49th week of 2012 patent applcation highlights part 74 |
Patent application number | Title | Published |
20120311664 | NETWORK THREAT DETECTION AND MITIGATION - A network switch automatically detects undesired network traffic and mirrors the undesired traffic to a security management device. The security management device determines the source of the undesired traffic and redirects traffic from the source to itself. The security management device also automatically sends a policy to a switch to block traffic from the source. | 2012-12-06 |
20120311665 | Analyzing Usage Information of an Information Management System - In an information management system, activity data is collected and analyzed for patterns. The information management system may be policy based. Activity data may be organized as entries including information on user, application, machine, action, object or document, time, and location. When checking for patterns in the activity or historical data, techniques may include inferencing, frequency checking, location and distance checking, and relationship checking, and any combination of these. Analyzing the activity data may include comparing like types or categories of information for two or more entries. | 2012-12-06 |
20120311666 | MICRO AND MACRO TRUST IN A DECENTRALIZED ENVIRONMENT - A method and system are disclosed. In one embodiment the method includes calculating a trust level of a first entity. The first entity has a plurality of components. Each component in the first entity has at least the trust level of the first entity. | 2012-12-06 |
20120311667 | AUTHENTICATION APPARATUS, AUTHENTICATION METHOD AND COMPUTER READABLE INFORMATION RECORDING MEDIUM - An authentication apparatus authenticates an information processing apparatus in cooperation with an external authentication apparatus. The authentication apparatus responds to a request from the information processing apparatus to carry out authentication and obtain item values, and carries out authentication for a required account; responds to the authentication being carried out, and obtains from the external authentication apparatus an item value corresponding to an item name that is set as an item to be synchronized each time; updates an item value in a local database by the obtained item value; obtains a set of item values including the updated item value; and returns to the information processing apparatus a result of the authentication having been carried out and the obtained set of item values. | 2012-12-06 |
20120311668 | PROJECTOR PROJECTING PASSWORD - A projector system of the present invention includes a projector 10 and a personal computer PC as an information terminal, which communicate with each other via a network connection. The projector 10 generates a password required for establishment of the network connection and projects the password on a screen SC. A user of the personal computer PC inputs the password projected on the screen SC. The password is used for authentication of the network connection between the projector 10 and the personal computer PC and cipher communication therebetween. This arrangement of the present invention enhances the convenience of the projector that is capable of establishing a network connection with the information terminal, while ensuring secrecy of communicating data. | 2012-12-06 |
20120311669 | ACCESS MONITORING METHOD, INFORMATION PROCESSING APPARATUS, AND COMPUTER-READABLE MEDIUM STORING ACCESS MONITORING PROGRAM - In an access monitoring method executed by a computer: information on a first link is recorded when a request for access through the first link is detected and authentication information is transmitted through the first link; and when an email containing information on a second link is received and a request for access through the second link is detected, a determination whether or not the information on the second link is identical, in a predetermined part, to the recorded information on the first link is made. In the case where yes is determined, access through a link is forbidden when the information on the link is identical, in the predetermined part, to the recorded information on the first link, and the recorded information on the first link is transmitted to a server which collects information on links. | 2012-12-06 |
20120311670 | SYSTEM AND METHOD FOR PROVIDING SOURCE ID SPOOF PROTECTION IN AN INFINIBAND (IB) NETWORK - A system and method can provide source ID spoof protection in an InfiniBand (IB) fabric. The IB fabric can support a plurality of tenants in a subnet that connects a plurality of physical servers, wherein the plurality of tenants are associated with different partitions in the subnet. Then, the plurality of tenants can use at least one shared service, and the IB fabric can be configured to determine what ID values are legal for different physical servers and different partitions. | 2012-12-06 |
20120311671 | SYSTEMS AND METHODS FOR A SECURITY DELEGATE MODULE TO SELECT APPROPRIATE SECURITY SERVICES FOR WEB APPLICATIONS - In accordance with some aspects of the present disclosure, a method is disclosed that can include receiving, by a security delegate module, a set of user authentication credentials by an application running a first instance in a network for a user; determining, by the security delegate module, a type of the application; and selecting, by the security delegate module, a security service based on the set of user authentication credentials and the type of application. | 2012-12-06 |
20120311672 | RESOURCE-CENTRIC AUTHORIZATION SCHEMES - A first request is received, at a service application programming interface (API) of an authorization server, to change a permission of a first role for accessing a first resource. In response to the first request, a first role-based permission data structure associated with the first role is accessed to identify an entry associated with the first resource, where the first role-based permission data structure includes entries corresponding to resources, respectively. Each resource is associated with one or more permissions for a user of the first role to access the corresponding resource. One or more permissions are updated in the identified entry associated with the first resource. | 2012-12-06 |
20120311673 | MEDIA USAGE MONITORING AND CONTROL - Systems and methods of monitoring access to media content across disparate media devices are disclosed. Aspects relate to systems and methods that may be implemented to control access to media content. In one embodiment, rules may define usage parameters of a user for several types of media content and/or disparate media devices. | 2012-12-06 |
