Use Cases
Lots of examples of scenarios and how the patented AMULET ™ technology could be applied to the situation.
Use the filter tags to display just those Use Cases related to either a certain type of digital asset, and/or to limit to those using a specific AMULET ™ Framework Service as the solution you’re interested in.
- All
- BIOS
- Camera
- Code Cocoon
- Custom handler
- Database
- Device Hardware
- Files
- General
- GPS
- Hardware
- Instances
- Intellectual Property
- Internet Address
- IoT
- MAC Address
- Microphone
- Multimedia
- Operating System
- Processes in Memory
- Remote Control
- Requesting Module
- Requesting Thread
- Scripts
- Software
- Time / Date
- User Activity
- User/Membership
- Vendor Pass-through
- Windows Registry
AMULET ™ Solution
Because the corporation uses Internet WAN subdomains with a subnet mask of 215.137.xxx.xxx throughout its organization, AMULETs ™ can be restricted to devices assigned to that family of I/P addresses or which are linked to routers which have external WAN addresses in that range.
The organization can wrap the executable files for the licensed applications as AMULET ™-protected digital assets and issue the same AMULET ™ to all users. Alternatively, the organization can mass-produce individual AMULETs ™ for each potential host device from a template, and then further refine the AMULET ™ for each user based on a first-use registration by the user. Or, the AMULET ™ could include remote-access criteria which forces all devices online for each application use and directs the AMULET ™ to content at a website or to Ethernet UNC file address for validation instructions and metadata.
Tags: Internet Address, Software
AMULET ™ Solution
No matter what the reason or need, AMULETs ™ can be restricted to devices based on what specific file(s) are (or are not) installed on the device, what processes are (or are not) active on the device, or from which modules in a process an access request is coming from. For example, the author could identify a file uniquely associated with the conflicting application, and could then create AMULET ™ file criteria that would deny access to the author’s application if the offending file was present on the host device.
Tags: Files, Processes in Memory, Requesting Module, Software
AMULET ™ Solution
AMULET ™-protected digital asset lease requests can be honored based on defined ranges of time and time periods. Applications consuming data on the device itself can be wrapped in AMULETs ™ that would prevent use during certain time periods on certain days. Alternatively, or in addition, applications on the remote server being accessed can be wrapped to prevent use by callers during certain periods.
For example, an Internet of Things smart electric meter could use AMULET ™ time criteria to send warnings when usage achieved certain consumer-modifiable levels based on time of day.
Tags: IoT, Software, Time/Date
AMULET ™ Solution
AMULET ™ digital asset security is compatible with all forms of container security. By wrapping each and every digital asset and associating it with an appropriate AMULET ™, all losses caused by any defects or omissions in container security will be prevented since even upon breach the digital assets are useless to the attacker. More importantly, the level of attacks upon servers will decrease as attackers realize there are no usable gains to be had.
Tags: General
AMULET ™ Solution
Upon registration of the licensed version of his app, the author informs the user of the restriction on the number of devices that can be used, and permits the user to choose the specific host devices by MIN/MSIN/MSID/IMSI/IMDSI_S/ESN/IMEI identifier (mobile devices), BIOS asset tag, hardware MAC address(es), I/P address(es), hard drive serial numbers, motherboard serial number, and/or other unique hardware identifiers.
The user’s identification and license information, their host device choices and ID, and identifying information for the software being registered are encoded into a new AMULET ™. The software is modified with a dependency upon the new AMULET ™, and the new AMULET ™ and modified software returned to the registering user. The AMULET ™ framework will then enforce identification and restriction of host devices whenever an application instance is launched.
Tags: BIOS, Device Hardware, Internet Address, MAC Address, Software, Vendor Pass-through, Windows Registry
AMULET ™ Solution
AMULET ™ criteria can be modified dynamically on the fly in a variety of different ways:
- Opportunistically, where if and when at time of an AMULET ™ lease request the host device happens to be online the AMULET ™ validation process checks in to a server to see if any updates are available since the last time AMULET ™ validation process was checked.
- By direct control of a remote application, where the AMULET ™ criteria requires the host device be online at time of invocation of the intellectual property, and upon every AMULET ™ lease validation the validation process obtains the host devices I/P address and publishes it to a specified remote location accessible by the remote manager, which then uses the I/P address to force AMULET ™ updates upon the device at the remote application’s whim.
- By forced polling, where the device is required by AMULET ™ criteria to be online and at every AMULET ™ lease request validation a remote location is checked for updates, and those updates downloaded and installed if available.
