38th week of 2008 patent applcation highlights part 67 |
Patent application number | Title | Published |
20080229377 | METHOD OF SELECTING BROADCAST CHANNELS AND A BROADCAST RECEIVING TERMINAL - A method for displaying broadcast content in a portable electronic device includes identifying a priority channel to be displayed on a display associated with the electronic device, indicating that the priority channel is no longer available, and displaying content associated with a current channel which differs from the priority channel. The method further includes indicating that the priority channel is available for displaying on the display, and switching a displayed channel of the display from the current channel to the priority channel. | 2008-09-18 |
20080229378 | System and Method of Distributing Audio and Video Signals | 2008-09-18 |
20080229379 | Method and apparatus providing scalability for channel change requests in a switched digital video system - A method, apparatus and computer program product for providing scalability for channel change requests in a Switched Digital Video system is presented. A request for a channel change is received. A determination is made regarding whether a channel requested by the request for a channel change is currently being provided to the settop box. When the channel requested by the request for a channel change is being provided to the settop box then the request for a channel change is buffered for transmission at a later time. When the channel requested by the request for a channel change is not being provided to the settop box then the request for a channel change is immediately sent to an SDV server in communication with the settop box. | 2008-09-18 |
20080229380 | METHOD AND APPARATUS FOR TRANSMITTING AND RECEIVING BROADCASTING INFORMATION USING RESERVED CHANNELS - Disclosed are a method and apparatus for transmitting and receiving broadcasting information. A method of receiving broadcasting information using reserved channels according to an aspect of the present invention includes receiving information of a program schedule that includes a dynamic program having a flexible broadcasting schedule, searching one or more reserved channels that receive broadcasting signals according to a new program schedule changed due to the dynamic program, and receiving the broadcasting signals through the one or more searched reserved channels. | 2008-09-18 |
20080229381 | SYSTEMS AND METHODS FOR MANAGING APPLICATION SECURITY PROFILES - Systems and methods for configuring and evaluating policies that direct processing of one or more data streams are described. A configuration interface is described for allowing users to specify object oriented policies. These object oriented policies may allow any data structures to be applied with respect to a payload of a received packet stream, including any portions of HTTP traffic. A configuration interface may also allow the user to control the order in which policies and policy groups are executed, in addition to specifying actions to be taken if one or more policies are undefined. Systems and methods for processing the policies may allow efficient processing of object-oriented policies by applying potentially complex data structures to unstructured data streams. A device may also interpret and process a number of flow control commands and policy group invocation statements to determine an order of execution among a number of policies and policy groups. These policy configurations and processing may allow configuration and processing of complex network behaviors relating to load balancing, VPNs, SSL offloading, content switching, application security, acceleration, and caching. | 2008-09-18 |
20080229382 | MOBILE ACCESS TERMINAL SECURITY FUNCTION - Provided are a method, wireless communication device, and wireless communications system for managing packet data transmissions. The method includes receiving a set of security policies ( | 2008-09-18 |
20080229383 | CREDENTIAL CATEGORIZATION - The user can associate metadata with information cards. The metadata can include, among other possibilities, string names, icons, user policies, containers, and hierarchies. The metadata is stored by the computer system. The metadata can then be used to filter the set of information cards that can satisfy a security policy from a relying party. | 2008-09-18 |
20080229384 | POLICY-BASED AUDITING OF IDENTITY CREDENTIAL DISCLOSURE BY A SECURE TOKEN SERVICE - A user defines an audit policy. The audit policy identifies one or more triggers that, when related information is included in a security token, trigger the performance of the audit. The audit can include notifying the user in some manner that the trigger occurred. The audit can require in-line confirmation of the audit, so that the security token is not transmitted until the user confirms the audit. | 2008-09-18 |
20080229385 | Mobility Aware Policy and Charging Control in a Wireless Communication Network - One embodiment of the present invention provides a method for implementation in a policy control and charging rules functional entity in a wireless communication system. The method includes receiving, from at least one of a source policy and charging enforcement function in a source access network or a target policy and charging enforcement function in a target access network, information indicative of a mobile unit that has handed off from the source access network to the target access network. The method also includes establishing a first session for communicating policy and charging rules associated with the mobile unit. The first session is concurrent with a second session for communicating policy and charging rules associated with the mobile unit. The second session was previously established with the source policy and charging enforcement function in the source access network. The method further includes transmitting at least one policy and charging rule to the target policy and charging enforcement function using the first session. | 2008-09-18 |
20080229386 | Substrate processing apparatus - The object of the present invention is to provide a substrate processing apparatus and a substrate processing system capable of performing an appropriate processing in response to the operating condition of the substrate processing apparatus and of realizing an improvement in the availability rate of the apparatus. The substrate processing apparatus includes: storage section for storing a plurality of recipes describing a procedure for processing a substrate and operating authorities of a user corresponding to the plurality of recipes; and display section for displaying an authority setting screen for setting the operating authorities of the user to the respective recipes and an edition screen for editing a recipe stored in the storage section on the basis of the operating authority set via the authority setting screen. The substrate processing apparatus can edit the authority setting screen displayed by the display section and can set different operating authorities to the recipe between when the operating condition of the substrate processing apparatus is online and when the operating condition of the substrate processing apparatus is offline. | 2008-09-18 |
20080229387 | Drm System - A method of and system for digital rights management, in which access to a piece of content is granted in accordance with a license owned by a license owner to a client who is a member of a domain. This requires successfully verifying that a membership relation exists between the client and the domain as reflected in a first state variable, and that an association relation exists between the license owner and the domain as reflected in a second state variable. Both relationships are revoked by executing an online protocol between the parties in the relationship after which both remove the corresponding state variable. The domain controller propagates the state administration relating to the domain is propagated to the client so that the client can update its state administration. | 2008-09-18 |
