Tue, 14 Jul 2015 08:00:00 EDTThe present disclosure relates to systems and methods for secure communications. In some aspects, one or more values used to generate an encryption key used to encrypt a packet are stored in a header of the packet. The packet is transmitted with the encrypted data portion in a communication. In some aspects, one or more values used to generate an encryption key are received. The encryption key is regenerated using the one or more values.
Tue, 26 May 2015 08:00:00 EDTA Virtual Single Account (VSA) system and method that provides a mobile user with automatic authentication and connection to a remote network via local access networks with a single password, where the local access networks may be independent of the remote network. A mobile user has a single authentication credential for one VSA that is utilized by a VSA client installed on a mobile computing device. The VSA client provides for automatically authenticating and connecting the user's mobile device to a current local access network, and the target remote network such as the user's office network. All authentication credentials are encrypted using a key generated from the user's VSA password that is generated from the user's single password. The VSA client derives the key from the submitted VSA password and decrypts all authentication credentials that are required in order to connect the mobile device to the current local access network and thereafter to the office network.
Tue, 26 May 2015 08:00:00 EDTAn access rights management system is presented in which a mobile device may be allowed to access corporately held data in a flexible manner but in which the security and integrity of the data is maintained. The mobile device is provided with a rights adjustment module which modifies the access rights for locally stored corporate data in dependence on the connectivity of the mobile device with a corporate server.
Tue, 26 May 2015 08:00:00 EDTAn information handling system includes a host mapped general purpose input output (GPIO), a shared memory, a board management controller, and a cryptography engine. The host mapped GPIO includes a plurality of registers. The board management controller is in communication with the host mapped GPIO and with the shared memory, and is configured to control accessibility to the plurality of registers in the GPIO, and to control write accessibility of the shared memory based on a private key received from a basic input output system requesting accessibility to the plurality of registers and write accessibility of the shared memory. The cryptography engine is in communication with the board memory controller, and is configured to authenticate the private key received from the board management controller.
Tue, 26 May 2015 08:00:00 EDTA method and system of providing conditional access to encrypted content includes receiving unsolicited multiply encrypted video content and first decryption data over a broadcast network. Partially decrypted video content is obtained by decrypting a first layer of encryption of the encrypted video content using the first decryption data. The partially decrypted video content is stored. A request for viewing the encrypted video content is transmitted and second decryption data is received. A second layer of encryption of the encrypted video content is decrypted using the second decryption data.
Tue, 26 May 2015 08:00:00 EDTA disk array device comprises a first storage unit that stores encrypted user data, a second storage unit that is different from the first storage unit and locks and stores configuration information including a first encrypted authentication key that unlocks the encrypted user data, a management unit that includes a decoder that decodes the first encrypted authentication key and a control unit that unlocks the locked configuration information using a second authentication key, the management unit managing data using the first and second authentication keys. the management unit includes a configuration information recovery portion that unlocks the locked configuration information by using the second authentication key and recovers the configuration information during booting and a user data unlocking portion that decodes the first encrypted authentication key included in the configuration information and unlocks the encrypted user data stored in the first storage unit by using the first decoded authentication key.
Tue, 26 May 2015 08:00:00 EDTA method and authentication server provide a mobile key. According to the method, upon receipt of an authentication message (access authentication) that is transmitted when a subscriber logs on to the network, the authentication server extracts a subscriber identification contained in said message and generates a corresponding mobile key, which is stored together with the respective extracted subscriber identification. Upon subsequent receipt of a key request message (key request) that is transmitted when a subscriber registers, the authentication server extracts a mobile identification of the subscriber contained in said message and searches for an identical mobile identification, which can be derived in accordance with a configurable derivation function from a subscriber identification that is stored in the authentication server. Once a derived mobile identification that is identical or can be uniquely assigned to the extracted mobile identification has been found, the authentication server provides the stored corresponding mobile key that has been generated, to cryptographically protect the mobile signaling messages of the registered subscriber.
Tue, 26 May 2015 08:00:00 EDTProvided is a method in which a first device authenticates a public key of a second device. The method includes: receiving a first value generated based on the public key of the second device and a password displayed on a screen of the second device and the public key of the second device, from the second device; generating a second value based on the public key of the second device and a password input to the first device by a user of the first device according to the password displayed on the screen of the second device; and authenticating the public key of the second device based on the first value and the second value.
