second, security-related data input mode.

Methods and apparatus are described herein that make use of complex tuning, the inherently repetitive nature of sampled signals, and programmable digital filtering to create a flexible digital up-conversion system that utilizes a digital-to-analog converter (DAC) with a fixed effective sample rate while still being adapted for tunability over a wide frequency range. With a knowledge of the fixed effective sample rate of the DAC and a desired frequency of up-conversion and combining complex tuning at baseband and up-sampling by a factor of N with a programmable passband filter configured to select one of a plurality of signal images resulting from the up-sampling, it is possible to translate a baseband input signal to a wide range of frequencies above or below F_s, without changing the sampling rate of the fixed rate DAC used in the up-conversion process.