20080229388 | DEVICE AGENT - Device agents and methods are disclosed. In one embodiment, the method comprises monitoring, at an access device, at least a subset of device activity. The method further comprises detecting an activity satisfies at least one condition specified by a policy and executing at least one action in the policy associated with the satisfied condition. | 2008-09-18 |
20080229389 | RESTRICTING ACCESS TO HARDWARE FOR WHICH A DRIVER IS INSTALLED ON A COMPUTER - Users of a computer are prevented from directly accessing certain hardware for which a driver is installed on the computer. The users are provided a limited, indirect manner to access the hardware for a specific purpose or to do a specific job. One example of such hardware is a wireless hardware communication interface. The wireless activity of the computer may be restricted so that the wireless hardware communication interface is prevented from communicating with any devices compatible with the wireless hardware communication interface other than one or more specific devices. | 2008-09-18 |
20080229390 | Method and Apparatus for Handling Invites to a Multi-User Communication Session - A method of handling Invite messages for a multi-user communication session utilizing the IP Multimedia Subsystem to set up and control the session. Two or more access servers control user access. A first access server receives from a session-initiating user, an Invite that identifies as a potential participant, at least one user group which is owned by a second access server. The first access server sends to the second access server, an Invite that identifies the user group. The second server resolves the group identification into a set of group member identities and sends the identities in a response to the first access server. The first access server then sends Invites to at least some of the group members identified in the response. | 2008-09-18 |
20080229391 | CONTENT MANAGEMENT APPLICATION FOR AN INTERACTIVE ENVIRONMENT - The content management application is an intranet application which provides a process for implementing changes to an internet website of a company by providing the company the ability to define and enforce a common style of page layout. The application can be accessed via a desktop browser and multiple users may access the application for multiple reasons at the same time. The application also dynamically generates new page designs and new component design with various people assigned to groups or teams enabling the continuous creation and processing of content. Once the content is created and reviewed, it is then launched onto the company's internet site for viewing by the internet users accessing the company's web page. | 2008-09-18 |
20080229392 | SYMBIOTIC HOST AUTHENTICATION AND/OR IDENTIFICATION - Embodiments of identifying and/or authenticating membership in a symbiotic network are disclosed. | 2008-09-18 |
20080229393 | Method and apparatus for access security services - One embodiment disclosed relates to a method for a switch to respond to a new client. A new client is detected at a port of the switch. The switch temporarily assigns the port to be an untagged member of a virtual local area network (VLAN) which is configured for unauthorized clients. Initialization services are provided to the new client via the unauthorized-client VLAN. The new client may be authenticated by way of an authentication session using the unauthorized-client VLAN. If the new client is authenticated, then the untagged membership of the port in the unauthorized-client VLAN is dropped, and the port is assigned to be an untagged member of a specified VLAN. | 2008-09-18 |
20080229394 | Method and System For Securely Protecting Data During Software Application Usage - Techniques for use in enterprise and similar computing systems securely protect data during software application use by generating private table seeds as a function of a predetermined parameters and private tables as a function of the private table seeds. Each of the private tables associates with a distinct one of the private table seeds, each of the private tables associates with a site. An enterprise table seed is formed using other parameters and an enterprise table is derived from the enterprise table seed. The enterprise table permits data communication throughout an enterprise. A string of characters allows accessing a global private information protection system which includes global tables for integrating the private tables, the enterprise tables, and the global tables into a runtime application program at a remote location and coordinating the user's use to control assure only secure use and prevent inadvertent disclosure of the protected information. | 2008-09-18 |
20080229395 | Method and Apparatus for Using a Proxy to Manage Confidential Information - A method, apparatus, and computer usable code for managing confidential data. A request is received to access an application from a user, wherein the application includes logic to process the confidential data. One of a first interface or a second interface is selected based on an identification whether the user is permitted to see the confidential data to form a selected interface in response to receiving the request. A selected interface is presented to the user. The first interface presents the confidential information and second interface presents non-confidential information without presenting the confidential information. The second interface allows access to the logic in the application without accessing the confidential data. | 2008-09-18 |
20080229396 | ISSUING A COMMAND AND MULTIPLE USER CREDENTIALS TO A REMOTE SYSTEM - A login shell and command access checking supporting multiple user credentials are provided. The login shell receives a request to execute a command from a remote computer including a multi-user credential. The login shell authenticates the command access rights of the multi-user credential. In response to command access rights being granted, the command is executed. | 2008-09-18 |
20080229397 | Website log in system with user friendly combination lock - User friendly log in system for validation of user for entry into a website includes: (a) a plurality of user computers; (b) an internet; (c) a host server connected to the internet for connection to user computers; and (d) a website program hosted on the host server for a website that requires individual user security, for connecting each of the plurality of computers to the website available to the user computers, that includes an open log in field. The program has software for secured activity for receiving and recognizing a unique user identification from a user of a user computer to create a personal combination lock rule for a unique easy-to-remember user initialization input that includes a preset selection and operation of the intersection of a first randomly arranged challenge presentation and a second randomly arranged challenge presentation to obtain a selection solution. | 2008-09-18 |