Tue, 26 May 2015 08:00:00 EDTAs a user of a social networking system views a page that includes information provided by the system, certain types of social interactions are monitored. If an interaction monitored for is detected, at least one recommendation unit is identified to present to user on the page. The recommendation unit is identified based on a description of the interaction. The recommendation unit suggests that the user perform a social interaction in the social networking system. The recommendation unit is transmitted to a device of the user and is presented to the user on the page without having to reload the entire page.
Tue, 26 May 2015 08:00:00 EDTA request to render content associated with a first super distributed content file is detected by a content rendering device. At least one portion of the content associated with the first super distributed content file is determined to be missing from the first super distributed content file. A second file including the at least one portion of the content missing from the first super distributed content file is obtained from a server. The at least one portion of the content of the second file includes partial encrypted portions of the content associated with an encryption system of the content rendering device. A content output stream including decrypted partial encrypted portions of the content of the second file and the content associated with the first super distributed content file is generated. This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract.
Tue, 26 May 2015 08:00:00 EDTMethods, apparatus, and articles of manufacture to encode auxiliary data into text data and methods, apparatus, and articles of manufacture to obtain encoded data from text data are disclosed. An example method to embed auxiliary data into text data includes assigning source data to one of a plurality of groups, the source data comprising text data, identifying a symbol to be added to the source data based on an assigned group of the source data, and generating encoded data by including in the source data a text character representative of the symbol.
Tue, 26 May 2015 08:00:00 EDTThe debugging unit writes a public key of the key issuing server and an initializing program given from outside, to the storage unit. The instruction executing unit reads and executes the initializing program stored in the storage unit. The debug disabling unit disables the debugging unit. The public-key encrypting unit encrypts the random number by the public key in the storage unit, the random number generated by the random number generating unit after the debugging unit is disabled. The transmitting unit transmits the encrypted random number to the key issuing server. The receiving unit receives an individual key encrypted by the random number from the key issuing server. The individual-key writing unit decrypts the encrypted individual key by the random number to obtain the individual key and write the individual key to the storage unit.
Tue, 26 May 2015 08:00:00 EDTA method and apparatus is disclosed for managing encryption keys in a computer system in which in response to the change of a system key the old key and new key are both maintained for subsequent use.
Tue, 26 May 2015 08:00:00 EDTA semiconductor structure including a device configured to receive an input data-word. The device including a logic structure configured to generate an encrypted data-word by encrypting the input data-word through an encrypting operation. The device further including an eFuse storage device configured to store the encrypted data-word as eFuse data by blowing fuses in accordance with the encrypted data-word.
Tue, 26 May 2015 08:00:00 EDTA method, an apparatus, and a computer program product for wireless communication are provided in which a UE is equipped to generate an expression associated with a wireless device for use in a peer discovery signal, generate an expression set from the expression, a first temporal frequency, and a first time duration, and transmit the generated expression set to a base station to allow the base station to broadcast each of the expressions included in the expression set at the first temporal frequency over the first time duration. Another method, apparatus, and computer program product for wireless communication are provided in which a base station is equipped to receive an expression set from a wireless device, process the received expression set to determine each of one or more instances of an expression, and transmit each of the one or more instances of the expression.
Tue, 26 May 2015 08:00:00 EDTDisclosed is a method for address privacy protection for a first wireless device sharing a privacy key with a second wireless device. In the method, a first resolution tag is generated at the first wireless device using a pseudo-random function with the seed value and the privacy key as input arguments. The privacy key is only known to the first and second wireless devices. A privacy address is generated for the first wireless device based on the seed value and the first resolution tag. A packet is transmitted from the first wireless device to the second wireless device. The packet includes the privacy address and the first resolution tag.
Tue, 26 May 2015 08:00:00 EDTMethod and apparatus for SPS authentication, for example for use with GPS, are disclosed. The method may include receiving a first set of Y codes from a plurality of satellites, generating authentication decisions using W code estimates extracted from the first set of Y codes for satellite channels corresponding to the plurality of satellites, and generating an authentication response according to authentication decisions generated for the satellite channels.
Tue, 26 May 2015 08:00:00 EDTAn image forming apparatus includes a memory unit configured to store image data, a mode detecting unit configured to detect a transition from a first operating mode to a second operating mode, and an encryption unit configured to encrypt the image data in the memory unit based on the transition.
