An elongate inserter has a distal end releasably connected to an expandable interbody fusion device and a proximal end including a trigger actuator. The interbody fusion device comprises a superior endplate and an inferior endplate that are movable in an expansion direction relative to each other in the intradiscal space. The inserter includes a lifting platform and an elevator that define cooperatively engaging ramps and ramps surfaces that upon operation of the trigger actuator cause the superior and inferior endplates to move relatively away from each other. A driver is supported by the inserter for pushing an insert into the expanded device between the superior and inferior endplates.

An intervertebral fusion cage that is adapted to contain an inserter within its inner volume during insertion of the cage.

Various embodiments of intervertebral implants, anchoring devices for intervertebral implants, and implantation instrumentation are provided, along with various embodiments of methods for using one or more of the devices. Some embodiments of an anchoring device have a body comprising at least one curve and a rigid plate elongated along a longitudinal axis so that its front end enters at least one vertebra while its rear end remains in the passage of an implant. In some embodiments, the plate comprises at least one longitudinal slot separating at least one posterior portion of the plate into two branches, with at least one branch comprising at least one withdrawal stop configured to retain the device in the implant.

A medical device used in a medical robotic system has a conduit and an orientable tip. An optical fiber coupled to a laser source and/or a catheter coupled to one or more biomaterial sources extends through the conduit and tip so that the tip of the medical device may be robotically directed towards a target tissue for laser and/or biomaterial application as part of a medical procedure performed at a surgical site within a patient. A protective sheath covers the fiber as it extends through the conduit and tip. A first coupler adjustably secures at least the sheath to the medical device and a second coupler adjustably secures the fiber to at least the sheath. A similar dual coupler mechanism may be used to secure the sheathed catheter to the medical device.

According to an embodiment of the present invention, a system optimizes an information processing environment, and comprises at least one processor. The system collects information pertaining to operational behavior of the information processing environment and including a plurality of parameters. A neural network structure is established to associate the parameters to a desired operational performance characteristic for the information processing environment. The neural network structure is trained with the collected information from the information processing environment to produce a model for the information processing environment. The model is optimized to determine values for the parameters and the information processing environment is adjusted based on the determined parameter values to attain the desired operational performance of the information processing environment. Embodiments of the present invention further include a method and computer program product for optimizing an information processing environment in substantially the same manner described above.

The present disclosure relates to a suture anchor inserter. The suture anchor inserter includes a handle having a proximal component, a central component coupled to the proximal component, and a distal component coupled to the proximal component and the central component, the central component capable of rotating relative to the proximal component; and a shaft comprising a proximal end and a distal end, the proximal end coupled to the handle. A method of inserting a suture anchor into bone is also disclosed.

In one implementation, a method is disclosed in which a lock sensing mode is entered for a robotic surgical instrument. In the lock sensing mode, the degrees of freedom of movement in the robotic surgical instrument are switchably reduced. Further in the lock sensing mode, one or more end effectors of the robotic surgical instrument are switchably clamped together in the robotic surgical instrument. An increased level of torque may also be applied to the end effectors to increase a gripping force applied by the one or more end effectors in response to the reduced degrees of freedom of movement in the robotic surgical instrument.

A cutting or scoring balloon (26) is provided with a plurality of cutting or scoring elements (34) and is wrapped onto a balloon catheter (12) such that the cutting or scoring elements (34) overlie the balloon wall (36) with the balloon wall (36) pleated underneath the cutting or scoring elements (34). The cutting or scoring elements (34) remain exposed when the balloon (26) is pleated and wrapped onto the balloon catheter (12) and in a tightly wrapped configuration.

A substantially radiolucent cranial stabilization pin is adapted for use with a fixture for immobilizing a patient's head during a medical procedure. The pin includes a tip and a body, which are secured together to form the pin. The tip and body are constructed from non-ferrous, non-magnetic materials that are biocompatible. The tip and body are safe for use with, and compatible with, imaging techniques including MR imaging and CT imaging. In some examples the tip is a titanium insert and the body is molded within and around at least a portion of the tip. In some versions, the tip includes a hollow portion and one or more openings providing access to the hollow portion. The molded body flows into and around portions of the tip creating a secure pin suitable to withstand torque and axial forces observed in use.

In one embodiment, a surgical instrument comprises an articulable harmonic waveguide. The articulable harmonic waveguide comprises a first drive section comprising a proximal end and a distal end. The proximal end of the first drive section may be configured to connect to an ultrasonic transducer. The articulable harmonic waveguide further comprises a first flexible waveguide coupled to the distal end of the first drive section. An end effector extends distally from the first flexible waveguide. The surgical instrument further comprises an articulation actuator to flex the first flexible waveguide.