20120311674 | Method and system for automatic generation of cache directives for security policy - An authorization method is implemented in an authorization engine external to an authorization server. The authorization server includes a cache. The external authorization engine comprises an authorization decision engine, and a policy analytics engine. The method begins when the authorization decision engine receives a request for an authorization decision. The request is generated (at the authorization server) following receipt of a client request for which an authorization decision is not then available at the server. The authorization decision engine determines an authorization policy to apply to the client request, applies the policy, and generates an authorization decision. The authorization decision is then provided to the policy analytics engine, which stores previously-generated potential cache directives that may be applied to the authorization decision. Preferably, the cache directives are generated in an off-line manner (e.g., during initialization) by examining each security policy and extracting one or more cache dimensions associated with each such policy. The policy analytics engine determines an applicable cache directive, and the decision is augmented to include that cache directive. The decision (including the cache directive) is then returned to the authorization server, where the decision is applied to process the client request. The cache directive is then cached for re-use at the authorization server. | 2012-12-06 |
20120311675 | APPARATUS AND METHOD FOR GENERATING AND INSTALLING APPLICATION FOR DEVICE IN APPLICATION DEVELOPMENT SYSTEM - An operating method of a device for installing an application for a device includes receiving an application installation request including an application and an authentication token from an application development apparatus, and installing the application based on the authentication token, which includes serial numbers of devices authorized for the application. | 2012-12-06 |
20120311676 | SYSTEM AND METHOD FOR A GLOBAL DIRECTORY SERVICE - A system and method for facilitating the transfer of contact information between network subscribers said system including at least one server coupled to the network; at least one database coupled to the server; a plurality of subscriber terminals coupled to the network wherein each subscriber's terminal is configured to send contact information associated with a subscriber to the server in response to a request by said subscriber; wherein the request causes the subscriber's terminal to compile the contact information into an electronic business card object having one or more textual fields and map the one or more textual fields of the electronic business card to one or more object attributes contained in an electronic business card object and transmit the electronic business card object to the server for storage in the database is disclosed. | 2012-12-06 |
20120311677 | METHOD, SYSTEM AND DEVICE FOR RESTRICTING FROM LOGGING INTO A CHAT ROOM - A method, a system, and a device for restricting from logging into a chat room, which belongs to the computer field including, receiving a request from a client corresponding to a chat room administrator for forcing a specified user to exit the current chat room, and sending the client corresponding to the specified user a command to force the specified user to exit the current chat room and changing the status information of the specified user into the restricted state to restrict the specified user into the specified chat room according to the request. The system includes a server and a user client. The user forced to exit the current chat room is prevented from re-entering the chat room and affecting other users therein, but can still enjoy the chat room services in the chat room so as to avoid the chat room losing users and improve the user experience. | 2012-12-06 |
20120311678 | CONTENT DELIVERY SYSTEM, CONTENT DELIVERY METHOD, APPLICATION SERVER SYSTEM, USER EQUIPMENT, AND RECORDING MEDIUM | 2012-12-06 |
20120311679 | Document Conversion And Network Database System - A network database system wherein clients of subscribing entities are authorized network access to reliable documents that are identified by each entity as being relevant to clients of that entity. Features that can be included in the system are customization of the documents to reflect sourcing by particular subscribers, automated formatting of the documents for storing in a network database, client access facilitated by subscriber-maintained databases, and the avoidance of cookies remaining on clients' computer hard drives following document access. Also disclosed is a method for processing repeated data requests on a distributed computer database. | 2012-12-06 |
20120311680 | Authorization and Authentication Based on an Individual's Social Network - In particular embodiments, a method includes accessing a graph structure comprising a plurality of nodes and edges where each node represents a user, receiving a request to transmit content related to a first user to a second user, and prohibiting transmission of the content to the second user if the first user and the second user are connected in the graph structure through a series of edges and nodes that comprises an unauthorized node. | 2012-12-06 |
20120311681 | COMPLETION OF PORTABLE DATA CARRIERS - A method for completing at least one portable data carrier connected to a completion device, wherein a completion data set that is present on the completion device is introduced into the data carrier. A security module is connected to the completion device and different authorization data sets are provided on the security module. The security module includes a management application for managing the different authorization data sets. Each of the authorization data sets exactly specifies one completion, and each of the authorization data sets is exactly associated with one completion data set. The managing application on the security module monitors the completion of the at least one data carrier according to the specification in an authorization data set selected from the different authorization data sets. | 2012-12-06 |
20120311682 | SYSTEM AND METHOD FOR PROVIDING RESTRICTIONS ON THE LOCATION OF PEER SUBNET MANAGER (SM) INSTANCES IN AN INFINIBAND (IB) NETWORK - A system and method can provide subnet manager (SM) restrictions in an InfiniBand (IB) network. A first SM in a subnet in the IB network operates to determine whether a second SM associated with a remote port is trustworthy. Furthermore, the first SM is allowed to send at least one of a request and a response that contains a management key to the second SM, if the first SM determines that the second SM is trustworthy. Additionally, the first SM is prevented from attempting to initiate communication with the second SM, if otherwise. | 2012-12-06 |