Tue, 26 May 2015 08:00:00 EDTComputationally implemented methods and systems are described herein that are designed to, among other things, receiving a level-one encrypted output of a surveillance device; encrypting at least a part of the level-one encrypted output of the surveillance device with a level-two encryption key whose decryption key is inaccessible by a level-two encryption entity; and transmitting a level-two encrypted output of the surveillance device.
Tue, 26 May 2015 08:00:00 EDTAn apparatus and method for converting a random binary sequence into a random integer is provided. The present invention converts a random binary sequence into a random integer, and determines whether the corresponding random integer falls within a preset integer interval. Further, if it is determined that the random integer generated from the random binary sequence does not fall within the preset integer interval, the present invention repeatedly updates a random binary sequence until a random integer falling within the corresponding integer interval is obtained, thus outputting uniformly distributed random integers which fall within the preset integer interval.
Tue, 26 May 2015 08:00:00 EDTA secret key generation apparatus and method are provided. The secret key generation apparatus includes at least one antenna, amplification/phase controllers, a transceiver, and a random signal controller. The antenna receives a wireless signal from a counterpart terminal that performs wireless communication. The amplification/phase controllers control the amplification gain and phase of the wireless signal that is received via at least one antenna. The transceiver measures the status of a wireless channel using the wireless signal having the controlled amplification gain and phase, determines parameters based on results of the measurement, and generates a secret key based on results of the determination. The random signal controller controls the amplification/phase controllers so that the amplification gain and phase are adjusted whenever the transceiver generates a secret key.
Tue, 26 May 2015 08:00:00 EDTA method in a portable data carrier for executing a cryptographic operation on security-relevant data comprises a step of determining a remainder (r) of a dividend (a) modulo a divisor (b). In so doing, the remainder (r) is determined iteratively by means of a division device of the data carrier. In each iteration there is carried out a Montgomery multiplication with the divisor (b) as the modulus and an additive linkage of an output value of the Montgomery multiplication with a coefficient (ai) derived from the dividend (a) and associated with the respective iteration. The Montgomery multiplication is carried out here by means of a multiplication device of the data carrier, preferably a corresponding coprocessor. The Montgomery multiplication of a subsequent iteration receives a result of a preceding iteration as an input value.
Tue, 19 May 2015 08:00:00 EDTA cryptanalysis method comprising: (A) Performing a ciphertext-only direct cryptanalysis of A5/1 and(B) Using results of Step (A) to facilitate the decryption and/or encryption of further communications that are consistent with encryption using the session key and/or decryption using the session key, wherein the cryptanalysis considers part of the bits of the session key to have a known fixed value, and wherein the cryptanalysis finds the session key. An efficient known plaintext attack on AS/2 comprises trying all the possible values for R4, and for each such value solving the linearized system of equations that describe the output;The solution of the equations gives the internal state of RI, R2, and R3; Together with R4, this gives the full internal state which gives a suggestion for the key.
Tue, 19 May 2015 08:00:00 EDTDescribed is a technology by which access to a resource is determined by evaluating a resource label of the resource against a user claim of an access request, according to policy decoupled from the resource. The resource may be a file, and the resource label may be obtained by classifying the file into classification properties, such that a change to the file may change its resource label, thereby changing which users have access to the file. The resource label-based access evaluation may be logically combined with a conventional ACL-based access evaluation to determine whether to grant or deny access to the resource.
Tue, 19 May 2015 08:00:00 EDTIn one or more embodiments, an integrated circuit includes a programmable memory, a key generation module and a module. The programmable memory is to maintain a first key portion. The key generation module is to generate a key using the first key portion from the programmable memory and a second key portion received via a memory interface. The module is to encrypt or decrypt data using the key.
Tue, 19 May 2015 08:00:00 EDTA file system data is divided into two or more data blocks. A unique encryption key is assigned to each data block with the encryption key assigned to each data block being distinct from other encryption keys used to encrypt the other data blocks and each of the data blocks is encrypted using its assigned encryption key. One of the data blocks within the file system is then selected and decrypted using the distinct encryption key assigned to the selected data block and a new encryption key, distinct for the previously assigned encryption key, is assigned to the selected data block and the selected data block is re-encrypted using the new encryption key. This process is then repeated for each data block on a sequential/cyclic and continually rotating basis.
