Implementations disclose an access control mechanism for peer-to-peer sharing technology. A method includes receiving, by a processing device of a first user device, an encrypted media item and a wrapped encryption key from a second user device via a peer-to-peer connection; transmitting, by the first user device, the wrapped encryption key and a request to a media server to determine whether the first user device is authorized to play the encrypted media item; receiving, from the media server, a response indicating the first user device is authorized to play the encrypted media item, the response comprising an encryption key derived from the wrapped encryption key; and decrypting the encrypted media item using the encryption key to play the media item.

Processing artist artwork authentication and published artwork information at a user computing device comprises an artist artwork authentication and artist information system employing a client device configured to use imaged date converted to text to identify an artist central authority server for authenticating published artworks as well as an artwork unique identifier. The artist artwork authentication and artist information system communicates with the central authority server using the identity of the artist central authority server and requests a public key for the central authority server. The client device, upon receiving the public key, then communicates another message to the central authoritative server that includes an encrypted version of the unique identifier that can be used to identify a piece of artwork and an artist associated with the artwork. The client device receives in response receives information regarding the artwork, information relating to the artist, and other information relevant to the artwork.

A method and apparatus for secure multimedia transfer provides an encrypted data transfer system that makes transferring multimedia content from a client to any incompatible system or to a system outside the location of the client very difficult.

A method of authenticating the legitimacy of a request for a resource from a resource provider by a user, including providing an authentication process in which a resource provider message is received and de-assembled, the integrity of the user request message is confirmed, a result indicator as to the legitimacy of the resource provider message is created by performing two or more authenticity checks, and an authentication result is sent.

The present disclosure relates generally to systems and methods for content authentication. A method can include receiving from a sender system transmitted content (C) and appended content, the appended content including a digital signature associated with the content (C) and a hash tree (“SHT”) associated with the content (C), generating with a signature engine a hash tree (“RHT”) from the content (C), cryptographically verifying the received digital signature to generate a resultant hash value, comparing the resultant hash value to the second hash value of the second root node, determining that the second hash value of the second root node does not match the resultant hash value, identifying a potentially corrupted portion of content (C) via comparison of at least some of the plurality of first nodes of SHT to corresponding second nodes of RHT, and indicating that the digital signature could not be verified.

One embodiment provides a system that facilitates encryption of manifest content based on permutation. During operation, the system partitions, by a computer system, a collection of data into a first set of content objects, wherein a content object is a chunk comprised of a plurality of bytes. The system performs a first permutation function on the first set of content objects to obtain a first set of permuted content objects. The system creates a manifest based on the permuted content objects, wherein a manifest is a content object which indicates a second set of content objects, wherein a respective content object of the second set is a data object or another manifest. The system encodes the first permutation function and the permuted content objects in the manifest, thereby facilitating an authorized entity that receives the manifest to reassemble the manifest contents based on the permutation function.

Techniques are described for ensuring data integrity and authentication of received messages. One technique includes sending a request from a first module to a second module in which the request includes a first portion that is a shared secret encrypted with a public key, obtaining by the second module a private key from a secure and trusted information store, such as a license information store, including license information or other application specific information for the first module, using the private key to decrypt the first portion and obtain the shared secret, sending a response from the second module to the first module in which the response includes authentication data and at least one data item used with the shared secret to determine the authentication data, and performing by the first module verification processing to verify the authentication data included in the response.

Managing access to digital content within a particular domain, including: receiving the digital content at a first client device; decrypting the received digital content at the first client device using a first key; transcoding the digital content to another format; re-encrypting the transcoded content using a second key, wherein the second key is obtained by one of: (1) directly from a server; or (2) indirectly by deriving it locally based on information received from the server; and transmitting the re-encrypted content to a second client device, wherein the second client device obtains the second key and decrypts the re-encrypted content at the second client device.

A storage device is configured to communicate with a host device over a Bluetooth connection. The storage device includes a flash memory, a processor, and a Bluetooth controller. The memory stores at least one permission for determining access to the memory. The processor manages access to the memory, independently of the host device, based on a comparison of a request at the removable storage device to access the memory to at least one permission. The comparison is independent, requiring no management by an operating system of the host device, such that if the at least one permission includes a particular access type that matches the access requested in the request, the processor provides access to the memory.

A method provides a set of credentials for accessing a live event as a spectator. The credentials includes tiered credentials with respect to access privileges from a queue imposed to access the live event. The access privileges specify a queued order based spectator access time and a spectator access duration. The method evaluates the credentials received from users seeking to access the live event as spectators including determining whether a provided credential pertains to a non-owning viewer or an owning viewer of a subject of the live event. The method controls, by a real-time visual media generation engine of a streaming server, the spectator access time and the spectator access duration of each of the users to the live event as the spectators based on the credentials by placing the users in predetermined queuing positions associated with corresponding levels of the credentials. The live event is a living artwork.