Disclosed herein are methods, compositions and tools for repairing articular surfaces repair materials and for repairing an articular surface. The articular surface repairs are customizable or highly selectable by patient and geared toward providing optimal fit and function. The surgical tools are designed to be customizable or highly selectable by patient to increase the speed, accuracy and simplicity of performing total or partial arthroplasty.

Disclosed herein are methods, compositions and tools for repairing articular surfaces repair materials and for repairing an articular surface. The articular surface repairs are customizable or highly selectable by patient and geared toward providing optimal fit and function. The surgical tools are designed to be customizable or highly selectable by patient to increase the speed, accuracy and simplicity of performing total or partial arthroplasty.

An apparatus for insertion of a medical device in the skin of a subject is provided, as well as methods of inserting medical devices.

A data distributing and accessing method for sharing a file via a network system includes steps of: dividing the file into a plurality of blocks; distributing the blocks in a plurality of data hosts interconnected via the network system; one of the data hosts receiving a file-reading request from a user host and issuing collecting requests to other data hosts to collect the blocks from the data hosts; and transferring the collected blocks from the data hosts to the user host to be combined into the file.

A receiving device receives messages, detects the priority levels set in the headers of the messages, and reads the first and second messages. When the receiving device receives the header of the second message during reading of the first message, it controls, in accordance with the priority levels of the first and second messages, the reading rates at which the first and second messages are read.

A method of processing content according to a workflow, where a digital content is processed on one of a plurality of processing devices according to process definition associated to the content, includes the steps, iterated at the processing device, of: a) receiving from a server a signed workflow information, a workflow information comprising a status of the content processing, a signature of the process definition and a hash of the content;b) verifying the workflow information;c) when the workflow information is verified, processing the content according to the process definition and according to status of the content processing;d) updating and signing the workflow information;e) sending to the server the signed workflow information;and the steps iterated at the server of:f) receiving from a processing device a signed workflow information;g) publishing the signed workflow information received from the processing device. A system for performing the method is also provided.

A communication terminal that can adjust which section of a one-time pad cipher key is used and achieve cipher communication when there is a possibility that the one-time pad cipher keys are not completely matched between communication terminals. A cipher key transfer device acquires a one-time pad cipher key from a key sharing system, divides the acquired one-time pad cipher key with a predetermined number of bits, and transfers the same to a mobile communication terminal after converting the same into one-time pad cipher key cartridges. Along with the partner's terminal, the mobile communication terminal negotiates which one-time pad cipher key cartridge will be used to perform cipher communication, decides the one-time pad cipher key cartridge to be used, and begins cipher communication.

An apparatus includes a logging apparatus and a configuration apparatus. The logging apparatus has a security module operable to create a manipulation-proof log. The configuration apparatus is operable to configure a configurable microprocessor system. The configuration apparatus is further operable to be coupled to the logging apparatus in order to log a configuration of the microprocessor system using the logging apparatus.

A method of authenticating a device involves establishing a local connection between a local target device and a local source device; at the source device, obtaining credentials of the target device via the local connection; at the source device, sending the credentials to a cloud authentication server via a secure communication channel; at the cloud authentication server, checking the credentials of the target device against a database of known good devices; at the source device, receiving a message from the cloud authentication server via the secure communication channel, said message indicating that the target device is authenticated; and delivering content from the source device to the target device on the condition that the target device is authenticated. This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract.

A system administrator of a wireless LAN 100 manipulates a personal computer PC1 to change a WEP key. The personal computer PC1 authenticates a memory card MC as genuine under management of the system administrator. In the case of the authenticated memory card MC, changed setting information, as well as a previous WEP key before the change of the setting information, is written into the memory card MC. The system administrator then inserts this memory card MC into a memory card slot of a printer PRT1. The printer PRT1 authenticates the memory card MC as genuine under management of the system administrator. In the case of the authenticated memory card MC, the setting information is updated. This arrangement effectively relieves the user's workload in setting wireless communication devices, while ensuring the sufficiently high security.

A relay apparatus of a video and audio transmitting/receiving system delays a time before transmitting an authentication start instruction after an authentication start video signal being transmitted to a receiving apparatus. Accordingly, a problem that the receiving apparatus receives the authentication start instruction from the relay apparatus before locking the authentication start video signal and cannot perform authentication processing normally, leading to a failure in authentication. A correction time is decided based on a resolution of the authentication start video signal transmitted from the receiving apparatus and a combination of receiving apparatuses and transmitting apparatuses connected to the relay apparatus.