Tue, 19 May 2015 08:00:00 EDTA system apparatus and method for protecting information are provided. Embodiments of the invention may detect inactivity related to a computing device. Information and encryption key may be removed from a memory. Subsequent activity may be detected. An authentication procedure may be performed, and, contingent on authenticating a relevant entity, a master key may be generated and installed in a memory.
Tue, 19 May 2015 08:00:00 EDTA data source may be configured to provide usage data including subscriber identifiers and associated information indicative of subscriber device locations and usage. A data warehouse server may be configured to perform operations including: decrypting subscriber identifiers included in usage data received from the data source using a two-way rolling key groups algorithm; re-encrypting the subscriber identifiers decrypted from the usage data to create secure encrypted identifiers using a one-way secured encryption algorithm; and correlating the subscriber identifiers in the decrypted usage data with the corresponding re-encrypted identifiers.
Tue, 19 May 2015 08:00:00 EDTA content data reproducing method includes: decrypting encrypted data to generate plain-text data; dividing the plain-text data into decrypted content data and reproduction management information; sending the reproduction management information to a user space; storing the decrypted content data in a secret buffer; obtaining the decrypted content data as reproduction target data from the secret buffer and transmitting the reproduction target data to a decoder; and decoding the reproduction target data by the decoder.
Tue, 19 May 2015 08:00:00 EDTSystems and methods for updating status of digital certificate subkeys. A request is made to a key server to verify if a given key is revoked. If it is not, then the key with its subkeys is acquired from the key server. If one or more subkeys or signatures of the subkeys are different in the acquired key, then the key is replaced.
Tue, 19 May 2015 08:00:00 EDTAn infrastructure for securely communicating with electronic meters is described, which enables secure communication between a utility and a meter located at a customer, over a communication link or connection such as via a network. This enables messages to be sent from the utility to the meter and vice versa in a secure manner. The network provides a communication medium for communicating via the C12.22 protocol for secure metering. A cryptographic backend is used to cryptographically process messages to be sent to the meter and to similarly cryptographically process messages sent from the meter. By providing appropriate cryptographic measures such as key management, confidentiality and authentication, the meter can only interpret and process messages from a legitimate utility and the utility can ensure that the messages it receives are from a legitimate meter and contain legitimate information.
Tue, 19 May 2015 08:00:00 EDTDisclosed are methods and apparatus for managing services within a computer network. In one embodiment, a message interchange network for exchanging application-level messages between services, which are located outside the message interchange network, is provided. At the message interchange network, a plurality of application-level messages, which each specify which one or more receiving services are to receive the each application-level message, are received. Each received application-level message is forward towards the one or more receiving services. Correlation information regarding each application-level message that is received into message interchange network is retained. The application-level messages are sent between pairs of the services, and the retained correlation information for each application-level message pertains to each application-level message and any other application-level messages related to the each application-level message. A query can then be received, at the message interchange network from a first service, to search the retained correlation information for specific one or more portions of the retained correlation information. A response to the query, which includes the specific one or more portions of the retained correlation information, is sent to the first service.
Tue, 19 May 2015 08:00:00 EDTThe present invention provides a method and system for secured remote provisioning of a universal integrated circuit card of a user equipment. A system includes a user equipment for initiating a request for remote provisioning of an universal integrated circuit card (UICC) in the user equipment, where the request for remote provisioning includes a machine identifier (MID) associated with the user equipment and a public land mobile network (PLMN) identifier (ID) associated with an network operator. The system also includes at least one shared key management server for dynamically generating security keys and an operator shared key using the security keys, the MID. Moreover, the system includes an operator network for generating a subscription key using the operator shared key and an international mobile subscriber identity (IMSI), and provisioning the IMSI in a secured manner to the UICC of the user equipment using the security keys.
Tue, 19 May 2015 08:00:00 EDTA method, non-transitory computer readable medium and application manager computing device comprises obtaining at least one cryptographic key from a request by a client computing device for a user session. User information corresponding to a user is encrypted or decrypted using the cryptographic key. The request is authenticated based on encryption or decryption of the user information. The cryptographic key is deleted after the completion or termination of the user session.