Tags: Intellectual Property, Internet Address, Remote Control
AMULET ™ Solution
Current e-mail clients are inherently insecure (ex. once you have access to an Outlook *.pst file, required during the use of the Outlook e-mail client and therefore unmodifiable, you have access to every e-mail and attachment in that file).
However, AMULET ™-enabled plugins and extensions will be made available to work with current clients by storing all messages in encrypted form accessible only through an AMULET ™. New fully-AMULET ™-enabled-from-the-ground-up e-mail clients will be able to not only bring all of the power of AMULET ™ criteria to bear on accessing individual e-mails, but will also invoke the screen-capture-frustrating display jittering and audit-trailing steganography we will have in our real-world multimedia apps.
Tags: Email, General
AMULET ™ Solution
AMULETs ™ can include a full range of phone-home, audit-trailing and reporting activities in their validation framework, enforced at each and every AMULET ™ lease request validation cycle. Additional reporting services (providing a server to receive reports and reports-parsing utilities, for example) are optionally available from Certitude Digital.
An author, developer, or owner of an AMULET ™-protected digital asset can respond to those reports (or other events or circumstances) and dynamically modify the AMULET ™(s) accordingly in a variety of ways:
- Opportunistically, where if and when at time of an AMULET ™ lease request the host device happens to be online the AMULET ™ validation process checks in to a server to see if any updates are available since the last time AMULET ™ validation process was checked.
- By direct control of a remote application, where the AMULET ™ criteria requires the host device be online at time of invocation of the intellectual property, and upon every AMULET ™ lease validation the validation process obtains the host devices I/P address and publishes it to a specified remote location accessible by the remote manager, which then uses the I/P address to force AMULET ™ updates upon the device at the remote application’s whim.
- By forced polling, where the device is required by AMULET ™ criteria to be online and at every AMULET ™ lease request validation a remote location is checked for updates, and those updates downloaded and installed if available.
Tags: General, Internet Address, Remote Control
AMULET ™ Solution
One or more AMULETs ™ can be assigned to one or more individual items or rows of a database, including account information associated with a depositor, customer, or client of a bank or any other financial, commercial, governmental, or non-profit organization. In fact, portions of this data can even be effectively escrowed, by making its use or display contingent upon two AMULETs ™, one belonging to the institution and one belonging to the customer, meaning that access to it must meet the approval of both. Given the wide range of criteria which can be specified in an AMULET ™, this would ensure any AMULET ™-protected data obtained by a hacker who has breached a database is useless to the hacker.
Tags: Database, General
AMULET ™ Solution
In order to protect the vast array of forms and conveyances in which intellectual property can be stored and communicated, the safest policy is to render all sensitive documents, applications, and multimedia as AMULET ™-protected digital assets. AMULETs ™ can be shared among multiple digital assets, or custom-generated where there is a need to do so.
In addition to protection and pre-empting theft or improper use of intellectual property, AMULET ™-enabled multimedia players and viewers have a number of safety and other features, including invoking the same screen-capture-frustrating display jittering and audit-trailing steganography we will have in our real-world multimedia apps. AMULET ™-enabled multimedia players and viewers can identify from a copy of a digital asset the most likely original source of the copy, and provide a wealth of digital-asset-specific audit-trailing services to support that capability.
Tags: General, Intellectual Property
AMULET ™ Solution
AMULETs ™ have a number of criteria which can be defined to prevent robotic use of a digital asset when a user is not present. AMULET ™ criteria can be defined to require that a user be logged on, even a specific user, and further that there be mouse, keyboard, or touchscreen activity within a certain timeframe of any AMULET ™ lease request or lease request validation. AMULETs ™ can have time criteria defined to block any use of a digital asset during certain time periods the user is known to be unavailable.
Tags: Multimedia, Software, Time/Date, User Activity
AMULET ™ Solution
AMULETs ™ support multiple vendor layers of distribution of AMULET ™-protected-digital assets in several ways, the two preferred methods being through pass-through criteria and nested AMULETs ™.
Pass-through criteria is built into AMULETs ™ and allows the author to designate users or groups of users authorized to add additional restrictions to AMULET ™ criteria he/she has already defined. When this method is used, editors authorized by the original author of the AMULET ™ can further restrict (but not loosen) the AMULET ™ criteria imposed by the author.
The second preferred method is via nesting AMULETs ™ protecting a digital asset – the distributor can simply wrap their own AMULET ™(s) around a digital asset already protected by one or more AMULETs ™.
In both cases, all criteria of all associated AMULETs ™ must be satisfied before the digital access can be accessed through a AMULET ™ lease request.