A device is described for the hiding and subsequent recovery of visual information. The device comprises two or more tokens (1), each containing a mask (2,3) of coloured pixels (4), are overlaid (5), so that when the pixels are aligned, hidden information, invisible in the individual tokens. The hidden information consists of one or more recognisable alphabetic, numerical or pictorial characters (6). During token overlay and alignment, the information becomes recognisable because it is made up of pixels whose colour is differentiated from the other pixels in the overlay. The information is hidden by adding pixels of certain colours. When the tokens are overlaid and the pixels aligned, the added pixels are effectively subtracted, revealing the hidden information. The tokens may be printed on various media, or may be displayed on an electronic device.

A method and apparatus for forming and distributing quantum encryption keys. A first quantum signal generated by a number generator in a communicator is transmitted through an aperture in the communicator to a receiving communicator. A second quantum signal is received through the aperture at the communicator from a transmitting communicator. The first quantum signal is isolated from the second quantum signal such that the first quantum signal is transmitted from the communicator in response to the first quantum signal passing through the aperture and such that the second quantum signal is received at a number detector in the communicator in response to the second quantum signal passing through the aperture.

Disclosed herein are a private key generation apparatus and method, and storage media storing programs for executing the methods on a computer. The private key generation apparatus includes a root private key generation unit and a sub-private key generation unit. The root private key generation unit sets a root master key and predetermined parameters capable of generating private keys, and generates a first sub-master key set capable of generating a number of private keys equal to or smaller than a preset limited number. The sub-private key generation unit generates private keys with the root private key generation unit by receiving the first sub-master key set from the root private key generation unit, to generate a private key corresponding to a user ID using the first sub-master key set, and issues the private key to a user.

The present invention provides a broadcast receiving apparatus that receives a broadcast wave containing multiple channels. The apparatus comprises, among other things, a selecting unit that selects a channel from the broadcast wave; a determination unit that determines, for all channels that can be selected by the selecting unit, whether or not the obtaining unit can obtain an encrypted second-type encryption key that can be decrypted by the decrypting unit using the updated first-type encryption key; and an updating unit that updates the computer program stored in the memory to the updated program in the case where the determination unit has determined that the obtainment is possible for all the channels.

A secret stream of bits begins by receiving a public random stream contained in a wireless communication signal at a transmit/receive unit. The public random stream is sampled and specific bits are extracted according to a shared common secret. These extracted bits are used to create a longer secret stream. The shared common secret may be generated using JRNSO techniques, or provided to the transmit/receive units prior to the communication session. Alternatively, one of the transmit/receive unit is assumed to be more powerful than any potential eavesdropper. In this situation, the powerful transmit/receive unit may broadcast and store a public random stream. The weaker transmit/receive unit selects select random bits of the broadcast for creating a key. The weaker transmit/receive unit sends the powerful transmit/receive unit the selected bit numbers, and powerful transmit/receive unit uses the random numbers to produce the key created by the weaker transmit/receive unit.

A method, non-transitory computer readable medium and application manager computing device comprises obtaining at least one cryptographic key from a request by a client computing device for a user session. User information corresponding to a user is encrypted or decrypted using the cryptographic key. The request is authenticated based on encryption or decryption of the user information. The cryptographic key is deleted after the completion or termination of the user session.

The present invention provides a method and system for secured remote provisioning of a universal integrated circuit card of a user equipment. A system includes a user equipment for initiating a request for remote provisioning of an universal integrated circuit card (UICC) in the user equipment, where the request for remote provisioning includes a machine identifier (MID) associated with the user equipment and a public land mobile network (PLMN) identifier (ID) associated with an network operator. The system also includes at least one shared key management server for dynamically generating security keys and an operator shared key using the security keys, the MID. Moreover, the system includes an operator network for generating a subscription key using the operator shared key and an international mobile subscriber identity (IMSI), and provisioning the IMSI in a secured manner to the UICC of the user equipment using the security keys.

Disclosed are methods and apparatus for managing services within a computer network. In one embodiment, a message interchange network for exchanging application-level messages between services, which are located outside the message interchange network, is provided. At the message interchange network, a plurality of application-level messages, which each specify which one or more receiving services are to receive the each application-level message, are received. Each received application-level message is forward towards the one or more receiving services. Correlation information regarding each application-level message that is received into message interchange network is retained. The application-level messages are sent between pairs of the services, and the retained correlation information for each application-level message pertains to each application-level message and any other application-level messages related to the each application-level message. A query can then be received, at the message interchange network from a first service, to search the retained correlation information for specific one or more portions of the retained correlation information. A response to the query, which includes the specific one or more portions of the retained correlation information, is sent to the first service.

