A method for providing access to media content is performed at a device with a processor and memory storing instructions for execution by the processor. The method includes receiving, from a client device, a request for access to a media item. The method further includes obtaining user information associated with a user identifier corresponding to the request. Obtaining the user information includes, if the user identifier corresponds to a first type of user identifier, retrieving the user information from a database; and if the user identifier corresponds to a second type of user identifier different from the first type of user identifier, extracting the user information from the user identifier. The method further includes performing a media access operation based on the request and the user information associated with the user identifier.

One embodiment provides a system that facilitates mutating and caching content in a CCN. During operation, the system receives, by an intermediate node, a content object that indicates an encrypted payload, a signature, and a parameter for a group to which the content object belongs, wherein the content object includes a name that is a hierarchically structured variable length identifier which comprises contiguous name components ordered from a most general level to a most specific level. The system re-encrypts the content object based on the encrypted payload and the parameter to obtain a new encrypted payload and a new signature, wherein re-encrypting is not based on a private key or a public key associated with the encrypted payload. The system transmits the re-encrypted content object to a client computing device, thereby allowing the client computing device to decrypt the re-encrypted content object and verify the new signature.

Systems and methods for quick start-up of playback in accordance with embodiments of the invention are disclosed. Media content may be encoded in a plurality of alternative streams and a quick start-up stream. The quick start-up stream may include media content that is encoded at a lower quality that the alternative streams and may be encrypted with a different, less secure encryption process than that of the alternative streams. During a start-up of playback, the playback device streams the media content from a quick start-up stream until a metric, such as a decryption key for the alternative streams is met. The device then streams the media content from the alternative streams in response to the metric being met.

A method, system and computer program product for delivering a digital identity document. A request is received to purchase a digital identity document from a user by a system. An acquisition uniform resource locator (URL) with parameters corresponding to the identity of the user and the requested digital identity document is created and provided to the user. The user utilizes the received URL to communicate with an issuer to request the digital identity document. The system then receives the requested digital identity document in encrypted form from the issuer. The system then delivers the encrypted digital identity document to the user. In this manner, the system can deliver to the user an identity document in digital form that has been vetted as trusted in a secure manner thereby reducing the number of occurrences in providing improper identity documents as well as lessening the ability to generate falsified identity documents.

Methods and systems for distributed data verification between a relying party server and a client device using data attested by at least one attestation server. Entities are loosely coupled, while still allowing for authentication data and transaction data to be tightly coupled in any given interaction. There need not be any prior relationships between relying parties and attestation servers, or between relying parties and users. A common syntax enables a relying party to define what types of attested data items will be accepted for a particular transaction, without having to predetermine all possible sources of identification a user may wish to provide. The relying party may not know the source of the attested data items a priori, but can nevertheless determine if they are satisfactory once they are received.

A secure method for transmitting a control word between a server and a plurality of processing entities so as to respectively produce and utilize the control word. Preferably such a method is applied to the field of conditional access methods and systems for preventing the fraudulent use of compromised decryption keys resulting from a coalition of pirate hackers.

A cryptographic scheme to provide sender identification on an automotive on-board communication bus has been recently introduced. That protocol is vulnerable to a malicious gateway though. This methodology uses hash-chains to provide sender identification in an automotive on-board communication bus that can be applied to protect the entire communication bus and allows the use of network gateways.

The present invention relates to a method and a system for providing a cloud-based application security service. The system for providing the cloud-based application security service according to the present invention includes: a client device including a compiler, an execution package composition unit, an uploader, and a downloader; and a cloud device including an execution package decomposition unit, a security library providing unit, a security library application unit, and an execution package recomposition unit, thereby, based on a cloud, providing convenience in security application and rapid action against hacker attacks.

Described herein are methods, systems, and software for encrypting and erasing data objects in a content node. In one example, a method of operating a content node that caches content divided into one or more data objects includes encrypting the one or more data objects using separate encryption keys for each of the one or more data objects, the separate encryption keys comprising a common portion shared by the one or more data objects and an individualized portion unique to each data object. The method further provides receiving a purge request to erase at least one data object and, responsive to the purge request, erasing at least one of the common portion or the individualized portion for the at least one data object based on the purge request.

A system for packaging digital media and distributing digital media to exhibitors is described, which system enables distribution by utilizing media content booking, media content packaging, encryption, and delivery components.