20120311683 | NETWORK SECURITY PARAMETER GENERATION AND DISTRIBUTION - Disclosed are various embodiments for facilitating network security parameter distribution and generation in a converged network incorporating multiple heterogeneous link layer networking technologies. Embodiments are provided for connecting network devices through multiple heterogeneous link layer networking technologies using a converged network password. Embodiments are provided for connecting network devices through multiple heterogeneous link layer networking technologies using a pairing event protocol, such as, for example, a push button protocol. | 2012-12-06 |
20120311684 | SYSTEMS AND METHODS FOR REGISTERING A USER ACROSS MULTIPLE WEBSITES - Various embodiments provide systems for registering a user with one or more websites. Such systems comprise at least one processor configured to: receive an IP address for a computing device being used by the user; and after receiving the IP address: (1) obtain a location associated with the IP address; and (2) identify whether the user is in a jurisdiction that permits the user to register with a website. The systems may then receive one or more parameters obtained from the user, upon which the systems verify an age of the user; determine which of the one or more types of transaction activities the user is permitted to conduct; query one or more registration attempts over a predetermined previous time period to identify duplicate or similar parameters; and verify the user's identity based at least on one of the one or more parameters. Associated methods are also provided. | 2012-12-06 |
20120311685 | DISTRIBUTED NETWORK NAME - Aspects of the subject matter described herein relate to a distributed network name. In aspects, computers of a cluster have components of a distributed network name service. The network name service has a leader and clones that are hosted on the computers of the cluster. The leader is responsible for updating a name server with network names and addresses of the computers. The leader is also responsible for configuring a security server that allows clients to securely access the computers. The network name service provides credentials to local security authorities of the computers so that a client that attempts to access a service of the computers can be authenticated. | 2012-12-06 |
20120311686 | SYSTEM AND METHOD FOR SECURE IDENTITY SERVICE - A system and method for securely processing identity information. For example, in one embodiment of the invention, a first user is registered on an identity service with one or more identification (ID) codes and a token. In response to a query from a second user to connect with the first user, a query signature is generated using the one or more ID codes and token of the first and second users, and a timestamp. The query signature is usable by network services to authenticate communication between the first and second users on the network over a specified period of time. In another embodiment, user ID codes and tokens are cached on mobile devices and/or a system cache to improve performance. The validity of the cached data is determined by calculating a fingerprint which, in one embodiment, is a hash of the ID code, token and a timestamp. | 2012-12-06 |
20120311687 | System, Method And Computer Program Product For Authenticating A Client - A system, method and computer program product are provided for authenticating a user. The method includes receiving, such as from an authenticator, a set of at least one label identifying at least one element of an authentication matrix. The authentication matrix includes a plurality of elements, each element capable of being identified by a label. Then, a passcode is formulated, such as by the client, based upon the element(s) identified by the received set of label(s). Thereafter, the client is authenticated based upon the formulated passcode, such as by the authenticator. The set of label(s) can be received, the passcode can be formulated, and the client can be authenticated a plurality of times. In such instances, to permit the passcode to dynamically change, each set of label(s) received can differ from each previously received set of label(s). | 2012-12-06 |
20120311688 | HOSTED MEDIA CONTENT SERVICE SYSTEMS AND METHODS - An exemplary system includes 1) at least one computing device within a first computing subsystem associated with a hosted media content service, the at least one computing device configured to authenticate a user to the hosted media content service and provide at least one encrypted token to a user device associated with the user, and 2) at least one other computing device within a second computing subsystem associated with the hosted media content service, the at least one other computing device configured to store hosted media content associated with the hosted media content service, receive the at least one encrypted token from the user device, validate the at least one encrypted token, and perform, in response to the validation, at least one action on media content as part of the hosted media content service. Corresponding methods and systems are also disclosed. | 2012-12-06 |
20120311689 | REDIRECTION USING TOKEN AND VALUE - A client is redirected by a relying party to the supporting entity (such as an identity or claims provider). The relying party also sends a cookie that includes a nonce, and another copy of the nonce in a redirection context (e.g., in a context string). The client then communicates with the supporting entity to facilitate the supporting service, whereupon the supporting entity sends a validation token back to the client evidencing completion of the supporting service. The supporting party also sends the nonce back as part of the redirection context (e.g., in a context string). The client then sends a followup service request that includes the cookie, the nonce returned by the supporting entity, and the validation token to the relying party. The relying party may compare the nonce in the cookie with the nonce returned by the supporting entity to verify that the request is valid. | 2012-12-06 |
20120311690 | METHOD OF USING A SECURE PRIVATE NETWORK TO ACTIVELY CONFIGURE THE HARDWARE OF A COMPUTER MICROCHIP - A method for a computer or microchip with one or more inner hardware-based access barriers or firewalls that establish one or more private units disconnected from a public unit or units having connection to the public Internet and one or more of the private units have a connection to one or more non-Internet-connected private networks for private network control of the configuration of the computer or microchip using active hardware configuration, including field programmable gate arrays (FPGA). The hardware-based access barriers include a single out-only bus and/or another in-only bus with a single on/off switch. | 2012-12-06 |
20120311691 | SYSTEMS AND METHODS FOR DECOY ROUTING AND COVERT CHANNEL BONDING - Systems, methods, and devices for decoy routing and covert channel bonding are described. The decoy routing system includes a client computing device, a decoy router, and a decoy proxy such that packets addressed to a decoy destination are re-routed by the decoy router to a covert destination via the decoy proxy. The decoy routing method may be applied to a covert channel bonding process, in which a plurality of packet data streams are sent to one or more decoy destinations, re-routed appropriately via one or more decoy routers and/or decoy proxies, and assembled together into a single packet data stream at either a decoy proxy, or a final covert destination. | 2012-12-06 |
