Patent application number | Description | Published |
20080301754 | Management of Mandatory Access Control For Graphical User Interface Applications - Granular policy management is provided based upon an active status of a process and the display status of an associated visual display. A policy is constructed and applied to a process by a combination of individual control policy parameters associated with the status of a process or a graphical user interface. Each active policy is dynamically adjusted in response to a change in at least one policy condition. | 12-04-2008 |
20090064312 | SYSTEM, METHOD AND PROGRAM FOR PROTECTING INFORMATION ON COMPUTER SCREEN - Whenever a drawing command is executed, a computer system having a graphic user interface such as a multi-window system determines, from the logical operation pattern of the drawing command, what kind of information is inherited by a drawing result from the drawing command, preferably without performing a complicated step such as an image process. At the same time, the computer system controls information flow of an image outputted to a screen by managing labeled area maps which correspond one to one to images on the screen and in a memory. | 03-05-2009 |
20090150824 | MULTIWINDOW SYSTEM, SECURITY PROTECTION METHOD, AND SECURITY PROTECTION PROGRAM FOR MULTIWINDOW SYSTEM - Security levels and positional information in the Z-axis direction (Z-order) of windows on the screen with a limitation. A program that is assigned a low security level cannot become higher than a program that is assigned a high security level in the Z-axis direction. In addition, a restriction is imposed on information flow via a clipboard and a window message from a higher program to a lower program in the Z-axis direction. The security levels are managed on the window basis according to attributes of files to be accessed or documents to be displayed. The display state of each window in the desktop is dynamically controlled depending on the security level of the window on which a user actually performs operation. The visual states of system resources such as printers and drives are controlled in accordance with the assigned security level. | 06-11-2009 |
20100071034 | SYSTEM FOR PREVENTING UNAUTHORIZED ACQUISITION OF INFORMATION AND METHOD THEREOF - A system including a server apparatus executes an application program and a client apparatus enabling a user to utilize the application program by communicating with the server apparatus based on an instruction of the user. The server apparatus includes: an output detection section for detecting output-processing which is processing of outputting data from the application program into a shared area; and an output control section for storing instruction information in the shares area, instead of storing the output data outputted from the application program therein, in response to the detection of the output-processing, the instruction information specifying an acquisition method by which an authorized client apparatus acquires the output data. The client apparatus includes: a reading detection section for detecting reading-processing which is processing of reading data from the shared area; and a reading control section which reads the instruction information from the shared area in response to the detection of the reading-processing, and which acquires the output data by the acquisition method specified by the instruction information. | 03-18-2010 |
20120072376 | OPTIMIZING A PRINTER SYSTEM IN CONSIDERATION OF ENVIRONMENTAL LOAD - A print server selects a printer system to execute a print job received from a client, the printer system selected from among a plurality of printer systems connected to the network, the print server comprising a basic information acquiring section that acquires, at predetermining timing, unit price calculation basic information on printer systems in operation including at least information on environmental load information from at least one of the plurality of printer systems and external computers, a unit price calculating section that calculates a print unit price for each printer system based on the acquired unit price calculation basic information, a storage section that stores the calculated unit price in association with identification information for identifying the printer system and a sending section that sends the print unit prices and the identities of the printer systems associated with the calculated unit prices to the client. | 03-22-2012 |
20120166442 | CATEGORIZING DATA TO PERFORM ACCESS CONTROL - Systems and methods categorize data to perform access control. A system receives first data, where the first data comprises at least a portion of data to be categorized. The system analyzes the first data to determine Whether the first data belongs to a first category. If the first data belongs to a first category, the system applies a first access control set to actions on the data to be categorized. Further, if one or more of the actions on the data to be categorized has an access control status of pending after applying the first access control set, the system receives second data, where the second data comprises at least a portion of data to be categorized. The system analyzes the second data to determine whether the second data belongs to a second category. If the second data belongs to a second category, the system applies a second access control set to at least one of the actions having the access control status of pending. | 06-28-2012 |
20120215591 | OPTIMIZING A PRINTER SYSTEM IN CONSIDERATION OF ENVIRONMENTAL LOAD - A print server selects a printer system to execute a print job received from a client, the printer system selected from among a plurality of printer systems connected to the network, the print server comprising a basic information acquiring section that acquires, at predetermining timing, unit price calculation basic information on printer systems in operation including at least information on environmental load information from at least one of the plurality of printer systems and external computers, a unit price calculating section that calculates a print unit price for each printer system based on the acquired unit price calculation basic information, a storage section that stores the calculated unit price in association with identification information for identifying the printer system and a sending section that sends the print unit prices and the identities of the printer systems associated with the calculated unit prices to the client. | 08-23-2012 |
20130031354 | SYSTEM FOR PREVENTING UNAUTHORIZED ACQUISITION OF INFORMATION AND METHOD THEREOF - A server apparatus includes: an output detector for detecting output-processing which is processing of outputting data from the application program into a shared area; and an output control section for storing instruction information in the shared area, instead of storing the output data outputted from the application program therein, in response to the detection of the output-processing, the instruction information specifying an acquisition method by which an authorized client apparatus acquires the output data. The client apparatus includes: a reading detection section for detecting reading-processing which is processing of reading data from the shared area; and a reading control section which reads the instruction information from the shared area in response to the detection of the reading-processing, and which acquires the output data by the acquisition method specified by the instruction information. | 01-31-2013 |
