Methods, systems, and apparatus for blocking screenshots and screen recordings of content are disclosed. A first media content frame is received from a first computer device. It is determined that one or more user interface elements are present in the first media content frame. The user interface elements are extracted from the first media content frame. The user interface elements are converted to video. The video is encrypted to prevent screenshot capture of the one or more user interface elements present in the first media content frame by a second computer device lacking a decryption key when the video is played on a digital screen of the second computer device. A second media content frame is generated including the first media content frame overlaid by the video. The second media content frame is transmitted to the second computer device for the second media content frame to be played.

Methods and systems for providing a visual content gallery within a controlled environment are disclosed herein. A content gallery server receives a content submission from an inmate device within the controlled environment. Further, the content gallery server determines that the content submission does not include prohibited content based on comparing the content submission to a blacklist of prohibited information. When the content submission does not include prohibited content, the content gallery server adds the content submission to a network accessible content gallery corresponding to an inmate associated with the inmate device. Further, authorized friends and family of the inmate may view the content submission and provide comments on the content submission.

Federated systems for issuing playback certifications granting access to technically protected content are described. One embodiment of the system includes a registration server connected to a network, a content server connected to the network and to a trusted system, a first device including a non-volatile memory that is connected to the network and a second device including a non-volatile memory that is connected to the network. In addition, the registration server is configured to provide the first device with a first set of activation information in a first format, the first device is configured to store the first set of activation information in non-volatile memory, the registration server is configured to provide the second device with a second set of activation information in a second format, and the second device is configured to store the second set of activation information in non-volatile memory.

The present invention relates to method of securing a software code comprising at least one constant value, said method generating a secure software code and comprising the steps of: —determining (S1) by a processor in the software code a constant value to be protected, —inserting (S2) by the processor in the software code an indexed array of values such that the constant value to be protected can be determined from one value of the array, —replacing (S3) by the processor in the software code the constant value to be protected by a replacement variable, —inserting (S4) by the processor in the software code a first sequence of instructions which, when executed at runtime: •computes the index in the array of the value from which the constant value to be protected can be determined, •extracts from said array the value located at said computed index in said array, •from said extracted value, determines the constant value to be protected, •sets the value of said replacement variable equal to the determined constant value.

An application analysis platform enables automatic generation of abstract program representations (APRs) that are amenable to static analyzes for finding security vulnerabilities. The APR is generated automatically, preferably from an existing build system or a source repository, and then encapsulated into a binary archival format for consumption by a static analysis tool, which operates on-premises or in the cloud. The abstract program representation is a highly compact version of the actual source code it represents. The archival format obfuscates the source code that is subjected to the analysis, thus protecting it from being reverse-engineered when moved off-premises or otherwise shared with other users, teams and even organizations. Binary archive files generated separately from different source code components may be readily merged and analyzed together to provide more effective static data-flow analysis, even with respect to components that are built on different machines by different teams and at different times.

A method executed by a computer includes receiving an image from a client device. A facial recognition technique is executed against an individual face within the image to obtain a recognized face. Privacy rules are applied to the image, where the privacy rules are associated with privacy settings for a user associated with the recognized face. A privacy protected version of the image is distributed, where the privacy protected version of the image has an altered image feature.

A digital medium environment includes an asset processing application that performs editing of a watermarked asset. An improved asset editing method implemented by the asset processing application comprises receiving a watermarked asset, receiving edits to the watermarked asset, storing metadata corresponding to the edits together with an asset identification (ID), communicating the metadata and asset ID, applying edits using the metadata to an unwatermarked version of the asset retrieved using the asset ID, adding a watermark back to the edited asset, and providing the edited, watermarked asset.

Security and access control is provided for sensor devices, the data captured by sensor devices, and the results of processing and analyzing that data. In one aspect, SceneData related to a Scene is requested from a sensor-side technology stack and at least some of the SceneData is secured, for example by encryption. Different SceneData can be secured separately and at different levels of security, thus providing fine-grained security of the SceneData. In yet another aspect, data security is implemented by a separate privacy management system. In yet another aspect, sensor devices themselves are secured against external network threats. The sensor device includes an execution environment and a separate network management layer that secures the execution environment against threats from the external network. In one implementation, the sensor device is partitioned into a trusted region and a non-trusted region, and the network security stack is implemented in the trusted region.

The present invention relates to a method and a system for providing a cloud-based application security service. The system for providing the cloud-based application security service according to the present invention includes: a client device including a compiler, an execution package composition unit, an uploader, and a downloader; and a cloud device including an execution package decomposition unit, a security library providing unit, a security library application unit, and an execution package recomposition unit, thereby, based on a cloud, providing convenience in security application and rapid action against hacker attacks.

A system for distributing digital content obtained from a variety of sources in a variety of formats is described that utilizes a content distribution system configured to receive and store the content files, convert the content file both into a standardized format file and into a thumbnail file, and associate the content with one or more tags that can signify characteristics or relevant facts about the content file. Users of the system select one or more tags on their remote devices in order that the content distribution system automatically transmit to the remote device thumbnail images of those content files that match the selected tags. Users can then select the thumbnail image in order to cause the system to transmit to the remote device the standardized format version of the content.