Entries |
Document | Title | Date |
20100057813 | PROGRAM ANCILLARY DATA PROCESSING DEVICE, SERVER DEVICE, PROGRAM INFORMATION DISPLAYING METHOD, AND RECORDING MEDIUM - A program ancillary data processing apparatus is provided which includes a program ancillary data extraction unit for extracting program ancillary data pertinent to commodities or services appearing in each scene, from picture program data, and a display control unit for displaying, on a display picture, the information relevant to the commodities or services appearing in each scene, and the sum total of the number of times of scene-based access events by the audience to a database supervising the detailed information relevant to the commodities or services, based on the preset layout information. | 03-04-2010 |
20100070531 | SHARING OBJECTS THAT RELY ON LOCAL RESOURCES WITH OUTSIDE SERVERS - To prevent potential confusion when referencing an object by name, a party may supplementary or alternatively include referential metadata, other than the name by which the object is known to the party, that describes the referenced object. A party receiving information that includes such referential metadata for an object may utilize the referential metadata to identify a local object that matches or may substitute for the object referenced by the sending party. For example, a broker operating a financial system may generate a chart based on a first named object. The broker may wish to send the chart to another broker operating a different financial system. Since the first name object may be known by a different name in the different financial system, the financial system may replace the name of the object with referential metadata prior to sending the chart. | 03-18-2010 |
20100077004 | Interactive educational program having dynamic data fields and method of exchanging same - Systems and methods for disseminating data to users and enabling user customization of the data are disclosed herein. Access to the database is provided to one or more user devices, which are usable to select one or more items of data. Upon receiving a selection of one or more items of data, one or more customized notes can be received from a user device and stored in association with the selected data. Each note can be provided with a designation which selectively controls whether viewing of the note is permitted to all other users, or whether viewing of the note is restricted to the user from which it originated or users within a selected user group. A note screen containing all viewable notes associated with a selected item of data can thereby transmitted to the user device. | 03-25-2010 |
20100094902 | AUTOMATED DATA SOURCE ASSURANCE IN DISTRIBUTED DATABASES - A database query is received including a logical table identifier, a data element, and at least one data source assurance indicator at a distributed database node within a distributed network of databases. The data element is encrypted based upon the at least one data source assurance indicator. A data portion of a local query response to the database query is formed including data retrieved from a local physical database table mapped by a local logical table that matches the received logical table identifier. A node identifier and the encrypted data element are added as an authentication portion of the local query response to authenticate the data portion of the local query response. The database query is responded to with at least the authenticated local query response. This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract. | 04-15-2010 |
20100100565 | LICENSE MANAGEMENT SYSTEM AND CONTROL METHOD FOR THE LICENSE MANAGEMENT SYSTEM - According to this invention, it is possible to collect device information when a license of software is no longer valid, and process device information collected when the license is no longer valid. According to this invention, it is possible to issue a new license that enables processing of device information collected after a license for software has expired. | 04-22-2010 |
20100114958 | Controlling the Presence Information of Activity Participants - Techniques for relaying presence information of one or more entities, wherein the one or more entities are participants in a scheduled activity, are provided. A status of the scheduled activity is obtained from a first entity via an application loaded on a device of the first entity. The presence information of the first entity and/or a second entity is updated in accordance with the status of the scheduled activity. The updated presence information of the first entity and/or the second entity is published. | 05-06-2010 |
20100114959 | FILE ACCESS DESTINATION CONTROL DEVICE, ITS METHOD, AND ITS COMPUTER PROGRAM PRODUCTS - Provided is a file access destination control device capable of storing only a file requiring confidentiality in a server and storing a file not requiring confidentiality in a client. A file access destination control device includes: means for setting an access destination with respect to a file accessed by a program whose name is listed in a white list to the client-side storage device; means for setting the access destination with respect to a file accessed by a program whose name is listed in a redirect list to the server-side storage device; means for prohibiting a program whose name is listed neither in the white list nor redirect list from performing writing operation to a file; and means for setting the readout destination with respect to a file accessed by a program whose name is listed neither in the white list nor redirect list to the client-side storage device. | 05-06-2010 |
20100114960 | METHODS AND APPARATUS FOR PROCESSING A CONTEXT CHANGE REQUEST - A method and apparatus for use in a computer system comprising at least two software applications sharing context, wherein a context change may be requested by a user of at least one of the at least two software applications. In response to the user requesting a change from a first context to a second context, at least one business rule is applied to at least a portion of the first context and/or to at least a portion of the second context to obtain at least one result from the application of the business rule. In response to the at least one result, at least one act is performed selected from the group consisting of: denying the request to change from the first context to the second context; requesting the user to provide information relating to the requested change; and requesting the user to affirm information relating to the requested change. | 05-06-2010 |
20100114961 | System and Method to Facilitate and Support Electronic Communication of Ideas - A method and apparatus effectuates bilateral commerce in ideas. An originator and user-driven on-line commercial network system is designed to facilitate idea submission, purchase, and licensing, and is easily adapted to business-to-business transfers of innovation as well as consumer-to-business transfers of innovation. The invention allows originators of ideas to communicate nondisclosing synopses of ideas globally to potential users, for users conveniently to search for relevant ideas and for users potentially to bind an originator to a limited duration license granting user the exclusive right to access and consider confidentially the originator's fully disclosed idea. The invention also allows users to communicate confidentially or nonconfidentially unsolved problems or needs globally to potential originators, for originators conveniently to search for relevant unsolved problems or needs, and for originators to submit and communicate confidentially proposed solutions to the soliciting user. | 05-06-2010 |
20100125602 | METHOD AND SYSTEM FOR ANNOTATION BASED SECURE CACHING - A method implemented in a computer infrastructure having computer executable code having programming instructions tangibly embodied on a computer readable storage medium. The programming instructions are operable to receive an object from an application server and detect that an object encryption is activated for the object. Additionally, the programming instructions are operable to inspect an annotation for the object and determine that the object or one or more attributes of the object require encryption based on the inspecting. Furthermore, the programming instructions are operable to encrypt the object or the one or more attributes of the object that require encryption based on the determining using an encryption type and serialize and cache the object in a cache storage. | 05-20-2010 |
20100145991 | Method and Apparatus to Facilitate Selecting a Particular Rendering Method - These various embodiments are suitable for use with a personally portable apparatus ( | 06-10-2010 |
20100145992 | Address Generation Unit Using Nested Loops To Scan Multi-Dimensional Data Structures - An apparatus, system, and method in accordance with the invention may include providing a multi-dimensional data structure and providing an address generation unit configured to calculate real addresses in order to access the multi-dimensional data structure in a desired pattern. The address generation unit may be configured to calculate the real addresses by executing a series of nested loops pre-programmed into the address generation unit prior to accessing the multi-dimensional data structure. The address generation unit may receive as inputs a set of parameters defining the characteristics of the nested loops. The method may then include accessing the data structure at the real addresses calculated by the address generation unit. | 06-10-2010 |
20100145993 | Address Generation Unit Using End Point Patterns to Scan Multi-Dimensional Data Structures - A system in accordance with the invention may include a data memory storing a multi-dimensional (e.g., a two-dimensional) data structure. An address generation unit is provided to calculate real addresses in order to access the multi-dimensional data structure in a desired pattern. The address generation unit may be configured to calculate real addresses by moving across the multi-dimensional data structure between pairs of end points. The pairs of end points (as well as parameters such as the step size between the end points) may be pre-programmed into the address generation unit prior to accessing the multi-dimensional data structure. A processor, such as a vector processor, may be configured to access (e.g., read or write data to) the data structure at the real addresses calculated by the address generation unit. | 06-10-2010 |
20100145994 | SERVICE RECOMMENDATION SYSTEM, OPERATING METHOD THEREOF, AND DEVICE CONTAINING COMPUTER SOFTWARE - A service recommendation system, an operating method thereof, and a device containing computer software are provided. The system includes a label module, a service equipment, and a server device. The label module having an ID data of the user is carried by a user. The service equipment has a detection module and a control interface. The detection module obtains and outputs the ID data. The server device includes a database, a determination module, and a service setting module. The database stores a standard model and a user model. The determination module matches the ID data to the database. When the user model corresponding to the ID data exists in the database, the service setting module sets an operating mode according to the user model. When the user model corresponding to the ID data does not exist, the service setting module sets an operating mode according to the standard model. | 06-10-2010 |
20100145995 | OBJECT STORAGE - In one embodiment, a method is provided that may include determining, at least in part, by a device comprised, at least in part, in storage, whether to request that the storage perform, at least in part, at least one operation. The at least one operation may involve, at least in part, at least one object stored in the storage. The determining may be based, at least in part, upon metadata associated with the at least one object. The metadata may be stored in the storage, and may indicate an earliest permitted deletion time for the at least one object and/or a latest permitted access time for the at least one object. Of course, many modifications, variations, and alternatives are possible without departing from this embodiment. | 06-10-2010 |
20100153450 | SYSTEM AND METHOD FOR AUTHENTICATION USING A SHARED TABLE AND SORTING EXPONENTIATION - Disclosed herein are systems, computer-implemented methods, and computer-readable media for authentication using a shared table. The method receives an authentication challenge from a first entity including an accumulator with an initial value, lists of elements in a shared table, and a list of sorting algorithms, each sorting algorithm is associated with one of the lists of elements and modified to include embedded instructions operating on the accumulator. The method then generates a temporary table for each list of elements in the shared table by copying elements from the shared table as indicated in each respective list of elements, each temporary table being associated with one sorting algorithm in the list of sorting algorithms. The method sorts each generated temporary table with the associated sorting algorithm, thereby updating the accumulator with the embedded instructions. Finally, the method transmits the updated accumulator to the first entity for verification. | 06-17-2010 |
20100153451 | Multifactor authentication with changing unique values - A method of authentication includes the steps of providing a transaction service provider having a secure server; providing a user; requesting access authorization to the server of the service provider by the user, the server storing a set of use parameters obtained from the authorization access request, the use parameters including at least several prior location coordinates, methods of access, transaction information and access hardware used during the authentication to be used by the transaction service provider in subsequent requests by the user to access the server, the use parameters used in the authentication to be continually updated with the most recent data. | 06-17-2010 |
20100161664 | Method and System of Authenticating the Identity of a User of a Public Computer Terminal - Methods for accessing private and public data via a public terminal are disclosed. With respect to accessing private content, a method for authenticating the identity of a user of the public terminal is disclosed. Unique identifiers are transmitted in a pre-defined area adjacent or nearby the public terminal and are monitored by a receiver. This information is utilized to electronically compile and update in real-time a list of identifiers that have recently been monitored by the receiver, and the list of identifiers is used to electronically create and update in real-time a temporary database including identity verification data corresponding only for identifiers in the list of identifiers. Identity verification data input into the public terminal by the user is compared with the set of identity verification data contained in the temporary database to determine whether or not there is a match of identity verification data. Access to private content via the public terminal is granted to the user if a match is found during the comparison. A method for displaying public data and a system by which these methods can be implemented are also disclosed. | 06-24-2010 |