An infrastructure for securely communicating with electronic meters is described, which enables secure communication between a utility and a meter located at a customer, over a communication link or connection such as via a network. This enables messages to be sent from the utility to the meter and vice versa in a secure manner. The network provides a communication medium for communicating via the C12.22 protocol for secure metering. A cryptographic backend is used to cryptographically process messages to be sent to the meter and to similarly cryptographically process messages sent from the meter. By providing appropriate cryptographic measures such as key management, confidentiality and authentication, the meter can only interpret and process messages from a legitimate utility and the utility can ensure that the messages it receives are from a legitimate meter and contain legitimate information.

Systems and methods for updating status of digital certificate subkeys. A request is made to a key server to verify if a given key is revoked. If it is not, then the key with its subkeys is acquired from the key server. If one or more subkeys or signatures of the subkeys are different in the acquired key, then the key is replaced.

A content data reproducing method includes: decrypting encrypted data to generate plain-text data; dividing the plain-text data into decrypted content data and reproduction management information; sending the reproduction management information to a user space; storing the decrypted content data in a secret buffer; obtaining the decrypted content data as reproduction target data from the secret buffer and transmitting the reproduction target data to a decoder; and decoding the reproduction target data by the decoder.

A data source may be configured to provide usage data including subscriber identifiers and associated information indicative of subscriber device locations and usage. A data warehouse server may be configured to perform operations including: decrypting subscriber identifiers included in usage data received from the data source using a two-way rolling key groups algorithm; re-encrypting the subscriber identifiers decrypted from the usage data to create secure encrypted identifiers using a one-way secured encryption algorithm; and correlating the subscriber identifiers in the decrypted usage data with the corresponding re-encrypted identifiers.

A system apparatus and method for protecting information are provided. Embodiments of the invention may detect inactivity related to a computing device. Information and encryption key may be removed from a memory. Subsequent activity may be detected. An authentication procedure may be performed, and, contingent on authenticating a relevant entity, a master key may be generated and installed in a memory.

A file system data is divided into two or more data blocks. A unique encryption key is assigned to each data block with the encryption key assigned to each data block being distinct from other encryption keys used to encrypt the other data blocks and each of the data blocks is encrypted using its assigned encryption key. One of the data blocks within the file system is then selected and decrypted using the distinct encryption key assigned to the selected data block and a new encryption key, distinct for the previously assigned encryption key, is assigned to the selected data block and the selected data block is re-encrypted using the new encryption key. This process is then repeated for each data block on a sequential/cyclic and continually rotating basis.

Described is a technology by which access to a resource is determined by evaluating a resource label of the resource against a user claim of an access request, according to policy decoupled from the resource. The resource may be a file, and the resource label may be obtained by classifying the file into classification properties, such that a change to the file may change its resource label, thereby changing which users have access to the file. The resource label-based access evaluation may be logically combined with a conventional ACL-based access evaluation to determine whether to grant or deny access to the resource.

A secret key generation apparatus and method are provided. The secret key generation apparatus includes at least one antenna, amplification/phase controllers, a transceiver, and a random signal controller. The antenna receives a wireless signal from a counterpart terminal that performs wireless communication. The amplification/phase controllers control the amplification gain and phase of the wireless signal that is received via at least one antenna. The transceiver measures the status of a wireless channel using the wireless signal having the controlled amplification gain and phase, determines parameters based on results of the measurement, and generates a secret key based on results of the determination. The random signal controller controls the amplification/phase controllers so that the amplification gain and phase are adjusted whenever the transceiver generates a secret key.

An apparatus and method for converting a random binary sequence into a random integer is provided. The present invention converts a random binary sequence into a random integer, and determines whether the corresponding random integer falls within a preset integer interval. Further, if it is determined that the random integer generated from the random binary sequence does not fall within the preset integer interval, the present invention repeatedly updates a random binary sequence until a random integer falling within the corresponding integer interval is obtained, thus outputting uniformly distributed random integers which fall within the preset integer interval.

Computationally implemented methods and systems are described herein that are designed to, among other things, receiving a level-one encrypted output of a surveillance device; encrypting at least a part of the level-one encrypted output of the surveillance device with a level-two encryption key whose decryption key is inaccessible by a level-two encryption entity; and transmitting a level-two encrypted output of the surveillance device.

An image forming apparatus includes a memory unit configured to store image data, a mode detecting unit configured to detect a transition from a first operating mode to a second operating mode, and an encryption unit configured to encrypt the image data in the memory unit based on the transition.

