A digital rights management system is provided that includes a receiving device for receiving an encryption key request from a client device, a first database for storing a set of supported security capabilities corresponding to client device, a second database for storing a set of required security capabilities corresponding to at least one of the encryption key and content associated with the encryption key, a content management system for establishing rules to determine the set of required security capabilities corresponding to content, and a processing device. The processing device may be configured to identify the set of supported security capabilities corresponding to the client device and identify the set of required security capabilities corresponding to the content associated with the encryption key. The content management system may be configured to configure the set of supported security capabilities and configure the set of required security capabilities.

A method for detection and use of device identifiers to enhance the security of data transfers between electronic devices. A first electronic device can transmit access data to a second electronic device. The access data can be associated with a first access code that can be generated based at least in part on data representing a device identifier of the first electronic device. A device identifier can uniquely identify the first electronic device from a plurality of electronic devices. Transferring the access data can involve transforming the first access code into a second access code that can include data representing a device identifier associated with the second electronic device. Transforming the first access code into the second access code can facilitate access to a resource associated with the access data for a second user, but not for a first user.

Technologies for secure mediated reality content publishing includes one or more mediated reality servers, multiple mediated reality listeners, and multiple mediated reality creators. The mediated reality server performs an attestation procedure with each listener based on a pre-provisioned attestation credential of that listener and provisions a session encryption key to each validated listener. The attestation procedure may validate a trusted execution environment of each listener. The mediated reality server generates aggregated mediated reality content based on protected mediated reality content received from the creators and generates an associated license that defines one or more content usage restrictions of the aggregated mediated reality content. The server sends the aggregated mediated reality content to the listeners, protected by the corresponding session encryption key. The server may provision each of the listeners with a back-channel encryption key to protect feedback data generated by sensors of the listeners. Other embodiments are described and claimed.

A method and apparatus for brokering the enablement of the communication of encrypted media programs from a plurality of independent broadcasters to a plurality of receivers is disclosed. The system makes use of a pairing key for each provided service, which is differently encrypted by a pairing server and by the broadcaster providing the service. The encrypted versions of the pairing key are decrypted in a first receiver module using information known to the pairing service but not the broadcaster and in a second receiver module using information known to the broadcaster. The pairing key is used to cryptographically bind the first and second receiver modules.

A method of sharing digital media such as photos and/or videos between mobile communication devices and a computer program product for sharing such digital media. Each device includes a camera module, a non-volatile flash memory module for storing the digital media, and the mobile communication devices are included in a media share group including at least a first and further mobile communication device. The method includes, by the first mobile device, establishing a connection with the further mobile device by a wireless personal area network, determining that the further mobile device is included in the media share group, defining a selection of the digital media, wherein the selection includes digital media not present on the non-volatile flash memory of the further mobile device and the digital media is generated by the camera module of the first mobile device within a predefined time period, and copying the selection of the digital media towards the further mobile device.

A network media environment includes a first hub network and a second hub network. The first hub network encompasses a first local environment based on a first server which is coupled to a first client. The second hub network encompasses a second local environment based on a second server which is also coupled to the first client. The first local environment and the second local environment overlap. The second local environment is movable with a movement of the second server.

A method and system for authenticating a user at a first computer to first and second applications installed in a second computer. The second computer receives from the user a first request to access the first application, and in response, the second computer redirects the first request to a third computer, and in response, the third computer determines that the user was previously authenticated and so notifies the second computer, and in response, the second computer returns a first session key to the third computer. The first session key enables a session with the first application but not with the second application. A second session key was sent by the third computer to the first computer after the third computer received the first session key from the second computer. The second session key enables a session with both the first application and the second application.

A user account access management system includes a computing platform having a hardware processor and a system memory storing a user account access software code. The hardware processor executes the user account access software code to receive, from a first user device, a secondary account profile data for generating a secondary account associated with a primary user account registered with a web based service, and to receive, from a second user device, a sign up request for using the web based service. The hardware processor further executes the user account access software code to transmit an authentication token to one of the first user device and the second user device, receive the authentication token from the other of the first user device and the second user device, and link the secondary account with the second user device based on receiving the authentication code.

A collaboration computing environment can be established for facilitating collaboration among multiple users where is distrust between them. The collaboration computing environment comprises one or more chambers that provide data security by limiting data access pathways, deactivating data access functionality and providing an indirect data upload path. Individual users, or defined groups of users, such as users associated with a specific entity, can utilize computing functionality provided within the confines of a single chamber to execute computer-executable instructions and, thereby, consume existing data and generate modified and/or new data. To facilitate collaboration, a shared storage can be enabled in the collaboration computing environment to which multiple chambers can be provided at least some form of access. Further collaboration is facilitated through a collaboration chamber, which can comprise computing environments, such as virtual machines, that can be established to require multiple simultaneous logins.

A method for managing licenses for a service application across a plurality of interconnected industrial sectors. The method includes: selecting a delegation policy; deploying a local virtual license manager in one of the two industrial sectors, and sending a license authorizing the local virtual license manager to use the service application, in particular for executing a command of a cyber-physical system.