20120311692 | COMMUNICATION CONTOL APPARATUS AND PACKET FILTERING METHOD - A communication control apparatus ( | 2012-12-06 |
20120311693 | UPDATING FIREWALL RULES - A host rule mapping module in a firewall server may receive an update notification from a name server. The update notification may indicate a change to an address associated with a host name of a host machine. In response to receiving the update notification, the host rule mapping module may request a record corresponding to the host name identified in the update notification. The host rule mapping module may receive a contents of the record in response to the request from the name server, and update a firewall rule corresponding to the address identified in the update notification to include the contents of the record. | 2012-12-06 |
20120311694 | SECURITY SYSTEM FOR A COMPUTER NETWORK HAVING A SECURITY SUBSYSTEM AND A MASTER SYSTEM WHICH MONITORS THE INTEGRITY OF A SECURITY SUBSYSTEM - A security system for a computer network that has a plurality of devices connected thereto comprises a security subsystem, a master system and a secure link. The security subsystem is implemented on a first computer and is connected to at least some of the devices in the network. The security subsystem is configured to monitor activities of the at least some devices on the network and detect attacks on the at least some devices. The master system is implemented on a second computer which is different from the first computer. The master system monitors the integrity of the security subsystem and registers information pertaining to attacks detected by the security subsystem. The secure link is connected between the security subsystem and the master system. The master system monitors the integrity of the security subsystem and receives the information pertaining to the attacks through the secure link. | 2012-12-06 |
20120311695 | METHOD AND APPARATUS FOR DYNAMIC MODIFICATION OF AUTHENTICATION REQUIREMENTS OF A PROCESSING SYSTEM - Authentication requirements for a user to access a processing system may be dynamically modified based on status information received from sensors coupled to the processing system. The processing system may receive a request for access to the processing system by the user. The processing system determines an authentication policy based at least in part on the status information, and presents authentication requirements to the user based at least in part on the authentication policy. | 2012-12-06 |
20120311696 | Override for Policy Enforcement System - A policy enforcement system may have a mechanism for assisting a user in obtaining an exception to a given policy. The mechanism may collect information from the user as to why the exception is requested, then manage the exception throughout a security system. An exception policy may define the conditions when a user may be granted an exception automatically, as well as when the exception may be granted only through an approval process. An exception created by the mechanism may be logged in an audit file so that each exception is documented. Different exceptions may be defined for different conditions and each exception may have one or more paths by which the exception may be granted. The policy enforcement system may be used for any type of access control to any resource, including URL resources, physical peripherals or networks, data or applications, or any other resource. | 2012-12-06 |
20120311697 | METHOD FOR EXECUTING AN APPLICATION IN A RESTRICTED OPERATING ENVIRONMENT - A user is presented with one or more user-level permissions in a human understandable language, where the one or more user-level permissions represent one or more application-level permissions requested from an application for accessing one or more resources. A security profile is generated having one or more operating system (OS)-level permissions based on at least one of the user-level permissions authorized by the user. The security profile is enforced to restrict the application to accessing the one or more resources based on the OS-level permissions. | 2012-12-06 |
20120311698 | Methods and Systems for Using Derived User Accounts - Methods, systems and articles of manufacture consistent with features of the present invention allow the generation and use of derived user accounts, or DUA, in a computer system comprising user accounts. In particular, derivation rules define how a DUA is linked to or created based on an existing original user account, or OUA. Derivation transformations may also update the state of a DUA based on its corresponding OUA or give feedback from the state of a DUA to the state of its corresponding OUA. | 2012-12-06 |
20120311699 | System and Method for Providing Access to an Information Handling System - An information handling system includes a memory and a detector circuit. The memory is configured to store a first electrocardiogram measurement. The detector circuit is configured to receive a second electrocardiogram measurement in response to a specific combination of keys of a keyboard being pressed for a specific period of time, wherein each key in the specific key combination includes an electrocardiogram sensor on a top surface of the key, to authorize a user and log the user onto the information handling system when the second electrocardiogram measurement matches the first electrocardiogram measurement, and otherwise: to deny access to the information handling system; to increase a counter; to determine whether the counter has exceeded a threshold; and to request that an input window is displayed when the counter has exceeded the threshold. | 2012-12-06 |
20120311700 | INFORMATION PROCESSING APPARATUS AND AUTHENTICATION INFORMATION MIGRATION METHOD - An information processing apparatus of the present invention converts user authentication information based on a second one-way function into a second converted value if authentication with a first converted value obtained by converting the user authentication information based on the first one-way function is successful. | 2012-12-06 |
20120311701 | PROTECTION DEVICE, PROTECTION SOFTWARE, AND PROTECTION METHOD FOR CONTROLLING EXTERNAL DEVICE - A protection device controlling an external device is provided having a mode detector, security data, a data detector, and a controller. The external device operates with operation modes that include a user mode that is used when the external device is operated by a user, and a manufacturer mode that is used when the external device is operated by someone other than the user. The mode detector detects an operation mode of the external device. The security data is input to the protection device. The data detector detects input of the security data. The controller restricts certain functions of the external device when the data detector does not detect input of the security data while the external device is in the manufacturer mode. | 2012-12-06 |