20100169377 | SYSTEM, METHOD, AND COMPUTER-READABLE MEDIUM FOR FACILITATING APPLICATION VIRTUAL DATABASE USERS - A system, method, and computer-readable medium that provide virtual user access to a database system are provided. Middle-tier application end users issue requests to a middle-tier application that submits the requests to a database system on behalf of the middle-tier end users. The middle-tier application may authenticate end users and maintain a session pool for maintaining sessions with the database system for virtual users comprising valid middle-tier application end users. The middle-tier application is able to assert the identity of virtual users corresponding to the end users for use in access rights checking and auditing of queries without establishing a new logon session for the user. To facilitate middle-tier application assertion of virtual user identities, the middle-tier application is registered as a valid database user with the database system. | 07-01-2010 |
20100169378 | ACCESS MANAGEMENT SYSTEM - A system and method for monitoring access in respect of a number site including means for identifying an individual requesting access to a particular site, using for example, a card reader and/or a biometric scanner. Once the individual has been identified, a computer program and database for determining what access conditions must be satisfied before the individual is allowed access to the site. If the computer program determines that one or more access conditions are not satisfied, the individual is provided with information via a user interface so as to satisfy those access conditions that were lacking. Access to the site is allowed once the individual has acknowledged that they have understood the information provided and the access conditions have been satisfied. | 07-01-2010 |
20100174749 | SECURING DBMS EVENT NOTIFICATIONS - One embodiment of the present invention provides a database server for securing database event notifications. The server includes a session key creation mechanism configured to create a session key when a client registers for an event, a storage mechanism configured to store the session key on the database server, a data accessing mechanism configured to access registration metadata to obtain the session key when the event occurs, a connection mechanism configured to establish a communication channel between the database server and the client, a mutual authenticating mechanism configured to using the session key to mutually authenticate the client and the database server during event notification, and an event notifying mechanism configured to send the event notification to the client. | 07-08-2010 |
20100174750 | System and method for storing information for a wireless device - A system and method for storing personal, medical, and insurance related information on a wireless device are disclosed. The information may be stored by sending it from a remote personal computer to a central database using the Internet. The information may be stored on the central database. The information may be accessed on the wireless device (e.g. on a display) or sent from the wireless device or a central database to remote locations, such as a doctor's office or hospital. | 07-08-2010 |
20100185674 | Advertisement in Operating System - Among other disclosure, an operating system that presents one or more advertisements to a user. The operating system can disable one or more functions while the advertisement is being presented. At the end of the advertisement, the operating system can again enable the function(s). The advertisement can be visual or audible. The presentation of the advertisement(s) can be made as part of an approach where the user obtains a good or service, such as the operating system, for free or at reduced cost. | 07-22-2010 |
20100205215 | SYSTEMS AND METHODS FOR ENFORCING POLICIES TO BLOCK SEARCH ENGINE QUERIES FOR WEB-BASED PROXY SITES - In embodiments of the present invention improved capabilities are described for systems and methods that enforce policies with respect to proxy communications. | 08-12-2010 |
20100235393 | PORTABLE ELECTRONIC DEVICE AND ACCESS CONTROL METHOD IN PORTABLE ELECTRONIC DEVICE - An IC card has a communication interface which performs data communication with an IC card processing device as an external device and a data memory which stores a record file in which a plurality of data objects are sequentially aligned. A CURRENT pointer setting table provided in an RAM of the IC card is a management table storing management information of each data object in a record file as an access target in the record files stored in the data memory. When a command requesting access to a specific data object is received from the IC card processing device, a control unit of the IC card accesses the data object specified by the command based on the management information stored in the CURRENT pointer setting table. | 09-16-2010 |
20100241667 | UNIFIED FILE ACCESS ACROSS MULTIPLE PROTOCOLS - Apparatus, systems, and methods may operate to construct a file system tree that includes files to be accessed according to a plurality of custom access control list (ACL) access mechanisms registered by a corresponding plurality of applications, or a default ACL access mechanism. To access the files, metadata can be read/written using a multiple protocol file system cache engine and one of the ACL access mechanisms. In some embodiments, operations may include registering, in response to a request by an application, a selected one of the plurality of custom ACL access mechanisms with a library coupled to a multiple protocol file system cache engine. Further operations may include accessing a file system through the multiple protocol file system cache engine using the selected one of the plurality of custom ACL access mechanisms, or a default ACL access mechanism. Additional apparatus, systems, and methods are disclosed. | 09-23-2010 |
20100250602 | COMPUTER STORAGE APPARATUS FOR MULTI-TIERED DATA SECURITY - A computer storage apparatus. In one embodiment, the apparatus includes: (1) primary file storage, (2) a controller coupled to said primary file storage and configured to provide an interface by which data is communicated therewith, (3) formula/offset file storage coupled to said controller and configured to store at least one formula/offset and (4) pointer file storage coupled to said controller and configured to store at least one pointer, said controller further configured to provide said interface based on interaction with said formula/offset file storage and said pointer file storage. | 09-30-2010 |
20100250603 | System and Method of Performing Risk Analysis using a Portal - In one embodiment the present invention includes a system and method of performing risk analysis on a portal. In one embodiment, risk analysis software sends requests for user information and user authorization data to an agent. The agent may be coupled to a portal and may generate queries for accessing information on the portal. The portal may include user information and authorization data useful for performing risk analysis. The agent may retrieve information used in a risk analysis process and send the information to the risk analysis software. | 09-30-2010 |
20100268738 | SYSTEM THAT MAINTAINS OBJECTS CREATED AND MODIFIED WITHIN DESIGNATED DIRECTORIES ON A PER-CLIENT BASIS IN A NETWORK FILESYSTEM - Systems that maintain objects created and modified within designated directories on a per-client basis in a network filesystem include a file server having a local processor, memory operably connected to the local processor, a filesystem including main directories loaded into the memory, and a list of operations loaded into the memory; at least one client operably connected to the server having a remote processor and memory operably connected to the remote processor; wherein the file server has designated at least one of the main directories as a per-client writable directory; and wherein the file server has exported the filesystem read-only to at least one client. | 10-21-2010 |
20100287203 | PARTITIONING OF CONTENDED SYNCHRONIZATION OBJECTS - Methods, systems, and computer-readable media are disclosed for partitioning contended synchronization objects. A particular method determines a contention-free value of a performance metric associated with a synchronization object of a data structure. A contended value of the performance metric is measured, and the synchronization object is partitioned when the contended value of the performance metric exceeds a multiple of the contention-free value of the performance metric. | 11-11-2010 |
20100293197 | Directory Opportunistic Locks Using File System Filters - Aspects of the subject matter described herein relate to directory oplocks. In aspects, a file system filter is inserted in a filter stack between requesters of directory oplocks and a file system that stores file system objects. The file system filter receives requests for directory oplocks and subsequently monitors for requests to access file system objects that are inconsistent with the directory oplocks. To provide directory oplock mechanisms, the file system filter may use alternate data streams if provided by the file system or may independently maintain information usable to maintain and release directory oplocks. A directory oplock may affect ancestors and descendants of the directory depending on constraints imposed by the oplock. | 11-18-2010 |
20100299362 | METHOD FOR CONTROLLING ACCESS TO DATA CONTAINERS IN A COMPUTER SYSTEM - A method for controlling access to stored objects in a computer system is provided that is both powerful and flexible, and minimizes complexity to the user. The method may apply to logical containers of objects and supports arbitrary configurations of logical containers, including nests and hierarchies. The method extends beyond the simple notion of permission, to include not only operation-oriented rights, but more complex and possibly dynamic access conditions, criteria and rules. The method provides for association of actions to be triggered and performed, optionally, in relation to access or attempted access to stored objects. | 11-25-2010 |
20100306266 | METHOD AND APPARATUS FOR DETERMINING HOW TO TRANSFORM APPLICATIONS INTO TRANSACTIONAL APPLICATIONS - A computing device monitors an application that includes at least one object over a time period. The computing device identifies a usage pattern of the at least one object over the time period. The computing device recommends, based on the usage pattern, at least one of a) that the at least one object be converted to a transactional object and b) a locking strategy for the at least one object. | 12-02-2010 |
20100332543 | SYSTEM AND METHOD FOR FACILITATING PERSONALIZATION OF APPLICATIONS BASED ON ANTICIPATION OF USERS' INTERESTS - A system and method for facilitating personalization of applications based on anticipation of users' interests are described. In one preferred embodiment, a communication session is established with a user. Data related to user activities conducted by the user is collected during the communication session. Finally, collected data is processed according to one or more predetermined rules to obtain anticipated interests data used in personalization of applications for the user and the anticipated interests data is further stored in a user database. | 12-30-2010 |
20110055271 | Systems and Methods for Providing Information for Use in a Runtime Computing Environment - Systems and methods for providing information for use in a runtime environment that restricts access such information. An executable is launched prior to launching the runtime environment or runtime application. The executable retrieves information and makes that information available for use in the runtime, for example, by storing the information in a runtime file system area. The runtime or runtime application can then access the information. For example, the executable may retrieve information from a host operating system and then launch a runtime application that uses the information. An application that executes within a runtime and requires runtime external information can be provided as a bundle that includes an executable and the application itself. When the bundle is launched, the executable executes first to retrieve the information and make it available for the runtime. The runtime is then launched and provides the runtime application which can use the information. | 03-03-2011 |
20110055272 | EXTENDED DATA STORAGE SYSTEM - In one embodiment, an extended data storage system employs a first data storage and an extended data storage. A first level of metadata is established with respect to data from the using entity, the first level of metadata is provided in the first data storage. The data from the using entity is stored in the extended data storage. A second level of metadata at least describing the data as stored in the extended data storage is also established, wherein the second level of metadata associated with the first level of metadata for the stored data. The first level of metadata is made accessible to the using entity at the first data storage; and the second level of metadata is made unavailable to the using entity. Thus, the data is stored in the extended data storage and a small amount of metadata is stored in the first data storage. | 03-03-2011 |
20110055273 | DISPERSED STORAGE PROCESSING UNIT AND METHODS WITH OPERATING SYSTEM DIVERSITY FOR USE IN A DISPERSED STORAGE SYSTEM - A plurality of data slices are generated from a block of data to be stored in the dispersed storage system. A plurality of dispersed storage units are determined for storing the plurality of data slices, based on an operating system associated with the plurality of dispersed storage units. | 03-03-2011 |
20110055274 | PROVIDING MULTIPLE CONCURRENT ACCESS TO A FILE SYSTEM - Multiple computers are connected to a data storage unit that includes a file system, which further includes multiple data entities, including files, directories and the file system itself. The file system also includes, for each data entity, an owner field for indicating which computer, if any, has exclusive or shared access to the data entity, along with a time field for indicating when a lease of the data entity began. When a computer wants to lease a data entity, the computer uses a disk reservation capability to temporarily lock the data storage unit, and, if the data entity is not currently leased, the computer writes its own identification value into the owner field and a current time into the time field for the data entity, to claim the data entity for a renewable lease period. If a prior lease of a data entity has expired, another computer may break the lease and claim ownership for itself. | 03-03-2011 |
20110093504 | SYSTEM AND METHOD FOR COMPARING AND UTILIZING ACTIVITY INFORMATION AND CONFIGURATION INFORMATION FROM MULTIPLE MEDICAL DEVICE MANAGEMENT SYSTEMS - A method of aggregating and using medical device data from a plurality of remote institutions. The system and method electronically receives at a central computer system a plurality of established medical device data, each of the plurality of established medical device data being received from a respective medication delivery system, each of the respective medication delivery systems having a respective plurality of medical devices within the respective remote institution, such as medication delivery pumps, associated therewith and utilized therein. The system and method electronically combines and stores the plurality of established medical device data from each of the plurality of remote institutions within a memory, and electronically provides a remote client computer access to at least one of a central reporting application adapted for providing summary information to the remote client computer about the medical device data, and/or other applications. | 04-21-2011 |