20080229398 | FRAMEWORK AND TECHNOLOGY TO ENABLE THE PORTABILITY OF INFORMATION CARDS - When a user connects a pluggable card store to a machine, the machine plugs a pluggable card provider into a card provider registry. The pluggable card store can be an object portable to the user, or can be a remote store available via some connection, such as an FTP connection. The user can then use the information cards stored on the pluggable card store in a transaction. | 2008-09-18 |
20080229399 | Seamless Multiple Access Internet Portal - Multiple access internet portals are provided. A representative system, among others, includes a communication facility and a wireless internet server. The communication facility is operable to connect to a plurality of wireless devices through a mobile network. The wireless internet server is coupled to the communication facility and retrieves a personalized profile associated with a registered user an one of the plurality of wireless devices, and provides substantially similar personalized content to said at least one registered user on a variety of platforms associated with the wireless devices. Methods and other systems for multiple access portals are also provided. | 2008-09-18 |
20080229400 | Remote Entry System | 2008-09-18 |
20080229401 | METHODS AND SYSTEMS FOR CONFIGURABLE SMARTCARD - An embodiment relates generally to a method of using a token. The method includes embedding the token with at least one action and detecting a presence of the token. The method also includes authenticating the token; and executing an applet in response to a valid authentication of the token. | 2008-09-18 |
20080229402 | WORMHOLE DEVICES FOR USABLE SECURE ACCESS TO REMOTE RESOURCE - A token has a memory, an interface allow connection to a host, and a processor. The processor, in response to user input for configuring a remote access connection, executes a first set of processing instructions to establish a trusted connection with the server host, exchanges credentials over the trusted connection to establish a secure connection with the server host over an untrusted connection, and defines configuration information for accessing user selected data or services. The processor, in response to user input received in a legacy environment, executes a second set of processing instructions that includes establishing, over an untrusted connection, a secure connection with the server host using the security credentials, configuring the secure connection for access to the data or services, making the data or services available in the legacy environment, and defends against attempted access to data or services available at the token other than the data or services made available in the legacy environment. | 2008-09-18 |
20080229403 | Method and apparatus for providing wireless services to mobile subscribers using existing broadband infrastructure - Techniques for providing wireless services to mobile subscribers using existing broadband network infrastructures are described herein. In one embodiment, in response to a request received at a gateway device from a mobile subscriber over a radio access network (RAN) for accessing a service provider network, the gateway device authenticates the mobile subscriber for accessing the RAN, where the gateway device interfaces the RAN and the existing broadband network. Upon successfully authenticating the mobile subscriber for accessing RAN, the gateway device accesses a network service provider over the existing network to acquire a network address on behalf of the mobile subscriber optionally using at least a portion of credentials derived from the authentication, where the network address allows the mobile subscriber to access the service provider network. Other methods and apparatuses are also described. | 2008-09-18 |
20080229404 | AUTOMATED METHODS AND PROCESSES FOR ESTABLISHING MEDIA STREAMING CONNECTIONS THROUGH FIREWALLS AND PROXY SERVERS AND COUNTERMEASURES THERETO - A streaming media application attempting to establish a streaming media connection first attempts to establish the connection directly using a format such as UDP. If no direct connection can be established, the media application attempts to establish a connection through a proxy server using proxy server information obtained from installed software components such as browsers that manage Internet connections. If necessary, an auto configuration web page is utilized to obtain the proxy server address. The invention also includes methods for blocking streaming media connections. | 2008-09-18 |
20080229405 | Communication System, Communication System Management Apparatus, Terminal Connection Control Method, and Program - A communication system including many communication terminals and a management apparatus interconnected via a network. The apparatus includes: a section which processes user authentication in response to an operation by a user using any one of the communication terminals, a first information management section for managing authenticated user information in association with terminal information about the communication terminal used by the user, a second information management section for managing communication information including the user information about many users with intent to communicate with one another, and a connection control section. If the second information management section manages the communication information including the authenticated user information and if the first information management section manages the another user information as part of the communication information, the connection control section sends the terminal information about another communication terminal corresponding to the other user information, to the communication terminal identified by the terminal information in association with the authenticated user information. | 2008-09-18 |
20080229406 | Method and apparatus for exclusively controlling a device in a home network - A method and apparatus exclusively control a device in a home network. A control point requests exclusive control authority from the device. In response to the request the control point receives an identifier (RID) used to successfully authenticate the exclusive control authority. The control point then acquires the exclusive control authority and controls the device. Accordingly, it is possible to prevent other control points from interfering with the device so as not to perform an operation which is not desirable for the control point that acquires the exclusive control authority over the device. | 2008-09-18 |
20080229407 | INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND MEDIA STORING A PROGRAM THEREFOR - A disclosed information processing apparatus makes it possible for a user to perform a desired operation easily by displaying operation candidates based on an operation history. The apparatus comprises a storage unit in which an operation history table is stored, the table associating tasks with operations. A user who performs an operation is authenticated by a user authentication unit. Task information concerning the authenticated user is acquired by a task acquisition unit. Based on the acquired task information, an operation candidate presenting unit presents operation candidates by referring to the operation history table. The operation history table is updated by a history management unit in accordance with an operation designated by the user. | 2008-09-18 |
