A user terminal generates a first key pair and a second key pair, transmits a permission request including a public encryption key of the second key pair after electronically signing the permission request with a secret encryption key, and acquires, from permission information transmitted from a right-holder terminal, a content decryption key by using a secret decryption key of the second key pair and uses the content. The right-holder terminal stores a third key pair and the content decryption key, verifies the permission request received, and encrypts the content decryption key by using the public encryption key of the second key pair included in the permission request and transmits the permission information including the encrypted content decryption key after electronically signing the permission information with a secret encryption key of the third key pair. The permission request and the permission information are transmitted and received via a blockchain.

One example method includes receiving, by a client computing device, a request to open a superfile stored in a memory device at the client computing device, the superfile comprising encrypted content, the request comprising user credential information; in response to receiving the request to open the superfile, communicating, by the client computing device, a request to a remote server to access the superfile, the request including a credential associated with the user account; receiving, from the remote server, cryptographic information; decrypting, using the cryptographic information, the encrypted content; accessing and presenting the decrypted content; and maintaining communications with the remote server while the decrypted content is accessed.

Methods and systems for caching and delivering data contents among peer nodes in a decentralized data delivery edge network are disclosed. The network comprises peer-to-peer (P2P) connections implemented on top of a content delivery network (CDN) having CDN servers that provide data resources to network nodes. Such a hybrid network comprises viewer peer nodes, edge cacher peer nodes, tracker servers, and a payment service module. An edge cacher peer node sends its client statistics to a tracker server, wherein the client statistics comprises a cacher location and a performance specification. In return, the tracker server provides caching instructions according to which the edge cacher peer node downloads fragments of a data file from a CDN server, for later transmission to other viewer peer nodes within the decentralized data delivery edge network.

A solution is proposed for controlling access to data that are broadcast over a telecommunication medium. A corresponding method comprises validating by a plurality of validator devices an access request that is submitted by an access device for accessing the data. The validator devices update a blockchain by adding a new block comprising an indication of the access request in response to a positive result of its validation. A provider system transmits cryptographic information for decrypting the data to the access device in response to the new block. A corresponding method for broadcasting data by a provider system and a corresponding method for accessing broadcast data by an access device are proposed. Corresponding computer programs and computer program products for performing the methods are also proposed. Moreover, corresponding structure, provider system and access device are proposed.

A method includes: When a first electronic device does not initiate synchronization with a second electronic device, the first electronic device detects a first operation of a user. In response to the first operation, the first electronic device adds first photo information to a first shared album of the first electronic device. When the first electronic device initiates synchronization with the second electronic device, the first electronic device sends, to the second electronic device, a first request message for adding the first photo information. In this way, after receiving a first request response message that is sent by the second electronic device and that is used for refusing to add the first photo information, the first electronic device deletes the first photo information from the first shared album.

Systems and methods for authentication generate keys from secret credentials shared between authenticating parties and authenticators. Generation of the keys may involve utilizing specialized information in the form of parameters that are used to specialize keys. Keys and/or information derived from keys held by multiple authorities may be used to generate other keys such that signatures requiring such keys and/or information can be verified without access to the keys. Keys may also be derived to form a hierarchy of keys that are distributed such that a key holder's ability to decrypt data depends on the key's position in the hierarchy relative to the position of a key used to encrypt the data. Key hierarchies may also be used to distribute key sets to content processing devices to enable the devices to decrypt content such that sources or potential sources of unauthorized content are identifiable from the decrypted content.

One or more embodiments of the present specification provide methods and apparatuses for copyright allocation for a blockchain-based work, which are applied to a blockchain network that includes an original author client device, a co-creation participating user client device, and a first node device. The method includes the following: obtaining, by the first node device, a first target transaction from a distributed database of the blockchain, where the first target transaction includes co-creation participating behavior data of the co-creation participating user for a target work, and the target work is originally created by the original author; and invoking a smart contract corresponding to copyright allocation for the target work, executing logic declared in the smart contract for allocating a copyright share to the co-creation participating user based on the co-creation participating behavior data, and allocating a copyright share of the target work to the co-creation participating user.

An example operation includes one or more of detecting, by a validation service node, an access of a block on a blockchain ledger, accessing, by the validation service node, a block validation stamp comprising meta-data signed by a trusted stamping authority (TSA) on the blockchain ledger, and validating the block based on the meta-data.

Multimedia content may be delivered to content consumer devices via a content-delivery network. Encrypted content and cryptography keys for decrypting the content may be distributed from a data center to various nodes of the content-delivery network, each node acting as a semi-independent content-delivery system. Each content-delivery system is capable of delivering received content to end-users and implementing a key-management scheme to facilitate secure content-delivery and usage tracking, even when the content-delivery system is disconnected from the data center. In other words, the disclosed systems and methods facilitate the operation of nodes which may operate in “autonomous mode” when disconnected from a larger content-delivery network, thus maintaining content-delivery capabilities despite having little if any connectivity to external networks.

A computer system performs tracking of security context for confidential or untrusted values input from sources in an executing application to sinks in the executing application. The security context includes indications of sources and declassifier methods corresponding to the values and has been previously defined prior to the tracking. Prior to release of a selected confidential or untrusted value by a sink in the executing application, security context is fetched for the selected confidential or untrusted value. A selected declassifier method is caused to be used on the selected confidential or untrusted value prior to release of the selected confidential or untrusted value to the sink. The selected declassifier method obfuscates the selected confidential or untrusted value and is selected based on the security context for the selected confidential or untrusted value. The obfuscated confidential or untrusted value is caused to be released to the sink in the executing application.