20110106853 | DECLARATIVE MODEL SECURITY PATTERN - The present invention extends to methods, systems, and computer program products for a declarative model security pattern for use in a database. Declarative language code can include a declared access control predicate and a separately declared data structure definition bound to the access control predicate. A portion of the database is instantiated from the declarative language code. The instantiated portion of the database includes one or more tables and a view of the one or more tables. A database management system enforces the access control predicate by dynamically calculating a value for the access control predicate and using the dynamically calculated value to define what operations may be performed on data in the one or more tables via the view. | 05-05-2011 |
20110106854 | OPTIMIZING DISTRIBUTED AND HYBRID QUERIES INCORPORATING TRUST MEASURES - A rules engine assigns a set of appropriateness rules to a particular data collection. The set of appropriateness rules describes an optimum usage for the particular data collection based on a source of the particular data collection and a type of activity that is deemed best suited to utilize the particular data collection. In response to determining that a requesting computer is implementing an activity that matches the particular set of appropriateness rules, a database controller is directed to transmit the particular data collection to the requesting computer. | 05-05-2011 |
20110119305 | Apparatus and Method for Resolving Security Association Database Update Coherency in High-Speed Systems Having Multiple Security Channels - An apparatus and method for updating security association database entries in a system having multiple security channels by selectively granting access to the entries by a plurality of the multiple security channels that may need to update the same entry using a first-come, first-served scheme. The apparatus includes a controller circuit that functions to carry out the method which, for each of the multiple security channels, includes determining whether another of the security channels has a higher priority to access a particular security association database entry. If no other channel has a higher priority, then the channel requesting access to the entry retrieves it from its address location, modifies it, and writes the modified entry back to its address location. The controller prevents other channels from simultaneously, or substantially simultaneously, retrieving and modifying the same entry. | 05-19-2011 |
20110125796 | SERVICE FOR CREATING ONLINE REVIEW SITE AND FACILITATING WORD-OF-MOUTH ONLINE - A system and method of gathering, validating and disseminating reviews about an organization is disclosed. Reviews from customers of businesses are invited and thereafter selectively provided to third parties using various means. | 05-26-2011 |
20110125797 | USING LUN TYPE FOR STORAGE ALLOCATION - In an embodiment of the invention, an apparatus uses a LUN (logical unit number) data type for storage allocation. The apparatus includes a storage appliance that specifies a LUN data type for a LUN. The storage appliance then allocates data blocks in the LUN based on the LUN data type. The storage appliance allocates data blocks in the LUN as contiguous data blocks or as non-contiguous data blocks, based on the LUN data type. The LUN data type may be, for example, database data type, user data type, or binary data type. | 05-26-2011 |
20110145291 | STATISTICAL QUALITY MONITORING AND ENHANCEMENT - A method and computer system for monitoring and controlling the quality of tests performed upon a database. A statistical quality layer is provided, which for each new test to be executed on the database, provides recommendations as to a confidence level to be applied to the test and to a number of additional data records to be added to the database in order to maintain the total expected number of type-I errors of tests performed upon the database. The method and computer system further provide access control of users to the database. | 06-16-2011 |
20110153668 | ACCESSING A DATA ITEM STORED IN AN UNAVAILABLE MOBILE COMMUNICATION DEVICE - A method of retrieving a data item from a database synchronized with the contents of an unavailable mobile communication device. The owner of the unavailable mobile communication device uses a telephone such as a landline telephone, a cell phone or a VoIP telephone to call the number of the unavailable communication device. That is the owner calls his own telephone number. A server with access to the database provides the caller with options to retrieve the data item, which can be a contact name, a telephone number, an address, an email message, etc. | 06-23-2011 |
20110167088 | EFFICIENT IMMUTABLE SYNTAX REPRESENTATION WITH INCREMENTAL CHANGE - Efficient immutable syntax representation with parent pointers under incremental change is enabled by creating a data structure comprising at least one tree structure that allows both upward and downward references in the tree and a tree structure that is immutable (read-only), and allows parts of itself to be re-used in other data structures. The data structure described enables tools to search and target particular sub trees. The fragment of the tree representing the targeted sub tree is produced as it is used. The rest of the tree is not produced. The read-only tree retains relative information, allowing it to be reassembled and shared. | 07-07-2011 |
20110173233 | DATABASE SYSTEM AND DATABASE CONTROL METHOD - A database control method comprising a first main system processing in which, upon first data being stored in a second storage unit included in a second server communicably connected with the first server, the first data is stored in a first storage unit following instructions from a host computer, a first inhibiting processing in which, upon detecting an abnormality in communication with the second server, storing the first data in the first storage unit following instructions from a host computer is inhibited, a first query processing performing a first query to an arbitrating device arbitrating between the first server and the second server, and a processing executing or stopping the first main system processing in accordance with instructions from the arbitrating device. | 07-14-2011 |
20110179082 | MANAGING CONCURRENT FILE SYSTEM ACCESSES BY MULTIPLE SERVERS USING LOCKS - Atomic test and set (ATS) operations are carried out to perform lock operations that allow a node to acquire or release a lock to a resource of a shared file system that is stored in a data storage unit (DSU) and update its liveness information. Each ATS operation includes the step of comparing contents accessed and read through the shared file system and contents stored at a particular logical block number of the DSU. If the two contents match, updates to the contents of the lock or the liveness information are permitted. | 07-21-2011 |
20110191375 | DATA ACCESS METHOD AND CONFIGURATION MANAGEMENT DATABASE SYSTEM - A computer implemented method for accessing data begins with receipt of a data access request. In response to determining that the requested data needs to be acquired in real time from an original data source, the processor acquires and stores that data. In response to determining that the data cannot be acquired in real time from the data source, the processor acquires the data from a configuration management database in which the requested data was previously stored. | 08-04-2011 |
20110196896 | METHOD AND SYSTEM FOR METADATA-DRIVEN DOCUMENT MANAGEMENT AND ACCESS CONTROL - A system is provided to facilitate tag-based organization of documents. During operation, the system receives an original user query. The system extends the query to include documents with an IN-tag and exclude documents with an OUT-tag. The system then performs a search based on the extended query to indicate a collection of documents which satisfy the extended query. The system further allows a user to add a document to the collection of documents or remove a document from the collection of documents. Next, the system modifies a tagging property of the document. | 08-11-2011 |
20110202564 | Data store switching apparatus, data store switching method, and non-transitory computer readable storage medium - An application characteristic storing unit in a data store switching apparatus stores therein, in an associated manner, characteristic information indicating characteristics of an application and data stores to be accessed by the application. If characteristic information of an application that receives a call request matches the characteristic information of the application stored in the application characteristic storing unit, a method calling unit calls a method that specifies a controller for accessing a data store associated with the characteristic information. The controller specifying unit executes the called method and specifies the controller for accessing the data store associated with the characteristic information. An access control unit controls access from the specified controller to the data store associated with the characteristic information. | 08-18-2011 |
20110225199 | METHOD AND SYSTEM FOR IDENTIFICATION OF DATA OWNER IN AN UNSTRUCTURED DATA ENVIRONMENT - A system and method of identifying a data owner examining a plurality of criterion including access type, number of accesses at a given time and over the period of time selected, recentness of access, and permission levels of users. The method of file owner identification comprises collecting a plurality of samples including usage of a file by a plurality of users. A plurality of factors is calculated based on said plurality of users, wherein a respective factor is calculated for each of said plurality of users, wherein each factor is based on a plurality of use elements. Based on said plurality of factors, a file owner is determined of said file from among said plurality of users. The file owner may be communicated and/or displayed e.g., in a graph. | 09-15-2011 |
20110238702 | CREATING MULTIPLE MBEANS FROM A FACTORY MBEAN - Provided are techniques for creating a unique class of Mbean in which a “parent” Mbean generates and manages multiple “child” Mbeans. When a user requests the functionality of a particular Mbean, a specific type of Mbean, or parent Mbean, is called. The parent Mbean is a factory method that, rather than executing the request, generates a child Mbean to execute the request. The child Mbean is assigned a name that distinguishes the child from other children of the same parent and the process that called the parent is provided with the name. In this manner, the calling process may use the assigned name to access the specific child Mbean for future requests and the child Mbean is employed to store client state information. | 09-29-2011 |
20110246524 | SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR PORTAL USER DATA ACCESS IN A MULTI-TENANT ON-DEMAND DATABASE SYSTEM - In accordance with embodiments, there are provided mechanisms and methods for portal user data access in a multi-tenant on-demand database system. These mechanisms and methods for portal user data access in a multi-tenant on-demand database system can enable embodiments to provide portal-specific user accounts to the multi-tenant on-demand database system which have reduced configuration requirements than users directly accessing the multi-tenant on-demand database system. The ability of embodiments to provide portal-specific user accounts can reduce processing requirements of the database system. | 10-06-2011 |
20110246525 | CONTEMPORANEOUSLY SHARING RESOURCES TARGETED BY A LIBRARY - Computer-readable media, computer-readable media, computerized methods, and computer systems for acting on properties of multiple resources, which span disparate locations within a network, upon detecting an intuitive user-initiated operation are provided. Initially, a library is provided that includes a framework for contemporaneously accessing a collection of items within a scope thereof. Upon launching the library, representations of the scoped items are surfaced at a UI display. When the user-initiated operation is applied at one of the surfaced representations, properties of each of the scoped items are automatically manipulated. A library-configuration state, which reflects how the items are affected upon manipulating the properties thereof, may be updated upon implementing the manipulation. Accordingly, if the scope of the library is subsequently extended to encompass another item outside the original collection of items, the properties of this new item are automatically manipulated to align with the library-configuration state. | 10-06-2011 |
20110289116 | Method and Apparatus for Protecting Online Content by Detecting Noncompliant Access Patterns - Methods to detect and hamper or thwart noncompliant access to online data examine access patterns, history and statistical records, and which may send no, incorrect or nonsense data if data harvesting is detected. | 11-24-2011 |
20120030242 | STORAGE SYSTEM AND FILE ACCESS DETERMINATION METHOD OF THE SAME - Problem: Providing a storage system which can be applied to a broad range of access forms to the file and, at the same time, in which the performance of file access control processing is improved. Solution: The storage system stores a part of the access control information of a variable size in the basic attribute area of the file, and stores the storage format information in the basic attribute area of the file or in the file system metadata area. At the time of processing the access to the file, with reference to the storage format information, the storage system decodes a part of the access control information into an access mask bit string as needed, and performs the preceding access control processing. If whether access is permitted or not can be determined through the preceding access control processing, the access control processing is performed while, whether access is permitted or not cannot be determined, performs the access control processing based on the extended attribute information. | 02-02-2012 |
20120036161 | Distributed File System and Method - A distributed file system and method distributes file system objects across multiple self-contained volumes, where each volume is owned by a unique file system node. Logical links are used to reference a file system object between volumes. Each file system node includes a relocation directory in which is maintained hard links to locally-stored file system objects that are referenced from another file system node using logical links. Various file system operations that involve multiple volumes are performed without having to place a write lock on more than one volume at a time. Various caching schemes allow the various file system nodes to cache file system object data and metadata. | 02-09-2012 |
20120041981 | MEDIA VALIDATION SYSTEM - A media validation system including a plurality of media storage devices which contain a quantity of content thereon, a user computer processor assembly structured to operatively access a select media storage device, a verification module, and a communicative link between the verification module and the user computer processor assembly. Each of the media storage devices includes a unique unit identifier, the verification module identifying the unique unit identifier of the select media storage device and receiving user information associated therewith. The verification module is also structured to apply a reward credit in association with only a first user whose user information is associated with the unique unit identifier for the select media storage device. | 02-16-2012 |