20080229408 | Access control system based on brain patterns - The invention includes a control system and a method for access control of an application system, with electrically measurable data acquired as the result of a biometric reaction of a user, the biometric reaction triggered by stimulatory information presented to the user. An acquisition means for acquiring the electrically measurable data, a provision means for providing reference data and a comparison means for comparing the data are provided in the control system. The reference data is provided relating to the stimulatory information and/or the acquired, electrically measurable data. The acquired measurable data is compared with the provided reference data by means of the comparison means. An authorization of the user to the application system takes place on the basis of the comparison results. By means of this control system it is possible to dynamically authorize and identify a user with absolute reliability and to unambiguously authenticate said user. | 2008-09-18 |
20080229409 | CONTROL OF EQUIPMENT USING REMOTE DISPLAY - An example display unit for facilitating operation of equipment includes a housing, an electronic display supported by the housing, and an electronic circuit located within the housing. The display unit may include one or more data receivers, such as a wireless receiver and/or an electrical interface. A biometric scanner, including a biometric sensor and proving an authorization signal when an authorized biometric input is detected by the biometric sensor, may be configured to electrically (and optionally mechanically) interconnect to the display unit. The example display unit receives an authorization status for operation of the equipment from the biometric scanner, and displays the authorization status and operational parameters relating to equipment use on the electronic display. | 2008-09-18 |
20080229410 | PERFORMING A BUSINESS TRANSACTION WITHOUT DISCLOSING SENSITIVE IDENTITY INFORMATION TO A RELYING PARTY - A user engages in a transaction with a relying party. The relying party requests identity information from the user in a security policy and identifies transaction elements for an on-line business transaction. Typically, the security policy and transaction elements are transmitted together; the security policy can be as little as a request to conduct the on-line business transaction. The user identifies an information card that satisfies the security policy. The computer system requests a security token from the identity provider managing the information card, which can include requesting a transaction receipt for the transaction elements. The computer system then returns the security token (and the transaction receipt) to the relying party, to complete the transaction. | 2008-09-18 |
20080229411 | CHAINING INFORMATION CARD SELECTORS - A machine includes card stores to store information cards. For each card store, one or more card selectors can be provided. When performing a transaction involving information cards, a generic card selector, using a selector policy engine, can identify a card selector to use for the transaction. The identified card selector can be used to identify an information card in a card store to use in performing the transaction, which can be used to provide a security token to the relying party. | 2008-09-18 |
20080229412 | Associating Security Information with Information Objects - A hash key is generated based on an information object and a lookup operation is performed in a hash table based on the hash key. A determination is made whether an entry in the hash table at an index corresponding to the hash key identifies a labelset for the information object. A labelset, identifying a sensitivity of the information object, is stored in the entry at the index corresponding to the hash key for the information object if a labelset for the information object is not identified in the entry in the hash table. Information flows involving the information object are authorized based on a lookup of the labelset associated with the information object in the hash table. The hash table may be a multidimensional hash table. | 2008-09-18 |
20080229413 | Authorizing Information Flows - Authorizing information flows between devices of a data processing system is provided. In one illustrative embodiment, an information flow request is received from a first device to authorize an information flow from the first device to a second device. The information flow request includes an identifier of the second device. Based on an identifier of the first device and the second device, security information identifying an authorization level of the first device and second device is retrieved. A sensitivity of an information object that is to be transferred in the information flow is determined and the information flow is authorized or denied based only on the sensitivity of the information object and the authorization level of the first and second devices irregardless of the particular action being performed on the information object as part of the information flow. | 2008-09-18 |
20080229414 | Endpoint enabled for enterprise security assessment sharing - An enterprise-wide sharing arrangement uses a semantic abstraction, called a security assessment, to share security-related information between security products, called endpoints. A security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information that is collected about an object of interest. Endpoints utilize an architecture that comprises a common assessment sharing agent and a common assessment generating agent. The common assessment sharing agent is arranged for subscribing to security assessments, publishing security assessments onto a channel, maintaining an awareness of configuration changes on the channel (e.g., when a new endpoint is added or removed), and implementing security features like authorization, authentication and encryption. A common assessment generating engine handles endpoint behavior associated with a security assessment including assessment generation, cancellation, tracking, and rolling-back actions based on assessments that have expired. The common assessment generating engine generates and transmits messages that indicate which local actions are taken. | 2008-09-18 |
20080229415 | SYSTEMS AND METHODS FOR PROCESSING DATA FLOWS - A flow processing facility, which uses a set of artificial neurons for pattern recognition, such as a self-organizing map, in order to provide security and protection to a computer or computer system supports unified threat management based at least in part on patterns relevant to a variety of types of threats that relate to computer systems, including computer networks. Flow processing for switching, security, and other network applications, including a facility that processes a data flow to address patterns relevant to a variety of conditions are directed at internal network security, virtualization, and web connection security. A flow processing facility for inspecting payloads of network traffic packets detects security threats and intrusions across accessible layers of the IP-stack by applying content matching and behavioral anomaly detection techniques based on regular expression matching and self-organizing maps. Exposing threats and intrusions within packet payload at or near real-time rates enhances network security from both external and internal sources while ensuring security policy is rigorously applied to data and system resources. Intrusion Detection and Protection (IDP) is provided by a flow processing facility that processes a data flow to address patterns relevant to a variety of types of network and data integrity threats that relate to computer systems, including computer networks. | 2008-09-18 |
20080229416 | Computer Network Virus Protection System and Method - A network is protected from viruses through the use of a sacrificial server, which may be physical or virtual. Any executable programs or other suspicious parts of incoming e-mail messages are forwarded to a sacrificial server, where they are converted to non-executable format such as Adobe Acrobat PDF and sent to the recipient. The sacrificial server is then checked for virus activity. After the execution is completed, the sacrificial server is rebooted. | 2008-09-18 |