Tags: Multimedia, Software, Vendor Pass-through
AMULET ™ Solution
AMULET ™ criteria fully support digital access management directly through GPS polygons (which include an altitude component for managing access via the floors in a building), as well as indirectly (and less accurately through IP addresses), and time zones, and registered user street addresses. GPS polygons can be defined as inclusive or exclusive, so the author could either define areas in which usage of his app is forbidden, or he/she could alternatively define areas in which the app is expressly permitted.
Tags: GPS, Software
AMULET ™ Solution
If the owner wished to use AMULET ™ time criteria to specifically deny access to a piece of company software during the weekend, with access controlled by another time criteria during the week, he’d set the weekend to be “denied” and the rest of the time to be default. The owner could then just set the default access to be “allowed”, meaning all times other than the weekend would be allowed.
However, the owner might later decide to allow only certain periods during the week to be allowed (8:00AM to 5:00PM) for example. Since a specific “allowed” period always trumps a “denied” period, he would then set the default for all time criteria for the AMULET ™ to be denied, and then set the allowed periods during the weekdays. If he then later wanted to change the first criteria to allow certain periods during the weekend, all he has to do is add the “allow” periods.
A real-world implementation of AMULET ™ time criteria to constrain digital asset access to work hours might look something like this:
- Set the AMULET ™ so access is allowed only at times between 8:00AM and 5:00PM (hint, since “allowed” trumps “denied”, he’ll want to set up the denied periods explicitly and leave the default to “allowed”);
- Set the entirety of all weekends to be denied; and
- Set the entirety of Christmas Day to be denied, regardless the day of the week in which it falls.
This resulting combined pattern is one we expect to be similar to those in use across nearly all corporations where they want to ensure their compliance with volume-licensing agreements for their purchased subscriptions to third-party products, such as Microsoft Office components.
Tags: Multimedia, Software, Time/Date
AMULET ™ Solution
The AMULET ™ system supports a feature called Code Cocoons ™, specifically designed to proactively provide an isolated, safe, non-standard environment separate from the host file and/or operating system in which to execute AMULET ™-protected digital assets. This capability can be used to support running code snippets, modules, libraries, applications, or multimedia from one operating system in a host having a different operating system, even when security is not truly a consideration. This means a developer can sell modules and libraries he or she created in one operating system or language to a much wider audience than was previously possible, since potential customers are no longer limited to the same operating system or language.
The developer can tap into this extended market by merely wrapping his module as an AMULET ™-protected digital asset with Code Cocoon™ criteria defined, and then advertising the module’s capabilities, availability, and directions for use.
Please refer to our pages covering Code Cocoons ™ for more details.
Tags: Code Cocoon, Software
AMULET ™ Solution
The developer distributes his/her application over the Internet as a protected digital asset with AMULETs ™ preventing the use of any of its features. When a user registers (pays) for licensed usage, the AMULET ™ criteria for the registered-user-only features are re-written with the user’s unique information and assigned a new AMULET ™ ID, which is then re-written in its stored location in the software application.
Tags: General, Software
AMULET ™ Solution
The developer distributes his application over the Internet as a protected digital asset, with AMULETs ™ preventing the use of some of its features. When a user registers (pays) for licensed usage, the AMULET ™ criteria for the registered-user-only features are re-written with the user’s unique information and assigned a new AMULET ™ ID, which is then re-written in its stored location in the software application.
Tags: General, Software
AMULET ™ Solution
AMULET ™ technology includes special techniques for displaying and/or playing multimedia digital assets. Multimedia digital assets (documents, images, video, holograms, and audio, as well combinations of those elements) have an inherent vulnerability to being copied or recorded from the output device when played by a user under AMULET ™-authorized conditions, be that a projector, display surface, speaker, including via software on the output device itself or through an external camera or recorder.
These special AMULET ™ techniques are selectable in the AMULETs ™ themselves, and when fully deployed are intended to accomplish several goals:
- Create a centralized collection of authorized playback audit trails so that unauthorized recordings can be later matched back to a source (merely having an audit trail capability that authorized users know about will tend to increase the amount of care that is taken with AMULET ™-protected digital assets);
- Provide both obvious and non-obvious identifiers in the authorized playback outputs that are detectable in unauthorized copies;
- Frustrate the making of unauthorized copies during an authorized playback.
Tags: General, Multimedia
AMULET ™ Solution
In addition to multilevel encrypted whenever and wherever stored, AMULETs ™ offer additional levels of protection through Code Cocoons ™, which in addition to other things, prevents or makes difficult the comparisons between what is on the hard drive in one environment and what is in memory in another, keeping even momentarily-exposed intellectual property in a different environment than the one which is native to the host computer.
