A method for managing users' digital rights to documents protected by digital rights management (DRM), comprising the steps of a rights management system (RMS) server receiving a request from a user for accessing a DRM-protected document, and the RMS server executing a user centric adaptor (UCA) module to check in a UCA database under the user's identification (ID) whether one of a limited number of predetermined policies of digital rights is added to the user's ID, whereas if the user's rights to the document is not revoked by deletion of a predetermined policy under the user's ID in the UCA database, then the UCA module does not block granting the user's request.

Methods, systems, and computer readable media for dynamically routing authentication requests are described. An embodiment can include receiving, at one or more computing devices, a network authentication request. An embodiment can also include creating, at the one or more computing devices, an authentication context based on information in the authentication request. An embodiment can also include dynamically routing, using the one or more computing devices, the authentication request to an authentication server.

A device comprises a processor. The processor is configured to generate a first signal using a first communication protocol. The first signal corresponds to data received by the processor. The processor is configured to generate a second signal using a second communication protocol. The second signal comprises fabricated data generated by the processor. Additionally, the processor is configured to transmit the first signal. The processor is also configured to transmit the second signal.

An information processing apparatus which manages identification information of a first user and device identification information of a device of the first user in association with each other, manages identification information of a second user and device identification information of a plurality of devices of the second user in association with each other, and controls data transmission and reception between the devices of the first user and the second user. The apparatus receives a request to the second user from the first user, transmits the request from the first user to the plurality of devices of the second user, and notifies a device other than the device that transmitted the permission information among the plurality of devices of the second user of cancellation of the request.

Trusted firmware on a host server is used for managing access to a hardware security module (HSM) connected to the host server. The HSM stores confidential information associated with an operating system. As part of access management, the firmware detects a boot device identifier associated with a boot device configured to boot the operating system on the host server. The firmware then receives a second boot device identifier from the HSM. The boot device identifier and the second boot device identifier are then compared by the firmware. Based on the comparison, the firmware determines that the boot device identifier matches with the second boot device identifier. Based on this determination, the firmware grants the operating system access to the HSM.

A method includes receiving a target credential object having administrative rights over a first user account located on a target system. The first user account includes a log-in permission for the target system. The method also includes receiving data indicative of a second user account corresponding to the first user account, wherein the second user account is located on a local system. The method further includes sending a first request to remove the log-in permission from the first user account to the target system using the target credential object. The method still further includes receiving a log-in request corresponding to the second user account on the local system. The method additionally includes, in response to receiving the log-in request for the second user account, sending a second request to add the log-in permission on the first user account to the target system using the target credential object.

Techniques for marking or flagging an account as potentially being compromised may be provided. Information about the popularity of passwords associated with a plurality of accounts may be maintained. In an example, an account may be marked as potentially being compromised based at least in part on the information about the popularity of passwords and a password included in a request to change the password associated with the account. A notification indicating that an account has been marked as potentially compromised may be generated.

A method for protecting digital media content from unauthorized use on a client, is described. The method comprising the steps of receiving from a server on the client a list of processes, instructions, activity descriptions or data types that must not be active simultaneously with playback of the digital media content (“the blacklist”). The method further comprising checking, on the client, for the presence of any items on the list; and continuing interaction with the server, key management and playback of protected content only if no items on the list are detected on the client. A system is also described.

An authentication system for authenticating a human requester requesting a service, wherein the authentication system is configured to establish via a first and a second port of the authentication system an authentication communication channel comprising a first communication channel to the requester and a second communication channel to a human authenticator, such that at least one of an audio stream of a voice of the requester, a video stream of a face of the requester and a 3D-data stream of the face of the requester is transmittable between the end node device of the requester and the end node device of the authenticator; and to record a confirmation message of the authenticator, wherein the confirmation message confirms or rejects at least one of the claimed identity and the requested service.

The object of this invention is a method for securing an electronic document. In particular, this invention relates to a method that prevents the forging of documents in which an electronic chip is incorporated. To that end, the invention proposes a method in which the data on the document medium are associated with a fingerprint of the document, so as to make them inseparable. That fingerprint is determined on the basis of measurable physical units of the electronic chip or the medium. Thus, the invention allows the combination of the physical protection of the document and the protection of the chip so as to reinforce the security of said documents.