20120311702 | SYSTEM AND METHOD FOR PRESERVING REFERENCES IN SANDBOXES - Disclosed herein are systems, methods, and non-transitory computer-readable storage media for preserving references in sandboxes. A system implementing the method receives a document for use in a sandbox environment and passes the document to a parser, via a coordinator. The parser finds references in the document to other resources and outputs a list of references. The system passes the list of references to a verifier that verifies each reference and outputs a list of verified references. The system passes the list of verified references to the sandboxed application which extends the sandbox to include the resources on the list of verified references. In one embodiment, the system preserves references in sandboxes without the use a coordinator. | 2012-12-06 |
20120311703 | REPUTATION-BASED THREAT PROTECTION - Information concerning a plurality of identified threats provided by a plurality of preselected sources is stored in memory. An e-mail message may be received over a communication network. The received e-mail message is separated into a plurality of components. The stored information is searched to identify a reputation score associated with each of the plurality of components. It is then determined whether the e-mail is a threat based on the identified reputation score of each of the plurality of components. The determination is sent to a designated recipient. | 2012-12-06 |
20120311704 | Method and Apparatus for Efficient Netflow Data Analysis - A flow based detection system for detecting networks attacks on data networks. Flow records are collected in a novel data structure that facilitates efficient sorting. The sorted data structure can be subsequently analyzed in an efficient manner to find out if the network is under attack. An attack is identified if the numbers of unique corresponding addresses or conversations are too large. | 2012-12-06 |
20120311705 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR PRESENTING AN INDICIA OF RISK REFLECTING AN ANALYSIS ASSOCIATED WITH SEARCH RESULTS WITHIN A GRAPHICAL USER INTERFACE - A system, method, and computer program product comprise presenting a plurality of search results within a graphical user interface. Further, an indicia of risk is presented that reflects an analysis in association with at least one of the plurality of search results within the graphical user interface. | 2012-12-06 |
20120311706 | PAYMENT CARD INDUSTRY (PCI) COMPLIANT ARCHITECTURE AND ASSOCIATED METHODOLOGY OF MANAGING A SERVICE INFRASTRUCTURE - A system to ensure compliance with data security standards includes a security appliance to perform multiple security functions, with the security appliance including an initial configuration. The system further includes a display unit to provide information of compliance performance of the system on a secure basis. The system also includes a control unit to monitor compliance performance in real-time and to implement additional procedures required based on the monitored compliance to ensure compliance with data security standards. | 2012-12-06 |
20120311707 | INTRUSIVE SOFTWARE MANAGEMENT - Intrusion features of a landing page associated with sponsored content are identified. A feature score for the landing page based on the identified intrusion features is generated, and if the feature score for the landing page exceeds a feature threshold, the landing page is classified as a candidate landing page. A sponsor account associated with the candidate landing page can be suspended, or sponsored content associated with the candidate landing page can be suspended. | 2012-12-06 |
20120311708 | SYSTEM AND METHOD FOR NON-SIGNATURE BASED DETECTION OF MALICIOUS PROCESSES - Systems and methods for detecting malicious processes in a non-signature based manner are disclosed. The system and method may include gathering features of processes running on an electronic device, applying a set of rules to the features, and applying a statistical analysis to the results of the rules application to determine whether a process should be classified into one or more of a plurality of process categories. | 2012-12-06 |
20120311709 | AUTOMATIC MANAGEMENT SYSTEM FOR GROUP AND MUTANT INFORMATION OF MALICIOUS CODES - An automatic management system includes a malicious code group-mutant storage module that receives a malicious codes analysis result from a malicious code collection-analysis system and extracts group information and mutant information of the malicious codes based on the malicious code analysis result, a malicious code group-mutant DB that stores the extracted group information and mutant information, a malicious code group-mutant management module that provides interface to allow a user to detect the group information and mutant information stored in the malicious code group-mutant DB, and a visualizing module that outputs the detection result to the user, wherein the malicious code group-mutant management module that groups malicious codes having action associations using the group information and mutant information stored in the malicious code group-mutant DB, outputs the group information through the visualizing module and outputs the mutant information based on CFG similarity and string similarity through the visualizing module. | 2012-12-06 |
20120311710 | COMPUTER PROGRAM, METHOD, AND SYSTEM FOR PREVENTING EXECUTION OF VIRUSES AND MALWARE - Preventing execution of viruses or malware on a computing device includes compiling an inventory recordation of legitimate applications while in a training mode and terminating execution of any application not on the inventory recordation while in a protected mode. A user may train the computer program to identify legitimate applications routinely accessed by the user and to be updated to the inventory recordation, such that the inventory recordation is personal to the user. After training, the protected mode is activated. While an Internet browser or e-mail client application is activated while in the protected mode, execution of any accessed application that is not uniquely identified on the inventory recordation is terminated. | 2012-12-06 |
20120311711 | DETECTING PERSISTENT VULNERABILITIES IN WEB APPLICATIONS - A method, including storing a test payload to a persistent state of an application and performing a static analysis to identify a first code location in the application that retrieves the test payload, to identify a first path from an entry point to the first code location, and to identify a second path from the first code location to a second code location that executes a security sensitive operation using the retrieved data. A dynamic analysis is then performed to retrieve the test payload via the first path, and to convey the test payload to the second code location via the second path. | 2012-12-06 |
