A system (400), device (101) (202) (401-404) and method are provided to purchase, download and obtain transferable rights to play content using a mobile telephone. In an alternative embodiment, the mobile telephone is used to purchase content, which then is downloaded using other channels, i.e., a broadband using other consumer devices (202) (401-404) and played by these other devices (202) (401-404).

A method of receiving and executing a secret software (G) on data in a secure enclave of a first device (DO) includes the following steps implemented in the secure enclave, that is to say a step of generating a public key (B), a step of receiving the encrypted secret software (G.sub.s) coming from a second device (AP), a step of decrypting the encrypted secret software (G.sub.s) from a key (K; P) depending of the public key (B, a step of receiving data; and a step of executing the secret software (G) using the data.

Systems, methods, and media for optimizing and facilitating 3D printing services in a marketplace environment are provided. In one example, a system comprises a hosting system to enhance a 3D printing service marketplace environment including marketplace participants and a federated network of 3D printing service providers. In one aspect, operations include receiving a 3D printing request to print a 3D object selected from among a selection of 3D objects, responsive to the 3D printing request and the 3D object selected from among the selection of 3D objects, listing at least some of the 3D printing service providers based on a 3D printer identifier metric, wherein the 3D printer identifier metric includes one or more of a 3D printing quality metric, a 3D printer model number, a 3D printer serial number, and a 3D digital model type. The operations further include receiving a selection of a preferred 3D printing service provider from among the list of at least some of the 3D printing service providers.

The present invention relates to a system for rendering a content, the rendering of which is subject to conditional access security conditions. A system is described, comprising a host device and a detachable security device, the security device configured to decrypt the encrypted content, re-encrypt it under a local key and to deliver the re-encrypted content to the host device while ensuring that the host device applies or otherwise enforces any conditions associated with the rendering of the content.

A solution is proposed for monitoring usage of bundles in the OSGi environment. For this purpose, an event notification interface of the OSGi environment is exploited. Particularly, each event relating to a change of state of a bundle (such as its addition, removal, starting and stopping) is detected by an auxiliary bundle—which previously subscribed to the event notification interface. The auxiliary bundle can then forward the detected events to a licensing agent, which identifies the bundle by means of a software catalogue. In this way, the desired result is achieved without requiring any instrumentation of the bundles to be monitored.

The apparatus disclosed herein, in various aspects, includes a digital asset, and an amulet that comprises an encrypted self-validating string. The amulet may be external to the digital asset. The apparatus may include a manager that cooperates securely with the digital asset and cooperates securely with the amulet to control access to the digital asset as specified by the amulet. In some aspects, the manager cooperates with the digital asset and with the amulet, at least in part, through shared memory in process space. In other aspects, the manager cooperates with the digital asset and with the amulet, at least in part, through a RAM drive in memory, the RAM drive at least partially hidden from an operating system of the computer. In yet other aspects, the manager cooperates with the digital asset and with the amulet, at least in part, through a virtual machine accessible only by said apparatus. The amulet, the manager, and the digital asset are either operably receivable by a computer or are operably received by the computer, in various aspects. Related methods and compositions of matter are also disclosed.

According to an example aspect of the present invention, there is provided a method, comprising: receiving a cryptographic proof of use indicative of decoding of a first media content element by a user device (400), receiving a cryptographic first expected proof of use value (410), and controlling access to an encrypted second media content element associated with the first media content element on the basis of verification of the received cryptographic proof of use and the first expected proof of use value (420).

A system for protected data storage in a data memory of a computing device includes an encoder and a decoder. The encoder encrypts unencrypted data using encryption information to generate encrypted data, and stores the encrypted data and the encryption information in data memory. The decoder accesses the encrypted data and the encryption information from the data memory, and decrypts the encrypted data using the encryption information to re-generate the unencrypted data. Each time the unencrypted data is read from data memory or the unencrypted data is to be written to the data memory, the encoder re-encrypts the unencrypted data using newer encryption information to generate newer encrypted data, and replaces previous encrypted data and previous encryption information with the newer encrypted data and the newer encryption information, respectively, in the data memory. The encoder and the decoder are integrated, to operate in a single thread of execution.

Systems and methods for dynamic workspace targeting with crowdsourced user context are described. In some embodiments, an Information Handling System (IHS) of a workspace orchestration service may include a processor; and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the IHS to: detect execution of an application in a workspace instantiated by a client IHS; validate the application based upon productivity context information and security context information received from the client IHS; and in response to the validation, distribute the validated application to another workspace instantiated by another client IHS.

A secure programming system and method for provisioning and programming a target payload into a programmable device mounted in a programmer. The programmable device can be authenticated before programming to verify the device is a valid device produced by a silicon vendor. The authentication process can include a challenge-response validation. The target payload can be programmed into the programmable device and linked with an authorized manufacturer. The programmable device can be verified after programming the target payload by verifying the silicon vendor and the authorized manufacturer. The secure programming system can provision different content into different programmable devices simultaneously to create multiple final device types in a single pass.