Please refer to our pages covering Code Cocoons ™ for more details on this powerful technology
Tags: Code Cocoon, Software
AMULET ™ Solution
To make unauthorized recorded copies readily identifiable as to their original authorized source, the AMULET ™-enabled player or viewer injects a number of things into the playback output that are likely to turn up in unauthorized recordings. This includes steganography (modifications of pixels in certain patterns, including induced moire patterns and aliasing artifacts, that are not obvious to the authorized viewer’s eye but which are readily picked up by recording devices), frequency bursts and patterns outside the range of human hearing but recorded by audio recording devices, substitutions of certain tones for others, background rhythms in certain audio ranges, subtle pitch adjustments, use of special colors (substituted for others in videos or used as backgrounds in documents), use of unique text fonts, weights, slants, and sizes relative to one another, and artificially limiting the range of colors or sounds in certain circumstances to induce uniqueness.
An AMULET ™-enabled player or viewer can accept external images and files and compare them to AMULET ™-protected digital asset pre-recorded audit trails and copies of images that were properly displayed, and from those comparisons determine via inject artifacts the likelihood by percentage as to the source of a copy. If that source is a registered user of the AMULET ™-protected digital asset, the AMULET ™-enabled player or viewer can return the registered-user data to the digital asset owner.
Tags: General, Multimedia
AMULET ™ Solution
AMULET ™ criteria fully support digital access management directly through GPS polygons (which include an altitude component for managing access via the floors in a building), as well as indirectly (and less accurately through IP addresses), and time zones, and registered user street addresses. GPS polygons can be defined as inclusive or exclusive, so the author could either define areas in which usage of his app is forbidden, or he/she could alternatively define areas in which the app is expressly permitted.
When the appliance has GPS capability, AMULET ™ criteria can be set up in several ways to police a geographic restriction. It can divert to manufacturer-supplied code to shut down or modify certain behaviors of the appliance if improperly moved, or it can simply phone home to the manufacturer’s server if and when AMULET ™ criteria are not satisfied.
Tags: GPS, Hardware, IoT
AMULET ™ Solution
One of the AMULET ™ criteria speaks directly to concurrent usage of a digital asset. The developer needs only to set this value appropriately in the AMULET ™(s) associated with his library module
Tags: Instances, Scripts
AMULET ™ Solution
One of the AMULET ™ criteria speaks directly to digital asset host device BIOS data on which a digital asset can be accessed (or operating systems on which access is to be denied). The developer needs only to set this criteria to specify the host device BIOS asset tag as the only acceptable asset tag for allowing access to the AMULET ™-protected application.
Tags: BIOS, Hardware, Software
AMULET ™ Solution
The vendor needs only to wrap the function which connects to the hidden server as a small software application, which can then be protected from view using AMULETs ™ just like any other software application digital asset.
Tags: General
AMULET ™ Solution
One of the AMULET ™ criteria speaks directly to custom environmental analysis supplied by the digital asset owner, developer, or author. The author writes code to perform the test, ensuring it produces a yes/no answer in all cases and is written in the form required by the Certitude-provided AMULET ™ Developer’s Software Development Kit (SDK). This criteria processing module will then be called at the time of AMULET ™ lease request analysis just as the built-in AMULET™ criteria processing functions are called.
Tags: Custom Handler, Hardware, IoT, Software
AMULET ™ Solution
One of the AMULET ™ criteria speaks directly to querying the calling module. The developer needs only to set the list of module attributes (modules that will be accepted, as well as explicit modules to be denied) appropriately in the AMULET ™(s) associated with his library module.
Tags: Requesting Module, Requesting Thread, Scripts, Software
AMULET ™ Solution
The Certitude-provided AMULET ™ Developer’s Software Development Kit (SDK) includes a number of utilities and applications that can help a script developer identify unique and critical small sections of his script without which the script will not run, or cannot produce the desired result. The utilities will then make it possible to convert the identified sections into a secure, compiled and obfuscated language which the author can then call from his original script. The newly-compiled sections will be delivered, wrapped in AMULET ™ protection, and the author can then define the criteria for the associated AMULETs ™ just as he would for any other digital asset. In this way, the author gets a secure product he can sell commercially.
Tags: General, Scripts, Software
AMULET ™ Solution
AMULETs ™ have a number of capabilities to ensure that each and every successful access of an associated digital asset is recorded via usage counts, and is reported to an online server when the criteria are set up to support those features. Because AMULETs ™ are dynamic, the author can alter AMULET ™ criteria to inhibit access to a digital asset when agreements with an author have been broken, thereby providing the artist leverage they do not now have.