20080229417 | METHOD FOR CONTROLLING RISK IN A COMPUTER SECURITY ARTIFICIAL NEURAL NETWORK EXPERT SYSTEM - A computer implemented method, data processing system, and computer program product for monitoring system events and providing real-time response to security threats. System data is collected by monitors in the computing system. The expert system of the present invention compares the data against information in a knowledge base to identify a security threat to a system resource in a form of a system event and an action for mitigating effects of the system event. A determination is made as to whether a threat risk value of the system event is greater than an action risk value of the action for mitigating the system event. If the threat risk value is greater, a determination is made as to whether a trust value set by a user is greater than the action risk value. If the trust value is greater, the expert system executes the action against the security threat. | 2008-09-18 |
20080229418 | System and Method to Customize a Security Log Analyzer - Systems and methods adapted to customize a security log analyzer to recognize a security log, the system including at least one network security device for processing data traffic on a data network, the network security device associated with at least one computing device, and adapted to generate a security log, the system further including rule builder software adapted to generate a rule for recognizing at least one item in a security log and a log analyzer adapted to apply the rule in analyzing a security log. | 2008-09-18 |
20080229419 | Automated identification of firewall malware scanner deficiencies - Automated identification of deficiencies in a malware scanner contained in a firewall is provided by correlating incident reports that are generated by desktop protection clients running on hosts in an enterprise that is protected by the firewall. A desktop protection client scans a host for malware incidents, and when detected, analyzes the host's file access log to extract one or more pieces of information about the incident (e.g., identification of a process that placed the infected file on disk, an associated timestamp, file or content type, malware type, hash of such information, or hash of the infected file). The firewall correlates this file access log information with data in its own log to enable the firewall to download the content again and inspect it. If malware is detected, then it is assumed that it was missed when the file first entered the enterprise because the firewall did not have an updated signature. However, if the malware is not detected, then there is a potential deficiency. | 2008-09-18 |
20080229420 | Predictive Assessment of Network Risks - In certain implementations, systems and methods for predicting technology vulnerabilities in a network of computer devices are based on software characteristics of processes executing at the computer devices. In one preferred implementation, the system identifies processes at various computing devices within an organization, identifies software characteristics associated with the processes, applies technology controls to the software characteristics, determines risk indexes based on the modified technology control, applies administrative controls to the risk indexes, aggregates the indexes to create risk model, determines alternative risk models, and presents the risk models for consideration and analysis by a user. | 2008-09-18 |
20080229421 | Adaptive data collection for root-cause analysis and intrusion detection - Endpoints in an enterprise security environment are configured to adaptively switch from their normal data collection mode to a long-term, detailed data collection mode where advanced analyses are applied to the collected detailed data. Such adaptive data collection and analysis is triggered upon the receipt of a security assessment of a particular type, where a security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information (i.e., data in some context) that is collected about an object of interest. A specialized endpoint is coupled to the security assessment channel and performs as a centralized audit point by subscribing to all security assessments, logging the security assessments, and also logging the local actions taken by endpoints in response to detected security incidents in the environment. The specialized endpoint is arranged to perform various analyses and processes on historical security assessments. | 2008-09-18 |
20080229422 | Enterprise security assessment sharing - An enterprise-wide sharing arrangement uses a semantic abstraction, called a security assessment, to share security-related information between different security products, called endpoints. A security assessment is defined as a tentative assignment by an endpoint of broader contextual meaning to information that is collected about an object of interest. Its tentative nature is reflected in two of its components: a fidelity field used to express the level of confidence in the assessment, and a time-to-live field for an estimated time period for which the assessment is valid. Endpoints may publish security assessments onto a security assessment channel, as well as subscribe to a subset of security assessments published by other endpoints. A specialized endpoint is coupled to the channel that performs as a centralized audit point by subscribing to all security assessments, logging the security assessments, and also logging the local actions taken by endpoints in response to security threats. | 2008-09-18 |
20080229423 | PROBABILISTIC MECHANISM TO DETERMINE LEVEL OF SECURITY FOR A SOFTWARE PACKAGE - A mechanism for determining a probabilistic security score for a software package is provided. The mechanism calculates a raw numerical score that is probabilistically linked to how many security vulnerabilities are present in the source code. The score may then be used to assign a security rating that can be used in either absolute form or comparative form. The mechanism uses a source code analysis tool to determine a number of critical vulnerabilities, a number of serious vulnerabilities, and a number of inconsequential vulnerabilities. The mechanism may then determine a score based on the numbers of vulnerabilities and the number of lines of code. | 2008-09-18 |
20080229424 | Dispute resolution in a geo-spatial environment - A method, apparatus and system of dispute resolution in a geo-spatial environment are disclosed. In one embodiment, a method includes providing a wiki interface such that users modify and add profiles of others prior to the profiles being claimed, permitting an initial claimant to control editability of a wiki portion of a selected profile when the initial claimant claims the selected profile, capturing what personally identifiable information the initial claimant is willing to submit if the selected profile is disputed, placing the selected profile in dispute when a disputing claimant challenges an ownership of the selected profile by the initial claimant, electing a dispute resolution process that communication a code through a direct mail mechanism to a physical address associated with the selected profile, and allocating the selected profile to one of the initial claimant and the disputing claimant based on entry of the code in the selected profile. | 2008-09-18 |