Tue, 19 May 2015 08:00:00 EDTA secret stream of bits begins by receiving a public random stream contained in a wireless communication signal at a transmit/receive unit. The public random stream is sampled and specific bits are extracted according to a shared common secret. These extracted bits are used to create a longer secret stream. The shared common secret may be generated using JRNSO techniques, or provided to the transmit/receive units prior to the communication session. Alternatively, one of the transmit/receive unit is assumed to be more powerful than any potential eavesdropper. In this situation, the powerful transmit/receive unit may broadcast and store a public random stream. The weaker transmit/receive unit selects select random bits of the broadcast for creating a key. The weaker transmit/receive unit sends the powerful transmit/receive unit the selected bit numbers, and powerful transmit/receive unit uses the random numbers to produce the key created by the weaker transmit/receive unit.
Tue, 19 May 2015 08:00:00 EDTA system that incorporates the subject disclosure may include, for example, instructions which when executed cause a device processor to perform operations comprising sending a service request to a remote management server; receiving from the management server an authentication management function and an encryption key generator for execution by a secure element and an encryption engine for execution by a secure device processor, sending a request to establish a communication session with a remote device; and communicating with the remote device via a channel established using an application server. The secure element and the secure device processor authenticate each other using a mutual authentication keyset. The secure element, the secure device processor and the device processor each have a security level associated therewith; the security level associated with the secure device processor is intermediate between that of the secure element and that of the device processor. Other embodiments are disclosed.
Tue, 19 May 2015 08:00:00 EDTThe present invention provides a broadcast receiving apparatus that receives a broadcast wave containing multiple channels. The apparatus comprises, among other things, a selecting unit that selects a channel from the broadcast wave; a determination unit that determines, for all channels that can be selected by the selecting unit, whether or not the obtaining unit can obtain an encrypted second-type encryption key that can be decrypted by the decrypting unit using the updated first-type encryption key; and an updating unit that updates the computer program stored in the memory to the updated program in the case where the determination unit has determined that the obtainment is possible for all the channels.
Tue, 19 May 2015 08:00:00 EDTDisclosed herein are a private key generation apparatus and method, and storage media storing programs for executing the methods on a computer. The private key generation apparatus includes a root private key generation unit and a sub-private key generation unit. The root private key generation unit sets a root master key and predetermined parameters capable of generating private keys, and generates a first sub-master key set capable of generating a number of private keys equal to or smaller than a preset limited number. The sub-private key generation unit generates private keys with the root private key generation unit by receiving the first sub-master key set from the root private key generation unit, to generate a private key corresponding to a user ID using the first sub-master key set, and issues the private key to a user.
Tue, 19 May 2015 08:00:00 EDTA method and apparatus for forming and distributing quantum encryption keys. A first quantum signal generated by a number generator in a communicator is transmitted through an aperture in the communicator to a receiving communicator. A second quantum signal is received through the aperture at the communicator from a transmitting communicator. The first quantum signal is isolated from the second quantum signal such that the first quantum signal is transmitted from the communicator in response to the first quantum signal passing through the aperture and such that the second quantum signal is received at a number detector in the communicator in response to the second quantum signal passing through the aperture.
Tue, 19 May 2015 08:00:00 EDTA device is described for the hiding and subsequent recovery of visual information. The device comprises two or more tokens (1), each containing a mask (2,3) of coloured pixels (4), are overlaid (5), so that when the pixels are aligned, hidden information, invisible in the individual tokens. The hidden information consists of one or more recognisable alphabetic, numerical or pictorial characters (6). During token overlay and alignment, the information becomes recognisable because it is made up of pixels whose colour is differentiated from the other pixels in the overlay. The information is hidden by adding pixels of certain colours. When the tokens are overlaid and the pixels aligned, the added pixels are effectively subtracted, revealing the hidden information. The tokens may be printed on various media, or may be displayed on an electronic device.
Tue, 12 May 2015 08:00:00 EDTA relay apparatus of a video and audio transmitting/receiving system delays a time before transmitting an authentication start instruction after an authentication start video signal being transmitted to a receiving apparatus. Accordingly, a problem that the receiving apparatus receives the authentication start instruction from the relay apparatus before locking the authentication start video signal and cannot perform authentication processing normally, leading to a failure in authentication. A correction time is decided based on a resolution of the authentication start video signal transmitted from the receiving apparatus and a combination of receiving apparatuses and transmitting apparatuses connected to the relay apparatus.
