A method, a computer system, and a computer program product for authorization using multiple entities is provided. Embodiments of the present invention may include generating a secret, a user hash and an application hash. Embodiments of the present invention may include transmitting the user hash, the application hash and the password to an identity verification authority. Embodiments of the present invention may include generating a password hash. Embodiments of the present invention may include transmitting the user hash and the application hash to a server. Embodiments of the present invention may include identifying the password hash that is associated with the user hash and the application hash, transmitting the password hash and an authorization notification to the identity verification authority, comparing the password hash with a previously stored password hash and determining that the comparison of the password hash with the previously stored password hash matches.

A network printing system comprising a user device to encrypt a print job using a public key of a user and to transmit the encrypted print job to a print server. The system may further comprise the print server to re-encrypt the encrypted print job using the re-encryption key. The system may further comprise the printer to decrypt the re-encrypted print job using a private key of the printer and print the decrypted print job.

Multimedia content may be delivered to content consumer devices via a content-delivery network. Encrypted content and cryptography keys for decrypting the content may be distributed from a data center to various nodes of the content-delivery network, each node acting as a semi-independent content-delivery system. Each content-delivery system is capable of delivering received content to end-users and implementing a key-management scheme to facilitate secure content-delivery and usage tracking, even when the content-delivery system is disconnected from the data center. In other words, the disclosed systems and methods facilitate the operation of nodes which may operate in “autonomous mode” when disconnected from a larger content-delivery network, thus maintaining content-delivery capabilities despite having little if any connectivity to external networks.

A method (and structure and computer product) to encrypt plaintext data into ciphertext data includes encrypting, using a processor on a computer, plaintext into corresponding ciphertext, using a Property Preserving Encryption (PPE) protocol in which a predefined property is maintained when plaintext values are encrypted into ciphertext values. The predefined property is randomly flipped during encryption to reverse the predefined property in the corresponding ciphertext node. An indication of whether the predefined property has been maintained or reversed is stored as the state of encryption.

A method and apparatus provide centralized encryption key management for sharing data across diverse entities. In particular, the present invention relates to a universal and regulatory compliant system and method for sharing personal data records across diverse entities while maintaining unique identifiers at each entity for protecting the identity of any particular person. The present invention enables multiple organizations to be able to share their respective disparate data in a manner in which the disparate personal data records can be aggregated and manipulated by a single entity without putting the personal data records at risk.

Systems and methods are disclosed herein for dynamically applying information rights management (“IRM”) policies to documents. An example system for dynamically applying IRM policies to documents can include a document repository, a proxy server, and a dynamic IRM wrapping service (also referred to herein as an IRM engine). A user can request a document on the document repository by, for example, attempting to access the document from a user device. The user device can be managed by a management server that enrolls the user device and enforces compliance rules and other policies at the user device. The user's request for the document can be received at the proxy server, and the proxy server can then request the document from the document repository.

The communications established on a communication path between two nodes, for example between a client and server, are increasingly encrypted, at least from the transport layer and to the application layer in the Open Systems Interconnection model. However, the devices present on the communication path may in certain cases or for certain services, intervene not only to transport the messages but also to read, edit or add data in the message. In addition, it may also be desirable that only “authorized” devices can carry out these actions. In order to intervene on these data, it would be necessary that the devices on the communication path have available all the keys used by the nodes to encrypt and decrypt the data of the messages, which is difficult to envisage. A method for editing enables a device, capable of intercepting a data message on a communication path between two nodes, to edit the data under the control of the nodes, while ensuring that a device cannot access the data edited by another device on the path.

A system and method of wireless display, including a transmitter processing a first encrypted content into a second encrypted content without decoding, and transferring the second encrypted content over a wireless display connection to a receiver.

Systems and methods are disclosed for a distributed trading system. The preferred invention offer solutions to problems that arise with High-Frequency Trading and the future of stock market regulation. The use of a distributed object brokered interface to facilitate transactions not only makes the trading faster but also more secure.

The disclosure details the implementation of an apparatus, method, and system comprising a portable device configured to communicate with a terminal and a network server, and execute stored program code in response to user interaction with an interactive user interface. The portable device contains stored program code configured to render an interactive user interface on a terminal output component to enable the user the control processing activity on the portable device and access data and programs from the portable device and a network server.