20120072459 | DISTRIBUTED DATA STORAGE AND ACCESS SYSTEMS - A distributed system for content storage and access includes a storage platform having at least a first storage component, and an access platform having one or multiple access components. Each access component is associated with at least one access service. The access service may be an administrative service for receiving a service request initiated by a first user, the service request being associated with a first item of content, and for identifying a characteristic of the service request, a content management service for determining, based at least in part on the characteristic of the service request, a specification of a data transfer operation to be executed in association with the first storage component, and a directory service for maintaining information associated with the first item of content. | 03-22-2012 |
20120078962 | SYSTEM AND METHOD FOR CONTROLLING POSTAGE USAGE INDEPENDENT OF METER BALANCE - A postage evidencing meter system is disclosed. The system comprises an authorization database for storing parameters for at least one user, wherein the parameters limit the at least one user's ability to evidence postage using the meter. The parameters include a maximum postage amount that the at least one user is allowed to use on the meter to evidence postage. The parameters may alternatively or also include a period of time during which the user is allowed to use the meter to evidence postage or a maximum amount of postage that can be used during a period of time. The postage evidencing meter further comprises a user interface, a printer, and a security module. In alternative embodiments, the authorization database is stored on a removable storage device and/or is coupled to the meter via a communication link to a remote postage information system. | 03-29-2012 |
20120089645 | Efficient Paging of Search Query Results - Methods and computer-readable media provide for efficient paging of search results in accordance with the access rights of a user. According to various implementations, a request for a search query results in a calculated number of search results being retrieved and analyzed for user access rights. As documents having user access rights are located, session state information corresponding to the number of located documents having user access rights and to the number of analyzed documents required to locate the number of documents having user access rights is maintained. This information is used to dynamically alter the number of subsequent documents that are retrieved in order to fill a page of results. This minimizes redundant determinations of user access rights and minimizes the number of documents required to be retrieved and analyzed in order to fulfill a search query request. | 04-12-2012 |
20120110018 | IDENTIFYING SYMBOLIC LINKS - Systems, methods and computer program products for identifying symbolic links in network file systems are provided herein. An absolute path may be determined at a network file server. This may include determining a complete client path from an initial client path and combining the complete client path with a server export path. Once the absolute path is determined, it may be traversed using a file descriptor of each file in the absolute path to identify a symbolic link. | 05-03-2012 |
20120110019 | METHODS, APPARATUS AND SYSTEMS FOR GENERATING LIMITED ACCESS FILES FOR SEARCHABLE ELECTRONIC RECORDS OF UNDERGROUND FACILITY LOCATE AND/OR MARKING OPERATIONS - Managing information relating to a locate and/or marking operation to detect and/or mark a presence or an absence of at least one underground facility. At least one electronic manifest corresponding to the locate and/or marking operation is generated based on first information relating to the locate and/or marking operation. The at least one electronic manifest includes image information documenting performance of the locate and/or the marking operation. At least one limited access file comprising second information relating to the at least one electronic manifest or the image information is generated, and the at least one limited access file and/or information relating to the at least one limited access file is electronically transmitted and/or stored to facilitate selective/limited access to or viewing of the electronic manifest(s). | 05-03-2012 |
20120131057 | NON-DETERMINISTIC AUDIT LOG PROTECTION - Embodiments of the present disclosure provide a system that performs non-deterministic auditing. The system audits an operation, a record associated with which is maintained in an audit log. In one embodiment, the system subsequently determines whether the operation satisfies one or more criteria. In response to the operation satisfying the criteria, the system protects the audit log. In a further embodiment, the system protects the audit log based on a probability distribution, which indicates a frequency of audit log protection. | 05-24-2012 |
20120131058 | Access Control in A Data Processing System Using Data Item Signatures - A device maintains multiple signatures, including at least one signature for each of a plurality of data items. At least corresponding signature for a data item is based at least in part on a given function of at least some of the contents of that data item. The device receives a particular sequence of bits and determines at least one signature for that particular sequence of bits, based at least in part on the given function of at least some of the particular sequence of bits. The device determines, based at least in part on the signature for the particular sequence of bits, and using the multiple signatures, whether the device may access the particular sequence of bits. | 05-24-2012 |
20120158785 | Location Fidelity Adjustment Based on Mobile Subscriber Privacy Profile - The present invention utilizes location based wireless technology in a wireless network to dynamically automate the accuracy of location information provided to requesting parties based on external criteria, e.g., the time of day. The location information may be altered by removing particular parts (e.g., by removing street information, or city information), or by mathematically loosening the accuracy of the location of the particular wireless user. | 06-21-2012 |
20120158786 | PERFORMING AUTHORIZATION CONTROL IN A CLOUD STORAGE SYSTEM - A method, apparatus and computer program product for performing authorization control in a cloud storage system. The method comprises: receiving an access request to a file block, wherein the file block is embedded with tag data comprising at least file block authorization information; retrieving the file block; extracting the file block authorization information from the tag data; determining whether the access request matches the file block authorization information; and performing the access request if the access request matches the file block authorization information. Effective authorization control may be performed in a cloud storage system. | 06-21-2012 |
20120173579 | Method and Computer-Readable Media for Managing Business Transactions - A method, and computer-readable media for performing the method, for managing business transactions. Electronic transaction documents are received from authenticated users and stored in a database, with system usage data regarding users' access to and use of the system captured and stored in the database. Only specified parties are afforded access to system usage data for each user. | 07-05-2012 |
20120173580 | Event Feedback Networking System - The present invention is an event feedback networking system configured to facilitate intuitive participant response. The event feedback networking system utilizes novel distributed hardware components and novel data structures for obtaining, processing, analyzing, and displaying intuitive user feedback. | 07-05-2012 |
20120173581 | Strict Tenant Isolation in Multi-Tenant Enabled Systems - A plurality of partitions can be defined in a database for a multi-tenant computing system provided on one or more processors such that each partition of the plurality of partitions is associated with only one business tenant of a set of business tenants supported by the multi-tenant system. The database can stored shared content that is shared among and accessible to all tenants of the multi-tenant computing system while tenant content for each business tenant can be stored in the database in one partition of the plurality of partitions. The one partition can be assigned to an associated business tenant. At least a portion of the tenant content can be unique to and associated with the associated business tenant. One or more errors can be generated to prevent tenant content associated with a first business tenant of the set of business tenants from being accessed by a second business tenant of the set of business tenants when an application code executed within the multi-tenant computing system comprises a construct that would otherwise enable cross-tenant access by the second business tenant to tenant content associated with the first business tenant. Related systems, methods, and computer program products are described. | 07-05-2012 |
20120191757 | System & Method For Compiling Intellectual Property Asset Data - An access server computing system scrapes a set of records maintained by a target computing system in a database which is only made accessible over the Internet with a limited protocol query and an access challenge. The access server accesses the target computing system through an Internet browser interface based on emulating a user query made through the limited protocol, including by automatically passing locator identifier fields to retrieve a corresponding set of record which are stored in the first database. | 07-26-2012 |
20120215811 | METHOD AND APPARATUS FOR MONITORING THE DISTRIBUTION OF ELECTRONIC FILES - A remote server is arranged to respond to a request from a user terminal for the download of a media file to cause a unique water-marked copy of a media file to be generated and sent to the user terminal. At the same time the remote server is arranged to access a seal server, which causes an electronically sealed record of the transaction to be generated and stored in a download database. Subsequently, if a suspect media file is identified the sealed record provides evidence of the original transaction which led to the water-marked copy of the media file being issued and hence the original source of the unauthorised copy of the file. Control of distributed media files can be enforced by imposing penalties in the event that unauthorised copies corresponding to the distributed water-marked media files are identified. | 08-23-2012 |
20120215812 | System and Method for Providing a Standardized Data Sharing Platform - A standardized platform, implemented in a secure web-based environment, enables the sharing of data between different individuals, institutions and even industries. Data is shared between members of the platform in accordance with defined data objects with specified relationships and permissions which are managed, accessed and modified by members using the platform. Such data objects have defined relationships to entities and other data objects, and are controlled by designated preferred owners, which can vary over time. | 08-23-2012 |
20120226714 | SELECTING A DIRECTORY OF A DISPERSED STORAGE NETWORK - A method begins by a processing module receiving a dispersed storage network (DSN) access request accessing DSN memory regarding a set of encoded data slices, selecting a local DSN directory or a global DSN directory to produce a selected DSN directory, identifying an entry of the selected DSN directory regarding the set of encoded data slices to produce an identified entry, and accessing the DSN memory regarding the set of encoded data slices. The method continues with the processing module determining whether to update one or more of the local DSN directory and the global DSN directory based on the accessing the DSN memory and when the one or more of the local DSN directory and the global DSN directory is to be updated, updating the one or more of the local DSN directory and the global DSN directory in accordance with the accessing the DSN memory. | 09-06-2012 |
20120233216 | Intelligent Policy Deployment - In an information management system, relevant policies are deployed to targets while policies which are not relevant are not. By deploying relevant policies, this reduces the amount of space requirements at the target to store the policies and the amount of data that needs to be sent to the target. Also, execution speed at the target may increase since the target does not need to evaluate policies that are not relevant. | 09-13-2012 |
20120239697 | Discovery and Client Routing to Database Nodes - Aspects of the subject matter described herein relate to database access. In aspects, a request for access to a database is received at a node of a database cluster. Also received at the node is an intent associated with the request. If the intent is to potentially write to the database, a primary instance of the database services the request. If the intent is to read from but not write to the database, an identifier of a secondary instance of the database is sent to the requestor for use in accessing the database. | 09-20-2012 |
20120239698 | CONTROL DEVICE, CONTROL METHOD, AND STORAGE MEDIUM - A first computer establishes a connection between a second computer and the first computer when a specific request for access to a specific path from the second computer is accepted. The first computer transmits to the second computer a script for enabling the second computer to perform a proxy process of accepting a database access request for access to a database from an application to be accessed by the second computer, accessing the database, and acquiring an access result from the database. Then, the first computer receives a database access result from the second computer, and outputs the result to the application. | 09-20-2012 |
20120246197 | Handling User-Specific Information for Content During Content-Altering Operations - A content player receives user-specific information from different users and associates the information with content. Subsequently, the player receives a request to perform a content-altering operation. In response, the player performs the operation such that the information for the requesting user is affected, but not the information for other users. The information may include a placeholder, an indication as to whether the content and/or the entire content has been accessed, a protection status indicating whether or not the content can be deleted, and so on. The information may be added to and/or configured to accompany and/or otherwise be associated with the content. The player may identify the user so that different information for different users can be associated with the content for the respective user, such as by prompting the user to select an identifier from a list or perform a “log in.” | 09-27-2012 |
20120271851 | MEDIA VALIDATION SYSTEM - A media validation system including a plurality of media storage devices which contain a quantity of content thereon, a user computer processor assembly structured to operatively access a select media storage device, a verification module, and a communicative link between the verification module and the user computer processor assembly. Each of the media storage devices includes a unique unit identifier, the verification module identifying the unique unit identifier of the select media storage device and receiving user information associated therewith. The verification module is also structured to apply a reward credit in association with only a first user whose user information is associated with the unique unit identifier for the select media storage device. | 10-25-2012 |