Tue, 12 May 2015 08:00:00 EDTA system administrator of a wireless LAN 100 manipulates a personal computer PC1 to change a WEP key. The personal computer PC1 authenticates a memory card MC as genuine under management of the system administrator. In the case of the authenticated memory card MC, changed setting information, as well as a previous WEP key before the change of the setting information, is written into the memory card MC. The system administrator then inserts this memory card MC into a memory card slot of a printer PRT1. The printer PRT1 authenticates the memory card MC as genuine under management of the system administrator. In the case of the authenticated memory card MC, the setting information is updated. This arrangement effectively relieves the user's workload in setting wireless communication devices, while ensuring the sufficiently high security.
Tue, 12 May 2015 08:00:00 EDTA method of authenticating a device involves establishing a local connection between a local target device and a local source device; at the source device, obtaining credentials of the target device via the local connection; at the source device, sending the credentials to a cloud authentication server via a secure communication channel; at the cloud authentication server, checking the credentials of the target device against a database of known good devices; at the source device, receiving a message from the cloud authentication server via the secure communication channel, said message indicating that the target device is authenticated; and delivering content from the source device to the target device on the condition that the target device is authenticated. This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract.
Tue, 12 May 2015 08:00:00 EDTAn apparatus includes a logging apparatus and a configuration apparatus. The logging apparatus has a security module operable to create a manipulation-proof log. The configuration apparatus is operable to configure a configurable microprocessor system. The configuration apparatus is further operable to be coupled to the logging apparatus in order to log a configuration of the microprocessor system using the logging apparatus.
Tue, 12 May 2015 08:00:00 EDTData is secured on a device in communication with a remote location using a password and content protection key. The device stores data encrypted using a content protection key, which itself may be stored in encrypted form using the password and a key encryption key. The remote location receives a public key from the device. The remote location uses the public key and a stored private key to generate a further public key. The further public key is sent to the device. The device uses the further public key to generate a key encryption key, which is then used to decrypt the encrypted content protection key. A new content encryption key may then be created.
Tue, 12 May 2015 08:00:00 EDTThe invention relates to a method for configuring a mobile device capable of reproducing, for a user, multimedia content previously provided by a remote content server. The invention relates to using a client installed on said electronic device to relay authentication requests between a card, preferably complying with the provisions of the Mobile Commerce Extension standard, and an authentication server that is accessible via an access point.
Tue, 12 May 2015 08:00:00 EDTA communication terminal that can adjust which section of a one-time pad cipher key is used and achieve cipher communication when there is a possibility that the one-time pad cipher keys are not completely matched between communication terminals. A cipher key transfer device acquires a one-time pad cipher key from a key sharing system, divides the acquired one-time pad cipher key with a predetermined number of bits, and transfers the same to a mobile communication terminal after converting the same into one-time pad cipher key cartridges. Along with the partner's terminal, the mobile communication terminal negotiates which one-time pad cipher key cartridge will be used to perform cipher communication, decides the one-time pad cipher key cartridge to be used, and begins cipher communication.
Tue, 12 May 2015 08:00:00 EDTA method of processing content according to a workflow, where a digital content is processed on one of a plurality of processing devices according to process definition associated to the content, includes the steps, iterated at the processing device, of: a) receiving from a server a signed workflow information, a workflow information comprising a status of the content processing, a signature of the process definition and a hash of the content;b) verifying the workflow information;c) when the workflow information is verified, processing the content according to the process definition and according to status of the content processing;d) updating and signing the workflow information;e) sending to the server the signed workflow information;and the steps iterated at the server of:f) receiving from a processing device a signed workflow information;g) publishing the signed workflow information received from the processing device. A system for performing the method is also provided.
Tue, 12 May 2015 08:00:00 EDTA receiving device receives messages, detects the priority levels set in the headers of the messages, and reads the first and second messages. When the receiving device receives the header of the second message during reading of the first message, it controls, in accordance with the priority levels of the first and second messages, the reading rates at which the first and second messages are read.
Tue, 12 May 2015 08:00:00 EDTA data distributing and accessing method for sharing a file via a network system includes steps of: dividing the file into a plurality of blocks; distributing the blocks in a plurality of data hosts interconnected via the network system; one of the data hosts receiving a file-reading request from a user host and issuing collecting requests to other data hosts to collect the blocks from the data hosts; and transferring the collected blocks from the data hosts to the user host to be combined into the file.