20120311712 | TESTING WEB APPLICATIONS FOR FILE UPLOAD VULNERABILITIES - A system for detecting file upload vulnerabilities in web applications is provided. The system may include a black-box tester configured to upload, via a file upload interface exposed by a web application, a file together with a signature associated with the file. An execution monitor may be configured to receive information provided by instrumentation instructions within the web application during the execution of the web application. The execution monitor may be configured to recognize the signature of the uploaded file as indicating that the uploaded file was uploaded by the black-box tester. The execution monitor may also be configured to use any of the information to make at least one predefined determination assessing the vulnerability of the web application to a file upload exploit. | 2012-12-06 |
20120311713 | DETECTING PERSISTENT VULNERABILITIES IN WEB APPLICATIONS - A method, including storing a test payload to a persistent state of an application and performing a static analysis to identify a first code location in the application that retrieves the test payload, to identify a first path from an entry point to the first code location, and to identify a second path from the first code location to a second code location that executes a security sensitive operation using the retrieved data. A dynamic analysis is then performed to retrieve the test payload via the first path, and to convey the test payload to the second code location via the second path. | 2012-12-06 |
20120311714 | TESTING WEB APPLICATIONS FOR FILE UPLOAD VULNERABILITIES - A system for detecting file upload vulnerabilities in web applications is provided. The system may include a black-box tester configured to upload, via a file upload interface exposed by a web application, a file together with a signature associated with the file. An execution monitor may be configured to receive information provided by instrumentation instructions within the web application during the execution of the web application. The execution monitor may be configured to recognize the signature of the uploaded file as indicating that the uploaded file was uploaded by the black-box tester. The execution monitor may also be configured to use any of the information to make at least one predefined determination assessing the vulnerability of the web application to a file upload exploit. | 2012-12-06 |
20120311715 | SYSTEM AND METHOD FOR PROTECTING A WEBSITE FROM HACKING ATTACKS - A system and method for protecting at least one server, in communication with a computer network, from hacking attacks including a scanner, a report processor and a control center. The scanner may monitor activity of the server, identify at least one security vulnerability, produce an automated report. The report processor may analyze the automated report and generate fixes for identified vulnerabilities. | 2012-12-06 |
20120311716 | SIMULTANEOUS MIXED PROTECTION MODES OVER A VIRTUALIZED HOST ADAPTER - A method for supporting simultaneous mixed protection modes for a write operation. The method includes receiving a write request that includes write data, and is received from one of a plurality of requestors. At least one of the requestors does not support data integrity protection. It is determined if data integrity protection is required for the write operation. It is additionally determined if the data integrity protection is supported by the requestor. Once the determination is made, the data integrity protection value is calculated if data integrity protection is required and is not supported by the requestor. The write data is encoded with the data integrity protection value prior to being written. If the requestor supports data integrity protection, then data integrity protection values are applied to the write data prior to writing the data to the external storage. | 2012-12-06 |
20120311717 | SYSTEM AND METHOD FOR SYSTEMATICALLY REMOVING CUSTOMER PERSONAL INFORMATION FROM AN ELECTRONIC DEVICE - A system and method for flashing one or more electronic devices. A flashing program executed by a server is accessed from a computing device. The one or more electronic devices are received for communication with the computing device. The one or more electronic devices are identified in response to receiving the one or more electronic devices. The one or more electronic devices are flashed to remove the customer private information through the computing device as instructed through the server. | 2012-12-06 |
20120311718 | SYSTEM AND METHOD FOR PERFORMING A SOFTWARE COMPARISON - A system and method for performing software verification for one or more electronic devices. A memory of an electronic device is scanned for electronic references. The electronic references of the electronic device are determined in response to the scanning. The electronic references of the electronic device are compared against standard electronic references to determine results. The electronic device is processed in response to the results. | 2012-12-06 |
20120311719 | DOCUMENT - The invention relates to a document comprising a document body ( | 2012-12-06 |
20120311720 | METHOD FOR PROTECTING APPLICATION AND METHOD FOR EXECUTING APPLICATION USING THE SAME - An application protection method and an application execution method using the same are provided. The application protection method generates a key needed to execute the application which is provided to a user terminal using information on the user terminal, information on the application, and a part of text; and transmits the generated key to the user terminal. Therefore, the application is executed on the device which has a legal right for the application, thereby preventing the illegal use of the application. | 2012-12-06 |
20120311721 | PROGRESSIVE DOWNLOAD OR STREAMING OF DIGITAL MEDIA SECURELY THROUGH A LOCALIZED CONTAINER AND COMMUNICATION PROTOCOL PROXY - Various embodiments are directed towards employing a container and communication protocol proxy component within a client device to receive securely real-time streamed, progressively downloaded, or adaptively streamed container over a network using one container and communication protocol, and to securely decrypt the container and provide it to a media player using a different container and communications protocol. In one embodiment, the container is in Flash Video (FLV) file format. A browser or the media player on the client device may be used to request the container. The requested container is sent over one communication protocol and intercepted by the container and communication protocol proxy component. The container may be received as selectively encrypted container. The container and communication protocol proxy component then may enable decryption of the container and providing of it to the media player using another container and communication protocol combination. | 2012-12-06 |