20130145459 | Information Processing Device, Control Method and Program - An information processing device, control method and program that suppresses security risks to a minimum. When power is activated, a control component starts by reading a first program from a first memory component and, in observance of the first memory program, it reads the identification information of an authentication device that is mounted to a mounting component, references a table T, and performs authentication processing for the authentication device, with the condition that the count value correspondingly listed for the identification information of the authentication device be larger than a prescribed value and, when authentication processing has succeeded, starts by reading the second program from a second memory component, and in the event that the authentication device continues to be mounted to the mounting component during executing the second program, decreases the table count value corresponding to the unique identification information of the authentication device. | 06-06-2013 |
20130219462 | GENERATING A DISTRUBITION PACKAGE HAVING AN ACCESS CONTROL EXECUTION PROGRAM FOR IMPLEMENTING AN ACCESS CONTROL MECHANISM AND LOADING UNIT FOR A CLIENT - A data distribution system, method and program for generating a distribution package for distribution data to a client. An environment of a requesting client requesting distribution data is detected. A determination is made of an access control execution program for implementing an access control mechanism and a loading unit on the requesting client. The access control execution program is adapted to the detected environment of the requesting client and control access to a resource from a process in the client. The loading unit loads the distribution data to a protected storage area of the client. A determination is made of a security policy specified for the distribution data. A distribution package is generated including the distribution data, the security policy, the loading unit, and the access control execution program adapted to the environment of the requesting client; and transmitting the generated distribution package to the requesting client. | 08-22-2013 |
20130226965 | Acquiring Customized Information from a Server - A mechanism is provided for acquiring information from a server based on search condition input by a search performing user and communication results with other information terminals. Input search conditions are received from a search performing user. Communication is performed with other information terminals. A search request is transmitted to the server based on the input search conditions and the communication results from the other information terminals. Information is received from the server that matches input search results and the communication results. The acquired information is customized based the communication results with the other information terminals. The customized information is then displayed on the information terminal. | 08-29-2013 |
20140006350 | METHOD FOR SELECTING STORAGE CLOUD FOR STORAGE OF ENTITY FILES FROM PLURALITY OF STORAGE CLOUDS, AND COMPUTER AND COMPUTER PROGRAM THEREFOR | 01-02-2014 |
20140040976 | SECURITY-MINDED CLONING METHOD, SYSTEM AND PROGRAM - In order to solve this problem, the first aspect of the present invention is a system for duplicating (cloning) a physical environment in a virtual environment using CMDB, the system comprising: means for setting a level of confidentiality for attributes of configuration items (CI) of CMDB managing the source hardware information and software information, and means for sending CMDB information including CI having the level of confidentiality set to a virtual environment constructing means connected via a network; the virtual environment constructing means having a means for constructing the source environment in a virtual environment based on sent CMDB information; and the sending means having a means for changing the level of confidentiality of CI attributes having the level of confidentiality set in accordance with a default confidentiality policy. | 02-06-2014 |
20140130183 | Managing Confidential Information - An information processing apparatus, method, and program product for appropriately setting confidentiality of a target electronic document even when copied data is pasted into a document from an electronic document including confidential information, without limiting replication from an electronic document including confidential information depending on attributes of the target electronic document. Also provided is an information processing apparatus, method and program product that saves content data specified by the user and a label indicating the confidentiality of the electronic document including the content data in a clipboard; pastes the user-specified content data to a target electronic document; temporarily saves the label for the electronic document including the user-specified content data in a data table which stores electronic document labels, as a label for the target electronic document; checks the confidentiality of the target electronic document; and establishes or deletes the temporarily saved label. | 05-08-2014 |
20140150085 | USER AUTHENTICATION BASED ON A USER'S OPERATION ON A DISPLAYED THREE-DIMENSIONAL MODEL - An authentication device authenticates a user based on a user's operation. The authentication device comprises a display control unit, an operation input unit, and an authentication unit. The display control unit is a processor-based logic that displays a three-dimensional model on a display device. The operation input unit is a hardware unit that inputs a user's operation on the displayed three-dimensional model. The authentication unit is a processor-based logic that authenticates the user based on the user's operation, wherein the user's operation comprises a change operation of at least one of a position and posture of the three-dimensional model having been input from the user. | 05-29-2014 |
20140289204 | EXECUTING A FILE BACKUP PROCESS - A technique to execute a backup process efficiently when an identical file is owned by multiple persons in order to decrease storage capacity and traffic volume requirements. In a backup system including a backup execution terminal, backup destination terminals, and a management server, the backup execution terminal executes a deemed backup process for deeming the file identical to the target file and owned on the backup destination terminals to be a backup duplicate of the target file, or an actual backup process for sending the target file to the management server, each of the backup destination terminals stores the backup execution terminal and the file identical to the target file in association with each other at the time of the deemed backup, and the management server stores the target file sent from the backup execution terminal at the time of the actual backup. | 09-25-2014 |