20120303666 | Method for restricting access to data based on current work - A system and method for presenting a user with only data relevant to a task on which the user is currently working, while preventing display and other data from other tasks from intruding on a user's work environment. Conventional tagging is replaced and/or supplemented by a centralized method for creating, managing, and applying categories that does not require display space in individual applications for user interaction. Data access and display can be controlled across all applications, allowing the user to concentrate on a particular issue or project without being distracted or wasting display-space on information that is not relevant to the current issue or project on which a user is working. | 11-29-2012 |
20120310982 | SCALABLE, DISTRIBUTED CONTAINERIZATION ACROSS HOMOGENOUS AND HETEROGENEOUS DATA STORES - Provided are techniques for using containers to store objects. One data store from a set of data stores is assigned as a primary data store, wherein the remaining data stores comprise secondary data stores. A container for a group is created on the primary data store. A unique identifier for the container is generated on the primary data store. Metadata for the container is stored on the primary data store. Zero or more objects are stored in the container on the primary data store. For each of the secondary data stores that have objects belonging to the group, a container is created in that secondary data store having the unique identifier, wherein the container spans the primary data store and the secondary data stores, and wherein the objects in the container do not span the primary data store and the secondary data stores. | 12-06-2012 |
20120317145 | METHOD AND APPARATUS FOR FILE ASSURANCE - A system and associated processes for file assurance. A user may use the system to maintain control over a file that is distributed to another user. The user may specify a number of file access options, such as read-only, report distribution, or track edits. The system may encrypt the file with the file access options included. The file may be altered so as to make the file no longer readable by an application designed to read the file without the system, or a corresponding system associated with the recipient user. The system or corresponding system may enforce the file access options selected by the user. Further, in some embodiments, the system may report the occurrence of file access or the performance of specific operations on the file to the user. | 12-13-2012 |
20120331005 | METHOD AND APPARATUS FOR STORING, SHARING, AND/OR ORGANIZING PERSONAL INFORMATION - Embodiments of the subject invention relate to systems and methods for presenting and managing user information. Specific embodiments allow creating, editing, presenting, and storing user information. In a more specific embodiment, the systems and methods can be used to provide a digital safe deposit box (DSDB) that allows users to save, maintain, update, and/or share information about themselves and/or their organization. Specific embodiments provide a personal financial solution that is designed for customers interacting with professional institutions, such as accounting firms, banks, and insurance agencies, and/or interacting with family members and people that may need to access certain documents. Embodiments of the invention provide individuals, based on permission granted/allocated to them, access to specific information, while providing safety from fraud. | 12-27-2012 |
20120331006 | DATA ACCESS METHOD AND DATA ACCESS DEVICE - An information processing apparatus has data management data that determines storage locations of real data in a data group in accordance with data definition information indicating a data structure of the data group, and a data access program that describes an access function to the real data whose data structure is specified in accordance with the data definition information, and gains access to the real data of the data group by executing the data access program while determining the storage locations of the real data by referring to the data management data. | 12-27-2012 |
20130031134 | TECHNIQUES FOR CHANGING PERCEIVABLE STIMULI ASSOCIATED WITH A USER INTERFACE FOR AN ON-DEMAND DATABASE SERVICE - In accordance with embodiments, there are provided techniques for providing perceivable stimuli in an interface of a multi-tenant on-demand database system. These techniques for providing perceivable stimuli facilitate collaborative efforts of groups of users of a multi-tenant on-demand database system while maintaining access constraints amongst users associated with a common tenant. | 01-31-2013 |
20130036140 | INFORMATION MANAGEMENT AND CONTINUITY - Embodiments of the invention provide methods, systems, and program products for managing information, including the incremental release of information from a restricted database of information, such that the incremental release is consistent with relationships between and among a plurality of pieces of information within the restricted database. | 02-07-2013 |
20130066917 | COMMUNITY-BASED PARENTAL CONTROLS - According to a general aspect, a method includes maintaining rating groups, each rating group providing a rating for content compiled based on information received from a user evaluating the content. The method also includes receiving, from a first user, a selection of a first rating group, to be applied to a set of users associated with the first user. The method also includes receiving, from a user, a request for a piece of content. The method also includes determining that the user from which the request was received belongs to the set of users associated with the first user. The method also includes, based upon the determination that the user belonged to the set of users associated with the first user, accessing information associated with the first rating group and determining whether the first rating group includes a rating for the requested piece of content. | 03-14-2013 |
20130086113 | SECURE DATA ACCESSING SYSTEM AND METHOD - A system and method for accessing data located behind a security mechanism is provided. In the preferred embodiment, the system may use the common HTTP protocol and JDBC drivers. In more detail, a client may execute a Java applet that generates database proxy objects that are communicated to an application server using the HTTP protocol. The application server may use a servlet to process the objects and generate database requests using JDBC drivers so that the data is retrieved from the database for the client Java applet without the security problems. | 04-04-2013 |
20130091169 | MULTIMEDIA SHARING APPARATUS USING COPY OF METADATA DATABASE OF PORTABLE TERMINAL AND METHOD THEREOF - A multimedia sharing apparatus uses a copy of a metadata database of a portable terminal for copying the metadata database stored in a server. The multimedia sharing apparatus stores the copied metadata database in the portable terminal, and reduces an overhead using the stored metadata database when a user searches data. A multimedia sharing method includes requesting a server to transmit a metadata database at a portable terminal, receiving access information capable of accessing the metadata database of the server at the portable terminal from the server, and reading the metadata database of the server at the portable terminal using the access information. | 04-11-2013 |
20130117313 | ACCESS CONTROL FRAMEWORK - The described implementations relate to an access control framework for a database system. One implementation can receive, from a user, a request for data that identifies a resource, such as a view that obtains data from a database. The implementation can check the identity of the user to identify user roles associated with the user. The implementation can identify an access policy that is associated with the resource, and a rule that is associated with the access policy and applies to the user roles associated with the user. The rule can be applied to the request for data using attributes of the access policy. For example, if the request for data is a query on a view, the query can be rewritten to apply the rule. | 05-09-2013 |
20130124566 | SECURELY ACCESSING REMOTE SYSTEMS - A method for securely accessing a number of computing systems within a remote facility includes, with a mobile computing system, checking out access data from a centralized database, the access data providing access to the computing systems within the remote facility. The mobile computing device then interfaces with a first computing system, the first computing system being unable to have access criteria changed from a remote location. The mobile computing system then provides a user with access to the first computing system using the checked out access data without revealing that checked out access data to the user. | 05-16-2013 |
20130226969 | DATA ACCESS CONTROL APPARATUS AND DATA ACCESS CONTROL METHOD - A data access control apparatus has a management information table in which identification information of a storage node specified as one to which transmission of a reference request is inhibited and a reference condition are associated with each other. When a reference condition and a reference request are received, a transmission processing unit transmits the received reference condition and a reference request to storage nodes except a storage node associated with the received reference condition in the management information table. A registration processing unit determines, based on a response from each storage node to which the reference request has been transmitted, a storage node in which no data matching the received reference condition is stored, and registers identification information of the determined storage node in the management information table in association with the received reference condition. | 08-29-2013 |
20130238659 | ACCESS CONTROL FOR ENTITY SEARCH - Method, system, and computer program product for access control for entity search are provided. The method includes: representing entity-relationship data in a conceptual model; representing entities in a search system as documents containing the entity's searchable content and metadata; defining authorization rules for searchers over entities and their relationships; and extending an entity document to include searchable tokens defining the authorization rules. Defining authorization rules may include: identifying query predicate constraints for entity search; and defining searchable tokens as paths for query predicates and permissible searchers; wherein the permissible searchers are permitted access to data based on a query that contains the predicate. Defining authorization rules may further include: defining searchable document files for a free-text predicate with a field name as a token of permissible searchers and the field value as the searchable content. | 09-12-2013 |
20130246465 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR CONDITIONALLY ALLOWING ACCESS TO DATA ON A DEVICE BASED ON A LOCATION OF THE DEVICE - A system, method, and computer program product are provided for conditionally allowing access to data on a device based on a location of the device. In use, a location of a device storing data is identified. Furthermore, access to the data is conditionally allowed, based on the location. | 09-19-2013 |
20130246466 | SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR TRACKING THE MIGRATION OF OBJECTS TO DETERMINE WHETHER TO PERFORM A NETWORK BASED CHECK - A system, method, and computer program product are provided for tracking the migration of objects to determine whether to perform a network based check. In operation, an object is identified. Furthermore, a first security niche associated with the object is determined. Additionally, it is determined if the object is migrating from the first security niche to a second security niche. Still yet, a network based security check is conditionally performed if it is determined the object is migrating from the first security niche to the second security niche. | 09-19-2013 |
20130246467 | Remote Inventory Manager - A documentation inventory manager which assigns a protection key to each piece of documentation that is received. More specifically, when providing information to a receiving company, a client provides their files to a common FTP server. As a support team of the receiving company accesses the files and stores some or all of the files to a local storage system, the files are modified to include an imbedded header record. In certain embodiments, the imbedded header record includes information regarding an original file name sent by the client, a key value that is assigned to that version of the downloaded file, permissions such as whether the file can be copied, and the inventory manager location. Each time a version of the file is downloaded to a different location within the receiving company, that file name, location, and new unique key is updated in the documentation inventory manager. | 09-19-2013 |
20130246468 | SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR PUBLICLY PROVIDING WEB CONTENT OF A TENANT USING A MULTI-TENANT ON-DEMAND DATABASE SERVICE - In accordance with embodiments, there are provided mechanisms and methods for publicly providing web content of a tenant using a multi-tenant on-demand database service. These mechanisms and methods for publicly providing web content of a tenant using a multi-tenant on-demand database service can allow the web content to be published by a tenant using the multi-tenant on-demand database service for use by non-tenants of the multi-tenant on-demand database service. | 09-19-2013 |
20130262514 | SYSTEM, METHOD, AND DATABASE FOR PERSONAL INFORMATION MANAGEMENT WITH ADVANCED ACCESS CONTROLS - A database for online personal information management comprising: a first account; a first database user id; a second database user id, the second database user id being associated with the first account; a set of data nodes, the nodes being interlinked to form a graph; a data object having an associated node, the associated node being one node in the set of data nodes; an associated account; an object owner; at least one share right object associated with a node, the share right object having a parameter indicating whether the share right object is active when the owner is alive or when the object owner is deceased. | 10-03-2013 |
20130275470 | LOCAL ACCESS TO CLOUD-BASED STORAGE - In one example of local access to cloud-based storage, a computer-readable medium stores one or more executable instructions that, when executed, cause one or more processors to subscribe to a cloud service provider, store a digital catalog to the cloud service provider, register a point of access for at least a portion of the digital catalog with the cloud service provider, and receive expedited access to at least the portion of the digital catalog at the registered point of access. | 10-17-2013 |
20130282761 | SYSTEM AND METHOD FOR ENTITY SHAPE ABSTRACTION IN AN ON DEMAND ENVIRONMENT - The technology disclosed relates to presenting a data entity interface that connects a multi-tenant database code to a multi-tenant database and at least one other database from a different data source. In particular, it relates to providing a custom entity shape that serves as a common interface from a multi-tenant database application code to multiple databases from one or more different data sources that have fields implementing at least some common data with different data structures. This common interface creates a layer of abstraction that provides a consistent behavior across the multiple databases and sets rules that govern how information is presented and shared with the different data sources. | 10-24-2013 |