20080229425 | Secure Terminal, a Routine and a Method of Protecting a Secret Key - The method of protecting a secret key from being read by a non-secure software application, comprises a step ( | 2008-09-18 |
20080229426 | INFORMATION PROCESSING APPARATUS, SOFTWARE VERIFICATION METHOD, AND SOFTWARE VERIFICATION PROGRAM - An information processing apparatus is disclosed that includes an expiration detection unit that detects expiration of a certificate used for verifying the validity of software; a software verification unit that verifies the validity of the software using the certificate; and a storage unit in which the certificate is stored. In the apparatus, the software verification unit previously stores a value uniquely calculated from the software in the storage unit when the certificate has not expired and the software is valid, and verifies the validity of the software using the value uniquely calculated from the software where the certificate has expired or the software is invalid. | 2008-09-18 |
20080229427 | Method and apparatus for secure web browsing - The invention includes a method and apparatus for protecting a user device from web attacks using a proxy server. In one embodiment, a method includes receiving a web page comprising web page content and code, generating an image-based representation of the web page that includes the web page content and excludes the code, and propagating the image-based representation of the web page toward the user device. In one embodiment, a method includes receiving an interaction with an image-based representation of a web page, generating a web page interaction from the interaction with the image-based representation of the web page, implementing the web page interaction, generating an instruction using the implemented web page interaction, and propagating the instruction toward a web server. | 2008-09-18 |
20080229428 | System and Method For a Dynamic Policies Enforced File System For a Data Storage Device - An autonomous data storage device for storing data files via an external file interface, the external file interface being controllable from an external device, the device comprising: a physical file storage for homogenous storage of files; the external file interface configured to allow sector level access to at least part of the physical file storage to support standard operating file system calls; an internal sector policy management unit located in between the external file interface and the physical file storage for sector level policy enforcement of the physical file storage, for one or more of the sector level managed sectors, the unit having an input for receiving instructions from the external file interface for sector oriented operations, and being configured to carry out sector policy management operations in accordance with. | 2008-09-18 |
20080229429 | Data excess protection - Systems, methods, and computer program products that can be used concurrently or alternatively to detect errors in data as well as to protect access to data are provided. Embodiments enable a coherent data set (CDS) which is a data set guaranteed to be genuine and error-free at run-time. Embodiments provide systems, methods, and computer program programs to create a CDS, identify a CDS, and verify the coherency of a data set purported to be a CDS. Embodiments further enable privileged functions which are functions that can only be accessed by a restricted set of other privileged functions. Embodiments provide systems, methods, and computer program products to create, identify, and protect access to privileged functions. | 2008-09-18 |
20080229430 | METHOD FOR PREVENTING PRANK ORDERS FOR INTERNET PURCHASING - A system and method are provided for establishing a secure user account, comprising contacting a registration server by a user and then providing, by the user, identification information of the user that identifies a verifiable hardware user device having third-party verifiable account information associated with it. The registration server sends, to the user, a verification contact address. The user then contacts the verification server, which may be the registration server, at the verification contact address using the verifiable hardware user device. The verification server then obtains the third-party verifiable account information from a third party associated with the verifiable hardware user device. Finally, the verification server authorizes the secure user account if the third-party verifiable account information matches, in part, the identification information provided by the user. | 2008-09-18 |
20080229431 | System and Method to Manage Device Access in a Software Partition - A system and method to manage device access in a software partition are provided. The illustrative embodiments provide a mechanism for exporting resources/devices from an administrator partition to a software partition in its purview. A trusted device list data structure is provided that identifies which devices are permitted to be exported into a software partition from an administrative partition. This trusted device list data structure also identifies which of the devices in the list of devices should be exported by default when exporting devices to a software partition, i.e. if no overrides are specified. In addition, a user-specifiable mechanism to override the entries in the trusted device list data structure is provided. For security purposes, this mechanism may not be used to export devices not listed in the trusted device list data structure. The mechanism may also be used to prevent the exporting of devices which are exported by default. | 2008-09-18 |
20080229432 | Electronic apparatus and method for preventing unauthorized access to an electronic apparatus - According to an aspect of an embodiment, an electronic apparatus comprises: an electronic apparatus powered by one of a plurality of electric power sources, comprising: a power supply unit for providing the interior of the electronic apparatus with the electric power from one of the electric power sources alternatively; and a controller for requesting user authentication when supply of the electric power to the interior of the electric apparatus is switched from one of the power sources to another. | 2008-09-18 |
20080229433 | Digital certificate based theft control for computers - A theft control system may be implemented between a server and a client. The server may provide a certificate which must be periodically renewed. Execution of the certificate may be controlled by a trusted platform module on the client under control of a theft control controller. | 2008-09-18 |
20080229434 | Security Locking Apparatus and Method for Portable Computer - A security apparatus and method is provided for a portable computer, wherein a solenoid within the portable computer is controlled by a specified program running on the computer. Activation of the solenoid is usefully enabled by a password or computer security chip. One embodiment, comprising a security apparatus, includes a locking mechanism such as a conventional manually operated USS locking device having a locking element. The security apparatus further includes a component positioned proximate to a slot disposed to receive the locking element, the component being adjustable to vary a dimension of the slot entrance between hold and release modes. The component is coupled to the solenoid and is actuated to adjust the slot entrance dimension, from the hold mode to the release mode, when the solenoid is energized in response to a command generated by the specified program running on the computer. | 2008-09-18 |