Tags: General, Multimedia
AMULET ™ Solution
One of the AMULET ™ criteria speaks directly to querying for the absence or presence of specific files in the host device of a digital asset. The vendor needs only to set the list of files (files that will be accepted, as well as files whose presence will cause access to be denied) appropriately in the AMULET ™(s) associated with his software.
Tags: Files, Software
AMULET ™ Solution
Because AMULETs ™ are dynamic, the vendor can alter AMULET ™ criteria to inhibit access to a digital asset when agreements with a vendor have been broken, thereby providing the vendor leverage they do not now have.
Tags: General
AMULET ™ Solution
A digital asset vendor can create AMULETs ™ on the fly from a pre-populated AMULET™ template to associate with a digital asset being downloaded, capturing the downloader’s I/P address and encrypting it into the new AMULET ™ as part of the web page’s process of serving up the downloadable digital asset.
At runtime, the AMULET ™ framework can then assess the I/P address of the AMULET ™ lease requestor to ensure it matches the downloader’s I/P address.
Tags: Internet Address, Multimedia, Software
AMULET ™ Solution
One of the AMULET ™ criteria speaks directly to querying the absence or presence of devices having ranges of MAC address on the host device of a digital asset. The vendor needs only to set the range of MAC addresses (MAC addresses that will be accepted, as well as MAC addresses whose presence will cause access to be denied) appropriately in the AMULET ™(s) associated with his driver.
Tags: Hardware, MAC Address, Software
AMULET ™ Solution
One of the AMULET ™ criteria speaks directly to querying absence or presence of hardware devices, and types of hardware devices, present on the host device of a digital asset. The vendor needs only to set the types and identifiers of hardware devices (devices that will be accepted, as well as devices whose presence will cause access to be denied) appropriately in the AMULET ™(s) associated with his digital asset.
Tags: Device Hardware, Hardware, Software
AMULET ™ Solution
Several AMULET ™ criteria speak directly to Windows registry content, to file system drive folder and file contents, to in-memory process, and to module identifications, all of which can be used in various combinations to identify the presence, or lack thereof, of one or more specific applications present on the host device of a digital asset. The vendor needs only to set the AMULET ™ criteria appropriately to identify whether the application(s) is/are, or is/are not, present and deny or allow access to the digital asset accordingly.
Tags: Files, Processes in Memory, Requesting Module, Requesting Thread, Software, Windows Registry
AMULET ™ Solution
One of the AMULET ™ criteria speaks directly to querying a remote website or network location for the results of running a small application to determine whether access to an associated digital asset should be granted or denied. The function at the remote location can be anything the vendor wishes it to be, as long as it produces a yes or no answer. If the vendor sets a requirement at each AMULET ™ that the host device must be online at time of the digital asset access request, and also sets one, some, or all of his/her AMULETs ™ to point to the same remote location and function, then the effect on denying or allowing access at each individual digital asset’s AMULET ™ framework processing with be the same, allowing centralized control of multiple AMULET ™-protected digital assets remotely.
Tags: Custom Handler, Database, Multimedia, Remote Control, Software
AMULET ™ Solution
The AMULET ™ system supports a feature called Code Cocoons ™, specifically designed to proactively provide an isolated, safe, non-standard environment separate from the host file and/or operating system in which to execute AMULET ™-protected digital assets.
Please refer to our pages covering Code Cocoons ™ for more information.
Tags: Code Cocoon, General
AMULET ™ Solution
When an insurance company insures an intelligent device, it places a small AMULET ™-protected application on the device. This application uses the usage count, audit-trail, and environmental assessment capabilities of the AMULET ™ to periodically inventory the host device’s environment (including its GPS location, snapshots from the device’s camera, and a brief audio recording), package up a report, and send it to the insurance company when online. The AMULET ™ can periodically shut down (or threaten to shut down) essential device features in the event the device is not taken online at regular intervals (in order to deliver its reports).
Tags: Camera, GPS, Hardware, IoT, Microphone
AMULET ™ Solution
There are many ways an AMULET ™ can provide protection, including restricting access to a specific logged-on username. However, there are a growing number of mobile devices (including many laptops) supporting biometric authentication (ex. fingerprint, iris scan), which can be defined in the AMULET ™ (via the use of a vendor pass-through call), such that the biometric sensor would need to successfully authenticate the user before they could access a file. An AMULET ™ could include requiring such a validation as an access requirement.
Tags: Device Hardware, General, Hardware, User/Membership
AMULET ™ Solution
In this situation, all criteria about the device itself (BIOS tag, IP address, etc…) would all be common across users. Each individual has their own account information in order to log onto the machine. The logged-on username (along with group memberships) is one of the many criteria an AMULET ™ can use to define access to an individual file.
Tags: General, User/Membership