20130304760 | Computer Readable Recording Medium Storing Data Management Program, Data Management Apparatus, and Data Management System - Regarding a management of data stored in a folder to which a permission range of access is set, a data management apparatus is caused to perform (a) a detection region setting step which sets a detection region for detecting a preliminary operation, which is for storing any data into a destination folder which can store data; and (b) a storing limitation step which limits the storing of the data into the destination folder in cases where the preliminary operation is detected at the set detection region, and the access permission range set for the destination folder is different from the access permission range set for a source folder storing the data originally. | 11-14-2013 |
20130304761 | Digital Information Infrastruture and Method for Security Designated Data and with Granular Data Stores - Distributed computer system processes data having select content (SC) represented by one or more predetermined words, characters, etc. The system has a plurality of SC data stores in a server cloud for respective security designated (Sec-D) data and scarcity designated (S-D) data, each with respective access controls thereat. The SC data stores are is operatively coupled on a network. An identification module for identifying SC data stores for the Sec-D data and S-D data in the server cloud. A processor activates an SC data stores in the server cloud thereby permitting access to the SC data stores and respective Sec-D data and S-D data based upon an application of one or more of said access controls thereat. The processor has a reconstruction module operating as a data process employing the respective access controls to combine one or more of the Sec-D data and S-D data. | 11-14-2013 |
20130304762 | INFORMATION PROCESSING APPARATUS AND COMPUTER-READABLE MEDIUM STORING INFORMATION PROCESSING PROGRAM - Data processing unit produces first access target information. Location information obtaining unit obtains first location information indicating the identifier of a data storage device specified by a user, as well as indicating the location of a user-specified directory within the data storage device. Location information producing unit produces second location information indicating the location of a directory that is placed below the user-specified directory and uniquely assigned to the data processing unit. Access target information producing unit produces second access target information, using the location indicated by the second location information as a reference location. Access unit makes access to the target data file in the data storage device. | 11-14-2013 |
20130318125 | METADATA ENABLED THIRD-PARTY APPLICATION ACCESS OF CONTENT AT A CLOUD-BASED PLATFORM VIA A NATIVE CLIENT TO THE CLOUD-BASED PLATFORM - Techniques are disclosed for methods, architectures and security mechanisms for a third-party application to access content in a cloud-based platform. In one embodiment, a method includes, receiving, at the third-party application, metadata that identifies the file. The method further includes transmitting the metadata to a server which is associated with the third-party application. The metadata enables the server to request the file from the cloud-based environment. | 11-28-2013 |
20130332488 | VIN SCAN/CODE CATALOG AND INFORMATION LOOKUP - Electronic-based systems and methods for enhancing a user's experience when shopping for components of a mechanical or electrical device or apparatus, which include downloadable software (i.e., a mobile device application) that provides access to component information/data using the mobile device, in particular component information/data provided by a manufacturer from its personal database, electronic devices that include such software, and methods of accessing the component information and optionally, acting upon the information to order the component. | 12-12-2013 |
20130346449 | ONLINE ESTATE DOCUMENT MANAGEMENT SYSTEM - A system and method for an online estate document management, the system comprising a user interface; one or more than one estate document servers operably connected to the user interface; an estate document database operably connected to the one or more than one estate document servers; instructions for verifying the user; instructions for version control of the one or more than one estate document; and instructions for notifying one or more than one recipient of changes to the one or more than one estate document. | 12-26-2013 |
20140006449 | SYSTEM FOR INTEROPERATING DHT-BASED OVERLAY NETWORKS AND METHOD THEREOF | 01-02-2014 |
20140019487 | SYSTEMS AND METHODS WITH WORKSET MANAGEMENT IN AN ON-DEMAND COMPUTING ENVIRONMENT - A database system is provided. The system includes a database including workset storage for storing a workset of data objects and archived storage for storing archived data objects; a resource module coupled to the database and configured to manage access to the workset of data objects and the archived data objects; and a workset management module coupled to the resource module. The workset management module is configured to determine a workset lifespan limit and to manage the workset of data objects based on the workset lifespan limit. | 01-16-2014 |
20140032599 | MECHANISM FOR VISIBLE USERS AND GROUPS - Various embodiments described herein provide systems, methods, software, and data structures to allow or prevent viewing of users and groups of users by other users and groups of users. Some such embodiments include retrieving a listing of members from a member database, defining a first subset of one or more members selected from the retrieved member listing, and designating the first member subset as visible to a second subset of one or more members when a member of the second member subset retrieves a member listing. | 01-30-2014 |
20140032600 | SYSTEMS AND METHODS FOR DATA PRIVACY AND DESTRUCTION - A system and method for managing application(s)' access to personal data of an enterprise business partner is presented. The method includes selecting business partners having personal data records stored in a database connected to an enterprise computing system, for each particular business partner identifying each application that accesses the business partner's personal data records, inquiring from each identified application if it has reached an end-of-purpose period for the personal data records. If an end-of-purpose period has been reached receiving a start-of-retention-time from the application, storing the start-of-retention-time indication in a data record associated with the particular business partner, and blocking access by the particular application to the personal data records of the particular business partner. If a start-of-retention-time indication is not received allowing continued access by the particular application to the personal data records associated with the selected business partner. Applications located in remote systems can be queried and blocked. | 01-30-2014 |
20140032601 | FILE SYSTEM SHARING - File system sharing in multi-host computing system ( | 01-30-2014 |
20140046978 | PROPAGATING USER IDENTITIES IN A SECURE FEDERATED SEARCH SYSTEM - A method of implementing a universal framework for searching across multiple search platforms in a secure federated search. The method includes receiving, at a federated broker, a query from an authorized user, obtaining a plurality of user credentials associated with the authenticated user, wherein each of the plurality of user credentials are used to access at least one source of a plurality of sources, determining a required query format for each of the plurality of sources, translating the query into a plurality of queries formatted according to the required query format of each of the plurality of sources, propagating the plurality of translated queries and the plurality of user credentials to each corresponding source to appear to each corresponding source to be the authorized user, receiving, at the federated broker, results of each of the plurality of queries from each source of the plurality of sources, and consolidating the results of each of the plurality of queries to be displayed in a uniform manner. | 02-13-2014 |
20140089346 | METHODS AND APPARATUS FOR IMPLEMENTING SEMI-DISTRIBUTED LOCK MANAGEMENT - Disclosed is an improved approach for performing lock management. A semi-distributed Lock Management (SDLM) system is provided utilizing RDMA and an acyclic time-dependent dependency graph that can lead to higher system performance while maintaining higher flexibility and autonomy for each process at each compute node in the given cluster, in particular for distributed database applications. | 03-27-2014 |
20140101202 | File Access Using Counter Locking Mechanism - In an embodiment, a method is provided for accessing a file node. In this method, a file access request specifying a file node to be accessed by way of a file system is received at a server from a client device. A counter is referenced to identify that the file node is being accessed in response to a different file access request. The counter is configured to track whether the file node is being accessed. The file node is provided to the client device when the counter indicates a termination of access to the file node resulting from the different file access request. | 04-10-2014 |
20140108457 | LOCATION-BASED AND OTHER CRITERIA-BASED ESTABLISHMENT MANAGEMENT SYSTEMS AND METHODS - The disclosure herein provides methods, systems, and devices for managing, controlling, accessing, modifying, converting, and/or tracking software applications across one or more locations, and/or computing devices, and/or users, and/or other criteria. | 04-17-2014 |
20140108458 | NETWORK FILESYSTEM ASYNCHRONOUS I/O SCHEDULING - Resource acquisition requests for a filesystem are executed under user configurable metering. Initially, a system administrator sets a ratio of N:M for executing N read requests for M write requests. As resource acquisition requests are received by a filesystem server, the resource acquisition requests are sorted into queues, e.g., where read and write requests have at least one queue for each type, plus a separate queue for metadata requests as they are executed ahead of any waiting read or write request. The filesystem server controls execution of the filesystem resource acquisition requests to maintain the ratio set by the system administrator. | 04-17-2014 |
20140136570 | CONTROLLER AND PROGRAM - The present invention provides a technique for improving the reliability of access to a database system in a controller, such as a PLC. A PLC accessible to a database accesses a DB server in response to an event in which a user program calls a DB access processing program. The DB access processing program stores status information indicating a status of accesses to the DB server in a nonvolatile memory, in accordance with an instruction of the user program. When a power interruption occurs, the PLC can obtain a status of accesses to the DB server at the timing of the occurrence of the power interruption by referring to the status information. Then, the PLC, for example, re-sends a SQL sentence, depending on the access status. | 05-15-2014 |
20140143278 | APPLICATION PROGRAMMING INTERFACE LAYERS FOR ANALYTICAL APPLICATIONS - A system for accessing analytical data for external use may include a database storing a first data set and a second data set. The first data set and the second data set may include analytical data. A first access layer may provide access to a first data set from the database and a second access layer may provide access to a second data set from the database. A first application programming interface may provide functions to access the first access layer and a second application programming interface may provide functions to access the second access layer. The first application programming interface may be configured to receive a request via the first access layer to access the first data set from the database and the second application programming interface may be configured to receive a request via the second access layer. | 05-22-2014 |
20140143279 | CONSUMER-SPECIFIC BUSINESS OBJECT EXTENSIBILITY VIA INHERITANCE - The disclosure generally describes computer-implemented methods, software, and systems for creating consumer-specific controller objects from business objects. One computer-implemented method includes identifying a business object, creating a first controller associated with the identified business object, wherein the first controller includes a set of attributes associated with the identified business object, identifying a first set of accessible attributes from the set of attributes to which the first controller should allow access, and configuring the first controller to allow access to the first set of accessible attributes. | 05-22-2014 |
20140149459 | DATA EXPANSE VIEWER FOR DATABASE SYSTEMS - Systems and methods for obtaining access to a database file managed by an operating system in a computing system are disclosed. One method includes transmitting a call to an operating system from a database management system, the call requesting access to a database file. The method also includes receiving an address from the operating system at the database management system. The address represents a general address of the database file managed by the operating system. The method further includes transmitting a call to the operating system from the database management system, which includes an address and a size of a view of the database file to be created. The method also includes receiving an address of the view of the database file from the operating system. | 05-29-2014 |
20140149460 | METHOD OF PARTITIONING A DATABASE - The invention is directed towards a method of partitioning data in a database. The database is configured to be accessed by an entity. The method comprises the steps of defining a first partition within the database, defining a second partition within the database and assigning selected data in the database to the first partition and the second partition, wherein data assigned to both the first partition and the second partition may only be accessed by an entity assigned to both said first partition and said second partition. | 05-29-2014 |
20140172915 | SYSTEMS AND METHODS FOR SELECTIVELY PROVIDING ACCESS TO CONTENT - One illustrative embodiment involves receiving a content request for accessing a piece of content, the content request identifying the piece of content, the content request received by a first computer device, and the content request requesting access to the piece of content by a content requester. The embodiment further involves receiving information about the content requester and sending from the first computer device a requester-specific information request requesting additional information from the content requester based at least in part on information about the content requester. The embodiment further involves receiving the additional information at the first computer device and selectively, at the first computer device, providing access to the piece of content based at least in part on the additional information. | 06-19-2014 |