20080229435 | Mapks as Modifiers of the Rac, Axin, and Beta-Catenin Pathways and Methods of Use - Human MAPK genes are identified as modulators of the Rac, axin, and beta-catenin pathways, and thus are therapeutic targets for disorders associated with defective Rac, axin, and beta-catenin function. Methods for identifying modulators of Rac, axin, and beta-catenin, comprising screening for agents that modulate the activity of MAPK are provided. | 2008-09-18 |
20080229436 | METHODS FOR IDENTIFYING MODULATORS OF LIFESPAN AND RESISTANCE TO OXIDATIVE STRESS - The present invention provides methods for identifying agents that increase lifespan and increase resistance to oxidative and/or electrophilic stress. Also provided are methods for identifying biomarkers of longevity or identifying pathways governing longevity in response to phosphatidylinositol 3,4,5-triphosphate signaling. | 2008-09-18 |
20080229437 | Intergeneric bivalve shellfish hybrid and method for producing - Provided by this invention are novel intergeneric bivalve shellfish hybrids, including clams and scallops. Also provided are methods for producing the novel hybrids and their progeny. | 2008-09-18 |
20080229438 | Process of making transgenic mammals that produce exogenous proteins in milk and transgenic mammals produced thereby - The invention relates to a method of producing a protein of interest, comprising making a non-human transgenic mammal that produces said protein in its milk, obtaining said milk from the non-human transgenic mammal and purifying said protein of interest from the milk. Transgenic bovine animals were generated, which are able to produce human growth hormone in mammary glands. The method involves cloning of a genetic construct encoding hGH gene and beta casein promoter conveniently in an expression vector. It also includes transfection procedures into fetal bovine somatic cells, generally fibroblasts, and the nuclear transfer into enucleated bovine oocytes, generating thus transgenic embryos. The method also includes other procedures to generate transgenic embryos for the further expansion of the transgenic herd, such as the subcloning of transgenic female bovines, the superovulation of transgenic cows and their insemination with semen from a non-transgenic or a transgenic male bovine, and the superovulation of non-transgenic cows and their insemination with semen from a transgenic male bovine. Afterwards, transgenic embryos give rise to transgenic cattle that produce human growth hormone in huge amounts in their milk, from which the hormone is completely purified and analysed to fulfill all the requirements for the manufacture of a pure biopharmaceutical product. | 2008-09-18 |
20080229439 | Nucleic acid molecules and other molecules associated with transcription in plants and uses thereof for plant improvement - Polynucleotides useful for improvement of plants are provided. In particular, polynucleotide sequences are provided from plant sources. Polypeptides encoded by the polynucleotide sequences are also provided. The disclosed polynucleotides and polypeptides find use in production of transgenic plants to produce plants having improved properties. | 2008-09-18 |
20080229440 | CUCUMBER LINE APD147-5002GY - The invention provides seed and plants of the cucumber line designated APD147-5002Gy. The invention thus relates to the plants, seeds and tissue cultures of cucumber line APD147-5002Gy, and to methods for producing a cucumber plant produced by crossing a plant of cucumber line APD147-5002Gy with itself or with another cucumber plant, such as a plant of another line. The invention further relates to seeds and plants produced by such crossing. The invention further relates to parts of a plant of cucumber line APD147-5002Gy, including the fruit and gametes of such plants. | 2008-09-18 |
20080229441 | FUNGAL ENDOPHYTES OF ELYMUS CANADENSIS - The invention provides an isolated culture of a | 2008-09-18 |
20080229442 | NUCLEOTIDE SEQUENCES AND CORRESPONDING POLYPEPTIDES CONFERRING MODULATED GROWTH RATE AND BIOMASS IN PLANTS GROWN IN SALINE AND OXIDATIVE CONDITIONS - The present invention related to isolated nucleic acid molecules and their corresponding encoded polypeptides able confer the trait of improved plant size, vegetative growth, growth rate seedling vigor and/or biomass in plants challenged with saline and/or oxidative stress conditions. The present invention further relates to the use of these nucleic acid molecules and polypeptides in making transgenic plants, plant cells, plant materials or seeds of a plant having plant size, vegetative growth, growth rate, seedling vigor and/or biomass that are improved in saline and/or oxidative stress conditions with respect to wild-type plants grown under similar conditions. | 2008-09-18 |
20080229443 | PROCESS FOR SELECTING BANANA CLONES AND BANANA CLONES OBTAINED THEREBY - The invention provides a process for selecting banana clones that are characterized by increased bunch weight and by increased total fruit yield, which process is based on somaclonal variation and comprises the steps of initiating tissue cultures from apical meristem explants, and propagating and rooting the same; hardening, potting, and growing in vivo, plants propagated in the previous step; forming a mat from a cluster of plants grown in the previous step originating from the same clone; planting the mats from the previous step in a field, and growing them under conditions of abiotic stress, the conditions including the growth of the mats in an area wherein the average winter night temperature is below 10° C.; measuring bunch weight and total fruit yield of the mats for a period of at least 3 years and selecting mats, the plants of which exhibit the best characteristics of increased bunch weight and increased total fruit yield; and utilizing mats selected in the previous step for preparing apical meristem explants. | 2008-09-18 |
20080229444 | METAL RESISTANT PLANTS, METHODS OF MANUFACTURE, AND METHODS OF USE THEREOF - Disclosed herein is a transgenic plant transformed with an isolated polynucleotide comprising a plant arsenate reductase coding sequence operatively linked to a plant-expressible transcription regulatory sequence. Also disclosed are methods to limit metal or metal ion accumulation in a harvested plant tissue comprising growing the transgenic plant; and harvesting plant tissue having reduced metal or metal ion accumulation. Further disclosed herein is method of making a transgenic plant transformed with an isolated polynucleotide comprising a plant arsenate reductase coding sequence operatively linked to a plant-expressible transcription regulatory sequence. | 2008-09-18 |
20080229445 | Plants Having Increased Yield and Method for Making the Same - The invention concerns a method for increasing plant yield by introducing into a plant a cyclin A nucleic acid, preferably encoding a cyclin A protein, which cyclin A nucleic acid is operably linked to a seed-preferred promoter. By using this method, plant yield may be increased in optimal and sub-optimal growing conditions. The method results in plants having increased yield relative to corresponding wild type plants and relative to transgenic plants constitutively expressing cyclin A. | 2008-09-18 |
20080229446 | Plant 1-deoxy-D-xylulose 5-phosphate reductoisomerase - This invention relates to an isolated nucleic acid fragment encoding a 1-deoxy-D-xylulose 5-phosphate reductoisomerase. The invention also relates to the construction of a chimeric gene encoding all or a portion of the 1-deoxy-D-xylulose 5-phosphate reductoisomerase, in sense or antisense orientation, wherein expression of the chimeric gene results in production of altered levels of the 1-deoxy-D-xylulose 5-phosphate reductoisomerase in a transformed host cell. | 2008-09-18 |