Disclosed is a method for address privacy protection for a first wireless device sharing a privacy key with a second wireless device. In the method, a first resolution tag is generated at the first wireless device using a pseudo-random function with the seed value and the privacy key as input arguments. The privacy key is only known to the first and second wireless devices. A privacy address is generated for the first wireless device based on the seed value and the first resolution tag. A packet is transmitted from the first wireless device to the second wireless device. The packet includes the privacy address and the first resolution tag.

A method and apparatus is disclosed for managing encryption keys in a computer system in which in response to the change of a system key the old key and new key are both maintained for subsequent use.

The debugging unit writes a public key of the key issuing server and an initializing program given from outside, to the storage unit. The instruction executing unit reads and executes the initializing program stored in the storage unit. The debug disabling unit disables the debugging unit. The public-key encrypting unit encrypts the random number by the public key in the storage unit, the random number generated by the random number generating unit after the debugging unit is disabled. The transmitting unit transmits the encrypted random number to the key issuing server. The receiving unit receives an individual key encrypted by the random number from the key issuing server. The individual-key writing unit decrypts the encrypted individual key by the random number to obtain the individual key and write the individual key to the storage unit.

Methods, apparatus, and articles of manufacture to encode auxiliary data into text data and methods, apparatus, and articles of manufacture to obtain encoded data from text data are disclosed. An example method to embed auxiliary data into text data includes assigning source data to one of a plurality of groups, the source data comprising text data, identifying a symbol to be added to the source data based on an assigned group of the source data, and generating encoded data by including in the source data a text character representative of the symbol.

As a user of a social networking system views a page that includes information provided by the system, certain types of social interactions are monitored. If an interaction monitored for is detected, at least one recommendation unit is identified to present to user on the page. The recommendation unit is identified based on a description of the interaction. The recommendation unit suggests that the user perform a social interaction in the social networking system. The recommendation unit is transmitted to a device of the user and is presented to the user on the page without having to reload the entire page.

Provided is a method in which a first device authenticates a public key of a second device. The method includes: receiving a first value generated based on the public key of the second device and a password displayed on a screen of the second device and the public key of the second device, from the second device; generating a second value based on the public key of the second device and a password input to the first device by a user of the first device according to the password displayed on the screen of the second device; and authenticating the public key of the second device based on the first value and the second value.

A method and authentication server provide a mobile key. According to the method, upon receipt of an authentication message (access authentication) that is transmitted when a subscriber logs on to the network, the authentication server extracts a subscriber identification contained in said message and generates a corresponding mobile key, which is stored together with the respective extracted subscriber identification. Upon subsequent receipt of a key request message (key request) that is transmitted when a subscriber registers, the authentication server extracts a mobile identification of the subscriber contained in said message and searches for an identical mobile identification, which can be derived in accordance with a configurable derivation function from a subscriber identification that is stored in the authentication server. Once a derived mobile identification that is identical or can be uniquely assigned to the extracted mobile identification has been found, the authentication server provides the stored corresponding mobile key that has been generated, to cryptographically protect the mobile signaling messages of the registered subscriber.

A method and system of providing conditional access to encrypted content includes receiving unsolicited multiply encrypted video content and first decryption data over a broadcast network. Partially decrypted video content is obtained by decrypting a first layer of encryption of the encrypted video content using the first decryption data. The partially decrypted video content is stored. A request for viewing the encrypted video content is transmitted and second decryption data is received. A second layer of encryption of the encrypted video content is decrypted using the second decryption data.

A Virtual Single Account (VSA) system and method that provides a mobile user with automatic authentication and connection to a remote network via local access networks with a single password, where the local access networks may be independent of the remote network. A mobile user has a single authentication credential for one VSA that is utilized by a VSA client installed on a mobile computing device. The VSA client provides for automatically authenticating and connecting the user's mobile device to a current local access network, and the target remote network such as the user's office network. All authentication credentials are encrypted using a key generated from the user's VSA password that is generated from the user's single password. The VSA client derives the key from the submitted VSA password and decrypts all authentication credentials that are required in order to connect the mobile device to the current local access network and thereafter to the office network.

A machined ceramic article having an initial surface defect density and an initial surface roughness is provided. The machined ceramic article is heated to a temperature range between about 1000° C. and about 1800° C. at a ramping rate of about 0.1° C. per minute to about 20° C. per minute. The machined ceramic article is heat-treated in air atmosphere. The machined ceramic article is heat treated at one or more temperatures within the temperature range for a duration of up to about 24 hours. The machined ceramic article is then cooled at the ramping rate, wherein after the heat treatment the machined ceramic article has a reduced surface defect density and a reduced surface roughness.