20140172916 | CONCURRENT ACCESS FOR HIERARCHICAL DATA STORAGE - A method of providing concurrent access to a hierarchy in a data structure may include receiving a request from a first process to change a first value associated with an object, where the request may include a second value to be combined with the first value. The method may also include determining that a second process is currently accessing information associated with the object. The method may additionally include associating, in response to determining that the second process is currently accessing information associated with the object, the second value with the object without combining the first value and the second value. | 06-19-2014 |
20140188937 | SYSTEMS, METHODS, AND MEDIA FOR CONTROLLING ACCESS TO MEDIA CONTENT - Systems, methods and media for controlling access to media content are provided. In some embodiments systems for controlling access to media content are provided, the systems comprising processing circuitry configured to: determine whether media content can be0 associated with a slot; associate the media content with the slot and resetting a counter for the slot when it is determined that the media content can be associated with the slot; determine whether the media content is associated with the slot; grant access to the media content and updating a count of accesses to the media content when it is determined that media content is associated with the slot; determine if access to the media content has expired; and prevent access to the media content when it is determined that the access to the media content has expired. | 07-03-2014 |
20140195563 | OBJECT GRAPH PARTIAL IMMUTABILITY AND ISOLATION ENFORCEMENT - The type definition of particular types such that different portions of the corresponding object graph may have different permissions assigned to those portions during instantiation. This allows structured permissions to be applied to instantiations of the object graphs of those defined types, allowing fine grained control over what access permissions are enforced against which portions of the object graph. In some embodiments, different instantiations of the object graph may apply permissions differently. | 07-10-2014 |
20140207821 | PRESENTING METADATA FROM MULTIPLE PERIMETERS - In some implementations, a method for managing data in a user device includes pushing first metadata for a first resource in a first perimeter to a service external to the first perimeter. The first perimeter is configured to prevent external resources from accessing resources in the first perimeter. Second metadata for a second resource in a second perimeter is pushed to the external service. The external service is external to the second perimeter, the second perimeter being configured to prevent external resources from accessing resources in the second perimeter. Information is presented to the user based on a combination of the first metadata and the second metadata. | 07-24-2014 |
20140236997 | CONTROLLER, INFORMATION PROCESSING APPARATUS, AND RECORDING MEDIUM - A technique for facilitating debugging in a user program which operates by cooperation of a PLC and another system in a control system including a controller and another system. A CPU unit has a communication interface, executes a user program, calls DB connection service in accordance with an instruction included in the user program, and generates a statement to access a database device. In the DB connection service, operation is performed while switching a first mode and a second mode. In the first mode, a statement according to an access instruction is generated, the generated statement is transmitted to a database system, and a result of a response is sent to the user program. In the second mode, without transmitting the statement to the database device, a result of execution corresponding to the statement is sent to the user program. | 08-21-2014 |
20140236998 | MANAGING GLOBAL CACHE COHERENCY IN A DISTRIBUTED SHARED CACHING FOR CLUSTERED FILE SYSTEMS - Various embodiments are provided for managing a global cache coherency in a distributed shared caching for a clustered file system (CFS). The CFS manages access permissions to an entire space of data segments by using the DSM module. In response to receiving a request to access one of the data segments, a calculation operation is performed for obtaining most recent contents of one of the data segments. The calculation operation performs one of providing the most recent contents via communication with a remote DSM module which obtains the one of the data segments from an associated external cache memory, instructing by the DSM module to read from storage the one of the data segments, and determining that any existing contents of the one of the data segments in the local external cache are the most recent contents. | 08-21-2014 |
20140244688 | ACCESS REQUESTS WITH CACHE INTENTIONS - A lease system is described herein that allows clients to request a lease to a remote file, wherein the lease permits access to the file across multiple applications using multiple handles without extra round trips to a server. When multiple applications on the same client (or multiple components of the same application) request access to the same file, the client specifies the same lease identifier to the server for each open request or may handle the request from the cache based on the existing lease. Because the server identifies the client's cache at the client level rather than the individual file request level, the client receives fewer break notifications and is able to cache remote files in more circumstances. Thus, by providing the ability to cache data in more circumstances common with modern applications, the lease system reduces bandwidth, improves server scalability, and provides faster access to data. | 08-28-2014 |
20140258334 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING SYSTEM AND INFORMATION PROCESSING METHOD - An information processing apparatus includes a file obtaining information generating part that generates file obtaining information at based on at least a place at which a first file is stored; a combined file generating part that combines the file obtaining information generated by the file obtaining information generating part with the first file or a second file corresponding to the first file to generate a combined file; a request receiving part that receives a request that is based on the file obtaining information that is input to an external terminal unit by using the combined file generated by the combined file generating part; and a file managing part that carries out a process according to the request received by the request receiving part. | 09-11-2014 |
20140280345 | AUTOMATED AND DELEGATED MODEL-BASED ROW LEVEL SECURITY - Business groups are created to secure business entities of a BI data model. In one aspect, a user to be secured is selected and a business group of the BI model is retrieved. Based on the business group, access to a business entity of the BI model is secured. The business group is associated with the business entity it secures. A value of the secured business entity is selected. A user is secured by assigning the user to the business group for the selected value. The value of the secured business entity is assigned to the user. In one aspect, requests from the user to access the secured business entity are filtered based on the assigned, to the user, value of the business entity. | 09-18-2014 |
20140280346 | METHOD AND SYSTEM TO RELEASE IMS RESOURCES USED BY IMS BATCH APPLICATION PROGRAMS - The embodiments provide a system for managing access to Information Management System (IMS) database resources. The system may include an initialization routine configured to generate a first task in response to an IMS batch job request to enable an application program access to IMS resources including attaching an IMS Coordinator Controller. The IMS Coordinator Controller may be configured to establish a database resource adaptor (DRA) connection to an IMS database control region. The initialization routine may be configured to generate a second task in response to the DRA connection being established including attaching an application program controller. The application program controller may be configured to transform a database access call from the application program to a DRA interface call to access the IMS resources via the DRA connection. | 09-18-2014 |
20140324910 | SYSTEM AND METHOD FOR CONNECTION LABELING FOR USE WITH CONNECTION POOLS - A system and method for connection labeling for use with connection pools. In accordance with an embodiment, the system comprises a connection pool, including a plurality of connection objects which provide connections that software applications can use to make requests to access the database, wherein each of the connections can be labeled according to the configuration of particular applications; and a connection pool logic that identifies connections labeled as high-cost connections, and avoids using those high-cost connections to serve requests when the total number of connections is below a particular threshold value. | 10-30-2014 |
20140324911 | SUPPORT FOR CLOUD-BASED MULTI-TENANT ENVIRONMENTS USING CONNECTION LABELING - A system and method for connection labeling for use with connection pools, including support for cloud-based multi-tenant environments using connection labeling. In accordance with an embodiment, the system comprises a connection pool, including a plurality of connection objects which provide connections that software applications can use to make requests to access the database, wherein each of the connections can be labeled according to the configuration of particular applications; and a connection pool logic that identifies connections labeled as high-cost connections, and controls the creation or repurposing of high-cost connections to serve requests from the multiple tenants or tenant applications. | 10-30-2014 |
20140330868 | TRUSTED FILE INDIRECTION - Methods and systems for performing file transfers across different domains hosted by a virtualization server are described herein. A trusted domain (Dom 0) may indicate that one or more files, directories, and/or volumes are available to a second domain (guest domain) by updating share information stored in a key value store. The guest domain may enumerate the shared files to appear as if within its own file system structure. The guest domain intercepts calls to its file system, determines whether the requested data is actually stored in its own file system or in trusted domain, and proxies the file system call to the trusted domain when the requested data is shared by the trusted domain. Key value store information and shared data information and contents may be communicated using one or more memories shared between the trusted domain and guest domain. | 11-06-2014 |
20140358972 | INTERCONNECT PARTITION BINDING API, ALLOCATION AND MANAGEMENT OF APPLICATION-SPECIFIC PARTITIONS - Systems and methods for operating a database in system memory within a virtual partition are described. One system includes one or more host computing systems, each host computing system including at least one execution core and a system memory. The system includes a plurality of virtual partitions executing on the one or more host computing systems and including a first partition having at least a portion of the system memory associated with at least one of the one or more host computing systems and configured to store a database therein. The system also includes an interconnect layer communicatively connecting the plurality of virtual partitions, the interconnect layer providing a programming interface by which direct memory access operations between partitions are coordinated. In response to database commands received at the first partition, the data stored in the database is provided to a requesting partition a direct memory access operation. | 12-04-2014 |
20140372484 | DATABASE MULTIPLEXING ARCHITECTURES - Techniques for database multiplexing. Within a group of two or more logical databases, each having a plurality of database nodes, the group of logical databases being part of a multitenant database environment that stores data for multiple client entities each identified by a tenant identifier (ID) having one of one or more users associated with the tenant ID, wherein users of each of multiple client entities can only access data identified by a tenant ID associated with the respective client entity, and wherein the multitenant database is a hosted database provided by an entity separate from the client entities, and provides on-demand database service to the client entities, the tenant ID is used to determine a mapping between the tenant ID and one of the plurality of logical databases. A plurality of application servers coupled with two or more of the logical databases are used to service requests received from remote client device using the mapping to access a selected logical database corresponding to the tenant ID. | 12-18-2014 |
20140379756 | SYSTEM AND METHOD FOR TRANSPARENT MULTI KEY-VALUE WEIGHTED ATTRIBUTED CONNECTION USING UNI-TAG CONNECTION POOLS - A system and method for transparent multi key-value weighted attributed connection using uni-tag connection pools. In accordance with an embodiment, a connection pool enables labeling of connections that software applications can use to access a database. A connection pool associated with a database enables tagging of connection pools at the database and allows applications to selectively obtain connections based on tags. A request is received from an application to query data from the database using a labeled connection or low-cost alternative. If a low-cost connection is found, but requires configuration, the system returns unmatched labels for use by the application in configuring its environment to use the connection. The system can also generate a tag for the connection. Upon subsequent release of the database session, the tag can be made available for subsequent use of the tag, or a tagged connection, by the same or by other applications. | 12-25-2014 |
20150026213 | SYSTEM AND METHOD FOR PROVIDING A SHAREABLE GLOBAL CACHE FOR USE WITH A DATABASE ENVIRONMENT - Described herein is a system and method for providing a shareable global cache for use with a database environment. In accordance with an embodiment, a shareable global cache is used for caching connections to database instances. When a request is received for a particular service, the system looks for an idle connection to that service, and, if none is available, locates an existing connection to a database instance serving that service and switches a service on the existing connection to that service. | 01-22-2015 |
20150046493 | ACCESS AND MANAGEMENT OF ENTITY-AUGMENTED CONTENT - Access and management of a user's content may be facilitated by, in response to receiving a request for content related to a specified entity from the repository associated with at least the user's account, identifying, in a content of a file in the repository, an entity container of at least one entity container associated with the specified entity; and communicating the entity container that is associated with the specific entity to a source of the request. | 02-12-2015 |