20080229447 | Transformation of immature soybean seeds through organogenesis - The present disclosure provides methods for the transformation of soybean cells or tissue and regeneration of the soybean cells or tissue into transformed plants. The disclosed methods utilize an explant prepared from an immature soybean seedling which can be induced directly to form shoots that give rise to transgenic plants via organogenesis. The disclosed methods do not require germination and are rapid and efficient. | 2008-09-18 |
20080229448 | Plant Stress Tolerance from Modified Ap2 Transcription Factors - The invention relates to modified plant transcription factor polypeptides, polynucleotides that encode them, homologs from a variety of plant species, and methods of using the polynucleotides and polypeptides to produce transgenic plants having advantageous properties, including increased abiotic or biotic stress tolerance, as compared to wild-type or control plants. The modifications to the plant transcription factor sequences are responsible for producing fewer and less severe adverse morphological and developmental characteristics in plants overexpressing these sequences than would be caused by overexpressing the sequences without the modifications. | 2008-09-18 |
20080229449 | Lepidopteran-active bacillus thuringiensis delta-endotoxin polynucleotides, compositions, and methods of use - Disclosed are | 2008-09-18 |
20080229450 | Method and composition for increasing plant survival & viability under cold storage, or dark and cold storage conditions - Unique fusion genes are disclosed which are useful for transforming a wide range of plants, and when used in tandem, result in a significant alteration of the plant phenotype with respect to tolerance to the stress from prolonged storage under either dark or cold conditions, or a combination of cold and dark conditions. With intact plants such as transplants, plants harboring these genes maintain the ability of recover and grow normally after returned to normal growth conditions. With isolated plant parts, such as cut flowers or foliage or fruits & vegetables, leaf tissue maintains color quality and cells maintain structural integrity during prolonged storage. Since the transgenes are only activated in response to cold temperature, normal plant growth, development, and function is not affected. The gene constructs include (1) a cold-regulated gene (COR15 | 2008-09-18 |
20080229451 | Expression of microbial proteins in plants for production of plants with improved properties - Recombinant constructs and methods useful for improvement of plants are provided. In particular, recombinant constructs comprising promoters functional in plant cells positioned for expression of polynucleotides encoding polypeptides from microbial sources are provided. The disclosed constructs and methods find use in production of transgenic plants to provide plants, particularly crop plants, having improved properties. | 2008-09-18 |
20080229452 | Sugar and lipid metabolism regulators in plants II - Isolated nucleic acids and proteins associated with lipid and sugar metabolism regulation are provided. In particular, lipid metabolism proteins (LMP) and encoding nucleic acids originating from | 2008-09-18 |
20080229453 | Nucleic Acid Molecules Encoding Constitutive Triple Response1-Like Polypeptides and Methods of Use Thereof - The present invention relates to Constitutive Triple Response-like (CTR1-like) nucleic acid sequences and the sugar and lipid metabolism regulator proteins encoded by the said nucleic acid sequences. Further, the present invention relates to the use of the aforementioned nucleic acid sequences and proteins in transgenic plants. In particular, the invention is directed to methods for manipulating sugar-related compounds and for increasing oil level and altering the fatty acid composition in plants and seeds. The invention further relates to methods of using these novel plant polypeptides to stimulate plant growth and/or to increase yield and/or composition of seed storage compounds. | 2008-09-18 |
20080229454 | Method For The Production Of Gamma-Linolenic Acid And/Or Stearidonic Acid In Transgenic Brassicaceae And Linaceae - The present invention relates to the production of γ-linolenic acid (18:3 | 2008-09-18 |
20080229455 | Altered metabolism - The present invention relates to methods for increasing the yield of a compound produced by an organism. More particularly, the present invention relates to methods for increasing the total or soluble carbohydrate content or sweetness or increasing the content of an endogenous carbohydrate of a plant tissue by producing a sugar-metabolizing enzyme that catalyzes the conversion of an endogenous sugar (one that is normally produced in the plant) to an alien sugar (one that is not normally produced in the plant at the same developmental stage). The invention also relates to plants and plant parts that produce a sugar-metabolizing enzyme to yield an alien sugar, with the consequence of higher total fermentable carbohydrate content, and to fermentable carbohydrates and other products derived therefrom. | 2008-09-18 |
20080229456 | Recombinant DNA constructs and methods for controlling gene expression - The present invention provides molecular constructs and methods for use thereof, including constructs including heterologous miRNA recognition sites, constructs for gene suppression including a gene suppression element embedded within an intron flanked on one or on both sides by non-protein-coding sequence, constructs containing engineered miRNA or miRNA precursors, and constructs for suppression of production of mature microRNA in a cell. Also provided are transgenic plant cells, plants, and seeds containing such constructs, and methods for their use. The invention further provides transgenic plant cells, plants, and seeds containing recombinant DNA for the ligand-controlled expression of a target sequence, which may be endogenous or exogenous. Also disclosed are novel miRNAs and miRNA precursors from crop plants including maize and soy. | 2008-09-18 |
20080229457 | S-ADENOSYL-L-METHIONINE SYNTHETASE PROMOTER AND ITS USE IN EXPRESSION OF TRANSGENIC GENES IN PLANTS - A constitutive plant S-adenosyl-L-methionine synthetase (SAMS) promoter and subfragments thereof and their use in promoting the expression of one or more heterologous nucleic acid fragments in plants are described. | 2008-09-18 |
20080229458 | Apple tree named 'Masonova' - A new apple variety distinguished by resistance to apple scab; good cold storage ability; desirable eating characteristics including soft and fine textured ivory colored flesh with some green and red venation surrounding the core, and flesh exhibiting absent to very weak browning after cutting; and the skin has solid, complete red coloration. | 2008-09-18 |
20080229459 | Ageratum plant named 'Agrotwo' | 2008-09-18 |
20080229460 | Hosta plant named 'Blue Ivory' - A new and distinct | 2008-09-18 |
20080229461 | CALIBRACHOA PLANT NAMED 'CALTRAMIPUVI' | 2008-09-18 |
20080229462 | LOBELIA PLANT NAMED 'DANANAB2' - A new and distinct | 2008-09-18 |
20080229463 | Sutera plant named 'DANCOP25' - A new and distinct | 2008-09-18 |
20080229464 | SUTERA PLANT NAMED 'DANCOP21' - A new and distinct | 2008-09-18 |
20080229465 | SUTERA PLANT NAMED 'DANCOP20' - A new and distinct | 2008-09-18 |
20080229466 | SUTERA PLANT NAMED 'DANCOP23' - A new and distinct | 2008-09-18 |
20080229467 | SUTERA PLANT NAMED 'DANCOP24' - A new and distinct | 2008-09-18 |
20080229468 | SUTERA PLANT NAMED 'DANCOP22' - A new and distinct | 2008-09-18 |