20120311722 | ELECTRONIC SYSTEMS WITH DATA PROTECTION FUNCTIONS - A communication component sends a request of an action list to a server if information fails to pass authentication. A control component processes content stored in an electronic device according to a reply generated in response to the request. The reply includes the action list. The processing is performed according to an action included in the action list. | 2012-12-06 |
20120311723 | Physical Confirmation For Network-Provided Content - A computer-implemented method includes receiving, from a remote communication device and at a server system, information that indicates a unique identifier for a physical item that corresponds to media content, the identifier differing from identifiers for other physical items that correspond to the same content; associating the received information with an account of a first user of a hosted internet service; and subsequently providing, by the hosted internet service, content that matches the content that corresponds to the physical item, based on a determination that the received information authorizes the first user to obtain the content provided by the hosted internet service. | 2012-12-06 |
20120311724 | APPARATUS AND METHOD OF IN-APPLICATION LICENSING - Apparatus and methods for licensing include executing a base application on a device, initiating a transaction with an application store to obtain access to a subordinate licensable item that is usable by the base application, receiving a transaction receipt corresponding to the transaction for the subordinate licensable item, and obtaining, from a license server, a subordinate license that corresponds to the subordinate licensable item. Additionally, the apparatus and methods may include storing a base license for a base application on a device, acquiring a subordinate license for a subordinate licensable item usable by the base application, receiving a request to execute the base application, enforcing, by a license agent service on the device, the base license with respect to executing the base application, and enforcing, by the base application, the subordinate license during execution of the base application. | 2012-12-06 |
20120311725 | MODERATION OF SHARED DATA OBJECTS - Methods, system, and computer storage media are provided for moderating actions performed on shared data objects. Rule enforcement logic is received for an application that is associated with one or more data objects shared between various clients. The rule enforcement logic is stored at a data server that also stores data associated with data objects. A moderator, also stored on the data server, is used to enforce the rule enforcement logic corresponding to the application when a client attempts to perform an action to a data object associated with the application. | 2012-12-06 |
20120311726 | DOWNLOAD METHOD OF MEDIA CONTENTS - Disclosed is a download method of media contents, wherein an electronic book terminal is registered with a contents server to be provided with a DRM (Digital Right Message)code, and the electronic book terminal is allowed to view the media contents downloaded from the contents server by decoding the media contents using the DRM code, and where the media contents downloaded from the contents server are prevented in advance from being illegally copied and used. Furthermore, the periodically published media contents are set up for periodic subscription to allow a convenient downloading. | 2012-12-06 |
20120311727 | SYSTEM AND METHOD FOR CONTROLLING THE USE OF A DIGITAL WORK IN ACCORDANCE WITH USAGE RIGHTS ASSOCIATED WITH THE DIGITAL WORK - Methods, apparatus, and media for controlling the use of a digital work in accordance with usage rights associated with the digital work. An exemplary server-side method comprises storing a description file associated with a content file of a digital work, the description file including usage rights for the content file, the usage rights indicating a permitted use for the content file of the digital work, communicating with a rendering device, receiving a request to render the content of the digital work originating from the rendering device, processing the request to render including enforcing the usage rights by granting or rejecting the request to render in accordance with the usage rights, and performing closing transaction steps upon detecting that the rendering device has finished rendering the content of the digital work. | 2012-12-06 |
20120311728 | METHODS AND PHARMACEUTICAL COMPOSITION FOR THE TREATMENT OF ATHEROSCLEROSIS - The present invention relates to the prevention or treatment of atherosclerosis, in particular to a group X sPLA2 polypeptide for use in the treatment of atherosclerosis. | 2012-12-06 |
20120311729 | Immunomodulatory Methods and Systems for Treatment and/or Prevention of Atherosclerosis - Immunostimulatory methods and systems for treating or preventing atherosclerosis and/or a condition associated thereto in an individual. | 2012-12-06 |
20120311730 | COTTON VARIETY 10R040B2R2 - The invention relates to the novel cotton variety designated 10R040B2R2. Provided by the invention are the seeds, plants, plant parts and derivatives of the cotton variety 10R040B2R2. Also provided by the invention are methods of using cotton variety 10R040B2R2 and products derived therefrom. Still further provided by the invention are methods for producing cotton plants by crossing the cotton variety 10R040B2R2 with itself or another cotton variety and plants and seeds produced by such methods. | 2012-12-06 |
20120311731 | MELON VARIETY NUN 1101 - The invention relates to the field of | 2012-12-06 |
20120311732 | LETTUCE VARIETY 79-41 RZ - The present invention relates to a | 2012-12-06 |
20120311733 | LETTUCE VARIETY 41-122 RZ - The present invention relates to a | 2012-12-06 |
20120311734 | POTATO TRANSFORMATION COMPOSITIONS, SYSTEMS, METHODS, MICROORGANISMS, AND PLANTS - The present disclosure relates, in some embodiments, to potato transformation compositions, systems, methods, microorganisms, and plants (e.g., one or more potato chipping varieties). In some embodiments, a method of transforming and/or transfecting a plant (e.g., ‘Atlantic’ potato) may comprise (a) growing an ‘Atlantic’ potato plant (e.g., from a tuber) for from about 3 weeks to about 4 weeks, (b) removing one or more leaf sections (e.g., each section from about 0.5 cm to about 1 cm in its longest dimension) from the plant, (c) cultivating the one or more sections on a callus induction medium comprising zeatin for about 2 days, and/or (d) contacting the one or more sections with | 2012-12-06 |