20150066987 | METHOD AND SYSTEM FOR ACCESSING A SET OF DATA TABLES IN A SOURCE DATABASE - Embodiments relate to accessing a set of data tables in a source database. A set of table categories is provided for tables in the source database and a set of metrics is provided. For each table of the set of the data tables: the set of metrics is evaluated, the evaluated set of metrics is analyzed, and the table is categorized into one of the set of table categories using the result of the analysis. Information indicative of the table category of each table of the set of tables is output, and in response, a request to select data tables of the set of data tables is received according to a part of the table categories for data processing. A subset of data tables of the set of data tables is selected using the table categories for performing the data processing on the subset of data tables. | 03-05-2015 |
20150088934 | HOSTED APPLICATION GATEWAY ARCHITECTURE WITH MULTI-LEVEL SECURITY POLICY AND RULE PROMULGATIONS - A hosted application gateway server node may be communicatively coupled to backend systems, client devices, and database shards associated with database servers. Through the gateway server node, various services may be provided to managed containers running on client devices such that enterprise applications can be centrally managed. A sharding manager may manage relationships of database items across database shards. Each shard stores a copy of a table representing a split of a relationship. A shard ID mask is included in each item's ID. At query time, the shard ID can be extracted and used to query the correct database. This query routing mechanism allows navigation from one shard to another when multiple items are in a relationship (e.g., share the same resource such as a document). As such, embodiments can eliminate the need for APIs to join in data that span multiple shards. | 03-26-2015 |
20150100601 | DISPERSED STORAGE SYSTEM WITH SUB-VAULTS AND METHODS FOR USE THEREWITH - A method for execution by one or more processing modules of a dispersed storage network (DSN) includes receiving a data access request for at least one data segment stored in the DSN. A vault associated with data access request is identified along with one of a plurality of sub-vaults associated with the vault. Access information corresponding to the one of the plurality of sub-vaults is retrieved to determine whether the access request is allowed. When the access request is allowed, a sub-vault directory associated with the one of the plurality of sub-vaults is retrieved to identify a DSN address corresponding to the data access request, and fulfilling the data access request based on the DSN address. | 04-09-2015 |
20150113019 | Obtaining Access-Restricted Search Related Structured Data - Methods and apparatus related to obtaining access-restricted search related structured data. Stored access-restricted search related structured data may be obtained in response to an authorized informational query request. An access-restricted data key corresponding to the informational query request may be compared with a database data access key in a database that includes the access-restricted search related structured data to determine whether access to such data is allowed. Search results that include and/or are based on access-restricted search related structured data may also be obtained. | 04-23-2015 |
20150134699 | DATA MOVEMENT FROM A DATABASE TO A DISTRIBUTED FILE SYSTEM - Provided are techniques for data movement. An activity is created that overrides existing security, that is associated with a user, that defines one or more source tables in a relational database and one or more target tables that are available to the user for the activity, and that provides security credentials of an author of the activity for use by the user, wherein the one or more target tables represent data in one or more target files in a file system. The activity is executed using the security credentials of the author to move data in a source table of the one or more source tables to a target file of the one or more target files, wherein a target table of the one or more target tables is defined over the target file. Access is provided to the user to the moved data using the target table. | 05-14-2015 |
20150134700 | TERMINATING USER ACCESS TO DATABASE SYSTEMS - Terminating user access to database systems is described. A system receives, from a user interface associated with a system administrator, a request to terminate access by a user of a database system. The system terminates access by the user to the database system, without deleting an account associated with the user from an association with data and/or a workflow associated with the database system. | 05-14-2015 |
20150304304 | SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR ENABLING ACCESS TO A RESOURCE OF A MULTI-TENANT ON-DEMAND DATABASE SERVICE UTILIZING A TOKEN - In accordance with embodiments, there are provided mechanisms and methods for enabling access to a resource of a multi-tenant on-demand database service utilizing a token. These mechanisms and methods for enabling access to a resource of a multi-tenant on-demand database service utilizing a token can be utilized to prevent identification of a user attempting to access the resource, and thus unwanted use of the user's identity. | 10-22-2015 |
20150310067 | METHOD AND SYSTEM FOR PROVIDING SECURITY IN A DATA FEDERATION SYSTEM - An example method of controlling access to data stored in a plurality of autonomous data sources includes receiving a federated query including a plurality of source queries. The method also includes receiving a request to submit a source query to a target data source. The method further includes determining whether the request matches at least one rule stored in a rules database. A rule that includes a given query matches a request that includes the given query. The method also includes when it is determined that the request does not match a rule stored in the rules database, sending a communication to cause (i) the source query to be submitted to the data source, and (ii) an initial result of the source query to be masked. The initial result of the source query has the same structure as the masked result of the source query. | 10-29-2015 |
20150317312 | Playlist Programming - Systems, device and techniques are disclosed for receiving a request from a user to add a media item to a playlist at a certain playlist position where the media items in the playlist are provided to other users in a media group. Based on a determination that the requesting user has rights to the requested media item, the requested media item may be added to the playlist at the position. When the playlist reaches the position, the user that added the media item to the playlist may be provided with a first version of the media item and the other users in the group may be provided with a second version of the media item. If the user that requested the item to be added to the playlist is determined not to have rights to the media item, the item is added to a position different than the requested position. | 11-05-2015 |
20150324598 | Method and System for Managing Uniquely Identifiable Bookmarklets - A method and system for collecting data contained within web resources in a uniquely identifiable bookmarklet system wherein the uniquely identifiable bookmarklet system includes uniquely generated bookmarklets that execute an unobtrusive script within the document object model of a currently loaded Web Page in a Web Browser program, whereby the script sends a request containing an identifying marker associated with the bookmarklet. The request containing the identifying marker is authenticated and authorized in order to allow one or more users executing the bookmarklet to submit data extracted from the document object model of a currently loaded Web Page to one or more data collections associated with the bookmarklet. | 11-12-2015 |
20150339483 | REVISING POLICY STATEMENTS USING HYPERLINKS - A method, system, and/or computer program product revises a policy that provides rules on how to alter statements to access or manipulate data in a database. A user interface (UI) has a field containing a sample database query statement. The sample database query statement is parsed into clauses, where each clause depicts a specific type of grammatical structure. A different hyperlink is associated with each of the clauses. In response to receiving a signal activating a particular hyperlink for a particular clause, change options, for the particular clause, are presented from a resource that presents change options for the specific type of grammatical structure. User-selected changes to the particular clause are incorporated into a new rule, which causes a clause of the particular type of grammatical structure in any database query statement to be changed. Each change becomes a new rule in a revised policy. | 11-26-2015 |
20160034715 | DATA PRIVACY EMPLOYING A K-ANONYMITY MODEL WITH PROBABALISTIC MATCH SELF-SCORING - According to one embodiment of the present invention, a system for protecting data determines a desired duplication rate based on a level of desired anonymity for the data and generates a threshold for data records within the data based on the desired duplication rate. The system produces a data record score for each data record based on comparisons of attributes for that data record, compares the data record scores to the threshold, and controls access to the data records based on the comparison. Embodiments of the present invention further include a method and computer program product for protecting data in substantially the same manners described above. | 02-04-2016 |
20160042197 | RESTRICTING SENSITIVE QUERY RESULTS IN INFORMATION MANAGEMENT PLATFORMS - As information becomes more accessible to the public, the ability to predict and estimate sensitive data from the data already available to the general public becomes easier. The existing privacy-preserving data mining approaches only consider the information the user is querying and do not consider the information the user already has, and how the user can use that information in combination with the query information to create sensitive data that the user should not have access to. Some embodiments of the present invention provide a query analysis (QA) program that solves the aforementioned problem by taking into account data that a user may already have, whether it is private data or data that is available to the public, and then using that data, along with the data that would be returned in the query, to determine if sensitive data could be recreated. | 02-11-2016 |
20160055195 | METHOD AND SYSTEM FOR PROVIDING CONCURRENT BUFFER POOL AND PAGE CACHE - The present disclosure provides a method for providing concurrent one or more buffer pools associated with a database of a database management system is provided. The method includes creating one or more tables in each of the one or more buffer pools at runtime, receiving a request simultaneously from a corresponding plurality of users for accessing a page of a plurality of pages stored in a buffer pool of the one or more buffer pools and enabling each of the plurality of users to access the corresponding page of the plurality of pages concurrently. Each of the one or more tables is a lockless table. Each of the one or more tables includes a plurality of lockless slots. The plurality of pages is requested from a corresponding slot of the plurality of lockless slots in a corresponding table of the one or more tables in the buffer pool. | 02-25-2016 |
20160070758 | System and Method for Multi-Tiered, Rule-Based Data Sharing and Ontology Mapping - A system for managing data sharing and permissioning for a plurality of sensitive information across disparate entities and contexts. The system enables multiple tiers of permission rules that may vary by requesting user, specific data fields, and sharing context. The system provides patients or other users who provide data with an interface to select permission rules so that other users may access that data in a controlled manner. The system is capable of capturing and structuring the logic of written laws, consent agreements, and individual user preferences that enable or restrict data sharing among users. The system provides a requesting user with an interface to query the data about a patient or other entity, where data access is enabled by applicable rules. These rules may be set and controlled by the user, other users with permission to set access controls on the user's behalf, or any laws or consent agreements governing data sharing among users. The system provides consistent access to information by linking related data fields through ontological mappings. The system may facilitate the creation of new knowledge using ontology-mapped data from disparate sources. A method for managing access to a plurality of sensitive information across multiple entities is also described. | 03-10-2016 |
20160078060 | Providing Selective Access To A Database In A Size-Managed State - Embodiments relate to managing access to a database. A computer system for managing access to a database is provided. The computer system comprises a memory having computer readable instructions and a processor configured to execute the computer readable instructions. The instructions comprise determining that the database is in a size-managed state. The instructions further comprise denying access to the database based on determining that a received database command is for increasing a size of the database. The instructions further comprise allowing access to the database according to the received database command based on determining that the received database command is not for increasing the size of the database. | 03-17-2016 |
20160078063 | Providing Selective Access To A Database In A Size-Managed State - Embodiments relate to managing access to a database. A method of managing access to a database is provided. The method determines that the database is in a size-managed state. Based on determining that a received database command is for increasing a size of the database, the method denies access to the database. Based on determining that the received database command is not for increasing the size of the database, the method allows access to database according to the received database command. | 03-17-2016 |
20160085776 | REDUCING LOCK OCCURRENCES IN SERVER/DATABASE SYSTEMS - Limiting the number of concurrent requests in a database system. Arranging requests to be handled by the database system in at least one queue. Defining a maximum value (SS) of concurrent requests corresponding to the at least one queue. Monitoring at least one queue utilization parameter corresponding to the at least one queue and calculating a performance value based on the at least one queue utilization parameter. Adapting the maximum value (SS) of concurrent requests of the at least one queue dynamically based on the performance value (PF) in order to improve system performance. Limiting the number of concurrent requests of the at least one queue dynamically based on the dynamically adapted maximum value (SS). | 03-24-2016 |
20160147906 | Transaction Control Block for Multiversion Concurrency Commit Status - Disclosed herein are system, method, and computer program product embodiments for utilizing a transaction control block for providing reader-writer access to transaction commit status. An embodiment operates by receiving a row read request and determining that the row is versioned. The system determines that a first timestamp information for a row destroy transaction associated with the row exists in a transaction control block and retrieves the first timestamp information from the transaction control block. | 05-26-2016 |
20160253369 | GRAPHICAL LOCK ANALYSIS | 09-01-2016 |
20170235968 | INFORMATION PROCESSING SYSTEM AND INFORMATION PROCESSING METHOD | 08-17-2017 |
20180025174 | ACCESS CONTROLLED QUERIES AGAINST USER DATA IN A DATASTORE | 01-25-2018 |