20120311735 | Slow-Maturing, Determinate Peas - A determinate pea plant, where peas of the pea plant have a wrinkled-seed phenotype, and where the pea plant is slow-maturing. | 2012-12-06 |
20120311736 | SELECTIVE ABLATION OF DIPLOID EMBRYOS - Methods of selecting haploid embryos are disclosed. Methods of producing haploid embryos and non-viable diploid embryos on a plant are provided. Methods for selecting haploid embryos produced from haploid inducer maize lines are provided. Methods for producing improved maize haploid inducer lines are disclosed. Maize haploid inducer lines comprising transgenes causing ablated or abnormal diploid embryos are disclosed. | 2012-12-06 |
20120311738 | MUTANT HYDROXYPHENYLPYRUVATE DIOXYGENASE POLYPEPTIDES AND METHODS OF USE - Compositions and methods for conferring hydroxyphenyl pyruvate dioxygenase (HPPD) herbicide resistance or tolerance to plants are provided. Compositions include amino acid sequences, and variants and fragments thereof, for mutant HPPD polypeptides. Nucleic acids that encode the mutant HPPD polypeptides are also provided. Methods for conferring herbicide resistance or tolerance, particularly resistance or tolerance to certain classes of herbicides that inhibit HPPD, in plants are further provided. Methods are also provided for selectively controlling weeds in a field at a crop locus and for the assay, characterization, identification and selection of the mutant HPPDs of the current invention that provide herbicide tolerance. | 2012-12-06 |
20120311739 | MUTANT HYDROXYPHENYLPYRUVATE DIOXYGENASE POLYPEPTIDES AND METHODS OF USE - Compositions and methods for conferring hydroxyphenyl pyruvate dioxygenase (HPPD) herbicide resistance or tolerance to plants are provided. Compositions include amino acid sequences, and variants and fragments thereof, for mutant HPPD polypeptides. Nucleic acids that encode the mutant HPPD polypeptides are also provided. Methods for conferring herbicide resistance or tolerance, particularly resistance or tolerance to certain classes of herbicides that inhibit HPPD, in plants are further provided. Methods are also provided for selectively controlling weeds in a field at a crop locus and for the assay, characterization, identification and selection of the mutant HPPDs of the current invention that provide herbicide tolerance. | 2012-12-06 |
20120311740 | MUTANT HYDROXYPHENYLPYRUVATE DIOXYGENASE POLYPEPTIDES AND METHODS OF USE - Compositions and methods for conferring hydroxyphenyl pyruvate dioxygenase (HPPD) herbicide resistance or tolerance to plants are provided. Compositions include amino acid sequences, and variants and fragments thereof, for mutant HPPD polypeptides. Nucleic acids that encode the mutant HPPD polypeptides are also provided. Methods for conferring herbicide resistance or tolerance, particularly resistance or tolerance to certain classes of herbicides that inhibit HPPD, in plants are further provided. Methods are also provided for selectively controlling weeds in a field at a crop locus and for the assay, characterization, identification and selection of the mutant HPPDs of the current invention that provide herbicide tolerance. | 2012-12-06 |
20120311741 | SOPHOROLIPID TRANSPORTER PROTEIN - The invention relates to a transporter protein involved in the transport of sophorolipids. More specifically, it relates to a | 2012-12-06 |
20120311742 | METHOD FOR MODIFYING PLANT MORPHOLOGY, BIOCHEMISTRY AND PHYSIOLOGY - The present invention relates to methods for increasing seed size and/or weight, embryo size and/or weight, and cotyledon size and/or weight. The methods comprise expression of a cytokinin oxidase in plants or plant parts, preferably in seeds, embryos and/or cotyledons. The methods result in increases in: yield, growth of seedlings, early vigor, and stress tolerance. The invention also relates to isolated plant cytokinin oxidase proteins, nucleic acid sequences encoding cytokinin oxidase proteins as well as to vectors, host cells, transgenic cells and plants comprising such sequences. | 2012-12-06 |
20120311743 | SOYBEAN TRANSFORMATION USING HPPD INHIBITORS AS SELECTION AGENTS - The invention relates to methods for | 2012-12-06 |
20120311744 | Marked Cannabis For Indicating Medical Marijuana - The invention involves transforming | 2012-12-06 |
20120311745 | COMBINED USE OF CRY1CA AND CRY1AB PROTEINS FOR INSECT RESISTANCE MANAGEMENT - The subject invention includes methods and plants for controlling lepidopteran insects, said plants comprising Cry1Ca insecticidal protein and a Cry1Ab insecticidal protein in combination to delay or prevent development of resistance by the insects. | 2012-12-06 |
20120311746 | INSECT RESISTANCE MANAGEMENT WITH COMBINATIONS OF CRY1BE AND CRY1F PROTEINS - The subject invention relates in part to stacking Cry1Be toxins along with Cry1Fa toxins to prevent insects from developing resistance towards either toxin by itself. As discussed in more detail herein, the subject pair of proteins is a particularly advantageous combination, as no other pair of proteins is known to provide high levels of control and non-cross-resistant activity against both | 2012-12-06 |
20120311747 | Raspberry plant named 'Lupita' - The present invention relates to a new and distinct raspberry variety. The varietal denomination of the new variety is ‘Lupita’. Among the characteristics which appear to distinguish the new variety from other varieties are a combination of traits which include a medium-sparse spines density and abundant production of light red colored, broad conical shaped, and big fruit size. | 2012-12-06 |
20120311748 | Raspberry plant named 'Adelita' - The present invention relates to a new and distinct raspberry variety. The varietal denomination of the new variety is ‘Adelita’. Among the characteristics which appear to distinguish the new variety from other varieties are a combination of traits which include a sparse spines density and very abundant production of medium red colored, conical shaped, and very big fruit size. | 2012-12-06 |
20120311749 | Strawberry plant named 'Cristina' - A new and distinct variety of strawberry plant named ‘Cristina’ particularly characterized by high adaptability to non-fumigated soil, very late ripening, very large fruit with good taste, and high productivity, is disclosed. | 2012-12-06 |
20120311750 | Strawberry plant named 'Romina' - A new and distinct variety of strawberry plant named ‘Romina’ particularly characterized by high adaptability to non-fumigated soil, very early ripening, good taste with high sweetness, high firmness and shelf life, is disclosed. | 2012-12-06 |
20120311751 | Euphorbia plant named 'DIWAL2' - A new and distinct | 2012-12-06 |
20120309565 | TACKLING MACHINE FOR FOOTBALL PRACTICE - A tackling machine capable of moving a 50-80 lb. tackling dummy down an overhead track to a junction point where the dummy will turn left, right, or continue straight forward. The operator of the machine controls the junction box with a lever to determine which way the dummy will turn, or go straight. | 2012-12-06 |